urlscan.io logo urlscan.io
SecurityTrails logo

mrquinte1.blogspot.com Open in urlscan Pro
2a00:1450:4001:803::2001  Public Scan

Go To Rescan Add Verdict Report
URL: https://mrquinte1.blogspot.com/
Submission: On May 29 via manual from ML — Scanned from DE
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 12 IPs in 2 countries across 10 domains to perform 21 HTTP transactions. The main IP is 2a00:1450:4001:803::2001, located in Frankfurt am Main, Germany and belongs to GOOGLE, US. The main domain is mrquinte1.blogspot.com.
TLS certificate: Issued by GTS CA 1C3 on May 8th 2023. Valid for: 3 months.
This is the only time mrquinte1.blogspot.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

2    2a00:1450:4001:803::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
mrquinte1.blogspot.com
4    2a00:1450:4001:809::2009 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.blogger.com
6    2606:4700:3038::6815:ea1a (United States)

ASN13335 (CLOUDFLARENET, US)
img.root-top.com
4    2606:4700:3035::ac43:c4a5 (United States)

ASN13335 (CLOUDFLARENET, US)
www.mega-turf.fr
1    2a00:1450:4001:827::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
lh3.googleusercontent.com
1    178.254.1.54 (Germany)

ASN42730 (EVANZOAS, DE)
PTR: hello-world.digital
www.zeitverschiebung.net
1    2a00:1450:4001:813::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
fonts.googleapis.com
1    2a00:1450:4001:82a::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
ajax.googleapis.com
3    2a00:1450:4001:828::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.googletagmanager.com
1    2a00:1450:4001:806::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
fonts.gstatic.com
1    2a00:1450:4001:806::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.google-analytics.com
Apex Domain
Subdomains		 Transfer
6 root-top.com
img.root-top.com
18 KB
4 mega-turf.fr
www.mega-turf.fr
151 KB
4 blogger.com
www.blogger.com — Cisco Umbrella Rank: 9258
92 KB
3 googletagmanager.com
www.googletagmanager.com — Cisco Umbrella Rank: 40
216 KB
2 googleapis.com
fonts.googleapis.com — Cisco Umbrella Rank: 35
ajax.googleapis.com — Cisco Umbrella Rank: 320
35 KB
2 blogspot.com
mrquinte1.blogspot.com
25 KB
1 google-analytics.com
www.google-analytics.com — Cisco Umbrella Rank: 30
21 KB
1 gstatic.com
fonts.gstatic.com
19 KB
1 zeitverschiebung.net
www.zeitverschiebung.net — Cisco Umbrella Rank: 180714
2 KB
1 googleusercontent.com
lh3.googleusercontent.com — Cisco Umbrella Rank: 47
2 KB
21 10
Domain Requested by
6 img.root-top.com 4 redirects mrquinte1.blogspot.com
4 www.mega-turf.fr mrquinte1.blogspot.com
4 www.blogger.com mrquinte1.blogspot.com
3 www.googletagmanager.com www.zeitverschiebung.net
www.googletagmanager.com
2 mrquinte1.blogspot.com mrquinte1.blogspot.com
1 www.google-analytics.com www.googletagmanager.com
1 fonts.gstatic.com fonts.googleapis.com
1 ajax.googleapis.com www.zeitverschiebung.net
1 fonts.googleapis.com www.zeitverschiebung.net
1 www.zeitverschiebung.net mrquinte1.blogspot.com
1 lh3.googleusercontent.com mrquinte1.blogspot.com
21 11
Subject Issuer Validity Valid
misc-sni.blogspot.com
GTS CA 1C3		 2023-05-08 -
2023-07-31		 3 months crt.sh
*.blogger.com
GTS CA 1C3		 2023-05-08 -
2023-07-31		 3 months crt.sh
root-top.com
E1		 2023-05-06 -
2023-08-04		 3 months crt.sh
*.googleusercontent.com
GTS CA 1C3		 2023-05-08 -
2023-07-31		 3 months crt.sh
zeitverschiebung.net
R3		 2023-04-23 -
2023-07-22		 3 months crt.sh
upload.video.google.com
GTS CA 1C3		 2023-05-08 -
2023-07-31		 3 months crt.sh
*.google-analytics.com
GTS CA 1C3		 2023-05-08 -
2023-07-31		 3 months crt.sh
*.gstatic.com
GTS CA 1C3		 2023-05-08 -
2023-07-31		 3 months crt.sh

This page contains 2 frames:

Primary Page: https://mrquinte1.blogspot.com/
Frame ID: FBBFC47323684A9D8C09B415E967B135
Requests: 14 HTTP requests in this frame

Frame: https://www.zeitverschiebung.net/clock-widget-iframe-v2?language=fr&size=medium&timezone=Europe%2FParis
Frame ID: F2F73E3FD988DF0C4C5A3A16D0548DA1
Requests: 8 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page Title

Mr Quinté 1

Detected technologies

Overall confidence: 100%
Detected patterns
  • ^https?://[^/]+\.(?:blogspot|blogger)\.com
Overall confidence: 100%
Detected patterns
  • /wp-(?:content|includes)/
Overall confidence: 100%
Detected patterns
  • google-analytics\.com/(?:ga|urchin|analytics)\.js
Overall confidence: 100%
Detected patterns
  • googletagmanager\.com/gtag/js
Overall confidence: 100%
Detected patterns
  • /([\d.]+)/jquery(?:\.min)?\.js
  • jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

Page Statistics

21
Requests

81 %
HTTPS

91 %
IPv6

10
Domains

11
Subdomains

12
IPs

2
Countries

579 kB
Transfer

1271 kB
Size

0
Cookies

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 3
  • https://img.root-top.com/topsite/megaturf/banner.gif HTTP 302
  • https://www.mega-turf.fr/wp-content/uploads/2017/06/5.gif
Request Chain 4
  • https://img.root-top.com/topsite/01turf/banner.gif HTTP 302
  • https://www.mega-turf.fr/wp-content/uploads/2017/12/01-turf0.gif
Request Chain 5
  • https://img.root-top.com/topsite/guideturf/banner.gif HTTP 302
  • https://www.mega-turf.fr/wp-content/uploads/2017/06/3.gif
Request Chain 6
  • https://img.root-top.com/topsite/willybill/banner.gif HTTP 302
  • https://www.mega-turf.fr/wp-content/uploads/2017/12/bestof.gif

21 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Primary Request /
mrquinte1.blogspot.com/ 		109 KB
23 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://mrquinte1.blogspot.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:803::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
GSE /
Resource Hash
8b98eaa62b133781c5159f573e222bc4e0e72f025c5cfab7cffb4ad6ad545876
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
private, max-age=0
content-encoding
gzip
content-length
23386
content-type
text/html; charset=UTF-8
date
Mon, 29 May 2023 15:45:29 GMT
etag
W/"abc01b11d9207a1eecee28d296e427c702308b72fb877675fb2cee0902b5831d"
expires
Mon, 29 May 2023 15:45:29 GMT
last-modified
Mon, 29 May 2023 15:29:26 GMT
server
GSE
x-content-type-options
nosniff
x-xss-protection
1; mode=block
3566091532-css_bundle_v2.css
www.blogger.com/static/v1/widgets/ 		35 KB
36 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://www.blogger.com/static/v1/widgets/3566091532-css_bundle_v2.css
Requested by
Host: mrquinte1.blogspot.com
URL: https://mrquinte1.blogspot.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:809::2009 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
a9ca837900b6ae007386d400f659c233120b8af7d93407fd6475c9180d9e83d2
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://mrquinte1.blogspot.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date
Sat, 27 May 2023 21:41:20 GMT
x-content-type-options
nosniff
age
151449
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
35960
x-xss-protection
0
last-modified
Sat, 27 May 2023 19:50:30 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"blogger-tech","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/blogger-tech"}]}
content-type
text/css
cache-control
public, max-age=31536000
accept-ranges
bytes
cross-origin-opener-policy-report-only
same-origin; report-to="blogger-tech"
expires
Sun, 26 May 2024 21:41:20 GMT
authorization.css
www.blogger.com/dyn-css/ 		1 B
684 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://www.blogger.com/dyn-css/authorization.css?targetBlogID=6590856517162511901&zx=88ba7f38-c74a-4011-8d01-3e8e58ed55f0
Requested by
Host: mrquinte1.blogspot.com
URL: https://mrquinte1.blogspot.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:809::2009 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
GSE /
Resource Hash
01ba4719c80b6fe911b091a7c05124b64eeece964e09c058ef8f9805daca546b
Security Headers
Name Value
Content-Security-Policy script-src 'self' *.google.com *.google-analytics.com 'unsafe-inline' 'unsafe-eval' *.gstatic.com *.googlesyndication.com *.blogger.com *.googleapis.com uds.googleusercontent.com https://s.ytimg.com https://i18n-cloud.appspot.com https://www.youtube.com www-onepick-opensocial.googleusercontent.com www-bloggervideo-opensocial.googleusercontent.com www-blogger-opensocial.googleusercontent.com https://www.blogblog.com; report-uri /cspreport
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://mrquinte1.blogspot.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

pragma
no-cache
content-security-policy
script-src 'self' *.google.com *.google-analytics.com 'unsafe-inline' 'unsafe-eval' *.gstatic.com *.googlesyndication.com *.blogger.com *.googleapis.com uds.googleusercontent.com https://s.ytimg.com https://i18n-cloud.appspot.com https://www.youtube.com www-onepick-opensocial.googleusercontent.com www-bloggervideo-opensocial.googleusercontent.com www-blogger-opensocial.googleusercontent.com https://www.blogblog.com; report-uri /cspreport
date
Mon, 29 May 2023 15:45:29 GMT
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Mon, 29 May 2023 15:45:29 GMT
server
GSE
x-frame-options
SAMEORIGIN
p3p
CP="This is not a P3P policy! See https://www.google.com/support/accounts/bin/answer.py?hl=en&answer=151657 for more info."
content-type
text/css; charset=UTF-8
cache-control
no-cache, no-store, max-age=0, must-revalidate
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
21
x-xss-protection
1; mode=block
expires
Mon, 01 Jan 1990 00:00:00 GMT
banner.gif
img.root-top.com/topsite/toppronosturf/ 		10 KB
10 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://img.root-top.com/topsite/toppronosturf/banner.gif
Requested by
Host: mrquinte1.blogspot.com
URL: https://mrquinte1.blogspot.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3038::6815:ea1a , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
995122542dd3a83ab4edadd7dab4b44d5f3d972dec1327b3b6f53bc693b5f69d

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://mrquinte1.blogspot.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date
Mon, 29 May 2023 15:45:29 GMT
cf-cache-status
HIT
last-modified
Sun, 28 May 2023 06:20:46 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
age
120283
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=2ubdPeuPTZwXqBxBNxSWzZ85%2BysKGH9TE5pHYBEXOy0l%2FotL%2F6nI8AbVZ7pC49a9UdLSPzOsqkDN60eRW8wQ66f94%2FE79LQkzzjuiaKR%2FmX9bu7XIjl9TQ3wr7wND%2Bm1fKPRTdy65XNlXixUGGa3"}],"group":"cf-nel","max_age":604800}
content-type
image/gif
cache-control
max-age=14400, must-revalidate
accept-ranges
bytes
cf-ray
7cefdd5f98a735f3-FRA
alt-svc
h3=":443"; ma=86400
content-length
9789
expires
Wed, 31 May 2023 06:20:46 GMT
5.gif
www.mega-turf.fr/wp-content/uploads/2017/06/
Redirect Chain
  • https://img.root-top.com/topsite/megaturf/banner.gif
  • https://www.mega-turf.fr/wp-content/uploads/2017/06/5.gif
27 KB
27 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.mega-turf.fr/wp-content/uploads/2017/06/5.gif
Requested by
Host: mrquinte1.blogspot.com
URL: https://mrquinte1.blogspot.com/
Protocol
H2
Server
2606:4700:3035::ac43:c4a5 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
69f7014f954ee1dce1c6e9fb7d5acaa31918b9ddea175fbe57c37da8ca680d6b

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://mrquinte1.blogspot.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date
Mon, 29 May 2023 15:45:29 GMT
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
2392828
alt-svc
h3=":443"; ma=86400
content-length
27601
last-modified
Sun, 25 Jun 2017 11:18:37 GMT
server
cloudflare
etag
"594f9c0d-6bd1"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=cU7RtFxFcTKjR%2BUtSSairaX4sxeS7lqfcw%2FIt4hLEX%2Bau9ZVZqQXTqIVBrk7ugHW0gEHEsOR%2Ba81kzlEP5j68gemamTmwqSffHdvlfkyR2ex6ykB3smh3fqtSrB0XOkMW%2B6pNfwILSebLT6N4XYN"}],"group":"cf-nel","max_age":604800}
content-type
image/gif
cache-control
max-age=315360000
accept-ranges
bytes
cf-ray
7cefdd609e2cbbaa-FRA
expires
Thu, 31 Dec 2037 23:55:55 GMT

Redirect headers

date
Mon, 29 May 2023 15:45:29 GMT
cf-cache-status
BYPASS
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=JrANmAGTgmgcrhb6PEL5xGA%2BYCHDwyXp49q8UT8QXhKg5thxOFpw%2BqM%2FTooby4n9ATFAxxS6Fpxn3czDhnCq%2F4MC2UqWJ0voLHRxXRuBwRyQaQlw1ZaNn0sQ4i8Zp3oM4L9%2BThUdpdeHL19mQiZb"}],"group":"cf-nel","max_age":604800}
content-type
text/html; charset=UTF-8
location
https://www.mega-turf.fr/wp-content/uploads/2017/06/5.gif
cf-ray
7cefdd5f98a935f3-FRA
alt-svc
h3=":443"; ma=86400
01-turf0.gif
www.mega-turf.fr/wp-content/uploads/2017/12/
Redirect Chain
  • https://img.root-top.com/topsite/01turf/banner.gif
  • https://www.mega-turf.fr/wp-content/uploads/2017/12/01-turf0.gif
105 KB
106 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.mega-turf.fr/wp-content/uploads/2017/12/01-turf0.gif
Requested by
Host: mrquinte1.blogspot.com
URL: https://mrquinte1.blogspot.com/
Protocol
H2
Server
2606:4700:3035::ac43:c4a5 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
91d18befaf61db627997ed74c36f16e2c0b5a768ed87755ea9c710120505467c

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://mrquinte1.blogspot.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date
Mon, 29 May 2023 15:45:29 GMT
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
62342
alt-svc
h3=":443"; ma=86400
content-length
107801
last-modified
Sun, 03 Dec 2017 21:54:18 GMT
server
cloudflare
etag
"5a24728a-1a519"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=g69gEEIpIP%2FoPhaqFbX0v0DxaibzGRHLbeXEtZaaQ%2Bp3E%2F%2Bmxj4FflnftKqP6US3mlqMiMBCNe8W4US025q6WJvxT%2FKERPcyVQQgZqsjKvElQQ%2FJf3H5WudVjUCfQ6B0sXvNW2J7gqlG1HM4tYTv"}],"group":"cf-nel","max_age":604800}
content-type
image/gif
cache-control
max-age=315360000
accept-ranges
bytes
cf-ray
7cefdd609e2bbbaa-FRA
expires
Thu, 31 Dec 2037 23:55:55 GMT

Redirect headers

date
Mon, 29 May 2023 15:45:29 GMT
cf-cache-status
BYPASS
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=NI9LJ8McXaXBZX69zVQ2PetEObrhLVqkhnsLAOSeczqANZEqLZgl9uiqnltKI0s1YWDUHrNjmYOZQULBlxQFQHPV7iNF3%2BTIPGjafozlwOCW%2Fxdr5UZFJuaXPK%2BXSuIKoaulgvEydlWyvcTNvvXs"}],"group":"cf-nel","max_age":604800}
content-type
text/html; charset=UTF-8
location
https://www.mega-turf.fr/wp-content/uploads/2017/12/01-turf0.gif
cf-ray
7cefdd5f98ab35f3-FRA
alt-svc
h3=":443"; ma=86400
3.gif
www.mega-turf.fr/wp-content/uploads/2017/06/
Redirect Chain
  • https://img.root-top.com/topsite/guideturf/banner.gif
  • https://www.mega-turf.fr/wp-content/uploads/2017/06/3.gif
6 KB
6 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.mega-turf.fr/wp-content/uploads/2017/06/3.gif
Requested by
Host: mrquinte1.blogspot.com
URL: https://mrquinte1.blogspot.com/
Protocol
H2
Server
2606:4700:3035::ac43:c4a5 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e97c96837e369b2bdeb1247737819ff2a8a429203bb23bd6f96b82961f5fada5

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://mrquinte1.blogspot.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date
Mon, 29 May 2023 15:45:29 GMT
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
1628362
alt-svc
h3=":443"; ma=86400
content-length
6009
last-modified
Sun, 25 Jun 2017 11:18:19 GMT
server
cloudflare
etag
"594f9bfb-1779"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=7lo4kCeXr801xaJlVSHik8QfsrJi7WG%2ByHe%2BApWZK4SgbqdKhxNw8WTQ1Ls0PYRDAwSIg4YrY2YYeO5svn1oqgP5dYN%2B%2FeN0BdLFwdO%2FNzlk5sZhr8exrcMEkUcXbBYXLPKOxtozmb14M%2F%2BqsJ1p"}],"group":"cf-nel","max_age":604800}
content-type
image/gif
cache-control
max-age=315360000
accept-ranges
bytes
cf-ray
7cefdd609e30bbaa-FRA
expires
Thu, 31 Dec 2037 23:55:55 GMT

Redirect headers

date
Mon, 29 May 2023 15:45:29 GMT
cf-cache-status
BYPASS
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=lljLYJ4oRz%2BYgTJVysBibGBgUnt6cbl6f%2B%2FSMR7r1RR1PJhTRbKLofYvhPI2viy%2B2npTOhEVQwHZkmGc%2FFOgbK1Zn2qtA7%2FSjSB90h4dmQ4TUMcvdx4xFizruFXlEUw8PnJaxyKtPZamDoWXPCa0"}],"group":"cf-nel","max_age":604800}
content-type
text/html; charset=UTF-8
location
https://www.mega-turf.fr/wp-content/uploads/2017/06/3.gif
cf-ray
7cefdd5f98ac35f3-FRA
alt-svc
h3=":443"; ma=86400
bestof.gif
www.mega-turf.fr/wp-content/uploads/2017/12/
Redirect Chain
  • https://img.root-top.com/topsite/willybill/banner.gif
  • https://www.mega-turf.fr/wp-content/uploads/2017/12/bestof.gif
11 KB
12 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.mega-turf.fr/wp-content/uploads/2017/12/bestof.gif
Requested by
Host: mrquinte1.blogspot.com
URL: https://mrquinte1.blogspot.com/
Protocol
H2
Server
2606:4700:3035::ac43:c4a5 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
7f8140b4307cc838aa666051c24cd45b5e8ada264bd84458fbc90ba125ed2ebf

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://mrquinte1.blogspot.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date
Mon, 29 May 2023 15:45:29 GMT
cf-cache-status
MISS
last-modified
Sun, 03 Dec 2017 22:24:33 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
etag
"5a2479a1-2dc6"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=NQdaZC7PeK93mHRrGm7jCtCLY26PZkEnbLm32pxkXdRYGqCNEPx%2B8ER5D3b5m%2FJffsqVnG1MyCWL5O88o%2BT6k%2Fcb42WiMYwiebi37geNpY7ZBZDXljuk2dm%2FWd2eIguQ8v5uAzSkxDOf%2BHB5Vmvq"}],"group":"cf-nel","max_age":604800}
content-type
image/gif
cache-control
max-age=315360000
accept-ranges
bytes
cf-ray
7cefdd609e2dbbaa-FRA
alt-svc
h3=":443"; ma=86400
content-length
11718
expires
Thu, 31 Dec 2037 23:55:55 GMT

Redirect headers

date
Mon, 29 May 2023 15:45:29 GMT
cf-cache-status
BYPASS
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=3rgAe2sLsbUmzqULzCEdebl4qV7t9NzdYXa8rS45z5EYtC1j6gtCX9ddSGsLcZHXBZxXByPENta%2FFGcEPh0OXhVHWTGchRovOjJmGdaRIUigr574%2FMHVv%2F48SdctTXFmQafTMmDXjjtaCzY%2BaU27"}],"group":"cf-nel","max_age":604800}
content-type
text/html; charset=UTF-8
location
https://www.mega-turf.fr/wp-content/uploads/2017/12/bestof.gif
cf-ray
7cefdd5f98ae35f3-FRA
alt-svc
h3=":443"; ma=86400
banner.gif
img.root-top.com/topsite/turf/ 		6 KB
7 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://img.root-top.com/topsite/turf/banner.gif
Requested by
Host: mrquinte1.blogspot.com
URL: https://mrquinte1.blogspot.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3038::6815:ea1a , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
96ea94ddffb3136c5a9e0b61e8d17d1e98e9657731ca1a45c61260944e649b2b

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://mrquinte1.blogspot.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date
Mon, 29 May 2023 15:45:29 GMT
cf-cache-status
HIT
last-modified
Sat, 27 May 2023 15:39:51 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
age
173138
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=3OVtkJE414iuNM29o%2Bx1J0E598RNgVo2IupAVdbcdNzZ8zDgYZiwHo6RD8TKD%2BsaMcoxOozdrKSt2YZf418l4szfikVZaGFrInTQ2exTr4ql5QVXXF3Nwa6MqxobOQqIztxFttfyyqKQ%2FrhGehKj"}],"group":"cf-nel","max_age":604800}
content-type
image/gif
cache-control
max-age=14400, must-revalidate
accept-ranges
bytes
cf-ray
7cefdd5f98af35f3-FRA
alt-svc
h3=":443"; ma=86400
content-length
6364
expires
Tue, 30 May 2023 15:39:51 GMT
AByxGDRnI0q7wISxCycLozXB1DXUJXunKMXpqqbha8kq8xY7_l26-SBOmsoqo8cvOt9KyXPrxzg9wsFtddSj3IXcBRmK6yPM5gUDaqFsS7mWPn6KrIgzSA=s0-d
lh3.googleusercontent.com/blogger_img_proxy/ 		2 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://lh3.googleusercontent.com/blogger_img_proxy/AByxGDRnI0q7wISxCycLozXB1DXUJXunKMXpqqbha8kq8xY7_l26-SBOmsoqo8cvOt9KyXPrxzg9wsFtddSj3IXcBRmK6yPM5gUDaqFsS7mWPn6KrIgzSA=s0-d
Requested by
Host: mrquinte1.blogspot.com
URL: https://mrquinte1.blogspot.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:827::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
fife /
Resource Hash
dbd2f2ed985534056858c78ffcc6c6c4837740e515e6e493dc831411d60d6457
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://mrquinte1.blogspot.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date
Mon, 29 May 2023 14:56:13 GMT
x-content-type-options
nosniff
server
fife
age
2956
vary
Origin
content-type
image/gif
access-control-allow-origin
*
access-control-expose-headers
Content-Length
cache-control
public, max-age=86400, no-transform
content-disposition
attachment;filename="unnamed.gif"
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
1762
x-xss-protection
0
expires
Tue, 30 May 2023 14:56:13 GMT
cookienotice.js
mrquinte1.blogspot.com/js/ 		6 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://mrquinte1.blogspot.com/js/cookienotice.js
Requested by
Host: mrquinte1.blogspot.com
URL: https://mrquinte1.blogspot.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:803::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
068ffe90977f2b5b2dc2ef18572166e85281bd0ecb31c4902464b23db54d2568
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://mrquinte1.blogspot.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date
Mon, 29 May 2023 15:45:29 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
2026
x-xss-protection
0
last-modified
Mon, 29 May 2023 13:51:25 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"blogger-tech","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/blogger-tech"}]}
content-type
text/javascript
cache-control
public, max-age=604800
accept-ranges
bytes
cross-origin-opener-policy-report-only
same-origin; report-to="blogger-tech"
expires
Mon, 05 Jun 2023 15:45:29 GMT
541336192-widgets.js
www.blogger.com/static/v1/widgets/ 		153 KB
55 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.blogger.com/static/v1/widgets/541336192-widgets.js
Requested by
Host: mrquinte1.blogspot.com
URL: https://mrquinte1.blogspot.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:809::2009 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
9ca45e0cd2719c8403f25e13c931515b162cbb57faf9773db1033fee191efeff
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://mrquinte1.blogspot.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date
Mon, 29 May 2023 07:59:01 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
27988
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
56539
x-xss-protection
0
last-modified
Mon, 29 May 2023 04:50:58 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"blogger-tech","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/blogger-tech"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
cross-origin-opener-policy-report-only
same-origin; report-to="blogger-tech"
expires
Tue, 28 May 2024 07:59:01 GMT
clock-widget-iframe-v2
www.zeitverschiebung.net/ Frame F2F7 		5 KB
2 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://www.zeitverschiebung.net/clock-widget-iframe-v2?language=fr&size=medium&timezone=Europe%2FParis
Requested by
Host: mrquinte1.blogspot.com
URL: https://mrquinte1.blogspot.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
178.254.1.54 , Germany, ASN42730 (EVANZOAS, DE),
Reverse DNS
hello-world.digital
Software
nginx / PHP/7.3.33 PleskLin
Resource Hash
f6167a4dbe5720f05625c8e46ec14ec363d27188205a322839a85d83909d8a3d
Security Headers
Name Value
Strict-Transport-Security max-age=15768000; includeSubDomains

Request headers

Referer
https://mrquinte1.blogspot.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

content-encoding
gzip
content-length
1956
content-type
text/html; charset=UTF-8
date
Mon, 29 May 2023 15:45:29 GMT
server
nginx
strict-transport-security
max-age=15768000; includeSubDomains
vary
Accept-Encoding
x-cache-status
BYPASS
x-powered-by
PHP/7.3.33 PleskLin
truncated
/ 		10 KB
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
d501101a9ed324297a88dac61b60a66f9b706405d70a7c040ed2662e00b02068

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

Content-Type
image/png
css
fonts.googleapis.com/ Frame F2F7 		3 KB
1 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css?family=Open+Sans
Requested by
Host: www.zeitverschiebung.net
URL: https://www.zeitverschiebung.net/clock-widget-iframe-v2?language=fr&size=medium&timezone=Europe%2FParis
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:813::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
d265615b79f98fdfff370ea32da7b4b02317fc6017b898cfb9c657a65618ac07
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.zeitverschiebung.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
date
Mon, 29 May 2023 15:45:29 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection
0
last-modified
Mon, 29 May 2023 15:26:45 GMT
server
ESF
cross-origin-opener-policy
same-origin-allow-popups
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Mon, 29 May 2023 15:45:29 GMT
jquery.min.js
ajax.googleapis.com/ajax/libs/jquery/1.12.4/ Frame F2F7 		95 KB
34 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://ajax.googleapis.com/ajax/libs/jquery/1.12.4/jquery.min.js
Requested by
Host: www.zeitverschiebung.net
URL: https://www.zeitverschiebung.net/clock-widget-iframe-v2?language=fr&size=medium&timezone=Europe%2FParis
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82a::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
668b046d12db350ccba6728890476b3efee53b2f42dbb84743e5e9f1ae0cc404
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.zeitverschiebung.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date
Mon, 29 May 2023 08:00:12 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
27917
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/hosted-libraries-pushers
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
33951
x-xss-protection
0
last-modified
Tue, 03 Mar 2020 19:15:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="hosted-libraries-pushers"
vary
Accept-Encoding
report-to
{"group":"hosted-libraries-pushers","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/hosted-libraries-pushers"}]}
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=31536000, stale-while-revalidate=2592000
accept-ranges
bytes
timing-allow-origin
*
expires
Tue, 28 May 2024 08:00:12 GMT
js
www.googletagmanager.com/gtag/ Frame F2F7 		118 KB
46 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtag/js?id=UA-378139-21
Requested by
Host: www.zeitverschiebung.net
URL: https://www.zeitverschiebung.net/clock-widget-iframe-v2?language=fr&size=medium&timezone=Europe%2FParis
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:828::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
87decbb89c26c225486db9b5826c99bc175488a25a1c9ea3bcc97870e5b3e148
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.zeitverschiebung.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date
Mon, 29 May 2023 15:45:29 GMT
content-encoding
br
strict-transport-security
max-age=31536000; includeSubDomains
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
46837
x-xss-protection
0
last-modified
Mon, 29 May 2023 15:00:00 GMT
server
Google Tag Manager
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
access-control-allow-headers
Cache-Control
expires
Mon, 29 May 2023 15:45:29 GMT
js
www.googletagmanager.com/gtag/ Frame F2F7 		250 KB
85 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtag/js?id=G-Z17S62ZZCJ
Requested by
Host: www.zeitverschiebung.net
URL: https://www.zeitverschiebung.net/clock-widget-iframe-v2?language=fr&size=medium&timezone=Europe%2FParis
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:828::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
790953c3c0a371e4ccbe54f19bdbd5ba2f30eb2fd6f0776dab91f7dc3969311e
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.zeitverschiebung.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date
Mon, 29 May 2023 15:45:29 GMT
content-encoding
br
strict-transport-security
max-age=31536000; includeSubDomains
server
Google Tag Manager
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
access-control-allow-headers
Cache-Control
content-length
86743
x-xss-protection
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires
Mon, 29 May 2023 15:45:29 GMT
memSYaGs126MiZpBA-UvWbX2vVnXBbObj2OVZyOOSr4dVJWUgsjZ0B4gaVI.woff2
fonts.gstatic.com/s/opensans/v35/ Frame F2F7 		18 KB
19 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/opensans/v35/memSYaGs126MiZpBA-UvWbX2vVnXBbObj2OVZyOOSr4dVJWUgsjZ0B4gaVI.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Open+Sans
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:806::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
441e23601fe7525a142857c98cbb2784997579d51a17f736d7964dceee609709
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://www.zeitverschiebung.net
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date
Sat, 27 May 2023 02:17:51 GMT
x-content-type-options
nosniff
age
221259
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
18664
x-xss-protection
0
last-modified
Tue, 02 May 2023 15:19:23 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Sun, 26 May 2024 02:17:51 GMT
authorization.css
www.blogger.com/dyn-css/ 		1 B
43 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://www.blogger.com/dyn-css/authorization.css?targetBlogID=6590856517162511901&zx=88ba7f38-c74a-4011-8d01-3e8e58ed55f0
Requested by
Host: mrquinte1.blogspot.com
URL: https://mrquinte1.blogspot.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:809::2009 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
GSE /
Resource Hash
01ba4719c80b6fe911b091a7c05124b64eeece964e09c058ef8f9805daca546b
Security Headers
Name Value
Content-Security-Policy script-src 'self' *.google.com *.google-analytics.com 'unsafe-inline' 'unsafe-eval' *.gstatic.com *.googlesyndication.com *.blogger.com *.googleapis.com uds.googleusercontent.com https://s.ytimg.com https://i18n-cloud.appspot.com https://www.youtube.com www-onepick-opensocial.googleusercontent.com www-bloggervideo-opensocial.googleusercontent.com www-blogger-opensocial.googleusercontent.com https://www.blogblog.com; report-uri /cspreport
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://mrquinte1.blogspot.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

pragma
no-cache
content-security-policy
script-src 'self' *.google.com *.google-analytics.com 'unsafe-inline' 'unsafe-eval' *.gstatic.com *.googlesyndication.com *.blogger.com *.googleapis.com uds.googleusercontent.com https://s.ytimg.com https://i18n-cloud.appspot.com https://www.youtube.com www-onepick-opensocial.googleusercontent.com www-bloggervideo-opensocial.googleusercontent.com www-blogger-opensocial.googleusercontent.com https://www.blogblog.com; report-uri /cspreport
date
Mon, 29 May 2023 15:45:30 GMT
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Mon, 29 May 2023 15:45:30 GMT
server
GSE
x-frame-options
SAMEORIGIN
p3p
CP="This is not a P3P policy! See https://www.google.com/support/accounts/bin/answer.py?hl=en&answer=151657 for more info."
content-type
text/css; charset=UTF-8
cache-control
no-cache, no-store, max-age=0, must-revalidate
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
21
x-xss-protection
1; mode=block
expires
Mon, 01 Jan 1990 00:00:00 GMT
analytics.js
www.google-analytics.com/ Frame F2F7 		51 KB
21 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/analytics.js
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=UA-378139-21
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:806::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
e7b90d32907f89c49e9e2a2ccca95133277f756f13a14187936d9b948ff67b44
Security Headers
Name Value
Strict-Transport-Security max-age=10886400; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.zeitverschiebung.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

strict-transport-security
max-age=10886400; includeSubDomains; preload
content-encoding
gzip
x-content-type-options
nosniff
date
Mon, 29 May 2023 14:35:34 GMT
last-modified
Mon, 17 Apr 2023 22:36:01 GMT
server
Golfe2
age
4196
vary
Accept-Encoding
content-type
text/javascript
cache-control
public, max-age=7200
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
20737
expires
Mon, 29 May 2023 16:35:34 GMT
js
www.googletagmanager.com/gtag/ Frame F2F7 		250 KB
85 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtag/js?id=G-Z17S62ZZCJ&l=dataLayer&cx=c
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=UA-378139-21
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:828::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
5a9598867ab98a06601d92960116768cbacf03a5865c2493996f8b40f4613695
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.zeitverschiebung.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date
Mon, 29 May 2023 15:45:30 GMT
content-encoding
br
strict-transport-security
max-age=31536000; includeSubDomains
server
Google Tag Manager
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
access-control-allow-headers
Cache-Control
content-length
86771
x-xss-protection
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires
Mon, 29 May 2023 15:45:30 GMT

Verdicts & Comments Add Verdict or Comment

43 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| 0 boolean| credentialless object| adsbygoogle function| BLOG_attachCsiOnload function| _WidgetManager function| _WidgetInfo function| widget_module_provide function| _AdSenseView function| _BlogArchiveView function| _AttributionView function| _BlogView function| _BlogListView function| _BlogSearchView function| _ContactFormView function| _ExampleView function| _FeaturedPostView function| _FeedView function| _FollowersView function| _HeaderView function| _TextView function| _HTMLView function| _ImageView function| _LabelView function| _TextListView function| _LinkListView function| _BloggerButtonView function| _NavbarView function| _PageListView function| _PollView function| _PopularPostsView function| _ProfileView function| _RecentPostsView function| _ReportAbuseView function| _SharingView function| _StatsView function| _SubscribeView function| _SW_toggleReaderList function| _SW_hideReaderList function| _TranslateView function| _WikipediaView string| __wavt function| __gjsload__ object| cookieChoices

0 Cookies

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header Value
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

ajax.googleapis.com
fonts.googleapis.com
fonts.gstatic.com
img.root-top.com
lh3.googleusercontent.com
mrquinte1.blogspot.com
www.blogger.com
www.google-analytics.com
www.googletagmanager.com
www.mega-turf.fr
www.zeitverschiebung.net
178.254.1.54
2606:4700:3035::ac43:c4a5
2606:4700:3038::6815:ea1a
2a00:1450:4001:803::2001
2a00:1450:4001:806::2003
2a00:1450:4001:806::200e
2a00:1450:4001:809::2009
2a00:1450:4001:813::200a
2a00:1450:4001:827::2001
2a00:1450:4001:828::2008
2a00:1450:4001:82a::200a
01ba4719c80b6fe911b091a7c05124b64eeece964e09c058ef8f9805daca546b
068ffe90977f2b5b2dc2ef18572166e85281bd0ecb31c4902464b23db54d2568
441e23601fe7525a142857c98cbb2784997579d51a17f736d7964dceee609709
5a9598867ab98a06601d92960116768cbacf03a5865c2493996f8b40f4613695
668b046d12db350ccba6728890476b3efee53b2f42dbb84743e5e9f1ae0cc404
69f7014f954ee1dce1c6e9fb7d5acaa31918b9ddea175fbe57c37da8ca680d6b
790953c3c0a371e4ccbe54f19bdbd5ba2f30eb2fd6f0776dab91f7dc3969311e
7f8140b4307cc838aa666051c24cd45b5e8ada264bd84458fbc90ba125ed2ebf
87decbb89c26c225486db9b5826c99bc175488a25a1c9ea3bcc97870e5b3e148
8b98eaa62b133781c5159f573e222bc4e0e72f025c5cfab7cffb4ad6ad545876
91d18befaf61db627997ed74c36f16e2c0b5a768ed87755ea9c710120505467c
96ea94ddffb3136c5a9e0b61e8d17d1e98e9657731ca1a45c61260944e649b2b
995122542dd3a83ab4edadd7dab4b44d5f3d972dec1327b3b6f53bc693b5f69d
9ca45e0cd2719c8403f25e13c931515b162cbb57faf9773db1033fee191efeff
a9ca837900b6ae007386d400f659c233120b8af7d93407fd6475c9180d9e83d2
d265615b79f98fdfff370ea32da7b4b02317fc6017b898cfb9c657a65618ac07
d501101a9ed324297a88dac61b60a66f9b706405d70a7c040ed2662e00b02068
dbd2f2ed985534056858c78ffcc6c6c4837740e515e6e493dc831411d60d6457
e7b90d32907f89c49e9e2a2ccca95133277f756f13a14187936d9b948ff67b44
e97c96837e369b2bdeb1247737819ff2a8a429203bb23bd6f96b82961f5fada5
f6167a4dbe5720f05625c8e46ec14ec363d27188205a322839a85d83909d8a3d