urlscan.io logo urlscan.io
SecurityTrails logo

quintesur-vip.blogspot.com Open in urlscan Pro
2a00:1450:4001:827::2001  Public Scan

Go To Rescan Add Verdict Report
Submitted URL: http://quintesur-vip.blogspot.com/
Effective URL: https://quintesur-vip.blogspot.com/
Submission: On April 11 via manual from ML — Scanned from DE
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 15 IPs in 3 countries across 16 domains to perform 45 HTTP transactions. The main IP is 2a00:1450:4001:827::2001, located in Frankfurt am Main, Germany and belongs to GOOGLE, US. The main domain is quintesur-vip.blogspot.com.
TLS certificate: Issued by GTS CA 1C3 on March 21st 2022. Valid for: 3 months.
This is the only time quintesur-vip.blogspot.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

3    2a00:1450:4001:827::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
quintesur-vip.blogspot.com
11    2a00:1450:4001:82a::2009 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.blogger.com
resources.blogblog.com
6    2a00:1450:4001:810::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
apis.google.com
6    2a00:1450:4001:830::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
1.bp.blogspot.com
3    194.150.236.166 (France)

ASN44976 (HIWIT_AS, FR)
PTR: ns6.hiwit.net
www.raffinturf.com
2    2a00:1450:4001:810::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
lh3.googleusercontent.com
themes.googleusercontent.com
6    2a06:98c1:3120::7 (United States)

ASN13335 (CLOUDFLARENET, US)
img.root-top.com
1    194.150.236.190 (France)

ASN44976 (HIWIT_AS, FR)
PTR: ns30.hiwit.net
www.top-pmu.com
1    194.150.236.5 (France)

ASN44976 (HIWIT_AS, FR)
PTR: ns.allo-heberge.com
ns.allo-heberge.com
2    2606:4700:3034::ac43:c8d8 (United States)

ASN13335 (CLOUDFLARENET, US)
www.pronostic-facile.fr
1    2a00:1450:4001:829::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
pagead2.googlesyndication.com
4    2606:4700:20::681a:ee2 (United States)

ASN13335 (CLOUDFLARENET, US)
s.bookcdn.com
1    213.174.150.39 (Ashburn, United States)

ASN39572 (ADVANCEDHOSTERS-AS, NL)
widgets.booked.net
1    2a00:1450:4001:801::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.googletagmanager.com
1    2a00:1450:4001:829::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.gstatic.com
1    2a00:1450:4001:80e::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.google-analytics.com
Apex Domain
Subdomains		 Transfer
9 blogspot.com
quintesur-vip.blogspot.com
1.bp.blogspot.com — Cisco Umbrella Rank: 8645
803 KB
8 blogger.com
www.blogger.com — Cisco Umbrella Rank: 9202
574 KB
6 root-top.com
img.root-top.com
29 KB
6 google.com
apis.google.com — Cisco Umbrella Rank: 102
160 KB
4 bookcdn.com
s.bookcdn.com — Cisco Umbrella Rank: 186915
11 KB
3 blogblog.com
resources.blogblog.com — Cisco Umbrella Rank: 13731
2 KB
3 raffinturf.com
www.raffinturf.com
36 KB
2 pronostic-facile.fr
www.pronostic-facile.fr
5 KB
2 googleusercontent.com
lh3.googleusercontent.com — Cisco Umbrella Rank: 69
themes.googleusercontent.com — Cisco Umbrella Rank: 9520
311 KB
1 google-analytics.com
www.google-analytics.com — Cisco Umbrella Rank: 37
20 KB
1 gstatic.com
www.gstatic.com
32 KB
1 googletagmanager.com
www.googletagmanager.com — Cisco Umbrella Rank: 71
38 KB
1 booked.net
widgets.booked.net — Cisco Umbrella Rank: 205535
2 KB
1 googlesyndication.com
pagead2.googlesyndication.com — Cisco Umbrella Rank: 98
574 B
1 allo-heberge.com
ns.allo-heberge.com
1 top-pmu.com
www.top-pmu.com
282 B
45 16
Domain Requested by
8 www.blogger.com quintesur-vip.blogspot.com
apis.google.com
www.blogger.com
6 img.root-top.com 3 redirects quintesur-vip.blogspot.com
6 1.bp.blogspot.com quintesur-vip.blogspot.com
6 apis.google.com quintesur-vip.blogspot.com
apis.google.com
www.blogger.com
4 s.bookcdn.com quintesur-vip.blogspot.com
s.bookcdn.com
3 resources.blogblog.com quintesur-vip.blogspot.com
www.blogger.com
3 www.raffinturf.com quintesur-vip.blogspot.com
3 quintesur-vip.blogspot.com 1 redirects quintesur-vip.blogspot.com
2 www.pronostic-facile.fr quintesur-vip.blogspot.com
www.pronostic-facile.fr
1 www.google-analytics.com www.googletagmanager.com
1 www.gstatic.com apis.google.com
1 www.googletagmanager.com www.pronostic-facile.fr
1 widgets.booked.net quintesur-vip.blogspot.com
1 themes.googleusercontent.com quintesur-vip.blogspot.com
1 pagead2.googlesyndication.com quintesur-vip.blogspot.com
1 ns.allo-heberge.com quintesur-vip.blogspot.com
1 www.top-pmu.com 1 redirects
1 lh3.googleusercontent.com quintesur-vip.blogspot.com
45 18
Subject Issuer Validity Valid
misc-sni.blogspot.com
GTS CA 1C3		 2022-03-21 -
2022-06-13		 3 months crt.sh
*.blogger.com
GTS CA 1C3		 2022-03-21 -
2022-06-13		 3 months crt.sh
*.apis.google.com
GTS CA 1C3		 2022-03-21 -
2022-06-13		 3 months crt.sh
raffinturf.com
R3		 2022-03-12 -
2022-06-10		 3 months crt.sh
*.googleusercontent.com
GTS CA 1C3		 2022-03-21 -
2022-06-13		 3 months crt.sh
sni.cloudflaressl.com
Cloudflare Inc ECC CA-3		 2021-07-03 -
2022-07-02		 a year crt.sh
*.g.doubleclick.net
GTS CA 1C3		 2022-03-21 -
2022-06-13		 3 months crt.sh
booked.net
R3		 2022-03-15 -
2022-06-13		 3 months crt.sh
*.google.com
GTS CA 1C3		 2022-03-21 -
2022-06-13		 3 months crt.sh
*.google-analytics.com
GTS CA 1C3		 2022-03-21 -
2022-06-13		 3 months crt.sh
*.gstatic.com
GTS CA 1C3		 2022-03-21 -
2022-06-13		 3 months crt.sh

This page contains 3 frames:

Primary Page: https://quintesur-vip.blogspot.com/
Frame ID: B69FABCA918BA013DE4FA9DDD0325E6D
Requests: 37 HTTP requests in this frame

Frame: https://www.pronostic-facile.fr/widget/quinte/quinte_runners/all
Frame ID: 4474E1303431BCB84E6BF6DBEDA51BFC
Requests: 3 HTTP requests in this frame

Frame: https://www.blogger.com/navbar.g?targetBlogID=7476080352978082910&blogName=QUINTESURVIP&publishMode=PUBLISH_MODE_BLOGSPOT&navbarType=LIGHT&layoutType=LAYOUTS&searchRoot=https://quintesur-vip.blogspot.com/search&blogLocale=fr&v=2&homepageUrl=https://quintesur-vip.blogspot.com/&vt=3856488933075553741&usegapi=1&jsh=m%3B%2F_%2Fscs%2Fabc-static%2F_%2Fjs%2Fk%3Dgapi.lb.de.I13-EL4NYtQ.O%2Fd%3D1%2Frs%3DAHpOoo8kfO5_tzH3I_uDPUBAcVFwZfiR6w%2Fm%3D__features__
Frame ID: C6421C54A1D353D156DB199B74FE858F
Requests: 5 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page Title

QUINTESURVIP

Page URL History Show full URLs

  1. http://quintesur-vip.blogspot.com/ HTTP 301
    https://quintesur-vip.blogspot.com/ Page URL

Detected technologies

Overall confidence: 100%
Detected patterns
  • ^https?://[^/]+\.(?:blogspot|blogger)\.com
Overall confidence: 100%
Detected patterns
  • googlesyndication\.com/
Overall confidence: 100%
Detected patterns
  • google-analytics\.com/(?:ga|urchin|analytics)\.js
Overall confidence: 100%
Detected patterns
  • apis\.google\.com/js/[a-z]*\.js
Overall confidence: 100%
Detected patterns
  • googletagmanager\.com/gtag/js

Page Statistics

45
Requests

93 %
HTTPS

75 %
IPv6

16
Domains

18
Subdomains

15
IPs

3
Countries

2019 kB
Transfer

2901 kB
Size

0
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. http://quintesur-vip.blogspot.com/ HTTP 301
    https://quintesur-vip.blogspot.com/ Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 10
  • https://img.root-top.com/topsite/bonsitespmu/banner.gif HTTP 302
  • https://www.raffinturf.com/img/bonsitespmu.gif
Request Chain 11
  • https://img.root-top.com/topsite/meetingcourses/banner.gif HTTP 302
  • https://img.root-top.com/topsite/meetingcourses/topsite_banner.gif
Request Chain 14
  • https://img.root-top.com/topsite/eurocourses011/banner.gif HTTP 302
  • https://www.top-pmu.com/img4/eurodescourses.gif HTTP 302
  • https://ns.allo-heberge.com/

45 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Primary Request /
quintesur-vip.blogspot.com/
Redirect Chain
  • http://quintesur-vip.blogspot.com/
  • https://quintesur-vip.blogspot.com/
425 KB
23 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://quintesur-vip.blogspot.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:827::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
GSE /
Resource Hash
98f8cdce15682fc466ffba56fa74a6e37ba882b150b4d3ebbad32a1e9fc0bfbf
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
private, max-age=0
content-encoding
gzip
content-length
22979
content-type
text/html; charset=UTF-8
date
Mon, 11 Apr 2022 15:26:11 GMT
etag
W/"1f053c57c7947797b73e1924b85e48519298a56fd5eb193b30104e97fc372b70"
expires
Mon, 11 Apr 2022 15:26:11 GMT
last-modified
Mon, 11 Apr 2022 12:07:21 GMT
server
GSE
x-content-type-options
nosniff
x-xss-protection
1; mode=block

Redirect headers

Cache-Control
private, max-age=0
Content-Encoding
gzip
Content-Length
182
Content-Security-Policy
frame-ancestors 'self'
Content-Type
text/html; charset=UTF-8
Date
Mon, 11 Apr 2022 15:26:11 GMT
Expires
Mon, 11 Apr 2022 15:26:11 GMT
Location
https://quintesur-vip.blogspot.com/
Server
GSE
X-Content-Type-Options
nosniff
X-Frame-Options
SAMEORIGIN
X-XSS-Protection
1; mode=block
2975350028-css_bundle_v2.css
www.blogger.com/static/v1/widgets/ 		35 KB
36 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://www.blogger.com/static/v1/widgets/2975350028-css_bundle_v2.css
Requested by
Host: quintesur-vip.blogspot.com
URL: https://quintesur-vip.blogspot.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82a::2009 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
288536942edd2d9002fff4b7d9085f331ff73ea9cd24653e78e6a17ea09c5a0d
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://quintesur-vip.blogspot.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date
Mon, 11 Apr 2022 02:36:58 GMT
x-content-type-options
nosniff
age
46153
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
35960
x-xss-protection
0
last-modified
Sun, 10 Apr 2022 14:50:14 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"blogger-tech","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/blogger-tech"}]}
content-type
text/css
cache-control
public, max-age=31536000
accept-ranges
bytes
cross-origin-opener-policy-report-only
same-origin; report-to="blogger-tech"
expires
Tue, 11 Apr 2023 02:36:58 GMT
authorization.css
www.blogger.com/dyn-css/ 		1 B
688 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://www.blogger.com/dyn-css/authorization.css?targetBlogID=7476080352978082910&zx=1dfdea96-438c-4505-b9e3-aa7d644ca2d8
Requested by
Host: quintesur-vip.blogspot.com
URL: https://quintesur-vip.blogspot.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82a::2009 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
GSE /
Resource Hash
01ba4719c80b6fe911b091a7c05124b64eeece964e09c058ef8f9805daca546b
Security Headers
Name Value
Content-Security-Policy script-src 'self' *.google.com *.google-analytics.com 'unsafe-inline' 'unsafe-eval' *.gstatic.com *.googlesyndication.com *.blogger.com *.googleapis.com uds.googleusercontent.com https://s.ytimg.com https://i18n-cloud.appspot.com https://www.youtube.com www-onepick-opensocial.googleusercontent.com www-bloggervideo-opensocial.googleusercontent.com www-blogger-opensocial.googleusercontent.com https://www.blogblog.com; report-uri /cspreport
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://quintesur-vip.blogspot.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

pragma
no-cache
content-security-policy
script-src 'self' *.google.com *.google-analytics.com 'unsafe-inline' 'unsafe-eval' *.gstatic.com *.googlesyndication.com *.blogger.com *.googleapis.com uds.googleusercontent.com https://s.ytimg.com https://i18n-cloud.appspot.com https://www.youtube.com www-onepick-opensocial.googleusercontent.com www-bloggervideo-opensocial.googleusercontent.com www-blogger-opensocial.googleusercontent.com https://www.blogblog.com; report-uri /cspreport
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Mon, 11 Apr 2022 15:26:12 GMT
server
GSE
date
Mon, 11 Apr 2022 15:26:12 GMT
x-frame-options
SAMEORIGIN
p3p
CP="This is not a P3P policy! See https://www.google.com/support/accounts/bin/answer.py?hl=en&answer=151657 for more info."
cache-control
no-cache, no-store, max-age=0, must-revalidate
content-type
text/css; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
21
x-xss-protection
1; mode=block
expires
Mon, 01 Jan 1990 00:00:00 GMT
plusone.js
apis.google.com/js/ 		53 KB
21 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://apis.google.com/js/plusone.js
Requested by
Host: quintesur-vip.blogspot.com
URL: https://quintesur-vip.blogspot.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:810::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
346eb51a85654fe57845fd7e63e39451f6ab3e0f739667656b879a0e72fbc84c
Security Headers
Name Value
Content-Security-Policy require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/gapi-team
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://quintesur-vip.blogspot.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

content-security-policy
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/gapi-team
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
20541
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="gapi-team"
date
Mon, 11 Apr 2022 15:26:12 GMT
vary
Accept-Encoding
report-to
{"group":"gapi-team","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/gapi-team"}]}
content-type
text/javascript
access-control-allow-origin
*
cache-control
private, max-age=1800, stale-while-revalidate=1800
etag
"f67b6ccd9d7c6616"
accept-ranges
bytes
timing-allow-origin
*
expires
Mon, 11 Apr 2022 15:26:12 GMT
quinte.png
1.bp.blogspot.com/-oaQDr-dZi14/YPWodvm9CvI/AAAAAAAAACM/rh8fAFsvpqAwjc8fEzVOSDE2trIsEQAGQCLcBGAsYHQ/s1000/ 		188 KB
188 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://1.bp.blogspot.com/-oaQDr-dZi14/YPWodvm9CvI/AAAAAAAAACM/rh8fAFsvpqAwjc8fEzVOSDE2trIsEQAGQCLcBGAsYHQ/s1000/quinte.png
Requested by
Host: quintesur-vip.blogspot.com
URL: https://quintesur-vip.blogspot.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:830::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
fife /
Resource Hash
8bafaf8b25a0fefd39bdb76e6a0b947ff3a578bf10a2d159c8da74938bf4731e
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://quintesur-vip.blogspot.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date
Mon, 11 Apr 2022 15:26:12 GMT
x-content-type-options
nosniff
age
0
content-disposition
inline;filename="quinte.png"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
192797
x-xss-protection
0
server
fife
etag
"v24"
vary
Origin
content-type
image/png
access-control-allow-origin
*
access-control-expose-headers
Content-Length
cache-control
public, max-age=86400, no-transform
timing-allow-origin
*
expires
Tue, 12 Apr 2022 09:48:52 GMT
quinte1.gif
www.raffinturf.com/img/ 		14 KB
14 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.raffinturf.com/img/quinte1.gif
Requested by
Host: quintesur-vip.blogspot.com
URL: https://quintesur-vip.blogspot.com/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
194.150.236.166 , France, ASN44976 (HIWIT_AS, FR),
Reverse DNS
ns6.hiwit.net
Software
Apache /
Resource Hash
89deff0fbf69641f774f93a16bc9f99318d37646baffff5c719ac194942d459c
Security Headers
Name Value
Strict-Transport-Security max-age=15768000

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://quintesur-vip.blogspot.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

Date
Mon, 11 Apr 2022 15:26:12 GMT
Last-Modified
Mon, 19 Jul 2021 16:45:49 GMT
Server
Apache
ETag
"1dd1b6d-3854-5c77cab65c940"
Vary
Host
Content-Type
image/gif
Connection
Keep-Alive
Strict-Transport-Security
max-age=15768000
Accept-Ranges
bytes
Keep-Alive
timeout=15, max=100
Content-Length
14420
c10.jpg
1.bp.blogspot.com/-OqveCuCp-d0/YPRgSwlXkYI/AAAAAAAAAKM/ITtgkvGs9hkeWQc5_uJP1Bkwrxmc2IiLgCLcBGAsYHQ/s0/ 		14 KB
14 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://1.bp.blogspot.com/-OqveCuCp-d0/YPRgSwlXkYI/AAAAAAAAAKM/ITtgkvGs9hkeWQc5_uJP1Bkwrxmc2IiLgCLcBGAsYHQ/s0/c10.jpg
Requested by
Host: quintesur-vip.blogspot.com
URL: https://quintesur-vip.blogspot.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:830::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
fife /
Resource Hash
83abaa8eeca7b9ce27bbe392d57ebef8089570b042915102cc12812514861072
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://quintesur-vip.blogspot.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date
Mon, 11 Apr 2022 15:26:12 GMT
x-content-type-options
nosniff
age
0
content-disposition
inline;filename="c10.jpg"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
14062
x-xss-protection
0
server
fife
etag
"va4"
vary
Origin
content-type
image/jpeg
access-control-allow-origin
*
access-control-expose-headers
Content-Length
cache-control
public, max-age=86400, no-transform
timing-allow-origin
*
expires
Tue, 12 Apr 2022 09:48:54 GMT
reserves.gif
1.bp.blogspot.com/-OqIJuJLbebA/XZMcZzEK4nI/AAAAAAAAAD0/2FNU6DP1z7cfk4YY9SpTx2oL_JIW7QZlgCLcBGAsYHQ/s1600/ 		2 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://1.bp.blogspot.com/-OqIJuJLbebA/XZMcZzEK4nI/AAAAAAAAAD0/2FNU6DP1z7cfk4YY9SpTx2oL_JIW7QZlgCLcBGAsYHQ/s1600/reserves.gif
Requested by
Host: quintesur-vip.blogspot.com
URL: https://quintesur-vip.blogspot.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:830::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
fife /
Resource Hash
41166b69f19149d5dc45c9e09a6a73610162058567881917ebee44a8f5919e63
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://quintesur-vip.blogspot.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date
Mon, 11 Apr 2022 15:26:12 GMT
x-content-type-options
nosniff
age
0
content-disposition
inline;filename="reserves.gif"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
2063
x-xss-protection
0
server
fife
etag
"v3e"
vary
Origin
content-type
image/gif
access-control-allow-origin
*
access-control-expose-headers
Content-Length
cache-control
public, max-age=86400, no-transform
timing-allow-origin
*
expires
Tue, 12 Apr 2022 09:48:54 GMT
flashturf.gif
1.bp.blogspot.com/-HOhjqNq75jI/XZR81GcpWBI/AAAAAAAAAEs/GVHsHMg3twAcl-STf8prSys_p5VEACcrwCLcBGAsYHQ/s1600/ 		6 KB
6 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://1.bp.blogspot.com/-HOhjqNq75jI/XZR81GcpWBI/AAAAAAAAAEs/GVHsHMg3twAcl-STf8prSys_p5VEACcrwCLcBGAsYHQ/s1600/flashturf.gif
Requested by
Host: quintesur-vip.blogspot.com
URL: https://quintesur-vip.blogspot.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:830::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
fife /
Resource Hash
99fdef41162dadcc15d20f456082d2533cf0adf36445ce8f6440bbc684ed880f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://quintesur-vip.blogspot.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date
Mon, 11 Apr 2022 15:26:12 GMT
x-content-type-options
nosniff
age
0
content-disposition
inline;filename="flashturf.gif"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
6006
x-xss-protection
0
server
fife
etag
"v4c"
vary
Origin
content-type
image/gif
access-control-allow-origin
*
access-control-expose-headers
Content-Length
cache-control
public, max-age=86400, no-transform
timing-allow-origin
*
expires
Mon, 04 Apr 2022 05:06:48 GMT
gratuit.gif
1.bp.blogspot.com/-_Am2NYzsWyc/XaXXCdf-r0I/AAAAAAAAAHU/6uJl4ZHaWq8yzKPee6HeJS_ot6SKc8GKgCLcBGAsYHQ/s1600/ 		2 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://1.bp.blogspot.com/-_Am2NYzsWyc/XaXXCdf-r0I/AAAAAAAAAHU/6uJl4ZHaWq8yzKPee6HeJS_ot6SKc8GKgCLcBGAsYHQ/s1600/gratuit.gif
Requested by
Host: quintesur-vip.blogspot.com
URL: https://quintesur-vip.blogspot.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:830::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
fife /
Resource Hash
233aea3a55d08317a07c508b68edd4c5dde8d71082cd8183064de883b14b972e
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://quintesur-vip.blogspot.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date
Mon, 11 Apr 2022 15:26:12 GMT
x-content-type-options
nosniff
age
0
content-disposition
inline;filename="gratuit.gif"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
2070
x-xss-protection
0
server
fife
etag
"v76"
vary
Origin
content-type
image/gif
access-control-allow-origin
*
access-control-expose-headers
Content-Length
cache-control
public, max-age=86400, no-transform
timing-allow-origin
*
expires
Mon, 11 Apr 2022 01:49:59 GMT
ABLy4EzoC8Hvze0CBO-0vCGfHfFGBXWbko4LywwC3XRp6vaMyv2xPCIUE3_7s0bF3J6cHc-fywdSDblr2n0um1ejHlyquqkCg-NrOhzJwH1p4Q=w72-h72-p-k-no-nu
lh3.googleusercontent.com/blogger_img_proxy/ 		720 B
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://lh3.googleusercontent.com/blogger_img_proxy/ABLy4EzoC8Hvze0CBO-0vCGfHfFGBXWbko4LywwC3XRp6vaMyv2xPCIUE3_7s0bF3J6cHc-fywdSDblr2n0um1ejHlyquqkCg-NrOhzJwH1p4Q=w72-h72-p-k-no-nu
Requested by
Host: quintesur-vip.blogspot.com
URL: https://quintesur-vip.blogspot.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:810::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
fife /
Resource Hash
ec4f944dcc91bb8879e4b1211978098c6dba2b5d95e4b9462f3aeb790c5b4a4e
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://quintesur-vip.blogspot.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date
Mon, 11 Apr 2022 15:26:12 GMT
x-content-type-options
nosniff
server
fife
vary
Origin
content-type
image/gif
access-control-allow-origin
*
access-control-expose-headers
Content-Length
cache-control
public, max-age=86400, no-transform
content-disposition
inline;filename="unnamed.gif"
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
720
x-xss-protection
0
expires
Tue, 12 Apr 2022 15:26:12 GMT
bonsitespmu.gif
www.raffinturf.com/img/
Redirect Chain
  • https://img.root-top.com/topsite/bonsitespmu/banner.gif
  • https://www.raffinturf.com/img/bonsitespmu.gif
15 KB
15 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.raffinturf.com/img/bonsitespmu.gif
Requested by
Host: quintesur-vip.blogspot.com
URL: https://quintesur-vip.blogspot.com/
Protocol
HTTP/1.1
Server
194.150.236.166 , France, ASN44976 (HIWIT_AS, FR),
Reverse DNS
ns6.hiwit.net
Software
Apache /
Resource Hash
69c456a36c7eafcc564322518e5c0663ebde5ce8b401b2f4e4fce1d9dad77187
Security Headers
Name Value
Strict-Transport-Security max-age=15768000

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://quintesur-vip.blogspot.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

Date
Mon, 11 Apr 2022 15:26:12 GMT
Last-Modified
Mon, 26 Jul 2021 21:32:27 GMT
Server
Apache
ETag
"1c7041d-3c9a-5c80d7d5e10c0"
Vary
Host
Content-Type
image/gif
Connection
Keep-Alive
Strict-Transport-Security
max-age=15768000
Accept-Ranges
bytes
Keep-Alive
timeout=15, max=100
Content-Length
15514

Redirect headers

date
Mon, 11 Apr 2022 15:26:12 GMT
cf-cache-status
BYPASS
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=ko%2BEvHf9pnesfWXqpHLheo1I0QqZoXGby4%2BbxnxhZOHxHMa8WdZG7G7nTFYlOSNmxwGBiyqk3alzRCSjUEZStLPoNU9cgly0OKsmAOTb0MGaDU4KS3CFwIGwfbtCqIYLpt%2Bwf5%2FTqswQm1%2BOlOWy"}],"group":"cf-nel","max_age":604800}
content-type
text/html; charset=iso-8859-1
location
https://www.raffinturf.com/img/bonsitespmu.gif
cf-ray
6fa4bd3ddb6b90e8-FRA
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
topsite_banner.gif
img.root-top.com/topsite/meetingcourses/
Redirect Chain
  • https://img.root-top.com/topsite/meetingcourses/banner.gif
  • https://img.root-top.com/topsite/meetingcourses/topsite_banner.gif
3 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://img.root-top.com/topsite/meetingcourses/topsite_banner.gif
Requested by
Host: quintesur-vip.blogspot.com
URL: https://quintesur-vip.blogspot.com/
Protocol
H3
Server
2a06:98c1:3120::7 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
33e1062bd4d512f492de85bc7f6a6922c8c61b93b87576a9fb855ef6d695a494

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://quintesur-vip.blogspot.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date
Mon, 11 Apr 2022 15:26:12 GMT
content-encoding
br
cf-cache-status
HIT
last-modified
Mon, 28 Mar 2022 07:49:36 GMT
server
cloudflare
age
1236996
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=s03N9RW2xJRotGxj9tShLUSDZLGfAUuNYcPnz8IKoCYQg4PJcd6OSbeSNz1BQs%2F%2BggbQMcjSNzJj6Tav5St0XWEW9ssdPDiSR2ZvbOk8OPOZQZ9C7bYcWuwZUpEc%2F6%2BGpDVg25z2azx%2BpQ0dzxnx"}],"group":"cf-nel","max_age":604800}
content-type
text/html; charset=iso-8859-1
cache-control
max-age=2678400
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray
6fa4bd3f1e119122-FRA
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
expires
Thu, 28 Apr 2022 07:49:36 GMT

Redirect headers

date
Mon, 11 Apr 2022 15:26:12 GMT
cf-cache-status
BYPASS
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=7N8w5r58d9277KNGvlsxQQCBp3xAiVFdzEdEFoofLo0Rn0h65Meihimy2cYGnru9eyhlMAVb75NNuuOxdZnSZlPJku2ghewJ8Bw%2FjqF6MBjP4fZJk%2FQYnEAAfafFvzkO0yMsb%2B9SKxQM59t7QYiF"}],"group":"cf-nel","max_age":604800}
content-type
text/html; charset=iso-8859-1
location
http://img.root-top.com/topsite/meetingcourses/topsite_banner.gif
cf-ray
6fa4bd3ddb7690e8-FRA
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
banner.gif
img.root-top.com/topsite/forceturf1/ 		12 KB
12 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://img.root-top.com/topsite/forceturf1/banner.gif
Requested by
Host: quintesur-vip.blogspot.com
URL: https://quintesur-vip.blogspot.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a06:98c1:3120::7 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
085f31183d0d55bc158628cba119fef4cd92fab55d24e5f3da19a9cde7a71664

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://quintesur-vip.blogspot.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date
Mon, 11 Apr 2022 15:26:12 GMT
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
111370
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
12020
last-modified
Sun, 10 Apr 2022 08:30:02 GMT
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=anAIMSs9oFrieTdljgaCfXoiKSU9j6N%2F71U%2FaJShUtrMbBV%2FC%2F4r8EX%2BZbsGUA3%2B6ikbz0YnbsBJKgX%2Bjnifyia3KJnuF%2FMOPuttRAPAAcleYVb0VMA2N%2Fcpg6hpoPpqd368F8r9AShuohUePPLV"}],"group":"cf-nel","max_age":604800}
content-type
image/gif
cache-control
max-age=14400, must-revalidate
accept-ranges
bytes
cf-ray
6fa4bd3ddb7590e8-FRA
expires
Wed, 13 Apr 2022 08:30:02 GMT
banner.gif
img.root-top.com/topsite/starquinte/ 		12 KB
12 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://img.root-top.com/topsite/starquinte/banner.gif
Requested by
Host: quintesur-vip.blogspot.com
URL: https://quintesur-vip.blogspot.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a06:98c1:3120::7 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
ae21217e172e5a1117a7ac148662a5a330edfdc34f86e8a6d85f5bf7e049c41b

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://quintesur-vip.blogspot.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date
Mon, 11 Apr 2022 15:26:12 GMT
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
254166
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
11844
last-modified
Fri, 08 Apr 2022 16:50:06 GMT
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=ioJrIIQ04uX2sYRNS3p1SLEBO%2FlR1b0Z7gK9jDrRDgux5jOzYSX6hUn8jXKCbsYQJKt67waL6T%2FFFW%2FmwBG28XsCMvUeBbaZgODe77tKScFmJP56GV0fTNm779vq8lFd6Qzi9JCYpdSMO4%2Fey4Kk"}],"group":"cf-nel","max_age":604800}
content-type
image/gif
cache-control
max-age=14400, must-revalidate
accept-ranges
bytes
cf-ray
6fa4bd3efde39122-FRA
expires
Mon, 11 Apr 2022 16:50:06 GMT
/
ns.allo-heberge.com/
Redirect Chain
  • https://img.root-top.com/topsite/eurocourses011/banner.gif
  • https://www.top-pmu.com/img4/eurodescourses.gif
  • https://ns.allo-heberge.com/
0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ns.allo-heberge.com/
Requested by
Host: quintesur-vip.blogspot.com
URL: https://quintesur-vip.blogspot.com/
Protocol
HTTP/1.1
Server
194.150.236.5 , France, ASN44976 (HIWIT_AS, FR),
Reverse DNS
ns.allo-heberge.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://quintesur-vip.blogspot.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

Redirect headers

Date
Mon, 11 Apr 2022 15:26:12 GMT
Server
Apache
Strict-Transport-Security
max-age=15768000
Content-Type
text/html; charset=iso-8859-1
Location
http://ns.allo-heberge.com/
Connection
Keep-Alive
Keep-Alive
timeout=10, max=100
Content-Length
211
quintesur.gif
www.raffinturf.com/img/ 		5 KB
6 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.raffinturf.com/img/quintesur.gif
Requested by
Host: quintesur-vip.blogspot.com
URL: https://quintesur-vip.blogspot.com/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
194.150.236.166 , France, ASN44976 (HIWIT_AS, FR),
Reverse DNS
ns6.hiwit.net
Software
Apache /
Resource Hash
06c2c785df6f9287d46de42b62edb098163ddbc18e81310e314a4a99b47dcaca
Security Headers
Name Value
Strict-Transport-Security max-age=15768000

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://quintesur-vip.blogspot.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

Date
Mon, 11 Apr 2022 15:26:12 GMT
Last-Modified
Mon, 19 Jul 2021 16:53:19 GMT
Server
Apache
ETag
"1dcb77a-1562-5c77cc6383dc0"
Vary
Host
Content-Type
image/gif
Connection
Keep-Alive
Strict-Transport-Security
max-age=15768000
Accept-Ranges
bytes
Keep-Alive
timeout=15, max=100
Content-Length
5474
quinte_runners
www.pronostic-facile.fr/widget/quinte/script/ 		250 B
913 B 		Script
General
Check archive.org
Download Go to
Full URL
https://www.pronostic-facile.fr/widget/quinte/script/quinte_runners
Requested by
Host: quintesur-vip.blogspot.com
URL: https://quintesur-vip.blogspot.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3034::ac43:c8d8 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
261325b5391639044cde28aaaa6e740fddd770e2e7052e608b89b9af7545c7eb

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://quintesur-vip.blogspot.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

x-runtime
1
date
Mon, 11 Apr 2022 15:26:12 GMT
content-encoding
br
cf-cache-status
DYNAMIC
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=CEg6HyocWEK3khS41e%2BTpOyu008N7evoeIVbE1fakM3fWZKqwq8x%2BsTOkvvAqS%2ByRPN7W78Yi2L1DHGZ17B%2BskWUpmIXrVPGlFnPV%2B%2BpgTjMG6g5AD8GmJDLCOBw859PKB%2FcSIm07GC5lyFLYURAzRA0uJUpag%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
text/html; charset=utf-8
cache-control
private, max-age=0, must-revalidate
cf-ray
6fa4bd3dd85f9128-FRA
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
BO.gif
1.bp.blogspot.com/-ZLPSGOgoXVg/X417mfZErQI/AAAAAAAAANk/XirRaUk0Ao4SYhGeO0oQ4ECXTgsCeoH4QCK4BGAYYCw/s1600/ 		564 KB
565 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://1.bp.blogspot.com/-ZLPSGOgoXVg/X417mfZErQI/AAAAAAAAANk/XirRaUk0Ao4SYhGeO0oQ4ECXTgsCeoH4QCK4BGAYYCw/s1600/BO.gif
Requested by
Host: quintesur-vip.blogspot.com
URL: https://quintesur-vip.blogspot.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:830::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
fife /
Resource Hash
bcf55c1566becd0358f107fc855d8669ed2092a5670719c8239eb8fbbbe7601e
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://quintesur-vip.blogspot.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date
Mon, 11 Apr 2022 14:37:33 GMT
x-content-type-options
nosniff
age
2919
content-disposition
inline;filename="BO.gif"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
577974
x-xss-protection
0
server
fife
etag
"vda"
vary
Origin
content-type
image/gif
access-control-allow-origin
*
access-control-expose-headers
Content-Length
cache-control
public, max-age=86400, no-transform
timing-allow-origin
*
expires
Sat, 09 Apr 2022 01:17:20 GMT
cookienotice.js
quintesur-vip.blogspot.com/js/ 		6 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://quintesur-vip.blogspot.com/js/cookienotice.js
Requested by
Host: quintesur-vip.blogspot.com
URL: https://quintesur-vip.blogspot.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:827::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
068ffe90977f2b5b2dc2ef18572166e85281bd0ecb31c4902464b23db54d2568
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://quintesur-vip.blogspot.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date
Sun, 10 Apr 2022 01:08:52 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
137840
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
2026
x-xss-protection
0
last-modified
Sat, 09 Apr 2022 23:00:05 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"blogger-tech","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/blogger-tech"}]}
content-type
text/javascript
cache-control
public, max-age=604800
accept-ranges
bytes
cross-origin-opener-policy-report-only
same-origin; report-to="blogger-tech"
expires
Sun, 17 Apr 2022 01:08:52 GMT
2414773843-widgets.js
www.blogger.com/static/v1/widgets/ 		156 KB
156 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.blogger.com/static/v1/widgets/2414773843-widgets.js
Requested by
Host: quintesur-vip.blogspot.com
URL: https://quintesur-vip.blogspot.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82a::2009 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
5154b1cbd8ac50eb1e0094d466d7b97bfdd9b60d8fc741d2a7e557952445b1cd
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://quintesur-vip.blogspot.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date
Thu, 07 Apr 2022 01:58:19 GMT
x-content-type-options
nosniff
age
394073
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
159996
x-xss-protection
0
last-modified
Thu, 07 Apr 2022 01:02:18 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"blogger-tech","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/blogger-tech"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
cross-origin-opener-policy-report-only
same-origin; report-to="blogger-tech"
expires
Fri, 07 Apr 2023 01:58:19 GMT
cb=gapi.loaded_0
apis.google.com/_/scs/abc-static/_/js/k=gapi.lb.de.I13-EL4NYtQ.O/m=plusone/rt=j/sv=1/d=1/ed=1/rs=AHpOoo8kfO5_tzH3I_uDPUBAcVFwZfiR6w/ 		149 KB
52 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://apis.google.com/_/scs/abc-static/_/js/k=gapi.lb.de.I13-EL4NYtQ.O/m=plusone/rt=j/sv=1/d=1/ed=1/rs=AHpOoo8kfO5_tzH3I_uDPUBAcVFwZfiR6w/cb=gapi.loaded_0?le=scs
Requested by
Host: apis.google.com
URL: https://apis.google.com/js/plusone.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:810::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
4a28a8b74846e74e9f79c608e4bbdc4adaab1f0d1173587bb94bc766702b5471
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://quintesur-vip.blogspot.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date
Fri, 08 Apr 2022 09:18:22 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
281270
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/social-frontend-mpm-access
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
52401
x-xss-protection
0
last-modified
Wed, 02 Feb 2022 22:59:44 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="social-frontend-mpm-access"
vary
Accept-Encoding
report-to
{"group":"social-frontend-mpm-access","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/social-frontend-mpm-access"}]}
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Sat, 08 Apr 2023 09:18:22 GMT
cb=gapi.loaded_1
apis.google.com/_/scs/abc-static/_/js/k=gapi.lb.de.I13-EL4NYtQ.O/m=gapi_iframes,gapi_iframes_style_bubble/exm=plusone/rt=j/sv=1/d=1/ed=1/rs=AHpOoo8kfO5_tzH3I_uDPUBAcVFwZfiR6w/ 		52 KB
16 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://apis.google.com/_/scs/abc-static/_/js/k=gapi.lb.de.I13-EL4NYtQ.O/m=gapi_iframes,gapi_iframes_style_bubble/exm=plusone/rt=j/sv=1/d=1/ed=1/rs=AHpOoo8kfO5_tzH3I_uDPUBAcVFwZfiR6w/cb=gapi.loaded_1?le=scs
Requested by
Host: apis.google.com
URL: https://apis.google.com/js/plusone.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:810::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
a7c941198c86f5ba39f627f857fe17c39c546d3c25863466e4c0968611b538ff
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://quintesur-vip.blogspot.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date
Mon, 04 Apr 2022 20:09:15 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
587817
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/social-frontend-mpm-access
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
16753
x-xss-protection
0
last-modified
Wed, 02 Feb 2022 22:59:44 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="social-frontend-mpm-access"
vary
Accept-Encoding
report-to
{"group":"social-frontend-mpm-access","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/social-frontend-mpm-access"}]}
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Tue, 04 Apr 2023 20:09:15 GMT
google_top_exp.js
pagead2.googlesyndication.com/pagead/js/ 		47 B
574 B 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/js/google_top_exp.js
Requested by
Host: quintesur-vip.blogspot.com
URL: https://quintesur-vip.blogspot.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ccecd185ac16ba0a538840f37701053fbb861f7fbbdd86039c7415fcd924d1f2
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://quintesur-vip.blogspot.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date
Mon, 11 Apr 2022 07:38:04 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
28088
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
67
x-xss-protection
0
server
cafe
etag
13036835877489095579
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Mon, 25 Apr 2022 07:38:04 GMT
image
themes.googleusercontent.com/ 		310 KB
310 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://themes.googleusercontent.com/image?id=1zmhVMLNmemz97QTUCqWSwvRdUv_5L2brDjnvgEBPYuPTAeG-furrwz_oSwpMQg6jRGj1&options=w1600
Requested by
Host: quintesur-vip.blogspot.com
URL: https://quintesur-vip.blogspot.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:810::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
fife /
Resource Hash
a177ada8a91311c3b04de32bd5d9e008dd250f74187201f57a9c0ef43b4330c7
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://quintesur-vip.blogspot.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date
Mon, 11 Apr 2022 15:26:12 GMT
x-content-type-options
nosniff
server
fife
etag
"v1"
vary
Origin
content-type
image/jpeg
access-control-allow-origin
*
access-control-expose-headers
Content-Length
cache-control
private, max-age=86400, no-transform
content-disposition
inline;filename="unnamed.jpg"
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
317159
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
gradients_light.png
resources.blogblog.com/blogblog/data/1kt/simple/ 		403 B
542 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://resources.blogblog.com/blogblog/data/1kt/simple/gradients_light.png
Requested by
Host: quintesur-vip.blogspot.com
URL: https://quintesur-vip.blogspot.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82a::2009 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
ecb30886406e3f776ff7bc3834de849944471e626ff148bed2fa389d02866044
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://quintesur-vip.blogspot.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date
Mon, 04 Apr 2022 19:26:59 GMT
x-content-type-options
nosniff
last-modified
Mon, 04 Apr 2022 09:49:55 GMT
server
sffe
age
590353
report-to
{"group":"blogger-tech","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/blogger-tech"}]}
content-type
image/png
cache-control
public, max-age=604800
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
403
x-xss-protection
0
cross-origin-opener-policy-report-only
same-origin; report-to="blogger-tech"
expires
Mon, 11 Apr 2022 19:26:59 GMT
authorization.css
www.blogger.com/dyn-css/ 		1 B
43 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://www.blogger.com/dyn-css/authorization.css?targetBlogID=7476080352978082910&zx=1dfdea96-438c-4505-b9e3-aa7d644ca2d8
Requested by
Host: quintesur-vip.blogspot.com
URL: https://quintesur-vip.blogspot.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82a::2009 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
GSE /
Resource Hash
01ba4719c80b6fe911b091a7c05124b64eeece964e09c058ef8f9805daca546b
Security Headers
Name Value
Content-Security-Policy script-src 'self' *.google.com *.google-analytics.com 'unsafe-inline' 'unsafe-eval' *.gstatic.com *.googlesyndication.com *.blogger.com *.googleapis.com uds.googleusercontent.com https://s.ytimg.com https://i18n-cloud.appspot.com https://www.youtube.com www-onepick-opensocial.googleusercontent.com www-bloggervideo-opensocial.googleusercontent.com www-blogger-opensocial.googleusercontent.com https://www.blogblog.com; report-uri /cspreport
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://quintesur-vip.blogspot.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

pragma
no-cache
content-security-policy
script-src 'self' *.google.com *.google-analytics.com 'unsafe-inline' 'unsafe-eval' *.gstatic.com *.googlesyndication.com *.blogger.com *.googleapis.com uds.googleusercontent.com https://s.ytimg.com https://i18n-cloud.appspot.com https://www.youtube.com www-onepick-opensocial.googleusercontent.com www-bloggervideo-opensocial.googleusercontent.com www-blogger-opensocial.googleusercontent.com https://www.blogblog.com; report-uri /cspreport
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Mon, 11 Apr 2022 15:26:12 GMT
server
GSE
date
Mon, 11 Apr 2022 15:26:12 GMT
x-frame-options
SAMEORIGIN
p3p
CP="This is not a P3P policy! See https://www.google.com/support/accounts/bin/answer.py?hl=en&answer=151657 for more info."
cache-control
no-cache, no-store, max-age=0, must-revalidate
content-type
text/css; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
21
x-xss-protection
1; mode=block
expires
Mon, 01 Jan 1990 00:00:00 GMT
all
www.pronostic-facile.fr/widget/quinte/quinte_runners/ Frame 4474 		9 KB
4 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://www.pronostic-facile.fr/widget/quinte/quinte_runners/all
Requested by
Host: www.pronostic-facile.fr
URL: https://www.pronostic-facile.fr/widget/quinte/script/quinte_runners
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3034::ac43:c8d8 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
dd030e42d99250893d7157ec168dc04580bdbed188f7aaa06ff5f1d2a848c265

Request headers

Referer
https://quintesur-vip.blogspot.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
cache-control
private, max-age=0, must-revalidate
cf-cache-status
DYNAMIC
cf-ray
6fa4bd3ee92d90fa-FRA
content-encoding
br
content-type
text/html; charset=utf-8
date
Mon, 11 Apr 2022 15:26:12 GMT
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=QGtoKSJPeM%2FIQ3M2rmP3NRI6%2F03ltyLnI5DgvozyAgudDcYHyTEHy71yg3abyYiUv495gaQ7r23%2FZWMqNeq81VvS382P3E7ulnz%2BK%2BouXD7cuL7CKH9FTzNtAm38dox0AfPx5F3BrjLy7VjN0%2BoWkLers0B%2FDQ%3D%3D"}],"group":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
x-runtime
1
bw-cl-126el.css
s.bookcdn.com//css/cl/ 		2 KB
1 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://s.bookcdn.com//css/cl/bw-cl-126el.css?v=0.0.1
Requested by
Host: quintesur-vip.blogspot.com
URL: https://quintesur-vip.blogspot.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:ee2 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
d26329e6e96dc9b6bf45396823e02bbae52f448e3b629dd42b50756febc05c38

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://quintesur-vip.blogspot.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date
Mon, 11 Apr 2022 15:26:12 GMT
content-encoding
br
cf-cache-status
DYNAMIC
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-request-id
8467670aafbc409c4e218671ba2139e9
last-modified
Mon, 11 Apr 2022 14:12:48 GMT
server
cloudflare
etag
W/"62543760-685"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=fEy%2F3q4YvzixHVljHyZOC1l8eoKuJCE%2FIG9n5fNLNgCxn66bIlYWvY7u2P%2BMLXRHGLQPIvnSBO4Vc69vNv0lG7tFvsPIQro1keXti6KfO2q3D7Kf2XVZ8RQIsnzgnXVcxWobz%2BwdGx6jdAM%3D"}],"group":"cf-nel","max_age":604800}
content-type
text/css
access-control-allow-origin
*
cache-control
max-age=31536000
cf-ray
6fa4bd3ed87d908e-FRA
expires
Tue, 11 Apr 2023 15:26:12 GMT
info
widgets.booked.net/time/ 		6 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://widgets.booked.net/time/info?ver=2;domid=581;type=7;id=503086380;scode=2;city_id=18145;wlangid=3;mode=1;details=0;background=ffffff;border_color=ffffff;color=08488d;add_background=ffffff;add_color=00faff;head_color=333333;border=0;transparent=0&ref=https://quintesur-vip.blogspot.com/
Requested by
Host: quintesur-vip.blogspot.com
URL: https://quintesur-vip.blogspot.com/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
213.174.150.39 Ashburn, United States, ASN39572 (ADVANCEDHOSTERS-AS, NL),
Reverse DNS
Software
nginx /
Resource Hash
ab276fd66602133fabba091c91ef9a6cc711d44ed412bf48e0c53d113753b686

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://quintesur-vip.blogspot.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date
Mon, 11 Apr 2022 15:26:12 GMT
content-encoding
gzip
expires
Thu, 01 Jan 1970 00:00:01 GMT
server
nginx
cache-control
no-cache
x-request-id
d15b574d285c528a041a1f7da916d5f9
content-type
text/html;charset=UTF-8
navbar.g
www.blogger.com/ Frame C642 		7 KB
3 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://www.blogger.com/navbar.g?targetBlogID=7476080352978082910&blogName=QUINTESURVIP&publishMode=PUBLISH_MODE_BLOGSPOT&navbarType=LIGHT&layoutType=LAYOUTS&searchRoot=https://quintesur-vip.blogspot.com/search&blogLocale=fr&v=2&homepageUrl=https://quintesur-vip.blogspot.com/&vt=3856488933075553741&usegapi=1&jsh=m%3B%2F_%2Fscs%2Fabc-static%2F_%2Fjs%2Fk%3Dgapi.lb.de.I13-EL4NYtQ.O%2Fd%3D1%2Frs%3DAHpOoo8kfO5_tzH3I_uDPUBAcVFwZfiR6w%2Fm%3D__features__
Requested by
Host: apis.google.com
URL: https://apis.google.com/_/scs/abc-static/_/js/k=gapi.lb.de.I13-EL4NYtQ.O/m=plusone/rt=j/sv=1/d=1/ed=1/rs=AHpOoo8kfO5_tzH3I_uDPUBAcVFwZfiR6w/cb=gapi.loaded_0?le=scs
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82a::2009 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
GSE /
Resource Hash
cd0cda5646921c6c781d22f74efa730d6dfa1fd27140ae4f6eb7022b05493a6e
Security Headers
Name Value
Content-Security-Policy script-src 'self' *.google.com *.google-analytics.com 'unsafe-inline' 'unsafe-eval' *.gstatic.com *.googlesyndication.com *.blogger.com *.googleapis.com uds.googleusercontent.com https://s.ytimg.com https://i18n-cloud.appspot.com https://www.youtube.com www-onepick-opensocial.googleusercontent.com www-bloggervideo-opensocial.googleusercontent.com www-blogger-opensocial.googleusercontent.com https://www.blogblog.com; report-uri /cspreport
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://quintesur-vip.blogspot.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
no-cache, no-store, max-age=0, must-revalidate
content-encoding
gzip
content-length
2608
content-security-policy
script-src 'self' *.google.com *.google-analytics.com 'unsafe-inline' 'unsafe-eval' *.gstatic.com *.googlesyndication.com *.blogger.com *.googleapis.com uds.googleusercontent.com https://s.ytimg.com https://i18n-cloud.appspot.com https://www.youtube.com www-onepick-opensocial.googleusercontent.com www-bloggervideo-opensocial.googleusercontent.com www-blogger-opensocial.googleusercontent.com https://www.blogblog.com; report-uri /cspreport
content-type
text/html; charset=UTF-8
date
Mon, 11 Apr 2022 15:26:12 GMT
expires
Mon, 01 Jan 1990 00:00:00 GMT
p3p
CP="This is not a P3P policy! See https://www.google.com/support/accounts/bin/answer.py?hl=en&answer=151657 for more info."
pragma
no-cache
server
GSE
x-content-type-options
nosniff
x-xss-protection
1; mode=block
cb=gapi.loaded_2
apis.google.com/_/scs/abc-static/_/js/k=gapi.lb.de.I13-EL4NYtQ.O/m=profile/exm=gapi_iframes,gapi_iframes_style_bubble,plusone/rt=j/sv=1/d=1/ed=1/rs=AHpOoo8kfO5_tzH3I_uDPUBAcVFwZfiR6w/ 		25 KB
9 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://apis.google.com/_/scs/abc-static/_/js/k=gapi.lb.de.I13-EL4NYtQ.O/m=profile/exm=gapi_iframes,gapi_iframes_style_bubble,plusone/rt=j/sv=1/d=1/ed=1/rs=AHpOoo8kfO5_tzH3I_uDPUBAcVFwZfiR6w/cb=gapi.loaded_2?le=scs
Requested by
Host: apis.google.com
URL: https://apis.google.com/js/plusone.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:810::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
4e3c79b309ff982326ce4ff9d51f3bdd7faf03b7ffba17d75ecbc695cdc88892
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://quintesur-vip.blogspot.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date
Mon, 04 Apr 2022 20:15:24 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
587448
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/social-frontend-mpm-access
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
8746
x-xss-protection
0
last-modified
Wed, 02 Feb 2022 22:59:44 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="social-frontend-mpm-access"
vary
Accept-Encoding
report-to
{"group":"social-frontend-mpm-access","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/social-frontend-mpm-access"}]}
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Tue, 04 Apr 2023 20:15:24 GMT
logo-16.png
www.blogger.com/img/ 		279 B
302 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.blogger.com/img/logo-16.png
Requested by
Host: quintesur-vip.blogspot.com
URL: https://quintesur-vip.blogspot.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82a::2009 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
cca664ca16fde285160e80eae6ba4501c27b1dd1ce09aec1e84caa74b5baff53
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://quintesur-vip.blogspot.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date
Mon, 04 Apr 2022 17:37:29 GMT
x-content-type-options
nosniff
last-modified
Mon, 04 Apr 2022 08:51:10 GMT
server
sffe
age
596923
report-to
{"group":"blogger-tech","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/blogger-tech"}]}
content-type
image/png
cache-control
public, max-age=604800
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
279
x-xss-protection
0
cross-origin-opener-policy-report-only
same-origin; report-to="blogger-tech"
expires
Mon, 11 Apr 2022 17:37:29 GMT
js
www.googletagmanager.com/gtag/ Frame 4474 		96 KB
38 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtag/js?id=UA-630351-12
Requested by
Host: www.pronostic-facile.fr
URL: https://www.pronostic-facile.fr/widget/quinte/quinte_runners/all
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:801::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
c526570cefdc78759c17c19b00ac9b757f9c96fab0efdc8d7b0805600b89e141
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.pronostic-facile.fr/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date
Mon, 11 Apr 2022 15:26:12 GMT
content-encoding
br
vary
Accept-Encoding
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
38086
x-xss-protection
0
last-modified
Mon, 11 Apr 2022 15:00:00 GMT
server
Google Tag Manager
strict-transport-security
max-age=31536000; includeSubDomains
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
access-control-allow-headers
Cache-Control
expires
Mon, 11 Apr 2022 15:26:12 GMT
lazy.min.js
www.gstatic.com/feedback/js/help/prod/service/ 		87 KB
32 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.gstatic.com/feedback/js/help/prod/service/lazy.min.js
Requested by
Host: apis.google.com
URL: https://apis.google.com/_/scs/abc-static/_/js/k=gapi.lb.de.I13-EL4NYtQ.O/m=profile/exm=gapi_iframes,gapi_iframes_style_bubble,plusone/rt=j/sv=1/d=1/ed=1/rs=AHpOoo8kfO5_tzH3I_uDPUBAcVFwZfiR6w/cb=gapi.loaded_2?le=scs
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:829::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
2cbec901e274e67d0f2e931a008f7f4a3c1c8ba9e3bada73785b7f2b9c829c09
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://quintesur-vip.blogspot.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date
Mon, 11 Apr 2022 15:25:49 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
23
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/product-feedback-gathering
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
31915
x-xss-protection
0
last-modified
Thu, 07 Apr 2022 15:19:37 GMT
server
sffe
cross-origin-opener-policy
same-origin-allow-popups; report-to="product-feedback-gathering"
vary
Accept-Encoding, Origin
report-to
{"group":"product-feedback-gathering","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/product-feedback-gathering"}]}
content-type
text/javascript
cache-control
public, max-age=3000
accept-ranges
bytes
expires
Mon, 11 Apr 2022 16:15:49 GMT
digital-clock-bg.png
s.bookcdn.com/images/clock/ 		1 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s.bookcdn.com/images/clock/digital-clock-bg.png
Requested by
Host: s.bookcdn.com
URL: https://s.bookcdn.com//css/cl/bw-cl-126el.css?v=0.0.1
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:20::681a:ee2 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
85af87089494fbd949c339354d9d1d4b94a6ff863af8eab6f116a3f27b1b1a01

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://s.bookcdn.com//css/cl/bw-cl-126el.css?v=0.0.1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date
Mon, 11 Apr 2022 15:26:12 GMT
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
409635
cf-polished
origFmt=png, origSize=1839
content-disposition
inline; filename="digital-clock-bg.webp"
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
1376
x-request-id
a52f29469a5f19f2aebab56687d95df2
last-modified
Wed, 06 Apr 2022 11:33:27 GMT
server
cloudflare
etag
"624d7a87-72f"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=WV3YZcx2O%2FSLIKgcSSGdGy68BfnwsOqB5ZqlqqoEiNDnCduFt4P3Ys30MLwi45mO5sJcKvq6qsqY%2Ftn57dV2A2zRYu80YGLunoAfv%2FzRUIdnsSSYDLUtP%2FDsMPXmi%2B1her8tWJOhuwV4lfs%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/webp
access-control-allow-origin
*
expires
Thu, 06 Apr 2023 21:38:57 GMT
cache-control
max-age=31536000
accept-ranges
bytes
cf-ray
6fa4bd40ec4c9280-FRA
cf-bgj
imgq:100,h2pri
digital0-9t.png
s.bookcdn.com/images/clock/ 		6 KB
6 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s.bookcdn.com/images/clock/digital0-9t.png
Requested by
Host: s.bookcdn.com
URL: https://s.bookcdn.com//css/cl/bw-cl-126el.css?v=0.0.1
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:20::681a:ee2 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
89264ca54f3d2b01b3243a4ce69017da154037803b2c62258b202c97b4c23ecb

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://s.bookcdn.com//css/cl/bw-cl-126el.css?v=0.0.1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date
Mon, 11 Apr 2022 15:26:12 GMT
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
556128
cf-polished
origFmt=png, origSize=6537
content-disposition
inline; filename="digital0-9t.webp"
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
5708
x-request-id
6aaebbcac4a7e6a8e9263aafb7f874ed
last-modified
Sat, 02 Apr 2022 02:28:08 GMT
server
cloudflare
etag
"6247b4b8-1989"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Uuy9tKs8o18IyO%2FpqxgOJsmBu6Y9MzjAnd1rbzQafiUOpBepfVEh1vPfECOOE6tGC9%2FTWpTijbDNuf2KeI05Sa5t%2FStQQS3Gi6MZG4A2z5pxIjJ0v9QZwMuwD42QYvPzGpwuDRTOgP4dGfo%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/webp
access-control-allow-origin
*
expires
Wed, 05 Apr 2023 04:57:24 GMT
cache-control
max-age=31536000
accept-ranges
bytes
cf-ray
6fa4bd40ec489280-FRA
cf-bgj
imgq:100,h2pri
digital-dots.gif
s.bookcdn.com/images/clock/ 		816 B
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s.bookcdn.com/images/clock/digital-dots.gif
Requested by
Host: s.bookcdn.com
URL: https://s.bookcdn.com//css/cl/bw-cl-126el.css?v=0.0.1
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:20::681a:ee2 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
56e51ec98dfd237c689f88710ef5e493d2e5386c50ebfefbcc762da7bf3561bf

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://s.bookcdn.com//css/cl/bw-cl-126el.css?v=0.0.1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date
Mon, 11 Apr 2022 15:26:12 GMT
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
32354
cf-polished
origFmt=gif, origSize=2176
content-disposition
inline; filename="digital-dots.webp"
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
816
x-request-id
05f9c769f38c912b7e5fcf17e732a427
last-modified
Mon, 11 Apr 2022 05:34:31 GMT
server
cloudflare
etag
"6253bde7-880"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=nqef1P2X92lIxYugAN96dnEd1hqzTvWZfXw1vjYRBI2IgrRKxbDb5y%2FPSI0FLla%2B7tX3HQ7nCUj2I5VBwxG2DOk%2BIrMai32GjNJ96Upj0Q7u2zdajsRkact9EShbPVViKT7vxvBAyaoTMC8%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/webp
access-control-allow-origin
*
expires
Tue, 11 Apr 2023 06:26:58 GMT
cache-control
max-age=31536000
accept-ranges
bytes
cf-ray
6fa4bd40ec4f9280-FRA
cf-bgj
imgq:100,h2pri
analytics.js
www.google-analytics.com/ Frame 4474 		49 KB
20 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/analytics.js
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=UA-630351-12
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80e::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
a1925038db769477ab74b4df34350c35688a795bb718727b0f4292a4a78a6210
Security Headers
Name Value
Strict-Transport-Security max-age=10886400; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.pronostic-facile.fr/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

strict-transport-security
max-age=10886400; includeSubDomains; preload
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Tue, 02 Nov 2021 17:39:06 GMT
server
Golfe2
age
6682
date
Mon, 11 Apr 2022 13:34:50 GMT
vary
Accept-Encoding
content-type
text/javascript
cache-control
public, max-age=7200
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
20006
expires
Mon, 11 Apr 2022 15:34:50 GMT
platform:gapi.iframes.style.common.js
apis.google.com/js/ Frame C642 		53 KB
20 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://apis.google.com/js/platform:gapi.iframes.style.common.js
Requested by
Host: www.blogger.com
URL: https://www.blogger.com/navbar.g?targetBlogID=7476080352978082910&blogName=QUINTESURVIP&publishMode=PUBLISH_MODE_BLOGSPOT&navbarType=LIGHT&layoutType=LAYOUTS&searchRoot=https://quintesur-vip.blogspot.com/search&blogLocale=fr&v=2&homepageUrl=https://quintesur-vip.blogspot.com/&vt=3856488933075553741&usegapi=1&jsh=m%3B%2F_%2Fscs%2Fabc-static%2F_%2Fjs%2Fk%3Dgapi.lb.de.I13-EL4NYtQ.O%2Fd%3D1%2Frs%3DAHpOoo8kfO5_tzH3I_uDPUBAcVFwZfiR6w%2Fm%3D__features__
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:810::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
be41f5414d537cdfb80ea3c084a530c84a088eef795c78a83d59d1e5c4a35919
Security Headers
Name Value
Content-Security-Policy require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/gapi-team
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.blogger.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

content-security-policy
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/gapi-team
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
20549
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="gapi-team"
date
Mon, 11 Apr 2022 15:26:12 GMT
vary
Accept-Encoding
report-to
{"group":"gapi-team","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/gapi-team"}]}
content-type
text/javascript
access-control-allow-origin
*
cache-control
private, max-age=1800, stale-while-revalidate=1800
etag
"37d75e68b5fa2d7a"
accept-ranges
bytes
timing-allow-origin
*
expires
Mon, 11 Apr 2022 15:26:12 GMT
icons_peach.png
resources.blogblog.com/img/navbar/ Frame C642 		907 B
931 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://resources.blogblog.com/img/navbar/icons_peach.png
Requested by
Host: www.blogger.com
URL: https://www.blogger.com/navbar.g?targetBlogID=7476080352978082910&blogName=QUINTESURVIP&publishMode=PUBLISH_MODE_BLOGSPOT&navbarType=LIGHT&layoutType=LAYOUTS&searchRoot=https://quintesur-vip.blogspot.com/search&blogLocale=fr&v=2&homepageUrl=https://quintesur-vip.blogspot.com/&vt=3856488933075553741&usegapi=1&jsh=m%3B%2F_%2Fscs%2Fabc-static%2F_%2Fjs%2Fk%3Dgapi.lb.de.I13-EL4NYtQ.O%2Fd%3D1%2Frs%3DAHpOoo8kfO5_tzH3I_uDPUBAcVFwZfiR6w%2Fm%3D__features__
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82a::2009 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
72be8098b87d7e2d7fbc6eb0a3eaebcf1013186d7733cd340549f9e1701a4865
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.blogger.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date
Thu, 07 Apr 2022 19:43:10 GMT
x-content-type-options
nosniff
age
330182
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/blogger-tech
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
907
x-xss-protection
0
last-modified
Wed, 06 Apr 2022 23:52:06 GMT
server
sffe
report-to
{"group":"blogger-tech","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/blogger-tech"}]}
content-type
image/png
cache-control
public, max-age=604800
accept-ranges
bytes
cross-origin-opener-policy-report-only
same-origin; report-to="blogger-tech"
expires
Thu, 14 Apr 2022 19:43:10 GMT
arrows-light.png
resources.blogblog.com/img/navbar/ Frame C642 		117 B
140 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://resources.blogblog.com/img/navbar/arrows-light.png
Requested by
Host: www.blogger.com
URL: https://www.blogger.com/navbar.g?targetBlogID=7476080352978082910&blogName=QUINTESURVIP&publishMode=PUBLISH_MODE_BLOGSPOT&navbarType=LIGHT&layoutType=LAYOUTS&searchRoot=https://quintesur-vip.blogspot.com/search&blogLocale=fr&v=2&homepageUrl=https://quintesur-vip.blogspot.com/&vt=3856488933075553741&usegapi=1&jsh=m%3B%2F_%2Fscs%2Fabc-static%2F_%2Fjs%2Fk%3Dgapi.lb.de.I13-EL4NYtQ.O%2Fd%3D1%2Frs%3DAHpOoo8kfO5_tzH3I_uDPUBAcVFwZfiR6w%2Fm%3D__features__
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82a::2009 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
bb6685107846b4c25384202730b84ec168fecee197e5f9e3fe8ffdd5bed6749d
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.blogger.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date
Sun, 10 Apr 2022 15:36:28 GMT
x-content-type-options
nosniff
last-modified
Sat, 09 Apr 2022 23:50:18 GMT
server
sffe
age
85784
report-to
{"group":"blogger-tech","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/blogger-tech"}]}
content-type
image/png
cache-control
public, max-age=604800
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
117
x-xss-protection
0
cross-origin-opener-policy-report-only
same-origin; report-to="blogger-tech"
expires
Sun, 17 Apr 2022 15:36:28 GMT
cb=gapi.loaded_0
apis.google.com/_/scs/abc-static/_/js/k=gapi.lb.de.I13-EL4NYtQ.O/m=gapi_iframes_style_common/rt=j/sv=1/d=1/ed=1/rs=AHpOoo8kfO5_tzH3I_uDPUBAcVFwZfiR6w/ Frame C642 		128 KB
42 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://apis.google.com/_/scs/abc-static/_/js/k=gapi.lb.de.I13-EL4NYtQ.O/m=gapi_iframes_style_common/rt=j/sv=1/d=1/ed=1/rs=AHpOoo8kfO5_tzH3I_uDPUBAcVFwZfiR6w/cb=gapi.loaded_0?le=scs
Requested by
Host: apis.google.com
URL: https://apis.google.com/js/platform:gapi.iframes.style.common.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:810::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
848fbad57cfe0865b4425b4ce3870d42d583b24544739775b0afa50553aefb06
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.blogger.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date
Mon, 04 Apr 2022 21:36:50 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
582562
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/social-frontend-mpm-access
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
43036
x-xss-protection
0
last-modified
Wed, 02 Feb 2022 22:59:44 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="social-frontend-mpm-access"
vary
Accept-Encoding
report-to
{"group":"social-frontend-mpm-access","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/social-frontend-mpm-access"}]}
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Tue, 04 Apr 2023 21:36:50 GMT
3523451998-lightbox_bundle.css
www.blogger.com/static/v1/v-css/ 		35 KB
6 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://www.blogger.com/static/v1/v-css/3523451998-lightbox_bundle.css
Requested by
Host: www.blogger.com
URL: https://www.blogger.com/static/v1/widgets/2414773843-widgets.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82a::2009 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
2a1b182575a97818903caf7858784858599743b800864af64599b36fe9011881
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://quintesur-vip.blogspot.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date
Tue, 05 Apr 2022 02:45:00 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
564073
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
6523
x-xss-protection
0
last-modified
Mon, 04 Apr 2022 07:51:30 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"blogger-tech","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/blogger-tech"}]}
content-type
text/css
cache-control
public, max-age=31536000
accept-ranges
bytes
cross-origin-opener-policy-report-only
same-origin; report-to="blogger-tech"
expires
Wed, 05 Apr 2023 02:45:00 GMT
4128222353-lbx__fr.js
www.blogger.com/static/v1/jsbin/ 		372 KB
372 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.blogger.com/static/v1/jsbin/4128222353-lbx__fr.js
Requested by
Host: www.blogger.com
URL: https://www.blogger.com/static/v1/widgets/2414773843-widgets.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82a::2009 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
7d785a3825e3ebbfc6589f9aa9bff961710004caca71fee62e1b80244c5b5370
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://quintesur-vip.blogspot.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date
Fri, 08 Apr 2022 02:01:18 GMT
x-content-type-options
nosniff
age
307495
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
380555
x-xss-protection
0
last-modified
Thu, 07 Apr 2022 11:53:27 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"blogger-tech","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/blogger-tech"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
cross-origin-opener-policy-report-only
same-origin; report-to="blogger-tech"
expires
Sat, 08 Apr 2023 02:01:18 GMT

Verdicts & Comments Add Verdict or Comment

79 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| 0 object| 1 function| structuredClone object| oncontextlost object| oncontextrestored function| getScreenDetails object| adsbygoogle function| setAttributeOnload object| gapi object| ___jsl object| css_file function| setWidgetData_503086380 number| clock_timer_503086380 string| widgetUrl string| wstrackId object| timeBookedScript string| widgetSrc object| osapi object| gadgets object| iframer object| __gapi_jstiming__ object| shindig function| ToolbarApi object| iframes function| IframeBase function| Iframe function| IframeProxy function| IframeWindow function| BLOG_attachCsiOnload function| _WidgetManager function| _WidgetInfo function| widget_module_provide function| _AdSenseView function| _BlogArchiveView function| _AttributionView function| _BlogView function| _BlogListView function| _BlogSearchView function| _ContactFormView function| _ExampleView function| _FeaturedPostView function| _FeedView function| _FollowersView function| _HeaderView function| _TextView function| _HTMLView function| _ImageView function| _LabelView function| _TextListView function| _LinkListView function| _BloggerButtonView function| _NavbarView function| _PageListView function| _PollView function| _PopularPostsView function| _ProfileView function| _RecentPostsView function| _ReportAbuseView function| _SharingView function| _StatsView function| _SubscribeView function| _SW_toggleReaderList function| _SW_hideReaderList function| _TranslateView function| _WikipediaView string| __wavt function| __gjsload__ object| closure_lm_942823 object| cookieChoices boolean| google_empty_script_included function| clock_503086380 function| sec_to_min_503086380 function| rclock_503086380 function| timeSec_503086380 number| sec_503086380 function| clock object| help object| hgb object| userfeedback

0 Cookies

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header Value
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

1.bp.blogspot.com
apis.google.com
img.root-top.com
lh3.googleusercontent.com
ns.allo-heberge.com
pagead2.googlesyndication.com
quintesur-vip.blogspot.com
resources.blogblog.com
s.bookcdn.com
themes.googleusercontent.com
widgets.booked.net
www.blogger.com
www.google-analytics.com
www.googletagmanager.com
www.gstatic.com
www.pronostic-facile.fr
www.raffinturf.com
www.top-pmu.com
194.150.236.166
194.150.236.190
194.150.236.5
213.174.150.39
2606:4700:20::681a:ee2
2606:4700:3034::ac43:c8d8
2a00:1450:4001:801::2008
2a00:1450:4001:80e::200e
2a00:1450:4001:810::2001
2a00:1450:4001:810::200e
2a00:1450:4001:827::2001
2a00:1450:4001:829::2002
2a00:1450:4001:829::2003
2a00:1450:4001:82a::2009
2a00:1450:4001:830::2001
2a06:98c1:3120::7
01ba4719c80b6fe911b091a7c05124b64eeece964e09c058ef8f9805daca546b
068ffe90977f2b5b2dc2ef18572166e85281bd0ecb31c4902464b23db54d2568
06c2c785df6f9287d46de42b62edb098163ddbc18e81310e314a4a99b47dcaca
085f31183d0d55bc158628cba119fef4cd92fab55d24e5f3da19a9cde7a71664
233aea3a55d08317a07c508b68edd4c5dde8d71082cd8183064de883b14b972e
261325b5391639044cde28aaaa6e740fddd770e2e7052e608b89b9af7545c7eb
288536942edd2d9002fff4b7d9085f331ff73ea9cd24653e78e6a17ea09c5a0d
2a1b182575a97818903caf7858784858599743b800864af64599b36fe9011881
2cbec901e274e67d0f2e931a008f7f4a3c1c8ba9e3bada73785b7f2b9c829c09
33e1062bd4d512f492de85bc7f6a6922c8c61b93b87576a9fb855ef6d695a494
346eb51a85654fe57845fd7e63e39451f6ab3e0f739667656b879a0e72fbc84c
41166b69f19149d5dc45c9e09a6a73610162058567881917ebee44a8f5919e63
4a28a8b74846e74e9f79c608e4bbdc4adaab1f0d1173587bb94bc766702b5471
4e3c79b309ff982326ce4ff9d51f3bdd7faf03b7ffba17d75ecbc695cdc88892
5154b1cbd8ac50eb1e0094d466d7b97bfdd9b60d8fc741d2a7e557952445b1cd
56e51ec98dfd237c689f88710ef5e493d2e5386c50ebfefbcc762da7bf3561bf
69c456a36c7eafcc564322518e5c0663ebde5ce8b401b2f4e4fce1d9dad77187
72be8098b87d7e2d7fbc6eb0a3eaebcf1013186d7733cd340549f9e1701a4865
7d785a3825e3ebbfc6589f9aa9bff961710004caca71fee62e1b80244c5b5370
83abaa8eeca7b9ce27bbe392d57ebef8089570b042915102cc12812514861072
848fbad57cfe0865b4425b4ce3870d42d583b24544739775b0afa50553aefb06
85af87089494fbd949c339354d9d1d4b94a6ff863af8eab6f116a3f27b1b1a01
89264ca54f3d2b01b3243a4ce69017da154037803b2c62258b202c97b4c23ecb
89deff0fbf69641f774f93a16bc9f99318d37646baffff5c719ac194942d459c
8bafaf8b25a0fefd39bdb76e6a0b947ff3a578bf10a2d159c8da74938bf4731e
98f8cdce15682fc466ffba56fa74a6e37ba882b150b4d3ebbad32a1e9fc0bfbf
99fdef41162dadcc15d20f456082d2533cf0adf36445ce8f6440bbc684ed880f
a177ada8a91311c3b04de32bd5d9e008dd250f74187201f57a9c0ef43b4330c7
a1925038db769477ab74b4df34350c35688a795bb718727b0f4292a4a78a6210
a7c941198c86f5ba39f627f857fe17c39c546d3c25863466e4c0968611b538ff
ab276fd66602133fabba091c91ef9a6cc711d44ed412bf48e0c53d113753b686
ae21217e172e5a1117a7ac148662a5a330edfdc34f86e8a6d85f5bf7e049c41b
bb6685107846b4c25384202730b84ec168fecee197e5f9e3fe8ffdd5bed6749d
bcf55c1566becd0358f107fc855d8669ed2092a5670719c8239eb8fbbbe7601e
be41f5414d537cdfb80ea3c084a530c84a088eef795c78a83d59d1e5c4a35919
c526570cefdc78759c17c19b00ac9b757f9c96fab0efdc8d7b0805600b89e141
cca664ca16fde285160e80eae6ba4501c27b1dd1ce09aec1e84caa74b5baff53
ccecd185ac16ba0a538840f37701053fbb861f7fbbdd86039c7415fcd924d1f2
cd0cda5646921c6c781d22f74efa730d6dfa1fd27140ae4f6eb7022b05493a6e
d26329e6e96dc9b6bf45396823e02bbae52f448e3b629dd42b50756febc05c38
dd030e42d99250893d7157ec168dc04580bdbed188f7aaa06ff5f1d2a848c265
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
ec4f944dcc91bb8879e4b1211978098c6dba2b5d95e4b9462f3aeb790c5b4a4e
ecb30886406e3f776ff7bc3834de849944471e626ff148bed2fa389d02866044