urlscan.io logo urlscan.io
SecurityTrails logo

quintesdujour.blogspot.com Open in urlscan Pro
2a00:1450:4001:810::2001  Public Scan

Go To Rescan Add Verdict Report
URL: https://quintesdujour.blogspot.com/p/blog-page.html?m=1
Submission: On July 08 via manual from BF
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 12 IPs in 3 countries across 11 domains to perform 34 HTTP transactions. The main IP is 2a00:1450:4001:810::2001, located in Frankfurt am Main, Germany and belongs to GOOGLE, US. The main domain is quintesdujour.blogspot.com.
TLS certificate: Issued by GTS CA 1C3 on June 7th 2021. Valid for: 3 months.
This is the only time quintesdujour.blogspot.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

2    2a00:1450:4001:810::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
quintesdujour.blogspot.com
5    2a00:1450:4001:82f::2009 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.blogger.com
5    2a00:1450:4001:803::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
apis.google.com
4    2a00:1450:4001:830::2009 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
resources.blogblog.com
1    2606:4700:20::681b:7774 (United States)

ASN13335 (CLOUDFLARENET, US)
hitleap.com
8    2a00:1450:4001:811::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
lh4.googleusercontent.com
lh3.googleusercontent.com
lh6.googleusercontent.com
1    2606:4700:3038::6815:ea1a (United States)

ASN13335 (CLOUDFLARENET, US)
img.root-top.com
1    2a00:1450:4001:828::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
4.bp.blogspot.com
2    2a00:1450:4001:800::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
lh5.googleusercontent.com
2    213.246.57.128 (France)

ASN21409 (IKOULA, FR)
PTR: www.allosponsor.com
www.hebdotop.com
1    2a00:1450:4001:811::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
pagead2.googlesyndication.com
1    2a00:1450:4001:803::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
fonts.gstatic.com
Domain Requested by
5 lh4.googleusercontent.com quintesdujour.blogspot.com
5 apis.google.com quintesdujour.blogspot.com
apis.google.com
www.blogger.com
5 www.blogger.com quintesdujour.blogspot.com
apis.google.com
4 resources.blogblog.com quintesdujour.blogspot.com
www.blogger.com
2 www.hebdotop.com quintesdujour.blogspot.com
2 lh6.googleusercontent.com quintesdujour.blogspot.com
2 lh5.googleusercontent.com quintesdujour.blogspot.com
2 quintesdujour.blogspot.com quintesdujour.blogspot.com
1 fonts.gstatic.com quintesdujour.blogspot.com
1 pagead2.googlesyndication.com quintesdujour.blogspot.com
1 lh3.googleusercontent.com quintesdujour.blogspot.com
1 4.bp.blogspot.com quintesdujour.blogspot.com
1 img.root-top.com 1 redirects
1 hitleap.com quintesdujour.blogspot.com
0 www.uhit.eu Failed quintesdujour.blogspot.com
34 15
Subject Issuer Validity Valid
*.googleusercontent.com
GTS CA 1C3		 2021-06-07 -
2021-08-30		 3 months crt.sh
*.blogger.com
GTS CA 1C3		 2021-06-07 -
2021-08-30		 3 months crt.sh
*.apis.google.com
GTS CA 1C3		 2021-06-22 -
2021-09-14		 3 months crt.sh
sni.cloudflaressl.com
Cloudflare Inc ECC CA-3		 2021-07-02 -
2022-07-01		 a year crt.sh
misc-sni.blogspot.com
GTS CA 1C3		 2021-06-07 -
2021-08-30		 3 months crt.sh
www.hebdotop.com
Sectigo RSA Domain Validation Secure Server CA		 2021-02-09 -
2022-02-09		 a year crt.sh
*.google.com
GTS CA 1C3		 2021-06-22 -
2021-09-14		 3 months crt.sh
*.g.doubleclick.net
GTS CA 1C3		 2021-06-07 -
2021-08-30		 3 months crt.sh
*.gstatic.com
GTS CA 1C3		 2021-06-22 -
2021-09-14		 3 months crt.sh

This page contains 2 frames:

Primary Page: https://quintesdujour.blogspot.com/p/blog-page.html?m=1
Frame ID: D43C28FF11893ECEC3D29E1D84A783C5
Requests: 29 HTTP requests in this frame

Frame: https://www.blogger.com/navbar.g?targetBlogID=1166931812279994256&blogName=QUINTE-DU-JOUR&publishMode=PUBLISH_MODE_BLOGSPOT&navbarType=LIGHT&layoutType=LAYOUTS&searchRoot=https://quintesdujour.blogspot.com/search&blogLocale=fr&v=2&homepageUrl=https://quintesdujour.blogspot.com/&targetPageID=6998963090675476539&blogPostOrPageUrl=https://quintesdujour.blogspot.com/p/blog-page.html&vt=4053140602761367943&usegapi=1&jsh=m%3B%2F_%2Fscs%2Fapps-static%2F_%2Fjs%2Fk%3Doz.gapi.en_US.bnEFfFZ9cyI.O%2Fam%3DAQ%2Fd%3D1%2Frs%3DAGLTcCNaq8ri2P66tzK7chsKcRiE1CsLyQ%2Fm%3D__features__
Frame ID: 7C8E719A0776A3346B74C78645C2803E
Requests: 5 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Detected technologies

Overall confidence: 100%
Detected patterns
  • url /^https?:\/\/[^/]+\.blogspot\.com/i
  • meta generator /^Blogger$/i
Overall confidence: 100%
Detected patterns
  • url /^https?:\/\/[^/]+\.blogspot\.com/i
  • meta generator /^Blogger$/i
Overall confidence: 100%
Detected patterns
  • headers server /GSE/i
Overall confidence: 100%
Detected patterns
  • headers server /GSE/i

Page Statistics

34
Requests

94 %
HTTPS

92 %
IPv6

11
Domains

15
Subdomains

12
IPs

3
Countries

439 kB
Transfer

865 kB
Size

0
Cookies

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 6
  • https://img.root-top.com/topsite/topturfjs/banner.gif HTTP 302
  • https://4.bp.blogspot.com/-9rgHikzhRtk/WaBw8I7Z2DI/AAAAAAAAEis/uMbu7FpqG1oPo5ccQXvThtIpcLRuvZW1QCLcBGAs/s1600/TOPSITE0.gif
Request Chain 32
  • https://www.uhit.eu/id/sergyus.php HTTP 0
  • http://www.uhit.eu/id/sergyus.php

34 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Primary Request blog-page.html
quintesdujour.blogspot.com/p/ 		44 KB
12 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://quintesdujour.blogspot.com/p/blog-page.html?m=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:810::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
GSE /
Resource Hash
4ff35972dfbd52829fc6a92d916016885ffabc55589249f1d9470ca0a9eeb0c3
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

:method
GET
:authority
quintesdujour.blogspot.com
:scheme
https
:path
/p/blog-page.html?m=1
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
none
sec-fetch-mode
navigate
sec-fetch-user
?1
sec-fetch-dest
document
accept-encoding
gzip, deflate, br
accept-language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-type
text/html; charset=UTF-8
expires
Thu, 08 Jul 2021 02:48:17 GMT
date
Thu, 08 Jul 2021 02:48:17 GMT
cache-control
private, max-age=0
last-modified
Wed, 07 Jul 2021 21:19:20 GMT
etag
W/"767bfa422e1caa498c4307ef5dc4e3fca2e4426ddc2e2f2bc802f415a322094b"
content-encoding
gzip
x-content-type-options
nosniff
x-xss-protection
1; mode=block
content-length
11623
server
GSE
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
3822632116-css_bundle_v2.css
www.blogger.com/static/v1/widgets/ 		36 KB
8 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://www.blogger.com/static/v1/widgets/3822632116-css_bundle_v2.css
Requested by
Host: quintesdujour.blogspot.com
URL: https://quintesdujour.blogspot.com/p/blog-page.html?m=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82f::2009 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
224d95cce08108610c46ef4134793dbdd619e43e90e9d9cf42716a08f45222f9
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://quintesdujour.blogspot.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 08 Jul 2021 00:05:52 GMT
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Wed, 07 Jul 2021 09:58:50 GMT
server
sffe
age
9745
vary
Accept-Encoding
content-type
text/css
cache-control
public, max-age=31536000
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
7982
x-xss-protection
0
expires
Fri, 08 Jul 2022 00:05:52 GMT
authorization.css
www.blogger.com/dyn-css/ 		1 B
684 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://www.blogger.com/dyn-css/authorization.css?targetBlogID=1166931812279994256&zx=df889bea-eaae-437e-9f43-c2cd555c2d67
Requested by
Host: quintesdujour.blogspot.com
URL: https://quintesdujour.blogspot.com/p/blog-page.html?m=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82f::2009 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
GSE /
Resource Hash
01ba4719c80b6fe911b091a7c05124b64eeece964e09c058ef8f9805daca546b
Security Headers
Name Value
Content-Security-Policy script-src 'self' *.google.com *.google-analytics.com 'unsafe-inline' 'unsafe-eval' *.gstatic.com *.googlesyndication.com *.blogger.com *.googleapis.com uds.googleusercontent.com https://s.ytimg.com https://i18n-cloud.appspot.com https://www.youtube.com www-onepick-opensocial.googleusercontent.com www-bloggervideo-opensocial.googleusercontent.com www-blogger-opensocial.googleusercontent.com https://www.blogblog.com; report-uri /cspreport
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Referer
https://quintesdujour.blogspot.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
content-security-policy
script-src 'self' *.google.com *.google-analytics.com 'unsafe-inline' 'unsafe-eval' *.gstatic.com *.googlesyndication.com *.blogger.com *.googleapis.com uds.googleusercontent.com https://s.ytimg.com https://i18n-cloud.appspot.com https://www.youtube.com www-onepick-opensocial.googleusercontent.com www-bloggervideo-opensocial.googleusercontent.com www-blogger-opensocial.googleusercontent.com https://www.blogblog.com; report-uri /cspreport
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Thu, 08 Jul 2021 02:48:17 GMT
server
GSE
date
Thu, 08 Jul 2021 02:48:17 GMT
x-frame-options
SAMEORIGIN
p3p
CP="This is not a P3P policy! See https://www.google.com/support/accounts/bin/answer.py?hl=en&answer=151657 for more info."
cache-control
no-cache, no-store, max-age=0, must-revalidate
content-type
text/css; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
21
x-xss-protection
1; mode=block
expires
Mon, 01 Jan 1990 00:00:00 GMT
plusone.js
apis.google.com/js/ 		54 KB
21 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://apis.google.com/js/plusone.js
Requested by
Host: quintesdujour.blogspot.com
URL: https://quintesdujour.blogspot.com/p/blog-page.html?m=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:803::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
d371a8b01f0b58ea9a7b4f5b46b4da5443ba8722e37953256d2369a810bf6d5c
Security Headers
Name Value
Content-Security-Policy script-src 'report-sample' 'nonce-0paa5XzE/3PVIuibDTlgtg' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri /_/cspreport
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Referer
https://quintesdujour.blogspot.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 08 Jul 2021 02:48:17 GMT
content-encoding
gzip
x-content-type-options
nosniff
p3p
CP="This is not a P3P policy! See g.co/p3phelp for more info."
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection
0
x-ua-compatible
IE=edge, chrome=1
server
ESF
x-frame-options
SAMEORIGIN
etag
"672c86aaa26ba8114df0cae819e1c0cf"
strict-transport-security
max-age=31536000
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=1800, stale-while-revalidate=1800
content-security-policy
script-src 'report-sample' 'nonce-0paa5XzE/3PVIuibDTlgtg' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri /_/cspreport
timing-allow-origin
*
expires
Thu, 08 Jul 2021 02:48:17 GMT
icon18_wrench_allbkg.png
resources.blogblog.com/img/ 		475 B
850 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://resources.blogblog.com/img/icon18_wrench_allbkg.png
Requested by
Host: quintesdujour.blogspot.com
URL: https://quintesdujour.blogspot.com/p/blog-page.html?m=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:830::2009 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
d172d750493be64a7ed84dec1dd2a0d787ba42f78bc694b0858f152c52b6620b
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://quintesdujour.blogspot.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 06 Jul 2021 11:24:24 GMT
x-content-type-options
nosniff
last-modified
Mon, 05 Jul 2021 11:00:53 GMT
server
sffe
age
141833
content-type
image/png
cache-control
public, max-age=604800
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
475
x-xss-protection
0
expires
Tue, 13 Jul 2021 11:24:24 GMT
banner.png
hitleap.com/ 		8 KB
9 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://hitleap.com/banner.png
Requested by
Host: quintesdujour.blogspot.com
URL: https://quintesdujour.blogspot.com/p/blog-page.html?m=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681b:7774 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b047c8c806b0025b96ae05a7e9c6c97d44a45c20a8e50e245f359154a5898566
Security Headers
Name Value
Strict-Transport-Security max-age=63113904; includeSubDomains; preload

Request headers

Referer
https://quintesdujour.blogspot.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 08 Jul 2021 02:48:17 GMT
vary
Accept-Encoding
cf-cache-status
HIT
nel
{"report_to":"cf-nel","max_age":604800}
age
4070
content-length
8185
last-modified
Tue, 06 Jul 2021 17:59:25 GMT
server
cloudflare
etag
"60e499fd-1ff9"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=63113904; includeSubDomains; preload
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v2?s=hxff3F4NuwJ1emSOt7jV5We6RLMml%2F5dusXQvYIhDo2IjS%2F2nsbY1L9EPfIAShXHKXmxqDQ5Ho6vpTOwiNcYjlRr%2Fo%2BdpATtt0R%2FRaxOu5%2Bo7HgAKp7ZeiM3uQoMhVuYLQZFqQ%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/png
cache-control
max-age=14400
accept-ranges
bytes
cf-ray
66b5fe25ae64e007-FRA
guwMZwYtCQCzSToZjYu_XOV2wlaTmwXODjCG1C3yFOb174SEy53CyZWOLgJkwjPEZbA1mHYpajgrAEbVT7w0QQvtm8NcAw=s0-d
lh4.googleusercontent.com/proxy/ 		12 KB
12 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://lh4.googleusercontent.com/proxy/guwMZwYtCQCzSToZjYu_XOV2wlaTmwXODjCG1C3yFOb174SEy53CyZWOLgJkwjPEZbA1mHYpajgrAEbVT7w0QQvtm8NcAw=s0-d
Requested by
Host: quintesdujour.blogspot.com
URL: https://quintesdujour.blogspot.com/p/blog-page.html?m=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:811::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
fife /
Resource Hash
f7670a8d13ef4e9acd862605692cdbe8955c5f440a84b09457cfd9475613568a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://quintesdujour.blogspot.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 08 Jul 2021 02:48:17 GMT
x-content-type-options
nosniff
server
fife
vary
Origin
content-type
image/gif
access-control-allow-origin
*
access-control-expose-headers
Content-Length
cache-control
no-cache, must-revalidate, no-transform
content-disposition
attachment;filename="unnamed.gif"
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
12566
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
TOPSITE0.gif
4.bp.blogspot.com/-9rgHikzhRtk/WaBw8I7Z2DI/AAAAAAAAEis/uMbu7FpqG1oPo5ccQXvThtIpcLRuvZW1QCLcBGAs/s1600/
Redirect Chain
  • https://img.root-top.com/topsite/topturfjs/banner.gif
  • https://4.bp.blogspot.com/-9rgHikzhRtk/WaBw8I7Z2DI/AAAAAAAAEis/uMbu7FpqG1oPo5ccQXvThtIpcLRuvZW1QCLcBGAs/s1600/TOPSITE0.gif
21 KB
22 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://4.bp.blogspot.com/-9rgHikzhRtk/WaBw8I7Z2DI/AAAAAAAAEis/uMbu7FpqG1oPo5ccQXvThtIpcLRuvZW1QCLcBGAs/s1600/TOPSITE0.gif
Requested by
Host: quintesdujour.blogspot.com
URL: https://quintesdujour.blogspot.com/p/blog-page.html?m=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:828::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
fife /
Resource Hash
cf9ffb799d5f1da8a6cb532f4bc6e62f294d1d717dd5e6471723755d38b032a7
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://quintesdujour.blogspot.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 08 Jul 2021 01:03:27 GMT
x-content-type-options
nosniff
age
6290
content-disposition
inline;filename="TOPSITE0.gif"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
21771
x-xss-protection
0
server
fife
etag
"v122d"
vary
Origin
content-type
image/gif
access-control-allow-origin
*
access-control-expose-headers
Content-Length
cache-control
public, max-age=86400, no-transform
timing-allow-origin
*
expires
Wed, 07 Jul 2021 13:08:20 GMT

Redirect headers

date
Thu, 08 Jul 2021 02:48:17 GMT
cf-cache-status
BYPASS
nel
{"report_to":"cf-nel","max_age":604800}
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v2?s=LQ6Rgfq4V4tiUK0MN2eCZ7klqz2DeanhyJgzYS3jv049Wgx240CVXozcEX1bTGNMIkzFom6S3h1oYh6DUnKkpeWzHKp8FwHylpIr5XFVui4gVFp%2BJbj4ASTGXm4DroVz%2BNvVkT5DqCqfVw%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
text/html; charset=iso-8859-1
location
https://4.bp.blogspot.com/-9rgHikzhRtk/WaBw8I7Z2DI/AAAAAAAAEis/uMbu7FpqG1oPo5ccQXvThtIpcLRuvZW1QCLcBGAs/s1600/TOPSITE0.gif
cf-ray
66b5fe25bbaa05f1-FRA
alt-svc
h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
MbZVn3OlOSfRdbcvjfNNWbNeU4fBEkWda6iPHZ5QqqpQFxA5SHQz1vwjcmrUhbayOoglZLhZ5mFqsbv1y0favc6MPIg0ujz_EeZlPQC8-8qKdH0=s0-d
lh3.googleusercontent.com/proxy/ 		8 KB
8 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://lh3.googleusercontent.com/proxy/MbZVn3OlOSfRdbcvjfNNWbNeU4fBEkWda6iPHZ5QqqpQFxA5SHQz1vwjcmrUhbayOoglZLhZ5mFqsbv1y0favc6MPIg0ujz_EeZlPQC8-8qKdH0=s0-d
Requested by
Host: quintesdujour.blogspot.com
URL: https://quintesdujour.blogspot.com/p/blog-page.html?m=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:811::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
fife /
Resource Hash
3ef2e3e54258fa6347f52a6497dcf5605c8f62e9628dbd8a56028a6e2300b50c
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://quintesdujour.blogspot.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 08 Jul 2021 02:48:17 GMT
x-content-type-options
nosniff
server
fife
vary
Origin
content-type
image/gif
access-control-allow-origin
*
access-control-expose-headers
Content-Length
cache-control
no-cache, must-revalidate, no-transform
content-disposition
attachment;filename="unnamed.gif"
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
8267
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
mq9eKijXD27QDnc1b4SPAChzLI0AIUvk226F2jyfEHoP9e9uNsnnqfTEofJK_K0ALw7U7KpZ8za45NA_FcKQssgREhpOzHi-=s0-d
lh4.googleusercontent.com/proxy/ 		10 KB
10 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://lh4.googleusercontent.com/proxy/mq9eKijXD27QDnc1b4SPAChzLI0AIUvk226F2jyfEHoP9e9uNsnnqfTEofJK_K0ALw7U7KpZ8za45NA_FcKQssgREhpOzHi-=s0-d
Requested by
Host: quintesdujour.blogspot.com
URL: https://quintesdujour.blogspot.com/p/blog-page.html?m=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:811::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
fife /
Resource Hash
af129e8897fa809e39ad3c7c11ab7d6934b8bd278e7ddde41e246fbab9b36475
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://quintesdujour.blogspot.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 08 Jul 2021 02:48:17 GMT
x-content-type-options
nosniff
server
fife
vary
Origin
content-type
image/gif
access-control-allow-origin
*
access-control-expose-headers
Content-Length
cache-control
no-cache, must-revalidate, no-transform
content-disposition
attachment;filename="unnamed.gif"
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
10667
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
NFnqej9AAtmWT1XsHiuT2qHm332asUQsg1QJ1ShCNb3mLPf3YMAmZL7hrzK2enl9Vs_MX0WlQ5JZuJUfSDsnWoGIN5hQs7xC=s0-d
lh5.googleusercontent.com/proxy/ 		17 KB
17 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://lh5.googleusercontent.com/proxy/NFnqej9AAtmWT1XsHiuT2qHm332asUQsg1QJ1ShCNb3mLPf3YMAmZL7hrzK2enl9Vs_MX0WlQ5JZuJUfSDsnWoGIN5hQs7xC=s0-d
Requested by
Host: quintesdujour.blogspot.com
URL: https://quintesdujour.blogspot.com/p/blog-page.html?m=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:800::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
fife /
Resource Hash
9aa725ef733de56baa3432de8a6414b7627389507858f86c66dac33f83014850
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://quintesdujour.blogspot.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 08 Jul 2021 02:48:17 GMT
x-content-type-options
nosniff
server
fife
vary
Origin
content-type
image/gif
access-control-allow-origin
*
access-control-expose-headers
Content-Length
cache-control
public, max-age=86400, no-transform
content-disposition
attachment;filename="unnamed.gif"
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
17346
x-xss-protection
0
expires
Fri, 09 Jul 2021 02:48:17 GMT
WINB1_kOwyiCfeJCaT9Az5cGki14J1xeZNznbjf6xd2bBgwBVDvo49EssIqU9FGh_czwysgcc_vgk_WkXFwG9wpGob0u9axlHa-ZxA=s0-d
lh5.googleusercontent.com/proxy/ 		8 KB
8 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://lh5.googleusercontent.com/proxy/WINB1_kOwyiCfeJCaT9Az5cGki14J1xeZNznbjf6xd2bBgwBVDvo49EssIqU9FGh_czwysgcc_vgk_WkXFwG9wpGob0u9axlHa-ZxA=s0-d
Requested by
Host: quintesdujour.blogspot.com
URL: https://quintesdujour.blogspot.com/p/blog-page.html?m=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:800::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
fife /
Resource Hash
337c2170d1ebe84015ae0d9402a5237b14e6332910713779717b2939057334d5
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://quintesdujour.blogspot.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 08 Jul 2021 02:48:17 GMT
x-content-type-options
nosniff
server
fife
vary
Origin
content-type
image/gif
access-control-allow-origin
*
access-control-expose-headers
Content-Length
cache-control
public, max-age=86400, no-transform
content-disposition
attachment;filename="unnamed.gif"
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
7823
x-xss-protection
0
expires
Fri, 09 Jul 2021 02:48:17 GMT
VhLI_BPKrvTf9INbDwHC9vj1aFo_MYsfuUtRmiN1BxAHXZ_Ic2ZY0iWH6uUJx2LRJ09tGPPifyjWhCOW__PVb7qxLCIT=s0-d
lh4.googleusercontent.com/proxy/ 		9 KB
10 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://lh4.googleusercontent.com/proxy/VhLI_BPKrvTf9INbDwHC9vj1aFo_MYsfuUtRmiN1BxAHXZ_Ic2ZY0iWH6uUJx2LRJ09tGPPifyjWhCOW__PVb7qxLCIT=s0-d
Requested by
Host: quintesdujour.blogspot.com
URL: https://quintesdujour.blogspot.com/p/blog-page.html?m=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:811::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
fife /
Resource Hash
45512018f9d6569d93610720cd59bdd4442e45bf609892a319a1137bb93ac929
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://quintesdujour.blogspot.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 08 Jul 2021 02:48:17 GMT
x-content-type-options
nosniff
server
fife
vary
Origin
content-type
image/gif
access-control-allow-origin
*
access-control-expose-headers
Content-Length
cache-control
public, max-age=86400, no-transform
content-disposition
attachment;filename="unnamed.gif"
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
9499
x-xss-protection
0
expires
Fri, 09 Jul 2021 02:48:17 GMT
SN0wfNP7ZITTa_qfy3oPnRd_aLj83mmwzDUxNk9gv-0ptIJ-bxB7ISUDh-HHWGj5tfPJGvYSSyDN4WOkcTfmNufcp4NEGgbAug=s0-d
lh4.googleusercontent.com/proxy/ 		46 KB
46 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://lh4.googleusercontent.com/proxy/SN0wfNP7ZITTa_qfy3oPnRd_aLj83mmwzDUxNk9gv-0ptIJ-bxB7ISUDh-HHWGj5tfPJGvYSSyDN4WOkcTfmNufcp4NEGgbAug=s0-d
Requested by
Host: quintesdujour.blogspot.com
URL: https://quintesdujour.blogspot.com/p/blog-page.html?m=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:811::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
fife /
Resource Hash
90ad8515f23b78a4ea93ec2996266af3d56e67d99d9d61ba6e5fc378480e7606
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://quintesdujour.blogspot.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 08 Jul 2021 02:48:17 GMT
x-content-type-options
nosniff
server
fife
vary
Origin
content-type
image/gif
access-control-allow-origin
*
access-control-expose-headers
Content-Length
cache-control
public, max-age=86400, no-transform
content-disposition
attachment;filename="unnamed.gif"
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
47295
x-xss-protection
0
expires
Fri, 09 Jul 2021 02:48:17 GMT
f_M1ZxzFi2Ukh5R9gGo4sHB6VRjgio9AUKEg-sAOeOWOPNOBYHZMjwnzpxWKj5AN-VSGypjmK3cJ8ZFvgmI8S1HctTU=s0-d
lh6.googleusercontent.com/proxy/ 		2 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://lh6.googleusercontent.com/proxy/f_M1ZxzFi2Ukh5R9gGo4sHB6VRjgio9AUKEg-sAOeOWOPNOBYHZMjwnzpxWKj5AN-VSGypjmK3cJ8ZFvgmI8S1HctTU=s0-d
Requested by
Host: quintesdujour.blogspot.com
URL: https://quintesdujour.blogspot.com/p/blog-page.html?m=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:811::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
fife /
Resource Hash
7d59844ce22b2358da6a1a53b1b715552d3974bac88c9fcca9f07c08548408ec
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://quintesdujour.blogspot.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 08 Jul 2021 02:48:17 GMT
x-content-type-options
nosniff
server
fife
vary
Origin
content-type
image/gif
access-control-allow-origin
*
access-control-expose-headers
Content-Length
cache-control
public, max-age=86400, no-transform
content-disposition
attachment;filename="unnamed.gif"
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
2097
x-xss-protection
0
expires
Fri, 09 Jul 2021 02:48:17 GMT
hebdotop.eur
www.hebdotop.com/cgi-bin/ 		436 B
556 B 		Script
General
Check archive.org
Download Go to
Full URL
https://www.hebdotop.com/cgi-bin/hebdotop.eur?id=303087
Requested by
Host: quintesdujour.blogspot.com
URL: https://quintesdujour.blogspot.com/p/blog-page.html?m=1
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
213.246.57.128 , France, ASN21409 (IKOULA, FR),
Reverse DNS
www.allosponsor.com
Software
Apache/2.2.22 (Debian) /
Resource Hash
638fa458004e9cb646d5d259e732237e5fd932ff43d22d82b4cb9b848a1143f8

Request headers

Referer
https://quintesdujour.blogspot.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Thu, 08 Jul 2021 02:48:20 GMT
Content-Encoding
gzip
Server
Apache/2.2.22 (Debian)
Vary
Accept-Encoding
Content-Type
text/html
Transfer-Encoding
chunked
Connection
Keep-Alive
Keep-Alive
timeout=15, max=100
DyqVTX0Vdjh4-8U_0H_WEfSlplYL4dMsE2xJCiNrfMdR6DwyFFsxZ8Q_QRp4sFk4TLuMN4Cqf9hCWyFXOJVg38q96mxJ0J2peha2=s0-d
lh6.googleusercontent.com/proxy/ 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://lh6.googleusercontent.com/proxy/DyqVTX0Vdjh4-8U_0H_WEfSlplYL4dMsE2xJCiNrfMdR6DwyFFsxZ8Q_QRp4sFk4TLuMN4Cqf9hCWyFXOJVg38q96mxJ0J2peha2=s0-d
Requested by
Host: quintesdujour.blogspot.com
URL: https://quintesdujour.blogspot.com/p/blog-page.html?m=1
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:811::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://quintesdujour.blogspot.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

access-control-allow-origin
*
082pgiriuykPjsytaiYFkYW278cBxXkqep_JEpG8GQx7f3G8c0UjI3B7pBvhCTq2z8TcXlwcXjQyRxaD=s0-d
lh4.googleusercontent.com/proxy/ 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://lh4.googleusercontent.com/proxy/082pgiriuykPjsytaiYFkYW278cBxXkqep_JEpG8GQx7f3G8c0UjI3B7pBvhCTq2z8TcXlwcXjQyRxaD=s0-d
Requested by
Host: quintesdujour.blogspot.com
URL: https://quintesdujour.blogspot.com/p/blog-page.html?m=1
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:811::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://quintesdujour.blogspot.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

access-control-allow-origin
*
sergyus.php
www.uhit.eu/id/ 		0
0
cookienotice.js
quintesdujour.blogspot.com/js/ 		6 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://quintesdujour.blogspot.com/js/cookienotice.js
Requested by
Host: quintesdujour.blogspot.com
URL: https://quintesdujour.blogspot.com/p/blog-page.html?m=1
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:810::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
068ffe90977f2b5b2dc2ef18572166e85281bd0ecb31c4902464b23db54d2568
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

:path
/js/cookienotice.js
pragma
no-cache
accept-encoding
gzip, deflate, br
accept-language
en-US
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode
no-cors
accept
*/*
cache-control
no-cache
sec-fetch-dest
script
:authority
quintesdujour.blogspot.com
referer
https://quintesdujour.blogspot.com/p/blog-page.html?m=1
:scheme
https
sec-fetch-site
same-origin
:method
GET
Referer
https://quintesdujour.blogspot.com/p/blog-page.html?m=1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 06 Jul 2021 11:06:37 GMT
vary
Accept-Encoding
last-modified
Tue, 06 Jul 2021 09:53:47 GMT
server
sffe
x-content-type-options
nosniff
age
142900
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/blogger-tech
content-type
text/javascript
cache-control
public, max-age=604800
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
6513
x-xss-protection
0
expires
Tue, 13 Jul 2021 11:06:37 GMT
292860765-widgets.js
www.blogger.com/static/v1/widgets/ 		147 KB
53 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.blogger.com/static/v1/widgets/292860765-widgets.js
Requested by
Host: quintesdujour.blogspot.com
URL: https://quintesdujour.blogspot.com/p/blog-page.html?m=1
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82f::2009 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
b3946d194ee2f3b0ef9835e8fa716c6a1e2daf3cd967e5ee73b4598120a88c3e
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://quintesdujour.blogspot.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 08 Jul 2021 02:11:00 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
2237
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/blogger-tech
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
54589
x-xss-protection
0
last-modified
Wed, 07 Jul 2021 09:58:50 GMT
server
sffe
vary
Accept-Encoding
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Fri, 08 Jul 2022 02:11:00 GMT
cb=gapi.loaded_0
apis.google.com/_/scs/apps-static/_/js/k=oz.gapi.en_US.bnEFfFZ9cyI.O/m=plusone/rt=j/sv=1/d=1/ed=1/am=AQ/rs=AGLTcCNaq8ri2P66tzK7chsKcRiE1CsLyQ/ 		141 KB
49 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://apis.google.com/_/scs/apps-static/_/js/k=oz.gapi.en_US.bnEFfFZ9cyI.O/m=plusone/rt=j/sv=1/d=1/ed=1/am=AQ/rs=AGLTcCNaq8ri2P66tzK7chsKcRiE1CsLyQ/cb=gapi.loaded_0?le=ipu
Requested by
Host: apis.google.com
URL: https://apis.google.com/js/plusone.js
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:803::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
f43b8157f081f2ef6498945d4d93824c586dda2bd7b0952c8c95b3eaddb7791e
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://quintesdujour.blogspot.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 06 Jul 2021 02:10:06 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
175091
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/social-frontend-mpm-access
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
50591
x-xss-protection
0
last-modified
Tue, 15 Jun 2021 19:21:40 GMT
server
sffe
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, immutable, max-age=31536000
accept-ranges
bytes
expires
Wed, 06 Jul 2022 02:10:06 GMT
cb=gapi.loaded_1
apis.google.com/_/scs/apps-static/_/js/k=oz.gapi.en_US.bnEFfFZ9cyI.O/m=gapi_iframes,gapi_iframes_style_bubble/exm=plusone/rt=j/sv=1/d=1/ed=1/am=AQ/rs=AGLTcCNaq8ri2P66tzK7chsKcRiE1CsLyQ/ 		54 KB
17 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://apis.google.com/_/scs/apps-static/_/js/k=oz.gapi.en_US.bnEFfFZ9cyI.O/m=gapi_iframes,gapi_iframes_style_bubble/exm=plusone/rt=j/sv=1/d=1/ed=1/am=AQ/rs=AGLTcCNaq8ri2P66tzK7chsKcRiE1CsLyQ/cb=gapi.loaded_1?le=ipu
Requested by
Host: apis.google.com
URL: https://apis.google.com/js/plusone.js
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:803::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
0b6f2b483d98fa2e9d31cda09a7bc5a92c7a34a01e2be8160d6efd9e9e41e178
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://quintesdujour.blogspot.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 06 Jul 2021 00:15:03 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
181994
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/social-frontend-mpm-access
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
17642
x-xss-protection
0
last-modified
Tue, 15 Jun 2021 19:21:40 GMT
server
sffe
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, immutable, max-age=31536000
accept-ranges
bytes
expires
Wed, 06 Jul 2022 00:15:03 GMT
google_top_exp.js
pagead2.googlesyndication.com/pagead/js/ 		47 B
594 B 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/js/google_top_exp.js
Requested by
Host: quintesdujour.blogspot.com
URL: https://quintesdujour.blogspot.com/p/blog-page.html?m=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:811::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ccecd185ac16ba0a538840f37701053fbb861f7fbbdd86039c7415fcd924d1f2
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://quintesdujour.blogspot.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 08 Jul 2021 02:12:29 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
2148
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
67
x-xss-protection
0
server
cafe
etag
13036835877489095579
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Thu, 22 Jul 2021 02:12:29 GMT
gradients_light.png
resources.blogblog.com/blogblog/data/1kt/simple/ 		403 B
424 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://resources.blogblog.com/blogblog/data/1kt/simple/gradients_light.png
Requested by
Host: quintesdujour.blogspot.com
URL: https://quintesdujour.blogspot.com/p/blog-page.html?m=1
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:830::2009 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
ecb30886406e3f776ff7bc3834de849944471e626ff148bed2fa389d02866044
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://quintesdujour.blogspot.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 06 Jul 2021 03:19:18 GMT
x-content-type-options
nosniff
last-modified
Mon, 05 Jul 2021 11:00:53 GMT
server
sffe
age
170939
content-type
image/png
cache-control
public, max-age=604800
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
403
x-xss-protection
0
expires
Tue, 13 Jul 2021 03:19:18 GMT
3XF2EqMq_94s9PeKF7Fg4gOKINyMtZ8rf0O_UQ.woff2
fonts.gstatic.com/s/imfelldoublepica/v10/ 		59 KB
59 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/imfelldoublepica/v10/3XF2EqMq_94s9PeKF7Fg4gOKINyMtZ8rf0O_UQ.woff2
Requested by
Host: quintesdujour.blogspot.com
URL: https://quintesdujour.blogspot.com/p/blog-page.html?m=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:803::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
f372890bb9da19673dae9c6fe8b8311a9ce621e7f9fb7cabe9d58a7b6d0e63bf
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Origin
https://quintesdujour.blogspot.com
Referer
https://quintesdujour.blogspot.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 06 Jul 2021 06:18:03 GMT
x-content-type-options
nosniff
age
160214
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
60148
x-xss-protection
0
last-modified
Thu, 23 Jul 2020 19:52:41 GMT
server
sffe
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Wed, 06 Jul 2022 06:18:03 GMT
authorization.css
www.blogger.com/dyn-css/ 		1 B
43 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://www.blogger.com/dyn-css/authorization.css?targetBlogID=1166931812279994256&zx=df889bea-eaae-437e-9f43-c2cd555c2d67
Requested by
Host: quintesdujour.blogspot.com
URL: https://quintesdujour.blogspot.com/p/blog-page.html?m=1
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82f::2009 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
GSE /
Resource Hash
01ba4719c80b6fe911b091a7c05124b64eeece964e09c058ef8f9805daca546b
Security Headers
Name Value
Content-Security-Policy script-src 'self' *.google.com *.google-analytics.com 'unsafe-inline' 'unsafe-eval' *.gstatic.com *.googlesyndication.com *.blogger.com *.googleapis.com uds.googleusercontent.com https://s.ytimg.com https://i18n-cloud.appspot.com https://www.youtube.com www-onepick-opensocial.googleusercontent.com www-bloggervideo-opensocial.googleusercontent.com www-blogger-opensocial.googleusercontent.com https://www.blogblog.com; report-uri /cspreport
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Referer
https://quintesdujour.blogspot.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
content-security-policy
script-src 'self' *.google.com *.google-analytics.com 'unsafe-inline' 'unsafe-eval' *.gstatic.com *.googlesyndication.com *.blogger.com *.googleapis.com uds.googleusercontent.com https://s.ytimg.com https://i18n-cloud.appspot.com https://www.youtube.com www-onepick-opensocial.googleusercontent.com www-bloggervideo-opensocial.googleusercontent.com www-blogger-opensocial.googleusercontent.com https://www.blogblog.com; report-uri /cspreport
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Thu, 08 Jul 2021 02:48:17 GMT
server
GSE
date
Thu, 08 Jul 2021 02:48:17 GMT
x-frame-options
SAMEORIGIN
p3p
CP="This is not a P3P policy! See https://www.google.com/support/accounts/bin/answer.py?hl=en&answer=151657 for more info."
cache-control
no-cache, no-store, max-age=0, must-revalidate
content-type
text/css; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
21
x-xss-protection
1; mode=block
expires
Mon, 01 Jan 1990 00:00:00 GMT
navbar.g
www.blogger.com/ Frame 7C8E 		7 KB
3 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://www.blogger.com/navbar.g?targetBlogID=1166931812279994256&blogName=QUINTE-DU-JOUR&publishMode=PUBLISH_MODE_BLOGSPOT&navbarType=LIGHT&layoutType=LAYOUTS&searchRoot=https://quintesdujour.blogspot.com/search&blogLocale=fr&v=2&homepageUrl=https://quintesdujour.blogspot.com/&targetPageID=6998963090675476539&blogPostOrPageUrl=https://quintesdujour.blogspot.com/p/blog-page.html&vt=4053140602761367943&usegapi=1&jsh=m%3B%2F_%2Fscs%2Fapps-static%2F_%2Fjs%2Fk%3Doz.gapi.en_US.bnEFfFZ9cyI.O%2Fam%3DAQ%2Fd%3D1%2Frs%3DAGLTcCNaq8ri2P66tzK7chsKcRiE1CsLyQ%2Fm%3D__features__
Requested by
Host: apis.google.com
URL: https://apis.google.com/_/scs/apps-static/_/js/k=oz.gapi.en_US.bnEFfFZ9cyI.O/m=plusone/rt=j/sv=1/d=1/ed=1/am=AQ/rs=AGLTcCNaq8ri2P66tzK7chsKcRiE1CsLyQ/cb=gapi.loaded_0?le=ipu
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82f::2009 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
GSE /
Resource Hash
25dfe58df195108b03903d5c61b0fd8c09e81a8295626bdfa8604a2f4972065a
Security Headers
Name Value
Content-Security-Policy script-src 'self' *.google.com *.google-analytics.com 'unsafe-inline' 'unsafe-eval' *.gstatic.com *.googlesyndication.com *.blogger.com *.googleapis.com uds.googleusercontent.com https://s.ytimg.com https://i18n-cloud.appspot.com https://www.youtube.com www-onepick-opensocial.googleusercontent.com www-bloggervideo-opensocial.googleusercontent.com www-blogger-opensocial.googleusercontent.com https://www.blogblog.com; report-uri /cspreport
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

:method
GET
:authority
www.blogger.com
:scheme
https
:path
/navbar.g?targetBlogID=1166931812279994256&blogName=QUINTE-DU-JOUR&publishMode=PUBLISH_MODE_BLOGSPOT&navbarType=LIGHT&layoutType=LAYOUTS&searchRoot=https://quintesdujour.blogspot.com/search&blogLocale=fr&v=2&homepageUrl=https://quintesdujour.blogspot.com/&targetPageID=6998963090675476539&blogPostOrPageUrl=https://quintesdujour.blogspot.com/p/blog-page.html&vt=4053140602761367943&usegapi=1&jsh=m%3B%2F_%2Fscs%2Fapps-static%2F_%2Fjs%2Fk%3Doz.gapi.en_US.bnEFfFZ9cyI.O%2Fam%3DAQ%2Fd%3D1%2Frs%3DAGLTcCNaq8ri2P66tzK7chsKcRiE1CsLyQ%2Fm%3D__features__
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://quintesdujour.blogspot.com/
accept-encoding
gzip, deflate, br
accept-language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
https://quintesdujour.blogspot.com/

Response headers

p3p
CP="This is not a P3P policy! See https://www.google.com/support/accounts/bin/answer.py?hl=en&answer=151657 for more info."
content-security-policy
script-src 'self' *.google.com *.google-analytics.com 'unsafe-inline' 'unsafe-eval' *.gstatic.com *.googlesyndication.com *.blogger.com *.googleapis.com uds.googleusercontent.com https://s.ytimg.com https://i18n-cloud.appspot.com https://www.youtube.com www-onepick-opensocial.googleusercontent.com www-bloggervideo-opensocial.googleusercontent.com www-blogger-opensocial.googleusercontent.com https://www.blogblog.com; report-uri /cspreport
content-type
text/html; charset=UTF-8
cache-control
no-cache, no-store, max-age=0, must-revalidate
pragma
no-cache
expires
Mon, 01 Jan 1990 00:00:00 GMT
date
Thu, 08 Jul 2021 02:48:18 GMT
content-encoding
gzip
x-content-type-options
nosniff
x-xss-protection
1; mode=block
content-length
2640
server
GSE
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
platform:gapi.iframes.style.common.js
apis.google.com/js/ Frame 7C8E 		54 KB
20 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://apis.google.com/js/platform:gapi.iframes.style.common.js
Requested by
Host: www.blogger.com
URL: https://www.blogger.com/navbar.g?targetBlogID=1166931812279994256&blogName=QUINTE-DU-JOUR&publishMode=PUBLISH_MODE_BLOGSPOT&navbarType=LIGHT&layoutType=LAYOUTS&searchRoot=https://quintesdujour.blogspot.com/search&blogLocale=fr&v=2&homepageUrl=https://quintesdujour.blogspot.com/&targetPageID=6998963090675476539&blogPostOrPageUrl=https://quintesdujour.blogspot.com/p/blog-page.html&vt=4053140602761367943&usegapi=1&jsh=m%3B%2F_%2Fscs%2Fapps-static%2F_%2Fjs%2Fk%3Doz.gapi.en_US.bnEFfFZ9cyI.O%2Fam%3DAQ%2Fd%3D1%2Frs%3DAGLTcCNaq8ri2P66tzK7chsKcRiE1CsLyQ%2Fm%3D__features__
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:803::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
d5a58ac0db95b17f927487af2b9bfaad366bd6c77962fa7d1175397514f48902
Security Headers
Name Value
Content-Security-Policy script-src 'report-sample' 'nonce-KOdw2+Q1tcdvNhHojDypPw' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri /_/cspreport
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Referer
https://www.blogger.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 08 Jul 2021 02:48:18 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection
0
x-ua-compatible
IE=edge, chrome=1
server
ESF
x-frame-options
SAMEORIGIN
etag
"b4f78258369ff41709d0160e93d20994"
strict-transport-security
max-age=31536000
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=1800, stale-while-revalidate=1800
content-security-policy
script-src 'report-sample' 'nonce-KOdw2+Q1tcdvNhHojDypPw' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri /_/cspreport
timing-allow-origin
*
expires
Thu, 08 Jul 2021 02:48:18 GMT
icons_peach.png
resources.blogblog.com/img/navbar/ Frame 7C8E 		907 B
928 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://resources.blogblog.com/img/navbar/icons_peach.png
Requested by
Host: www.blogger.com
URL: https://www.blogger.com/navbar.g?targetBlogID=1166931812279994256&blogName=QUINTE-DU-JOUR&publishMode=PUBLISH_MODE_BLOGSPOT&navbarType=LIGHT&layoutType=LAYOUTS&searchRoot=https://quintesdujour.blogspot.com/search&blogLocale=fr&v=2&homepageUrl=https://quintesdujour.blogspot.com/&targetPageID=6998963090675476539&blogPostOrPageUrl=https://quintesdujour.blogspot.com/p/blog-page.html&vt=4053140602761367943&usegapi=1&jsh=m%3B%2F_%2Fscs%2Fapps-static%2F_%2Fjs%2Fk%3Doz.gapi.en_US.bnEFfFZ9cyI.O%2Fam%3DAQ%2Fd%3D1%2Frs%3DAGLTcCNaq8ri2P66tzK7chsKcRiE1CsLyQ%2Fm%3D__features__
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:830::2009 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
72be8098b87d7e2d7fbc6eb0a3eaebcf1013186d7733cd340549f9e1701a4865
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.blogger.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Mon, 05 Jul 2021 23:20:51 GMT
x-content-type-options
nosniff
last-modified
Mon, 05 Jul 2021 18:53:19 GMT
server
sffe
age
185247
content-type
image/png
cache-control
public, max-age=604800
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
907
x-xss-protection
0
expires
Mon, 12 Jul 2021 23:20:51 GMT
arrows-light.png
resources.blogblog.com/img/navbar/ Frame 7C8E 		117 B
138 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://resources.blogblog.com/img/navbar/arrows-light.png
Requested by
Host: www.blogger.com
URL: https://www.blogger.com/navbar.g?targetBlogID=1166931812279994256&blogName=QUINTE-DU-JOUR&publishMode=PUBLISH_MODE_BLOGSPOT&navbarType=LIGHT&layoutType=LAYOUTS&searchRoot=https://quintesdujour.blogspot.com/search&blogLocale=fr&v=2&homepageUrl=https://quintesdujour.blogspot.com/&targetPageID=6998963090675476539&blogPostOrPageUrl=https://quintesdujour.blogspot.com/p/blog-page.html&vt=4053140602761367943&usegapi=1&jsh=m%3B%2F_%2Fscs%2Fapps-static%2F_%2Fjs%2Fk%3Doz.gapi.en_US.bnEFfFZ9cyI.O%2Fam%3DAQ%2Fd%3D1%2Frs%3DAGLTcCNaq8ri2P66tzK7chsKcRiE1CsLyQ%2Fm%3D__features__
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:830::2009 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
bb6685107846b4c25384202730b84ec168fecee197e5f9e3fe8ffdd5bed6749d
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.blogger.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 06 Jul 2021 05:59:00 GMT
x-content-type-options
nosniff
last-modified
Mon, 05 Jul 2021 05:50:42 GMT
server
sffe
age
161358
content-type
image/png
cache-control
public, max-age=604800
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
117
x-xss-protection
0
expires
Tue, 13 Jul 2021 05:59:00 GMT
cb=gapi.loaded_0
apis.google.com/_/scs/apps-static/_/js/k=oz.gapi.en_US.bnEFfFZ9cyI.O/m=gapi_iframes_style_common/rt=j/sv=1/d=1/ed=1/am=AQ/rs=AGLTcCNaq8ri2P66tzK7chsKcRiE1CsLyQ/ Frame 7C8E 		120 KB
40 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://apis.google.com/_/scs/apps-static/_/js/k=oz.gapi.en_US.bnEFfFZ9cyI.O/m=gapi_iframes_style_common/rt=j/sv=1/d=1/ed=1/am=AQ/rs=AGLTcCNaq8ri2P66tzK7chsKcRiE1CsLyQ/cb=gapi.loaded_0?le=ipu
Requested by
Host: apis.google.com
URL: https://apis.google.com/js/platform:gapi.iframes.style.common.js
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:803::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
7f88073b6bd53a5d04bfc7ba673d070d3dfb92e1627bebf96c998c8c347eb0d8
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.blogger.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 06 Jul 2021 01:32:41 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
177337
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/social-frontend-mpm-access
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
41292
x-xss-protection
0
last-modified
Tue, 15 Jun 2021 19:21:40 GMT
server
sffe
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, immutable, max-age=31536000
accept-ranges
bytes
expires
Wed, 06 Jul 2022 01:32:41 GMT
vote99356.eur
www.hebdotop.com/cgi-bin/ 		181 B
389 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.hebdotop.com/cgi-bin/vote99356.eur?id=303087
Requested by
Host: quintesdujour.blogspot.com
URL: https://quintesdujour.blogspot.com/p/blog-page.html?m=1
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
213.246.57.128 , France, ASN21409 (IKOULA, FR),
Reverse DNS
www.allosponsor.com
Software
Apache/2.2.22 (Debian) /
Resource Hash
6a4d5227f760e30e5b86f0f48c198e6dd39dfa0cf4e30518dfa8747e23324aaa

Request headers

Referer
https://quintesdujour.blogspot.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Thu, 08 Jul 2021 02:48:21 GMT
Server
Apache/2.2.22 (Debian)
Connection
Keep-Alive
Keep-Alive
timeout=15, max=99
Transfer-Encoding
chunked
Content-Type
image/png
sergyus.php
www.uhit.eu/id/
Redirect Chain
  • https://www.uhit.eu/id/sergyus.php
  • http://www.uhit.eu/id/sergyus.php
0
0

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain
www.uhit.eu
URL
https://www.uhit.eu/id/sergyus.php
Domain
www.uhit.eu
URL
http://www.uhit.eu/id/sergyus.php

Verdicts & Comments Add Verdict or Comment

71 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| 0 object| onbeforexrselect object| ontransitionrun object| ontransitionstart object| ontransitioncancel object| cookieStore function| showDirectoryPicker function| showOpenFilePicker function| showSaveFilePicker boolean| originAgentCluster object| trustedTypes boolean| crossOriginIsolated object| adsbygoogle function| setAttributeOnload object| gapi object| ___jsl boolean| google_empty_script_included object| osapi object| gapix object| gadgets object| iframer object| __gapi_jstiming__ object| shindig function| ToolbarApi object| iframes function| IframeBase function| Iframe function| IframeProxy function| IframeWindow number| rand_code function| BLOG_attachCsiOnload function| _WidgetManager function| _WidgetInfo function| widget_module_provide function| _AdSenseView function| _BlogArchiveView function| _AttributionView function| _BlogView function| _BlogListView function| _BlogSearchView function| _ContactFormView function| _ExampleView function| _FeaturedPostView function| _FeedView function| _FollowByEmailView function| _FollowersView function| _HeaderView function| _TextView function| _HTMLView function| _ImageView function| _LabelView function| _TextListView function| _LinkListView function| _BloggerButtonView function| _NavbarView function| _PageListView function| _PollView function| _PopularPostsView function| _ProfileView function| _RecentPostsView function| _ReportAbuseView function| _SharingView function| _StatsView function| _SubscribeView function| _SW_toggleReaderList function| _SW_hideReaderList function| _TranslateView function| _WikipediaView string| __wavt function| __gjsload__ object| cookieChoices

0 Cookies

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header Value
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

4.bp.blogspot.com
apis.google.com
fonts.gstatic.com
hitleap.com
img.root-top.com
lh3.googleusercontent.com
lh4.googleusercontent.com
lh5.googleusercontent.com
lh6.googleusercontent.com
pagead2.googlesyndication.com
quintesdujour.blogspot.com
resources.blogblog.com
www.blogger.com
www.hebdotop.com
www.uhit.eu
www.uhit.eu
213.246.57.128
2606:4700:20::681b:7774
2606:4700:3038::6815:ea1a
2a00:1450:4001:800::2001
2a00:1450:4001:803::2003
2a00:1450:4001:803::200e
2a00:1450:4001:810::2001
2a00:1450:4001:811::2001
2a00:1450:4001:811::2002
2a00:1450:4001:828::2001
2a00:1450:4001:82f::2009
2a00:1450:4001:830::2009
01ba4719c80b6fe911b091a7c05124b64eeece964e09c058ef8f9805daca546b
068ffe90977f2b5b2dc2ef18572166e85281bd0ecb31c4902464b23db54d2568
0b6f2b483d98fa2e9d31cda09a7bc5a92c7a34a01e2be8160d6efd9e9e41e178
224d95cce08108610c46ef4134793dbdd619e43e90e9d9cf42716a08f45222f9
25dfe58df195108b03903d5c61b0fd8c09e81a8295626bdfa8604a2f4972065a
337c2170d1ebe84015ae0d9402a5237b14e6332910713779717b2939057334d5
3ef2e3e54258fa6347f52a6497dcf5605c8f62e9628dbd8a56028a6e2300b50c
45512018f9d6569d93610720cd59bdd4442e45bf609892a319a1137bb93ac929
4ff35972dfbd52829fc6a92d916016885ffabc55589249f1d9470ca0a9eeb0c3
638fa458004e9cb646d5d259e732237e5fd932ff43d22d82b4cb9b848a1143f8
6a4d5227f760e30e5b86f0f48c198e6dd39dfa0cf4e30518dfa8747e23324aaa
72be8098b87d7e2d7fbc6eb0a3eaebcf1013186d7733cd340549f9e1701a4865
7d59844ce22b2358da6a1a53b1b715552d3974bac88c9fcca9f07c08548408ec
7f88073b6bd53a5d04bfc7ba673d070d3dfb92e1627bebf96c998c8c347eb0d8
90ad8515f23b78a4ea93ec2996266af3d56e67d99d9d61ba6e5fc378480e7606
9aa725ef733de56baa3432de8a6414b7627389507858f86c66dac33f83014850
af129e8897fa809e39ad3c7c11ab7d6934b8bd278e7ddde41e246fbab9b36475
b047c8c806b0025b96ae05a7e9c6c97d44a45c20a8e50e245f359154a5898566
b3946d194ee2f3b0ef9835e8fa716c6a1e2daf3cd967e5ee73b4598120a88c3e
bb6685107846b4c25384202730b84ec168fecee197e5f9e3fe8ffdd5bed6749d
ccecd185ac16ba0a538840f37701053fbb861f7fbbdd86039c7415fcd924d1f2
cf9ffb799d5f1da8a6cb532f4bc6e62f294d1d717dd5e6471723755d38b032a7
d172d750493be64a7ed84dec1dd2a0d787ba42f78bc694b0858f152c52b6620b
d371a8b01f0b58ea9a7b4f5b46b4da5443ba8722e37953256d2369a810bf6d5c
d5a58ac0db95b17f927487af2b9bfaad366bd6c77962fa7d1175397514f48902
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
ecb30886406e3f776ff7bc3834de849944471e626ff148bed2fa389d02866044
f372890bb9da19673dae9c6fe8b8311a9ce621e7f9fb7cabe9d58a7b6d0e63bf
f43b8157f081f2ef6498945d4d93824c586dda2bd7b0952c8c95b3eaddb7791e
f7670a8d13ef4e9acd862605692cdbe8955c5f440a84b09457cfd9475613568a