urlscan.io logo urlscan.io
SecurityTrails logo

succesprono.1s.fr Open in urlscan Pro
5.135.149.81  Public Scan

Go To Rescan Add Verdict Report
URL: http://succesprono.1s.fr/index.php?la_page_demandee=pronostics_du_jour
Submission: On April 12 via manual from MA
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 10 IPs in 3 countries across 13 domains to perform 31 HTTP transactions. The main IP is 5.135.149.81, located in France and belongs to OVH, FR. The main domain is succesprono.1s.fr.
This is the only time succesprono.1s.fr was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

10    5.135.149.81 (France)

ASN16276 (OVH, FR)
PTR: web3.venez.net
succesprono.1s.fr
www.venez.fr
3    194.150.236.179 (France)

ASN44976 (HIWIT_AS, FR)
PTR: ns19.hiwit.net
www.bazireturf.com
5    2a00:1450:4001:808::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
pagead2.googlesyndication.com
4    2a00:1450:4001:827::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
googleads.g.doubleclick.net
adservice.google.de
adservice.google.com
2    194.150.236.236 (France)

ASN44976 (HIWIT_AS, FR)
PTR: ns76.hiwit.net
www.duvaldestin.com
www.tresorturf.com
1    2600:3c02:1::2d4f:f40e (United States)

ASN63949 (LINODE-AP Linode, LLC, US)
jmbazire.genhit.com
3    91.198.105.123 (France)

ASN35393 (EURO-WEB-AS, FR)
www.gambling-affiliation.com
static.gambling-affiliation.com
1    216.58.212.162 (Mountain View, United States)

ASN15169 (GOOGLE, US)
PTR: ams15s22-in-f162.1e100.net
partner.googleadservices.com
1    2a00:1450:4001:800::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.googletagservices.com
2    2a00:1450:4001:800::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
tpc.googlesyndication.com
Domain Requested by
7 www.venez.fr succesprono.1s.fr
www.venez.fr
5 pagead2.googlesyndication.com succesprono.1s.fr
pagead2.googlesyndication.com
tpc.googlesyndication.com
3 www.bazireturf.com succesprono.1s.fr
www.bazireturf.com
3 succesprono.1s.fr succesprono.1s.fr
2 tpc.googlesyndication.com pagead2.googlesyndication.com
tpc.googlesyndication.com
2 www.gambling-affiliation.com 1 redirects www.bazireturf.com
2 googleads.g.doubleclick.net pagead2.googlesyndication.com
1 static.gambling-affiliation.com www.bazireturf.com
1 www.googletagservices.com pagead2.googlesyndication.com
1 adservice.google.com pagead2.googlesyndication.com
1 adservice.google.de pagead2.googlesyndication.com
1 partner.googleadservices.com pagead2.googlesyndication.com
1 jmbazire.genhit.com www.bazireturf.com
1 www.tresorturf.com www.bazireturf.com
1 www.duvaldestin.com www.bazireturf.com
31 15

This site contains no links.

Subject Issuer Validity Valid
venez.fr
R3		 2021-04-12 -
2021-07-11		 3 months crt.sh
*.g.doubleclick.net
GTS CA 1O1		 2021-03-16 -
2021-06-08		 3 months crt.sh
www.gambling-affiliation.com
Gandi Standard SSL CA 2		 2019-11-03 -
2021-11-03		 2 years crt.sh
*.googleadservices.com
GTS CA 1O1		 2021-03-16 -
2021-06-08		 3 months crt.sh
*.google.de
GTS CA 1O1		 2021-03-16 -
2021-06-08		 3 months crt.sh
*.google.com
GTS CA 1O1		 2021-03-16 -
2021-06-08		 3 months crt.sh
static.gambling-affiliation.com
Gandi Standard SSL CA 2		 2020-08-25 -
2021-08-27		 a year crt.sh
tpc.googlesyndication.com
GTS CA 1O1		 2021-03-16 -
2021-06-08		 3 months crt.sh

This page contains 8 frames:

Primary Page: http://succesprono.1s.fr/index.php?la_page_demandee=pronostics_du_jour
Frame ID: 34037EADA16507977BC1EAF7E074D067
Requests: 1 HTTP requests in this frame

Frame: http://succesprono.1s.fr/barre-succesprono.1s.fr.html
Frame ID: 51B7F55A2D128379ECC337E650B969EA
Requests: 13 HTTP requests in this frame

Frame: http://www.bazireturf.com/turf/succesprono/index.php?la_page_demandee=pronostics_du_jour
Frame ID: 23C90ED1AD8047BEFBCFE75C945F6C27
Requests: 8 HTTP requests in this frame

Frame: http://succesprono.1s.fr/stats-succesprono.1s.fr.html
Frame ID: A606CEC27FD538E30AF4250808892E0D
Requests: 1 HTTP requests in this frame

Frame: https://www.venez.fr/alternate-barre.htm
Frame ID: 02A2EC176F5A2DB35C5EB6FA059D25BA
Requests: 4 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/html/r20210406/r20190131/zrt_lookup.html
Frame ID: 8C904AFDD6B4F1AA1C50752C8D91360E
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5203714787387788&output=html&h=90&slotname=4563536207&adk=2647235303&adf=3604715433&pi=t.ma~as.4563536207&w=970&psa=0&format=970x90&url=http%3A%2F%2Fsuccesprono.1s.fr%2Findex.php%3Fla_page_demandee%3Dpronostics_du_jour&ea=0&flash=0&wgl=1&dt=1618261771031&bpp=16&bdt=117&idt=75&shv=r20210406&cbv=r20190131&ptt=9&saldr=aa&correlator=4450736635601&frm=23&ife=1&pv=2&ga_vid=800948545.1618261771&ga_sid=1618261771&ga_hid=227565909&ga_fc=0&nhd=1&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=20&ady=0&biw=1600&bih=1200&isw=1600&ish=90&ifk=1811591207&scr_x=0&scr_y=0&eid=44736524%2C44740079%2C44739387&oid=3&pvsid=4305118266959757&eae=2&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C90&vis=1&rsz=o%7Co%7CaeE%7C&abl=NA&pfx=0&fu=4&bc=23&ifi=1&uci=1.qmmj0t3mprz3&fsb=1&dtd=92
Frame ID: F68D8E6B6D24FF44CEEB85B0CB54A739
Requests: 1 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/222/runner.html
Frame ID: A5C1AD0C6F2F58329E2EC3EFFFE51055
Requests: 2 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Detected technologies

Overall confidence: 100%
Detected patterns
  • url /\.php(?:$|\?)/i
Overall confidence: 100%
Detected patterns
  • headers server /(?:Apache(?:$|\/([\d.]+)|[^/-])|(?:^|\b)HTTPD)/i

Page Statistics

31
Requests

68 %
HTTPS

50 %
IPv6

13
Domains

15
Subdomains

10
IPs

3
Countries

308 kB
Transfer

610 kB
Size

2
Cookies

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 18
  • http://www.gambling-affiliation.com/cpm/v=2XpOgQhHyD2kUb3iTi6.4ZuSowGhDeeywC6TRWnXlH-yGy88.tSXpu-7IufP2hxImxLWo8Ujm4EP.-9CPIbtBw__&s= HTTP 302
  • https://www.gambling-affiliation.com/cpm/v=2XpOgQhHyD2kUb3iTi6.4ZuSowGhDeeywC6TRWnXlH-yGy88.tSXpu-7IufP2hxImxLWo8Ujm4EP.-9CPIbtBw__&s=

31 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Primary Request index.php
succesprono.1s.fr/ 		3 KB
1 KB 		Document
General
Check archive.org
Download Go to
Full URL
http://succesprono.1s.fr/index.php?la_page_demandee=pronostics_du_jour
Protocol
HTTP/1.1
Server
5.135.149.81 , France, ASN16276 (OVH, FR),
Reverse DNS
web3.venez.net
Software
Apache /
Resource Hash
8296f6b78dddedb078face9442738f93e30ee157924571c204e569ccb41aacd3

Request headers

Host
succesprono.1s.fr
Connection
keep-alive
Pragma
no-cache
Cache-Control
no-cache
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Accept-Encoding
gzip, deflate
Accept-Language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Mon, 12 Apr 2021 21:09:30 GMT
Server
Apache
Vary
Host,Accept-Encoding
Content-Encoding
gzip
Content-Length
1128
Keep-Alive
timeout=5, max=100
Connection
Keep-Alive
Content-Type
text/html; charset=iso-8859-1
barre-succesprono.1s.fr.html
succesprono.1s.fr/ Frame 51B7 		3 KB
2 KB 		Document
General
Check archive.org
Download Go to
Full URL
http://succesprono.1s.fr/barre-succesprono.1s.fr.html
Requested by
Host: succesprono.1s.fr
URL: http://succesprono.1s.fr/index.php?la_page_demandee=pronostics_du_jour
Protocol
HTTP/1.1
Server
5.135.149.81 , France, ASN16276 (OVH, FR),
Reverse DNS
web3.venez.net
Software
Apache /
Resource Hash
619ffd3d674997726c343feaeef2a6b62006ef53da559585c4e6f6ffb6894a46

Request headers

Host
succesprono.1s.fr
Connection
keep-alive
Pragma
no-cache
Cache-Control
no-cache
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Referer
http://succesprono.1s.fr/index.php?la_page_demandee=pronostics_du_jour
Accept-Encoding
gzip, deflate
Accept-Language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
http://succesprono.1s.fr/index.php?la_page_demandee=pronostics_du_jour

Response headers

Date
Mon, 12 Apr 2021 21:09:30 GMT
Server
Apache
Expires
Mon, 12 Apr 2021 21:09:30 GMT
Last-Modified
Mon, 12 Apr 2021 21:09:30 GMT
Cache-Control
no-store, no-cache, must-revalidate post-check=0, pre-check=0
Pragma
no-cache
Vary
Accept-Encoding
Content-Encoding
gzip
Content-Length
1502
Keep-Alive
timeout=5, max=99
Connection
Keep-Alive
Content-Type
text/html; charset=ISO-8859-1
index.php
www.bazireturf.com/turf/succesprono/ Frame 23C9 		8 KB
8 KB 		Document
General
Check archive.org
Download Go to
Full URL
http://www.bazireturf.com/turf/succesprono/index.php?la_page_demandee=pronostics_du_jour
Requested by
Host: succesprono.1s.fr
URL: http://succesprono.1s.fr/index.php?la_page_demandee=pronostics_du_jour
Protocol
HTTP/1.1
Server
194.150.236.179 , France, ASN44976 (HIWIT_AS, FR),
Reverse DNS
ns19.hiwit.net
Software
Apache /
Resource Hash
a1011230500561e29af1d1a5b7e5cde7fb66434153091c70612b1359c21ed2c5

Request headers

Host
www.bazireturf.com
Connection
keep-alive
Pragma
no-cache
Cache-Control
no-cache
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Referer
http://succesprono.1s.fr/
Accept-Encoding
gzip, deflate
Accept-Language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
http://succesprono.1s.fr/

Response headers

Date
Mon, 12 Apr 2021 21:09:30 GMT
Server
Apache
Vary
Host
Keep-Alive
timeout=15, max=100
Connection
Keep-Alive
Transfer-Encoding
chunked
Content-Type
text/html
stats-succesprono.1s.fr.html
succesprono.1s.fr/ Frame A606 		0
192 B 		Document
General
Check archive.org
Download Go to
Full URL
http://succesprono.1s.fr/stats-succesprono.1s.fr.html
Requested by
Host: succesprono.1s.fr
URL: http://succesprono.1s.fr/index.php?la_page_demandee=pronostics_du_jour
Protocol
HTTP/1.1
Server
5.135.149.81 , France, ASN16276 (OVH, FR),
Reverse DNS
web3.venez.net
Software
Apache /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Host
succesprono.1s.fr
Connection
keep-alive
Pragma
no-cache
Cache-Control
no-cache
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Referer
http://succesprono.1s.fr/index.php?la_page_demandee=pronostics_du_jour
Accept-Encoding
gzip, deflate
Accept-Language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
http://succesprono.1s.fr/index.php?la_page_demandee=pronostics_du_jour

Response headers

Date
Mon, 12 Apr 2021 21:09:30 GMT
Server
Apache
Content-Length
0
Keep-Alive
timeout=5, max=100
Connection
Keep-Alive
Content-Type
text/html; charset=iso-8859-1
site.js
www.venez.fr/js/ Frame 51B7 		2 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.venez.fr/js/site.js?www.venez.fr
Requested by
Host: succesprono.1s.fr
URL: http://succesprono.1s.fr/barre-succesprono.1s.fr.html
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
5.135.149.81 , France, ASN16276 (OVH, FR),
Reverse DNS
web3.venez.net
Software
Apache /
Resource Hash
0c91a24c2deb753c963c48cd9c3e5d16ee96128b30bce193c4324e121728c306

Request headers

Referer
http://succesprono.1s.fr/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Mon, 12 Apr 2021 21:09:30 GMT
Content-Encoding
gzip
Last-Modified
Mon, 12 Apr 2021 21:09:30 GMT
Server
Apache
Vary
Accept-Encoding
Content-Type
application/javascript
Cache-Control
public, max-age=604800
Connection
Keep-Alive
Keep-Alive
timeout=5, max=100
Content-Length
1023
Expires
Mon, 19 Apr 2021 21:09:30 GMT
separateur90.gif
www.venez.fr/images/ Frame 51B7 		82 B
388 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.venez.fr/images/separateur90.gif
Requested by
Host: succesprono.1s.fr
URL: http://succesprono.1s.fr/barre-succesprono.1s.fr.html
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
5.135.149.81 , France, ASN16276 (OVH, FR),
Reverse DNS
web3.venez.net
Software
Apache /
Resource Hash
3289fc83b622ca0a13683fa81b006a05de135d1938744d6e30e5c9be2f2d782a

Request headers

Referer
http://succesprono.1s.fr/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Mon, 12 Apr 2021 21:09:30 GMT
Last-Modified
Thu, 15 Nov 2018 22:11:22 GMT
Server
Apache
ETag
"52-57abb54b25680"
Content-Type
image/gif
Cache-Control
max-age=604800, public
Connection
Keep-Alive
Accept-Ranges
bytes
Keep-Alive
timeout=5, max=100
Content-Length
82
adsbygoogle.js
pagead2.googlesyndication.com/pagead/js/ Frame 51B7 		135 KB
48 KB 		Script
General
Check archive.org
Download Go to
Full URL
http://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js
Requested by
Host: succesprono.1s.fr
URL: http://succesprono.1s.fr/barre-succesprono.1s.fr.html
Protocol
HTTP/1.1
Server
2a00:1450:4001:808::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
1b35f828bed609bd50d0004f302ae90810fcfdff55f4a1a50f7d801f590f2358
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
http://succesprono.1s.fr/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Timing-Allow-Origin
*
Date
Mon, 12 Apr 2021 21:09:30 GMT
Content-Encoding
gzip
X-Content-Type-Options
nosniff
Server
cafe
ETag
9073347465432709909
Vary
Accept-Encoding, Origin
P3P
policyref="http://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
Cache-Control
private, max-age=3600
Cross-Origin-Resource-Policy
cross-origin
Content-Disposition
attachment; filename="f.txt"
Content-Type
text/javascript; charset=UTF-8
Content-Length
48426
X-XSS-Protection
0
Expires
Mon, 12 Apr 2021 21:09:30 GMT
alternate-barre.htm
www.venez.fr/ Frame 02A2 		2 KB
1 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://www.venez.fr/alternate-barre.htm
Requested by
Host: succesprono.1s.fr
URL: http://succesprono.1s.fr/barre-succesprono.1s.fr.html
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
5.135.149.81 , France, ASN16276 (OVH, FR),
Reverse DNS
web3.venez.net
Software
Apache /
Resource Hash
4b6813da302d5d40425a117f2406e345aff9eb9b412968da6108d7720c7b23f4

Request headers

Host
www.venez.fr
Connection
keep-alive
Pragma
no-cache
Cache-Control
no-cache
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site
cross-site
Sec-Fetch-Mode
navigate
Sec-Fetch-Dest
iframe
Referer
http://succesprono.1s.fr/
Accept-Encoding
gzip, deflate, br
Accept-Language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
http://succesprono.1s.fr/

Response headers

Date
Mon, 12 Apr 2021 21:09:30 GMT
Server
Apache
Vary
Accept-Encoding
Content-Encoding
gzip
Content-Length
872
Keep-Alive
timeout=5, max=99
Connection
Keep-Alive
Content-Type
text/html; charset=iso-8859-1
barre90.gif
www.venez.fr/images/ Frame 51B7 		110 B
416 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.venez.fr/images/barre90.gif
Requested by
Host: succesprono.1s.fr
URL: http://succesprono.1s.fr/barre-succesprono.1s.fr.html
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
5.135.149.81 , France, ASN16276 (OVH, FR),
Reverse DNS
web3.venez.net
Software
Apache /
Resource Hash
49d4ba84e10d9d1f2a83956dde4f20625fd11efc01f60a3a4552a9e09a05a74f

Request headers

Referer
http://succesprono.1s.fr/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Mon, 12 Apr 2021 21:09:30 GMT
Last-Modified
Thu, 15 Nov 2018 22:06:23 GMT
Server
Apache
ETag
"6e-57abb42dff5c0"
Content-Type
image/gif
Cache-Control
max-age=604800, public
Connection
Keep-Alive
Accept-Ranges
bytes
Keep-Alive
timeout=5, max=99
Content-Length
110
120x60.gif
www.venez.fr/images/ Frame 02A2 		4 KB
4 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.venez.fr/images/120x60.gif
Requested by
Host: www.venez.fr
URL: https://www.venez.fr/alternate-barre.htm
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
5.135.149.81 , France, ASN16276 (OVH, FR),
Reverse DNS
web3.venez.net
Software
Apache /
Resource Hash
7dc792d48132ff15a9ad8c11a139bf26f8e13aa3df30a71582ae406ddffdab4f

Request headers

Referer
https://www.venez.fr/alternate-barre.htm
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Mon, 12 Apr 2021 21:09:30 GMT
Last-Modified
Wed, 02 Mar 2011 00:16:24 GMT
Server
Apache
ETag
"f4c-49d74d2b9c600"
Content-Type
image/gif
Cache-Control
max-age=604800, public
Connection
Keep-Alive
Accept-Ranges
bytes
Keep-Alive
timeout=5, max=98
Content-Length
3916
site.js
www.venez.fr/js/ Frame 02A2 		2 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.venez.fr/js/site.js?www.venez.fr
Requested by
Host: www.venez.fr
URL: https://www.venez.fr/alternate-barre.htm
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
5.135.149.81 , France, ASN16276 (OVH, FR),
Reverse DNS
web3.venez.net
Software
Apache /
Resource Hash
0c91a24c2deb753c963c48cd9c3e5d16ee96128b30bce193c4324e121728c306

Request headers

Referer
https://www.venez.fr/alternate-barre.htm
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Mon, 12 Apr 2021 21:09:30 GMT
Content-Encoding
gzip
Last-Modified
Mon, 12 Apr 2021 21:09:30 GMT
Server
Apache
Vary
Accept-Encoding
Content-Type
application/javascript
Cache-Control
public, max-age=604800
Connection
Keep-Alive
Keep-Alive
timeout=5, max=98
Content-Length
1023
Expires
Mon, 19 Apr 2021 21:09:30 GMT
barre90.gif
www.venez.fr/images/ Frame 02A2 		110 B
416 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.venez.fr/images/barre90.gif
Requested by
Host: www.venez.fr
URL: https://www.venez.fr/alternate-barre.htm
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
5.135.149.81 , France, ASN16276 (OVH, FR),
Reverse DNS
web3.venez.net
Software
Apache /
Resource Hash
49d4ba84e10d9d1f2a83956dde4f20625fd11efc01f60a3a4552a9e09a05a74f

Request headers

Referer
https://www.venez.fr/alternate-barre.htm
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Mon, 12 Apr 2021 21:09:30 GMT
Last-Modified
Thu, 15 Nov 2018 22:06:23 GMT
Server
Apache
ETag
"6e-57abb42dff5c0"
Content-Type
image/gif
Cache-Control
max-age=604800, public
Connection
Keep-Alive
Accept-Ranges
bytes
Keep-Alive
timeout=5, max=97
Content-Length
110
show_ads_impl_with_ama_fy2019.js
pagead2.googlesyndication.com/pagead/js/r20210406/r20190131/ Frame 51B7 		219 KB
83 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/js/r20210406/r20190131/show_ads_impl_with_ama_fy2019.js?client=ca-pub-5203714787387788&plah=succesprono.1s.fr&amaexp=1
Requested by
Host: pagead2.googlesyndication.com
URL: http://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:808::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
bd5713e27f4481988d37b5b719dedea4e4379ec3c3bafea0fba9d0abe8db4973
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
http://succesprono.1s.fr/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Mon, 12 Apr 2021 21:09:31 GMT
content-encoding
gzip
x-content-type-options
nosniff
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
83926
x-xss-protection
0
server
cafe
etag
9615343531509228114
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
cache-control
private, max-age=3600, stale-while-revalidate=3600
timing-allow-origin
*
expires
Mon, 12 Apr 2021 21:09:31 GMT
zrt_lookup.html
googleads.g.doubleclick.net/pagead/html/r20210406/r20190131/ Frame 8C90 		10 KB
5 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/html/r20210406/r20190131/zrt_lookup.html
Requested by
Host: pagead2.googlesyndication.com
URL: http://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
a5cb642ef22434a24612329870579fbb272cb9fa7475360035596ea56fb0431a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

:method
GET
:authority
googleads.g.doubleclick.net
:scheme
https
:path
/pagead/html/r20210406/r20190131/zrt_lookup.html
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
http://succesprono.1s.fr/
accept-encoding
gzip, deflate, br
accept-language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
http://succesprono.1s.fr/

Response headers

p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin
*
cross-origin-resource-policy
cross-origin
vary
Accept-Encoding
date
Mon, 12 Apr 2021 14:06:23 GMT
expires
Mon, 26 Apr 2021 14:06:23 GMT
content-type
text/html; charset=UTF-8
etag
10446291943670460780
x-content-type-options
nosniff
content-encoding
gzip
server
cafe
content-length
4644
x-xss-protection
0
age
25388
cache-control
public, max-age=1209600
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
head.jpg
www.bazireturf.com/turf/succesprono/ Frame 23C9 		61 KB
61 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
http://www.bazireturf.com/turf/succesprono/head.jpg
Requested by
Host: www.bazireturf.com
URL: http://www.bazireturf.com/turf/succesprono/index.php?la_page_demandee=pronostics_du_jour
Protocol
HTTP/1.1
Server
194.150.236.179 , France, ASN44976 (HIWIT_AS, FR),
Reverse DNS
ns19.hiwit.net
Software
Apache /
Resource Hash
87ea47b9488e77802c66d049f1bfb57d8fbe682b63d05555154bd3389240419e

Request headers

Referer
http://www.bazireturf.com/turf/succesprono/index.php?la_page_demandee=pronostics_du_jour
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Mon, 12 Apr 2021 21:09:31 GMT
Last-Modified
Wed, 30 Nov 2016 07:12:47 GMT
Server
Apache
ETag
"169e298-f404-5427f6e9399c0"
Vary
Host
Content-Type
image/jpeg
Connection
Keep-Alive
Accept-Ranges
bytes
Keep-Alive
timeout=15, max=99
Content-Length
62468
logo.gif
www.bazireturf.com/img/ Frame 23C9 		19 KB
19 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
http://www.bazireturf.com/img/logo.gif
Requested by
Host: www.bazireturf.com
URL: http://www.bazireturf.com/turf/succesprono/index.php?la_page_demandee=pronostics_du_jour
Protocol
HTTP/1.1
Server
194.150.236.179 , France, ASN44976 (HIWIT_AS, FR),
Reverse DNS
ns19.hiwit.net
Software
Apache /
Resource Hash
e3a0169c93ee99ee209e212f1f9b711712aa8546cd9bc4a8f4bc431df18dabde

Request headers

Referer
http://www.bazireturf.com/turf/succesprono/index.php?la_page_demandee=pronostics_du_jour
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Mon, 12 Apr 2021 21:09:31 GMT
Last-Modified
Wed, 30 Nov 2016 07:10:42 GMT
Server
Apache
ETag
"169be12-4c74-5427f67204080"
Vary
Host
Content-Type
image/gif
Connection
Keep-Alive
Accept-Ranges
bytes
Keep-Alive
timeout=15, max=100
Content-Length
19572
logo.gif
www.duvaldestin.com/ Frame 23C9 		7 KB
7 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
http://www.duvaldestin.com/logo.gif
Requested by
Host: www.bazireturf.com
URL: http://www.bazireturf.com/turf/succesprono/index.php?la_page_demandee=pronostics_du_jour
Protocol
HTTP/1.1
Server
194.150.236.236 , France, ASN44976 (HIWIT_AS, FR),
Reverse DNS
ns76.hiwit.net
Software
Apache /
Resource Hash
89af640141b51d2387b765b728134e7f2ba8e841e759e4d59fd3b6bba1e6eb9d

Request headers

Referer
http://www.bazireturf.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Mon, 12 Apr 2021 21:09:31 GMT
Last-Modified
Fri, 26 Feb 2021 09:52:40 GMT
Server
Apache
ETag
"2533dfc-1bed-5bc3a3a8d0a00"
Vary
Host
Content-Type
image/gif
Connection
Keep-Alive
Accept-Ranges
bytes
Keep-Alive
timeout=15, max=100
Content-Length
7149
logo.gif
www.tresorturf.com/img/ Frame 23C9 		7 KB
7 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
http://www.tresorturf.com/img/logo.gif
Requested by
Host: www.bazireturf.com
URL: http://www.bazireturf.com/turf/succesprono/index.php?la_page_demandee=pronostics_du_jour
Protocol
HTTP/1.1
Server
194.150.236.236 , France, ASN44976 (HIWIT_AS, FR),
Reverse DNS
ns76.hiwit.net
Software
Apache /
Resource Hash
6708a8ec82fad521076f2579c9873b1335aad3bd231cdb2972ea0bfb38689d97

Request headers

Referer
http://www.bazireturf.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Mon, 12 Apr 2021 21:09:31 GMT
Last-Modified
Wed, 10 Feb 2021 05:51:04 GMT
Server
Apache
ETag
"2510a00-1cc2-5baf4fd0fa200"
Vary
Host
Content-Type
image/gif
Connection
Keep-Alive
Accept-Ranges
bytes
Keep-Alive
timeout=15, max=100
Content-Length
7362
logo
jmbazire.genhit.com/ Frame 23C9 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
http://jmbazire.genhit.com/logo
Requested by
Host: www.bazireturf.com
URL: http://www.bazireturf.com/turf/succesprono/index.php?la_page_demandee=pronostics_du_jour
Protocol
HTTP/1.0
Server
2600:3c02:1::2d4f:f40e , United States, ASN63949 (LINODE-AP Linode, LLC, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
http://www.bazireturf.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers
v=2XpOgQhHyD2kUb3iTi6.4ZuSowGhDeeywC6TRWnXlH-yGy88.tSXpu-7IufP2hxImxLWo8Ujm4EP.-9CPIbtBw__&s=
www.gambling-affiliation.com/cpm/ Frame 23C9
Redirect Chain
  • http://www.gambling-affiliation.com/cpm/v=2XpOgQhHyD2kUb3iTi6.4ZuSowGhDeeywC6TRWnXlH-yGy88.tSXpu-7IufP2hxImxLWo8Ujm4EP.-9CPIbtBw__&s=
  • https://www.gambling-affiliation.com/cpm/v=2XpOgQhHyD2kUb3iTi6.4ZuSowGhDeeywC6TRWnXlH-yGy88.tSXpu-7IufP2hxImxLWo8Ujm4EP.-9CPIbtBw__&s=
247 B
448 B 		Script
General
Check archive.org
Download Go to
Full URL
https://www.gambling-affiliation.com/cpm/v=2XpOgQhHyD2kUb3iTi6.4ZuSowGhDeeywC6TRWnXlH-yGy88.tSXpu-7IufP2hxImxLWo8Ujm4EP.-9CPIbtBw__&s=
Requested by
Host: www.bazireturf.com
URL: http://www.bazireturf.com/turf/succesprono/index.php?la_page_demandee=pronostics_du_jour
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
91.198.105.123 , France, ASN35393 (EURO-WEB-AS, FR),
Reverse DNS
Software
Apache/2.4.39 (Unix) PHP/5.6.40 / PHP/5.6.40
Resource Hash
55ce482b286739a146d04b7b048dd1466005ad87dffe73195020a0e55b6d58c9

Request headers

Referer
http://www.bazireturf.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Mon, 12 Apr 2021 21:09:30 GMT
Server
Apache/2.4.39 (Unix) PHP/5.6.40
Connection
close
X-Powered-By
PHP/5.6.40
Content-Length
247
Content-Type
application/javascript

Redirect headers

Location
https://www.gambling-affiliation.com/cpm/v=2XpOgQhHyD2kUb3iTi6.4ZuSowGhDeeywC6TRWnXlH-yGy88.tSXpu-7IufP2hxImxLWo8Ujm4EP.-9CPIbtBw__&s=
Cache-Control
no-cache
Connection
close
Content-length
0
cookie.js
partner.googleadservices.com/gampad/ Frame 51B7 		195 B
636 B 		Script
General
Check archive.org
Download Go to
Full URL
https://partner.googleadservices.com/gampad/cookie.js?domain=succesprono.1s.fr&callback=_gfp_s_&client=ca-pub-5203714787387788
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/r20210406/r20190131/show_ads_impl_with_ama_fy2019.js?client=ca-pub-5203714787387788&plah=succesprono.1s.fr&amaexp=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
216.58.212.162 Mountain View, United States, ASN15169 (GOOGLE, US),
Reverse DNS
ams15s22-in-f162.1e100.net
Software
cafe /
Resource Hash
f0b2833694373aa6f5506849d140adc431df95d410e8b54dcfc5f125ae3c2c65
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
http://succesprono.1s.fr/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Mon, 12 Apr 2021 21:09:31 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-type
text/javascript; charset=UTF-8
cache-control
private
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
187
x-xss-protection
0
integrator.js
adservice.google.de/adsid/ Frame 51B7 		107 B
799 B 		Script
General
Check archive.org
Download Go to
Full URL
https://adservice.google.de/adsid/integrator.js?domain=succesprono.1s.fr
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/r20210406/r20190131/show_ads_impl_with_ama_fy2019.js?client=ca-pub-5203714787387788&plah=succesprono.1s.fr&amaexp=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
http://succesprono.1s.fr/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin
*
date
Mon, 12 Apr 2021 21:09:31 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control
private, no-cache, no-store
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
application/javascript; charset=UTF-8
alt-svc
h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length
100
x-xss-protection
0
integrator.js
adservice.google.com/adsid/ Frame 51B7 		107 B
553 B 		Script
General
Check archive.org
Download Go to
Full URL
https://adservice.google.com/adsid/integrator.js?domain=succesprono.1s.fr
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/r20210406/r20190131/show_ads_impl_with_ama_fy2019.js?client=ca-pub-5203714787387788&plah=succesprono.1s.fr&amaexp=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
http://succesprono.1s.fr/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin
*
date
Mon, 12 Apr 2021 21:09:31 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control
private, no-cache, no-store
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
application/javascript; charset=UTF-8
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
100
x-xss-protection
0
ads
googleads.g.doubleclick.net/pagead/ Frame F68D 		405 B
765 B 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5203714787387788&output=html&h=90&slotname=4563536207&adk=2647235303&adf=3604715433&pi=t.ma~as.4563536207&w=970&psa=0&format=970x90&url=http%3A%2F%2Fsuccesprono.1s.fr%2Findex.php%3Fla_page_demandee%3Dpronostics_du_jour&ea=0&flash=0&wgl=1&dt=1618261771031&bpp=16&bdt=117&idt=75&shv=r20210406&cbv=r20190131&ptt=9&saldr=aa&correlator=4450736635601&frm=23&ife=1&pv=2&ga_vid=800948545.1618261771&ga_sid=1618261771&ga_hid=227565909&ga_fc=0&nhd=1&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=20&ady=0&biw=1600&bih=1200&isw=1600&ish=90&ifk=1811591207&scr_x=0&scr_y=0&eid=44736524%2C44740079%2C44739387&oid=3&pvsid=4305118266959757&eae=2&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C90&vis=1&rsz=o%7Co%7CaeE%7C&abl=NA&pfx=0&fu=4&bc=23&ifi=1&uci=1.qmmj0t3mprz3&fsb=1&dtd=92
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/r20210406/r20190131/show_ads_impl_with_ama_fy2019.js?client=ca-pub-5203714787387788&plah=succesprono.1s.fr&amaexp=1
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
dd299aae6c9080028b8f27e85b7fcc15bcbc91f9aeb622918b432ff25fdefa21
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

:method
GET
:authority
googleads.g.doubleclick.net
:scheme
https
:path
/pagead/ads?client=ca-pub-5203714787387788&output=html&h=90&slotname=4563536207&adk=2647235303&adf=3604715433&pi=t.ma~as.4563536207&w=970&psa=0&format=970x90&url=http%3A%2F%2Fsuccesprono.1s.fr%2Findex.php%3Fla_page_demandee%3Dpronostics_du_jour&ea=0&flash=0&wgl=1&dt=1618261771031&bpp=16&bdt=117&idt=75&shv=r20210406&cbv=r20190131&ptt=9&saldr=aa&correlator=4450736635601&frm=23&ife=1&pv=2&ga_vid=800948545.1618261771&ga_sid=1618261771&ga_hid=227565909&ga_fc=0&nhd=1&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=20&ady=0&biw=1600&bih=1200&isw=1600&ish=90&ifk=1811591207&scr_x=0&scr_y=0&eid=44736524%2C44740079%2C44739387&oid=3&pvsid=4305118266959757&eae=2&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C90&vis=1&rsz=o%7Co%7CaeE%7C&abl=NA&pfx=0&fu=4&bc=23&ifi=1&uci=1.qmmj0t3mprz3&fsb=1&dtd=92
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
http://succesprono.1s.fr/
accept-encoding
gzip, deflate, br
accept-language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
http://succesprono.1s.fr/

Response headers

p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin
*
cross-origin-resource-policy
cross-origin
content-type
text/html; charset=UTF-8
x-content-type-options
nosniff
content-encoding
br
date
Mon, 12 Apr 2021 21:09:31 GMT
server
cafe
content-length
203
x-xss-protection
0
set-cookie
test_cookie=CheckForPermission; expires=Mon, 12-Apr-2021 21:24:31 GMT; path=/; domain=.doubleclick.net; Secure; HttpOnly; SameSite=none
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
expires
Mon, 12 Apr 2021 21:09:31 GMT
cache-control
private
osd.js
www.googletagservices.com/activeview/js/current/ Frame 51B7 		73 KB
28 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/activeview/js/current/osd.js?cb=%2Fr20100101
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/r20210406/r20190131/show_ads_impl_with_ama_fy2019.js?client=ca-pub-5203714787387788&plah=succesprono.1s.fr&amaexp=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:800::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
12a84d53232f26ad8feb3dab55e480195520c092b9a8dc87baca96c7390d919b
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
http://succesprono.1s.fr/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Mon, 12 Apr 2021 21:09:31 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
sffe
etag
"1617988871915048"
vary
Accept-Encoding
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
28262
x-xss-protection
0
expires
Mon, 12 Apr 2021 21:09:31 GMT
ad_error4.gif
static.gambling-affiliation.com/images/ Frame 23C9 		47 B
278 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static.gambling-affiliation.com/images/ad_error4.gif?err=2XpOgQhHyD2kUb3iTi6.4ZuSowGhDeeywC6TRWnXlH-yGy88.tSXpu-7IufP2hxImxLWo8Ujm4EP.-9CPIbtBw__
Requested by
Host: www.bazireturf.com
URL: http://www.bazireturf.com/turf/succesprono/index.php?la_page_demandee=pronostics_du_jour
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
91.198.105.123 , France, ASN35393 (EURO-WEB-AS, FR),
Reverse DNS
Software
nginx/1.15.5 /
Resource Hash
91e8db0489998054e1e2d29d848ebaebd97727067b651be9dbd6a5247997765d

Request headers

Referer
http://www.bazireturf.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Mon, 12 Apr 2021 21:09:31 GMT
Last-Modified
Fri, 15 Feb 2019 09:20:52 GMT
Server
nginx/1.15.5
ETag
"5c668474-2f"
Content-Type
image/gif
Connection
close
Accept-Ranges
bytes
Content-Length
47
sodar
pagead2.googlesyndication.com/getconfig/ Frame 51B7 		8 KB
7 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gda&tv=r20210406&st=env
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/r20210406/r20190131/show_ads_impl_with_ama_fy2019.js?client=ca-pub-5203714787387788&plah=succesprono.1s.fr&amaexp=1
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:808::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
85807d0cc70fb4646fea3e4798627c52f85e4252f751e9f33ba2ba7e04a39d26
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
http://succesprono.1s.fr/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin
*
date
Mon, 12 Apr 2021 21:09:31 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin
*
cache-control
private
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
application/json; charset=UTF-8
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
6546
x-xss-protection
0
sodar2.js
tpc.googlesyndication.com/sodar/ Frame 51B7 		17 KB
7 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/sodar2.js
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/r20210406/r20190131/show_ads_impl_with_ama_fy2019.js?client=ca-pub-5203714787387788&plah=succesprono.1s.fr&amaexp=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:800::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
c61a719b48533a1fa932729f4927ba1377a96c441b0d6a427096b867742b4645
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
http://succesprono.1s.fr/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Mon, 12 Apr 2021 21:09:31 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
sffe
etag
"1616005470650935"
vary
Accept-Encoding
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
6437
x-xss-protection
0
expires
Mon, 12 Apr 2021 21:09:31 GMT
runner.html
tpc.googlesyndication.com/sodar/sodar2/222/ Frame A5C1 		12 KB
5 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/sodar2/222/runner.html
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:800::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
6836719899bda27cd22c1551cb7fbfc33fb0bbbedaa89e4baa8715fef8202cbc
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

:method
GET
:authority
tpc.googlesyndication.com
:scheme
https
:path
/sodar/sodar2/222/runner.html
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
http://succesprono.1s.fr/
accept-encoding
gzip, deflate, br
accept-language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
http://succesprono.1s.fr/

Response headers

accept-ranges
bytes
vary
Accept-Encoding
content-encoding
gzip
content-type
text/html
cross-origin-resource-policy
cross-origin
content-length
5022
date
Mon, 12 Apr 2021 20:39:41 GMT
expires
Tue, 12 Apr 2022 20:39:41 GMT
last-modified
Wed, 20 Jan 2021 19:23:06 GMT
x-content-type-options
nosniff
server
sffe
x-xss-protection
0
cache-control
public, max-age=31536000
age
1790
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
71hr94SUjmI4WsmVKl_xSF-LeUxrKTKLcbZwOLomvE8.js
pagead2.googlesyndication.com/bg/ Frame A5C1 		14 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/bg/71hr94SUjmI4WsmVKl_xSF-LeUxrKTKLcbZwOLomvE8.js
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2/222/runner.html
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:808::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
ef586bf784948e62385ac9952a5ff1485f8b794c6b29328b71b67038ba26bc4f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 10 Apr 2021 10:45:14 GMT
content-encoding
br
x-content-type-options
nosniff
last-modified
Wed, 24 Mar 2021 17:18:00 GMT
server
sffe
age
210257
vary
Accept-Encoding
content-type
text/javascript
cache-control
public, max-age=31536000
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
5693
x-xss-protection
0
expires
Sun, 10 Apr 2022 10:45:14 GMT
gen_204
pagead2.googlesyndication.com/pagead/ Frame 51B7 		0
224 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar2&v=222&t=2&li=gda_r20210406&jk=4305118266959757&bg=!_v2l_bnNAAY56aLOOek7ACkAdvg8WhP7nfDD73LWIfRtq9l7m0ClkMYsRUc99En0j7gl_7biVxVwsAIAAABlUgAAAAdoAQcKAKcz1ef7tOiGuTziXFgirPFSoG0HAMpBbJt1QJdlWf3mfwUOlVxR_Q-iisPvlN5tR6UlkgRKu2ZrEVdVhVrtOuuQvUq4YfbOmOpc69qZrbHwVCS0ewGUlqtN9PYiyzl4wyKIbqLho0_wz7mwaESmKKTbDvdznH23ASQE7EHi_WcyB-kBJFhKfglMoUR0LQjmve1gbN7sb3Piu6r1WiUiOJattWeBJLti95kB7mP2LsRgEYHIK8GURE1acCKr_iVtSaHOUlhIHpQ_1XptJ1PhUo_2S9nSnBXhd2VVmoB4CX7KMxKofw7wMo9trIYIWcsDcCegrmhq5cD2Is9Ve5121m5MeQRMStiFfM-3SARdwZxXvc7IQa4wrpMQ9uu7m4-SqXDJs8UPahnpJANjsv3EZyyLPpFC94TZE_6_kiIDw1oV55XAOK70UxpUxSzAL4PLUk4oc5-Im1oBK0K7ZJ8u83GRqggiDQP5aFauKkyRwwrDFbBJVw0tYBm3FdbRG4KVsts9g9Q1fmcR30UK5_OwQPCsfKbsS8G-WRSD2OIPNnDSr_xaBdva2onYuWJEHN27DF_e9-2YSC0PrsUaGM-x7xPkQJ64g5zMDYJRiUX_vrC7sTzq4k4QYgm6CkMYvp9lM2r-k0G0c-4K3aoQ6gSNQONUzhpRcaQNlUTLPEJGRJ8SUS-g3AM0IQhmQ5PqByPQJEQLOpMwhj_oBpQD0x4Q_0VYzGp1E1ulir5bOxycnVKZ2p3M284Rujf_5y3W8qu9gWmiLJt-6jekKY0jGuWV9rspLT5RYqWwp6zYypBlN4hDgQptOk8BdLDoy78brvSok8LjrwnLMWwnHKqvrGEkVdsjnxXpu68S2J9TtEecnFV8HLr96Bulr58w
Requested by
Host: succesprono.1s.fr
URL: http://succesprono.1s.fr/index.php?la_page_demandee=pronostics_du_jour
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:808::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
http://succesprono.1s.fr/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 12 Apr 2021 21:09:31 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Verdicts & Comments Add Verdict or Comment

13 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| 0 object| 1 object| 2 object| ontransitionrun object| ontransitionstart object| ontransitioncancel object| trustedTypes boolean| crossOriginIsolated object| google_reactive_ads_global_state object| google_ad_modifications number| google_global_correlator object| google_prev_clients object| google_jobrunner

2 Cookies

Domain/Path Name / Value
.doubleclick.net/ Name: test_cookie
Value: CheckForPermission
.1s.fr/ Name: __gads
Value: ID=3c44029e9ebcff0f-22bc74e716bb0089:T=1618261771:RT=1618261771:S=ALNI_Ma1C6mdCRkuS1FwpHtLEt6ASUi6oQ

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

adservice.google.com
adservice.google.de
googleads.g.doubleclick.net
jmbazire.genhit.com
pagead2.googlesyndication.com
partner.googleadservices.com
static.gambling-affiliation.com
succesprono.1s.fr
tpc.googlesyndication.com
www.bazireturf.com
www.duvaldestin.com
www.gambling-affiliation.com
www.googletagservices.com
www.tresorturf.com
www.venez.fr
194.150.236.179
194.150.236.236
216.58.212.162
2600:3c02:1::2d4f:f40e
2a00:1450:4001:800::2001
2a00:1450:4001:800::2002
2a00:1450:4001:808::2002
2a00:1450:4001:827::2002
5.135.149.81
91.198.105.123
0c91a24c2deb753c963c48cd9c3e5d16ee96128b30bce193c4324e121728c306
12a84d53232f26ad8feb3dab55e480195520c092b9a8dc87baca96c7390d919b
1b35f828bed609bd50d0004f302ae90810fcfdff55f4a1a50f7d801f590f2358
3289fc83b622ca0a13683fa81b006a05de135d1938744d6e30e5c9be2f2d782a
49d4ba84e10d9d1f2a83956dde4f20625fd11efc01f60a3a4552a9e09a05a74f
4b6813da302d5d40425a117f2406e345aff9eb9b412968da6108d7720c7b23f4
55ce482b286739a146d04b7b048dd1466005ad87dffe73195020a0e55b6d58c9
619ffd3d674997726c343feaeef2a6b62006ef53da559585c4e6f6ffb6894a46
6708a8ec82fad521076f2579c9873b1335aad3bd231cdb2972ea0bfb38689d97
6836719899bda27cd22c1551cb7fbfc33fb0bbbedaa89e4baa8715fef8202cbc
7dc792d48132ff15a9ad8c11a139bf26f8e13aa3df30a71582ae406ddffdab4f
8296f6b78dddedb078face9442738f93e30ee157924571c204e569ccb41aacd3
85807d0cc70fb4646fea3e4798627c52f85e4252f751e9f33ba2ba7e04a39d26
87ea47b9488e77802c66d049f1bfb57d8fbe682b63d05555154bd3389240419e
89af640141b51d2387b765b728134e7f2ba8e841e759e4d59fd3b6bba1e6eb9d
91e8db0489998054e1e2d29d848ebaebd97727067b651be9dbd6a5247997765d
a1011230500561e29af1d1a5b7e5cde7fb66434153091c70612b1359c21ed2c5
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
a5cb642ef22434a24612329870579fbb272cb9fa7475360035596ea56fb0431a
bd5713e27f4481988d37b5b719dedea4e4379ec3c3bafea0fba9d0abe8db4973
c61a719b48533a1fa932729f4927ba1377a96c441b0d6a427096b867742b4645
dd299aae6c9080028b8f27e85b7fcc15bcbc91f9aeb622918b432ff25fdefa21
e3a0169c93ee99ee209e212f1f9b711712aa8546cd9bc4a8f4bc431df18dabde
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
ef586bf784948e62385ac9952a5ff1485f8b794c6b29328b71b67038ba26bc4f
f0b2833694373aa6f5506849d140adc431df95d410e8b54dcfc5f125ae3c2c65