urlscan.io logo urlscan.io
SecurityTrails logo

www.courseofficiels.c4.fr Open in urlscan Pro
5.135.149.81  Public Scan

Go To Rescan Add Verdict Report
URL: http://www.courseofficiels.c4.fr/
Submission: On February 23 via manual from BF — Scanned from FR
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 15 IPs in 3 countries across 14 domains to perform 45 HTTP transactions. The main IP is 5.135.149.81, located in France and belongs to OVH, FR. The main domain is www.courseofficiels.c4.fr.
This is the only time www.courseofficiels.c4.fr was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

10    5.135.149.81 (France)

ASN16276 (OVH, FR)
PTR: web3.venez.net
www.courseofficiels.c4.fr
www.venez.fr
9    194.150.236.166 (France)

ASN44976 (HIWIT_AS, FR)
PTR: ns6.hiwit.net
www.expressturf.net
8    2a00:1450:4001:82f::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
pagead2.googlesyndication.com
googleads.g.doubleclick.net
1    194.150.236.179 (France)

ASN44976 (HIWIT_AS, FR)
PTR: ns19.hiwit.net
www.flashcourse.net
3    194.150.236.236 (France)

ASN44976 (HIWIT_AS, FR)
PTR: ns76.hiwit.net
www.biltoturf.com
2    91.198.105.123 (France)

ASN35393 (EURO-WEB-AS, FR)
www.gambling-affiliation.com
static.gambling-affiliation.com
3    185.119.26.1 (France)

ASN203544 (WEBDEVIIN-AS, FR)
PTR: 1.26.119.185.in-addr.arpa
payment.allopass.com
1    2a00:1450:4001:828::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.googletagmanager.com
1    142.250.186.130 (United States)

ASN15169 (GOOGLE, US)
PTR: fra24s07-in-f2.1e100.net
partner.googleadservices.com
1    2a00:1450:4001:812::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
adservice.google.fr
1    2a00:1450:4001:810::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
adservice.google.com
1    2a00:1450:4001:827::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.google-analytics.com
2    2a00:1450:4001:830::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
tpc.googlesyndication.com
1    2a00:1450:4001:82f::2004 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.google.com
Apex Domain
Subdomains		 Transfer
9 expressturf.net
www.expressturf.net
508 KB
8 googlesyndication.com
pagead2.googlesyndication.com — Cisco Umbrella Rank: 92
tpc.googlesyndication.com — Cisco Umbrella Rank: 120
193 KB
7 venez.fr
www.venez.fr
9 KB
3 allopass.com
payment.allopass.com
10 KB
3 biltoturf.com
www.biltoturf.com
98 KB
3 c4.fr
www.courseofficiels.c4.fr
3 KB
2 google.com
adservice.google.com — Cisco Umbrella Rank: 59
www.google.com — Cisco Umbrella Rank: 2
2 KB
2 doubleclick.net
googleads.g.doubleclick.net — Cisco Umbrella Rank: 37
5 KB
2 gambling-affiliation.com
www.gambling-affiliation.com — Cisco Umbrella Rank: 652002
static.gambling-affiliation.com
21 KB
1 google-analytics.com
www.google-analytics.com — Cisco Umbrella Rank: 31
20 KB
1 google.fr
adservice.google.fr — Cisco Umbrella Rank: 33045
792 B
1 googleadservices.com
partner.googleadservices.com — Cisco Umbrella Rank: 741
641 B
1 googletagmanager.com
www.googletagmanager.com — Cisco Umbrella Rank: 50
38 KB
1 flashcourse.net
www.flashcourse.net
81 KB
45 14
Domain Requested by
9 www.expressturf.net www.courseofficiels.c4.fr
www.expressturf.net
7 www.venez.fr www.courseofficiels.c4.fr
www.venez.fr
6 pagead2.googlesyndication.com www.courseofficiels.c4.fr
pagead2.googlesyndication.com
tpc.googlesyndication.com
3 payment.allopass.com www.expressturf.net
payment.allopass.com
3 www.biltoturf.com www.expressturf.net
3 www.courseofficiels.c4.fr www.courseofficiels.c4.fr
2 tpc.googlesyndication.com pagead2.googlesyndication.com
tpc.googlesyndication.com
2 googleads.g.doubleclick.net pagead2.googlesyndication.com
1 www.google.com tpc.googlesyndication.com
1 www.google-analytics.com www.googletagmanager.com
1 adservice.google.com pagead2.googlesyndication.com
1 adservice.google.fr pagead2.googlesyndication.com
1 partner.googleadservices.com pagead2.googlesyndication.com
1 www.googletagmanager.com payment.allopass.com
1 static.gambling-affiliation.com www.expressturf.net
1 www.gambling-affiliation.com www.expressturf.net
1 www.flashcourse.net www.expressturf.net
45 17

This site contains no links.

Subject Issuer Validity Valid
venez.fr
R3		 2021-12-27 -
2022-03-27		 3 months crt.sh
biltoturf.com
R3		 2022-02-18 -
2022-05-19		 3 months crt.sh
www.gambling-affiliation.com
Gandi Standard SSL CA 2		 2021-10-30 -
2022-10-30		 a year crt.sh
*.allopass.com
Gandi Standard SSL CA 2		 2021-10-08 -
2022-10-08		 a year crt.sh
*.g.doubleclick.net
GTS CA 1C3		 2022-02-07 -
2022-05-02		 3 months crt.sh
static.gambling-affiliation.com
Gandi Standard SSL CA 2		 2021-08-22 -
2022-08-22		 a year crt.sh
*.google-analytics.com
GTS CA 1C3		 2022-02-07 -
2022-05-02		 3 months crt.sh
*.googleadservices.com
GTS CA 1C3		 2022-02-07 -
2022-05-02		 3 months crt.sh
*.google.fr
GTS CA 1C3		 2022-02-07 -
2022-05-02		 3 months crt.sh
*.google.com
GTS CA 1C3		 2022-02-07 -
2022-05-02		 3 months crt.sh
tpc.googlesyndication.com
GTS CA 1C3		 2022-02-07 -
2022-05-02		 3 months crt.sh
www.google.com
GTS CA 1C3		 2022-02-07 -
2022-05-02		 3 months crt.sh

This page contains 9 frames:

Primary Page: http://www.courseofficiels.c4.fr/
Frame ID: 088D54DC4686E44D6E02C5E83A69FB3A
Requests: 1 HTTP requests in this frame

Frame: http://www.courseofficiels.c4.fr/barre-courseofficiels.c4.fr.html
Frame ID: 124315D903373D7DABBA45956AD9D729
Requests: 12 HTTP requests in this frame

Frame: http://www.expressturf.net/pronos/courseofficiels/
Frame ID: C56005C0BCBF8EB4C2913B514703644F
Requests: 20 HTTP requests in this frame

Frame: http://www.courseofficiels.c4.fr/stats-courseofficiels.c4.fr.html
Frame ID: 74FEB5F8C8F276BBAF6E4ABB424E5707
Requests: 1 HTTP requests in this frame

Frame: https://www.venez.fr/alternate-barre.htm
Frame ID: 53FA6C327FCC1224A98F4C8D269FA544
Requests: 4 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/html/r20220217/r20190131/zrt_lookup.html
Frame ID: A85BF62E600D78A4DDCBF0C5F936B3F8
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5203714787387788&output=html&h=90&slotname=4563536207&adk=2647235303&adf=3604715433&pi=t.ma~as.4563536207&w=970&psa=0&format=970x90&url=http%3A%2F%2Fwww.courseofficiels.c4.fr%2F&ea=0&flash=0&wgl=1&dt=1645591331575&bpp=4&bdt=300&idt=193&shv=r20220217&mjsv=m202202180201&ptt=9&saldr=aa&correlator=5132728827757&frm=23&ife=1&pv=2&ga_vid=1305661919.1645591332&ga_sid=1645591332&ga_hid=1221095053&ga_fc=0&nhd=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&adx=20&ady=0&biw=1600&bih=1200&isw=1600&ish=90&ifk=3557296332&scr_x=0&scr_y=0&eid=42531397%2C44750774%2C182982100%2C182982300%2C31064857%2C31065026%2C31063222%2C44756894%2C44756897&oid=2&pvsid=3553837843814055&pem=325&tmod=1280250829&uas=0&nvt=1&eae=2&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C90&vis=1&rsz=o%7Co%7CaeE%7C&abl=NA&pfx=0&fu=4&bc=23&ifi=1&uci=1.cvcedmk57380&fsb=1&dtd=210
Frame ID: 55F7358FFA37ADC0472E451264BCA381
Requests: 1 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Frame ID: 3D16811510D3EFBFDB47DD20FA1B0EB9
Requests: 3 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/aframe
Frame ID: 33E901190D2AE06BE6E5274895805CD8
Requests: 2 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page Title

COURSE OFFICIELS

Detected technologies

Overall confidence: 100%
Detected patterns
  • googlesyndication\.com/
Overall confidence: 100%
Detected patterns
  • google-analytics\.com/(?:ga|urchin|analytics)\.js
Overall confidence: 100%
Detected patterns
  • googletagmanager\.com/gtm\.js

Page Statistics

45
Requests

64 %
HTTPS

50 %
IPv6

14
Domains

17
Subdomains

15
IPs

3
Countries

990 kB
Transfer

1415 kB
Size

4
Cookies

Redirected requests

There were HTTP redirect chains for the following requests:

45 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Primary Request /
www.courseofficiels.c4.fr/ 		3 KB
1 KB 		Document
General
Check archive.org
Download Go to
Full URL
http://www.courseofficiels.c4.fr/
Protocol
HTTP/1.1
Server
5.135.149.81 , France, ASN16276 (OVH, FR),
Reverse DNS
web3.venez.net
Software
Apache /
Resource Hash
f6fb2e6c55b1424ae8c0899bf7398017c6e8a45321bac6b2613d75ca2eaf2452

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36
Accept-Language
fr-FR,fr;q=0.9

Response headers

Date
Wed, 23 Feb 2022 04:42:10 GMT
Server
Apache
Vary
Accept-Encoding
Content-Encoding
gzip
Content-Length
1103
Keep-Alive
timeout=5, max=100
Connection
Keep-Alive
Content-Type
text/html; charset=iso-8859-1
barre-courseofficiels.c4.fr.html
www.courseofficiels.c4.fr/ Frame 1243 		3 KB
2 KB 		Document
General
Check archive.org
Download Go to
Full URL
http://www.courseofficiels.c4.fr/barre-courseofficiels.c4.fr.html
Requested by
Host: www.courseofficiels.c4.fr
URL: http://www.courseofficiels.c4.fr/
Protocol
HTTP/1.1
Server
5.135.149.81 , France, ASN16276 (OVH, FR),
Reverse DNS
web3.venez.net
Software
Apache /
Resource Hash
c9366e19147e6976d0f3a1f881ce3ad0861fec45302347b8dba3522009d45286

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36
Accept-Language
fr-FR,fr;q=0.9
Referer
http://www.courseofficiels.c4.fr/

Response headers

Date
Wed, 23 Feb 2022 04:42:10 GMT
Server
Apache
Expires
Wed, 23 Feb 2022 04:42:11 GMT
Last-Modified
Wed, 23 Feb 2022 04:42:11 GMT
Cache-Control
no-store, no-cache, must-revalidate post-check=0, pre-check=0
Pragma
no-cache
Vary
Accept-Encoding
Content-Encoding
gzip
Content-Length
1493
Keep-Alive
timeout=5, max=99
Connection
Keep-Alive
Content-Type
text/html; charset=ISO-8859-1
/
www.expressturf.net/pronos/courseofficiels/ Frame C560 		106 KB
107 KB 		Document
General
Check archive.org
Download Go to
Full URL
http://www.expressturf.net/pronos/courseofficiels/
Requested by
Host: www.courseofficiels.c4.fr
URL: http://www.courseofficiels.c4.fr/
Protocol
HTTP/1.1
Server
194.150.236.166 , France, ASN44976 (HIWIT_AS, FR),
Reverse DNS
ns6.hiwit.net
Software
Apache /
Resource Hash
962de74b820d6faeadfcce1b8db80c897412aeb74ef99cd6407ec2f41712a854

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36
Accept-Language
fr-FR,fr;q=0.9
Referer
http://www.courseofficiels.c4.fr/

Response headers

Date
Wed, 23 Feb 2022 04:42:11 GMT
Server
Apache
Expires
Thu, 19 Nov 1981 08:52:00 GMT
Cache-Control
no-store, no-cache, must-revalidate, post-check=0, pre-check=0
Pragma
no-cache
Vary
Host
Keep-Alive
timeout=15, max=100
Connection
Keep-Alive
Transfer-Encoding
chunked
Content-Type
text/html
stats-courseofficiels.c4.fr.html
www.courseofficiels.c4.fr/ Frame 74FE 		0
192 B 		Document
General
Check archive.org
Download Go to
Full URL
http://www.courseofficiels.c4.fr/stats-courseofficiels.c4.fr.html
Requested by
Host: www.courseofficiels.c4.fr
URL: http://www.courseofficiels.c4.fr/
Protocol
HTTP/1.1
Server
5.135.149.81 , France, ASN16276 (OVH, FR),
Reverse DNS
web3.venez.net
Software
Apache /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36
Accept-Language
fr-FR,fr;q=0.9
Referer
http://www.courseofficiels.c4.fr/

Response headers

Date
Wed, 23 Feb 2022 04:42:10 GMT
Server
Apache
Content-Length
0
Keep-Alive
timeout=5, max=100
Connection
Keep-Alive
Content-Type
text/html; charset=iso-8859-1
site.js
www.venez.fr/js/ Frame 1243 		2 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.venez.fr/js/site.js?www.venez.fr
Requested by
Host: www.courseofficiels.c4.fr
URL: http://www.courseofficiels.c4.fr/barre-courseofficiels.c4.fr.html
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
5.135.149.81 , France, ASN16276 (OVH, FR),
Reverse DNS
web3.venez.net
Software
Apache /
Resource Hash
0c91a24c2deb753c963c48cd9c3e5d16ee96128b30bce193c4324e121728c306

Request headers

Accept-Language
fr-FR,fr;q=0.9
Referer
http://www.courseofficiels.c4.fr/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

Date
Wed, 23 Feb 2022 04:42:11 GMT
Content-Encoding
gzip
Last-Modified
Wed, 23 Feb 2022 04:42:11 GMT
Server
Apache
Vary
Accept-Encoding
Content-Type
application/javascript
Cache-Control
public, max-age=604800
Connection
Keep-Alive
Keep-Alive
timeout=5, max=100
Content-Length
1023
Expires
Wed, 02 Mar 2022 04:42:11 GMT
separateur90.gif
www.venez.fr/images/ Frame 1243 		82 B
388 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.venez.fr/images/separateur90.gif
Requested by
Host: www.courseofficiels.c4.fr
URL: http://www.courseofficiels.c4.fr/barre-courseofficiels.c4.fr.html
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
5.135.149.81 , France, ASN16276 (OVH, FR),
Reverse DNS
web3.venez.net
Software
Apache /
Resource Hash
3289fc83b622ca0a13683fa81b006a05de135d1938744d6e30e5c9be2f2d782a

Request headers

Accept-Language
fr-FR,fr;q=0.9
Referer
http://www.courseofficiels.c4.fr/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

Date
Wed, 23 Feb 2022 04:42:11 GMT
Last-Modified
Thu, 15 Nov 2018 22:11:22 GMT
Server
Apache
ETag
"52-57abb54b25680"
Content-Type
image/gif
Cache-Control
max-age=604800, public
Connection
Keep-Alive
Accept-Ranges
bytes
Keep-Alive
timeout=5, max=100
Content-Length
82
adsbygoogle.js
pagead2.googlesyndication.com/pagead/js/ Frame 1243 		152 KB
53 KB 		Script
General
Check archive.org
Download Go to
Full URL
http://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js
Requested by
Host: www.courseofficiels.c4.fr
URL: http://www.courseofficiels.c4.fr/barre-courseofficiels.c4.fr.html
Protocol
HTTP/1.1
Server
2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
794f78282f9a58efb505ecad452ecb13cff096803a5ecd0756c26e67d95887b3
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
fr-FR,fr;q=0.9
Referer
http://www.courseofficiels.c4.fr/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

Timing-Allow-Origin
*
Date
Wed, 23 Feb 2022 04:42:11 GMT
Content-Encoding
gzip
X-Content-Type-Options
nosniff
Server
cafe
ETag
10273843056687877555
Vary
Accept-Encoding, Origin
P3P
policyref="http://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
Cache-Control
private, max-age=3600
Cross-Origin-Resource-Policy
cross-origin
Content-Disposition
attachment; filename="f.txt"
Content-Type
text/javascript; charset=UTF-8
Content-Length
53706
X-XSS-Protection
0
Expires
Wed, 23 Feb 2022 04:42:11 GMT
h1.png
www.expressturf.net/pronos/courseofficiels/ Frame C560 		27 KB
27 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
http://www.expressturf.net/pronos/courseofficiels/h1.png
Requested by
Host: www.expressturf.net
URL: http://www.expressturf.net/pronos/courseofficiels/
Protocol
HTTP/1.1
Server
194.150.236.166 , France, ASN44976 (HIWIT_AS, FR),
Reverse DNS
ns6.hiwit.net
Software
Apache /
Resource Hash
8a68bf4dae7472c6c3f6ab143aeb7744f122b80a2f93b6e901c90e6bfd428297

Request headers

Accept-Language
fr-FR,fr;q=0.9
Referer
http://www.expressturf.net/pronos/courseofficiels/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

Date
Wed, 23 Feb 2022 04:42:11 GMT
Last-Modified
Tue, 03 Nov 2020 10:31:37 GMT
Server
Apache
ETag
"186a60f-6ba1-5b3315e18b440"
Vary
Host
Content-Type
image/png
Connection
Keep-Alive
Accept-Ranges
bytes
Keep-Alive
timeout=15, max=100
Content-Length
27553
head.jpg
www.expressturf.net/pronos/courseofficiels/ Frame C560 		70 KB
71 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
http://www.expressturf.net/pronos/courseofficiels/head.jpg
Requested by
Host: www.expressturf.net
URL: http://www.expressturf.net/pronos/courseofficiels/
Protocol
HTTP/1.1
Server
194.150.236.166 , France, ASN44976 (HIWIT_AS, FR),
Reverse DNS
ns6.hiwit.net
Software
Apache /
Resource Hash
6e844c6b6214a884a9746e9f95778019cee171abc9352132cc3a4b72938b510a

Request headers

Accept-Language
fr-FR,fr;q=0.9
Referer
http://www.expressturf.net/pronos/courseofficiels/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

Date
Wed, 23 Feb 2022 04:42:11 GMT
Last-Modified
Tue, 03 Nov 2020 10:31:41 GMT
Server
Apache
ETag
"186a612-118db-5b3315e55bd40"
Vary
Host
Content-Type
image/jpeg
Connection
Keep-Alive
Accept-Ranges
bytes
Keep-Alive
timeout=15, max=100
Content-Length
71899
logo.gif
www.flashcourse.net/img/ Frame C560 		81 KB
81 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
http://www.flashcourse.net/img/logo.gif
Requested by
Host: www.expressturf.net
URL: http://www.expressturf.net/pronos/courseofficiels/
Protocol
HTTP/1.1
Server
194.150.236.179 , France, ASN44976 (HIWIT_AS, FR),
Reverse DNS
ns19.hiwit.net
Software
Apache /
Resource Hash
5929b7b020cb55e1f048721ce4745948bde58678f53155da4bac0b9183ec6393

Request headers

Accept-Language
fr-FR,fr;q=0.9
Referer
http://www.expressturf.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

Date
Wed, 23 Feb 2022 04:42:11 GMT
Last-Modified
Thu, 15 Dec 2016 07:03:40 GMT
Server
Apache
ETag
"15eac54-142c1-543ad0d97ab00"
Vary
Host
Content-Type
image/gif
Connection
Keep-Alive
Accept-Ranges
bytes
Keep-Alive
timeout=15, max=100
Content-Length
82625
logo.gif
www.biltoturf.com/ Frame C560 		6 KB
6 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
http://www.biltoturf.com/logo.gif
Requested by
Host: www.expressturf.net
URL: http://www.expressturf.net/pronos/courseofficiels/
Protocol
HTTP/1.1
Server
194.150.236.236 , France, ASN44976 (HIWIT_AS, FR),
Reverse DNS
ns76.hiwit.net
Software
Apache /
Resource Hash
ead7dff95228a235e92f3cc50bcd67d3e448ccb40cee683514504e8a59aa8f30

Request headers

Accept-Language
fr-FR,fr;q=0.9
Referer
http://www.expressturf.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

Date
Wed, 23 Feb 2022 04:42:11 GMT
Last-Modified
Sat, 24 Apr 2021 03:49:26 GMT
Server
Apache
ETag
"2563ddd-165f-5c0afcc7b5d80"
Vary
Host
Content-Type
image/gif
Connection
Keep-Alive
Accept-Ranges
bytes
Keep-Alive
timeout=15, max=100
Content-Length
5727
basefiable.gif
www.biltoturf.com/logos/ Frame C560 		10 KB
11 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.biltoturf.com/logos/basefiable.gif
Requested by
Host: www.expressturf.net
URL: http://www.expressturf.net/pronos/courseofficiels/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
194.150.236.236 , France, ASN44976 (HIWIT_AS, FR),
Reverse DNS
ns76.hiwit.net
Software
Apache /
Resource Hash
8976277884b95b36fb3d06945f7a06b0320964337eef13af4ac690827202845b
Security Headers
Name Value
Strict-Transport-Security max-age=15768000

Request headers

Accept-Language
fr-FR,fr;q=0.9
Referer
http://www.expressturf.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

Date
Wed, 23 Feb 2022 04:42:11 GMT
Last-Modified
Sat, 24 Apr 2021 03:50:23 GMT
Server
Apache
ETag
"2563e49-2959-5c0afcfe11dc0"
Vary
Host
Content-Type
image/gif
Connection
Keep-Alive
Strict-Transport-Security
max-age=15768000
Accept-Ranges
bytes
Keep-Alive
timeout=15, max=100
Content-Length
10585
quintemagic.gif
www.biltoturf.com/logos/ Frame C560 		81 KB
81 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.biltoturf.com/logos/quintemagic.gif
Requested by
Host: www.expressturf.net
URL: http://www.expressturf.net/pronos/courseofficiels/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
194.150.236.236 , France, ASN44976 (HIWIT_AS, FR),
Reverse DNS
ns76.hiwit.net
Software
Apache /
Resource Hash
3f6530c2424161af4eda5ac19fb9f39de9e5ec8efccbcda0c383d33067bac088
Security Headers
Name Value
Strict-Transport-Security max-age=15768000

Request headers

Accept-Language
fr-FR,fr;q=0.9
Referer
http://www.expressturf.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

Date
Wed, 23 Feb 2022 04:42:11 GMT
Last-Modified
Thu, 01 Jul 2021 13:43:41 GMT
Server
Apache
ETag
"1abf861-1434f-5c61006e4fd40"
Vary
Host
Content-Type
image/gif
Connection
Keep-Alive
Strict-Transport-Security
max-age=15768000
Accept-Ranges
bytes
Keep-Alive
timeout=15, max=100
Content-Length
82767
v=IHErDrKoljVgj1EzLUneJuRQKzIO0R07L32vXIEv5TGL8rsN26OTKFg-4PxNQUkeK8aV2k00uORQvMWLix6avw__&s=
www.gambling-affiliation.com/cpm/ Frame C560 		293 B
494 B 		Script
General
Check archive.org
Download Go to
Full URL
https://www.gambling-affiliation.com/cpm/v=IHErDrKoljVgj1EzLUneJuRQKzIO0R07L32vXIEv5TGL8rsN26OTKFg-4PxNQUkeK8aV2k00uORQvMWLix6avw__&s=
Requested by
Host: www.expressturf.net
URL: http://www.expressturf.net/pronos/courseofficiels/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
91.198.105.123 , France, ASN35393 (EURO-WEB-AS, FR),
Reverse DNS
Software
Apache/2.4.39 (Unix) PHP/5.6.40 / PHP/5.6.40
Resource Hash
a16574956634805da1f5600dd824ece2ff2fa7d1c1b0a95e5d7eee00458f00af

Request headers

Accept-Language
fr-FR,fr;q=0.9
Referer
http://www.expressturf.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

Date
Wed, 23 Feb 2022 04:42:11 GMT
Server
Apache/2.4.39 (Unix) PHP/5.6.40
Connection
close
X-Powered-By
PHP/5.6.40
Content-Length
293
Content-Type
application/javascript
img1.jpg
www.expressturf.net/pronos/courseofficiels/ Frame C560 		54 KB
55 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
http://www.expressturf.net/pronos/courseofficiels/img1.jpg
Requested by
Host: www.expressturf.net
URL: http://www.expressturf.net/pronos/courseofficiels/
Protocol
HTTP/1.1
Server
194.150.236.166 , France, ASN44976 (HIWIT_AS, FR),
Reverse DNS
ns6.hiwit.net
Software
Apache /
Resource Hash
a88730f1383d2411a3efbd54fc6d3ce0d00e1faee8d8ddce723c1baed503f8d8

Request headers

Accept-Language
fr-FR,fr;q=0.9
Referer
http://www.expressturf.net/pronos/courseofficiels/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

Date
Wed, 23 Feb 2022 04:42:11 GMT
Last-Modified
Tue, 03 Nov 2020 10:31:42 GMT
Server
Apache
ETag
"186a614-d97d-5b3315e64ff80"
Vary
Host
Content-Type
image/jpeg
Connection
Keep-Alive
Accept-Ranges
bytes
Keep-Alive
timeout=15, max=100
Content-Length
55677
checkout.apu
payment.allopass.com/buy/ Frame C560 		11 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://payment.allopass.com/buy/checkout.apu?ids=338576&idd=1553514&lang=fr
Requested by
Host: www.expressturf.net
URL: http://www.expressturf.net/pronos/courseofficiels/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
185.119.26.1 , France, ASN203544 (WEBDEVIIN-AS, FR),
Reverse DNS
1.26.119.185.in-addr.arpa
Software
Apache /
Resource Hash
2c1e3da482d77c63ca0a89698acc40c520d007a4b5c7b373ac2d974ba9621f81

Request headers

Accept-Language
fr-FR,fr;q=0.9
Referer
http://www.expressturf.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

Pragma
no-cache
Date
Wed, 23 Feb 2022 04:42:11 GMT
Content-Encoding
gzip
Server
Apache
Vary
Accept-Encoding
P3P
CP='NON NID OTPa OUR NOR' policy-ref='http://payment.allopass.com/info/p3p/policy-references.xml'
Cache-Control
no-store, no-cache, must-revalidate, post-check=0, pre-check=0
Connection
close
Content-Type
text/html
Content-Length
2961
Expires
Thu, 19 Nov 1981 08:52:00 GMT
arp2.jpg
www.expressturf.net/pronos/courseofficiels/ Frame C560 		126 KB
126 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
http://www.expressturf.net/pronos/courseofficiels/arp2.jpg
Requested by
Host: www.expressturf.net
URL: http://www.expressturf.net/pronos/courseofficiels/
Protocol
HTTP/1.1
Server
194.150.236.166 , France, ASN44976 (HIWIT_AS, FR),
Reverse DNS
ns6.hiwit.net
Software
Apache /
Resource Hash
154fc9ad601530a090a68d0e47f338bfa9aad6b582b48eae3b3aa0da89d25883

Request headers

Accept-Language
fr-FR,fr;q=0.9
Referer
http://www.expressturf.net/pronos/courseofficiels/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

Date
Wed, 23 Feb 2022 04:42:11 GMT
Last-Modified
Tue, 03 Nov 2020 10:31:34 GMT
Server
Apache
ETag
"186a60b-1f882-5b3315deaed80"
Vary
Host
Content-Type
image/jpeg
Connection
Keep-Alive
Accept-Ranges
bytes
Keep-Alive
timeout=15, max=100
Content-Length
129154
h2.png
www.expressturf.net/pronos/courseofficiels/ Frame C560 		27 KB
27 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
http://www.expressturf.net/pronos/courseofficiels/h2.png
Requested by
Host: www.expressturf.net
URL: http://www.expressturf.net/pronos/courseofficiels/
Protocol
HTTP/1.1
Server
194.150.236.166 , France, ASN44976 (HIWIT_AS, FR),
Reverse DNS
ns6.hiwit.net
Software
Apache /
Resource Hash
b29d21866a5f7c379110490740062e8851039dd365d1f7f7a0f6a019a56ada05

Request headers

Accept-Language
fr-FR,fr;q=0.9
Referer
http://www.expressturf.net/pronos/courseofficiels/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

Date
Wed, 23 Feb 2022 04:42:11 GMT
Last-Modified
Tue, 03 Nov 2020 10:31:38 GMT
Server
Apache
ETag
"186a610-6b7b-5b3315e27f680"
Vary
Host
Content-Type
image/png
Connection
Keep-Alive
Accept-Ranges
bytes
Keep-Alive
timeout=15, max=100
Content-Length
27515
h3.png
www.expressturf.net/pronos/courseofficiels/ Frame C560 		31 KB
32 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
http://www.expressturf.net/pronos/courseofficiels/h3.png
Requested by
Host: www.expressturf.net
URL: http://www.expressturf.net/pronos/courseofficiels/
Protocol
HTTP/1.1
Server
194.150.236.166 , France, ASN44976 (HIWIT_AS, FR),
Reverse DNS
ns6.hiwit.net
Software
Apache /
Resource Hash
ec8c8379b57592d5e18c8ee239957c15f702bf93f7eb4db76dbf43651c562b89

Request headers

Accept-Language
fr-FR,fr;q=0.9
Referer
http://www.expressturf.net/pronos/courseofficiels/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

Date
Wed, 23 Feb 2022 04:42:11 GMT
Last-Modified
Tue, 03 Nov 2020 10:31:38 GMT
Server
Apache
ETag
"186a611-7d97-5b3315e27f680"
Vary
Host
Content-Type
image/png
Connection
Keep-Alive
Accept-Ranges
bytes
Keep-Alive
timeout=15, max=99
Content-Length
32151
alternate-barre.htm
www.venez.fr/ Frame 53FA 		2 KB
1 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://www.venez.fr/alternate-barre.htm
Requested by
Host: www.courseofficiels.c4.fr
URL: http://www.courseofficiels.c4.fr/barre-courseofficiels.c4.fr.html
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
5.135.149.81 , France, ASN16276 (OVH, FR),
Reverse DNS
web3.venez.net
Software
Apache /
Resource Hash
69afb01b565ee64712851e9eafd652481470e8f5c9e343dad64a69ae07f5a2a2

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36
Accept-Language
fr-FR,fr;q=0.9
Referer
http://www.courseofficiels.c4.fr/

Response headers

Date
Wed, 23 Feb 2022 04:42:11 GMT
Server
Apache
Vary
Accept-Encoding
Content-Encoding
gzip
Content-Length
873
Keep-Alive
timeout=5, max=99
Connection
Keep-Alive
Content-Type
text/html; charset=iso-8859-1
barre90.gif
www.venez.fr/images/ Frame 1243 		110 B
416 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.venez.fr/images/barre90.gif
Requested by
Host: www.courseofficiels.c4.fr
URL: http://www.courseofficiels.c4.fr/barre-courseofficiels.c4.fr.html
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
5.135.149.81 , France, ASN16276 (OVH, FR),
Reverse DNS
web3.venez.net
Software
Apache /
Resource Hash
49d4ba84e10d9d1f2a83956dde4f20625fd11efc01f60a3a4552a9e09a05a74f

Request headers

Accept-Language
fr-FR,fr;q=0.9
Referer
http://www.courseofficiels.c4.fr/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

Date
Wed, 23 Feb 2022 04:42:11 GMT
Last-Modified
Thu, 15 Nov 2018 22:06:23 GMT
Server
Apache
ETag
"6e-57abb42dff5c0"
Content-Type
image/gif
Cache-Control
max-age=604800, public
Connection
Keep-Alive
Accept-Ranges
bytes
Keep-Alive
timeout=5, max=99
Content-Length
110
120x60.gif
www.venez.fr/images/ Frame 53FA 		4 KB
4 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.venez.fr/images/120x60.gif
Requested by
Host: www.venez.fr
URL: https://www.venez.fr/alternate-barre.htm
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
5.135.149.81 , France, ASN16276 (OVH, FR),
Reverse DNS
web3.venez.net
Software
Apache /
Resource Hash
7dc792d48132ff15a9ad8c11a139bf26f8e13aa3df30a71582ae406ddffdab4f

Request headers

Accept-Language
fr-FR,fr;q=0.9
Referer
https://www.venez.fr/alternate-barre.htm
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

Date
Wed, 23 Feb 2022 04:42:11 GMT
Last-Modified
Wed, 02 Mar 2011 00:16:24 GMT
Server
Apache
ETag
"f4c-49d74d2b9c600"
Content-Type
image/gif
Cache-Control
max-age=604800, public
Connection
Keep-Alive
Accept-Ranges
bytes
Keep-Alive
timeout=5, max=98
Content-Length
3916
site.js
www.venez.fr/js/ Frame 53FA 		2 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.venez.fr/js/site.js?www.venez.fr
Requested by
Host: www.venez.fr
URL: https://www.venez.fr/alternate-barre.htm
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
5.135.149.81 , France, ASN16276 (OVH, FR),
Reverse DNS
web3.venez.net
Software
Apache /
Resource Hash
0c91a24c2deb753c963c48cd9c3e5d16ee96128b30bce193c4324e121728c306

Request headers

Accept-Language
fr-FR,fr;q=0.9
Referer
https://www.venez.fr/alternate-barre.htm
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

Date
Wed, 23 Feb 2022 04:42:11 GMT
Content-Encoding
gzip
Last-Modified
Wed, 23 Feb 2022 04:42:11 GMT
Server
Apache
Vary
Accept-Encoding
Content-Type
application/javascript
Cache-Control
public, max-age=604800
Connection
Keep-Alive
Keep-Alive
timeout=5, max=98
Content-Length
1023
Expires
Wed, 02 Mar 2022 04:42:11 GMT
barre90.gif
www.venez.fr/images/ Frame 53FA 		110 B
416 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.venez.fr/images/barre90.gif
Requested by
Host: www.venez.fr
URL: https://www.venez.fr/alternate-barre.htm
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
5.135.149.81 , France, ASN16276 (OVH, FR),
Reverse DNS
web3.venez.net
Software
Apache /
Resource Hash
49d4ba84e10d9d1f2a83956dde4f20625fd11efc01f60a3a4552a9e09a05a74f

Request headers

Accept-Language
fr-FR,fr;q=0.9
Referer
https://www.venez.fr/alternate-barre.htm
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

Date
Wed, 23 Feb 2022 04:42:11 GMT
Last-Modified
Thu, 15 Nov 2018 22:06:23 GMT
Server
Apache
ETag
"6e-57abb42dff5c0"
Content-Type
image/gif
Cache-Control
max-age=604800, public
Connection
Keep-Alive
Accept-Ranges
bytes
Keep-Alive
timeout=5, max=97
Content-Length
110
show_ads_impl_with_ama_fy2019.js
pagead2.googlesyndication.com/pagead/managed/js/adsense/m202202180201/ Frame 1243 		291 KB
105 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202202180201/show_ads_impl_with_ama_fy2019.js?client=ca-pub-5203714787387788&plah=www.courseofficiels.c4.fr&bust=31065026
Requested by
Host: pagead2.googlesyndication.com
URL: http://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
b242969398f5c5a19832cc0b70a9c1aa034adc4a19595baceae982df0e87f0df
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
fr-FR,fr;q=0.9
Referer
http://www.courseofficiels.c4.fr/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date
Wed, 23 Feb 2022 04:42:11 GMT
content-encoding
gzip
x-content-type-options
nosniff
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
107068
x-xss-protection
0
server
cafe
etag
5476712331312241637
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
cache-control
private, max-age=3600, stale-while-revalidate=3600
timing-allow-origin
*
expires
Wed, 23 Feb 2022 04:42:11 GMT
zrt_lookup.html
googleads.g.doubleclick.net/pagead/html/r20220217/r20190131/ Frame A85B 		10 KB
5 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/html/r20220217/r20190131/zrt_lookup.html
Requested by
Host: pagead2.googlesyndication.com
URL: http://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
0ce5fc08d0f617e71e1d61bcd79fc7cc1855f4221945b0c09ac774685fe7f52c
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36
Accept-Language
fr-FR,fr;q=0.9
Referer
http://www.courseofficiels.c4.fr/

Response headers

p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin
*
cross-origin-resource-policy
cross-origin
vary
Accept-Encoding
x-content-type-options
nosniff
content-encoding
gzip
server
cafe
content-length
4502
x-xss-protection
0
date
Tue, 22 Feb 2022 23:39:52 GMT
expires
Tue, 08 Mar 2022 23:39:52 GMT
cache-control
public, max-age=1209600
age
18139
etag
4044455266028820542
content-type
text/html; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
43961.gif
static.gambling-affiliation.com/uploads/ads/ Frame C560 		21 KB
21 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static.gambling-affiliation.com/uploads/ads/43961.gif
Requested by
Host: www.expressturf.net
URL: http://www.expressturf.net/pronos/courseofficiels/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
91.198.105.123 , France, ASN35393 (EURO-WEB-AS, FR),
Reverse DNS
Software
nginx/1.15.5 /
Resource Hash
05fbebcfc1762915e7dbdf1b965150eb303f3766b951301a7c4e0058ce8f2eef

Request headers

Accept-Language
fr-FR,fr;q=0.9
Referer
http://www.expressturf.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

Date
Wed, 23 Feb 2022 04:42:11 GMT
Last-Modified
Thu, 02 Mar 2017 11:06:41 GMT
Server
nginx/1.15.5
ETag
"58b7fcc1-521c"
Content-Type
image/gif
Connection
close
Accept-Ranges
bytes
Content-Length
21020
date.png
www.expressturf.net/pronos/courseofficiels/ Frame C560 		36 KB
37 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
http://www.expressturf.net/pronos/courseofficiels/date.png
Requested by
Host: www.expressturf.net
URL: http://www.expressturf.net/pronos/courseofficiels/
Protocol
HTTP/1.1
Server
194.150.236.166 , France, ASN44976 (HIWIT_AS, FR),
Reverse DNS
ns6.hiwit.net
Software
Apache /
Resource Hash
626aee9e27e62cfbe6b2be6bcb9e6899ccc58f81003c995c6b8bd1c3328b9511

Request headers

Accept-Language
fr-FR,fr;q=0.9
Referer
http://www.expressturf.net/pronos/courseofficiels/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

Date
Wed, 23 Feb 2022 04:42:11 GMT
Last-Modified
Tue, 03 Nov 2020 10:31:36 GMT
Server
Apache
ETag
"186a60e-910a-5b3315e097200"
Vary
Host
Content-Type
image/png
Connection
Keep-Alive
Accept-Ranges
bytes
Keep-Alive
timeout=15, max=99
Content-Length
37130
gtm.js
www.googletagmanager.com/ Frame C560 		97 KB
38 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtm.js?id=GTM-NHFGDSD
Requested by
Host: payment.allopass.com
URL: https://payment.allopass.com/buy/checkout.apu?ids=338576&idd=1553514&lang=fr
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:828::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
42ece01e8b9b3221b886b27ef98f41715f0460bde2a1bfcc8034cbe642cef16b
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

Accept-Language
fr-FR,fr;q=0.9
Referer
http://www.expressturf.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date
Wed, 23 Feb 2022 04:42:11 GMT
content-encoding
br
vary
Accept-Encoding
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
38227
x-xss-protection
0
last-modified
Wed, 23 Feb 2022 03:00:00 GMT
server
Google Tag Manager
strict-transport-security
max-age=31536000; includeSubDomains
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
access-control-allow-headers
Cache-Control
expires
Wed, 23 Feb 2022 04:42:11 GMT
buy-button.css
payment.allopass.com/static/css/ Frame C560 		2 KB
830 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://payment.allopass.com/static/css/buy-button.css?1
Requested by
Host: payment.allopass.com
URL: https://payment.allopass.com/buy/checkout.apu?ids=338576&idd=1553514&lang=fr
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
185.119.26.1 , France, ASN203544 (WEBDEVIIN-AS, FR),
Reverse DNS
1.26.119.185.in-addr.arpa
Software
Apache /
Resource Hash
95eb15e76b752a9c78d6281cd3b7c43a8fbc2931783edf3bf3703af55eff06e2

Request headers

Accept-Language
fr-FR,fr;q=0.9
Referer
http://www.expressturf.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

Date
Wed, 23 Feb 2022 04:42:11 GMT
Content-Encoding
gzip
Last-Modified
Tue, 16 Nov 2021 13:36:55 GMT
Server
Apache
ETag
"26782-69a-5d0e804cbabc0"
Vary
Accept-Encoding
Content-Type
text/css
Connection
close
Accept-Ranges
bytes
Content-Length
546
162x56.png
payment.allopass.com/static/buy/button/fr/ Frame C560 		6 KB
6 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://payment.allopass.com/static/buy/button/fr/162x56.png
Requested by
Host: www.expressturf.net
URL: http://www.expressturf.net/pronos/courseofficiels/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
185.119.26.1 , France, ASN203544 (WEBDEVIIN-AS, FR),
Reverse DNS
1.26.119.185.in-addr.arpa
Software
Apache /
Resource Hash
7dd9659e56e92abc376e04d427903b2cfca1d52d854d38e35fefa4cf9e7fd9db

Request headers

Accept-Language
fr-FR,fr;q=0.9
Referer
http://www.expressturf.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

Date
Wed, 23 Feb 2022 04:42:11 GMT
Last-Modified
Tue, 16 Nov 2021 13:36:55 GMT
Server
Apache
ETag
"216d9-1688-5d0e804cbabc0"
Content-Type
image/png
Connection
close
Accept-Ranges
bytes
Content-Length
5768
arpnum.png
www.expressturf.net/pronos/courseofficiels/ Frame C560 		27 KB
27 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
http://www.expressturf.net/pronos/courseofficiels/arpnum.png
Requested by
Host: www.expressturf.net
URL: http://www.expressturf.net/pronos/courseofficiels/
Protocol
HTTP/1.1
Server
194.150.236.166 , France, ASN44976 (HIWIT_AS, FR),
Reverse DNS
ns6.hiwit.net
Software
Apache /
Resource Hash
b1000d54963ce08f6c8f269fcb3f03dfbd10838540a28121d0a6c6442fb54922

Request headers

Accept-Language
fr-FR,fr;q=0.9
Referer
http://www.expressturf.net/pronos/courseofficiels/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

Date
Wed, 23 Feb 2022 04:42:11 GMT
Last-Modified
Tue, 03 Nov 2020 10:31:35 GMT
Server
Apache
ETag
"186a60c-6a43-5b3315dfa2fc0"
Vary
Host
Content-Type
image/png
Connection
Keep-Alive
Accept-Ranges
bytes
Keep-Alive
timeout=15, max=98
Content-Length
27203
cookie.js
partner.googleadservices.com/gampad/ Frame 1243 		209 B
641 B 		Script
General
Check archive.org
Download Go to
Full URL
https://partner.googleadservices.com/gampad/cookie.js?domain=www.courseofficiels.c4.fr&callback=_gfp_s_&client=ca-pub-5203714787387788
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202202180201/show_ads_impl_with_ama_fy2019.js?client=ca-pub-5203714787387788&plah=www.courseofficiels.c4.fr&bust=31065026
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.186.130 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s07-in-f2.1e100.net
Software
cafe /
Resource Hash
0a582f54591ccd429e5ca49eb89cca6893e4261968b3a6ee107fd230c25b03e6
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
fr-FR,fr;q=0.9
Referer
http://www.courseofficiels.c4.fr/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date
Wed, 23 Feb 2022 04:42:11 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-type
text/javascript; charset=UTF-8
cache-control
private
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
196
x-xss-protection
0
integrator.js
adservice.google.fr/adsid/ Frame 1243 		107 B
792 B 		Script
General
Check archive.org
Download Go to
Full URL
https://adservice.google.fr/adsid/integrator.js?domain=www.courseofficiels.c4.fr
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202202180201/show_ads_impl_with_ama_fy2019.js?client=ca-pub-5203714787387788&plah=www.courseofficiels.c4.fr&bust=31065026
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
fr-FR,fr;q=0.9
Referer
http://www.courseofficiels.c4.fr/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

timing-allow-origin
*
date
Wed, 23 Feb 2022 04:42:11 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control
private, no-cache, no-store
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
application/javascript; charset=UTF-8
alt-svc
h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length
100
x-xss-protection
0
integrator.js
adservice.google.com/adsid/ Frame 1243 		107 B
549 B 		Script
General
Check archive.org
Download Go to
Full URL
https://adservice.google.com/adsid/integrator.js?domain=www.courseofficiels.c4.fr
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202202180201/show_ads_impl_with_ama_fy2019.js?client=ca-pub-5203714787387788&plah=www.courseofficiels.c4.fr&bust=31065026
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
fr-FR,fr;q=0.9
Referer
http://www.courseofficiels.c4.fr/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

timing-allow-origin
*
date
Wed, 23 Feb 2022 04:42:11 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control
private, no-cache, no-store
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
application/javascript; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
100
x-xss-protection
0
ads
googleads.g.doubleclick.net/pagead/ Frame 55F7 		436 B
414 B 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5203714787387788&output=html&h=90&slotname=4563536207&adk=2647235303&adf=3604715433&pi=t.ma~as.4563536207&w=970&psa=0&format=970x90&url=http%3A%2F%2Fwww.courseofficiels.c4.fr%2F&ea=0&flash=0&wgl=1&dt=1645591331575&bpp=4&bdt=300&idt=193&shv=r20220217&mjsv=m202202180201&ptt=9&saldr=aa&correlator=5132728827757&frm=23&ife=1&pv=2&ga_vid=1305661919.1645591332&ga_sid=1645591332&ga_hid=1221095053&ga_fc=0&nhd=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&adx=20&ady=0&biw=1600&bih=1200&isw=1600&ish=90&ifk=3557296332&scr_x=0&scr_y=0&eid=42531397%2C44750774%2C182982100%2C182982300%2C31064857%2C31065026%2C31063222%2C44756894%2C44756897&oid=2&pvsid=3553837843814055&pem=325&tmod=1280250829&uas=0&nvt=1&eae=2&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C90&vis=1&rsz=o%7Co%7CaeE%7C&abl=NA&pfx=0&fu=4&bc=23&ifi=1&uci=1.cvcedmk57380&fsb=1&dtd=210
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202202180201/show_ads_impl_with_ama_fy2019.js?client=ca-pub-5203714787387788&plah=www.courseofficiels.c4.fr&bust=31065026
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
8c4e6aa3f76bafb2de8c9df7e50a50b2b44da9f1bc844471e8fefaaf7fe4b4d4
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36
Accept-Language
fr-FR,fr;q=0.9
Referer
http://www.courseofficiels.c4.fr/

Response headers

p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin
*
cross-origin-resource-policy
cross-origin
content-type
text/html; charset=UTF-8
x-content-type-options
nosniff
content-encoding
br
date
Wed, 23 Feb 2022 04:42:11 GMT
server
cafe
content-length
212
x-xss-protection
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
expires
Wed, 23 Feb 2022 04:42:11 GMT
cache-control
private
analytics.js
www.google-analytics.com/ Frame C560 		49 KB
20 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/analytics.js
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-NHFGDSD
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:827::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
a1925038db769477ab74b4df34350c35688a795bb718727b0f4292a4a78a6210
Security Headers
Name Value
Strict-Transport-Security max-age=10886400; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Accept-Language
fr-FR,fr;q=0.9
Referer
http://www.expressturf.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

strict-transport-security
max-age=10886400; includeSubDomains; preload
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Tue, 02 Nov 2021 17:39:06 GMT
server
Golfe2
age
2239
date
Wed, 23 Feb 2022 04:04:52 GMT
vary
Accept-Encoding
content-type
text/javascript
cache-control
public, max-age=7200
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
20006
expires
Wed, 23 Feb 2022 06:04:52 GMT
sodar
pagead2.googlesyndication.com/getconfig/ Frame 1243 		13 KB
10 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gda&tv=r20220217&st=env
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202202180201/show_ads_impl_with_ama_fy2019.js?client=ca-pub-5203714787387788&plah=www.courseofficiels.c4.fr&bust=31065026
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
89a71d270b17fad300e5a9765027becd33449a21714486f481f6ed35baf9c7cc
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
fr-FR,fr;q=0.9
Referer
http://www.courseofficiels.c4.fr/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

timing-allow-origin
*
date
Wed, 23 Feb 2022 04:42:12 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin
*
cache-control
private
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
application/json; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
10097
x-xss-protection
0
sodar2.js
tpc.googlesyndication.com/sodar/ Frame 1243 		17 KB
7 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/sodar2.js
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202202180201/show_ads_impl_with_ama_fy2019.js?client=ca-pub-5203714787387788&plah=www.courseofficiels.c4.fr&bust=31065026
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:830::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
fr-FR,fr;q=0.9
Referer
http://www.courseofficiels.c4.fr/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date
Wed, 23 Feb 2022 04:42:12 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
6386
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
etag
"1637097310169751"
vary
Accept-Encoding
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
expires
Wed, 23 Feb 2022 04:42:12 GMT
runner.html
tpc.googlesyndication.com/sodar/sodar2/225/ Frame 3D16 		13 KB
5 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:830::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36
Accept-Language
fr-FR,fr;q=0.9
Referer
http://www.courseofficiels.c4.fr/

Response headers

accept-ranges
bytes
vary
Accept-Encoding
content-encoding
gzip
cross-origin-resource-policy
cross-origin
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-length
5046
x-content-type-options
nosniff
server
sffe
x-xss-protection
0
date
Wed, 23 Feb 2022 00:13:24 GMT
expires
Thu, 23 Feb 2023 00:13:24 GMT
cache-control
public, max-age=31536000
last-modified
Mon, 21 Jun 2021 20:47:05 GMT
content-type
text/html
age
16128
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
aframe
www.google.com/recaptcha/api2/ Frame 33E9 		783 B
1 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://www.google.com/recaptcha/api2/aframe
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82f::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
GSE /
Resource Hash
94781a335519a93a11dc68886b60fd33b4368e72f5dcaa3204db31aefe83411f
Security Headers
Name Value
Content-Security-Policy script-src 'report-sample' 'nonce-+UFBiyCsPqgcBSzyQVbzuA' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36
Accept-Language
fr-FR,fr;q=0.9
Referer
http://www.courseofficiels.c4.fr/

Response headers

cross-origin-resource-policy
cross-origin
cross-origin-embedder-policy
require-corp
report-to
{"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
expires
Wed, 23 Feb 2022 04:42:12 GMT
date
Wed, 23 Feb 2022 04:42:12 GMT
cache-control
private, max-age=300
content-type
text/html; charset=utf-8
content-security-policy
script-src 'report-sample' 'nonce-+UFBiyCsPqgcBSzyQVbzuA' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-encoding
gzip
x-content-type-options
nosniff
x-xss-protection
1; mode=block
content-length
512
server
GSE
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
Hujgl23SVzI3rZSj4hNxUITd7BayDnfI5D3l6J-e8FI.js
pagead2.googlesyndication.com/bg/ Frame 3D16 		35 KB
13 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/bg/Hujgl23SVzI3rZSj4hNxUITd7BayDnfI5D3l6J-e8FI.js
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
1ee8e0976dd2573237ad94a3e213715084ddec16b20e77c8e43de5e89f9ef052
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
fr-FR,fr;q=0.9
Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date
Sun, 20 Feb 2022 19:42:54 GMT
content-encoding
br
x-content-type-options
nosniff
age
205158
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
13646
x-xss-protection
0
last-modified
Mon, 14 Feb 2022 11:28:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="botguard-scs"
vary
Accept-Encoding
report-to
{"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Mon, 20 Feb 2023 19:42:54 GMT
sodar
pagead2.googlesyndication.com/pagead/ Frame 33E9 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&li=gda_r20220217&jk=3553837843814055&rc=
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
fr-FR,fr;q=0.9
Referer
https://www.google.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers
generate_204
tpc.googlesyndication.com/ Frame 3D16 		0
0
gen_204
pagead2.googlesyndication.com/pagead/ Frame 1243 		0
20 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar2&v=225&t=2&li=gda_r20220217&jk=3553837843814055&bg=!fH-lfzvNAAbf-5Dq3_s7ACkAdvg8Wh3eJ8BaZIUVSICq2MZLCpoPV8ePx1LjwSr3OU64b4fi4QofXgIAAABOUgAAAAJoAQeZAuqSmLFwM8YUt7y20Qc-wlrGkNPk5uyEspq3-tdTIFfpnX1fmAsTuXgqUJmdbyG1HRO5W0pJriBzlOfwZqMW4J6Mex9aJ2Qv8bWJ0Ov5zghF3ez_y-cBE1EeEBI-GF4VrmNCJh1D_oIprcHaMTH1o_1_wctUueNwNYRkdaB22HLJ-E8E9TFvNFkq6z6Ube6T-qncaJE9ONnxONx8ZJPZa2h50XE786jWTWmMawbnmXtFvf1hiTf_rTF_X5eV7Q7GIEDAbhPsVohpFRlFBEA56kOPvceSzaTP1R_l_XIUgZRqIIZKjsLNvh1LAHWYVG_74xoUT0ccEt93uu-5-woRqMUDz681JwAA7CtMDWU6rfldSC9CCRnKN4C-XKggjaf-SfcruMAd3hEvUMRCTqrdSlOeZ2Dfrxw61Nt5AWoe_AqO_reQLqYJcQTxEZdkFTRbpG0kmKxnCN1PDrbRTSC9IlftDeJqhxProRgBgw2fzp0l_WTNhWAsaz1idpCmytJnfgSlZl7iTZkXRAQqKhGZC6PSUDw7zFyr6_D98o9TnOvAYRrUKTohiSGJIkJLfuU6Z3_JAEGfD-L2-5arS6EAZyYGlz6_qmntmQ_2Woi7hN0AIoieKBdowgx9Zu-cikTeir1yYSi_kr9fHA_Eqq1en91kFVc6LRcjzBPN2PJRlFVkkfcuMalDIWHmAtI3JfdhjfgiSpI0M-z2guLfFotdR1EW2kk2aD8i94_EqbpQFKD0IJkpPcFSLpT6nGYKAJMa21ECvoQUBsdkz4QZcX58FNcgo2pnwh-qkNhM_V0s_lFWWP_J9B-aGfKX7K6jfP6H70puxEI-So8pduDlJxmusbPzycgs6iI9qJib4B0idlLOF7aWUypUYnpiYbcomsKOjn_Gt6t67XjpHGZPp90-h4CTvbHGUyAhsiZCKblgISnPx-ZeqNg1mwv7vZFvR_LnuZiN6236G0L_BudK-4B65o0HCZak8bnkS2GYjQ
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
fr-FR,fr;q=0.9
Referer
http://www.courseofficiels.c4.fr/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 23 Feb 2022 04:42:12 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain
tpc.googlesyndication.com
URL
https://tpc.googlesyndication.com/generate_204?WBkYBA

Verdicts & Comments Add Verdict or Comment

8 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| 0 object| 1 object| 2 function| structuredClone object| google_reactive_ads_global_state object| google_ad_modifications number| google_global_correlator object| google_prev_clients

4 Cookies

Domain/Path Name / Value
payment.allopass.com/ Name: ShopSessionId
Value: 0c6325a2-d94a-4be3-8c3c-b773635d16a9
.allopass.com/ Name: AP_CUSK
Value: 3556599379
.c4.fr/ Name: __gads
Value: ID=2bd22f4615ddefda-22724fc749cd006f:T=1645591331:RT=1645591331:S=ALNI_MYycjagmH1OxFqofnJqu-kHOlz8Lw
.doubleclick.net/ Name: test_cookie
Value: CheckForPermission

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

adservice.google.com
adservice.google.fr
googleads.g.doubleclick.net
pagead2.googlesyndication.com
partner.googleadservices.com
payment.allopass.com
static.gambling-affiliation.com
tpc.googlesyndication.com
www.biltoturf.com
www.courseofficiels.c4.fr
www.expressturf.net
www.flashcourse.net
www.gambling-affiliation.com
www.google-analytics.com
www.google.com
www.googletagmanager.com
www.venez.fr
tpc.googlesyndication.com
142.250.186.130
185.119.26.1
194.150.236.166
194.150.236.179
194.150.236.236
2a00:1450:4001:810::2002
2a00:1450:4001:812::2002
2a00:1450:4001:827::200e
2a00:1450:4001:828::2008
2a00:1450:4001:82f::2002
2a00:1450:4001:82f::2004
2a00:1450:4001:830::2001
5.135.149.81
91.198.105.123
05fbebcfc1762915e7dbdf1b965150eb303f3766b951301a7c4e0058ce8f2eef
0a582f54591ccd429e5ca49eb89cca6893e4261968b3a6ee107fd230c25b03e6
0c91a24c2deb753c963c48cd9c3e5d16ee96128b30bce193c4324e121728c306
0ce5fc08d0f617e71e1d61bcd79fc7cc1855f4221945b0c09ac774685fe7f52c
154fc9ad601530a090a68d0e47f338bfa9aad6b582b48eae3b3aa0da89d25883
1ee8e0976dd2573237ad94a3e213715084ddec16b20e77c8e43de5e89f9ef052
2c1e3da482d77c63ca0a89698acc40c520d007a4b5c7b373ac2d974ba9621f81
3289fc83b622ca0a13683fa81b006a05de135d1938744d6e30e5c9be2f2d782a
3f6530c2424161af4eda5ac19fb9f39de9e5ec8efccbcda0c383d33067bac088
42ece01e8b9b3221b886b27ef98f41715f0460bde2a1bfcc8034cbe642cef16b
49d4ba84e10d9d1f2a83956dde4f20625fd11efc01f60a3a4552a9e09a05a74f
55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a
5929b7b020cb55e1f048721ce4745948bde58678f53155da4bac0b9183ec6393
61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb
626aee9e27e62cfbe6b2be6bcb9e6899ccc58f81003c995c6b8bd1c3328b9511
69afb01b565ee64712851e9eafd652481470e8f5c9e343dad64a69ae07f5a2a2
6e844c6b6214a884a9746e9f95778019cee171abc9352132cc3a4b72938b510a
794f78282f9a58efb505ecad452ecb13cff096803a5ecd0756c26e67d95887b3
7dc792d48132ff15a9ad8c11a139bf26f8e13aa3df30a71582ae406ddffdab4f
7dd9659e56e92abc376e04d427903b2cfca1d52d854d38e35fefa4cf9e7fd9db
8976277884b95b36fb3d06945f7a06b0320964337eef13af4ac690827202845b
89a71d270b17fad300e5a9765027becd33449a21714486f481f6ed35baf9c7cc
8a68bf4dae7472c6c3f6ab143aeb7744f122b80a2f93b6e901c90e6bfd428297
8c4e6aa3f76bafb2de8c9df7e50a50b2b44da9f1bc844471e8fefaaf7fe4b4d4
94781a335519a93a11dc68886b60fd33b4368e72f5dcaa3204db31aefe83411f
95eb15e76b752a9c78d6281cd3b7c43a8fbc2931783edf3bf3703af55eff06e2
962de74b820d6faeadfcce1b8db80c897412aeb74ef99cd6407ec2f41712a854
a16574956634805da1f5600dd824ece2ff2fa7d1c1b0a95e5d7eee00458f00af
a1925038db769477ab74b4df34350c35688a795bb718727b0f4292a4a78a6210
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
a88730f1383d2411a3efbd54fc6d3ce0d00e1faee8d8ddce723c1baed503f8d8
b1000d54963ce08f6c8f269fcb3f03dfbd10838540a28121d0a6c6442fb54922
b242969398f5c5a19832cc0b70a9c1aa034adc4a19595baceae982df0e87f0df
b29d21866a5f7c379110490740062e8851039dd365d1f7f7a0f6a019a56ada05
c9366e19147e6976d0f3a1f881ce3ad0861fec45302347b8dba3522009d45286
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
ead7dff95228a235e92f3cc50bcd67d3e448ccb40cee683514504e8a59aa8f30
ec8c8379b57592d5e18c8ee239957c15f702bf93f7eb4db76dbf43651c562b89
f6fb2e6c55b1424ae8c0899bf7398017c6e8a45321bac6b2613d75ca2eaf2452