lebonheurdesparieurs.blogspot.com Open in urlscan Pro
2a00:1450:4001:829::2001  Public Scan

URL: https://lebonheurdesparieurs.blogspot.com/?m=1
Submission: On May 19 via manual from MA — Scanned from DE

Summary

This website contacted 18 IPs in 3 countries across 18 domains to perform 50 HTTP transactions. The main IP is 2a00:1450:4001:829::2001, located in Frankfurt am Main, Germany and belongs to GOOGLE, US. The main domain is lebonheurdesparieurs.blogspot.com.
TLS certificate: Issued by GTS CA 1C3 on April 24th 2023. Valid for: 3 months.
This is the only time lebonheurdesparieurs.blogspot.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

Apex Domain
Subdomains
Transfer
13 root-top.com
img.root-top.com
50 KB
6 googleusercontent.com
blogger.googleusercontent.com — Cisco Umbrella Rank: 14274
lh3.googleusercontent.com — Cisco Umbrella Rank: 47
16 KB
5 1clic1don.fr
www.1clic1don.fr
17 KB
5 mega-turf.fr
www.mega-turf.fr
173 KB
5 blogger.com
www.blogger.com — Cisco Umbrella Rank: 9258
97 KB
4 pronostic-facile.fr
www.pronostic-facile.fr
9 KB
3 googletagmanager.com
www.googletagmanager.com — Cisco Umbrella Rank: 40
176 KB
2 google-analytics.com
www.google-analytics.com — Cisco Umbrella Rank: 30
41 KB
2 googleapis.com
fonts.googleapis.com — Cisco Umbrella Rank: 35
ajax.googleapis.com — Cisco Umbrella Rank: 320
35 KB
2 hebdotop.com
www.hebdotop.com
920 B
2 toutimages.com
gif.toutimages.com
10 KB
2 blogspot.com
lebonheurdesparieurs.blogspot.com
16 KB
1 gstatic.com
fonts.gstatic.com
19 KB
1 cloudflareinsights.com
static.cloudflareinsights.com — Cisco Umbrella Rank: 875
7 KB
1 zeitverschiebung.net
www.zeitverschiebung.net — Cisco Umbrella Rank: 180714
2 KB
1 blogblog.com
resources.blogblog.com — Cisco Umbrella Rank: 17411
295 B
1 lachezvos.pro
www.pmu-net.lachezvos.pro
9 KB
0 free.fr Failed
lemagicienduturf.free.fr Failed
50 18
Domain Requested by
13 img.root-top.com 6 redirects lebonheurdesparieurs.blogspot.com
5 www.1clic1don.fr 1 redirects www.hebdotop.com
lebonheurdesparieurs.blogspot.com
www.1clic1don.fr
5 www.mega-turf.fr lebonheurdesparieurs.blogspot.com
5 blogger.googleusercontent.com lebonheurdesparieurs.blogspot.com
5 www.blogger.com lebonheurdesparieurs.blogspot.com
www.blogger.com
4 www.pronostic-facile.fr lebonheurdesparieurs.blogspot.com
www.pronostic-facile.fr
static.cloudflareinsights.com
3 www.googletagmanager.com www.zeitverschiebung.net
www.pronostic-facile.fr
2 www.google-analytics.com www.googletagmanager.com
2 www.hebdotop.com lebonheurdesparieurs.blogspot.com
2 gif.toutimages.com lebonheurdesparieurs.blogspot.com
2 lebonheurdesparieurs.blogspot.com lebonheurdesparieurs.blogspot.com
1 fonts.gstatic.com fonts.googleapis.com
1 ajax.googleapis.com www.zeitverschiebung.net
1 fonts.googleapis.com www.zeitverschiebung.net
1 static.cloudflareinsights.com www.pronostic-facile.fr
1 www.zeitverschiebung.net lebonheurdesparieurs.blogspot.com
1 resources.blogblog.com lebonheurdesparieurs.blogspot.com
1 lh3.googleusercontent.com lebonheurdesparieurs.blogspot.com
1 www.pmu-net.lachezvos.pro lebonheurdesparieurs.blogspot.com
0 lemagicienduturf.free.fr Failed lebonheurdesparieurs.blogspot.com
50 20
Subject Issuer Validity Valid
misc-sni.blogspot.com
GTS CA 1C3
2023-04-24 -
2023-07-17
3 months crt.sh
*.blogger.com
GTS CA 1C3
2023-04-24 -
2023-07-17
3 months crt.sh
toutimages.com
R3
2023-02-22 -
2023-05-23
3 months crt.sh
*.googleusercontent.com
GTS CA 1C3
2023-04-24 -
2023-07-17
3 months crt.sh
root-top.com
E1
2023-05-06 -
2023-08-04
3 months crt.sh
www.hebdotop.com
Sectigo RSA Domain Validation Secure Server CA
2022-07-07 -
2023-07-07
a year crt.sh
*.pronostic-facile.fr
GTS CA 1P5
2023-04-11 -
2023-07-10
3 months crt.sh
1clic1don.fr
GTS CA 1P5
2023-04-21 -
2023-07-20
3 months crt.sh
zeitverschiebung.net
R3
2023-04-23 -
2023-07-22
3 months crt.sh
sni.cloudflaressl.com
Cloudflare Inc ECC CA-3
2023-04-10 -
2024-04-09
a year crt.sh
upload.video.google.com
GTS CA 1C3
2023-04-24 -
2023-07-17
3 months crt.sh
*.google-analytics.com
GTS CA 1C3
2023-04-24 -
2023-07-17
3 months crt.sh
*.gstatic.com
GTS CA 1C3
2023-04-24 -
2023-07-17
3 months crt.sh

This page contains 5 frames:

Primary Page: https://lebonheurdesparieurs.blogspot.com/?m=1
Frame ID: AECDA805CE04B637ED88733D1B01D8D4
Requests: 33 HTTP requests in this frame

Frame: https://www.1clic1don.fr/taght.php
Frame ID: 3080597923C21B0B9B961D8AB5C306D8
Requests: 1 HTTP requests in this frame

Frame: https://www.pronostic-facile.fr/widget/partner/quinte_infos/all
Frame ID: B2A9EBE734475B57E805EDCCCA064634
Requests: 6 HTTP requests in this frame

Frame: https://www.zeitverschiebung.net/clock-widget-iframe-v2?language=fr&size=medium&timezone=Europe%2FParis
Frame ID: 6CFD219EAA45B53B925E9BF266D1A827
Requests: 7 HTTP requests in this frame

Frame: https://www.1clic1don.fr/cdn-cgi/challenge-platform/h/g/scripts/jsd/7fe8adc8/invisible.js
Frame ID: 3701A8A2D7F16E3F7579D6F42E4C010B
Requests: 3 HTTP requests in this frame

Screenshot

Page Title

Le Bonheur Des Parieurs

Detected technologies

Overall confidence: 100%
Detected patterns
  • ^https?://[^/]+\.(?:blogspot|blogger)\.com

Overall confidence: 100%
Detected patterns
  • /wp-(?:content|includes)/

Overall confidence: 100%
Detected patterns
  • static\.cloudflareinsights\.com/beacon(?:\.min)?\.js

Overall confidence: 100%
Detected patterns
  • google-analytics\.com/(?:ga|urchin|analytics)\.js

Overall confidence: 100%
Detected patterns
  • googletagmanager\.com/gtag/js

Overall confidence: 100%
Detected patterns
  • /([\d.]+)/jquery(?:\.min)?\.js
  • jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

Page Statistics

50
Requests

84 %
HTTPS

82 %
IPv6

18
Domains

20
Subdomains

18
IPs

3
Countries

678 kB
Transfer

1362 kB
Size

1
Cookies

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 14
  • https://img.root-top.com/topsite/quinte/banner.gif HTTP 302
  • https://www.mega-turf.fr/wp-content/uploads/2017/11/top10.gif
Request Chain 15
  • https://img.root-top.com/topsite/megaturf/banner.gif HTTP 302
  • https://www.mega-turf.fr/wp-content/uploads/2017/06/5.gif
Request Chain 16
  • https://img.root-top.com/topsite/guideturf/banner.gif HTTP 302
  • https://www.mega-turf.fr/wp-content/uploads/2017/06/3.gif
Request Chain 17
  • https://img.root-top.com/topsite/01turf/banner.gif HTTP 302
  • https://www.mega-turf.fr/wp-content/uploads/2017/12/01-turf0.gif
Request Chain 18
  • https://img.root-top.com/topsite/willybill/banner.gif HTTP 302
  • https://www.mega-turf.fr/wp-content/uploads/2017/12/bestof.gif
Request Chain 22
  • https://img.root-top.com/topsite/exelturf/banner.gif HTTP 302
  • https://lemagicienduturf.free.fr/images/exelturf.jpg
Request Chain 23
  • https://img.root-top.com/topsite/pmuchampion/banner.gif HTTP 302
  • https://www.pmu-net.lachezvos.pro/image/pmuchmpi.gif
Request Chain 44
  • https://www.1clic1don.fr/cdn-cgi/challenge-platform/scripts/invisible.js HTTP 302
  • https://www.1clic1don.fr/cdn-cgi/challenge-platform/h/g/scripts/jsd/7fe8adc8/invisible.js

50 HTTP transactions

Resource
Path
Size
x-fer
Type
MIME-Type
Primary Request /
lebonheurdesparieurs.blogspot.com/
131 KB
14 KB
Document
General
Full URL
https://lebonheurdesparieurs.blogspot.com/?m=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:829::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
GSE /
Resource Hash
d5f09b20ba3be2df8fe20ef4bb05dcbab606988a7bedb0eb3e06094645c9c562
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
private, max-age=0
content-encoding
gzip
content-length
14113
content-type
text/html; charset=UTF-8
date
Fri, 19 May 2023 20:23:54 GMT
etag
W/"b5f758cce382403bc2d8083c6e711b0cc4a6341e6a84bde1b0f4b7e08dd5567b"
expires
Fri, 19 May 2023 20:23:54 GMT
last-modified
Fri, 19 May 2023 19:09:10 GMT
server
GSE
x-content-type-options
nosniff
x-xss-protection
1; mode=block
3566091532-css_bundle_v2.css
www.blogger.com/static/v1/widgets/
35 KB
36 KB
Stylesheet
General
Full URL
https://www.blogger.com/static/v1/widgets/3566091532-css_bundle_v2.css
Requested by
Host: lebonheurdesparieurs.blogspot.com
URL: https://lebonheurdesparieurs.blogspot.com/?m=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:828::2009 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
a9ca837900b6ae007386d400f659c233120b8af7d93407fd6475c9180d9e83d2
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://lebonheurdesparieurs.blogspot.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date
Fri, 19 May 2023 15:04:57 GMT
x-content-type-options
nosniff
age
19137
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
35960
x-xss-protection
0
last-modified
Thu, 18 May 2023 17:54:40 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"blogger-tech","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/blogger-tech"}]}
content-type
text/css
cache-control
public, max-age=31536000
accept-ranges
bytes
cross-origin-opener-policy-report-only
same-origin; report-to="blogger-tech"
expires
Sat, 18 May 2024 15:04:57 GMT
authorization.css
www.blogger.com/dyn-css/
1 B
684 B
Stylesheet
General
Full URL
https://www.blogger.com/dyn-css/authorization.css?targetBlogID=9207037990208915533&zx=caa5284d-b535-453b-a7e6-e14a62fac948
Requested by
Host: lebonheurdesparieurs.blogspot.com
URL: https://lebonheurdesparieurs.blogspot.com/?m=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:828::2009 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
GSE /
Resource Hash
01ba4719c80b6fe911b091a7c05124b64eeece964e09c058ef8f9805daca546b
Security Headers
Name Value
Content-Security-Policy script-src 'self' *.google.com *.google-analytics.com 'unsafe-inline' 'unsafe-eval' *.gstatic.com *.googlesyndication.com *.blogger.com *.googleapis.com uds.googleusercontent.com https://s.ytimg.com https://i18n-cloud.appspot.com https://www.youtube.com www-onepick-opensocial.googleusercontent.com www-bloggervideo-opensocial.googleusercontent.com www-blogger-opensocial.googleusercontent.com https://www.blogblog.com; report-uri /cspreport
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://lebonheurdesparieurs.blogspot.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

pragma
no-cache
content-security-policy
script-src 'self' *.google.com *.google-analytics.com 'unsafe-inline' 'unsafe-eval' *.gstatic.com *.googlesyndication.com *.blogger.com *.googleapis.com uds.googleusercontent.com https://s.ytimg.com https://i18n-cloud.appspot.com https://www.youtube.com www-onepick-opensocial.googleusercontent.com www-bloggervideo-opensocial.googleusercontent.com www-blogger-opensocial.googleusercontent.com https://www.blogblog.com; report-uri /cspreport
date
Fri, 19 May 2023 20:23:54 GMT
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Fri, 19 May 2023 20:23:54 GMT
server
GSE
x-frame-options
SAMEORIGIN
p3p
CP="This is not a P3P policy! See https://www.google.com/support/accounts/bin/answer.py?hl=en&answer=151657 for more info."
content-type
text/css; charset=UTF-8
cache-control
no-cache, no-store, max-age=0, must-revalidate
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
21
x-xss-protection
1; mode=block
expires
Mon, 01 Jan 1990 00:00:00 GMT
cheval_069.gif
gif.toutimages.com/images/ani_ferme/chevaux/
10 KB
10 KB
Image
General
Full URL
https://gif.toutimages.com/images/ani_ferme/chevaux/cheval_069.gif
Requested by
Host: lebonheurdesparieurs.blogspot.com
URL: https://lebonheurdesparieurs.blogspot.com/?m=1
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
62.210.16.62 , France, ASN12876 (Online SAS, FR),
Reverse DNS
pf-lb-2.online.net
Software
nginx /
Resource Hash
1184c4d5a74f2d142d7bf8eb620c61cd6cfd0f48da368c14a8ab0da29d70ec6b

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://lebonheurdesparieurs.blogspot.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

Date
Fri, 19 May 2023 20:23:54 GMT
Last-Modified
Mon, 04 Aug 2014 11:04:33 GMT
server
nginx
ETag
"269a-4ffcbb42af240"
Content-Type
image/gif
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
9882
AVvXsEg76Ce6OxsIiHC1oDGtCy948zbKI_-WwOacso5NLCbMvArrONycsks2lgN2A_e7AO3GT0xw86gHmMRuOcyfotCx5GOcHGoe7yJ7Qk_dD5s5qDhPPSYSP8tf0h862dYvVoRKSSaN_BtRRpqaFM4kMCN9v0LI5SatFaaZTRqNlZZYlhtLLeEMRbqVaiQj=w122...
blogger.googleusercontent.com/img/a/
2 KB
2 KB
Image
General
Full URL
https://blogger.googleusercontent.com/img/a/AVvXsEg76Ce6OxsIiHC1oDGtCy948zbKI_-WwOacso5NLCbMvArrONycsks2lgN2A_e7AO3GT0xw86gHmMRuOcyfotCx5GOcHGoe7yJ7Qk_dD5s5qDhPPSYSP8tf0h862dYvVoRKSSaN_BtRRpqaFM4kMCN9v0LI5SatFaaZTRqNlZZYlhtLLeEMRbqVaiQj=w122-h56
Requested by
Host: lebonheurdesparieurs.blogspot.com
URL: https://lebonheurdesparieurs.blogspot.com/?m=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:828::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
fife /
Resource Hash
0f96d86056e416e3eca8c08a80ff73729fc73f52328243ea406a098df6af7d61
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://lebonheurdesparieurs.blogspot.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date
Fri, 19 May 2023 20:23:54 GMT
x-content-type-options
nosniff
server
fife
etag
"v24c"
vary
Origin
content-type
image/jpeg
access-control-expose-headers
Content-Length
cache-control
public, max-age=86400, no-transform
content-disposition
inline;filename="images a.jpg"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
1642
x-xss-protection
0
expires
Sat, 20 May 2023 20:23:54 GMT
AVvXsEjrPGw05GXD68b9EnlAtC6fp5NqI7o-Ql981Fl6pi8WxKFlR6O4CniKiGIGsgi7-QHphbbHdMh1OJgjZlthQkrN2ltN6fNrswyw8CHNWhwJuAGApikP0VMZFDuqS5cl0ugRFKm0mWodrUcJRw44z93yLlurLpqXR60rfNaCS2Becr3tQSC_7vBXOhvM=w111...
blogger.googleusercontent.com/img/a/
2 KB
2 KB
Image
General
Full URL
https://blogger.googleusercontent.com/img/a/AVvXsEjrPGw05GXD68b9EnlAtC6fp5NqI7o-Ql981Fl6pi8WxKFlR6O4CniKiGIGsgi7-QHphbbHdMh1OJgjZlthQkrN2ltN6fNrswyw8CHNWhwJuAGApikP0VMZFDuqS5cl0ugRFKm0mWodrUcJRw44z93yLlurLpqXR60rfNaCS2Becr3tQSC_7vBXOhvM=w111-h60
Requested by
Host: lebonheurdesparieurs.blogspot.com
URL: https://lebonheurdesparieurs.blogspot.com/?m=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:828::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
fife /
Resource Hash
3824e70638ae1aaffa5be0c44a9c774a690c3848bcf642b5446118d04e8b72c0
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://lebonheurdesparieurs.blogspot.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date
Fri, 19 May 2023 20:23:55 GMT
x-content-type-options
nosniff
server
fife
etag
"v254"
vary
Origin
content-type
image/jpeg
access-control-expose-headers
Content-Length
cache-control
public, max-age=86400, no-transform
content-disposition
inline;filename="images g.jpg"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
2397
x-xss-protection
0
expires
Sat, 20 May 2023 20:23:55 GMT
AVvXsEgvPtFaVaLohs6ZYtNTjW8f5gyRwAu57HWwr8zkJyuJjrbmTuNTDojK2A0P4jpCMueTtVnIW7yWXQP5ZjbcMeoQiexj4JVd-taNtPU_Ed0-VZ0y9cZpK655d5ZNzDl6i1dfeuKYhld4AQ_qM-jx6Bg1xOqdBiHFKPg0HDWW5qfFJhiojFBcO_sqj0Zc=w117...
blogger.googleusercontent.com/img/a/
4 KB
4 KB
Image
General
Full URL
https://blogger.googleusercontent.com/img/a/AVvXsEgvPtFaVaLohs6ZYtNTjW8f5gyRwAu57HWwr8zkJyuJjrbmTuNTDojK2A0P4jpCMueTtVnIW7yWXQP5ZjbcMeoQiexj4JVd-taNtPU_Ed0-VZ0y9cZpK655d5ZNzDl6i1dfeuKYhld4AQ_qM-jx6Bg1xOqdBiHFKPg0HDWW5qfFJhiojFBcO_sqj0Zc=w117-h58
Requested by
Host: lebonheurdesparieurs.blogspot.com
URL: https://lebonheurdesparieurs.blogspot.com/?m=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:828::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
fife /
Resource Hash
bc5f84ab56488b20c1136ceef79be6449b7aaf98ab11e399fc972e5c73601f4c
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://lebonheurdesparieurs.blogspot.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date
Fri, 19 May 2023 20:23:54 GMT
x-content-type-options
nosniff
server
fife
etag
"v250"
vary
Origin
content-type
image/jpeg
access-control-expose-headers
Content-Length
cache-control
public, max-age=86400, no-transform
content-disposition
inline;filename="B9731436140Z.1_20220705141654_000+GMAKRAA2T.2-0 c.jpg"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
3878
x-xss-protection
0
expires
Sat, 20 May 2023 20:23:54 GMT
fleche_012.gif
gif.toutimages.com/images/webmaster/fleches/
361 B
597 B
Image
General
Full URL
https://gif.toutimages.com/images/webmaster/fleches/fleche_012.gif
Requested by
Host: lebonheurdesparieurs.blogspot.com
URL: https://lebonheurdesparieurs.blogspot.com/?m=1
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
62.210.16.62 , France, ASN12876 (Online SAS, FR),
Reverse DNS
pf-lb-2.online.net
Software
nginx /
Resource Hash
fbe001e8d2ec155f42ab5d50dafab7450919f9d17d96ffc4a118c9f1d9e5a097

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://lebonheurdesparieurs.blogspot.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

Date
Fri, 19 May 2023 20:23:54 GMT
Last-Modified
Mon, 04 Aug 2014 12:45:11 GMT
server
nginx
ETag
"169-4ffcd1c0f83c0"
Content-Type
image/gif
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
361
AVvXsEjrPGw05GXD68b9EnlAtC6fp5NqI7o-Ql981Fl6pi8WxKFlR6O4CniKiGIGsgi7-QHphbbHdMh1OJgjZlthQkrN2ltN6fNrswyw8CHNWhwJuAGApikP0VMZFDuqS5cl0ugRFKm0mWodrUcJRw44z93yLlurLpqXR60rfNaCS2Becr3tQSC_7vBXOhvM=w116...
blogger.googleusercontent.com/img/a/
2 KB
2 KB
Image
General
Full URL
https://blogger.googleusercontent.com/img/a/AVvXsEjrPGw05GXD68b9EnlAtC6fp5NqI7o-Ql981Fl6pi8WxKFlR6O4CniKiGIGsgi7-QHphbbHdMh1OJgjZlthQkrN2ltN6fNrswyw8CHNWhwJuAGApikP0VMZFDuqS5cl0ugRFKm0mWodrUcJRw44z93yLlurLpqXR60rfNaCS2Becr3tQSC_7vBXOhvM=w116-h60
Requested by
Host: lebonheurdesparieurs.blogspot.com
URL: https://lebonheurdesparieurs.blogspot.com/?m=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:828::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
fife /
Resource Hash
3824e70638ae1aaffa5be0c44a9c774a690c3848bcf642b5446118d04e8b72c0
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://lebonheurdesparieurs.blogspot.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date
Fri, 19 May 2023 20:23:54 GMT
x-content-type-options
nosniff
server
fife
etag
"v254"
vary
Origin
content-type
image/jpeg
access-control-expose-headers
Content-Length
cache-control
public, max-age=86400, no-transform
content-disposition
inline;filename="images g.jpg"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
2397
x-xss-protection
0
expires
Sat, 20 May 2023 20:23:54 GMT
AVvXsEgvPtFaVaLohs6ZYtNTjW8f5gyRwAu57HWwr8zkJyuJjrbmTuNTDojK2A0P4jpCMueTtVnIW7yWXQP5ZjbcMeoQiexj4JVd-taNtPU_Ed0-VZ0y9cZpK655d5ZNzDl6i1dfeuKYhld4AQ_qM-jx6Bg1xOqdBiHFKPg0HDWW5qfFJhiojFBcO_sqj0Zc=w120...
blogger.googleusercontent.com/img/a/
4 KB
4 KB
Image
General
Full URL
https://blogger.googleusercontent.com/img/a/AVvXsEgvPtFaVaLohs6ZYtNTjW8f5gyRwAu57HWwr8zkJyuJjrbmTuNTDojK2A0P4jpCMueTtVnIW7yWXQP5ZjbcMeoQiexj4JVd-taNtPU_Ed0-VZ0y9cZpK655d5ZNzDl6i1dfeuKYhld4AQ_qM-jx6Bg1xOqdBiHFKPg0HDWW5qfFJhiojFBcO_sqj0Zc=w120-h58
Requested by
Host: lebonheurdesparieurs.blogspot.com
URL: https://lebonheurdesparieurs.blogspot.com/?m=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:828::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
fife /
Resource Hash
bc5f84ab56488b20c1136ceef79be6449b7aaf98ab11e399fc972e5c73601f4c
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://lebonheurdesparieurs.blogspot.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date
Fri, 19 May 2023 20:23:54 GMT
x-content-type-options
nosniff
server
fife
etag
"v250"
vary
Origin
content-type
image/jpeg
access-control-expose-headers
Content-Length
cache-control
public, max-age=86400, no-transform
content-disposition
inline;filename="B9731436140Z.1_20220705141654_000+GMAKRAA2T.2-0 c.jpg"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
3878
x-xss-protection
0
expires
Sat, 20 May 2023 20:23:54 GMT
banner.gif
img.root-top.com/topsite/47576060/
0
321 B
Image
General
Full URL
https://img.root-top.com/topsite/47576060/banner.gif
Requested by
Host: lebonheurdesparieurs.blogspot.com
URL: https://lebonheurdesparieurs.blogspot.com/?m=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3038::6815:ea1a , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://lebonheurdesparieurs.blogspot.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date
Fri, 19 May 2023 20:23:55 GMT
cf-cache-status
BYPASS
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=tQENSouBFr%2BhsL0NLCwRVm9FpHyidEwJtRk%2FA76yUu3sbBY%2FQ4b6uTJ8abifyxbJC5rYRL5Wr5DPs5CHTBYFwLAa4MVYvdDG4%2FKbAasxajFAefJPIwAGsMhnxKagaqDGzfU1PE1UMhL6VKcw8nOa"}],"group":"cf-nel","max_age":604800}
content-type
text/html; charset=UTF-8
cf-ray
7c9f0f76ef154141-LHR
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
banner.gif
img.root-top.com/topsite/equidiagallop01/
3 KB
4 KB
Image
General
Full URL
https://img.root-top.com/topsite/equidiagallop01/banner.gif
Requested by
Host: lebonheurdesparieurs.blogspot.com
URL: https://lebonheurdesparieurs.blogspot.com/?m=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3038::6815:ea1a , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b7130ff8d8d5d1fdaec3262b8a42db98bda2b52dc1615efbe7deeb2089625a4f

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://lebonheurdesparieurs.blogspot.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date
Fri, 19 May 2023 20:23:54 GMT
cf-cache-status
HIT
last-modified
Thu, 18 May 2023 14:17:41 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
age
108373
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=rD44piokwrSD%2F3hlycU3EZUD%2BoJo402fSoZ6VPN3YagQxGJeoqj0zfpYmVvtsAmGd3Ve1xPloUPjq8Q3ZQih%2FCpFd%2Fz15IpItT9yY54FhPiBBC7j0Crs01ddeAFxe9ZI4ZlOT9mbly4QRAuX0gc5"}],"group":"cf-nel","max_age":604800}
content-type
image/gif
cache-control
max-age=14400, must-revalidate
accept-ranges
bytes
cf-ray
7c9f0f76ef184141-LHR
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
3179
expires
Sun, 21 May 2023 14:17:41 GMT
banner.gif
img.root-top.com/topsite/starcourses/
11 KB
11 KB
Image
General
Full URL
https://img.root-top.com/topsite/starcourses/banner.gif
Requested by
Host: lebonheurdesparieurs.blogspot.com
URL: https://lebonheurdesparieurs.blogspot.com/?m=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3038::6815:ea1a , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
477c3edd3387979f3aba9b127bf8d7874ad5a8f70957d0be417a987dca2a7ec1

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://lebonheurdesparieurs.blogspot.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date
Fri, 19 May 2023 20:23:54 GMT
cf-cache-status
HIT
last-modified
Thu, 18 May 2023 14:17:41 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
age
108373
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=yaCJwL3ZjhT%2FWx39fg%2BJg5BCi4hgeonwWoTLA5tXZygKJdBtvV%2Bnn1uYzuOIVRejtGaRqQUjOtWe6q%2F85edvV0NxdDUNRdsTZ%2Fr8Ioeeo4oRz%2FTTWSEWwSt11wirf4qO2maKWBjnGSeq5iymeNp6"}],"group":"cf-nel","max_age":604800}
content-type
image/gif
cache-control
max-age=14400, must-revalidate
accept-ranges
bytes
cf-ray
7c9f0f76ef194141-LHR
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
11445
expires
Sun, 21 May 2023 14:17:41 GMT
hebdotop.eur
www.hebdotop.com/cgi-bin/
381 B
531 B
Script
General
Full URL
https://www.hebdotop.com/cgi-bin/hebdotop.eur?id=308589
Requested by
Host: lebonheurdesparieurs.blogspot.com
URL: https://lebonheurdesparieurs.blogspot.com/?m=1
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
212.83.183.115 , France, ASN12876 (Online SAS, FR),
Reverse DNS
www.allosponsor.com
Software
Apache/2.2.22 (Debian) /
Resource Hash
07d0f4176551c5f7d193daae1c95317e9b043ae21b43b15c5baa7392e12c2894

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://lebonheurdesparieurs.blogspot.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

Date
Fri, 19 May 2023 20:21:24 GMT
Content-Encoding
gzip
Server
Apache/2.2.22 (Debian)
Vary
Accept-Encoding
Transfer-Encoding
chunked
Content-Type
text/html
Connection
Keep-Alive
Keep-Alive
timeout=15, max=100
banner.gif
img.root-top.com/topsite/turf/
6 KB
7 KB
Image
General
Full URL
https://img.root-top.com/topsite/turf/banner.gif
Requested by
Host: lebonheurdesparieurs.blogspot.com
URL: https://lebonheurdesparieurs.blogspot.com/?m=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3038::6815:ea1a , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
96ea94ddffb3136c5a9e0b61e8d17d1e98e9657731ca1a45c61260944e649b2b

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://lebonheurdesparieurs.blogspot.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date
Fri, 19 May 2023 20:23:54 GMT
cf-cache-status
HIT
last-modified
Thu, 18 May 2023 13:42:47 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
age
110467
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=pFnoPuebV0G7w3LkPiTL64P6qKg2qUDUj3IrZSHLV1%2BjgTZrkrf%2FI4qrYt7fNs%2BPOals8OHyaEOJ8GEq9H05A7m9rCogQ2aRjhHAg%2FUfl4dw7N0gB%2FcsnEMUJlUR76P3jlSnN8Yjt3PCYTdKLY2w"}],"group":"cf-nel","max_age":604800}
content-type
image/gif
cache-control
max-age=14400, must-revalidate
accept-ranges
bytes
cf-ray
7c9f0f76ef1b4141-LHR
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
6364
expires
Sun, 21 May 2023 13:42:47 GMT
top10.gif
www.mega-turf.fr/wp-content/uploads/2017/11/
Redirect Chain
  • https://img.root-top.com/topsite/quinte/banner.gif
  • https://www.mega-turf.fr/wp-content/uploads/2017/11/top10.gif
22 KB
22 KB
Image
General
Full URL
https://www.mega-turf.fr/wp-content/uploads/2017/11/top10.gif
Requested by
Host: lebonheurdesparieurs.blogspot.com
URL: https://lebonheurdesparieurs.blogspot.com/?m=1
Protocol
H2
Server
2606:4700:3035::6815:449a , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e440f091fa1af388be7b7fc800187085ed7d0c2bbde02e55e8092480a74a8bb9

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://lebonheurdesparieurs.blogspot.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date
Fri, 19 May 2023 20:23:55 GMT
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
2056608
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
22328
last-modified
Thu, 23 Nov 2017 09:08:40 GMT
server
cloudflare
etag
"5a169018-5738"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=OrajGFptmXiVJoBb1prFXFQi9lQz8FnBk1W4HCNwGq4IW2MC73EYIBe7Lts7RkCH341wvEJPlwDqJgyldDtjS36FFQttj%2Flqs1RtYUOTLDdGIeOzxD5Mz5rBF%2FEAw0ZB0mx31iWrh0IMV6l5CIfb"}],"group":"cf-nel","max_age":604800}
content-type
image/gif
cache-control
max-age=315360000
accept-ranges
bytes
cf-ray
7c9f0f7dba539101-FRA
expires
Thu, 31 Dec 2037 23:55:55 GMT

Redirect headers

date
Fri, 19 May 2023 20:23:55 GMT
cf-cache-status
BYPASS
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=FIIx%2FYpVD1IOXMspBzXOLCBdoNr6yrOyhMddB4%2BX6yERZITTHD8POtAYqj3wWqKbWr3hpgUeCQOJc94NNHm%2B0%2BLXjfhuKs0epcLwtj3y4aVafKp%2FygRRJiTNzYYge8U63vhMY1M%2BQE2EvtjZvUcS"}],"group":"cf-nel","max_age":604800}
content-type
text/html; charset=UTF-8
location
https://www.mega-turf.fr/wp-content/uploads/2017/11/top10.gif
cf-ray
7c9f0f76ef1d4141-LHR
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
5.gif
www.mega-turf.fr/wp-content/uploads/2017/06/
Redirect Chain
  • https://img.root-top.com/topsite/megaturf/banner.gif
  • https://www.mega-turf.fr/wp-content/uploads/2017/06/5.gif
27 KB
28 KB
Image
General
Full URL
https://www.mega-turf.fr/wp-content/uploads/2017/06/5.gif
Requested by
Host: lebonheurdesparieurs.blogspot.com
URL: https://lebonheurdesparieurs.blogspot.com/?m=1
Protocol
H2
Server
2606:4700:3035::6815:449a , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
69f7014f954ee1dce1c6e9fb7d5acaa31918b9ddea175fbe57c37da8ca680d6b

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://lebonheurdesparieurs.blogspot.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date
Fri, 19 May 2023 20:23:55 GMT
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
1924910
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
27601
last-modified
Sun, 25 Jun 2017 11:18:37 GMT
server
cloudflare
etag
"594f9c0d-6bd1"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=ohqBtEH0Lju87gdlsM2k7xfnoWrcM%2Bts9LfI5yHYND5xUWDWvxbQIywAUlsv1k3wSUrcfwn1jcNtVnc3tluGY22O%2B0nl0I5ypNHxwet28n2eQLAIn1HRc%2FOlzzg0X5HohhzadUC4ZEH5JObwSdMr"}],"group":"cf-nel","max_age":604800}
content-type
image/gif
cache-control
max-age=315360000
accept-ranges
bytes
cf-ray
7c9f0f7d59fc9101-FRA
expires
Thu, 31 Dec 2037 23:55:55 GMT

Redirect headers

date
Fri, 19 May 2023 20:23:55 GMT
cf-cache-status
BYPASS
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=w0v6aqhpQlfUjws4mae0i%2BIii23Mky9AwtFxDIJsBBFpWAq4QkvO5v%2B85zFnggUZyya%2FtPzXrwaTsPZtJKXtqdjiy5ITtFOYa1g4HciH7TEWmpEJom2annYvkh5oDDMGH7yuMl%2Fpjf5wghSgshxg"}],"group":"cf-nel","max_age":604800}
content-type
text/html; charset=UTF-8
location
https://www.mega-turf.fr/wp-content/uploads/2017/06/5.gif
cf-ray
7c9f0f76ff2a4141-LHR
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
3.gif
www.mega-turf.fr/wp-content/uploads/2017/06/
Redirect Chain
  • https://img.root-top.com/topsite/guideturf/banner.gif
  • https://www.mega-turf.fr/wp-content/uploads/2017/06/3.gif
6 KB
6 KB
Image
General
Full URL
https://www.mega-turf.fr/wp-content/uploads/2017/06/3.gif
Requested by
Host: lebonheurdesparieurs.blogspot.com
URL: https://lebonheurdesparieurs.blogspot.com/?m=1
Protocol
H2
Server
2606:4700:3035::6815:449a , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e97c96837e369b2bdeb1247737819ff2a8a429203bb23bd6f96b82961f5fada5

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://lebonheurdesparieurs.blogspot.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date
Fri, 19 May 2023 20:23:55 GMT
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
1917735
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
6009
last-modified
Sun, 25 Jun 2017 11:18:19 GMT
server
cloudflare
etag
"594f9bfb-1779"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=4s5foZVh7WJHrvOPlXg2qazA03ymJ5b9Ip85732jMKiWcO73keTcxMQtoL0bT7wQsY3LOfRu7Vao1YelwGNjgqqUyK4bei%2B%2B%2BXGTAz0vLIkbTxCrGI6hAtI4wRvgGFCI2y0p6V2q0LuUgSatB5fQ"}],"group":"cf-nel","max_age":604800}
content-type
image/gif
cache-control
max-age=315360000
accept-ranges
bytes
cf-ray
7c9f0f7d59fd9101-FRA
expires
Thu, 31 Dec 2037 23:55:55 GMT

Redirect headers

date
Fri, 19 May 2023 20:23:55 GMT
cf-cache-status
BYPASS
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=dx8MEU%2B8e2kKjwzarHPEegFl0cfbM5vjNMXgpcbyuQ%2FhlKrsTjI34lqy8Ns7QTL0DwYjyvQlnxSWuE5qOK003K9FE948j04J2QFI1Y65I8ODz7kBla6lGNZBzlYtYNChhyPuOdfnFHGijmCMpVqD"}],"group":"cf-nel","max_age":604800}
content-type
text/html; charset=UTF-8
location
https://www.mega-turf.fr/wp-content/uploads/2017/06/3.gif
cf-ray
7c9f0f76ff2c4141-LHR
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
01-turf0.gif
www.mega-turf.fr/wp-content/uploads/2017/12/
Redirect Chain
  • https://img.root-top.com/topsite/01turf/banner.gif
  • https://www.mega-turf.fr/wp-content/uploads/2017/12/01-turf0.gif
105 KB
106 KB
Image
General
Full URL
https://www.mega-turf.fr/wp-content/uploads/2017/12/01-turf0.gif
Requested by
Host: lebonheurdesparieurs.blogspot.com
URL: https://lebonheurdesparieurs.blogspot.com/?m=1
Protocol
H2
Server
2606:4700:3035::6815:449a , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
91d18befaf61db627997ed74c36f16e2c0b5a768ed87755ea9c710120505467c

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://lebonheurdesparieurs.blogspot.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date
Fri, 19 May 2023 20:23:55 GMT
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
815777
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
107801
last-modified
Sun, 03 Dec 2017 21:54:18 GMT
server
cloudflare
etag
"5a24728a-1a519"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=aH5OXUOwMjIbfmbqgSuRP18nW%2FNDoZ90nGVKjauBe9%2B8wzs3U0bbGbIxK62rZ3dKdptNfFqAWQ0zQM%2FQvxGfPjLO4JiJt11cdv708BAo8zCB6kTxpvrn2nkFZQaexHjecASuZ5grIQPQwxUjtDOZ"}],"group":"cf-nel","max_age":604800}
content-type
image/gif
cache-control
max-age=315360000
accept-ranges
bytes
cf-ray
7c9f0f7dca639101-FRA
expires
Thu, 31 Dec 2037 23:55:55 GMT

Redirect headers

date
Fri, 19 May 2023 20:23:55 GMT
cf-cache-status
BYPASS
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=1prpoBzBSYpGd9Jf4%2B5tcRlKnaCWrLDegLdWM9MVkSk2SLM8lskGMtwkPtsJ1%2BC2KvUuCwjdPiB%2B99UJod3RU4Qm7goWS37L4c5A1J6DD8gAi53YlT4rHcCfLBDRcCoK6Uas%2BHREX7nvhiR69MoY"}],"group":"cf-nel","max_age":604800}
content-type
text/html; charset=UTF-8
location
https://www.mega-turf.fr/wp-content/uploads/2017/12/01-turf0.gif
cf-ray
7c9f0f76ff2d4141-LHR
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
bestof.gif
www.mega-turf.fr/wp-content/uploads/2017/12/
Redirect Chain
  • https://img.root-top.com/topsite/willybill/banner.gif
  • https://www.mega-turf.fr/wp-content/uploads/2017/12/bestof.gif
11 KB
12 KB
Image
General
Full URL
https://www.mega-turf.fr/wp-content/uploads/2017/12/bestof.gif
Requested by
Host: lebonheurdesparieurs.blogspot.com
URL: https://lebonheurdesparieurs.blogspot.com/?m=1
Protocol
H2
Server
2606:4700:3035::6815:449a , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
7f8140b4307cc838aa666051c24cd45b5e8ada264bd84458fbc90ba125ed2ebf

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://lebonheurdesparieurs.blogspot.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date
Fri, 19 May 2023 20:23:55 GMT
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
355082
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
11718
last-modified
Sun, 03 Dec 2017 22:24:33 GMT
server
cloudflare
etag
"5a2479a1-2dc6"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=3%2B8Ahev7zri5jMXxYu6CgByWtjJcC3YPhwg4wnc69BxBSz%2BMgUULOqGhUq189UkumjteyUvn6RovryxC1Lo52Be%2FtAfTZd0bcoKNaEHYu42nL7YJa6CvIRnXc8ic%2BqU8BTcmVTAZTnZct0oNpLy4"}],"group":"cf-nel","max_age":604800}
content-type
image/gif
cache-control
max-age=315360000
accept-ranges
bytes
cf-ray
7c9f0f7dba549101-FRA
expires
Thu, 31 Dec 2037 23:55:55 GMT

Redirect headers

date
Fri, 19 May 2023 20:23:55 GMT
cf-cache-status
BYPASS
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Jl5OcTiUE4y%2F%2B%2B2KIArza4EJQrPA5zTCIus3blQJRdK6T8dk5b63rp7Do31fpQ76l44BM%2FxXA8%2FRA0ZZjSJDl7lza2knAWEPZrnm4pw%2FKmFJWZh0xs2sb01EA8MLi5nBEg%2FGNg%2F95mD9XbgoXg7s"}],"group":"cf-nel","max_age":604800}
content-type
text/html; charset=UTF-8
location
https://www.mega-turf.fr/wp-content/uploads/2017/12/bestof.gif
cf-ray
7c9f0f770f444141-LHR
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
banner.gif
img.root-top.com/topsite/toppronosturf/
10 KB
10 KB
Image
General
Full URL
https://img.root-top.com/topsite/toppronosturf/banner.gif
Requested by
Host: lebonheurdesparieurs.blogspot.com
URL: https://lebonheurdesparieurs.blogspot.com/?m=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3038::6815:ea1a , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
ce8adc0c107a66b72ed99daad838150877a1cff4d5ed673b14cddf6de148d754

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://lebonheurdesparieurs.blogspot.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date
Fri, 19 May 2023 20:23:54 GMT
cf-cache-status
HIT
last-modified
Thu, 18 May 2023 13:49:14 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
age
110080
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=13z%2BpHEImcDxtFKWG8LCy45%2FxalIZIH83orjhKt3EUH1yISJV8Y6dNUGPaxFYUpmWWqrOl195T%2FUMmRsKLy1mbZSJ22RfsumZlju9J22ouGPIG91xsKWKjStO%2BmUnjyxdIhWROA5QHgQtwgxHzFk"}],"group":"cf-nel","max_age":604800}
content-type
image/gif
cache-control
max-age=14400, must-revalidate
accept-ranges
bytes
cf-ray
7c9f0f770f464141-LHR
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
9824
expires
Sun, 21 May 2023 13:49:14 GMT
banner.gif
img.root-top.com/topsite/etoiledujourturf/
13 KB
13 KB
Image
General
Full URL
https://img.root-top.com/topsite/etoiledujourturf/banner.gif
Requested by
Host: lebonheurdesparieurs.blogspot.com
URL: https://lebonheurdesparieurs.blogspot.com/?m=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3038::6815:ea1a , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e186a1ac6f1cc16cbcdb76924cd20035a0abed77ca9bf01b8882c8f1442b825f

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://lebonheurdesparieurs.blogspot.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date
Fri, 19 May 2023 20:23:54 GMT
cf-cache-status
HIT
last-modified
Fri, 19 May 2023 19:08:07 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
age
4547
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=dL4qmqmCBIOxBmdzjrNQJmVNmqNq58kDVHIkUCCPXY3buCOrsRVuAXomECPhMdxEGLoA%2BIK1dAjU2c3r83uQjTvk5pVoy6UybKVYld91vlQ3l1K01pP7oVfDUYmA438%2B4XO6R1rvZfkrg%2Bvlvwj1"}],"group":"cf-nel","max_age":604800}
content-type
image/gif
cache-control
max-age=14400, must-revalidate
accept-ranges
bytes
cf-ray
7c9f0f770f484141-LHR
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
13218
expires
Mon, 22 May 2023 19:08:07 GMT
banner.gif
img.root-top.com/topsite/secrets/
3 KB
3 KB
Image
General
Full URL
https://img.root-top.com/topsite/secrets/banner.gif
Requested by
Host: lebonheurdesparieurs.blogspot.com
URL: https://lebonheurdesparieurs.blogspot.com/?m=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3038::6815:ea1a , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
5430710d4542e080be28794f5ffd14de7105561a83f89f9064986ad051781c0e

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://lebonheurdesparieurs.blogspot.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date
Fri, 19 May 2023 20:23:54 GMT
cf-cache-status
HIT
last-modified
Thu, 18 May 2023 14:58:13 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
age
105941
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=9JwluOVyCV2ASkNInQM7Nh8OMUTHEHnoOWdshOi9oTjjTTbZfPYJSPpcfI0g9i4AKypBSCMcdY1hKbcFnftAcybt8LN8oMwRv1nYM2ve3CiOjw6xMKPEnOjgZe6uZ%2BxzgnRC1bVREdY4pT03S3h7"}],"group":"cf-nel","max_age":604800}
content-type
image/gif
cache-control
max-age=14400, must-revalidate
accept-ranges
bytes
cf-ray
7c9f0f770f494141-LHR
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
3133
expires
Sun, 21 May 2023 14:58:13 GMT
exelturf.jpg
lemagicienduturf.free.fr/images/
Redirect Chain
  • https://img.root-top.com/topsite/exelturf/banner.gif
  • https://lemagicienduturf.free.fr/images/exelturf.jpg
0
0

pmuchmpi.gif
www.pmu-net.lachezvos.pro/image/
Redirect Chain
  • https://img.root-top.com/topsite/pmuchampion/banner.gif
  • https://www.pmu-net.lachezvos.pro/image/pmuchmpi.gif
9 KB
9 KB
Image
General
Full URL
https://www.pmu-net.lachezvos.pro/image/pmuchmpi.gif
Requested by
Host: lebonheurdesparieurs.blogspot.com
URL: https://lebonheurdesparieurs.blogspot.com/?m=1
Protocol
H2
Server
2001:41d0:301::20 , France, ASN16276 (OVH, FR),
Reverse DNS
Software
Apache /
Resource Hash
aed59e8323afae6683109f7202e812c6641c3775e23aac648097cf702f462d1a

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://lebonheurdesparieurs.blogspot.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date
Fri, 19 May 2023 20:23:56 GMT
last-modified
Sun, 01 Dec 2019 13:31:47 GMT
server
Apache
content-type
image/gif
cache-control
max-age=900
accept-ranges
bytes
content-length
9008
expires
Fri, 19 May 2023 20:38:56 GMT

Redirect headers

date
Fri, 19 May 2023 20:23:55 GMT
cf-cache-status
BYPASS
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=2Ot9rYEpaec%2FCl%2BwUl0Hf%2BbeCUgjPIaNq8rUkFYBWmiKyvh3MFfRC8sxpOwTRkfFXdirEYSgTDkb0f1sbiTwDsFDw1HAt9tQeswuDK1%2BHzxHsmX5n%2Bz1YzkvvT4WHixd7R3JAy4q3Q7RdgFQd3wQ"}],"group":"cf-nel","max_age":604800}
content-type
text/html; charset=UTF-8
location
http://www.pmu-net.lachezvos.pro/image/pmuchmpi.gif
cf-ray
7c9f0f770f4b4141-LHR
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
AByxGDTHgxs-x5BRFHxLFdrZgdjtk-vzCK1tKfh7S8wQI2I2mOQybaM-fMeYCe-lk854CZ0h8zMtf9wGjEGhnTokmgB7nsS8xSEx3ntaWLsfO_OSsQBTmQ=s0-d
lh3.googleusercontent.com/blogger_img_proxy/
2 KB
2 KB
Image
General
Full URL
https://lh3.googleusercontent.com/blogger_img_proxy/AByxGDTHgxs-x5BRFHxLFdrZgdjtk-vzCK1tKfh7S8wQI2I2mOQybaM-fMeYCe-lk854CZ0h8zMtf9wGjEGhnTokmgB7nsS8xSEx3ntaWLsfO_OSsQBTmQ=s0-d
Requested by
Host: lebonheurdesparieurs.blogspot.com
URL: https://lebonheurdesparieurs.blogspot.com/?m=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:828::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
fife /
Resource Hash
dbd2f2ed985534056858c78ffcc6c6c4837740e515e6e493dc831411d60d6457
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://lebonheurdesparieurs.blogspot.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date
Fri, 19 May 2023 20:01:54 GMT
x-content-type-options
nosniff
server
fife
age
1320
vary
Origin
content-type
image/gif
access-control-allow-origin
*
access-control-expose-headers
Content-Length
cache-control
public, max-age=86400, no-transform
content-disposition
attachment;filename="unnamed.gif"
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
1762
x-xss-protection
0
expires
Sat, 20 May 2023 20:01:54 GMT
quinte_infos
www.pronostic-facile.fr/widget/partner/script/
249 B
849 B
Script
General
Full URL
https://www.pronostic-facile.fr/widget/partner/script/quinte_infos
Requested by
Host: lebonheurdesparieurs.blogspot.com
URL: https://lebonheurdesparieurs.blogspot.com/?m=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3034::ac43:c8d8 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
c578f2ac7490097327a70875954fdb63a8e1c07d2f36c117e49a227ba9490254

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://lebonheurdesparieurs.blogspot.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

x-runtime
3
date
Fri, 19 May 2023 20:23:54 GMT
content-encoding
br
cf-cache-status
DYNAMIC
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=D9KLku0k%2Fojuf1UeTdu3GHhY8JU1hNUEk2BwVrsAEAbUUTZwPEJ2%2B80qk4%2BrEbtZGvQ7BuEYaDWqfi94AeZ458diNzaqWbqpeVBQ0hD1LZR9uMyiw0397o%2BU%2B5s8E7jqHcu3s8wZ4YS1pOHBPHs2E40XSo3Irg%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
text/html; charset=utf-8
cache-control
private, max-age=0, must-revalidate
cf-ray
7c9f0f76cdc79c07-FRA
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
cookienotice.js
lebonheurdesparieurs.blogspot.com/js/
6 KB
2 KB
Script
General
Full URL
https://lebonheurdesparieurs.blogspot.com/js/cookienotice.js
Requested by
Host: lebonheurdesparieurs.blogspot.com
URL: https://lebonheurdesparieurs.blogspot.com/?m=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:829::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
068ffe90977f2b5b2dc2ef18572166e85281bd0ecb31c4902464b23db54d2568
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://lebonheurdesparieurs.blogspot.com/?m=1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date
Fri, 19 May 2023 20:23:54 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
2026
x-xss-protection
0
last-modified
Fri, 19 May 2023 19:56:28 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"blogger-tech","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/blogger-tech"}]}
content-type
text/javascript
cache-control
public, max-age=604800
accept-ranges
bytes
cross-origin-opener-policy-report-only
same-origin; report-to="blogger-tech"
expires
Fri, 26 May 2023 20:23:54 GMT
3434683727-widgets.js
www.blogger.com/static/v1/widgets/
154 KB
56 KB
Script
General
Full URL
https://www.blogger.com/static/v1/widgets/3434683727-widgets.js
Requested by
Host: lebonheurdesparieurs.blogspot.com
URL: https://lebonheurdesparieurs.blogspot.com/?m=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:828::2009 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
22d4568a71f29fbca7b04a016273d0f5cd8ac060958bcca78e225d9314b66868
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://lebonheurdesparieurs.blogspot.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date
Fri, 19 May 2023 15:06:43 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
19031
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
56801
x-xss-protection
0
last-modified
Wed, 17 May 2023 08:51:57 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"blogger-tech","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/blogger-tech"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
cross-origin-opener-policy-report-only
same-origin; report-to="blogger-tech"
expires
Sat, 18 May 2024 15:06:43 GMT
tabs_gradient_light.png
resources.blogblog.com/blogblog/data/1kt/awesomeinc/
182 B
295 B
Image
General
Full URL
https://resources.blogblog.com/blogblog/data/1kt/awesomeinc/tabs_gradient_light.png
Requested by
Host: lebonheurdesparieurs.blogspot.com
URL: https://lebonheurdesparieurs.blogspot.com/?m=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:828::2009 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
5e516df49b160c3efcb1ea09dd4c5f5b7c99a23a18a2a882acc379179bdbaacd
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://lebonheurdesparieurs.blogspot.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date
Sat, 13 May 2023 10:57:35 GMT
x-content-type-options
nosniff
last-modified
Fri, 12 May 2023 13:50:45 GMT
server
sffe
age
552379
report-to
{"group":"blogger-tech","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/blogger-tech"}]}
content-type
image/png
cache-control
public, max-age=604800
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
182
x-xss-protection
0
cross-origin-opener-policy-report-only
same-origin; report-to="blogger-tech"
expires
Sat, 20 May 2023 10:57:35 GMT
share_buttons_20_3.png
www.blogger.com/img/
5 KB
5 KB
Image
General
Full URL
https://www.blogger.com/img/share_buttons_20_3.png
Requested by
Host: www.blogger.com
URL: https://www.blogger.com/static/v1/widgets/3566091532-css_bundle_v2.css
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:828::2009 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
3829a5b2ade7cfc416c80b8f3df71e49e68672875f025d525223978f5cee3fd3
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.blogger.com/static/v1/widgets/3566091532-css_bundle_v2.css
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date
Sat, 13 May 2023 02:34:10 GMT
x-content-type-options
nosniff
last-modified
Fri, 12 May 2023 18:53:20 GMT
server
sffe
age
582584
report-to
{"group":"blogger-tech","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/blogger-tech"}]}
content-type
image/png
cache-control
public, max-age=604800
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
5080
x-xss-protection
0
cross-origin-opener-policy-report-only
same-origin; report-to="blogger-tech"
expires
Sat, 20 May 2023 02:34:10 GMT
authorization.css
www.blogger.com/dyn-css/
1 B
43 B
Stylesheet
General
Full URL
https://www.blogger.com/dyn-css/authorization.css?targetBlogID=9207037990208915533&zx=caa5284d-b535-453b-a7e6-e14a62fac948
Requested by
Host: lebonheurdesparieurs.blogspot.com
URL: https://lebonheurdesparieurs.blogspot.com/?m=1
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:828::2009 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
GSE /
Resource Hash
01ba4719c80b6fe911b091a7c05124b64eeece964e09c058ef8f9805daca546b
Security Headers
Name Value
Content-Security-Policy script-src 'self' *.google.com *.google-analytics.com 'unsafe-inline' 'unsafe-eval' *.gstatic.com *.googlesyndication.com *.blogger.com *.googleapis.com uds.googleusercontent.com https://s.ytimg.com https://i18n-cloud.appspot.com https://www.youtube.com www-onepick-opensocial.googleusercontent.com www-bloggervideo-opensocial.googleusercontent.com www-blogger-opensocial.googleusercontent.com https://www.blogblog.com; report-uri /cspreport
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://lebonheurdesparieurs.blogspot.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

pragma
no-cache
content-security-policy
script-src 'self' *.google.com *.google-analytics.com 'unsafe-inline' 'unsafe-eval' *.gstatic.com *.googlesyndication.com *.blogger.com *.googleapis.com uds.googleusercontent.com https://s.ytimg.com https://i18n-cloud.appspot.com https://www.youtube.com www-onepick-opensocial.googleusercontent.com www-bloggervideo-opensocial.googleusercontent.com www-blogger-opensocial.googleusercontent.com https://www.blogblog.com; report-uri /cspreport
date
Fri, 19 May 2023 20:23:54 GMT
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Fri, 19 May 2023 20:23:54 GMT
server
GSE
x-frame-options
SAMEORIGIN
p3p
CP="This is not a P3P policy! See https://www.google.com/support/accounts/bin/answer.py?hl=en&answer=151657 for more info."
content-type
text/css; charset=UTF-8
cache-control
no-cache, no-store, max-age=0, must-revalidate
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
21
x-xss-protection
1; mode=block
expires
Mon, 01 Jan 1990 00:00:00 GMT
taght.php
www.1clic1don.fr/ Frame 3080
1 KB
1 KB
Document
General
Full URL
https://www.1clic1don.fr/taght.php
Requested by
Host: www.hebdotop.com
URL: https://www.hebdotop.com/cgi-bin/hebdotop.eur?id=308589
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a06:98c1:3120::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
c96034ed636cd53e9c7d07d5cd8a8f5d4847f54c8e78feadc229e1507ac688cd
Security Headers
Name Value
Strict-Transport-Security max-age=15768000

Request headers

Referer
https://lebonheurdesparieurs.blogspot.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
cf-cache-status
DYNAMIC
cf-ray
7c9f0f78e9fa918e-FRA
content-encoding
br
content-type
text/html; charset=UTF-8
date
Fri, 19 May 2023 20:23:55 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=u2vgb2J8uTvbirps2e37TjpubOByOxK0ZSh5Rimm8exOpJEDUAjPAGnkJgcvf3rat2Ud7urxcb7272%2B0umWFfmOSaNhgpaZNW2ZLxyEiFIVmZlOAJS4tPeRnpvx9m%2BJ%2F%2Bs6I3PIpGy07LPMuJWxf"}],"group":"cf-nel","max_age":604800}
server
cloudflare
strict-transport-security
max-age=15768000
vote41097.eur
www.hebdotop.com/cgi-bin/
181 B
389 B
Image
General
Full URL
https://www.hebdotop.com/cgi-bin/vote41097.eur?id=308589
Requested by
Host: lebonheurdesparieurs.blogspot.com
URL: https://lebonheurdesparieurs.blogspot.com/?m=1
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
212.83.183.115 , France, ASN12876 (Online SAS, FR),
Reverse DNS
www.allosponsor.com
Software
Apache/2.2.22 (Debian) /
Resource Hash
6a4d5227f760e30e5b86f0f48c198e6dd39dfa0cf4e30518dfa8747e23324aaa

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://lebonheurdesparieurs.blogspot.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

Date
Fri, 19 May 2023 20:21:24 GMT
Server
Apache/2.2.22 (Debian)
Connection
Keep-Alive
Keep-Alive
timeout=15, max=99
Transfer-Encoding
chunked
Content-Type
image/png
all
www.pronostic-facile.fr/widget/partner/quinte_infos/ Frame B2A9
8 KB
4 KB
Document
General
Full URL
https://www.pronostic-facile.fr/widget/partner/quinte_infos/all
Requested by
Host: www.pronostic-facile.fr
URL: https://www.pronostic-facile.fr/widget/partner/script/quinte_infos
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3034::ac43:c8d8 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b4bf4f9438f30a281ce196377d07925d46e41db45930d81c2948708af0a04f63

Request headers

Referer
https://lebonheurdesparieurs.blogspot.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
cache-control
private, max-age=0, must-revalidate
cf-cache-status
DYNAMIC
cf-ray
7c9f0f7888669c07-FRA
content-encoding
br
content-type
text/html; charset=utf-8
date
Fri, 19 May 2023 20:23:54 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=PoiIlXJyy3kfn2cNv53pOWDPN79rDCMXLUwJcy%2FH%2FwEl4ZjprBDeEvCNZdQ9XLgtN2S6rg0H8VXbEapHmhoK%2BrAf3I%2BAd%2BI6V40FYBbGrV%2FHmYQltkF1B7kD1MziFoaeL447an%2FG48oW2fzWyAQmdh9YV1TnoA%3D%3D"}],"group":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
x-runtime
1
clock-widget-iframe-v2
www.zeitverschiebung.net/ Frame 6CFD
5 KB
2 KB
Document
General
Full URL
https://www.zeitverschiebung.net/clock-widget-iframe-v2?language=fr&size=medium&timezone=Europe%2FParis
Requested by
Host: lebonheurdesparieurs.blogspot.com
URL: https://lebonheurdesparieurs.blogspot.com/?m=1
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
178.254.1.54 , Germany, ASN42730 (EVANZOAS, DE),
Reverse DNS
hello-world.digital
Software
nginx / PHP/7.3.33 PleskLin
Resource Hash
f6167a4dbe5720f05625c8e46ec14ec363d27188205a322839a85d83909d8a3d
Security Headers
Name Value
Strict-Transport-Security max-age=15768000; includeSubDomains

Request headers

Referer
https://lebonheurdesparieurs.blogspot.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

content-encoding
gzip
content-length
1956
content-type
text/html; charset=UTF-8
date
Fri, 19 May 2023 20:23:54 GMT
server
nginx
strict-transport-security
max-age=15768000; includeSubDomains
vary
Accept-Encoding
x-cache-status
BYPASS
x-powered-by
PHP/7.3.33 PleskLin
rocket-loader.min.js
www.pronostic-facile.fr/cdn-cgi/scripts/7d0fa10a/cloudflare-static/ Frame B2A9
12 KB
4 KB
Script
General
Full URL
https://www.pronostic-facile.fr/cdn-cgi/scripts/7d0fa10a/cloudflare-static/rocket-loader.min.js
Requested by
Host: www.pronostic-facile.fr
URL: https://www.pronostic-facile.fr/widget/partner/quinte_infos/all
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3034::ac43:c8d8 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
ccf00d1923b0131a10e0c6d26f95e5dee6ebf8621a27e83c5a2f68a2e0093142
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options DENY

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.pronostic-facile.fr/widget/partner/quinte_infos/all
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date
Fri, 19 May 2023 20:23:55 GMT
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Thu, 18 May 2023 12:47:19 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
etag
W/"64661e57-302c"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=A1AvsnQoV0x0K4NDTVtTVUaOmu0l3nduoyMUpN4rDK21SYz7xXgQI6LT9Ulfrk%2BT9xdp%2B6RBIA1cVN6XSAAo7jDTpEx%2FOq8D0EH1HTzr3jh6AUeY0QHCo0%2Bp%2FA4cRbvA6xuPWVnHZLDlqO%2FWGj2mO%2F24l%2Fm%2BEg%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
x-frame-options
DENY
cache-control
max-age=172800, public
cf-ray
7c9f0f78b976922c-FRA
expires
Sun, 21 May 2023 20:23:55 GMT
v52afc6f149f6479b8c77fa569edb01181681764108816
static.cloudflareinsights.com/beacon.min.js/ Frame B2A9
19 KB
7 KB
Script
General
Full URL
https://static.cloudflareinsights.com/beacon.min.js/v52afc6f149f6479b8c77fa569edb01181681764108816
Requested by
Host: www.pronostic-facile.fr
URL: https://www.pronostic-facile.fr/widget/partner/quinte_infos/all
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6810:3965 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
13a548e040a1ec08f77911fed1d559b95e5daae0ee227e632140e003c7268e7b

Request headers

Referer
https://www.pronostic-facile.fr/
Origin
https://www.pronostic-facile.fr
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date
Fri, 19 May 2023 20:23:55 GMT
content-encoding
gzip
last-modified
Mon, 17 Apr 2023 20:41:48 GMT
server
cloudflare
etag
W/2023.4.2
vary
Accept-Encoding
content-type
text/javascript;charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=86400
cross-origin-resource-policy
cross-origin
cf-ray
7c9f0f78e8ec3625-FRA
css
fonts.googleapis.com/ Frame 6CFD
3 KB
1 KB
Stylesheet
General
Full URL
https://fonts.googleapis.com/css?family=Open+Sans
Requested by
Host: www.zeitverschiebung.net
URL: https://www.zeitverschiebung.net/clock-widget-iframe-v2?language=fr&size=medium&timezone=Europe%2FParis
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:828::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
d265615b79f98fdfff370ea32da7b4b02317fc6017b898cfb9c657a65618ac07
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.zeitverschiebung.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
date
Fri, 19 May 2023 20:23:55 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection
0
last-modified
Fri, 19 May 2023 18:59:25 GMT
server
ESF
cross-origin-opener-policy
same-origin-allow-popups
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Fri, 19 May 2023 20:23:55 GMT
jquery.min.js
ajax.googleapis.com/ajax/libs/jquery/1.12.4/ Frame 6CFD
95 KB
34 KB
Script
General
Full URL
https://ajax.googleapis.com/ajax/libs/jquery/1.12.4/jquery.min.js
Requested by
Host: www.zeitverschiebung.net
URL: https://www.zeitverschiebung.net/clock-widget-iframe-v2?language=fr&size=medium&timezone=Europe%2FParis
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82f::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
668b046d12db350ccba6728890476b3efee53b2f42dbb84743e5e9f1ae0cc404
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.zeitverschiebung.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date
Thu, 18 May 2023 16:19:20 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
101075
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/hosted-libraries-pushers
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
33951
x-xss-protection
0
last-modified
Tue, 03 Mar 2020 19:15:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="hosted-libraries-pushers"
vary
Accept-Encoding
report-to
{"group":"hosted-libraries-pushers","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/hosted-libraries-pushers"}]}
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=31536000, stale-while-revalidate=2592000
accept-ranges
bytes
timing-allow-origin
*
expires
Fri, 17 May 2024 16:19:20 GMT
js
www.googletagmanager.com/gtag/ Frame 6CFD
117 KB
46 KB
Script
General
Full URL
https://www.googletagmanager.com/gtag/js?id=UA-378139-21
Requested by
Host: www.zeitverschiebung.net
URL: https://www.zeitverschiebung.net/clock-widget-iframe-v2?language=fr&size=medium&timezone=Europe%2FParis
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:831::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
cf21aa15a0ce375e015c2451bf693d37ddca4e2a81b698d30d7bc9a40a009c11
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.zeitverschiebung.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date
Fri, 19 May 2023 20:23:55 GMT
content-encoding
br
strict-transport-security
max-age=31536000; includeSubDomains
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
46519
x-xss-protection
0
last-modified
Fri, 19 May 2023 18:00:00 GMT
server
Google Tag Manager
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
access-control-allow-headers
Cache-Control
expires
Fri, 19 May 2023 20:23:55 GMT
js
www.googletagmanager.com/gtag/ Frame 6CFD
249 KB
84 KB
Script
General
Full URL
https://www.googletagmanager.com/gtag/js?id=G-Z17S62ZZCJ
Requested by
Host: www.zeitverschiebung.net
URL: https://www.zeitverschiebung.net/clock-widget-iframe-v2?language=fr&size=medium&timezone=Europe%2FParis
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:831::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
64f694b70017debaf123e93523a2ae70355953695165c27391cfe190346573be
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.zeitverschiebung.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date
Fri, 19 May 2023 20:23:55 GMT
content-encoding
br
strict-transport-security
max-age=31536000; includeSubDomains
server
Google Tag Manager
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
access-control-allow-headers
Cache-Control
content-length
86139
x-xss-protection
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires
Fri, 19 May 2023 20:23:55 GMT
js
www.googletagmanager.com/gtag/ Frame B2A9
117 KB
46 KB
Script
General
Full URL
https://www.googletagmanager.com/gtag/js?id=UA-630351-12
Requested by
Host: www.pronostic-facile.fr
URL: https://www.pronostic-facile.fr/cdn-cgi/scripts/7d0fa10a/cloudflare-static/rocket-loader.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:831::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
48c42f319a588fd24e9af38518223438e048599468f36f629db2317d79f29a69
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.pronostic-facile.fr/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date
Fri, 19 May 2023 20:23:55 GMT
content-encoding
br
strict-transport-security
max-age=31536000; includeSubDomains
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
46524
x-xss-protection
0
last-modified
Fri, 19 May 2023 18:00:00 GMT
server
Google Tag Manager
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
access-control-allow-headers
Cache-Control
expires
Fri, 19 May 2023 20:23:55 GMT
rum
www.pronostic-facile.fr/cdn-cgi/ Frame B2A9
0
147 B
XHR
General
Full URL
https://www.pronostic-facile.fr/cdn-cgi/rum?
Requested by
Host: static.cloudflareinsights.com
URL: https://static.cloudflareinsights.com/beacon.min.js/v52afc6f149f6479b8c77fa569edb01181681764108816
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3034::ac43:c8d8 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options DENY

Request headers

Referer
https://www.pronostic-facile.fr/widget/partner/quinte_infos/all
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36
content-type
application/json

Response headers

date
Fri, 19 May 2023 20:23:55 GMT
x-content-type-options
nosniff
server
cloudflare
vary
Origin
access-control-max-age
86400
access-control-allow-methods
POST,OPTIONS
access-control-allow-origin
https://www.pronostic-facile.fr
x-frame-options
DENY
access-control-allow-credentials
true
cf-ray
7c9f0f7949ee922c-FRA
analytics.js
www.google-analytics.com/ Frame B2A9
51 KB
21 KB
Script
General
Full URL
https://www.google-analytics.com/analytics.js
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=UA-630351-12
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:813::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
e7b90d32907f89c49e9e2a2ccca95133277f756f13a14187936d9b948ff67b44
Security Headers
Name Value
Strict-Transport-Security max-age=10886400; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.pronostic-facile.fr/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

strict-transport-security
max-age=10886400; includeSubDomains; preload
content-encoding
gzip
x-content-type-options
nosniff
date
Fri, 19 May 2023 18:35:39 GMT
last-modified
Mon, 17 Apr 2023 22:36:01 GMT
server
Golfe2
age
6496
vary
Accept-Encoding
content-type
text/javascript
cache-control
public, max-age=7200
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
20737
expires
Fri, 19 May 2023 20:35:39 GMT
invisible.js
www.1clic1don.fr/cdn-cgi/challenge-platform/h/g/scripts/jsd/7fe8adc8/ Frame 3701
Redirect Chain
  • https://www.1clic1don.fr/cdn-cgi/challenge-platform/scripts/invisible.js
  • https://www.1clic1don.fr/cdn-cgi/challenge-platform/h/g/scripts/jsd/7fe8adc8/invisible.js
25 KB
12 KB
Script
General
Full URL
https://www.1clic1don.fr/cdn-cgi/challenge-platform/h/g/scripts/jsd/7fe8adc8/invisible.js
Requested by
Host: lebonheurdesparieurs.blogspot.com
URL: https://lebonheurdesparieurs.blogspot.com/?m=1
Protocol
H2
Server
2a06:98c1:3120::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
fb1f4f5db15c1a8b2e3b1116c07cf32a2da1feb77584ae6689a1dfc07d17eaba
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date
Fri, 19 May 2023 20:23:55 GMT
content-encoding
br
x-content-type-options
nosniff
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
accept-encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=BuldVTcVgv%2FmPi77PvevjpmL%2BVogQIlJ7HA2%2F8deunK7bpDr3fY3i%2F0UQSZJ37cerT%2B6eUsvIqA3xCPk1a%2Bt1Bhu1mZw2mq3D%2BYHBCWeEM2BNYLj3PtMdRRnPnkyyffIkcjR%2BcoYf4WWy3oiknG6"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript; charset=UTF-8
cache-control
max-age=14400, public
cf-ray
7c9f0f79cb2b918e-FRA
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400

Redirect headers

date
Fri, 19 May 2023 20:23:55 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
accept-encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=w6bx5pogMgSWqUm1BX3vi760GNp1j4a%2BVLoeqV4u4KDCOA9jlS2Jqt8A317mNlcKfpTyehYtJvdMLLjJ8g0IL2auY8C9lK2Ng6Vyhr3cP6tULMHLje%2BPVegBbHmHXw8R%2B0Jrl8v15L%2FGi4eGx87h"}],"group":"cf-nel","max_age":604800}
location
/cdn-cgi/challenge-platform/h/g/scripts/jsd/7fe8adc8/invisible.js
access-control-allow-origin
*
cache-control
max-age=300, public
cf-ray
7c9f0f79ab0e918e-FRA
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
pica.js
www.1clic1don.fr/cdn-cgi/challenge-platform/h/g/scripts/ Frame 3701
6 KB
4 KB
Other
General
Full URL
https://www.1clic1don.fr/cdn-cgi/challenge-platform/h/g/scripts/pica.js
Requested by
Host: lebonheurdesparieurs.blogspot.com
URL: https://lebonheurdesparieurs.blogspot.com/?m=1
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a06:98c1:3120::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
a918480235fb2efcb819d03c3956bd23b94c295018b8de697132e7c60f31b202
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date
Fri, 19 May 2023 20:23:55 GMT
content-encoding
br
x-content-type-options
nosniff
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
accept-encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=uMp0NUQjYnXmHZmJYhR33eiUPXuuV4%2BvApVI4QmTvQrRAvhH3C1m2Gp8rH%2FSsfG8kAaY05tmvLLKkSqc5FDaqH6Lh2cRdV6s3BTZNxSyJEWzs%2FPvLlst8XCwYrcyQPnBZy92BxVTO1L5gxfEEvwl"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript; charset=UTF-8
cache-control
max-age=14400, public
cf-ray
7c9f0f79eece0404-FRA
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
7c9f0f78e9fa918e
www.1clic1don.fr/cdn-cgi/challenge-platform/h/g/cv/result/ Frame 3701
2 B
634 B
XHR
General
Full URL
https://www.1clic1don.fr/cdn-cgi/challenge-platform/h/g/cv/result/7c9f0f78e9fa918e
Requested by
Host: www.1clic1don.fr
URL: https://www.1clic1don.fr/cdn-cgi/challenge-platform/scripts/invisible.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a06:98c1:3120::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
2689367b205c16ce32ed4200942b8b8b1e262dfc70d9bc9fbc77c49699a4f1df

Request headers

Referer
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36
Content-Type
application/json

Response headers

date
Fri, 19 May 2023 20:23:55 GMT
content-encoding
br
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=MLp41rB%2FQMku05XKuvDa%2F7eOKHmB%2B%2BvAiKcHigFODxpG98VqQVBYFn9z1N6HBmZKY45sG7DKV6lTVufYNMn9vcxhsFE11uwnDSNiu8mcnYO0G0TDDxBkN3CE4evcte6E1i5m8d2DuIDwMGjGU2mk"}],"group":"cf-nel","max_age":604800}
content-type
text/plain; charset=UTF-8
cf-ray
7c9f0f7b48ca0404-FRA
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
memSYaGs126MiZpBA-UvWbX2vVnXBbObj2OVZyOOSr4dVJWUgsjZ0B4gaVI.woff2
fonts.gstatic.com/s/opensans/v35/ Frame 6CFD
18 KB
19 KB
Font
General
Full URL
https://fonts.gstatic.com/s/opensans/v35/memSYaGs126MiZpBA-UvWbX2vVnXBbObj2OVZyOOSr4dVJWUgsjZ0B4gaVI.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Open+Sans
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82b::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
441e23601fe7525a142857c98cbb2784997579d51a17f736d7964dceee609709
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://www.zeitverschiebung.net
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date
Sat, 13 May 2023 20:06:50 GMT
x-content-type-options
nosniff
age
519425
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
18664
x-xss-protection
0
last-modified
Tue, 02 May 2023 15:19:23 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Sun, 12 May 2024 20:06:50 GMT
analytics.js
www.google-analytics.com/ Frame 6CFD
51 KB
20 KB
Script
General
Full URL
https://www.google-analytics.com/analytics.js
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=UA-378139-21
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:813::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
e7b90d32907f89c49e9e2a2ccca95133277f756f13a14187936d9b948ff67b44
Security Headers
Name Value
Strict-Transport-Security max-age=10886400; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.zeitverschiebung.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

strict-transport-security
max-age=10886400; includeSubDomains; preload
content-encoding
gzip
x-content-type-options
nosniff
date
Fri, 19 May 2023 18:35:39 GMT
last-modified
Mon, 17 Apr 2023 22:36:01 GMT
server
Golfe2
age
6496
vary
Accept-Encoding
content-type
text/javascript
cache-control
public, max-age=7200
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
20737
expires
Fri, 19 May 2023 20:35:39 GMT

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain
lemagicienduturf.free.fr
URL
https://lemagicienduturf.free.fr/images/exelturf.jpg

Verdicts & Comments Add Verdict or Comment

47 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| 0 object| 1 object| 2 boolean| credentialless object| adsbygoogle number| rand_code function| BLOG_attachCsiOnload function| _WidgetManager function| _WidgetInfo function| widget_module_provide function| _AdSenseView function| _BlogArchiveView function| _AttributionView function| _BlogView function| _BlogListView function| _BlogSearchView function| _ContactFormView function| _ExampleView function| _FeaturedPostView function| _FeedView function| _FollowersView function| _HeaderView function| _TextView function| _HTMLView function| _ImageView function| _LabelView function| _TextListView function| _LinkListView function| _BloggerButtonView function| _NavbarView function| _PageListView function| _PollView function| _PopularPostsView function| _ProfileView function| _RecentPostsView function| _ReportAbuseView function| _SharingView function| _StatsView function| _SubscribeView function| _SW_toggleReaderList function| _SW_hideReaderList function| _TranslateView function| _WikipediaView string| __wavt function| __gjsload__ object| closure_lm_242410 object| cookieChoices

1 Cookies

Domain/Path Name / Value
.1clic1don.fr/ Name: __cf_bm
Value: ysOHhv5KRJZs0AF3pCq8pDRyW4tWyUws3bL_e_Df2aU-1684527835-0-Af6Rqzchlu9RqLrLsPFIen8KDi/+hOtA46+L0v0FMOht/NfzhSClZvL2RGhbOe6olcv0tGrKYQ1ABqlRhx7VmkVB4o3HKgHp8iVOon5tCk31

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header Value
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

ajax.googleapis.com
blogger.googleusercontent.com
fonts.googleapis.com
fonts.gstatic.com
gif.toutimages.com
img.root-top.com
lebonheurdesparieurs.blogspot.com
lemagicienduturf.free.fr
lh3.googleusercontent.com
resources.blogblog.com
static.cloudflareinsights.com
www.1clic1don.fr
www.blogger.com
www.google-analytics.com
www.googletagmanager.com
www.hebdotop.com
www.mega-turf.fr
www.pmu-net.lachezvos.pro
www.pronostic-facile.fr
www.zeitverschiebung.net
lemagicienduturf.free.fr
178.254.1.54
2001:41d0:301::20
212.83.183.115
2606:4700:3034::ac43:c8d8
2606:4700:3035::6815:449a
2606:4700:3038::6815:ea1a
2606:4700::6810:3965
2a00:1450:4001:813::200e
2a00:1450:4001:828::2001
2a00:1450:4001:828::2009
2a00:1450:4001:828::200a
2a00:1450:4001:829::2001
2a00:1450:4001:82b::2003
2a00:1450:4001:82f::200a
2a00:1450:4001:831::2008
2a06:98c1:3120::3
62.210.16.62
01ba4719c80b6fe911b091a7c05124b64eeece964e09c058ef8f9805daca546b
068ffe90977f2b5b2dc2ef18572166e85281bd0ecb31c4902464b23db54d2568
07d0f4176551c5f7d193daae1c95317e9b043ae21b43b15c5baa7392e12c2894
0f96d86056e416e3eca8c08a80ff73729fc73f52328243ea406a098df6af7d61
1184c4d5a74f2d142d7bf8eb620c61cd6cfd0f48da368c14a8ab0da29d70ec6b
13a548e040a1ec08f77911fed1d559b95e5daae0ee227e632140e003c7268e7b
22d4568a71f29fbca7b04a016273d0f5cd8ac060958bcca78e225d9314b66868
2689367b205c16ce32ed4200942b8b8b1e262dfc70d9bc9fbc77c49699a4f1df
3824e70638ae1aaffa5be0c44a9c774a690c3848bcf642b5446118d04e8b72c0
3829a5b2ade7cfc416c80b8f3df71e49e68672875f025d525223978f5cee3fd3
441e23601fe7525a142857c98cbb2784997579d51a17f736d7964dceee609709
477c3edd3387979f3aba9b127bf8d7874ad5a8f70957d0be417a987dca2a7ec1
48c42f319a588fd24e9af38518223438e048599468f36f629db2317d79f29a69
5430710d4542e080be28794f5ffd14de7105561a83f89f9064986ad051781c0e
5e516df49b160c3efcb1ea09dd4c5f5b7c99a23a18a2a882acc379179bdbaacd
64f694b70017debaf123e93523a2ae70355953695165c27391cfe190346573be
668b046d12db350ccba6728890476b3efee53b2f42dbb84743e5e9f1ae0cc404
69f7014f954ee1dce1c6e9fb7d5acaa31918b9ddea175fbe57c37da8ca680d6b
6a4d5227f760e30e5b86f0f48c198e6dd39dfa0cf4e30518dfa8747e23324aaa
7f8140b4307cc838aa666051c24cd45b5e8ada264bd84458fbc90ba125ed2ebf
91d18befaf61db627997ed74c36f16e2c0b5a768ed87755ea9c710120505467c
96ea94ddffb3136c5a9e0b61e8d17d1e98e9657731ca1a45c61260944e649b2b
a918480235fb2efcb819d03c3956bd23b94c295018b8de697132e7c60f31b202
a9ca837900b6ae007386d400f659c233120b8af7d93407fd6475c9180d9e83d2
aed59e8323afae6683109f7202e812c6641c3775e23aac648097cf702f462d1a
b4bf4f9438f30a281ce196377d07925d46e41db45930d81c2948708af0a04f63
b7130ff8d8d5d1fdaec3262b8a42db98bda2b52dc1615efbe7deeb2089625a4f
bc5f84ab56488b20c1136ceef79be6449b7aaf98ab11e399fc972e5c73601f4c
c578f2ac7490097327a70875954fdb63a8e1c07d2f36c117e49a227ba9490254
c96034ed636cd53e9c7d07d5cd8a8f5d4847f54c8e78feadc229e1507ac688cd
ccf00d1923b0131a10e0c6d26f95e5dee6ebf8621a27e83c5a2f68a2e0093142
ce8adc0c107a66b72ed99daad838150877a1cff4d5ed673b14cddf6de148d754
cf21aa15a0ce375e015c2451bf693d37ddca4e2a81b698d30d7bc9a40a009c11
d265615b79f98fdfff370ea32da7b4b02317fc6017b898cfb9c657a65618ac07
d5f09b20ba3be2df8fe20ef4bb05dcbab606988a7bedb0eb3e06094645c9c562
dbd2f2ed985534056858c78ffcc6c6c4837740e515e6e493dc831411d60d6457
e186a1ac6f1cc16cbcdb76924cd20035a0abed77ca9bf01b8882c8f1442b825f
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e440f091fa1af388be7b7fc800187085ed7d0c2bbde02e55e8092480a74a8bb9
e7b90d32907f89c49e9e2a2ccca95133277f756f13a14187936d9b948ff67b44
e97c96837e369b2bdeb1247737819ff2a8a429203bb23bd6f96b82961f5fada5
f6167a4dbe5720f05625c8e46ec14ec363d27188205a322839a85d83909d8a3d
fb1f4f5db15c1a8b2e3b1116c07cf32a2da1feb77584ae6689a1dfc07d17eaba
fbe001e8d2ec155f42ab5d50dafab7450919f9d17d96ffc4a118c9f1d9e5a097