www.regiehippo.vu.cx Open in urlscan Pro
5.135.149.81 Public Scan

Go To Rescan
Add Verdict Report

URL:
http://www.regiehippo.vu.cx/index.php?la_page_demandee=pronostics_du_jour
Submission: On April 15 via manual (April 15th 2023, 2:55:17 pm UTC) from ML — Scanned from FR

Summary HTTP 32 Redirects Behaviour Indicators

Summary

This website contacted 10 IPs in 2 countries across 9 domains to perform 32 HTTP transactions. The main IP is 5.135.149.81, located in Sens, France and belongs to OVH, FR. The main domain is www.regiehippo.vu.cx.

This is the only time www.regiehippo.vu.cx was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
10	5.135.149.81 5.135.149.81	16276 (OVH) (OVH)
3	194.150.236.236 194.150.236.236	44976 (HIWIT_AS) (HIWIT_AS)
6	2a00:1450:400... 2a00:1450:4001:813::2002	15169 (GOOGLE) (GOOGLE)
4	91.198.105.123 91.198.105.123	35393 (EURO-WEB-AS) (EURO-WEB-AS)
2	2a00:1450:400... 2a00:1450:4001:830::2002	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:82f::2002	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:802::2002	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:806::2002	15169 (GOOGLE) (GOOGLE)
3	2a00:1450:400... 2a00:1450:4001:831::2001	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:831::2004	15169 (GOOGLE) (GOOGLE)
32	10

10 5.135.149.81 (Sens, France)

ASN16276 (OVH, FR)
PTR: web3.venez.net

www.regiehippo.vu.cx	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
www.venez.fr	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 194.150.236.236 (France)

ASN44976 (HIWIT_AS, FR)
PTR: ns76.hiwit.net

www.lemaitreturf.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 2a00:1450:4001:813::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

pagead2.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 91.198.105.123 (France)

ASN35393 (EURO-WEB-AS, FR)

www.gambling-affiliation.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
static.gambling-affiliation.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:830::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

googleads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:82f::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

partner.googleadservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:802::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

adservice.google.fr	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:806::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

adservice.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1450:4001:831::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

tpc.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:831::2004 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
9	googlesyndication.com pagead2.googlesyndication.com — Cisco Umbrella Rank: 105 tpc.googlesyndication.com — Cisco Umbrella Rank: 138	204 KB
7	venez.fr www.venez.fr	9 KB
4	gambling-affiliation.com www.gambling-affiliation.com static.gambling-affiliation.com	473 KB
3	lemaitreturf.com www.lemaitreturf.com	313 KB
3	vu.cx www.regiehippo.vu.cx	3 KB
2	google.com adservice.google.com — Cisco Umbrella Rank: 73 www.google.com — Cisco Umbrella Rank: 2	2 KB
2	doubleclick.net googleads.g.doubleclick.net — Cisco Umbrella Rank: 35	5 KB
1	google.fr adservice.google.fr — Cisco Umbrella Rank: 33510	531 B
1	googleadservices.com partner.googleadservices.com — Cisco Umbrella Rank: 925	599 B
32	9

	Domain	Requested by
7	www.venez.fr	www.regiehippo.vu.cx www.venez.fr
6	pagead2.googlesyndication.com	www.regiehippo.vu.cx pagead2.googlesyndication.com tpc.googlesyndication.com
3	tpc.googlesyndication.com	pagead2.googlesyndication.com tpc.googlesyndication.com
3	www.lemaitreturf.com	www.regiehippo.vu.cx www.lemaitreturf.com
3	www.regiehippo.vu.cx	www.regiehippo.vu.cx
2	static.gambling-affiliation.com	www.lemaitreturf.com
2	googleads.g.doubleclick.net	pagead2.googlesyndication.com
2	www.gambling-affiliation.com	www.lemaitreturf.com
1	www.google.com	tpc.googlesyndication.com
1	adservice.google.com	pagead2.googlesyndication.com
1	adservice.google.fr	pagead2.googlesyndication.com
1	partner.googleadservices.com	pagead2.googlesyndication.com
32	12

This site contains no links.

Subject Issuer	Validity	Valid
lemaitreturf.com R3	`2023-03-28` - `2023-06-26`	3 months	crt.sh
venez.fr R3	`2023-03-17` - `2023-06-15`	3 months	crt.sh
www.gambling-affiliation.com Gandi Standard SSL CA 2	`2022-10-28` - `2023-10-28`	a year	crt.sh
*.g.doubleclick.net GTS CA 1C3	`2023-03-28` - `2023-06-20`	3 months	crt.sh
static.gambling-affiliation.com Gandi Standard SSL CA 2	`2022-08-22` - `2023-08-22`	a year	crt.sh
*.googleadservices.com GTS CA 1C3	`2023-03-28` - `2023-06-20`	3 months	crt.sh
*.google.fr GTS CA 1C3	`2023-03-28` - `2023-06-20`	3 months	crt.sh
*.google.com GTS CA 1C3	`2023-03-28` - `2023-06-20`	3 months	crt.sh
tpc.googlesyndication.com GTS CA 1C3	`2023-03-28` - `2023-06-20`	3 months	crt.sh
www.google.com GTS CA 1C3	`2023-03-28` - `2023-06-20`	3 months	crt.sh

This page contains 9 frames:

Primary Page: http://www.regiehippo.vu.cx/index.php?la_page_demandee=pronostics_du_jour
Frame ID: CD424D2DF96C88EFCA19782A4EB128D9
Requests: 1 HTTP requests in this frame

Frame: http://www.regiehippo.vu.cx/barre-regiehippo.vu.cx.html
Frame ID: 136954CFB9E1F72E9FADF628C146BCCD
Requests: 12 HTTP requests in this frame

Frame: https://www.lemaitreturf.com/lespros2/regiehippo/index.php?la_page_demandee=pronostics_du_jour
Frame ID: E11EC84A01A81381B47F99BDB67E38CD
Requests: 7 HTTP requests in this frame

Frame: http://www.regiehippo.vu.cx/stats-regiehippo.vu.cx.html
Frame ID: 04EA259948F19F4788BCE8246B42DB86
Requests: 1 HTTP requests in this frame

Frame: https://www.venez.fr/alternate-barre.htm
Frame ID: 4518A87B62A69A9B56FA34F7E1FCFB95
Requests: 4 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/html/r20230412/r20190131/zrt_lookup.html
Frame ID: 91B7BBB987424549632D75536FC17AF8
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5203714787387788&output=html&h=90&slotname=4563536207&adk=2647235303&adf=3604715433&pi=t.ma~as.4563536207&w=970&format=970x90&url=http%3A%2F%2Fwww.regiehippo.vu.cx%2Findex.php%3Fla_page_demandee%3Dpronostics_du_jour&ea=0&wgl=1&dt=1681570512973&bpp=5&bdt=420&idt=256&shv=r20230412&mjsv=m202304060101&ptt=9&saldr=aa&correlator=702525436159&frm=23&ife=1&pv=2&ga_vid=1183885086.1681570513&ga_sid=1681570513&ga_hid=478010044&ga_fc=0&nhd=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&adx=20&ady=0&biw=1600&bih=1200&isw=1600&ish=90&ifk=244013905&scr_x=0&scr_y=0&eid=44759837%2C42532185%2C44759876%2C44759927%2C42532089%2C31073787%2C31073822%2C42531705%2C44788443&oid=2&pvsid=4502064882194316&tmod=1128238186&uas=0&nvt=1&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C90&vis=1&rsz=o%7Co%7CaeE%7C&abl=NA&pfx=0&fu=4&bc=23&ifi=1&uci=1.fqs9odqqii7f&fsb=1&dtd=277
Frame ID: F93B01BAAC47C21BAB4510027E673ACF
Requests: 1 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Frame ID: C793EDD4146AD79726DC71EC3B1DCFD7
Requests: 3 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/aframe
Frame ID: 5A7E965F42F5B62E925157D3A3342116
Requests: 2 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

REGIE HIPPO

Detected technologies

PHP (Programming Languages) Expand

Overall confidence: 100%
Detected patterns

\.php(?:$|\?)

Google AdSense (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

googlesyndication\.com/

Page Statistics

32
Requests

88 %
HTTPS

70 %
IPv6

9
Domains

12
Subdomains

10
IPs

2
Countries

1010 kB
Transfer

1376 kB
Size

3
Cookies

0 Outgoing links

These are links going to different origins than the main page.

Redirected requests

There were HTTP redirect chains for the following requests:

32 HTTP transactions
0 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H/1.1 200
OK Primary Request index.php Show response
www.regiehippo.vu.cx/ 3 KB
1 KB 109ms
27ms Document
text/html 5.135.149.81
OVH

General

Check archive.org

Show headers Download Go to

Full URL: http://www.regiehippo.vu.cx/index.php?la_page_demandee=pronostics_du_jour
Protocol: HTTP/1.1
Server: 5.135.149.81 Sens, France, ASN16276 (OVH, FR),
Reverse DNS: web3.venez.net
Software: Apache /
Resource Hash: 52572c2e333117cc073dc20c2ec5c31b68a890389436050b49864d76431c25e6

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.49 Safari/537.36
accept-language: fr-FR,fr;q=0.9

Response headers

Connection: Keep-Alive
Content-Encoding: gzip
Content-Length: 1129
Content-Type: text/html; charset=iso-8859-1
Date: Sat, 15 Apr 2023 14:55:11 GMT
Keep-Alive: timeout=5, max=100
Server: Apache
Vary: Host,Accept-Encoding

GET
H/1.1 200
OK barre-regiehippo.vu.cx.html Show response
www.regiehippo.vu.cx/ Frame 1369 3 KB
2 KB 124ms
123ms Document
text/html 5.135.149.81
OVH

General

Check archive.org

Show headers Download Go to

Full URL: http://www.regiehippo.vu.cx/barre-regiehippo.vu.cx.html
Requested by: Host: www.regiehippo.vu.cx
URL: http://www.regiehippo.vu.cx/index.php?la_page_demandee=pronostics_du_jour
Protocol: HTTP/1.1
Server: 5.135.149.81 Sens, France, ASN16276 (OVH, FR),
Reverse DNS: web3.venez.net
Software: Apache /
Resource Hash: 4521dbb3f23be72508cc11b8fa98bcb04fd4384990ad43006fad3d5fc14fa0c9

Request headers

Referer: http://www.regiehippo.vu.cx/index.php?la_page_demandee=pronostics_du_jour
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.49 Safari/537.36
accept-language: fr-FR,fr;q=0.9

Response headers

Cache-Control: no-store, no-cache, must-revalidate post-check=0, pre-check=0
Connection: Keep-Alive
Content-Encoding: gzip
Content-Length: 1501
Content-Type: text/html; charset=ISO-8859-1
Date: Sat, 15 Apr 2023 14:55:11 GMT
Expires: Sat, 15 Apr 2023 14:55:11 GMT
Keep-Alive: timeout=5, max=99
Last-Modified: Sat, 15 Apr 2023 14:55:11 GMT
Pragma: no-cache
Server: Apache
Vary: Accept-Encoding

GET
H/1.1 200
OK index.php Show response
www.lemaitreturf.com/lespros2/regiehippo/ Frame E11E 6 KB
7 KB 219ms
119ms Document
text/html 194.150.236.236
HIWIT_AS

General

Check archive.org

Show headers Download Go to

Full URL

https://www.lemaitreturf.com/lespros2/regiehippo/index.php?la_page_demandee=pronostics_du_jour

Requested by

Host: www.regiehippo.vu.cx
URL: http://www.regiehippo.vu.cx/index.php?la_page_demandee=pronostics_du_jour

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

194.150.236.236 , France, ASN44976 (HIWIT_AS, FR),

Reverse DNS

ns76.hiwit.net

Software

Apache /

Resource Hash

f602c3d794e453b8f185d2a6aeabfc4cf6d6c59e2e0eb3876bd43d263dedbbeb

Security Headers

Name	Value
Strict-Transport-Security	max-age=15768000

Request headers

Referer: http://www.regiehippo.vu.cx/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.49 Safari/537.36
accept-language: fr-FR,fr;q=0.9

Response headers

Cache-Control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
Connection: Keep-Alive
Content-Type: text/html
Date: Sat, 15 Apr 2023 14:55:12 GMT
Expires: Thu, 19 Nov 1981 08:52:00 GMT
Keep-Alive: timeout=15, max=100
Pragma: no-cache
Server: Apache
Strict-Transport-Security: max-age=15768000
Transfer-Encoding: chunked
Vary: Host

GET
H/1.1 200
OK stats-regiehippo.vu.cx.html Show response
www.regiehippo.vu.cx/ Frame 04EA 0
192 B 134ms
110ms Document
text/html 5.135.149.81
OVH

General

Check archive.org

Show headers Download Go to

Full URL: http://www.regiehippo.vu.cx/stats-regiehippo.vu.cx.html
Requested by: Host: www.regiehippo.vu.cx
URL: http://www.regiehippo.vu.cx/index.php?la_page_demandee=pronostics_du_jour
Protocol: HTTP/1.1
Server: 5.135.149.81 Sens, France, ASN16276 (OVH, FR),
Reverse DNS: web3.venez.net
Software: Apache /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: http://www.regiehippo.vu.cx/index.php?la_page_demandee=pronostics_du_jour
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.49 Safari/537.36
accept-language: fr-FR,fr;q=0.9

Response headers

Connection: Keep-Alive
Content-Length: 0
Content-Type: text/html; charset=iso-8859-1
Date: Sat, 15 Apr 2023 14:55:11 GMT
Keep-Alive: timeout=5, max=100
Server: Apache

GET
H/1.1 200
OK site.js Show response
www.venez.fr/js/ Frame 1369 2 KB
1 KB 162ms
25ms Script
application/javascript 5.135.149.81
OVH

General

Check archive.org

Show headers Download Go to

Full URL: https://www.venez.fr/js/site.js?www.venez.fr
Requested by: Host: www.regiehippo.vu.cx
URL: http://www.regiehippo.vu.cx/barre-regiehippo.vu.cx.html
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 5.135.149.81 Sens, France, ASN16276 (OVH, FR),
Reverse DNS: web3.venez.net
Software: Apache /
Resource Hash: 0c91a24c2deb753c963c48cd9c3e5d16ee96128b30bce193c4324e121728c306

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: http://www.regiehippo.vu.cx/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.49 Safari/537.36

Response headers

Date: Sat, 15 Apr 2023 14:55:12 GMT
Content-Encoding: gzip
Last-Modified: Sat, 15 Apr 2023 14:55:12 GMT
Server: Apache
Vary: Accept-Encoding
Content-Type: application/javascript
Cache-Control: public, max-age=604800
Connection: Keep-Alive
Keep-Alive: timeout=5, max=100
Content-Length: 1023
Expires: Sat, 22 Apr 2023 14:55:12 GMT

GET
H/1.1 200
OK separateur90.gif
www.venez.fr/images/ Frame 1369 82 B
388 B 164ms
26ms Image
image/gif 5.135.149.81
OVH

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.venez.fr/images/separateur90.gif
Requested by: Host: www.regiehippo.vu.cx
URL: http://www.regiehippo.vu.cx/barre-regiehippo.vu.cx.html
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 5.135.149.81 Sens, France, ASN16276 (OVH, FR),
Reverse DNS: web3.venez.net
Software: Apache /
Resource Hash: 3289fc83b622ca0a13683fa81b006a05de135d1938744d6e30e5c9be2f2d782a

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: http://www.regiehippo.vu.cx/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.49 Safari/537.36

Response headers

Date: Sat, 15 Apr 2023 14:55:12 GMT
Last-Modified: Thu, 15 Nov 2018 22:11:22 GMT
Server: Apache
ETag: "52-57abb54b25680"
Content-Type: image/gif
Cache-Control: max-age=604800, public
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=100
Content-Length: 82

GET
H/1.1 200
OK adsbygoogle.js Show response
pagead2.googlesyndication.com/pagead/js/ Frame 1369 137 KB
50 KB 113ms
72ms Script
text/javascript 2a00:1450:4001:813::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

http://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js

Requested by

Host: www.regiehippo.vu.cx
URL: http://www.regiehippo.vu.cx/barre-regiehippo.vu.cx.html

Protocol

HTTP/1.1

Server

2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

51c07b146e33299f1dd5f951bb68eb7a89a8e3d739230f7bd8aea23af54d49e9

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: http://www.regiehippo.vu.cx/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.49 Safari/537.36

Response headers

Date: Sat, 15 Apr 2023 14:55:12 GMT
Content-Encoding: gzip
X-Content-Type-Options: nosniff
P3P: policyref="http://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
Cross-Origin-Resource-Policy: cross-origin
Content-Disposition: attachment; filename="f.txt"
Content-Length: 50686
X-XSS-Protection: 0
Server: cafe
ETag: 14986986803110964433
Vary: Accept-Encoding
Content-Type: text/javascript; charset=UTF-8
Access-Control-Allow-Origin: *
Cache-Control: private, max-age=3600
Timing-Allow-Origin: *
Expires: Sat, 15 Apr 2023 14:55:12 GMT

GET
H/1.1 200
OK head.jpg
www.lemaitreturf.com/lespros2/regiehippo/ Frame E11E 106 KB
106 KB 20ms
20ms Image
image/jpeg 194.150.236.236
HIWIT_AS

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.lemaitreturf.com/lespros2/regiehippo/head.jpg

Requested by

Host: www.lemaitreturf.com
URL: https://www.lemaitreturf.com/lespros2/regiehippo/index.php?la_page_demandee=pronostics_du_jour

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

194.150.236.236 , France, ASN44976 (HIWIT_AS, FR),

Reverse DNS

ns76.hiwit.net

Software

Apache /

Resource Hash

aa903efdecad266dd30da6dac7b03a8dd589d701473ab5b51b00fb9f4e17b3f8

Security Headers

Name	Value
Strict-Transport-Security	max-age=15768000

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://www.lemaitreturf.com/lespros2/regiehippo/index.php?la_page_demandee=pronostics_du_jour
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.49 Safari/537.36

Response headers

Date: Sat, 15 Apr 2023 14:55:12 GMT
Strict-Transport-Security: max-age=15768000
Last-Modified: Tue, 17 Jan 2023 18:34:14 GMT
Server: Apache
ETag: "2a19ea5-1a760-5f279f2525580"
Vary: Host
Content-Type: image/jpeg
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=15, max=99
Content-Length: 108384

GET
H/1.1 200
OK v=c-uMZ7rGrk.wx.hUDZmT8YbUNpJRfs6tUnYvdKbA8VI_ Show response
www.gambling-affiliation.com/cpm/ Frame E11E 339 B
540 B 297ms
205ms Script
application/javascript 91.198.105.123
EURO-WEB-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://www.gambling-affiliation.com/cpm/v=c-uMZ7rGrk.wx.hUDZmT8YbUNpJRfs6tUnYvdKbA8VI_
Requested by: Host: www.lemaitreturf.com
URL: https://www.lemaitreturf.com/lespros2/regiehippo/index.php?la_page_demandee=pronostics_du_jour
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 91.198.105.123 , France, ASN35393 (EURO-WEB-AS, FR),
Reverse DNS
Software: Apache/2.4.39 (Unix) PHP/5.6.40 / PHP/5.6.40
Resource Hash: de421ad2eb9e68d7798320a44138c37baea59c11ddff99bc492e10be0ccbfe4c

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://www.lemaitreturf.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.49 Safari/537.36

Response headers

Date: Sat, 15 Apr 2023 14:55:12 GMT
Server: Apache/2.4.39 (Unix) PHP/5.6.40
Connection: close
X-Powered-By: PHP/5.6.40
Content-Length: 339
Content-Type: application/javascript

GET
H/1.1 200
OK v=3e1WTNw9BsOjWjpueZWyfA-QfRAYAVR9KwU7Hi.0ne-L8rsN26OTKFg-4PxNQUkeK8aV2k00uORQvMWLix6avw__&s= Show response
www.gambling-affiliation.com/cpm/ Frame E11E 338 B
539 B 247ms
155ms Script
application/javascript 91.198.105.123
EURO-WEB-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://www.gambling-affiliation.com/cpm/v=3e1WTNw9BsOjWjpueZWyfA-QfRAYAVR9KwU7Hi.0ne-L8rsN26OTKFg-4PxNQUkeK8aV2k00uORQvMWLix6avw__&s=
Requested by: Host: www.lemaitreturf.com
URL: https://www.lemaitreturf.com/lespros2/regiehippo/index.php?la_page_demandee=pronostics_du_jour
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 91.198.105.123 , France, ASN35393 (EURO-WEB-AS, FR),
Reverse DNS
Software: Apache/2.4.39 (Unix) PHP/5.6.40 / PHP/5.6.40
Resource Hash: c8155f5b4c20427cc50c7bb61dd53edd65436b8436db698ecd84f48e4de8109b

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://www.lemaitreturf.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.49 Safari/537.36

Response headers

Date: Sat, 15 Apr 2023 14:55:12 GMT
Server: Apache/2.4.39 (Unix) PHP/5.6.40
Connection: close
X-Powered-By: PHP/5.6.40
Content-Length: 338
Content-Type: application/javascript

GET
H/1.1 200
OK arpl.jpg
www.lemaitreturf.com/lespros2/regiehippo/ Frame E11E 199 KB
200 KB 61ms
22ms Image
image/jpeg 194.150.236.236
HIWIT_AS

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.lemaitreturf.com/lespros2/regiehippo/arpl.jpg

Requested by

Host: www.lemaitreturf.com
URL: https://www.lemaitreturf.com/lespros2/regiehippo/index.php?la_page_demandee=pronostics_du_jour

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

194.150.236.236 , France, ASN44976 (HIWIT_AS, FR),

Reverse DNS

ns76.hiwit.net

Software

Apache /

Resource Hash

3f44b03b22b2bcd2dd4d387cc6b8eedc02d2de00a87d160b42ab31beba5f6a70

Security Headers

Name	Value
Strict-Transport-Security	max-age=15768000

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://www.lemaitreturf.com/lespros2/regiehippo/index.php?la_page_demandee=pronostics_du_jour
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.49 Safari/537.36

Response headers

Date: Sat, 15 Apr 2023 14:55:12 GMT
Strict-Transport-Security: max-age=15768000
Last-Modified: Tue, 17 Jan 2023 18:34:10 GMT
Server: Apache
ETag: "2a19e9c-31dbf-5f279f2154c80"
Vary: Host
Content-Type: image/jpeg
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=15, max=100
Content-Length: 204223

GET
H/1.1 200
OK alternate-barre.htm Show response
www.venez.fr/ Frame 4518 2 KB
1 KB 28ms
28ms Document
text/html 5.135.149.81
OVH

General

Check archive.org

Show headers Download Go to

Full URL: https://www.venez.fr/alternate-barre.htm
Requested by: Host: www.regiehippo.vu.cx
URL: http://www.regiehippo.vu.cx/barre-regiehippo.vu.cx.html
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 5.135.149.81 Sens, France, ASN16276 (OVH, FR),
Reverse DNS: web3.venez.net
Software: Apache /
Resource Hash: ec1008d7a866c954faf372e3cfe0dd8433b6bcee144f71ee13d18412e6f134d5

Request headers

Referer: http://www.regiehippo.vu.cx/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.49 Safari/537.36
accept-language: fr-FR,fr;q=0.9

Response headers

Connection: Keep-Alive
Content-Encoding: gzip
Content-Length: 874
Content-Type: text/html; charset=iso-8859-1
Date: Sat, 15 Apr 2023 14:55:12 GMT
Keep-Alive: timeout=5, max=99
Server: Apache
Vary: Accept-Encoding

GET
H/1.1 200
OK barre90.gif
www.venez.fr/images/ Frame 1369 110 B
416 B 28ms
27ms Image
image/gif 5.135.149.81
OVH

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.venez.fr/images/barre90.gif
Requested by: Host: www.regiehippo.vu.cx
URL: http://www.regiehippo.vu.cx/barre-regiehippo.vu.cx.html
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 5.135.149.81 Sens, France, ASN16276 (OVH, FR),
Reverse DNS: web3.venez.net
Software: Apache /
Resource Hash: 49d4ba84e10d9d1f2a83956dde4f20625fd11efc01f60a3a4552a9e09a05a74f

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: http://www.regiehippo.vu.cx/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.49 Safari/537.36

Response headers

Date: Sat, 15 Apr 2023 14:55:12 GMT
Last-Modified: Thu, 15 Nov 2018 22:06:23 GMT
Server: Apache
ETag: "6e-57abb42dff5c0"
Content-Type: image/gif
Cache-Control: max-age=604800, public
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=99
Content-Length: 110

GET
H/1.1 200
OK 120x60.gif
www.venez.fr/images/ Frame 4518 4 KB
4 KB 28ms
28ms Image
image/gif 5.135.149.81
OVH

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.venez.fr/images/120x60.gif
Requested by: Host: www.venez.fr
URL: https://www.venez.fr/alternate-barre.htm
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 5.135.149.81 Sens, France, ASN16276 (OVH, FR),
Reverse DNS: web3.venez.net
Software: Apache /
Resource Hash: 7dc792d48132ff15a9ad8c11a139bf26f8e13aa3df30a71582ae406ddffdab4f

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://www.venez.fr/alternate-barre.htm
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.49 Safari/537.36

Response headers

Date: Sat, 15 Apr 2023 14:55:12 GMT
Last-Modified: Wed, 02 Mar 2011 00:16:24 GMT
Server: Apache
ETag: "f4c-49d74d2b9c600"
Content-Type: image/gif
Cache-Control: max-age=604800, public
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=98
Content-Length: 3916

GET
H/1.1 200
OK site.js Show response
www.venez.fr/js/ Frame 4518 2 KB
1 KB 29ms
29ms Script
application/javascript 5.135.149.81
OVH

General

Check archive.org

Show headers Download Go to

Full URL: https://www.venez.fr/js/site.js?www.venez.fr
Requested by: Host: www.venez.fr
URL: https://www.venez.fr/alternate-barre.htm
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 5.135.149.81 Sens, France, ASN16276 (OVH, FR),
Reverse DNS: web3.venez.net
Software: Apache /
Resource Hash: 0c91a24c2deb753c963c48cd9c3e5d16ee96128b30bce193c4324e121728c306

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://www.venez.fr/alternate-barre.htm
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.49 Safari/537.36

Response headers

Date: Sat, 15 Apr 2023 14:55:12 GMT
Content-Encoding: gzip
Last-Modified: Sat, 15 Apr 2023 14:55:12 GMT
Server: Apache
Vary: Accept-Encoding
Content-Type: application/javascript
Cache-Control: public, max-age=604800
Connection: Keep-Alive
Keep-Alive: timeout=5, max=98
Content-Length: 1023
Expires: Sat, 22 Apr 2023 14:55:12 GMT

GET
H/1.1 200
OK barre90.gif
www.venez.fr/images/ Frame 4518 110 B
416 B 35ms
24ms Image
image/gif 5.135.149.81
OVH

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.venez.fr/images/barre90.gif
Requested by: Host: www.venez.fr
URL: https://www.venez.fr/alternate-barre.htm
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 5.135.149.81 Sens, France, ASN16276 (OVH, FR),
Reverse DNS: web3.venez.net
Software: Apache /
Resource Hash: 49d4ba84e10d9d1f2a83956dde4f20625fd11efc01f60a3a4552a9e09a05a74f

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://www.venez.fr/alternate-barre.htm
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.49 Safari/537.36

Response headers

Date: Sat, 15 Apr 2023 14:55:12 GMT
Last-Modified: Thu, 15 Nov 2018 22:06:23 GMT
Server: Apache
ETag: "6e-57abb42dff5c0"
Content-Type: image/gif
Cache-Control: max-age=604800, public
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=97
Content-Length: 110

GET
H2 200 show_ads_impl_with_ama_fy2021.js Show response
pagead2.googlesyndication.com/pagead/managed/js/adsense/m202304060101/ Frame 1369 347 KB
117 KB 149ms
87ms Script
text/javascript 2a00:1450:4001:813::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202304060101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-5203714787387788&plah=www.regiehippo.vu.cx&bust=31073822

Requested by

Host: pagead2.googlesyndication.com
URL: http://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e9d31713cab127b2bb9142ffd17400e68e8dcabd829bb13ac9048a508294fc7c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: http://www.regiehippo.vu.cx/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.49 Safari/537.36

Response headers

date: Sat, 15 Apr 2023 14:55:13 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 118944
x-xss-protection: 0
server: cafe
etag: 9852107466206139368
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=3600, stale-while-revalidate=3600
timing-allow-origin: *
expires: Sat, 15 Apr 2023 14:55:13 GMT

GET
H2 200 zrt_lookup.html Show response
googleads.g.doubleclick.net/pagead/html/r20230412/r20190131/ Frame 91B7 10 KB
5 KB 92ms
26ms Document
text/html 2a00:1450:4001:830::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/html/r20230412/r20190131/zrt_lookup.html

Requested by

Host: pagead2.googlesyndication.com
URL: http://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ca070dfc7785775cbf5cce16064029ee534259de42c6d9de10e476e710000e93

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: http://www.regiehippo.vu.cx/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.49 Safari/537.36
accept-language: fr-FR,fr;q=0.9

Response headers

age: 5442
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=1209600
content-encoding: br
content-length: 4549
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Sat, 15 Apr 2023 13:24:31 GMT
etag: 2378337311435320485
expires: Sat, 29 Apr 2023 13:24:31 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H/1.1 200
OK 25995.gif
static.gambling-affiliation.com/uploads/ads/ Frame E11E 207 KB
208 KB 175ms
20ms Image
image/gif 91.198.105.123
EURO-WEB-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://static.gambling-affiliation.com/uploads/ads/25995.gif
Requested by: Host: www.lemaitreturf.com
URL: https://www.lemaitreturf.com/lespros2/regiehippo/index.php?la_page_demandee=pronostics_du_jour
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 91.198.105.123 , France, ASN35393 (EURO-WEB-AS, FR),
Reverse DNS
Software: nginx/1.15.5 /
Resource Hash: 1816069af86c24f0cc7eb81c78311efc0aba9aded5642284cf673bb1c7130e7e

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://www.lemaitreturf.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.49 Safari/537.36

Response headers

Date: Sat, 15 Apr 2023 14:55:13 GMT
Last-Modified: Wed, 19 May 2021 07:07:11 GMT
Server: nginx/1.15.5
ETag: "60a4b91f-33dd1"
Content-Type: image/gif
Connection: close
Accept-Ranges: bytes
Content-Length: 212433

GET
H/1.1 200
OK 54291.gif
static.gambling-affiliation.com/uploads/ads/ Frame E11E 264 KB
264 KB 179ms
24ms Image
image/gif 91.198.105.123
EURO-WEB-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://static.gambling-affiliation.com/uploads/ads/54291.gif
Requested by: Host: www.lemaitreturf.com
URL: https://www.lemaitreturf.com/lespros2/regiehippo/index.php?la_page_demandee=pronostics_du_jour
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 91.198.105.123 , France, ASN35393 (EURO-WEB-AS, FR),
Reverse DNS
Software: nginx/1.15.5 /
Resource Hash: ccecc75cb14d645db1925ae18a2600cfebe0ee87dfc336f6ca68bfeafabdb501

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://www.lemaitreturf.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.49 Safari/537.36

Response headers

Date: Sat, 15 Apr 2023 14:55:13 GMT
Last-Modified: Wed, 19 May 2021 07:04:09 GMT
Server: nginx/1.15.5
ETag: "60a4b869-41eb8"
Content-Type: image/gif
Connection: close
Accept-Ranges: bytes
Content-Length: 270008

GET
H2 200 cookie.js Show response
partner.googleadservices.com/gampad/ Frame 1369 377 B
599 B 123ms
33ms Script
text/javascript 2a00:1450:4001:82f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://partner.googleadservices.com/gampad/cookie.js?domain=www.regiehippo.vu.cx&callback=_gfp_s_&client=ca-pub-5203714787387788

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202304060101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-5203714787387788&plah=www.regiehippo.vu.cx&bust=31073822

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

f73d9de6192185fba01a1ceb92f65c1f25177e491e823fbfc6d64693e9346d71

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: http://www.regiehippo.vu.cx/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.49 Safari/537.36

Response headers

date: Sat, 15 Apr 2023 14:55:13 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-type: text/javascript; charset=UTF-8
cache-control: private
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 247
x-xss-protection: 0

GET
H2 200 integrator.js Show response
adservice.google.fr/adsid/ Frame 1369 107 B
531 B 138ms
35ms Script
application/javascript 2a00:1450:4001:802::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.fr/adsid/integrator.js?domain=www.regiehippo.vu.cx

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:802::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: http://www.regiehippo.vu.cx/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.49 Safari/537.36

Response headers

date: Sat, 15 Apr 2023 14:55:13 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
content-type: application/javascript; charset=UTF-8
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 100
x-xss-protection: 0

GET
H2 200 integrator.js Show response
adservice.google.com/adsid/ Frame 1369 107 B
456 B 101ms
35ms Script
application/javascript 2a00:1450:4001:806::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.com/adsid/integrator.js?domain=www.regiehippo.vu.cx

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:806::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: http://www.regiehippo.vu.cx/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.49 Safari/537.36

Response headers

date: Sat, 15 Apr 2023 14:55:13 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
content-type: application/javascript; charset=UTF-8
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 100
x-xss-protection: 0

GET
H2 200 ads Show response
googleads.g.doubleclick.net/pagead/ Frame F93B 436 B
410 B 386ms
385ms Document
text/html 2a00:1450:4001:830::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5203714787387788&output=html&h=90&slotname=4563536207&adk=2647235303&adf=3604715433&pi=t.ma~as.4563536207&w=970&format=970x90&url=http%3A%2F%2Fwww.regiehippo.vu.cx%2Findex.php%3Fla_page_demandee%3Dpronostics_du_jour&ea=0&wgl=1&dt=1681570512973&bpp=5&bdt=420&idt=256&shv=r20230412&mjsv=m202304060101&ptt=9&saldr=aa&correlator=702525436159&frm=23&ife=1&pv=2&ga_vid=1183885086.1681570513&ga_sid=1681570513&ga_hid=478010044&ga_fc=0&nhd=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&adx=20&ady=0&biw=1600&bih=1200&isw=1600&ish=90&ifk=244013905&scr_x=0&scr_y=0&eid=44759837%2C42532185%2C44759876%2C44759927%2C42532089%2C31073787%2C31073822%2C42531705%2C44788443&oid=2&pvsid=4502064882194316&tmod=1128238186&uas=0&nvt=1&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C90&vis=1&rsz=o%7Co%7CaeE%7C&abl=NA&pfx=0&fu=4&bc=23&ifi=1&uci=1.fqs9odqqii7f&fsb=1&dtd=277

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e95f5912cbec5539c314a2a2e7e12af38167ffc9381770a0e5b38d0d98ac7416

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: http://www.regiehippo.vu.cx/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.49 Safari/537.36
accept-language: fr-FR,fr;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private
content-encoding: br
content-length: 211
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Sat, 15 Apr 2023 14:55:13 GMT
expires: Sat, 15 Apr 2023 14:55:13 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 sodar Show response
pagead2.googlesyndication.com/getconfig/ Frame 1369 15 KB
11 KB 137ms
81ms XHR
application/json 2a00:1450:4001:813::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gda&tv=r20230412&st=env

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3dc6e0c2fb80e09c9a597029403750d983ae97e8a6d778ba94c06554c0614e9c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: http://www.regiehippo.vu.cx/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.49 Safari/537.36

Response headers

date: Sat, 15 Apr 2023 14:55:13 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
content-type: application/json; charset=UTF-8
access-control-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 11417
x-xss-protection: 0

GET
H2 200 sodar2.js Show response
tpc.googlesyndication.com/sodar/ Frame 1369 17 KB
7 KB 1083ms
1010ms Script
text/javascript 2a00:1450:4001:831::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:831::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: http://www.regiehippo.vu.cx/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.49 Safari/537.36

Response headers

date: Sat, 15 Apr 2023 14:55:14 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 6386
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
etag: "1637097310169751"
vary: Accept-Encoding
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Sat, 15 Apr 2023 14:55:14 GMT

GET
H2 200 runner.html Show response
tpc.googlesyndication.com/sodar/sodar2/225/ Frame C793 13 KB
5 KB 31ms
26ms Document
text/html 2a00:1450:4001:831::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:831::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: http://www.regiehippo.vu.cx/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.49 Safari/537.36
accept-language: fr-FR,fr;q=0.9

Response headers

accept-ranges: bytes
age: 3661
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=31536000
content-encoding: gzip
content-length: 5046
content-type: text/html
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy: cross-origin
date: Sat, 15 Apr 2023 13:54:13 GMT
expires: Sun, 14 Apr 2024 13:54:13 GMT
last-modified: Mon, 21 Jun 2021 20:47:05 GMT
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server: sffe
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 aframe Show response
www.google.com/recaptcha/api2/ Frame 5A7E 783 B
1 KB 145ms
77ms Document
text/html 2a00:1450:4001:831::2004
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/recaptcha/api2/aframe

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:831::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

GSE /

Resource Hash

c06838cc3ead05dd7251dcc7fcbfdaf895e45fa9bd0c7b5cd9bc33e99d5b2c23

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-pOkQydVYrP-0rqHIxxZUwA' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: http://www.regiehippo.vu.cx/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.49 Safari/537.36
accept-language: fr-FR,fr;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private, max-age=300
content-encoding: gzip
content-length: 513
content-security-policy: script-src 'report-sample' 'nonce-pOkQydVYrP-0rqHIxxZUwA' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-type: text/html; charset=utf-8
cross-origin-embedder-policy: require-corp
cross-origin-resource-policy: cross-origin
date: Sat, 15 Apr 2023 14:55:15 GMT
expires: Sat, 15 Apr 2023 14:55:15 GMT
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
server: GSE
x-content-type-options: nosniff
x-xss-protection: 1; mode=block

GET
H2 200 MezC-G1ZF-1GZ9yqq0o7IScgI3uEZvBcP5CgXoWKMDE.js Show response
pagead2.googlesyndication.com/bg/ Frame C793 36 KB
14 KB 28ms
26ms Script
text/javascript 2a00:1450:4001:813::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/MezC-G1ZF-1GZ9yqq0o7IScgI3uEZvBcP5CgXoWKMDE.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

31ecc2f86d5917ed4667dcaaab4a3b212720237b8466f05c3f90a05e858a3031

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.49 Safari/537.36

Response headers

date: Fri, 14 Apr 2023 20:27:28 GMT
content-encoding: br
x-content-type-options: nosniff
age: 66466
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 14288
x-xss-protection: 0
last-modified: Tue, 11 Apr 2023 10:38:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Sat, 13 Apr 2024 20:27:28 GMT

GET
H3 204 sodar
pagead2.googlesyndication.com/pagead/ Frame 5A7E 0
0 60ms
59ms Image
text/html 2a00:1450:4001:813::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&li=gda_r20230412&jk=4502064882194316&rc=
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://www.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.49 Safari/537.36

Response headers

GET
H3 204 generate_204
tpc.googlesyndication.com/ Frame C793 0
10 B 26ms
25ms Image
text/plain 2a00:1450:4001:831::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://tpc.googlesyndication.com/generate_204?NsFDYw
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:831::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.49 Safari/537.36

Response headers

date: Sat, 15 Apr 2023 14:55:15 GMT
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0

GET
H3 204 sodar
pagead2.googlesyndication.com/pagead/ Frame 1369 0
0 64ms
63ms Image
text/html 2a00:1450:4001:813::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&t=2&li=gda_r20230412&jk=4502064882194316&bg=!AwClAFTNAAZA7GLoYOw7ADkAdvg8WpMfFskaEolOpDgYpDEHO2lF-s6aD5mRe3qsX7V7fpXCNDyZY3kl2U6Bzh-cwF1FmuylS9YCAAAAWFIAAAALaAEHmQMXi8j1YGbtvzlxIca2k7mYy4ZiOGx-H56gN09BD9DvYUWYZKJoOssDBHF4qS-C4JP0kh7rxqK1Gsv4T08Uf6pGOkXubH0dMKnRc9hxYxRQXRRYKRJDTwWspAVkW_h-1opPEG4cXWchQjvTo0h9MoiADr2073y-uk5aX5XM9MvUAyPNHvvEV5nFRdAz3i4Qxey74NMBGPcYWrp0F4FJ_xU_uy9bQMYzjW9dUA3IBceg3Nj0_bjTqatPracmbW-WUiHP9kaxb5oN4uL7pu6v_3Z2FQuw-z6fvHph9esckgX-8feEygQWXDSh0yrnwCWg7cJt0mQaMWs_MbLvLmGwQkXd0CMDKlOxutsqT8jsIspqeweDfwCrMCjonyVHRgn4J53uyLcIDydPX9TkHhgYE3yVDggEe29G4CUcfW2pofqT1pHLvg7xQ_-OxmZw3IJDOPPV2bkwxQ6CwCaR79GgIlO4qJCjJzlDJNTAITE8KpXK0ml57HDY3SfGqClkbrQF5oLZloYp3P4DWU9PNm5KCrXx_rJAKdrStt02Ti83ruF5VraSW0lRNnTsVIWmWxEECBlS5N6J7lS08mSitvNr0TxxYP3q9BrnO5VtdTQm90nPS90VxoE58A4cVueUMuodVi0MCCs5Bb-lX0EJvqKOIEn58WHN8repH6j695R6GHsdVkVD0geAeZg5SoJ20X5w6teuzetvwaWOW4j-aDdhXXDwj-RXj54wsNUJRYSeve182NYIearIEr006EZjKD2hJdjFeWxp98hcLR1Z8qcBb5A5JXkIaAm1V7Ii24aVMGR5Btn6Z74K-uUGk4VbXeqJRO_JmYGjX0OuNGSHNpY2kg3PAqqJ3qoImjP11RJ7Ga58PZw5-x6ayeJwkyovQrjuWL8WTM8iSAbJGQ13rFOonQ3ybX3I0lGoVZ77jnL5_TCXKvyEi1tZPwUuYZy_cFVkm_w-l6oAu4Z986WZTQkk8uO0AvkVGzYTPCYqgQUpBg_USsDFkI1wFB_tbayNXqUxpMcz9eMMLfE3ScWc4McWC5Eex1snHJo1R_8
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: http://www.regiehippo.vu.cx/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.49 Safari/537.36

Response headers

Verdicts & Comments Add Verdict or Comment

8 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

3 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
.vu.cx/	1970-01-20 20:27:46	Name: __gads Value: ID=43f80e917262a3fd-22eb963b99dd00d1:T=1681570513:RT=1681570513:S=ALNI_Mbi5c6SYBe6WFlH6FEgYuWcCbTK6g
.vu.cx/	1970-01-20 20:27:46	Name: __gpi Value: UID=00000bd6857fc0e1:T=1681570513:RT=1681570513:S=ALNI_MZmWyOosK8QSUcUi9tmaHzmMhYhjg
.doubleclick.net/	1970-01-20 11:06:11	Name: test_cookie Value: CheckForPermission

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

adservice.google.com
adservice.google.fr
googleads.g.doubleclick.net
pagead2.googlesyndication.com
partner.googleadservices.com
static.gambling-affiliation.com
tpc.googlesyndication.com
www.gambling-affiliation.com
www.google.com
www.lemaitreturf.com
www.regiehippo.vu.cx
www.venez.fr
194.150.236.236
2a00:1450:4001:802::2002
2a00:1450:4001:806::2002
2a00:1450:4001:813::2002
2a00:1450:4001:82f::2002
2a00:1450:4001:830::2002
2a00:1450:4001:831::2001
2a00:1450:4001:831::2004
5.135.149.81
91.198.105.123
0c91a24c2deb753c963c48cd9c3e5d16ee96128b30bce193c4324e121728c306
1816069af86c24f0cc7eb81c78311efc0aba9aded5642284cf673bb1c7130e7e
31ecc2f86d5917ed4667dcaaab4a3b212720237b8466f05c3f90a05e858a3031
3289fc83b622ca0a13683fa81b006a05de135d1938744d6e30e5c9be2f2d782a
3dc6e0c2fb80e09c9a597029403750d983ae97e8a6d778ba94c06554c0614e9c
3f44b03b22b2bcd2dd4d387cc6b8eedc02d2de00a87d160b42ab31beba5f6a70
4521dbb3f23be72508cc11b8fa98bcb04fd4384990ad43006fad3d5fc14fa0c9
49d4ba84e10d9d1f2a83956dde4f20625fd11efc01f60a3a4552a9e09a05a74f
51c07b146e33299f1dd5f951bb68eb7a89a8e3d739230f7bd8aea23af54d49e9
52572c2e333117cc073dc20c2ec5c31b68a890389436050b49864d76431c25e6
55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a
61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb
7dc792d48132ff15a9ad8c11a139bf26f8e13aa3df30a71582ae406ddffdab4f
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
aa903efdecad266dd30da6dac7b03a8dd589d701473ab5b51b00fb9f4e17b3f8
c06838cc3ead05dd7251dcc7fcbfdaf895e45fa9bd0c7b5cd9bc33e99d5b2c23
c8155f5b4c20427cc50c7bb61dd53edd65436b8436db698ecd84f48e4de8109b
ca070dfc7785775cbf5cce16064029ee534259de42c6d9de10e476e710000e93
ccecc75cb14d645db1925ae18a2600cfebe0ee87dfc336f6ca68bfeafabdb501
de421ad2eb9e68d7798320a44138c37baea59c11ddff99bc492e10be0ccbfe4c
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e95f5912cbec5539c314a2a2e7e12af38167ffc9381770a0e5b38d0d98ac7416
e9d31713cab127b2bb9142ffd17400e68e8dcabd829bb13ac9048a508294fc7c
ec1008d7a866c954faf372e3cfe0dd8433b6bcee144f71ee13d18412e6f134d5
f602c3d794e453b8f185d2a6aeabfc4cf6d6c59e2e0eb3876bd43d263dedbbeb
f73d9de6192185fba01a1ceb92f65c1f25177e491e823fbfc6d64693e9346d71

www.regiehippo.vu.cx Open in urlscan Pro 5.135.149.81 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Detected technologies

Page Statistics

32 Requests

88 %HTTPS

70 %IPv6

9 Domains

12 Subdomains

10 IPs

2 Countries

1010 kBTransfer

1376 kBSize

3 Cookies

0 Outgoing links

Redirected requests

32 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 0 data transactions

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

www.regiehippo.vu.cx Open in urlscan Pro
5.135.149.81 Public Scan

Screenshot
Live screenshot

Full Image

32
Requests

88 %
HTTPS

70 %
IPv6

9
Domains

12
Subdomains

10
IPs

2
Countries

1010 kB
Transfer

1376 kB
Size

3
Cookies

32 HTTP transactions
0 data transactions