lebonheurdesparieurs.blogspot.com Open in urlscan Pro
2a00:1450:4001:829::2001 Public Scan

Go To Rescan
Add Verdict Report

URL:
https://lebonheurdesparieurs.blogspot.com/?m=1
Submission: On May 19 via manual (May 19th 2023, 8:24:00 pm UTC) from MA — Scanned from DE

Summary HTTP 50 Redirects Links 61 Behaviour Indicators

Summary

This website contacted 18 IPs in 3 countries across 18 domains to perform 50 HTTP transactions. The main IP is 2a00:1450:4001:829::2001, located in Frankfurt am Main, Germany and belongs to GOOGLE, US. The main domain is lebonheurdesparieurs.blogspot.com.
TLS certificate: Issued by GTS CA 1C3 on April 24th 2023. Valid for: 3 months.

This is the only time lebonheurdesparieurs.blogspot.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
2	2a00:1450:400... 2a00:1450:4001:829::2001	15169 (GOOGLE) (GOOGLE)
6	2a00:1450:400... 2a00:1450:4001:828::2009	15169 (GOOGLE) (GOOGLE)
2	62.210.16.62 62.210.16.62	12876 (Online SAS) (Online SAS)
6	2a00:1450:400... 2a00:1450:4001:828::2001	15169 (GOOGLE) (GOOGLE)
6 13	2606:4700:303... 2606:4700:3038::6815:ea1a	13335 (CLOUDFLAR...) (CLOUDFLARENET)
2	212.83.183.115 212.83.183.115	12876 (Online SAS) (Online SAS)
5	2606:4700:303... 2606:4700:3035::6815:449a	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	2001:41d0:301... 2001:41d0:301::20	16276 (OVH) (OVH)
4	2606:4700:303... 2606:4700:3034::ac43:c8d8	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1 5	2a06:98c1:312... 2a06:98c1:3120::3	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	178.254.1.54 178.254.1.54	42730 (EVANZOAS) (EVANZOAS)
1	2606:4700::68... 2606:4700::6810:3965	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	2a00:1450:400... 2a00:1450:4001:828::200a	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:82f::200a	15169 (GOOGLE) (GOOGLE)
3	2a00:1450:400... 2a00:1450:4001:831::2008	15169 (GOOGLE) (GOOGLE)
2	2a00:1450:400... 2a00:1450:4001:813::200e	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:82b::2003	15169 (GOOGLE) (GOOGLE)
50	18

2 2a00:1450:4001:829::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

lebonheurdesparieurs.blogspot.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 2a00:1450:4001:828::2009 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.blogger.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
resources.blogblog.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 62.210.16.62 (France)

ASN12876 (Online SAS, FR)
PTR: pf-lb-2.online.net

gif.toutimages.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 2a00:1450:4001:828::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

blogger.googleusercontent.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
lh3.googleusercontent.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

13 2606:4700:3038::6815:ea1a (United States) 6 redirects

ASN13335 (CLOUDFLARENET, US)

img.root-top.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 212.83.183.115 (France)

ASN12876 (Online SAS, FR)
PTR: www.allosponsor.com

www.hebdotop.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 2606:4700:3035::6815:449a (United States)

ASN13335 (CLOUDFLARENET, US)

www.mega-turf.fr	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2001:41d0:301::20 (France)

ASN16276 (OVH, FR)

www.pmu-net.lachezvos.pro	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2606:4700:3034::ac43:c8d8 (United States)

ASN13335 (CLOUDFLARENET, US)

www.pronostic-facile.fr	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 2a06:98c1:3120::3 (United States) 1 redirects

ASN13335 (CLOUDFLARENET, US)

www.1clic1don.fr	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 178.254.1.54 (Germany)

ASN42730 (EVANZOAS, DE)
PTR: hello-world.digital

www.zeitverschiebung.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700::6810:3965 (United States)

ASN13335 (CLOUDFLARENET, US)

static.cloudflareinsights.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:828::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:82f::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

ajax.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1450:4001:831::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.googletagmanager.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:813::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:82b::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
13	root-top.com 6 redirects img.root-top.com	50 KB
6	googleusercontent.com blogger.googleusercontent.com — Cisco Umbrella Rank: 14274 lh3.googleusercontent.com — Cisco Umbrella Rank: 47	16 KB
5	1clic1don.fr 1 redirects www.1clic1don.fr	17 KB
5	mega-turf.fr www.mega-turf.fr	173 KB
5	blogger.com www.blogger.com — Cisco Umbrella Rank: 9258	97 KB
4	pronostic-facile.fr www.pronostic-facile.fr	9 KB
3	googletagmanager.com www.googletagmanager.com — Cisco Umbrella Rank: 40	176 KB
2	google-analytics.com www.google-analytics.com — Cisco Umbrella Rank: 30	41 KB
2	googleapis.com fonts.googleapis.com — Cisco Umbrella Rank: 35 ajax.googleapis.com — Cisco Umbrella Rank: 320	35 KB
2	hebdotop.com www.hebdotop.com	920 B
2	toutimages.com gif.toutimages.com	10 KB
2	blogspot.com lebonheurdesparieurs.blogspot.com	16 KB
1	gstatic.com fonts.gstatic.com	19 KB
1	cloudflareinsights.com static.cloudflareinsights.com — Cisco Umbrella Rank: 875	7 KB
1	zeitverschiebung.net www.zeitverschiebung.net — Cisco Umbrella Rank: 180714	2 KB
1	blogblog.com resources.blogblog.com — Cisco Umbrella Rank: 17411	295 B
1	lachezvos.pro www.pmu-net.lachezvos.pro	9 KB
0	free.fr Failed lemagicienduturf.free.fr Failed
50	18

	Domain	Requested by
13	img.root-top.com	6 redirects lebonheurdesparieurs.blogspot.com
5	www.1clic1don.fr	1 redirects www.hebdotop.com lebonheurdesparieurs.blogspot.com www.1clic1don.fr
5	www.mega-turf.fr	lebonheurdesparieurs.blogspot.com
5	blogger.googleusercontent.com	lebonheurdesparieurs.blogspot.com
5	www.blogger.com	lebonheurdesparieurs.blogspot.com www.blogger.com
4	www.pronostic-facile.fr	lebonheurdesparieurs.blogspot.com www.pronostic-facile.fr static.cloudflareinsights.com
3	www.googletagmanager.com	www.zeitverschiebung.net www.pronostic-facile.fr
2	www.google-analytics.com	www.googletagmanager.com
2	www.hebdotop.com	lebonheurdesparieurs.blogspot.com
2	gif.toutimages.com	lebonheurdesparieurs.blogspot.com
2	lebonheurdesparieurs.blogspot.com	lebonheurdesparieurs.blogspot.com
1	fonts.gstatic.com	fonts.googleapis.com
1	ajax.googleapis.com	www.zeitverschiebung.net
1	fonts.googleapis.com	www.zeitverschiebung.net
1	static.cloudflareinsights.com	www.pronostic-facile.fr
1	www.zeitverschiebung.net	lebonheurdesparieurs.blogspot.com
1	resources.blogblog.com	lebonheurdesparieurs.blogspot.com
1	lh3.googleusercontent.com	lebonheurdesparieurs.blogspot.com
1	www.pmu-net.lachezvos.pro	lebonheurdesparieurs.blogspot.com
0	lemagicienduturf.free.fr Failed	lebonheurdesparieurs.blogspot.com
50	20

This site contains links to these domains. Also see Links.

Domain
blogger.googleusercontent.com
www.blogger.com
www.root-top.com
www.hebdotop.com
monsieurpmu.blogspot.com
lesbonsgagnants.blogspot.com
mrquinte1.blogspot.com
www.rapidoweb.free.fr
www.zeitverschiebung.net

Subject Issuer	Validity	Valid
misc-sni.blogspot.com GTS CA 1C3	`2023-04-24` - `2023-07-17`	3 months	crt.sh
*.blogger.com GTS CA 1C3	`2023-04-24` - `2023-07-17`	3 months	crt.sh
toutimages.com R3	`2023-02-22` - `2023-05-23`	3 months	crt.sh
*.googleusercontent.com GTS CA 1C3	`2023-04-24` - `2023-07-17`	3 months	crt.sh
root-top.com E1	`2023-05-06` - `2023-08-04`	3 months	crt.sh
www.hebdotop.com Sectigo RSA Domain Validation Secure Server CA	`2022-07-07` - `2023-07-07`	a year	crt.sh
*.pronostic-facile.fr GTS CA 1P5	`2023-04-11` - `2023-07-10`	3 months	crt.sh
1clic1don.fr GTS CA 1P5	`2023-04-21` - `2023-07-20`	3 months	crt.sh
zeitverschiebung.net R3	`2023-04-23` - `2023-07-22`	3 months	crt.sh
sni.cloudflaressl.com Cloudflare Inc ECC CA-3	`2023-04-10` - `2024-04-09`	a year	crt.sh
upload.video.google.com GTS CA 1C3	`2023-04-24` - `2023-07-17`	3 months	crt.sh
*.google-analytics.com GTS CA 1C3	`2023-04-24` - `2023-07-17`	3 months	crt.sh
*.gstatic.com GTS CA 1C3	`2023-04-24` - `2023-07-17`	3 months	crt.sh

This page contains 5 frames:

Primary Page: https://lebonheurdesparieurs.blogspot.com/?m=1
Frame ID: AECDA805CE04B637ED88733D1B01D8D4
Requests: 33 HTTP requests in this frame

Frame: https://www.1clic1don.fr/taght.php
Frame ID: 3080597923C21B0B9B961D8AB5C306D8
Requests: 1 HTTP requests in this frame

Frame: https://www.pronostic-facile.fr/widget/partner/quinte_infos/all
Frame ID: B2A9EBE734475B57E805EDCCCA064634
Requests: 6 HTTP requests in this frame

Frame: https://www.zeitverschiebung.net/clock-widget-iframe-v2?language=fr&size=medium&timezone=Europe%2FParis
Frame ID: 6CFD219EAA45B53B925E9BF266D1A827
Requests: 7 HTTP requests in this frame

Frame: https://www.1clic1don.fr/cdn-cgi/challenge-platform/h/g/scripts/jsd/7fe8adc8/invisible.js
Frame ID: 3701A8A2D7F16E3F7579D6F42E4C010B
Requests: 3 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

Le Bonheur Des Parieurs

Detected technologies

Blogger (Blogs) Expand

Overall confidence: 100%
Detected patterns

^https?://[^/]+\.(?:blogspot|blogger)\.com

WordPress (CMS) Expand

Overall confidence: 100%
Detected patterns

/wp-(?:content|includes)/

Cloudflare Browser Insights (Analytics) Expand

Overall confidence: 100%
Detected patterns

static\.cloudflareinsights\.com/beacon(?:\.min)?\.js

Google Analytics (Analytics) Expand

Overall confidence: 100%
Detected patterns

google-analytics\.com/(?:ga|urchin|analytics)\.js

Google Tag Manager (Tag Managers) Expand

Overall confidence: 100%
Detected patterns

googletagmanager\.com/gtag/js

jQuery (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

/([\d.]+)/jquery(?:\.min)?\.js
jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

Page Statistics

50
Requests

84 %
HTTPS

82 %
IPv6

18
Domains

20
Subdomains

18
IPs

3
Countries

678 kB
Transfer

1362 kB
Size

1
Cookies

61 Outgoing links

These are links going to different origins than the main page.

URL: https://blogger.googleusercontent.com/img/a/AVvXsEg76Ce6OxsIiHC1oDGtCy948zbKI_-WwOacso5NLCbMvArrONycsks2lgN2A_e7AO3GT0xw86gHmMRuOcyfotCx5GOcHGoe7yJ7Qk_dD5s5qDhPPSYSP8tf0h862dYvVoRKSSaN_BtRRpqaFM4kMCN9v0LI5SatFaaZTRqNlZZYlhtLLeEMRbqVaiQj

Search URL Search Domain Scan URL

URL: https://blogger.googleusercontent.com/img/a/AVvXsEjrPGw05GXD68b9EnlAtC6fp5NqI7o-Ql981Fl6pi8WxKFlR6O4CniKiGIGsgi7-QHphbbHdMh1OJgjZlthQkrN2ltN6fNrswyw8CHNWhwJuAGApikP0VMZFDuqS5cl0ugRFKm0mWodrUcJRw44z93yLlurLpqXR60rfNaCS2Becr3tQSC_7vBXOhvM

Search URL Search Domain Scan URL

URL: https://blogger.googleusercontent.com/img/a/AVvXsEgvPtFaVaLohs6ZYtNTjW8f5gyRwAu57HWwr8zkJyuJjrbmTuNTDojK2A0P4jpCMueTtVnIW7yWXQP5ZjbcMeoQiexj4JVd-taNtPU_Ed0-VZ0y9cZpK655d5ZNzDl6i1dfeuKYhld4AQ_qM-jx6Bg1xOqdBiHFKPg0HDWW5qfFJhiojFBcO_sqj0Zc

Search URL Search Domain Scan URL

URL: https://www.blogger.com/profile/04864485080346352945
Title: LE BONHEUR DES PARIEURS

Search URL Search Domain Scan URL

URL: https://www.blogger.com/share-post.g?blogID=9207037990208915533&postID=8078056115479283131&target=email
Title: Envoyer par e-mail

Search URL Search Domain Scan URL

URL: https://www.blogger.com/share-post.g?blogID=9207037990208915533&postID=8078056115479283131&target=blog
Title: BlogThis!

Search URL Search Domain Scan URL

URL: https://www.blogger.com/share-post.g?blogID=9207037990208915533&postID=8078056115479283131&target=twitter
Title: Partager sur Twitter

Search URL Search Domain Scan URL

URL: https://www.blogger.com/share-post.g?blogID=9207037990208915533&postID=8078056115479283131&target=facebook
Title: Partager sur Facebook

Search URL Search Domain Scan URL

URL: https://www.blogger.com/share-post.g?blogID=9207037990208915533&postID=8078056115479283131&target=pinterest
Title: Partager sur Pinterest

Search URL Search Domain Scan URL

URL: https://www.blogger.com/share-post.g?blogID=9207037990208915533&postID=2080594865901717011&target=email
Title: Envoyer par e-mail

Search URL Search Domain Scan URL

URL: https://www.blogger.com/share-post.g?blogID=9207037990208915533&postID=2080594865901717011&target=blog
Title: BlogThis!

Search URL Search Domain Scan URL

URL: https://www.blogger.com/share-post.g?blogID=9207037990208915533&postID=2080594865901717011&target=twitter
Title: Partager sur Twitter

Search URL Search Domain Scan URL

URL: https://www.blogger.com/share-post.g?blogID=9207037990208915533&postID=2080594865901717011&target=facebook
Title: Partager sur Facebook

Search URL Search Domain Scan URL

URL: https://www.blogger.com/share-post.g?blogID=9207037990208915533&postID=2080594865901717011&target=pinterest
Title: Partager sur Pinterest

Search URL Search Domain Scan URL

URL: https://www.blogger.com/share-post.g?blogID=9207037990208915533&postID=7154154938438229861&target=email
Title: Envoyer par e-mail

Search URL Search Domain Scan URL

URL: https://www.blogger.com/share-post.g?blogID=9207037990208915533&postID=7154154938438229861&target=blog
Title: BlogThis!

Search URL Search Domain Scan URL

URL: https://www.blogger.com/share-post.g?blogID=9207037990208915533&postID=7154154938438229861&target=twitter
Title: Partager sur Twitter

Search URL Search Domain Scan URL

URL: https://www.blogger.com/share-post.g?blogID=9207037990208915533&postID=7154154938438229861&target=facebook
Title: Partager sur Facebook

Search URL Search Domain Scan URL

URL: https://www.blogger.com/share-post.g?blogID=9207037990208915533&postID=7154154938438229861&target=pinterest
Title: Partager sur Pinterest

Search URL Search Domain Scan URL

URL: https://www.blogger.com/share-post.g?blogID=9207037990208915533&postID=1095928400231003535&target=email
Title: Envoyer par e-mail

Search URL Search Domain Scan URL

URL: https://www.blogger.com/share-post.g?blogID=9207037990208915533&postID=1095928400231003535&target=blog
Title: BlogThis!

Search URL Search Domain Scan URL

URL: https://www.blogger.com/share-post.g?blogID=9207037990208915533&postID=1095928400231003535&target=twitter
Title: Partager sur Twitter

Search URL Search Domain Scan URL

URL: https://www.blogger.com/share-post.g?blogID=9207037990208915533&postID=1095928400231003535&target=facebook
Title: Partager sur Facebook

Search URL Search Domain Scan URL

URL: https://www.blogger.com/share-post.g?blogID=9207037990208915533&postID=1095928400231003535&target=pinterest
Title: Partager sur Pinterest

Search URL Search Domain Scan URL

URL: https://www.blogger.com/share-post.g?blogID=9207037990208915533&postID=1436527946775510473&target=email
Title: Envoyer par e-mail

Search URL Search Domain Scan URL

URL: https://www.blogger.com/share-post.g?blogID=9207037990208915533&postID=1436527946775510473&target=blog
Title: BlogThis!

Search URL Search Domain Scan URL

URL: https://www.blogger.com/share-post.g?blogID=9207037990208915533&postID=1436527946775510473&target=twitter
Title: Partager sur Twitter

Search URL Search Domain Scan URL

URL: https://www.blogger.com/share-post.g?blogID=9207037990208915533&postID=1436527946775510473&target=facebook
Title: Partager sur Facebook

Search URL Search Domain Scan URL

URL: https://www.blogger.com/share-post.g?blogID=9207037990208915533&postID=1436527946775510473&target=pinterest
Title: Partager sur Pinterest

Search URL Search Domain Scan URL

URL: https://www.blogger.com/share-post.g?blogID=9207037990208915533&postID=1954767460578408677&target=email
Title: Envoyer par e-mail

Search URL Search Domain Scan URL

URL: https://www.blogger.com/share-post.g?blogID=9207037990208915533&postID=1954767460578408677&target=blog
Title: BlogThis!

Search URL Search Domain Scan URL

URL: https://www.blogger.com/share-post.g?blogID=9207037990208915533&postID=1954767460578408677&target=twitter
Title: Partager sur Twitter

Search URL Search Domain Scan URL

URL: https://www.blogger.com/share-post.g?blogID=9207037990208915533&postID=1954767460578408677&target=facebook
Title: Partager sur Facebook

Search URL Search Domain Scan URL

URL: https://www.blogger.com/share-post.g?blogID=9207037990208915533&postID=1954767460578408677&target=pinterest
Title: Partager sur Pinterest

Search URL Search Domain Scan URL

URL: https://www.blogger.com/share-post.g?blogID=9207037990208915533&postID=2474010671542064195&target=email
Title: Envoyer par e-mail

Search URL Search Domain Scan URL

URL: https://www.blogger.com/share-post.g?blogID=9207037990208915533&postID=2474010671542064195&target=blog
Title: BlogThis!

Search URL Search Domain Scan URL

URL: https://www.blogger.com/share-post.g?blogID=9207037990208915533&postID=2474010671542064195&target=twitter
Title: Partager sur Twitter

Search URL Search Domain Scan URL

URL: https://www.blogger.com/share-post.g?blogID=9207037990208915533&postID=2474010671542064195&target=facebook
Title: Partager sur Facebook

Search URL Search Domain Scan URL

URL: https://www.blogger.com/share-post.g?blogID=9207037990208915533&postID=2474010671542064195&target=pinterest
Title: Partager sur Pinterest

Search URL Search Domain Scan URL

URL: http://www.root-top.com/topsite/47576060/in.php?ID=72
Title: LEREPERER DES TURFS

Search URL Search Domain Scan URL

URL: http://www.root-top.com/topsite/equidiagallop01/in.php?ID=68
Title: EQUIDIAGALLOP

Search URL Search Domain Scan URL

URL: http://www.root-top.com/topsite/starcourses/in.php?ID=69
Title: starcourses: Top site

Search URL Search Domain Scan URL

URL: http://www.hebdotop.com/

Search URL Search Domain Scan URL

URL: http://www.root-top.com/topsite/turf/in.php?ID=691

Search URL Search Domain Scan URL

URL: http://www.root-top.com/topsite/quinte/in.php?ID=542

Search URL Search Domain Scan URL

URL: http://www.root-top.com/topsite/megaturf/in.php?ID=1356

Search URL Search Domain Scan URL

URL: http://www.root-top.com/topsite/guideturf/in.php?ID=522

Search URL Search Domain Scan URL

URL: http://www.root-top.com/topsite/01turf/in.php?ID=598

Search URL Search Domain Scan URL

URL: http://www.root-top.com/topsite/willybill/in.php?ID=89

Search URL Search Domain Scan URL

URL: http://www.root-top.com/topsite/toppronosturf/in.php?ID=219

Search URL Search Domain Scan URL

URL: http://www.root-top.com/topsite/etoiledujourturf/in.php?ID=103

Search URL Search Domain Scan URL

URL: http://www.root-top.com/topsite/secrets/in.php?ID=865

Search URL Search Domain Scan URL

URL: http://www.root-top.com/topsite/exelturf/in.php?ID=684

Search URL Search Domain Scan URL

URL: http://www.root-top.com/topsite/pmuchampion/in.php?ID=220

Search URL Search Domain Scan URL

URL: https://monsieurpmu.blogspot.com/
Title: MONSIEUR PMU

Search URL Search Domain Scan URL

URL: https://lesbonsgagnants.blogspot.com/
Title: LES BONS GAGNANTS

Search URL Search Domain Scan URL

URL: https://mrquinte1.blogspot.com/
Title: Mr Quinte1

Search URL Search Domain Scan URL

URL: http://www.rapidoweb.free.fr/topliens/liens.php3?sp=2112

Search URL Search Domain Scan URL

URL: https://www.zeitverschiebung.net/fr/timezone/europe--paris
Title: Heure actuelleEurope/Paris

Search URL Search Domain Scan URL

URL: https://www.blogger.com/
Title: Blogger

Search URL Search Domain Scan URL

URL: https://www.blogger.com/go/blogspot-cookies
Title: Weitere Informationen

Search URL Search Domain Scan URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 14

https://img.root-top.com/topsite/quinte/banner.gif HTTP 302
https://www.mega-turf.fr/wp-content/uploads/2017/11/top10.gif

Request Chain 15

https://img.root-top.com/topsite/megaturf/banner.gif HTTP 302
https://www.mega-turf.fr/wp-content/uploads/2017/06/5.gif

Request Chain 16

https://img.root-top.com/topsite/guideturf/banner.gif HTTP 302
https://www.mega-turf.fr/wp-content/uploads/2017/06/3.gif

Request Chain 17

https://img.root-top.com/topsite/01turf/banner.gif HTTP 302
https://www.mega-turf.fr/wp-content/uploads/2017/12/01-turf0.gif

Request Chain 18

https://img.root-top.com/topsite/willybill/banner.gif HTTP 302
https://www.mega-turf.fr/wp-content/uploads/2017/12/bestof.gif

Request Chain 22

https://img.root-top.com/topsite/exelturf/banner.gif HTTP 302
https://lemagicienduturf.free.fr/images/exelturf.jpg

Request Chain 23

https://img.root-top.com/topsite/pmuchampion/banner.gif HTTP 302
https://www.pmu-net.lachezvos.pro/image/pmuchmpi.gif

Request Chain 44

https://www.1clic1don.fr/cdn-cgi/challenge-platform/scripts/invisible.js HTTP 302
https://www.1clic1don.fr/cdn-cgi/challenge-platform/h/g/scripts/jsd/7fe8adc8/invisible.js

50 HTTP transactions
0 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2 200 Primary Request / Show response
lebonheurdesparieurs.blogspot.com/ 131 KB
14 KB 1127ms
1049ms Document
text/html 2a00:1450:4001:829::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://lebonheurdesparieurs.blogspot.com/?m=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:829::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

GSE /

Resource Hash

d5f09b20ba3be2df8fe20ef4bb05dcbab606988a7bedb0eb3e06094645c9c562

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private, max-age=0
content-encoding: gzip
content-length: 14113
content-type: text/html; charset=UTF-8
date: Fri, 19 May 2023 20:23:54 GMT
etag: W/"b5f758cce382403bc2d8083c6e711b0cc4a6341e6a84bde1b0f4b7e08dd5567b"
expires: Fri, 19 May 2023 20:23:54 GMT
last-modified: Fri, 19 May 2023 19:09:10 GMT
server: GSE
x-content-type-options: nosniff
x-xss-protection: 1; mode=block

GET
H2 200 3566091532-css_bundle_v2.css
www.blogger.com/static/v1/widgets/ 35 KB
36 KB 69ms
8ms Stylesheet
text/css 2a00:1450:4001:828::2009
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.blogger.com/static/v1/widgets/3566091532-css_bundle_v2.css

Requested by

Host: lebonheurdesparieurs.blogspot.com
URL: https://lebonheurdesparieurs.blogspot.com/?m=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:828::2009 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

a9ca837900b6ae007386d400f659c233120b8af7d93407fd6475c9180d9e83d2

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://lebonheurdesparieurs.blogspot.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date: Fri, 19 May 2023 15:04:57 GMT
x-content-type-options: nosniff
age: 19137
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 35960
x-xss-protection: 0
last-modified: Thu, 18 May 2023 17:54:40 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"blogger-tech","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/blogger-tech"}]}
content-type: text/css
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="blogger-tech"
expires: Sat, 18 May 2024 15:04:57 GMT

GET
H2 200 authorization.css
www.blogger.com/dyn-css/ 1 B
684 B 170ms
110ms Stylesheet
text/css 2a00:1450:4001:828::2009
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.blogger.com/dyn-css/authorization.css?targetBlogID=9207037990208915533&zx=caa5284d-b535-453b-a7e6-e14a62fac948

Requested by

Host: lebonheurdesparieurs.blogspot.com
URL: https://lebonheurdesparieurs.blogspot.com/?m=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:828::2009 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

GSE /

Resource Hash

01ba4719c80b6fe911b091a7c05124b64eeece964e09c058ef8f9805daca546b

Security Headers

Name	Value
Content-Security-Policy	script-src 'self' .google.com .google-analytics.com 'unsafe-inline' 'unsafe-eval' .gstatic.com .googlesyndication.com .blogger.com .googleapis.com uds.googleusercontent.com https://s.ytimg.com https://i18n-cloud.appspot.com https://www.youtube.com www-onepick-opensocial.googleusercontent.com www-bloggervideo-opensocial.googleusercontent.com www-blogger-opensocial.googleusercontent.com https://www.blogblog.com; report-uri /cspreport
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://lebonheurdesparieurs.blogspot.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

pragma: no-cache
content-security-policy: script-src 'self' *.google.com *.google-analytics.com 'unsafe-inline' 'unsafe-eval' *.gstatic.com *.googlesyndication.com *.blogger.com *.googleapis.com uds.googleusercontent.com https://s.ytimg.com https://i18n-cloud.appspot.com https://www.youtube.com www-onepick-opensocial.googleusercontent.com www-bloggervideo-opensocial.googleusercontent.com www-blogger-opensocial.googleusercontent.com https://www.blogblog.com; report-uri /cspreport
date: Fri, 19 May 2023 20:23:54 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Fri, 19 May 2023 20:23:54 GMT
server: GSE
x-frame-options: SAMEORIGIN
p3p: CP="This is not a P3P policy! See https://www.google.com/support/accounts/bin/answer.py?hl=en&answer=151657 for more info."
content-type: text/css; charset=UTF-8
cache-control: no-cache, no-store, max-age=0, must-revalidate
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 21
x-xss-protection: 1; mode=block
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H/1.1 200
OK cheval_069.gif
gif.toutimages.com/images/ani_ferme/chevaux/ 10 KB
10 KB 154ms
28ms Image
image/gif 62.210.16.62
Online SAS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://gif.toutimages.com/images/ani_ferme/chevaux/cheval_069.gif
Requested by: Host: lebonheurdesparieurs.blogspot.com
URL: https://lebonheurdesparieurs.blogspot.com/?m=1
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 62.210.16.62 , France, ASN12876 (Online SAS, FR),
Reverse DNS: pf-lb-2.online.net
Software: nginx /
Resource Hash: 1184c4d5a74f2d142d7bf8eb620c61cd6cfd0f48da368c14a8ab0da29d70ec6b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://lebonheurdesparieurs.blogspot.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

Date: Fri, 19 May 2023 20:23:54 GMT
Last-Modified: Mon, 04 Aug 2014 11:04:33 GMT
server: nginx
ETag: "269a-4ffcbb42af240"
Content-Type: image/gif
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 9882

GET
H2 200 AVvXsEg76Ce6OxsIiHC1oDGtCy948zbKI_-WwOacso5NLCbMvArrONycsks2lgN2A_e7AO3GT0xw86gHmMRuOcyfotCx5GOcHGoe7yJ7Qk_dD5s5qDhPPSYSP8tf0h862dYvVoRKSSaN_BtRRpqaFM4kMCN9v0LI5SatFaaZTRqNlZZYlhtLLeEMRbqVaiQj=w122...
blogger.googleusercontent.com/img/a/ 2 KB
2 KB 259ms
222ms Image
image/jpeg 2a00:1450:4001:828::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://blogger.googleusercontent.com/img/a/AVvXsEg76Ce6OxsIiHC1oDGtCy948zbKI_-WwOacso5NLCbMvArrONycsks2lgN2A_e7AO3GT0xw86gHmMRuOcyfotCx5GOcHGoe7yJ7Qk_dD5s5qDhPPSYSP8tf0h862dYvVoRKSSaN_BtRRpqaFM4kMCN9v0LI5SatFaaZTRqNlZZYlhtLLeEMRbqVaiQj=w122-h56

Requested by

Host: lebonheurdesparieurs.blogspot.com
URL: https://lebonheurdesparieurs.blogspot.com/?m=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:828::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

fife /

Resource Hash

0f96d86056e416e3eca8c08a80ff73729fc73f52328243ea406a098df6af7d61

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://lebonheurdesparieurs.blogspot.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date: Fri, 19 May 2023 20:23:54 GMT
x-content-type-options: nosniff
server: fife
etag: "v24c"
vary: Origin
content-type: image/jpeg
access-control-expose-headers: Content-Length
cache-control: public, max-age=86400, no-transform
content-disposition: inline;filename="images a.jpg"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1642
x-xss-protection: 0
expires: Sat, 20 May 2023 20:23:54 GMT

GET
H2 200 AVvXsEjrPGw05GXD68b9EnlAtC6fp5NqI7o-Ql981Fl6pi8WxKFlR6O4CniKiGIGsgi7-QHphbbHdMh1OJgjZlthQkrN2ltN6fNrswyw8CHNWhwJuAGApikP0VMZFDuqS5cl0ugRFKm0mWodrUcJRw44z93yLlurLpqXR60rfNaCS2Becr3tQSC_7vBXOhvM=w111...
blogger.googleusercontent.com/img/a/ 2 KB
2 KB 386ms
350ms Image
image/jpeg 2a00:1450:4001:828::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://blogger.googleusercontent.com/img/a/AVvXsEjrPGw05GXD68b9EnlAtC6fp5NqI7o-Ql981Fl6pi8WxKFlR6O4CniKiGIGsgi7-QHphbbHdMh1OJgjZlthQkrN2ltN6fNrswyw8CHNWhwJuAGApikP0VMZFDuqS5cl0ugRFKm0mWodrUcJRw44z93yLlurLpqXR60rfNaCS2Becr3tQSC_7vBXOhvM=w111-h60

Requested by

Host: lebonheurdesparieurs.blogspot.com
URL: https://lebonheurdesparieurs.blogspot.com/?m=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:828::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

fife /

Resource Hash

3824e70638ae1aaffa5be0c44a9c774a690c3848bcf642b5446118d04e8b72c0

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://lebonheurdesparieurs.blogspot.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date: Fri, 19 May 2023 20:23:55 GMT
x-content-type-options: nosniff
server: fife
etag: "v254"
vary: Origin
content-type: image/jpeg
access-control-expose-headers: Content-Length
cache-control: public, max-age=86400, no-transform
content-disposition: inline;filename="images g.jpg"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 2397
x-xss-protection: 0
expires: Sat, 20 May 2023 20:23:55 GMT

GET
H2 200 AVvXsEgvPtFaVaLohs6ZYtNTjW8f5gyRwAu57HWwr8zkJyuJjrbmTuNTDojK2A0P4jpCMueTtVnIW7yWXQP5ZjbcMeoQiexj4JVd-taNtPU_Ed0-VZ0y9cZpK655d5ZNzDl6i1dfeuKYhld4AQ_qM-jx6Bg1xOqdBiHFKPg0HDWW5qfFJhiojFBcO_sqj0Zc=w117...
blogger.googleusercontent.com/img/a/ 4 KB
4 KB 264ms
227ms Image
image/jpeg 2a00:1450:4001:828::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://blogger.googleusercontent.com/img/a/AVvXsEgvPtFaVaLohs6ZYtNTjW8f5gyRwAu57HWwr8zkJyuJjrbmTuNTDojK2A0P4jpCMueTtVnIW7yWXQP5ZjbcMeoQiexj4JVd-taNtPU_Ed0-VZ0y9cZpK655d5ZNzDl6i1dfeuKYhld4AQ_qM-jx6Bg1xOqdBiHFKPg0HDWW5qfFJhiojFBcO_sqj0Zc=w117-h58

Requested by

Host: lebonheurdesparieurs.blogspot.com
URL: https://lebonheurdesparieurs.blogspot.com/?m=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:828::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

fife /

Resource Hash

bc5f84ab56488b20c1136ceef79be6449b7aaf98ab11e399fc972e5c73601f4c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://lebonheurdesparieurs.blogspot.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date: Fri, 19 May 2023 20:23:54 GMT
x-content-type-options: nosniff
server: fife
etag: "v250"
vary: Origin
content-type: image/jpeg
access-control-expose-headers: Content-Length
cache-control: public, max-age=86400, no-transform
content-disposition: inline;filename="B9731436140Z.1_20220705141654_000+GMAKRAA2T.2-0 c.jpg"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 3878
x-xss-protection: 0
expires: Sat, 20 May 2023 20:23:54 GMT

GET
H/1.1 200
OK fleche_012.gif
gif.toutimages.com/images/webmaster/fleches/ 361 B
597 B 156ms
30ms Image
image/gif 62.210.16.62
Online SAS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://gif.toutimages.com/images/webmaster/fleches/fleche_012.gif
Requested by: Host: lebonheurdesparieurs.blogspot.com
URL: https://lebonheurdesparieurs.blogspot.com/?m=1
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 62.210.16.62 , France, ASN12876 (Online SAS, FR),
Reverse DNS: pf-lb-2.online.net
Software: nginx /
Resource Hash: fbe001e8d2ec155f42ab5d50dafab7450919f9d17d96ffc4a118c9f1d9e5a097

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://lebonheurdesparieurs.blogspot.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

Date: Fri, 19 May 2023 20:23:54 GMT
Last-Modified: Mon, 04 Aug 2014 12:45:11 GMT
server: nginx
ETag: "169-4ffcd1c0f83c0"
Content-Type: image/gif
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 361

GET
H2 200 AVvXsEjrPGw05GXD68b9EnlAtC6fp5NqI7o-Ql981Fl6pi8WxKFlR6O4CniKiGIGsgi7-QHphbbHdMh1OJgjZlthQkrN2ltN6fNrswyw8CHNWhwJuAGApikP0VMZFDuqS5cl0ugRFKm0mWodrUcJRw44z93yLlurLpqXR60rfNaCS2Becr3tQSC_7vBXOhvM=w116...
blogger.googleusercontent.com/img/a/ 2 KB
2 KB 209ms
174ms Image
image/jpeg 2a00:1450:4001:828::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

Requested by

Host: lebonheurdesparieurs.blogspot.com
URL: https://lebonheurdesparieurs.blogspot.com/?m=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:828::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

fife /

Resource Hash

3824e70638ae1aaffa5be0c44a9c774a690c3848bcf642b5446118d04e8b72c0

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://lebonheurdesparieurs.blogspot.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date: Fri, 19 May 2023 20:23:54 GMT
x-content-type-options: nosniff
server: fife
etag: "v254"
vary: Origin
content-type: image/jpeg
access-control-expose-headers: Content-Length
cache-control: public, max-age=86400, no-transform
content-disposition: inline;filename="images g.jpg"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 2397
x-xss-protection: 0
expires: Sat, 20 May 2023 20:23:54 GMT

GET
H2 200 AVvXsEgvPtFaVaLohs6ZYtNTjW8f5gyRwAu57HWwr8zkJyuJjrbmTuNTDojK2A0P4jpCMueTtVnIW7yWXQP5ZjbcMeoQiexj4JVd-taNtPU_Ed0-VZ0y9cZpK655d5ZNzDl6i1dfeuKYhld4AQ_qM-jx6Bg1xOqdBiHFKPg0HDWW5qfFJhiojFBcO_sqj0Zc=w120...
blogger.googleusercontent.com/img/a/ 4 KB
4 KB 258ms
222ms Image
image/jpeg 2a00:1450:4001:828::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

Requested by

Host: lebonheurdesparieurs.blogspot.com
URL: https://lebonheurdesparieurs.blogspot.com/?m=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:828::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

fife /

Resource Hash

bc5f84ab56488b20c1136ceef79be6449b7aaf98ab11e399fc972e5c73601f4c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://lebonheurdesparieurs.blogspot.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date: Fri, 19 May 2023 20:23:54 GMT
x-content-type-options: nosniff
server: fife
etag: "v250"
vary: Origin
content-type: image/jpeg
access-control-expose-headers: Content-Length
cache-control: public, max-age=86400, no-transform
content-disposition: inline;filename="B9731436140Z.1_20220705141654_000+GMAKRAA2T.2-0 c.jpg"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 3878
x-xss-protection: 0
expires: Sat, 20 May 2023 20:23:54 GMT

GET
H2 302 banner.gif
img.root-top.com/topsite/47576060/ 0
321 B 1030ms
976ms Image
text/html 2606:4700:3038::6815:ea1a
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://img.root-top.com/topsite/47576060/banner.gif
Requested by: Host: lebonheurdesparieurs.blogspot.com
URL: https://lebonheurdesparieurs.blogspot.com/?m=1
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3038::6815:ea1a , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://lebonheurdesparieurs.blogspot.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date: Fri, 19 May 2023 20:23:55 GMT
cf-cache-status: BYPASS
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=tQENSouBFr%2BhsL0NLCwRVm9FpHyidEwJtRk%2FA76yUu3sbBY%2FQ4b6uTJ8abifyxbJC5rYRL5Wr5DPs5CHTBYFwLAa4MVYvdDG4%2FKbAasxajFAefJPIwAGsMhnxKagaqDGzfU1PE1UMhL6VKcw8nOa"}],"group":"cf-nel","max_age":604800}
content-type: text/html; charset=UTF-8
cf-ray: 7c9f0f76ef154141-LHR
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400

GET
H2 200 banner.gif
img.root-top.com/topsite/equidiagallop01/ 3 KB
4 KB 72ms
26ms Image
image/gif 2606:4700:3038::6815:ea1a
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://img.root-top.com/topsite/equidiagallop01/banner.gif
Requested by: Host: lebonheurdesparieurs.blogspot.com
URL: https://lebonheurdesparieurs.blogspot.com/?m=1
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3038::6815:ea1a , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: b7130ff8d8d5d1fdaec3262b8a42db98bda2b52dc1615efbe7deeb2089625a4f

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://lebonheurdesparieurs.blogspot.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date: Fri, 19 May 2023 20:23:54 GMT
cf-cache-status: HIT
last-modified: Thu, 18 May 2023 14:17:41 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
age: 108373
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=rD44piokwrSD%2F3hlycU3EZUD%2BoJo402fSoZ6VPN3YagQxGJeoqj0zfpYmVvtsAmGd3Ve1xPloUPjq8Q3ZQih%2FCpFd%2Fz15IpItT9yY54FhPiBBC7j0Crs01ddeAFxe9ZI4ZlOT9mbly4QRAuX0gc5"}],"group":"cf-nel","max_age":604800}
content-type: image/gif
cache-control: max-age=14400, must-revalidate
accept-ranges: bytes
cf-ray: 7c9f0f76ef184141-LHR
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 3179
expires: Sun, 21 May 2023 14:17:41 GMT

GET
H2 200 banner.gif
img.root-top.com/topsite/starcourses/ 11 KB
11 KB 75ms
29ms Image
image/gif 2606:4700:3038::6815:ea1a
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://img.root-top.com/topsite/starcourses/banner.gif
Requested by: Host: lebonheurdesparieurs.blogspot.com
URL: https://lebonheurdesparieurs.blogspot.com/?m=1
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3038::6815:ea1a , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 477c3edd3387979f3aba9b127bf8d7874ad5a8f70957d0be417a987dca2a7ec1

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://lebonheurdesparieurs.blogspot.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date: Fri, 19 May 2023 20:23:54 GMT
cf-cache-status: HIT
last-modified: Thu, 18 May 2023 14:17:41 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
age: 108373
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=yaCJwL3ZjhT%2FWx39fg%2BJg5BCi4hgeonwWoTLA5tXZygKJdBtvV%2Bnn1uYzuOIVRejtGaRqQUjOtWe6q%2F85edvV0NxdDUNRdsTZ%2Fr8Ioeeo4oRz%2FTTWSEWwSt11wirf4qO2maKWBjnGSeq5iymeNp6"}],"group":"cf-nel","max_age":604800}
content-type: image/gif
cache-control: max-age=14400, must-revalidate
accept-ranges: bytes
cf-ray: 7c9f0f76ef194141-LHR
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 11445
expires: Sun, 21 May 2023 14:17:41 GMT

GET
H/1.1 200
OK hebdotop.eur Show response
www.hebdotop.com/cgi-bin/ 381 B
531 B 350ms
29ms Script
text/html 212.83.183.115
Online SAS

General

Check archive.org

Show headers Download Go to

Full URL: https://www.hebdotop.com/cgi-bin/hebdotop.eur?id=308589
Requested by: Host: lebonheurdesparieurs.blogspot.com
URL: https://lebonheurdesparieurs.blogspot.com/?m=1
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 212.83.183.115 , France, ASN12876 (Online SAS, FR),
Reverse DNS: www.allosponsor.com
Software: Apache/2.2.22 (Debian) /
Resource Hash: 07d0f4176551c5f7d193daae1c95317e9b043ae21b43b15c5baa7392e12c2894

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://lebonheurdesparieurs.blogspot.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

Date: Fri, 19 May 2023 20:21:24 GMT
Content-Encoding: gzip
Server: Apache/2.2.22 (Debian)
Vary: Accept-Encoding
Transfer-Encoding: chunked
Content-Type: text/html
Connection: Keep-Alive
Keep-Alive: timeout=15, max=100

GET
H2 200 banner.gif
img.root-top.com/topsite/turf/ 6 KB
7 KB 77ms
31ms Image
image/gif 2606:4700:3038::6815:ea1a
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://img.root-top.com/topsite/turf/banner.gif
Requested by: Host: lebonheurdesparieurs.blogspot.com
URL: https://lebonheurdesparieurs.blogspot.com/?m=1
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3038::6815:ea1a , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 96ea94ddffb3136c5a9e0b61e8d17d1e98e9657731ca1a45c61260944e649b2b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://lebonheurdesparieurs.blogspot.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date: Fri, 19 May 2023 20:23:54 GMT
cf-cache-status: HIT
last-modified: Thu, 18 May 2023 13:42:47 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
age: 110467
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=pFnoPuebV0G7w3LkPiTL64P6qKg2qUDUj3IrZSHLV1%2BjgTZrkrf%2FI4qrYt7fNs%2BPOals8OHyaEOJ8GEq9H05A7m9rCogQ2aRjhHAg%2FUfl4dw7N0gB%2FcsnEMUJlUR76P3jlSnN8Yjt3PCYTdKLY2w"}],"group":"cf-nel","max_age":604800}
content-type: image/gif
cache-control: max-age=14400, must-revalidate
accept-ranges: bytes
cf-ray: 7c9f0f76ef1b4141-LHR
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 6364
expires: Sun, 21 May 2023 13:42:47 GMT

GET
H2

200

top10.gif
www.mega-turf.fr/wp-content/uploads/2017/11/
Redirect Chain

https://img.root-top.com/topsite/quinte/banner.gif
https://www.mega-turf.fr/wp-content/uploads/2017/11/top10.gif

22 KB
22 KB

14ms
14ms

Image
image/gif

2606:4700:3035::6815:449a
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.mega-turf.fr/wp-content/uploads/2017/11/top10.gif
Requested by: Host: lebonheurdesparieurs.blogspot.com
URL: https://lebonheurdesparieurs.blogspot.com/?m=1
Protocol: H2
Server: 2606:4700:3035::6815:449a , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e440f091fa1af388be7b7fc800187085ed7d0c2bbde02e55e8092480a74a8bb9

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://lebonheurdesparieurs.blogspot.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date: Fri, 19 May 2023 20:23:55 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 2056608
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 22328
last-modified: Thu, 23 Nov 2017 09:08:40 GMT
server: cloudflare
etag: "5a169018-5738"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=OrajGFptmXiVJoBb1prFXFQi9lQz8FnBk1W4HCNwGq4IW2MC73EYIBe7Lts7RkCH341wvEJPlwDqJgyldDtjS36FFQttj%2Flqs1RtYUOTLDdGIeOzxD5Mz5rBF%2FEAw0ZB0mx31iWrh0IMV6l5CIfb"}],"group":"cf-nel","max_age":604800}
content-type: image/gif
cache-control: max-age=315360000
accept-ranges: bytes
cf-ray: 7c9f0f7dba539101-FRA
expires: Thu, 31 Dec 2037 23:55:55 GMT

Redirect headers

date: Fri, 19 May 2023 20:23:55 GMT
cf-cache-status: BYPASS
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=FIIx%2FYpVD1IOXMspBzXOLCBdoNr6yrOyhMddB4%2BX6yERZITTHD8POtAYqj3wWqKbWr3hpgUeCQOJc94NNHm%2B0%2BLXjfhuKs0epcLwtj3y4aVafKp%2FygRRJiTNzYYge8U63vhMY1M%2BQE2EvtjZvUcS"}],"group":"cf-nel","max_age":604800}
content-type: text/html; charset=UTF-8
location: https://www.mega-turf.fr/wp-content/uploads/2017/11/top10.gif
cf-ray: 7c9f0f76ef1d4141-LHR
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400

GET
H2

200

5.gif
www.mega-turf.fr/wp-content/uploads/2017/06/
Redirect Chain

https://img.root-top.com/topsite/megaturf/banner.gif
https://www.mega-turf.fr/wp-content/uploads/2017/06/5.gif

27 KB
28 KB

70ms
13ms

Image
image/gif

2606:4700:3035::6815:449a
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.mega-turf.fr/wp-content/uploads/2017/06/5.gif
Requested by: Host: lebonheurdesparieurs.blogspot.com
URL: https://lebonheurdesparieurs.blogspot.com/?m=1
Protocol: H2
Server: 2606:4700:3035::6815:449a , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 69f7014f954ee1dce1c6e9fb7d5acaa31918b9ddea175fbe57c37da8ca680d6b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://lebonheurdesparieurs.blogspot.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date: Fri, 19 May 2023 20:23:55 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 1924910
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 27601
last-modified: Sun, 25 Jun 2017 11:18:37 GMT
server: cloudflare
etag: "594f9c0d-6bd1"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=ohqBtEH0Lju87gdlsM2k7xfnoWrcM%2Bts9LfI5yHYND5xUWDWvxbQIywAUlsv1k3wSUrcfwn1jcNtVnc3tluGY22O%2B0nl0I5ypNHxwet28n2eQLAIn1HRc%2FOlzzg0X5HohhzadUC4ZEH5JObwSdMr"}],"group":"cf-nel","max_age":604800}
content-type: image/gif
cache-control: max-age=315360000
accept-ranges: bytes
cf-ray: 7c9f0f7d59fc9101-FRA
expires: Thu, 31 Dec 2037 23:55:55 GMT

Redirect headers

date: Fri, 19 May 2023 20:23:55 GMT
cf-cache-status: BYPASS
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=w0v6aqhpQlfUjws4mae0i%2BIii23Mky9AwtFxDIJsBBFpWAq4QkvO5v%2B85zFnggUZyya%2FtPzXrwaTsPZtJKXtqdjiy5ITtFOYa1g4HciH7TEWmpEJom2annYvkh5oDDMGH7yuMl%2Fpjf5wghSgshxg"}],"group":"cf-nel","max_age":604800}
content-type: text/html; charset=UTF-8
location: https://www.mega-turf.fr/wp-content/uploads/2017/06/5.gif
cf-ray: 7c9f0f76ff2a4141-LHR
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400

GET
H2

200

3.gif
www.mega-turf.fr/wp-content/uploads/2017/06/
Redirect Chain

https://img.root-top.com/topsite/guideturf/banner.gif
https://www.mega-turf.fr/wp-content/uploads/2017/06/3.gif

6 KB
6 KB

72ms
16ms

Image
image/gif

2606:4700:3035::6815:449a
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.mega-turf.fr/wp-content/uploads/2017/06/3.gif
Requested by: Host: lebonheurdesparieurs.blogspot.com
URL: https://lebonheurdesparieurs.blogspot.com/?m=1
Protocol: H2
Server: 2606:4700:3035::6815:449a , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e97c96837e369b2bdeb1247737819ff2a8a429203bb23bd6f96b82961f5fada5

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://lebonheurdesparieurs.blogspot.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date: Fri, 19 May 2023 20:23:55 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 1917735
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 6009
last-modified: Sun, 25 Jun 2017 11:18:19 GMT
server: cloudflare
etag: "594f9bfb-1779"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=4s5foZVh7WJHrvOPlXg2qazA03ymJ5b9Ip85732jMKiWcO73keTcxMQtoL0bT7wQsY3LOfRu7Vao1YelwGNjgqqUyK4bei%2B%2B%2BXGTAz0vLIkbTxCrGI6hAtI4wRvgGFCI2y0p6V2q0LuUgSatB5fQ"}],"group":"cf-nel","max_age":604800}
content-type: image/gif
cache-control: max-age=315360000
accept-ranges: bytes
cf-ray: 7c9f0f7d59fd9101-FRA
expires: Thu, 31 Dec 2037 23:55:55 GMT

Redirect headers

date: Fri, 19 May 2023 20:23:55 GMT
cf-cache-status: BYPASS
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=dx8MEU%2B8e2kKjwzarHPEegFl0cfbM5vjNMXgpcbyuQ%2FhlKrsTjI34lqy8Ns7QTL0DwYjyvQlnxSWuE5qOK003K9FE948j04J2QFI1Y65I8ODz7kBla6lGNZBzlYtYNChhyPuOdfnFHGijmCMpVqD"}],"group":"cf-nel","max_age":604800}
content-type: text/html; charset=UTF-8
location: https://www.mega-turf.fr/wp-content/uploads/2017/06/3.gif
cf-ray: 7c9f0f76ff2c4141-LHR
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400

GET
H2

200

01-turf0.gif
www.mega-turf.fr/wp-content/uploads/2017/12/
Redirect Chain

https://img.root-top.com/topsite/01turf/banner.gif
https://www.mega-turf.fr/wp-content/uploads/2017/12/01-turf0.gif

105 KB
106 KB

15ms
15ms

Image
image/gif

2606:4700:3035::6815:449a
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.mega-turf.fr/wp-content/uploads/2017/12/01-turf0.gif
Requested by: Host: lebonheurdesparieurs.blogspot.com
URL: https://lebonheurdesparieurs.blogspot.com/?m=1
Protocol: H2
Server: 2606:4700:3035::6815:449a , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 91d18befaf61db627997ed74c36f16e2c0b5a768ed87755ea9c710120505467c

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://lebonheurdesparieurs.blogspot.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date: Fri, 19 May 2023 20:23:55 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 815777
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 107801
last-modified: Sun, 03 Dec 2017 21:54:18 GMT
server: cloudflare
etag: "5a24728a-1a519"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=aH5OXUOwMjIbfmbqgSuRP18nW%2FNDoZ90nGVKjauBe9%2B8wzs3U0bbGbIxK62rZ3dKdptNfFqAWQ0zQM%2FQvxGfPjLO4JiJt11cdv708BAo8zCB6kTxpvrn2nkFZQaexHjecASuZ5grIQPQwxUjtDOZ"}],"group":"cf-nel","max_age":604800}
content-type: image/gif
cache-control: max-age=315360000
accept-ranges: bytes
cf-ray: 7c9f0f7dca639101-FRA
expires: Thu, 31 Dec 2037 23:55:55 GMT

Redirect headers

date: Fri, 19 May 2023 20:23:55 GMT
cf-cache-status: BYPASS
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=1prpoBzBSYpGd9Jf4%2B5tcRlKnaCWrLDegLdWM9MVkSk2SLM8lskGMtwkPtsJ1%2BC2KvUuCwjdPiB%2B99UJod3RU4Qm7goWS37L4c5A1J6DD8gAi53YlT4rHcCfLBDRcCoK6Uas%2BHREX7nvhiR69MoY"}],"group":"cf-nel","max_age":604800}
content-type: text/html; charset=UTF-8
location: https://www.mega-turf.fr/wp-content/uploads/2017/12/01-turf0.gif
cf-ray: 7c9f0f76ff2d4141-LHR
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400

GET
H2

200

bestof.gif
www.mega-turf.fr/wp-content/uploads/2017/12/
Redirect Chain

https://img.root-top.com/topsite/willybill/banner.gif
https://www.mega-turf.fr/wp-content/uploads/2017/12/bestof.gif

11 KB
12 KB

15ms
15ms

Image
image/gif

2606:4700:3035::6815:449a
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.mega-turf.fr/wp-content/uploads/2017/12/bestof.gif
Requested by: Host: lebonheurdesparieurs.blogspot.com
URL: https://lebonheurdesparieurs.blogspot.com/?m=1
Protocol: H2
Server: 2606:4700:3035::6815:449a , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 7f8140b4307cc838aa666051c24cd45b5e8ada264bd84458fbc90ba125ed2ebf

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://lebonheurdesparieurs.blogspot.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date: Fri, 19 May 2023 20:23:55 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 355082
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 11718
last-modified: Sun, 03 Dec 2017 22:24:33 GMT
server: cloudflare
etag: "5a2479a1-2dc6"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=3%2B8Ahev7zri5jMXxYu6CgByWtjJcC3YPhwg4wnc69BxBSz%2BMgUULOqGhUq189UkumjteyUvn6RovryxC1Lo52Be%2FtAfTZd0bcoKNaEHYu42nL7YJa6CvIRnXc8ic%2BqU8BTcmVTAZTnZct0oNpLy4"}],"group":"cf-nel","max_age":604800}
content-type: image/gif
cache-control: max-age=315360000
accept-ranges: bytes
cf-ray: 7c9f0f7dba549101-FRA
expires: Thu, 31 Dec 2037 23:55:55 GMT

Redirect headers

date: Fri, 19 May 2023 20:23:55 GMT
cf-cache-status: BYPASS
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Jl5OcTiUE4y%2F%2B%2B2KIArza4EJQrPA5zTCIus3blQJRdK6T8dk5b63rp7Do31fpQ76l44BM%2FxXA8%2FRA0ZZjSJDl7lza2knAWEPZrnm4pw%2FKmFJWZh0xs2sb01EA8MLi5nBEg%2FGNg%2F95mD9XbgoXg7s"}],"group":"cf-nel","max_age":604800}
content-type: text/html; charset=UTF-8
location: https://www.mega-turf.fr/wp-content/uploads/2017/12/bestof.gif
cf-ray: 7c9f0f770f444141-LHR
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400

GET
H2 200 banner.gif
img.root-top.com/topsite/toppronosturf/ 10 KB
10 KB 40ms
39ms Image
image/gif 2606:4700:3038::6815:ea1a
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://img.root-top.com/topsite/toppronosturf/banner.gif
Requested by: Host: lebonheurdesparieurs.blogspot.com
URL: https://lebonheurdesparieurs.blogspot.com/?m=1
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3038::6815:ea1a , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: ce8adc0c107a66b72ed99daad838150877a1cff4d5ed673b14cddf6de148d754

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://lebonheurdesparieurs.blogspot.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date: Fri, 19 May 2023 20:23:54 GMT
cf-cache-status: HIT
last-modified: Thu, 18 May 2023 13:49:14 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
age: 110080
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=13z%2BpHEImcDxtFKWG8LCy45%2FxalIZIH83orjhKt3EUH1yISJV8Y6dNUGPaxFYUpmWWqrOl195T%2FUMmRsKLy1mbZSJ22RfsumZlju9J22ouGPIG91xsKWKjStO%2BmUnjyxdIhWROA5QHgQtwgxHzFk"}],"group":"cf-nel","max_age":604800}
content-type: image/gif
cache-control: max-age=14400, must-revalidate
accept-ranges: bytes
cf-ray: 7c9f0f770f464141-LHR
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 9824
expires: Sun, 21 May 2023 13:49:14 GMT

GET
H2 200 banner.gif
img.root-top.com/topsite/etoiledujourturf/ 13 KB
13 KB 37ms
36ms Image
image/gif 2606:4700:3038::6815:ea1a
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://img.root-top.com/topsite/etoiledujourturf/banner.gif
Requested by: Host: lebonheurdesparieurs.blogspot.com
URL: https://lebonheurdesparieurs.blogspot.com/?m=1
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3038::6815:ea1a , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e186a1ac6f1cc16cbcdb76924cd20035a0abed77ca9bf01b8882c8f1442b825f

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://lebonheurdesparieurs.blogspot.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date: Fri, 19 May 2023 20:23:54 GMT
cf-cache-status: HIT
last-modified: Fri, 19 May 2023 19:08:07 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
age: 4547
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=dL4qmqmCBIOxBmdzjrNQJmVNmqNq58kDVHIkUCCPXY3buCOrsRVuAXomECPhMdxEGLoA%2BIK1dAjU2c3r83uQjTvk5pVoy6UybKVYld91vlQ3l1K01pP7oVfDUYmA438%2B4XO6R1rvZfkrg%2Bvlvwj1"}],"group":"cf-nel","max_age":604800}
content-type: image/gif
cache-control: max-age=14400, must-revalidate
accept-ranges: bytes
cf-ray: 7c9f0f770f484141-LHR
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 13218
expires: Mon, 22 May 2023 19:08:07 GMT

GET
H2 200 banner.gif
img.root-top.com/topsite/secrets/ 3 KB
3 KB 37ms
36ms Image
image/gif 2606:4700:3038::6815:ea1a
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://img.root-top.com/topsite/secrets/banner.gif
Requested by: Host: lebonheurdesparieurs.blogspot.com
URL: https://lebonheurdesparieurs.blogspot.com/?m=1
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3038::6815:ea1a , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 5430710d4542e080be28794f5ffd14de7105561a83f89f9064986ad051781c0e

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://lebonheurdesparieurs.blogspot.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date: Fri, 19 May 2023 20:23:54 GMT
cf-cache-status: HIT
last-modified: Thu, 18 May 2023 14:58:13 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
age: 105941
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=9JwluOVyCV2ASkNInQM7Nh8OMUTHEHnoOWdshOi9oTjjTTbZfPYJSPpcfI0g9i4AKypBSCMcdY1hKbcFnftAcybt8LN8oMwRv1nYM2ve3CiOjw6xMKPEnOjgZe6uZ%2BxzgnRC1bVREdY4pT03S3h7"}],"group":"cf-nel","max_age":604800}
content-type: image/gif
cache-control: max-age=14400, must-revalidate
accept-ranges: bytes
cf-ray: 7c9f0f770f494141-LHR
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 3133
expires: Sun, 21 May 2023 14:58:13 GMT

GET

exelturf.jpg
lemagicienduturf.free.fr/images/
Redirect Chain

https://img.root-top.com/topsite/exelturf/banner.gif
https://lemagicienduturf.free.fr/images/exelturf.jpg

0
0

GET
H2

200

pmuchmpi.gif
www.pmu-net.lachezvos.pro/image/
Redirect Chain

https://img.root-top.com/topsite/pmuchampion/banner.gif
https://www.pmu-net.lachezvos.pro/image/pmuchmpi.gif

9 KB
9 KB

254ms
23ms

Image
image/gif

2001:41d0:301::20
OVH

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.pmu-net.lachezvos.pro/image/pmuchmpi.gif
Requested by: Host: lebonheurdesparieurs.blogspot.com
URL: https://lebonheurdesparieurs.blogspot.com/?m=1
Protocol: H2
Server: 2001:41d0:301::20 , France, ASN16276 (OVH, FR),
Reverse DNS
Software: Apache /
Resource Hash: aed59e8323afae6683109f7202e812c6641c3775e23aac648097cf702f462d1a

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://lebonheurdesparieurs.blogspot.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date: Fri, 19 May 2023 20:23:56 GMT
last-modified: Sun, 01 Dec 2019 13:31:47 GMT
server: Apache
content-type: image/gif
cache-control: max-age=900
accept-ranges: bytes
content-length: 9008
expires: Fri, 19 May 2023 20:38:56 GMT

Redirect headers

date: Fri, 19 May 2023 20:23:55 GMT
cf-cache-status: BYPASS
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=2Ot9rYEpaec%2FCl%2BwUl0Hf%2BbeCUgjPIaNq8rUkFYBWmiKyvh3MFfRC8sxpOwTRkfFXdirEYSgTDkb0f1sbiTwDsFDw1HAt9tQeswuDK1%2BHzxHsmX5n%2Bz1YzkvvT4WHixd7R3JAy4q3Q7RdgFQd3wQ"}],"group":"cf-nel","max_age":604800}
content-type: text/html; charset=UTF-8
location: http://www.pmu-net.lachezvos.pro/image/pmuchmpi.gif
cf-ray: 7c9f0f770f4b4141-LHR
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400

GET
H2 200 AByxGDTHgxs-x5BRFHxLFdrZgdjtk-vzCK1tKfh7S8wQI2I2mOQybaM-fMeYCe-lk854CZ0h8zMtf9wGjEGhnTokmgB7nsS8xSEx3ntaWLsfO_OSsQBTmQ=s0-d
lh3.googleusercontent.com/blogger_img_proxy/ 2 KB
2 KB 9ms
8ms Image
image/gif 2a00:1450:4001:828::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://lh3.googleusercontent.com/blogger_img_proxy/AByxGDTHgxs-x5BRFHxLFdrZgdjtk-vzCK1tKfh7S8wQI2I2mOQybaM-fMeYCe-lk854CZ0h8zMtf9wGjEGhnTokmgB7nsS8xSEx3ntaWLsfO_OSsQBTmQ=s0-d

Requested by

Host: lebonheurdesparieurs.blogspot.com
URL: https://lebonheurdesparieurs.blogspot.com/?m=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:828::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

fife /

Resource Hash

dbd2f2ed985534056858c78ffcc6c6c4837740e515e6e493dc831411d60d6457

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://lebonheurdesparieurs.blogspot.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date: Fri, 19 May 2023 20:01:54 GMT
x-content-type-options: nosniff
server: fife
age: 1320
vary: Origin
content-type: image/gif
access-control-allow-origin: *
access-control-expose-headers: Content-Length
cache-control: public, max-age=86400, no-transform
content-disposition: attachment;filename="unnamed.gif"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1762
x-xss-protection: 0
expires: Sat, 20 May 2023 20:01:54 GMT

GET
H2 200 quinte_infos Show response
www.pronostic-facile.fr/widget/partner/script/ 249 B
849 B 85ms
32ms Script
text/html 2606:4700:3034::ac43:c8d8
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://www.pronostic-facile.fr/widget/partner/script/quinte_infos
Requested by: Host: lebonheurdesparieurs.blogspot.com
URL: https://lebonheurdesparieurs.blogspot.com/?m=1
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3034::ac43:c8d8 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: c578f2ac7490097327a70875954fdb63a8e1c07d2f36c117e49a227ba9490254

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://lebonheurdesparieurs.blogspot.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

x-runtime: 3
date: Fri, 19 May 2023 20:23:54 GMT
content-encoding: br
cf-cache-status: DYNAMIC
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=D9KLku0k%2Fojuf1UeTdu3GHhY8JU1hNUEk2BwVrsAEAbUUTZwPEJ2%2B80qk4%2BrEbtZGvQ7BuEYaDWqfi94AeZ458diNzaqWbqpeVBQ0hD1LZR9uMyiw0397o%2BU%2B5s8E7jqHcu3s8wZ4YS1pOHBPHs2E40XSo3Irg%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/html; charset=utf-8
cache-control: private, max-age=0, must-revalidate
cf-ray: 7c9f0f76cdc79c07-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400

GET
H2 200 cookienotice.js Show response
lebonheurdesparieurs.blogspot.com/js/ 6 KB
2 KB 16ms
15ms Script
text/javascript 2a00:1450:4001:829::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://lebonheurdesparieurs.blogspot.com/js/cookienotice.js

Requested by

Host: lebonheurdesparieurs.blogspot.com
URL: https://lebonheurdesparieurs.blogspot.com/?m=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:829::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

068ffe90977f2b5b2dc2ef18572166e85281bd0ecb31c4902464b23db54d2568

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://lebonheurdesparieurs.blogspot.com/?m=1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date: Fri, 19 May 2023 20:23:54 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 2026
x-xss-protection: 0
last-modified: Fri, 19 May 2023 19:56:28 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"blogger-tech","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/blogger-tech"}]}
content-type: text/javascript
cache-control: public, max-age=604800
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="blogger-tech"
expires: Fri, 26 May 2023 20:23:54 GMT

GET
H2 200 3434683727-widgets.js Show response
www.blogger.com/static/v1/widgets/ 154 KB
56 KB 11ms
7ms Script
text/javascript 2a00:1450:4001:828::2009
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.blogger.com/static/v1/widgets/3434683727-widgets.js

Requested by

Host: lebonheurdesparieurs.blogspot.com
URL: https://lebonheurdesparieurs.blogspot.com/?m=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:828::2009 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

22d4568a71f29fbca7b04a016273d0f5cd8ac060958bcca78e225d9314b66868

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://lebonheurdesparieurs.blogspot.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date: Fri, 19 May 2023 15:06:43 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 19031
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 56801
x-xss-protection: 0
last-modified: Wed, 17 May 2023 08:51:57 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"blogger-tech","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/blogger-tech"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="blogger-tech"
expires: Sat, 18 May 2024 15:06:43 GMT

GET
H2 200 tabs_gradient_light.png
resources.blogblog.com/blogblog/data/1kt/awesomeinc/ 182 B
295 B 9ms
8ms Image
image/png 2a00:1450:4001:828::2009
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://resources.blogblog.com/blogblog/data/1kt/awesomeinc/tabs_gradient_light.png

Requested by

Host: lebonheurdesparieurs.blogspot.com
URL: https://lebonheurdesparieurs.blogspot.com/?m=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:828::2009 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

5e516df49b160c3efcb1ea09dd4c5f5b7c99a23a18a2a882acc379179bdbaacd

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://lebonheurdesparieurs.blogspot.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date: Sat, 13 May 2023 10:57:35 GMT
x-content-type-options: nosniff
last-modified: Fri, 12 May 2023 13:50:45 GMT
server: sffe
age: 552379
report-to: {"group":"blogger-tech","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/blogger-tech"}]}
content-type: image/png
cache-control: public, max-age=604800
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 182
x-xss-protection: 0
cross-origin-opener-policy-report-only: same-origin; report-to="blogger-tech"
expires: Sat, 20 May 2023 10:57:35 GMT

GET
H2 200 share_buttons_20_3.png
www.blogger.com/img/ 5 KB
5 KB 11ms
11ms Image
image/png 2a00:1450:4001:828::2009
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.blogger.com/img/share_buttons_20_3.png

Requested by

Host: www.blogger.com
URL: https://www.blogger.com/static/v1/widgets/3566091532-css_bundle_v2.css

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:828::2009 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

3829a5b2ade7cfc416c80b8f3df71e49e68672875f025d525223978f5cee3fd3

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.blogger.com/static/v1/widgets/3566091532-css_bundle_v2.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date: Sat, 13 May 2023 02:34:10 GMT
x-content-type-options: nosniff
last-modified: Fri, 12 May 2023 18:53:20 GMT
server: sffe
age: 582584
report-to: {"group":"blogger-tech","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/blogger-tech"}]}
content-type: image/png
cache-control: public, max-age=604800
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 5080
x-xss-protection: 0
cross-origin-opener-policy-report-only: same-origin; report-to="blogger-tech"
expires: Sat, 20 May 2023 02:34:10 GMT

GET
H3 200 authorization.css
www.blogger.com/dyn-css/ 1 B
43 B 111ms
111ms Stylesheet
text/css 2a00:1450:4001:828::2009
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.blogger.com/dyn-css/authorization.css?targetBlogID=9207037990208915533&zx=caa5284d-b535-453b-a7e6-e14a62fac948

Requested by

Host: lebonheurdesparieurs.blogspot.com
URL: https://lebonheurdesparieurs.blogspot.com/?m=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::2009 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

GSE /

Resource Hash

01ba4719c80b6fe911b091a7c05124b64eeece964e09c058ef8f9805daca546b

Security Headers

Name	Value
Content-Security-Policy	script-src 'self' .google.com .google-analytics.com 'unsafe-inline' 'unsafe-eval' .gstatic.com .googlesyndication.com .blogger.com .googleapis.com uds.googleusercontent.com https://s.ytimg.com https://i18n-cloud.appspot.com https://www.youtube.com www-onepick-opensocial.googleusercontent.com www-bloggervideo-opensocial.googleusercontent.com www-blogger-opensocial.googleusercontent.com https://www.blogblog.com; report-uri /cspreport
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://lebonheurdesparieurs.blogspot.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

pragma: no-cache
content-security-policy: script-src 'self' *.google.com *.google-analytics.com 'unsafe-inline' 'unsafe-eval' *.gstatic.com *.googlesyndication.com *.blogger.com *.googleapis.com uds.googleusercontent.com https://s.ytimg.com https://i18n-cloud.appspot.com https://www.youtube.com www-onepick-opensocial.googleusercontent.com www-bloggervideo-opensocial.googleusercontent.com www-blogger-opensocial.googleusercontent.com https://www.blogblog.com; report-uri /cspreport
date: Fri, 19 May 2023 20:23:54 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Fri, 19 May 2023 20:23:54 GMT
server: GSE
x-frame-options: SAMEORIGIN
p3p: CP="This is not a P3P policy! See https://www.google.com/support/accounts/bin/answer.py?hl=en&answer=151657 for more info."
content-type: text/css; charset=UTF-8
cache-control: no-cache, no-store, max-age=0, must-revalidate
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 21
x-xss-protection: 1; mode=block
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H2 200 taght.php Show response
www.1clic1don.fr/ Frame 3080 1 KB
1 KB 164ms
103ms Document
text/html 2a06:98c1:3120::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.1clic1don.fr/taght.php

Requested by

Host: www.hebdotop.com
URL: https://www.hebdotop.com/cgi-bin/hebdotop.eur?id=308589

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a06:98c1:3120::3 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

c96034ed636cd53e9c7d07d5cd8a8f5d4847f54c8e78feadc229e1507ac688cd

Security Headers

Name	Value
Strict-Transport-Security	max-age=15768000

Request headers

Referer: https://lebonheurdesparieurs.blogspot.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
cf-cache-status: DYNAMIC
cf-ray: 7c9f0f78e9fa918e-FRA
content-encoding: br
content-type: text/html; charset=UTF-8
date: Fri, 19 May 2023 20:23:55 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=u2vgb2J8uTvbirps2e37TjpubOByOxK0ZSh5Rimm8exOpJEDUAjPAGnkJgcvf3rat2Ud7urxcb7272%2B0umWFfmOSaNhgpaZNW2ZLxyEiFIVmZlOAJS4tPeRnpvx9m%2BJ%2F%2Bs6I3PIpGy07LPMuJWxf"}],"group":"cf-nel","max_age":604800}
server: cloudflare
strict-transport-security: max-age=15768000

GET
H/1.1 200
OK vote41097.eur
www.hebdotop.com/cgi-bin/ 181 B
389 B 30ms
30ms Image
image/png 212.83.183.115
Online SAS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.hebdotop.com/cgi-bin/vote41097.eur?id=308589
Requested by: Host: lebonheurdesparieurs.blogspot.com
URL: https://lebonheurdesparieurs.blogspot.com/?m=1
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 212.83.183.115 , France, ASN12876 (Online SAS, FR),
Reverse DNS: www.allosponsor.com
Software: Apache/2.2.22 (Debian) /
Resource Hash: 6a4d5227f760e30e5b86f0f48c198e6dd39dfa0cf4e30518dfa8747e23324aaa

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://lebonheurdesparieurs.blogspot.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

Date: Fri, 19 May 2023 20:21:24 GMT
Server: Apache/2.2.22 (Debian)
Connection: Keep-Alive
Keep-Alive: timeout=15, max=99
Transfer-Encoding: chunked
Content-Type: image/png

GET
H2 200 all Show response
www.pronostic-facile.fr/widget/partner/quinte_infos/ Frame B2A9 8 KB
4 KB 26ms
25ms Document
text/html 2606:4700:3034::ac43:c8d8
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://www.pronostic-facile.fr/widget/partner/quinte_infos/all
Requested by: Host: www.pronostic-facile.fr
URL: https://www.pronostic-facile.fr/widget/partner/script/quinte_infos
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3034::ac43:c8d8 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: b4bf4f9438f30a281ce196377d07925d46e41db45930d81c2948708af0a04f63

Request headers

Referer: https://lebonheurdesparieurs.blogspot.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
cache-control: private, max-age=0, must-revalidate
cf-cache-status: DYNAMIC
cf-ray: 7c9f0f7888669c07-FRA
content-encoding: br
content-type: text/html; charset=utf-8
date: Fri, 19 May 2023 20:23:54 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=PoiIlXJyy3kfn2cNv53pOWDPN79rDCMXLUwJcy%2FH%2FwEl4ZjprBDeEvCNZdQ9XLgtN2S6rg0H8VXbEapHmhoK%2BrAf3I%2BAd%2BI6V40FYBbGrV%2FHmYQltkF1B7kD1MziFoaeL447an%2FG48oW2fzWyAQmdh9YV1TnoA%3D%3D"}],"group":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
x-runtime: 1

GET
H2 200 clock-widget-iframe-v2 Show response
www.zeitverschiebung.net/ Frame 6CFD 5 KB
2 KB 38ms
9ms Document
text/html 178.254.1.54
EVANZOAS

General

Check archive.org

Show headers Download Go to

Full URL

https://www.zeitverschiebung.net/clock-widget-iframe-v2?language=fr&size=medium&timezone=Europe%2FParis

Requested by

Host: lebonheurdesparieurs.blogspot.com
URL: https://lebonheurdesparieurs.blogspot.com/?m=1

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

178.254.1.54 , Germany, ASN42730 (EVANZOAS, DE),

Reverse DNS

hello-world.digital

Software

nginx / PHP/7.3.33 PleskLin

Resource Hash

f6167a4dbe5720f05625c8e46ec14ec363d27188205a322839a85d83909d8a3d

Security Headers

Name	Value
Strict-Transport-Security	max-age=15768000; includeSubDomains

Request headers

Referer: https://lebonheurdesparieurs.blogspot.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

content-encoding: gzip
content-length: 1956
content-type: text/html; charset=UTF-8
date: Fri, 19 May 2023 20:23:54 GMT
server: nginx
strict-transport-security: max-age=15768000; includeSubDomains
vary: Accept-Encoding
x-cache-status: BYPASS
x-powered-by: PHP/7.3.33 PleskLin

GET
H3 200 rocket-loader.min.js Show response
www.pronostic-facile.fr/cdn-cgi/scripts/7d0fa10a/cloudflare-static/ Frame B2A9 12 KB
4 KB 20ms
20ms Script
application/javascript 2606:4700:3034::ac43:c8d8
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.pronostic-facile.fr/cdn-cgi/scripts/7d0fa10a/cloudflare-static/rocket-loader.min.js

Requested by

Host: www.pronostic-facile.fr
URL: https://www.pronostic-facile.fr/widget/partner/quinte_infos/all

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:3034::ac43:c8d8 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

ccf00d1923b0131a10e0c6d26f95e5dee6ebf8621a27e83c5a2f68a2e0093142

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	DENY

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.pronostic-facile.fr/widget/partner/quinte_infos/all
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date: Fri, 19 May 2023 20:23:55 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Thu, 18 May 2023 12:47:19 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
etag: W/"64661e57-302c"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=A1AvsnQoV0x0K4NDTVtTVUaOmu0l3nduoyMUpN4rDK21SYz7xXgQI6LT9Ulfrk%2BT9xdp%2B6RBIA1cVN6XSAAo7jDTpEx%2FOq8D0EH1HTzr3jh6AUeY0QHCo0%2Bp%2FA4cRbvA6xuPWVnHZLDlqO%2FWGj2mO%2F24l%2Fm%2BEg%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
x-frame-options: DENY
cache-control: max-age=172800, public
cf-ray: 7c9f0f78b976922c-FRA
expires: Sun, 21 May 2023 20:23:55 GMT

GET
H2 200 v52afc6f149f6479b8c77fa569edb01181681764108816 Show response
static.cloudflareinsights.com/beacon.min.js/ Frame B2A9 19 KB
7 KB 83ms
55ms Script
text/javascript 2606:4700::6810:3965
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://static.cloudflareinsights.com/beacon.min.js/v52afc6f149f6479b8c77fa569edb01181681764108816
Requested by: Host: www.pronostic-facile.fr
URL: https://www.pronostic-facile.fr/widget/partner/quinte_infos/all
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6810:3965 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 13a548e040a1ec08f77911fed1d559b95e5daae0ee227e632140e003c7268e7b

Request headers

Referer: https://www.pronostic-facile.fr/
Origin: https://www.pronostic-facile.fr
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date: Fri, 19 May 2023 20:23:55 GMT
content-encoding: gzip
last-modified: Mon, 17 Apr 2023 20:41:48 GMT
server: cloudflare
etag: W/2023.4.2
vary: Accept-Encoding
content-type: text/javascript;charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=86400
cross-origin-resource-policy: cross-origin
cf-ray: 7c9f0f78e8ec3625-FRA

GET
H2 200 css
fonts.googleapis.com/ Frame 6CFD 3 KB
1 KB 49ms
18ms Stylesheet
text/css 2a00:1450:4001:828::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Open+Sans

Requested by

Host: www.zeitverschiebung.net
URL: https://www.zeitverschiebung.net/clock-widget-iframe-v2?language=fr&size=medium&timezone=Europe%2FParis

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:828::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

d265615b79f98fdfff370ea32da7b4b02317fc6017b898cfb9c657a65618ac07

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.zeitverschiebung.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Fri, 19 May 2023 20:23:55 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
last-modified: Fri, 19 May 2023 18:59:25 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Fri, 19 May 2023 20:23:55 GMT

GET
H2 200 jquery.min.js Show response
ajax.googleapis.com/ajax/libs/jquery/1.12.4/ Frame 6CFD 95 KB
34 KB 287ms
9ms Script
text/javascript 2a00:1450:4001:82f::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://ajax.googleapis.com/ajax/libs/jquery/1.12.4/jquery.min.js

Requested by

Host: www.zeitverschiebung.net
URL: https://www.zeitverschiebung.net/clock-widget-iframe-v2?language=fr&size=medium&timezone=Europe%2FParis

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82f::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

668b046d12db350ccba6728890476b3efee53b2f42dbb84743e5e9f1ae0cc404

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.zeitverschiebung.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date: Thu, 18 May 2023 16:19:20 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 101075
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/hosted-libraries-pushers
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 33951
x-xss-protection: 0
last-modified: Tue, 03 Mar 2020 19:15:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="hosted-libraries-pushers"
vary: Accept-Encoding
report-to: {"group":"hosted-libraries-pushers","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/hosted-libraries-pushers"}]}
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=31536000, stale-while-revalidate=2592000
accept-ranges: bytes
timing-allow-origin: *
expires: Fri, 17 May 2024 16:19:20 GMT

GET
H2 200 js Show response
www.googletagmanager.com/gtag/ Frame 6CFD 117 KB
46 KB 21ms
19ms Script
application/javascript 2a00:1450:4001:831::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=UA-378139-21

Requested by

Host: www.zeitverschiebung.net
URL: https://www.zeitverschiebung.net/clock-widget-iframe-v2?language=fr&size=medium&timezone=Europe%2FParis

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:831::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

cf21aa15a0ce375e015c2451bf693d37ddca4e2a81b698d30d7bc9a40a009c11

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.zeitverschiebung.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date: Fri, 19 May 2023 20:23:55 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 46519
x-xss-protection: 0
last-modified: Fri, 19 May 2023 18:00:00 GMT
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Fri, 19 May 2023 20:23:55 GMT

GET
H2 200 js Show response
www.googletagmanager.com/gtag/ Frame 6CFD 249 KB
84 KB 24ms
23ms Script
application/javascript 2a00:1450:4001:831::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=G-Z17S62ZZCJ

Requested by

Host: www.zeitverschiebung.net
URL: https://www.zeitverschiebung.net/clock-widget-iframe-v2?language=fr&size=medium&timezone=Europe%2FParis

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:831::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

64f694b70017debaf123e93523a2ae70355953695165c27391cfe190346573be

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.zeitverschiebung.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date: Fri, 19 May 2023 20:23:55 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
access-control-allow-headers: Cache-Control
content-length: 86139
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires: Fri, 19 May 2023 20:23:55 GMT

GET
H2 200 js Show response
www.googletagmanager.com/gtag/ Frame B2A9 117 KB
46 KB 54ms
29ms Script
application/javascript 2a00:1450:4001:831::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=UA-630351-12

Requested by

Host: www.pronostic-facile.fr
URL: https://www.pronostic-facile.fr/cdn-cgi/scripts/7d0fa10a/cloudflare-static/rocket-loader.min.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:831::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

48c42f319a588fd24e9af38518223438e048599468f36f629db2317d79f29a69

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.pronostic-facile.fr/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date: Fri, 19 May 2023 20:23:55 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 46524
x-xss-protection: 0
last-modified: Fri, 19 May 2023 18:00:00 GMT
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Fri, 19 May 2023 20:23:55 GMT

POST
H3 204 rum Show response
www.pronostic-facile.fr/cdn-cgi/ Frame B2A9 0
147 B 12ms
11ms XHR
text/plain 2606:4700:3034::ac43:c8d8
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.pronostic-facile.fr/cdn-cgi/rum?

Requested by

Host: static.cloudflareinsights.com
URL: https://static.cloudflareinsights.com/beacon.min.js/v52afc6f149f6479b8c77fa569edb01181681764108816

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:3034::ac43:c8d8 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	DENY

Request headers

Referer: https://www.pronostic-facile.fr/widget/partner/quinte_infos/all
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36
content-type: application/json

Response headers

date: Fri, 19 May 2023 20:23:55 GMT
x-content-type-options: nosniff
server: cloudflare
vary: Origin
access-control-max-age: 86400
access-control-allow-methods: POST,OPTIONS
access-control-allow-origin: https://www.pronostic-facile.fr
x-frame-options: DENY
access-control-allow-credentials: true
cf-ray: 7c9f0f7949ee922c-FRA

GET
H2 200 analytics.js Show response
www.google-analytics.com/ Frame B2A9 51 KB
21 KB 40ms
10ms Script
text/javascript 2a00:1450:4001:813::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/analytics.js

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=UA-630351-12

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:813::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

e7b90d32907f89c49e9e2a2ccca95133277f756f13a14187936d9b948ff67b44

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.pronostic-facile.fr/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

strict-transport-security: max-age=10886400; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
date: Fri, 19 May 2023 18:35:39 GMT
last-modified: Mon, 17 Apr 2023 22:36:01 GMT
server: Golfe2
age: 6496
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=7200
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 20737
expires: Fri, 19 May 2023 20:35:39 GMT

GET
H2

200

invisible.js Show response
www.1clic1don.fr/cdn-cgi/challenge-platform/h/g/scripts/jsd/7fe8adc8/ Frame 3701
Redirect Chain

https://www.1clic1don.fr/cdn-cgi/challenge-platform/scripts/invisible.js
https://www.1clic1don.fr/cdn-cgi/challenge-platform/h/g/scripts/jsd/7fe8adc8/invisible.js

25 KB
12 KB

13ms
13ms

Script
application/javascript

2a06:98c1:3120::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.1clic1don.fr/cdn-cgi/challenge-platform/h/g/scripts/jsd/7fe8adc8/invisible.js

Requested by

Host: lebonheurdesparieurs.blogspot.com
URL: https://lebonheurdesparieurs.blogspot.com/?m=1

Protocol

Server

2a06:98c1:3120::3 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

fb1f4f5db15c1a8b2e3b1116c07cf32a2da1feb77584ae6689a1dfc07d17eaba

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date: Fri, 19 May 2023 20:23:55 GMT
content-encoding: br
x-content-type-options: nosniff
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: accept-encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=BuldVTcVgv%2FmPi77PvevjpmL%2BVogQIlJ7HA2%2F8deunK7bpDr3fY3i%2F0UQSZJ37cerT%2B6eUsvIqA3xCPk1a%2Bt1Bhu1mZw2mq3D%2BYHBCWeEM2BNYLj3PtMdRRnPnkyyffIkcjR%2BcoYf4WWy3oiknG6"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=UTF-8
cache-control: max-age=14400, public
cf-ray: 7c9f0f79cb2b918e-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400

Redirect headers

date: Fri, 19 May 2023 20:23:55 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: accept-encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=w6bx5pogMgSWqUm1BX3vi760GNp1j4a%2BVLoeqV4u4KDCOA9jlS2Jqt8A317mNlcKfpTyehYtJvdMLLjJ8g0IL2auY8C9lK2Ng6Vyhr3cP6tULMHLje%2BPVegBbHmHXw8R%2B0Jrl8v15L%2FGi4eGx87h"}],"group":"cf-nel","max_age":604800}
location: /cdn-cgi/challenge-platform/h/g/scripts/jsd/7fe8adc8/invisible.js
access-control-allow-origin: *
cache-control: max-age=300, public
cf-ray: 7c9f0f79ab0e918e-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400

GET
H3 200 pica.js
www.1clic1don.fr/cdn-cgi/challenge-platform/h/g/scripts/ Frame 3701 6 KB
4 KB 15ms
15ms Other
application/javascript 2a06:98c1:3120::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.1clic1don.fr/cdn-cgi/challenge-platform/h/g/scripts/pica.js

Requested by

Host: lebonheurdesparieurs.blogspot.com
URL: https://lebonheurdesparieurs.blogspot.com/?m=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a06:98c1:3120::3 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

a918480235fb2efcb819d03c3956bd23b94c295018b8de697132e7c60f31b202

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date: Fri, 19 May 2023 20:23:55 GMT
content-encoding: br
x-content-type-options: nosniff
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: accept-encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=uMp0NUQjYnXmHZmJYhR33eiUPXuuV4%2BvApVI4QmTvQrRAvhH3C1m2Gp8rH%2FSsfG8kAaY05tmvLLKkSqc5FDaqH6Lh2cRdV6s3BTZNxSyJEWzs%2FPvLlst8XCwYrcyQPnBZy92BxVTO1L5gxfEEvwl"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=UTF-8
cache-control: max-age=14400, public
cf-ray: 7c9f0f79eece0404-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400

POST
H3 200 7c9f0f78e9fa918e Show response
www.1clic1don.fr/cdn-cgi/challenge-platform/h/g/cv/result/ Frame 3701 2 B
634 B 57ms
57ms XHR
text/plain 2a06:98c1:3120::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://www.1clic1don.fr/cdn-cgi/challenge-platform/h/g/cv/result/7c9f0f78e9fa918e
Requested by: Host: www.1clic1don.fr
URL: https://www.1clic1don.fr/cdn-cgi/challenge-platform/scripts/invisible.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a06:98c1:3120::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 2689367b205c16ce32ed4200942b8b8b1e262dfc70d9bc9fbc77c49699a4f1df

Request headers

Referer
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36
Content-Type: application/json

Response headers

date: Fri, 19 May 2023 20:23:55 GMT
content-encoding: br
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=MLp41rB%2FQMku05XKuvDa%2F7eOKHmB%2B%2BvAiKcHigFODxpG98VqQVBYFn9z1N6HBmZKY45sG7DKV6lTVufYNMn9vcxhsFE11uwnDSNiu8mcnYO0G0TDDxBkN3CE4evcte6E1i5m8d2DuIDwMGjGU2mk"}],"group":"cf-nel","max_age":604800}
content-type: text/plain; charset=UTF-8
cf-ray: 7c9f0f7b48ca0404-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400

GET
H2 200 memSYaGs126MiZpBA-UvWbX2vVnXBbObj2OVZyOOSr4dVJWUgsjZ0B4gaVI.woff2
fonts.gstatic.com/s/opensans/v35/ Frame 6CFD 18 KB
19 KB 34ms
8ms Font
font/woff2 2a00:1450:4001:82b::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/opensans/v35/memSYaGs126MiZpBA-UvWbX2vVnXBbObj2OVZyOOSr4dVJWUgsjZ0B4gaVI.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Open+Sans

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82b::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

441e23601fe7525a142857c98cbb2784997579d51a17f736d7964dceee609709

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://www.zeitverschiebung.net
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date: Sat, 13 May 2023 20:06:50 GMT
x-content-type-options: nosniff
age: 519425
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 18664
x-xss-protection: 0
last-modified: Tue, 02 May 2023 15:19:23 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Sun, 12 May 2024 20:06:50 GMT

GET
H2 200 analytics.js Show response
www.google-analytics.com/ Frame 6CFD 51 KB
20 KB 11ms
10ms Script
text/javascript 2a00:1450:4001:813::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/analytics.js

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=UA-378139-21

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:813::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

e7b90d32907f89c49e9e2a2ccca95133277f756f13a14187936d9b948ff67b44

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.zeitverschiebung.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

strict-transport-security: max-age=10886400; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
date: Fri, 19 May 2023 18:35:39 GMT
last-modified: Mon, 17 Apr 2023 22:36:01 GMT
server: Golfe2
age: 6496
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=7200
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 20737
expires: Fri, 19 May 2023 20:35:39 GMT

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain: lemagicienduturf.free.fr
URL: https://lemagicienduturf.free.fr/images/exelturf.jpg

Verdicts & Comments Add Verdict or Comment

47 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

1 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

			Domain/Path	Expires	Name / Value
			.1clic1don.fr/	1970-01-20 11:55:29	Name: __cf_bm Value: ysOHhv5KRJZs0AF3pCq8pDRyW4tWyUws3bL_e_Df2aU-1684527835-0-Af6Rqzchlu9RqLrLsPFIen8KDi/+hOtA46+L0v0FMOht/NfzhSClZvL2RGhbOe6olcv0tGrKYQ1ABqlRhx7VmkVB4o3HKgHp8iVOon5tCk31

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

ajax.googleapis.com
blogger.googleusercontent.com
fonts.googleapis.com
fonts.gstatic.com
gif.toutimages.com
img.root-top.com
lebonheurdesparieurs.blogspot.com
lemagicienduturf.free.fr
lh3.googleusercontent.com
resources.blogblog.com
static.cloudflareinsights.com
www.1clic1don.fr
www.blogger.com
www.google-analytics.com
www.googletagmanager.com
www.hebdotop.com
www.mega-turf.fr
www.pmu-net.lachezvos.pro
www.pronostic-facile.fr
www.zeitverschiebung.net
lemagicienduturf.free.fr
178.254.1.54
2001:41d0:301::20
212.83.183.115
2606:4700:3034::ac43:c8d8
2606:4700:3035::6815:449a
2606:4700:3038::6815:ea1a
2606:4700::6810:3965
2a00:1450:4001:813::200e
2a00:1450:4001:828::2001
2a00:1450:4001:828::2009
2a00:1450:4001:828::200a
2a00:1450:4001:829::2001
2a00:1450:4001:82b::2003
2a00:1450:4001:82f::200a
2a00:1450:4001:831::2008
2a06:98c1:3120::3
62.210.16.62
01ba4719c80b6fe911b091a7c05124b64eeece964e09c058ef8f9805daca546b
068ffe90977f2b5b2dc2ef18572166e85281bd0ecb31c4902464b23db54d2568
07d0f4176551c5f7d193daae1c95317e9b043ae21b43b15c5baa7392e12c2894
0f96d86056e416e3eca8c08a80ff73729fc73f52328243ea406a098df6af7d61
1184c4d5a74f2d142d7bf8eb620c61cd6cfd0f48da368c14a8ab0da29d70ec6b
13a548e040a1ec08f77911fed1d559b95e5daae0ee227e632140e003c7268e7b
22d4568a71f29fbca7b04a016273d0f5cd8ac060958bcca78e225d9314b66868
2689367b205c16ce32ed4200942b8b8b1e262dfc70d9bc9fbc77c49699a4f1df
3824e70638ae1aaffa5be0c44a9c774a690c3848bcf642b5446118d04e8b72c0
3829a5b2ade7cfc416c80b8f3df71e49e68672875f025d525223978f5cee3fd3
441e23601fe7525a142857c98cbb2784997579d51a17f736d7964dceee609709
477c3edd3387979f3aba9b127bf8d7874ad5a8f70957d0be417a987dca2a7ec1
48c42f319a588fd24e9af38518223438e048599468f36f629db2317d79f29a69
5430710d4542e080be28794f5ffd14de7105561a83f89f9064986ad051781c0e
5e516df49b160c3efcb1ea09dd4c5f5b7c99a23a18a2a882acc379179bdbaacd
64f694b70017debaf123e93523a2ae70355953695165c27391cfe190346573be
668b046d12db350ccba6728890476b3efee53b2f42dbb84743e5e9f1ae0cc404
69f7014f954ee1dce1c6e9fb7d5acaa31918b9ddea175fbe57c37da8ca680d6b
6a4d5227f760e30e5b86f0f48c198e6dd39dfa0cf4e30518dfa8747e23324aaa
7f8140b4307cc838aa666051c24cd45b5e8ada264bd84458fbc90ba125ed2ebf
91d18befaf61db627997ed74c36f16e2c0b5a768ed87755ea9c710120505467c
96ea94ddffb3136c5a9e0b61e8d17d1e98e9657731ca1a45c61260944e649b2b
a918480235fb2efcb819d03c3956bd23b94c295018b8de697132e7c60f31b202
a9ca837900b6ae007386d400f659c233120b8af7d93407fd6475c9180d9e83d2
aed59e8323afae6683109f7202e812c6641c3775e23aac648097cf702f462d1a
b4bf4f9438f30a281ce196377d07925d46e41db45930d81c2948708af0a04f63
b7130ff8d8d5d1fdaec3262b8a42db98bda2b52dc1615efbe7deeb2089625a4f
bc5f84ab56488b20c1136ceef79be6449b7aaf98ab11e399fc972e5c73601f4c
c578f2ac7490097327a70875954fdb63a8e1c07d2f36c117e49a227ba9490254
c96034ed636cd53e9c7d07d5cd8a8f5d4847f54c8e78feadc229e1507ac688cd
ccf00d1923b0131a10e0c6d26f95e5dee6ebf8621a27e83c5a2f68a2e0093142
ce8adc0c107a66b72ed99daad838150877a1cff4d5ed673b14cddf6de148d754
cf21aa15a0ce375e015c2451bf693d37ddca4e2a81b698d30d7bc9a40a009c11
d265615b79f98fdfff370ea32da7b4b02317fc6017b898cfb9c657a65618ac07
d5f09b20ba3be2df8fe20ef4bb05dcbab606988a7bedb0eb3e06094645c9c562
dbd2f2ed985534056858c78ffcc6c6c4837740e515e6e493dc831411d60d6457
e186a1ac6f1cc16cbcdb76924cd20035a0abed77ca9bf01b8882c8f1442b825f
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e440f091fa1af388be7b7fc800187085ed7d0c2bbde02e55e8092480a74a8bb9
e7b90d32907f89c49e9e2a2ccca95133277f756f13a14187936d9b948ff67b44
e97c96837e369b2bdeb1247737819ff2a8a429203bb23bd6f96b82961f5fada5
f6167a4dbe5720f05625c8e46ec14ec363d27188205a322839a85d83909d8a3d
fb1f4f5db15c1a8b2e3b1116c07cf32a2da1feb77584ae6689a1dfc07d17eaba
fbe001e8d2ec155f42ab5d50dafab7450919f9d17d96ffc4a118c9f1d9e5a097

lebonheurdesparieurs.blogspot.com Open in urlscan Pro 2a00:1450:4001:829::2001 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Detected technologies

Page Statistics

50 Requests

84 %HTTPS

82 %IPv6

18 Domains

20 Subdomains

18 IPs

3 Countries

678 kBTransfer

1362 kBSize

1 Cookies

61 Outgoing links

Redirected requests

50 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 0 data transactions

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

lebonheurdesparieurs.blogspot.com Open in urlscan Pro
2a00:1450:4001:829::2001 Public Scan

Screenshot
Live screenshot

Full Image

50
Requests

84 %
HTTPS

82 %
IPv6

18
Domains

20
Subdomains

18
IPs

3
Countries

678 kB
Transfer

1362 kB
Size

1
Cookies

50 HTTP transactions
0 data transactions