www.avisdespros.c4.fr Open in urlscan Pro
5.135.149.81 Public Scan

Go To Rescan
Add Verdict Report

URL:
http://www.avisdespros.c4.fr/
Submission: On December 07 via manual (December 7th 2023, 11:30:26 pm UTC) from MA — Scanned from FR

Summary HTTP 71 Redirects Behaviour Indicators

Summary

This website contacted 18 IPs in 3 countries across 15 domains to perform 71 HTTP transactions. The main IP is 5.135.149.81, located in Le Chesnay, France and belongs to OVH, FR. The main domain is www.avisdespros.c4.fr.

This is the only time www.avisdespros.c4.fr was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
10	5.135.149.81 5.135.149.81	16276 (OVH) (OVH)
6	194.150.236.236 194.150.236.236	44976 (HIWIT_AS) (HIWIT_AS)
12	2a00:1450:400... 2a00:1450:4001:831::2002	15169 (GOOGLE) (GOOGLE)
4	91.198.105.122 91.198.105.122	35393 (EURO-WEB-AS) (EURO-WEB-AS)
4	185.119.26.1 185.119.26.1	203544 (WEBDEVIIN-AS) (WEBDEVIIN-AS)
2	2a00:1450:400... 2a00:1450:4001:82f::2008	15169 (GOOGLE) (GOOGLE)
3	2a00:1450:400... 2a00:1450:4001:806::2002	15169 (GOOGLE) (GOOGLE)
9	2a00:1450:400... 2a00:1450:4001:830::2006	15169 (GOOGLE) (GOOGLE)
7	2a00:1450:400... 2a00:1450:4001:81c::2001	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:808::2002	15169 (GOOGLE) (GOOGLE)
3 4	172.217.18.98 172.217.18.98	15169 (GOOGLE) (GOOGLE)
2 4	172.64.151.101 172.64.151.101	13335 (CLOUDFLAR...) (CLOUDFLARENET)
2 3	37.252.171.149 37.252.171.149	29990 (ASN-APPNEX) (ASN-APPNEX)
2	172.217.16.134 172.217.16.134	15169 (GOOGLE) (GOOGLE)
2	2a00:1450:400... 2a00:1450:4001:831::200a	15169 (GOOGLE) (GOOGLE)
4	2a00:1450:400... 2a00:1450:4001:829::2003	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:81c::2004	15169 (GOOGLE) (GOOGLE)
71	18

10 5.135.149.81 (Le Chesnay, France)

ASN16276 (OVH, FR)
PTR: web3.venez.net

www.avisdespros.c4.fr	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
www.venez.fr	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 194.150.236.236 (France)

ASN44976 (HIWIT_AS, FR)
PTR: ns76.hiwit.net

www.lemaitreturf.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

12 2a00:1450:4001:831::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

pagead2.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 91.198.105.122 (France)

ASN35393 (EURO-WEB-AS, FR)

www.gambling-affiliation.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
static.gambling-affiliation.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 185.119.26.1 (France)

ASN203544 (WEBDEVIIN-AS, FR)
PTR: 1.26.119.185.in-addr.arpa

payment.allopass.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:82f::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.googletagmanager.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1450:4001:806::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

googleads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

9 2a00:1450:4001:830::2006 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

s0.2mdn.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

7 2a00:1450:4001:81c::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

tpc.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:808::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.googletagservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 172.217.18.98 (United States) 3 redirects

ASN15169 (GOOGLE, US)
PTR: zrh04s05-in-f98.1e100.net

cm.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 172.64.151.101 (United States) 2 redirects

ASN13335 (CLOUDFLARENET, US)

dsum-sec.casalemedia.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 37.252.171.149 (Frankfurt am Main, Germany) 2 redirects

ASN29990 (ASN-APPNEX, US)
PTR: 984.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net

ib.adnxs.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 172.217.16.134 (United States)

ASN15169 (GOOGLE, US)
PTR: zrh04s06-in-f134.1e100.net

ad.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:831::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2a00:1450:4001:829::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:81c::2004 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
19	googlesyndication.com pagead2.googlesyndication.com — Cisco Umbrella Rank: 102 tpc.googlesyndication.com — Cisco Umbrella Rank: 148	291 KB
9	2mdn.net s0.2mdn.net — Cisco Umbrella Rank: 300	112 KB
9	doubleclick.net 3 redirects googleads.g.doubleclick.net — Cisco Umbrella Rank: 33 cm.g.doubleclick.net — Cisco Umbrella Rank: 219 ad.doubleclick.net — Cisco Umbrella Rank: 139	50 KB
7	venez.fr www.venez.fr	9 KB
6	lemaitreturf.com www.lemaitreturf.com	2 MB
4	gstatic.com fonts.gstatic.com	71 KB
4	casalemedia.com 2 redirects dsum-sec.casalemedia.com — Cisco Umbrella Rank: 578	2 KB
4	allopass.com payment.allopass.com	11 KB
4	gambling-affiliation.com www.gambling-affiliation.com static.gambling-affiliation.com	325 KB
3	adnxs.com 2 redirects ib.adnxs.com — Cisco Umbrella Rank: 229	2 KB
3	c4.fr www.avisdespros.c4.fr	3 KB
2	googleapis.com fonts.googleapis.com — Cisco Umbrella Rank: 29	2 KB
2	googletagmanager.com www.googletagmanager.com — Cisco Umbrella Rank: 36	155 KB
1	google.com www.google.com — Cisco Umbrella Rank: 2	1 KB
1	googletagservices.com www.googletagservices.com — Cisco Umbrella Rank: 206	64 KB
71	15

	Domain	Requested by
12	pagead2.googlesyndication.com	www.avisdespros.c4.fr pagead2.googlesyndication.com googleads.g.doubleclick.net tpc.googlesyndication.com www.googletagservices.com
9	s0.2mdn.net	www.avisdespros.c4.fr s0.2mdn.net
7	tpc.googlesyndication.com	www.avisdespros.c4.fr googleads.g.doubleclick.net tpc.googlesyndication.com pagead2.googlesyndication.com
7	www.venez.fr	www.avisdespros.c4.fr www.venez.fr
6	www.lemaitreturf.com	www.avisdespros.c4.fr www.lemaitreturf.com
4	fonts.gstatic.com	fonts.googleapis.com
4	dsum-sec.casalemedia.com	2 redirects googleads.g.doubleclick.net
4	cm.g.doubleclick.net	3 redirects googleads.g.doubleclick.net
4	payment.allopass.com	www.lemaitreturf.com payment.allopass.com
3	ib.adnxs.com	2 redirects googleads.g.doubleclick.net
3	googleads.g.doubleclick.net	pagead2.googlesyndication.com googleads.g.doubleclick.net
3	www.avisdespros.c4.fr	www.avisdespros.c4.fr
2	fonts.googleapis.com	s0.2mdn.net
2	ad.doubleclick.net	www.avisdespros.c4.fr
2	www.googletagmanager.com	payment.allopass.com www.googletagmanager.com
2	static.gambling-affiliation.com	www.lemaitreturf.com
2	www.gambling-affiliation.com	www.lemaitreturf.com
1	www.google.com	tpc.googlesyndication.com
1	www.googletagservices.com	googleads.g.doubleclick.net
71	19

This site contains no links.

Subject Issuer	Validity	Valid
lemaitreturf.com R3	`2023-11-24` - `2024-02-22`	3 months	crt.sh
venez.fr R3	`2023-12-04` - `2024-03-03`	3 months	crt.sh
www.gambling-affiliation.com Gandi RSA Domain Validation Secure Server CA 3	`2023-10-24` - `2024-10-24`	a year	crt.sh
*.allopass.com Sectigo RSA Domain Validation Secure Server CA	`2023-10-06` - `2024-10-07`	a year	crt.sh
static.gambling-affiliation.com Gandi RSA Domain Validation Secure Server CA 3	`2023-08-31` - `2024-08-31`	a year	crt.sh
*.google-analytics.com GTS CA 1C3	`2023-11-20` - `2024-02-12`	3 months	crt.sh
*.g.doubleclick.net GTS CA 1C3	`2023-11-20` - `2024-02-12`	3 months	crt.sh
*.doubleclick.net GTS CA 1C3	`2023-11-20` - `2024-02-12`	3 months	crt.sh
tpc.googlesyndication.com GTS CA 1C3	`2023-11-20` - `2024-02-12`	3 months	crt.sh
upload.video.google.com GTS CA 1C3	`2023-11-20` - `2024-02-12`	3 months	crt.sh
*.gstatic.com GTS CA 1C3	`2023-11-20` - `2024-02-12`	3 months	crt.sh
www.google.com GTS CA 1C3	`2023-11-20` - `2024-02-12`	3 months	crt.sh

This page contains 13 frames:

Primary Page: http://www.avisdespros.c4.fr/
Frame ID: 03DEEC8E58170BBE3F6F02FE45D7875F
Requests: 1 HTTP requests in this frame

Frame: http://www.avisdespros.c4.fr/barre-avisdespros.c4.fr.html
Frame ID: 140F48D6EC69BEE85560FC9A56482217
Requests: 9 HTTP requests in this frame

Frame: https://www.lemaitreturf.com/lespros2/avisdespros/
Frame ID: 06DE01D0355887EB420DDEDC3AB404F8
Requests: 16 HTTP requests in this frame

Frame: http://www.avisdespros.c4.fr/stats-avisdespros.c4.fr.html
Frame ID: F78D28D2F1828AFB6310FC54E8272A27
Requests: 1 HTTP requests in this frame

Frame: https://www.venez.fr/alternate-barre.htm
Frame ID: 2F6E48683F02A792430888B463C5E8F9
Requests: 4 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/html/r20231206/r20190131/zrt_lookup_fy2021.html
Frame ID: A1A3AEFE759551C1B1A81923D4761A04
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5203714787387788&output=html&h=90&slotname=4563536207&adk=2647235303&adf=3604715433&pi=t.ma~as.4563536207&w=970&format=970x90&url=http%3A%2F%2Fwww.avisdespros.c4.fr%2F&ea=0&wgl=1&dt=1701991821273&bpp=1&bdt=350&idt=247&shv=r20231206&mjsv=m202312040101&ptt=9&saldr=aa&correlator=854185467442&frm=23&ife=1&pv=2&ga_vid=1703228832.1701991822&ga_sid=1701991822&ga_hid=986290867&ga_fc=0&nhd=1&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&adx=20&ady=0&biw=1600&bih=1200&isw=1600&ish=90&ifk=306685714&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C31079437%2C44795922%2C44807751%2C44807763%2C44808149%2C44808285%2C95320230&oid=2&pvsid=938984271938111&tmod=1794928186&uas=0&nvt=1&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C90&vis=1&rsz=o%7Co%7CaeE%7C&abl=NA&pfx=0&fu=4&bc=23&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=1&uci=1.k2bjzwjn787z&fsb=1&dtd=253
Frame ID: 6D315C0BE1A6053399D7498EDCCDB7F4
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/xbbe/pixel?d=CPDkLxCoi2UY_OrEmAEwAQ&v=APEucNX2t44G4FniQwJiHla5CdmYYWXdoXqhJMpygHgHuaATC7NsRoCofd3YiY5YCcfkLRmEIv9cVdnxkE4OkGT9kSRVwT_6Kw1Exe5SxKAr3NosgkbHdzd0qEL6YCdczq6-5cW4xNRJ1G8lU65jH6MkQHtcXFhUAa1hVWz-d4R1NRVPMTXvVUs
Frame ID: DFB388A4D758658C39D86765D2F5E428
Requests: 5 HTTP requests in this frame

Frame: https://s0.2mdn.net/879366/express_html_inpage_rendering_lib_200_278.js
Frame ID: 5A33642AA15405317F6C22163D7F73BB
Requests: 12 HTTP requests in this frame

Frame: https://s0.2mdn.net/sadbundle/3268888029877978355/index.html?ev=01_250
Frame ID: 957C8B576343B291C56EA62DD902C457
Requests: 14 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/62bHydCX.html
Frame ID: 4F60F5C669066F600E5F9695CD44D2DB
Requests: 3 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Frame ID: A4FA4AAB069FB33D399043C6667FDA40
Requests: 3 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/aframe
Frame ID: A4A8777AED3B72EB58C759BAA6FD3718
Requests: 2 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

AVIS DES PROS

Detected technologies

AppNexus (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

adnxs\.(?:net|com)

DoubleClick Campaign Manager (DCM) (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

2mdn\.net

Google AdSense (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

googlesyndication\.com/
2mdn\.net

Google Tag Manager (Tag Managers) Expand

Overall confidence: 100%
Detected patterns

googletagmanager\.com/gtm\.js

Page Statistics

71
Requests

89 %
HTTPS

53 %
IPv6

15
Domains

19
Subdomains

18
IPs

3
Countries

2921 kB
Transfer

4120 kB
Size

10
Cookies

0 Outgoing links

These are links going to different origins than the main page.

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 38

https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_dbm HTTP 302
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEOmd0IudT6X60b9j0g4gQUA&google_cver=1

Request Chain 39

https://dsum-sec.casalemedia.com/rrum?ixi=0&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D HTTP 302
https://dsum-sec.casalemedia.com/rrum?cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D&cm_dsp_id=85&ixi=0&C=1 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_hm=ZXJVjn0jtkzlhf743JxzBAAA HTTP 302
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEOmd0IudT6X60b9j0g4gQUA&google_cver=1

Request Chain 40

https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_cm&google_dbm HTTP 302
https://ib.adnxs.com/setuid?entity=101&code=CAESEP_pCGOpWdusvrWE5oTtOYE&google_cver=1

Request Chain 41

https://ib.adnxs.com/getuid?https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=${BASE64_UID_ENC} HTTP 307
https://ib.adnxs.com/bounce?%2Fgetuid%3Fhttps%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dappnexus%26google_hm%3D%24%7BBASE64_UID_ENC%7D HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=MzQ3MTMwMjQyMjIzODExMjA1

71 HTTP transactions
1 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H/1.1 200
OK Primary Request / Show response
www.avisdespros.c4.fr/ 3 KB
1 KB 250ms
25ms Document
text/html 5.135.149.81
OVH

General

Check archive.org

Show headers Download Go to

Full URL: http://www.avisdespros.c4.fr/
Protocol: HTTP/1.1
Server: 5.135.149.81 Le Chesnay, France, ASN16276 (OVH, FR),
Reverse DNS: web3.venez.net
Software: Apache /
Resource Hash: ad3fdd86805dc2ae820f1b4bd50072626ca1dfaed87f5755e2b320ebfd2ea33d

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36
accept-language: fr-FR,fr;q=0.9

Response headers

Connection: Keep-Alive
Content-Encoding: gzip
Content-Length: 1091
Content-Type: text/html; charset=iso-8859-1
Date: Thu, 07 Dec 2023 23:30:20 GMT
Keep-Alive: timeout=5, max=100
Server: Apache
Vary: Accept-Encoding

GET
H/1.1 200
OK barre-avisdespros.c4.fr.html Show response
www.avisdespros.c4.fr/ Frame 140F 3 KB
2 KB 114ms
114ms Document
text/html 5.135.149.81
OVH

General

Check archive.org

Show headers Download Go to

Full URL: http://www.avisdespros.c4.fr/barre-avisdespros.c4.fr.html
Requested by: Host: www.avisdespros.c4.fr
URL: http://www.avisdespros.c4.fr/
Protocol: HTTP/1.1
Server: 5.135.149.81 Le Chesnay, France, ASN16276 (OVH, FR),
Reverse DNS: web3.venez.net
Software: Apache /
Resource Hash: 2707353719838c1408f923fee74c16732d52ed0b1c73e8bdefc3ff773209ff0d

Request headers

Referer: http://www.avisdespros.c4.fr/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36
accept-language: fr-FR,fr;q=0.9

Response headers

Cache-Control: no-store, no-cache, must-revalidate post-check=0, pre-check=0
Connection: Keep-Alive
Content-Encoding: gzip
Content-Length: 1500
Content-Type: text/html; charset=ISO-8859-1
Date: Thu, 07 Dec 2023 23:30:20 GMT
Expires: Thu, 07 Dec 2023 23:30:20 GMT
Keep-Alive: timeout=5, max=99
Last-Modified: Thu, 07 Dec 2023 23:30:20 GMT
Pragma: no-cache
Server: Apache
Vary: Accept-Encoding

GET
H/1.1 200
OK / Show response
www.lemaitreturf.com/lespros2/avisdespros/ Frame 06DE 1 MB
1 MB 186ms
98ms Document
text/html 194.150.236.236
HIWIT_AS

General

Check archive.org

Show headers Download Go to

Full URL

https://www.lemaitreturf.com/lespros2/avisdespros/

Requested by

Host: www.avisdespros.c4.fr
URL: http://www.avisdespros.c4.fr/

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

194.150.236.236 , France, ASN44976 (HIWIT_AS, FR),

Reverse DNS

ns76.hiwit.net

Software

Apache /

Resource Hash

26f5f6b55fbe101684882779bbabc6e37d413ce3b81a27be02bde3faacf3c04c

Security Headers

Name	Value
Strict-Transport-Security	max-age=15768000

Request headers

Referer: http://www.avisdespros.c4.fr/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36
accept-language: fr-FR,fr;q=0.9

Response headers

Cache-Control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
Connection: Keep-Alive
Content-Type: text/html
Date: Thu, 07 Dec 2023 23:30:20 GMT
Expires: Thu, 19 Nov 1981 08:52:00 GMT
Keep-Alive: timeout=15, max=100
Pragma: no-cache
Server: Apache
Strict-Transport-Security: max-age=15768000
Transfer-Encoding: chunked
Vary: Host

GET
H/1.1 200
OK stats-avisdespros.c4.fr.html Show response
www.avisdespros.c4.fr/ Frame F78D 0
192 B 126ms
102ms Document
text/html 5.135.149.81
OVH

General

Check archive.org

Show headers Download Go to

Full URL: http://www.avisdespros.c4.fr/stats-avisdespros.c4.fr.html
Requested by: Host: www.avisdespros.c4.fr
URL: http://www.avisdespros.c4.fr/
Protocol: HTTP/1.1
Server: 5.135.149.81 Le Chesnay, France, ASN16276 (OVH, FR),
Reverse DNS: web3.venez.net
Software: Apache /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: http://www.avisdespros.c4.fr/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36
accept-language: fr-FR,fr;q=0.9

Response headers

Connection: Keep-Alive
Content-Length: 0
Content-Type: text/html; charset=iso-8859-1
Date: Thu, 07 Dec 2023 23:30:20 GMT
Keep-Alive: timeout=5, max=100
Server: Apache

GET
H/1.1 200
OK site.js Show response
www.venez.fr/js/ Frame 140F 2 KB
1 KB 157ms
25ms Script
application/javascript 5.135.149.81
OVH

General

Check archive.org

Show headers Download Go to

Full URL: https://www.venez.fr/js/site.js?www.venez.fr
Requested by: Host: www.avisdespros.c4.fr
URL: http://www.avisdespros.c4.fr/barre-avisdespros.c4.fr.html
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 5.135.149.81 Le Chesnay, France, ASN16276 (OVH, FR),
Reverse DNS: web3.venez.net
Software: Apache /
Resource Hash: 0c91a24c2deb753c963c48cd9c3e5d16ee96128b30bce193c4324e121728c306

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: http://www.avisdespros.c4.fr/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

Date: Thu, 07 Dec 2023 23:30:21 GMT
Content-Encoding: gzip
Last-Modified: Thu, 07 Dec 2023 23:30:21 GMT
Server: Apache
Vary: Accept-Encoding
Content-Type: application/javascript
Cache-Control: public, max-age=604800
Connection: Keep-Alive
Keep-Alive: timeout=5, max=100
Content-Length: 1023
Expires: Thu, 14 Dec 2023 23:30:21 GMT

GET
H/1.1 200
OK separateur90.gif
www.venez.fr/images/ Frame 140F 82 B
388 B 158ms
26ms Image
image/gif 5.135.149.81
OVH

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.venez.fr/images/separateur90.gif
Requested by: Host: www.avisdespros.c4.fr
URL: http://www.avisdespros.c4.fr/barre-avisdespros.c4.fr.html
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 5.135.149.81 Le Chesnay, France, ASN16276 (OVH, FR),
Reverse DNS: web3.venez.net
Software: Apache /
Resource Hash: 3289fc83b622ca0a13683fa81b006a05de135d1938744d6e30e5c9be2f2d782a

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: http://www.avisdespros.c4.fr/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

Date: Thu, 07 Dec 2023 23:30:21 GMT
Last-Modified: Thu, 15 Nov 2018 22:11:22 GMT
Server: Apache
ETag: "52-57abb54b25680"
Content-Type: image/gif
Cache-Control: max-age=604800, public
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=100
Content-Length: 82

GET
H/1.1 200
OK adsbygoogle.js Show response
pagead2.googlesyndication.com/pagead/js/ Frame 140F 148 KB
54 KB 110ms
72ms Script
text/javascript 2a00:1450:4001:831::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

http://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js

Requested by

Host: www.avisdespros.c4.fr
URL: http://www.avisdespros.c4.fr/barre-avisdespros.c4.fr.html

Protocol

HTTP/1.1

Server

2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

49960f984fc012019486b53cc7eac521a215cdbf0cc667264f7188a901034f16

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: http://www.avisdespros.c4.fr/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

Date: Thu, 07 Dec 2023 23:30:21 GMT
Content-Encoding: gzip
X-Content-Type-Options: nosniff
P3P: policyref="http://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
Cross-Origin-Resource-Policy: cross-origin
Content-Disposition: attachment; filename="f.txt"
Content-Length: 54769
X-XSS-Protection: 0
Server: cafe
ETag: 4963331885425185163
Vary: Accept-Encoding
Content-Type: text/javascript; charset=UTF-8
Access-Control-Allow-Origin: *
Cache-Control: private, max-age=3600
Timing-Allow-Origin: *
Expires: Thu, 07 Dec 2023 23:30:21 GMT

GET
H/1.1 200
OK head.jpg
www.lemaitreturf.com/lespros2/avisdespros/ Frame 06DE 111 KB
111 KB 53ms
18ms Image
image/jpeg 194.150.236.236
HIWIT_AS

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.lemaitreturf.com/lespros2/avisdespros/head.jpg

Requested by

Host: www.lemaitreturf.com
URL: https://www.lemaitreturf.com/lespros2/avisdespros/

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

194.150.236.236 , France, ASN44976 (HIWIT_AS, FR),

Reverse DNS

ns76.hiwit.net

Software

Apache /

Resource Hash

3cc224a17920964c03b7914a29ad608a0f2ea998426e213843bf9fc8718fc0d4

Security Headers

Name	Value
Strict-Transport-Security	max-age=15768000

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://www.lemaitreturf.com/lespros2/avisdespros/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

Date: Thu, 07 Dec 2023 23:30:21 GMT
Strict-Transport-Security: max-age=15768000
Last-Modified: Tue, 17 Jan 2023 18:33:11 GMT
Server: Apache
ETag: "2a19e6f-1bc39-5f279ee9107c0"
Vary: Host
Content-Type: image/jpeg
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=15, max=100
Content-Length: 113721

GET
H2 200 v=IHErDrKoljVgj1EzLUneJuRQKzIO0R07L32vXIEv5TGL8rsN26OTKFg-4PxNQUkeK8aV2k00uORQvMWLix6avw__&s= Show response
www.gambling-affiliation.com/cpm/ Frame 06DE 329 B
417 B 212ms
157ms Script
application/javascript 91.198.105.122
EURO-WEB-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://www.gambling-affiliation.com/cpm/v=IHErDrKoljVgj1EzLUneJuRQKzIO0R07L32vXIEv5TGL8rsN26OTKFg-4PxNQUkeK8aV2k00uORQvMWLix6avw__&s=
Requested by: Host: www.lemaitreturf.com
URL: https://www.lemaitreturf.com/lespros2/avisdespros/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 91.198.105.122 , France, ASN35393 (EURO-WEB-AS, FR),
Reverse DNS
Software: Apache /
Resource Hash: 2038e75d6253a4fff12afdec036e27703f1575215661ed15bdb353d7cf93f059

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://www.lemaitreturf.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Thu, 07 Dec 2023 23:30:20 GMT
server: Apache
content-length: 329
content-type: application/javascript

GET
H2 200 v=c-uMZ7rGrk.wx.hUDZmT8YbUNpJRfs6tUnYvdKbA8VI_ Show response
www.gambling-affiliation.com/cpm/ Frame 06DE 339 B
426 B 250ms
195ms Script
application/javascript 91.198.105.122
EURO-WEB-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://www.gambling-affiliation.com/cpm/v=c-uMZ7rGrk.wx.hUDZmT8YbUNpJRfs6tUnYvdKbA8VI_
Requested by: Host: www.lemaitreturf.com
URL: https://www.lemaitreturf.com/lespros2/avisdespros/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 91.198.105.122 , France, ASN35393 (EURO-WEB-AS, FR),
Reverse DNS
Software: Apache /
Resource Hash: de421ad2eb9e68d7798320a44138c37baea59c11ddff99bc492e10be0ccbfe4c

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://www.lemaitreturf.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Thu, 07 Dec 2023 23:30:21 GMT
server: Apache
content-length: 339
content-type: application/javascript

GET
H/1.1 200
OK img1.jpg
www.lemaitreturf.com/lespros2/avisdespros/ Frame 06DE 34 KB
35 KB 54ms
18ms Image
image/jpeg 194.150.236.236
HIWIT_AS

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.lemaitreturf.com/lespros2/avisdespros/img1.jpg

Requested by

Host: www.lemaitreturf.com
URL: https://www.lemaitreturf.com/lespros2/avisdespros/

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

194.150.236.236 , France, ASN44976 (HIWIT_AS, FR),

Reverse DNS

ns76.hiwit.net

Software

Apache /

Resource Hash

a01be423300cf1a6d29a8bc43a753bd1369f2fb6d8a1a7b27da437870014dc78

Security Headers

Name	Value
Strict-Transport-Security	max-age=15768000

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://www.lemaitreturf.com/lespros2/avisdespros/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

Date: Thu, 07 Dec 2023 23:30:21 GMT
Strict-Transport-Security: max-age=15768000
Last-Modified: Tue, 17 Jan 2023 18:33:13 GMT
Server: Apache
ETag: "2a19e73-8984-5f279eeaf8c40"
Vary: Host
Content-Type: image/jpeg
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=15, max=100
Content-Length: 35204

GET
H/1.1 200
OK checkout.apu Show response
payment.allopass.com/buy/ Frame 06DE 11 KB
4 KB 140ms
49ms Script
text/html 185.119.26.1
WEBDEVIIN-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://payment.allopass.com/buy/checkout.apu?ids=357314&idd=1558788&lang=fr
Requested by: Host: www.lemaitreturf.com
URL: https://www.lemaitreturf.com/lespros2/avisdespros/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 185.119.26.1 , France, ASN203544 (WEBDEVIIN-AS, FR),
Reverse DNS: 1.26.119.185.in-addr.arpa
Software: Apache /
Resource Hash: d396441f8562d3ff1d34d9a7047108880c3c2300b299913be8ae2328d64808ad

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://www.lemaitreturf.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

Pragma: no-cache
Date: Thu, 07 Dec 2023 23:30:21 GMT
Content-Encoding: gzip
Server: Apache
Vary: Accept-Encoding
P3P: CP='NON NID OTPa OUR NOR' policy-ref='http://payment.allopass.com/info/p3p/policy-references.xml'
Content-Type: text/html
Cache-Control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
Connection: close
Content-Length: 2964
Expires: Thu, 19 Nov 1981 08:52:00 GMT

GET
H/1.1 200
OK arp2.jpg
www.lemaitreturf.com/lespros2/avisdespros/ Frame 06DE 318 KB
319 KB 53ms
18ms Image
image/jpeg 194.150.236.236
HIWIT_AS

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.lemaitreturf.com/lespros2/avisdespros/arp2.jpg

Requested by

Host: www.lemaitreturf.com
URL: https://www.lemaitreturf.com/lespros2/avisdespros/

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

194.150.236.236 , France, ASN44976 (HIWIT_AS, FR),

Reverse DNS

ns76.hiwit.net

Software

Apache /

Resource Hash

69a8a6cd34033c248f0fb8bb083673e6d6030ef4f3c5eda7978468d1b2c10873

Security Headers

Name	Value
Strict-Transport-Security	max-age=15768000

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://www.lemaitreturf.com/lespros2/avisdespros/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

Date: Thu, 07 Dec 2023 23:30:21 GMT
Strict-Transport-Security: max-age=15768000
Last-Modified: Tue, 17 Jan 2023 18:33:02 GMT
Server: Apache
ETag: "2a19e23-4f94b-5f279ee07b380"
Vary: Host
Content-Type: image/jpeg
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=15, max=100
Content-Length: 325963

GET
H/1.1 200
OK alternate-barre.htm Show response
www.venez.fr/ Frame 2F6E 2 KB
1 KB 25ms
25ms Document
text/html 5.135.149.81
OVH

General

Check archive.org

Show headers Download Go to

Full URL: https://www.venez.fr/alternate-barre.htm
Requested by: Host: www.avisdespros.c4.fr
URL: http://www.avisdespros.c4.fr/barre-avisdespros.c4.fr.html
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 5.135.149.81 Le Chesnay, France, ASN16276 (OVH, FR),
Reverse DNS: web3.venez.net
Software: Apache /
Resource Hash: a627e83f25d1449e427c45fad41e4647885fc2b048ad2070353fd570ada02ab6

Request headers

Referer: http://www.avisdespros.c4.fr/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36
accept-language: fr-FR,fr;q=0.9

Response headers

Connection: Keep-Alive
Content-Encoding: gzip
Content-Length: 847
Content-Type: text/html; charset=iso-8859-1
Date: Thu, 07 Dec 2023 23:30:21 GMT
Keep-Alive: timeout=5, max=99
Server: Apache
Vary: Accept-Encoding

GET
H/1.1 200
OK barre90.gif
www.venez.fr/images/ Frame 140F 110 B
416 B 25ms
25ms Image
image/gif 5.135.149.81
OVH

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.venez.fr/images/barre90.gif
Requested by: Host: www.avisdespros.c4.fr
URL: http://www.avisdespros.c4.fr/barre-avisdespros.c4.fr.html
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 5.135.149.81 Le Chesnay, France, ASN16276 (OVH, FR),
Reverse DNS: web3.venez.net
Software: Apache /
Resource Hash: 49d4ba84e10d9d1f2a83956dde4f20625fd11efc01f60a3a4552a9e09a05a74f

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: http://www.avisdespros.c4.fr/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

Date: Thu, 07 Dec 2023 23:30:21 GMT
Last-Modified: Thu, 15 Nov 2018 22:06:23 GMT
Server: Apache
ETag: "6e-57abb42dff5c0"
Content-Type: image/gif
Cache-Control: max-age=604800, public
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=99
Content-Length: 110

GET
H/1.1 200
OK 120x60.gif
www.venez.fr/images/ Frame 2F6E 4 KB
4 KB 25ms
25ms Image
image/gif 5.135.149.81
OVH

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.venez.fr/images/120x60.gif
Requested by: Host: www.venez.fr
URL: https://www.venez.fr/alternate-barre.htm
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 5.135.149.81 Le Chesnay, France, ASN16276 (OVH, FR),
Reverse DNS: web3.venez.net
Software: Apache /
Resource Hash: 7dc792d48132ff15a9ad8c11a139bf26f8e13aa3df30a71582ae406ddffdab4f

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://www.venez.fr/alternate-barre.htm
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

Date: Thu, 07 Dec 2023 23:30:21 GMT
Last-Modified: Wed, 02 Mar 2011 00:16:24 GMT
Server: Apache
ETag: "f4c-49d74d2b9c600"
Content-Type: image/gif
Cache-Control: max-age=604800, public
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=98
Content-Length: 3916

GET
H/1.1 200
OK site.js Show response
www.venez.fr/js/ Frame 2F6E 2 KB
1 KB 27ms
26ms Script
application/javascript 5.135.149.81
OVH

General

Check archive.org

Show headers Download Go to

Full URL: https://www.venez.fr/js/site.js?www.venez.fr
Requested by: Host: www.venez.fr
URL: https://www.venez.fr/alternate-barre.htm
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 5.135.149.81 Le Chesnay, France, ASN16276 (OVH, FR),
Reverse DNS: web3.venez.net
Software: Apache /
Resource Hash: 0c91a24c2deb753c963c48cd9c3e5d16ee96128b30bce193c4324e121728c306

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://www.venez.fr/alternate-barre.htm
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

Date: Thu, 07 Dec 2023 23:30:21 GMT
Content-Encoding: gzip
Last-Modified: Thu, 07 Dec 2023 23:30:21 GMT
Server: Apache
Vary: Accept-Encoding
Content-Type: application/javascript
Cache-Control: public, max-age=604800
Connection: Keep-Alive
Keep-Alive: timeout=5, max=98
Content-Length: 1023
Expires: Thu, 14 Dec 2023 23:30:21 GMT

GET
H/1.1 200
OK barre90.gif
www.venez.fr/images/ Frame 2F6E 110 B
416 B 47ms
24ms Image
image/gif 5.135.149.81
OVH

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.venez.fr/images/barre90.gif
Requested by: Host: www.venez.fr
URL: https://www.venez.fr/alternate-barre.htm
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 5.135.149.81 Le Chesnay, France, ASN16276 (OVH, FR),
Reverse DNS: web3.venez.net
Software: Apache /
Resource Hash: 49d4ba84e10d9d1f2a83956dde4f20625fd11efc01f60a3a4552a9e09a05a74f

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://www.venez.fr/alternate-barre.htm
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

Date: Thu, 07 Dec 2023 23:30:21 GMT
Last-Modified: Thu, 15 Nov 2018 22:06:23 GMT
Server: Apache
ETag: "6e-57abb42dff5c0"
Content-Type: image/gif
Cache-Control: max-age=604800, public
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=97
Content-Length: 110

GET
H2 200 62482.jpg
static.gambling-affiliation.com/uploads/ads/ Frame 06DE 115 KB
116 KB 90ms
34ms Image
image/jpeg 91.198.105.122
EURO-WEB-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://static.gambling-affiliation.com/uploads/ads/62482.jpg
Requested by: Host: www.lemaitreturf.com
URL: https://www.lemaitreturf.com/lespros2/avisdespros/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 91.198.105.122 , France, ASN35393 (EURO-WEB-AS, FR),
Reverse DNS
Software: nginx/1.15.5 /
Resource Hash: 24c6c6cef0212392bd8472c94a831aaad088a6a727061af17ce115506e2698cb

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://www.lemaitreturf.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Thu, 07 Dec 2023 23:30:21 GMT
last-modified: Tue, 07 Mar 2023 17:08:20 GMT
server: nginx/1.15.5
accept-ranges: bytes
etag: "64076f84-1cdc9"
content-length: 118217
content-type: image/jpeg

GET
H2 200 25995.gif
static.gambling-affiliation.com/uploads/ads/ Frame 06DE 207 KB
208 KB 52ms
35ms Image
image/gif 91.198.105.122
EURO-WEB-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://static.gambling-affiliation.com/uploads/ads/25995.gif
Requested by: Host: www.lemaitreturf.com
URL: https://www.lemaitreturf.com/lespros2/avisdespros/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 91.198.105.122 , France, ASN35393 (EURO-WEB-AS, FR),
Reverse DNS
Software: nginx/1.15.5 /
Resource Hash: 1816069af86c24f0cc7eb81c78311efc0aba9aded5642284cf673bb1c7130e7e

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://www.lemaitreturf.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Thu, 07 Dec 2023 23:30:21 GMT
last-modified: Wed, 19 May 2021 07:07:11 GMT
server: nginx/1.15.5
accept-ranges: bytes
etag: "60a4b91f-33dd1"
content-length: 212433
content-type: image/gif

GET
H2 200 gtm.js Show response
www.googletagmanager.com/ Frame 06DE 165 KB
60 KB 91ms
32ms Script
application/javascript 2a00:1450:4001:82f::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtm.js?id=GTM-NVK252XV

Requested by

Host: payment.allopass.com
URL: https://payment.allopass.com/buy/checkout.apu?ids=357314&idd=1558788&lang=fr

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82f::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

c99c8265f9e93d67774a2eae4e5d44d7b4b1b6c957dac6a29bc9ab14eb191b59

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://www.lemaitreturf.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Thu, 07 Dec 2023 23:30:21 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 61213
x-xss-protection: 0
last-modified: Thu, 07 Dec 2023 21:00:00 GMT
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Thu, 07 Dec 2023 23:30:21 GMT

GET
H/1.1 200
OK buy-button.css
payment.allopass.com/static/css/ Frame 06DE 2 KB
830 B 55ms
20ms Stylesheet
text/css 185.119.26.1
WEBDEVIIN-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://payment.allopass.com/static/css/buy-button.css?1
Requested by: Host: payment.allopass.com
URL: https://payment.allopass.com/buy/checkout.apu?ids=357314&idd=1558788&lang=fr
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 185.119.26.1 , France, ASN203544 (WEBDEVIIN-AS, FR),
Reverse DNS: 1.26.119.185.in-addr.arpa
Software: Apache /
Resource Hash: 95eb15e76b752a9c78d6281cd3b7c43a8fbc2931783edf3bf3703af55eff06e2

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://www.lemaitreturf.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

Date: Thu, 07 Dec 2023 23:30:21 GMT
Content-Encoding: gzip
Last-Modified: Mon, 21 Aug 2023 10:50:27 GMT
Server: Apache
ETag: "235e8-69a-6036ca56d02c0"
Vary: Accept-Encoding
Content-Type: text/css
Connection: close
Accept-Ranges: bytes
Content-Length: 546

GET
H/1.1 200
OK 162x56.png
payment.allopass.com/static/buy/button/fr/ Frame 06DE 6 KB
6 KB 56ms
21ms Image
image/png 185.119.26.1
WEBDEVIIN-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://payment.allopass.com/static/buy/button/fr/162x56.png
Requested by: Host: www.lemaitreturf.com
URL: https://www.lemaitreturf.com/lespros2/avisdespros/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 185.119.26.1 , France, ASN203544 (WEBDEVIIN-AS, FR),
Reverse DNS: 1.26.119.185.in-addr.arpa
Software: Apache /
Resource Hash: 7dd9659e56e92abc376e04d427903b2cfca1d52d854d38e35fefa4cf9e7fd9db

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://www.lemaitreturf.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

Date: Thu, 07 Dec 2023 23:30:21 GMT
Last-Modified: Mon, 21 Aug 2023 10:50:27 GMT
Server: Apache
ETag: "215ee-1688-6036ca56d02c0"
Content-Type: image/png
Connection: close
Accept-Ranges: bytes
Content-Length: 5768

GET
H2 200 show_ads_impl_with_ama_fy2021.js Show response
pagead2.googlesyndication.com/pagead/managed/js/adsense/m202312040101/ Frame 140F 398 KB
135 KB 142ms
87ms Script
text/javascript 2a00:1450:4001:831::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202312040101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-5203714787387788&plah=www.avisdespros.c4.fr

Requested by

Host: pagead2.googlesyndication.com
URL: http://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

72216dfa064a0a997f95bc4b24cefb808434e90e38b4dd78c77384294fde6ca9

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: http://www.avisdespros.c4.fr/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Thu, 07 Dec 2023 23:30:21 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 137692
x-xss-protection: 0
server: cafe
etag: 5498997240167340451
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=3600, stale-while-revalidate=3600
timing-allow-origin: *
expires: Thu, 07 Dec 2023 23:30:21 GMT

GET
H2 200 zrt_lookup_fy2021.html Show response
googleads.g.doubleclick.net/pagead/html/r20231206/r20190131/ Frame A1A3 9 KB
4 KB 85ms
24ms Document
text/html 2a00:1450:4001:806::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/html/r20231206/r20190131/zrt_lookup_fy2021.html

Requested by

Host: pagead2.googlesyndication.com
URL: http://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:806::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

1fc8dfdb8f646e934bf93bc6f793604bb12c6b304c04ac509aa86cdc1a2dbbea

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: http://www.avisdespros.c4.fr/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36
accept-language: fr-FR,fr;q=0.9

Response headers

age: 14531
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=1209600
content-encoding: br
content-length: 4130
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Thu, 07 Dec 2023 19:28:10 GMT
etag: 5585625838579639069
expires: Thu, 21 Dec 2023 19:28:10 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H/1.1 200
OK date.png
www.lemaitreturf.com/lespros2/avisdespros/ Frame 06DE 35 KB
36 KB 19ms
18ms Image
image/png 194.150.236.236
HIWIT_AS

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.lemaitreturf.com/lespros2/avisdespros/date.png

Requested by

Host: www.lemaitreturf.com
URL: https://www.lemaitreturf.com/lespros2/avisdespros/

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

194.150.236.236 , France, ASN44976 (HIWIT_AS, FR),

Reverse DNS

ns76.hiwit.net

Software

Apache /

Resource Hash

2137deaa987e3f79fa0e0d8a3392c98fbe32c9f50132bf87dec513a46394ff8c

Security Headers

Name	Value
Strict-Transport-Security	max-age=15768000

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://www.lemaitreturf.com/lespros2/avisdespros/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

Date: Thu, 07 Dec 2023 23:30:21 GMT
Strict-Transport-Security: max-age=15768000
Last-Modified: Tue, 17 Jan 2023 18:33:06 GMT
Server: Apache
ETag: "2a19e5f-8d17-5f279ee44bc80"
Vary: Host
Content-Type: image/png
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=15, max=99
Content-Length: 36119

GET
H/1.1 200
OK bt_ok.gif
payment.allopass.com/imgweb/common/ Frame 06DE 753 B
991 B 54ms
19ms Image
image/gif 185.119.26.1
WEBDEVIIN-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://payment.allopass.com/imgweb/common/bt_ok.gif
Requested by: Host: www.lemaitreturf.com
URL: https://www.lemaitreturf.com/lespros2/avisdespros/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 185.119.26.1 , France, ASN203544 (WEBDEVIIN-AS, FR),
Reverse DNS: 1.26.119.185.in-addr.arpa
Software: Apache /
Resource Hash: d1d6b5efe0d6c2540778435a8f7873cbec1eb76a2b107370388a8806cb5dda6a

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://www.lemaitreturf.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

Date: Thu, 07 Dec 2023 23:30:21 GMT
Last-Modified: Tue, 26 Nov 2019 14:39:46 GMT
Server: Apache
ETag: "23384-2f1-59840d9fb3080"
Content-Type: image/gif
Connection: close
Accept-Ranges: bytes
Content-Length: 753

GET
H/1.1 200
OK arpnum.png
www.lemaitreturf.com/lespros2/avisdespros/ Frame 06DE 65 KB
66 KB 20ms
20ms Image
image/png 194.150.236.236
HIWIT_AS

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.lemaitreturf.com/lespros2/avisdespros/arpnum.png

Requested by

Host: www.lemaitreturf.com
URL: https://www.lemaitreturf.com/lespros2/avisdespros/

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

194.150.236.236 , France, ASN44976 (HIWIT_AS, FR),

Reverse DNS

ns76.hiwit.net

Software

Apache /

Resource Hash

8bb70ac0971f19679c9be2cbaf6183506597a7e8eec04eb29f3182e838a33b40

Security Headers

Name	Value
Strict-Transport-Security	max-age=15768000

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://www.lemaitreturf.com/lespros2/avisdespros/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

Date: Thu, 07 Dec 2023 23:30:21 GMT
Strict-Transport-Security: max-age=15768000
Last-Modified: Tue, 17 Jan 2023 18:33:03 GMT
Server: Apache
ETag: "2a19e24-104ae-5f279ee16f5c0"
Vary: Host
Content-Type: image/png
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=15, max=99
Content-Length: 66734

GET
H2 200 destination Show response
www.googletagmanager.com/gtag/ Frame 06DE 289 KB
95 KB 43ms
43ms Script
application/javascript 2a00:1450:4001:82f::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/destination?id=G-QG320G96PZ&l=dataLayer&cx=c

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-NVK252XV

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82f::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

ee78374e907329e6279411cdb60e55662fcb5d52404d945d8672431f3229865c

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://www.lemaitreturf.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Thu, 07 Dec 2023 23:30:21 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
access-control-allow-headers: Cache-Control
content-length: 96716
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires: Thu, 07 Dec 2023 23:30:21 GMT

GET
H2 200 ads Show response
googleads.g.doubleclick.net/pagead/ Frame 6D31 112 KB
45 KB 675ms
674ms Document
text/html 2a00:1450:4001:806::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5203714787387788&output=html&h=90&slotname=4563536207&adk=2647235303&adf=3604715433&pi=t.ma~as.4563536207&w=970&format=970x90&url=http%3A%2F%2Fwww.avisdespros.c4.fr%2F&ea=0&wgl=1&dt=1701991821273&bpp=1&bdt=350&idt=247&shv=r20231206&mjsv=m202312040101&ptt=9&saldr=aa&correlator=854185467442&frm=23&ife=1&pv=2&ga_vid=1703228832.1701991822&ga_sid=1701991822&ga_hid=986290867&ga_fc=0&nhd=1&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&adx=20&ady=0&biw=1600&bih=1200&isw=1600&ish=90&ifk=306685714&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C31079437%2C44795922%2C44807751%2C44807763%2C44808149%2C44808285%2C95320230&oid=2&pvsid=938984271938111&tmod=1794928186&uas=0&nvt=1&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C90&vis=1&rsz=o%7Co%7CaeE%7C&abl=NA&pfx=0&fu=4&bc=23&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=1&uci=1.k2bjzwjn787z&fsb=1&dtd=253

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202312040101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-5203714787387788&plah=www.avisdespros.c4.fr

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:806::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

1ebd2d71202a6ccca8b17b531abe8c1ca3bdfd3f9f8d8f5f0576debeddf119f3

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: http://www.avisdespros.c4.fr/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36
accept-language: fr-FR,fr;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private
content-encoding: br
content-length: 45771
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Thu, 07 Dec 2023 23:30:22 GMT
expires: Thu, 07 Dec 2023 23:30:22 GMT
observe-browsing-topics: ?1
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 pixel Show response
googleads.g.doubleclick.net/xbbe/ Frame DFB3 624 B
246 B 65ms
65ms Document
text/html 2a00:1450:4001:806::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/xbbe/pixel?d=CPDkLxCoi2UY_OrEmAEwAQ&v=APEucNX2t44G4FniQwJiHla5CdmYYWXdoXqhJMpygHgHuaATC7NsRoCofd3YiY5YCcfkLRmEIv9cVdnxkE4OkGT9kSRVwT_6Kw1Exe5SxKAr3NosgkbHdzd0qEL6YCdczq6-5cW4xNRJ1G8lU65jH6MkQHtcXFhUAa1hVWz-d4R1NRVPMTXvVUs

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5203714787387788&output=html&h=90&slotname=4563536207&adk=2647235303&adf=3604715433&pi=t.ma~as.4563536207&w=970&format=970x90&url=http%3A%2F%2Fwww.avisdespros.c4.fr%2F&ea=0&wgl=1&dt=1701991821273&bpp=1&bdt=350&idt=247&shv=r20231206&mjsv=m202312040101&ptt=9&saldr=aa&correlator=854185467442&frm=23&ife=1&pv=2&ga_vid=1703228832.1701991822&ga_sid=1701991822&ga_hid=986290867&ga_fc=0&nhd=1&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&adx=20&ady=0&biw=1600&bih=1200&isw=1600&ish=90&ifk=306685714&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C31079437%2C44795922%2C44807751%2C44807763%2C44808149%2C44808285%2C95320230&oid=2&pvsid=938984271938111&tmod=1794928186&uas=0&nvt=1&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C90&vis=1&rsz=o%7Co%7CaeE%7C&abl=NA&pfx=0&fu=4&bc=23&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=1&uci=1.k2bjzwjn787z&fsb=1&dtd=253

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:806::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

9ff367082be1d94abc86ad1e75ff921cc5d53846e860267372fade66305f9120

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5203714787387788&output=html&h=90&slotname=4563536207&adk=2647235303&adf=3604715433&pi=t.ma~as.4563536207&w=970&format=970x90&url=http%3A%2F%2Fwww.avisdespros.c4.fr%2F&ea=0&wgl=1&dt=1701991821273&bpp=1&bdt=350&idt=247&shv=r20231206&mjsv=m202312040101&ptt=9&saldr=aa&correlator=854185467442&frm=23&ife=1&pv=2&ga_vid=1703228832.1701991822&ga_sid=1701991822&ga_hid=986290867&ga_fc=0&nhd=1&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&adx=20&ady=0&biw=1600&bih=1200&isw=1600&ish=90&ifk=306685714&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C31079437%2C44795922%2C44807751%2C44807763%2C44808149%2C44808285%2C95320230&oid=2&pvsid=938984271938111&tmod=1794928186&uas=0&nvt=1&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C90&vis=1&rsz=o%7Co%7CaeE%7C&abl=NA&pfx=0&fu=4&bc=23&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=1&uci=1.k2bjzwjn787z&fsb=1&dtd=253
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36
accept-language: fr-FR,fr;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private
content-encoding: br
content-length: 222
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Thu, 07 Dec 2023 23:30:22 GMT
expires: Thu, 07 Dec 2023 23:30:22 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 express_html_inpage_rendering_lib_200_278.js Show response
s0.2mdn.net/879366/ Frame 5A33 111 KB
39 KB 80ms
24ms Script
text/javascript 2a00:1450:4001:830::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/879366/express_html_inpage_rendering_lib_200_278.js

Requested by

Host: www.avisdespros.c4.fr
URL: http://www.avisdespros.c4.fr/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:830::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

1642dd5dc126df4feff2255cba0988528507973d842d0a73331a5873f6b9d4e5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
Origin: https://googleads.g.doubleclick.net
accept-language: fr-FR,fr;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Thu, 07 Dec 2023 19:51:26 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 13136
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 39806
x-xss-protection: 0
last-modified: Tue, 14 Mar 2023 18:44:05 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=86400
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Fri, 08 Dec 2023 19:51:26 GMT

GET
H2 200 omrhp_fy2021.js Show response
pagead2.googlesyndication.com/pagead/js/r20231206/r20110914/elements/html/ Frame 5A33 7 KB
3 KB 24ms
24ms Script
text/javascript 2a00:1450:4001:831::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/r20231206/r20110914/elements/html/omrhp_fy2021.js

Requested by

Host: www.avisdespros.c4.fr
URL: http://www.avisdespros.c4.fr/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

c4b813f7aa04eca20be469b259cca2779799f58e280d73488bd7386940d2d146

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Thu, 07 Dec 2023 18:57:08 GMT
content-encoding: br
x-content-type-options: nosniff
age: 16394
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 3071
x-xss-protection: 0
server: cafe
etag: 10674441169935035545
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Thu, 21 Dec 2023 18:57:08 GMT

GET
H2 200 abg_lite_fy2021.js Show response
pagead2.googlesyndication.com/pagead/js/r20231206/r20110914/ Frame 5A33 24 KB
9 KB 24ms
24ms Script
text/javascript 2a00:1450:4001:831::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/r20231206/r20110914/abg_lite_fy2021.js

Requested by

Host: www.avisdespros.c4.fr
URL: http://www.avisdespros.c4.fr/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

c8fffb0b438b7f9403ccd47fddc2de355f2f685fe2f59ac9d4c15f82854d79b1

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Thu, 07 Dec 2023 18:57:09 GMT
content-encoding: br
x-content-type-options: nosniff
age: 16393
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 9318
x-xss-protection: 0
server: cafe
etag: 3562968281324141506
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Thu, 21 Dec 2023 18:57:09 GMT

GET
H2 200 Q12zgMmT.js Show response
tpc.googlesyndication.com/sodar/ Frame 5A33 41 KB
14 KB 97ms
28ms Script
text/javascript 2a00:1450:4001:81c::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/Q12zgMmT.js

Requested by

Host: www.avisdespros.c4.fr
URL: http://www.avisdespros.c4.fr/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:81c::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

435db380c9936c0970dcd3d9941eab6aec2fcf2a38c3e2b4e02d957e8e76bd1f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Fri, 01 Dec 2023 18:05:08 GMT
content-encoding: br
x-content-type-options: nosniff
age: 537914
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 13937
x-xss-protection: 0
last-modified: Fri, 25 Aug 2023 23:48:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
vary: Accept-Encoding
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Sat, 30 Nov 2024 18:05:08 GMT

GET
H2 200 window_focus_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20231206/r20110914/client/ Frame 5A33 3 KB
1 KB 116ms
47ms Script
text/javascript 2a00:1450:4001:81c::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20231206/r20110914/client/window_focus_fy2021.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:81c::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Thu, 07 Dec 2023 18:54:38 GMT
content-encoding: br
x-content-type-options: nosniff
age: 16544
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1236
x-xss-protection: 0
server: cafe
etag: 15004572836499977866
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Thu, 21 Dec 2023 18:54:38 GMT

GET
H2 200 qs_click_protection_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20231206/r20110914/client/ Frame 5A33 20 KB
9 KB 93ms
25ms Script
text/javascript 2a00:1450:4001:81c::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20231206/r20110914/client/qs_click_protection_fy2021.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:81c::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

21602d46c4e666495bdd0f84c3dfe552b57dd5111b4f1aa970a637c747635b81

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Thu, 07 Dec 2023 18:55:12 GMT
content-encoding: br
x-content-type-options: nosniff
age: 16510
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 8581
x-xss-protection: 0
server: cafe
etag: 5638635208567908330
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Thu, 21 Dec 2023 18:55:12 GMT

GET
H2 200 ufs_web_display.js Show response
www.googletagservices.com/activeview/js/current/ Frame 5A33 202 KB
64 KB 117ms
60ms Script
text/javascript 2a00:1450:4001:808::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/ufs_web_display.js?cache=r20110914

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:808::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

a04fa6af32e77548f1c3e27b7014f3520c7494f317fa80b58f8704de83e4b821

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Thu, 07 Dec 2023 23:30:22 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 65145
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1701866768669483"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
timing-allow-origin: *
expires: Thu, 07 Dec 2023 23:30:22 GMT

GET
H2 200 gen_204
pagead2.googlesyndication.com/pagead/ Frame 5A33 42 B
173 B 58ms
58ms Image
image/gif 2a00:1450:4001:831::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=xbid&dbm_b=AKAmf-ACGeOVRHWcBbcNhi4v4S71CaAav-5Enmymb8lNl_f8CfBveoHbJ0xavThgBdg-e1xDtdbsrXk1uCM6u_v73gFAUUje6HdanIYtR269-oXIlfXGV18

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 07 Dec 2023 23:30:22 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2

200

rum
dsum-sec.casalemedia.com/ Frame DFB3
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_dbm
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEOmd0IudT6X60b9j0g4gQUA&google_cver=1

43 B
333 B

45ms
45ms

Image
image/gif

172.64.151.101
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEOmd0IudT6X60b9j0g4gQUA&google_cver=1
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CPDkLxCoi2UY_OrEmAEwAQ&v=APEucNX2t44G4FniQwJiHla5CdmYYWXdoXqhJMpygHgHuaATC7NsRoCofd3YiY5YCcfkLRmEIv9cVdnxkE4OkGT9kSRVwT_6Kw1Exe5SxKAr3NosgkbHdzd0qEL6YCdczq6-5cW4xNRJ1G8lU65jH6MkQHtcXFhUAa1hVWz-d4R1NRVPMTXvVUs
Protocol: H2
Server: 172.64.151.101 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 07 Dec 2023 23:30:22 GMT
cf-cache-status: DYNAMIC
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=csfv9gbNmbQWH7kgrmpixplYd9GMCsV6oVCEFldNJtEHpxIm3pQ9YF7pvYTwK9lMKqVhWhsko0A2p5wwOD0p7gMbTxu70Aqr328ElvaXaiRl8bgDl4s8y9il5tjQ%2BM8mcBcYQqHL2Kzc%2Fw%3D%3D"}],"group":"cf-nel","max_age":604800}
p3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
content-type: image/gif
cache-control: no-cache
cf-ray: 83208e5a5b302a62-CDG
alt-svc: h3=":443"; ma=86400
content-length: 43
expires: 0

Redirect headers

pragma: no-cache
date: Thu, 07 Dec 2023 23:30:22 GMT
server: HTTP server (unknown)
content-type: text/html; charset=UTF-8
location: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEOmd0IudT6X60b9j0g4gQUA&google_cver=1
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 313
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3

200

rum
dsum-sec.casalemedia.com/ Frame DFB3
Redirect Chain

https://dsum-sec.casalemedia.com/rrum?ixi=0&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D
https://dsum-sec.casalemedia.com/rrum?cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D&cm_dsp_id=85&ixi=0&C=1
https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_hm=ZXJVjn0jtkzlhf743JxzBAAA
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEOmd0IudT6X60b9j0g4gQUA&google_cver=1

43 B
767 B

42ms
41ms

Image
image/gif

172.64.151.101
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEOmd0IudT6X60b9j0g4gQUA&google_cver=1
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CPDkLxCoi2UY_OrEmAEwAQ&v=APEucNX2t44G4FniQwJiHla5CdmYYWXdoXqhJMpygHgHuaATC7NsRoCofd3YiY5YCcfkLRmEIv9cVdnxkE4OkGT9kSRVwT_6Kw1Exe5SxKAr3NosgkbHdzd0qEL6YCdczq6-5cW4xNRJ1G8lU65jH6MkQHtcXFhUAa1hVWz-d4R1NRVPMTXvVUs
Protocol: H3
Server: 172.64.151.101 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 07 Dec 2023 23:30:22 GMT
cf-cache-status: DYNAMIC
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=yuEMS5%2Fxqco7VHMgjoTzKHa2GtkzBOex42EnZ7znd9WXg%2BnoJw8AD7nAYiCQkAjTbirDkvfy2NsQRGzLvrNVCn3RuKArHJjoW6MjzvKnMO4Jyd2aFUbp6kY4prQGtHMihD3a8CDo9lLvRA%3D%3D"}],"group":"cf-nel","max_age":604800}
p3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
content-type: image/gif
cache-control: no-cache
cf-ray: 83208e5ad9369987-CDG
alt-svc: h3=":443"; ma=86400
content-length: 43
expires: 0

Redirect headers

pragma: no-cache
date: Thu, 07 Dec 2023 23:30:22 GMT
server: HTTP server (unknown)
content-type: text/html; charset=UTF-8
location: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEOmd0IudT6X60b9j0g4gQUA&google_cver=1
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 313
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2

200

setuid
ib.adnxs.com/ Frame DFB3
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_cm&google_dbm
https://ib.adnxs.com/setuid?entity=101&code=CAESEP_pCGOpWdusvrWE5oTtOYE&google_cver=1

43 B
838 B

22ms
22ms

Image
image/gif

37.252.171.149
ASN-APPNEX

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ib.adnxs.com/setuid?entity=101&code=CAESEP_pCGOpWdusvrWE5oTtOYE&google_cver=1

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CPDkLxCoi2UY_OrEmAEwAQ&v=APEucNX2t44G4FniQwJiHla5CdmYYWXdoXqhJMpygHgHuaATC7NsRoCofd3YiY5YCcfkLRmEIv9cVdnxkE4OkGT9kSRVwT_6Kw1Exe5SxKAr3NosgkbHdzd0qEL6YCdczq6-5cW4xNRJ1G8lU65jH6MkQHtcXFhUAa1hVWz-d4R1NRVPMTXvVUs

Protocol

Server

37.252.171.149 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),

Reverse DNS

984.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net

Software

nginx/1.23.4 /

Resource Hash

4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 07 Dec 2023 23:30:22 GMT
an-x-request-uuid: 554457aa-01d7-4f19-a86c-267ae5fbe365
server: nginx/1.23.4
accept-ch: Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type: image/gif
cache-control: no-store, no-cache, private
x-proxy-origin: 37.59.164.96; 37.59.164.96; 984.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net; adnxs.com
content-length: 43
x-xss-protection: 0
expires: Sat, 15 Nov 2008 16:00:00 GMT

Redirect headers

pragma: no-cache
date: Thu, 07 Dec 2023 23:30:22 GMT
server: HTTP server (unknown)
content-type: text/html; charset=UTF-8
location: https://ib.adnxs.com/setuid?entity=101&code=CAESEP_pCGOpWdusvrWE5oTtOYE&google_cver=1
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 290
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2

200

pixel
cm.g.doubleclick.net/ Frame DFB3
Redirect Chain

https://ib.adnxs.com/getuid?https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=${BASE64_UID_ENC}
https://ib.adnxs.com/bounce?%2Fgetuid%3Fhttps%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dappnexus%26google_hm%3D%24%7BBASE64_UID_ENC%7D
https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=MzQ3MTMwMjQyMjIzODExMjA1

170 B
243 B

35ms
34ms

Image
image/png

172.217.18.98
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=MzQ3MTMwMjQyMjIzODExMjA1

Requested by

Protocol

Server

172.217.18.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

zrh04s05-in-f98.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 07 Dec 2023 23:30:22 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma: no-cache
date: Thu, 07 Dec 2023 23:30:22 GMT
an-x-request-uuid: 667146bd-ae74-48dc-a458-940a6d333d0c
server: nginx/1.23.4
accept-ch: Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type: text/html; charset=utf-8
access-control-allow-origin: *
cache-control: no-store, no-cache, private
access-control-allow-credentials: true
location: https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=MzQ3MTMwMjQyMjIzODExMjA1
x-proxy-origin: 37.59.164.96; 37.59.164.96; 984.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net; adnxs.com
content-length: 0
x-xss-protection: 0
expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H3 200 index.html Show response
s0.2mdn.net/sadbundle/3268888029877978355/ Frame 957C 28 KB
5 KB 74ms
25ms Document
text/html 2a00:1450:4001:830::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/sadbundle/3268888029877978355/index.html?ev=01_250

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/879366/express_html_inpage_rendering_lib_200_278.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

fd0d333fa18e19bbd37f031a47cdb450b2f74918edf4420482b5012f5ef65b96

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36
accept-language: fr-FR,fr;q=0.9

Response headers

accept-ranges: bytes
access-control-allow-origin: *
age: 236565
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=31536000
content-encoding: gzip
content-length: 5268
content-type: text/html
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
cross-origin-resource-policy: cross-origin
date: Tue, 05 Dec 2023 05:47:37 GMT
expires: Wed, 04 Dec 2024 05:47:37 GMT
last-modified: Wed, 15 Nov 2023 15:04:03 GMT
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-dns-prefetch-control: off
x-xss-protection: 0

GET
H2 200 view
ad.doubleclick.net/pcs/ Frame 5A33 0
0 139ms
68ms Fetch
image/gif 172.217.16.134
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://ad.doubleclick.net/pcs/view?xai=AKAOjst4MXlQTOvGEELPdWiZpUiPQec0nW_HiAy1uFj2RIgEbMjRqhv8z_oI2o7fCmyz2kOAFRNaYExkLXasQx9PUZGLIFDiIDanaOwfh0zqVj372PtAopcuSV9V1veVDd5jCB3uGV6AQJtHxK5zI-7IebAFZv9HJTXQ5l4x7I3bmTCU7OSqUU84AHqo_4F8nRMBxtO1FnRA837MZNZZ_eBVRKqdOQXMc8cEM27v6L8xBrJCyTP9umXOVJJL1bLGXCpBnhM0T4_3iSH-3lXkQjfsIT6SL5OsgwAl_JyTNZJUwLzABJCeS9XrkMN4dj8K4CeZ2pVdLBSMH66GhJJAEKsIV-GOQFEzFQhcdE8L4Sn-vuOVuF2lbAXxW2rkMWAu9uvE3we2wtJkCgJ4uhSvb_Wk6ioDssV0Ai9PVV1SvJ_yDNVyOnIWaEtw3cVDFszdQLbyznTDMVr3NKdADHaeS1rPYHv0cw6KTNKEQk8vGPb8hvWgkbnrssQzrtgzgLfuThWOfn_k4zf3pm9gYZs3bi-rkWm5XYniIUnDjNDcLCslR5iZW1m6QHQBi0ZLKSgzcGydrzvr018a24dmo8MaD8d4m4e9Cil0jB8IVwf1VelhM3iQXR38EQrssOTi7jcaME5kuxAIG1N8JjkXgwy2jAtuvTwCgB3pcxcC26yP_855xoABB468DOZvfc3AF5dWJipz9oBCN-PYvXyxxvW-zVn1ZTdyWWwElx4QJIbrj0MacTjzSeMGn-ZF8yGkFu-VkK2w_tmIQIim_82_Au8WR2a-tgyGSKLGILCr56vD1np0mJQgNlOASERIqMdrSEsA63aFpLy7zqAnf2HL7GPeDJ3tvbIdxNfQ0Kj4n1G9jDowJcD6O6ISuj756TNRPKo-2UOQwe-ga0FL-B8oRuJGSkhhdWpavWzi7VkAEegIH8tIJrUURRiIXeC99XN41MVSzLakaIGJHNOwzsG0tMsUusJa-liJS3Op88x6elTqsNCxE_jkHgjXTx9DMxPbfrLdPYHBFjeirBYfOWAg74Gdw4t3oX4t0o2EwDpW3JeKYRj1W8p1N4KqgsAVxlcXSe3uy2LLYg7xTzwsajq18eBgHWME7KBOU_ATOpS2QFfpjL02XPC5KqKTDkgVQWtRIiyIx2mKXIVI4cpVZ0DW-NtQdftA3liNI2a3RMkzUG4wyf8aUtiSU06zPOJ4Dk8t9nGAS63GVkTkfNDsofhtQDAvst6o4-07FcyjDzmsOyK-B_1YWT79o0CTceCP_osKvZ2AIb6LlXTvmeEkWdUMNu1OOL4dFbzifWCWLPRZQQ36k5gDXtqRQk0ouSyNrtZsOcSnTlm-CR84aqKVyBoZKs7bwJyUgn2WGcARjWOMvYU-gamS5NlLnA&sai=AMfl-YRd1MoSx6fTMgg4LDADMkvt4UJdfYdYI-XQj4qITfc3xsYxjQU5Xd27TQjstSfC3iYw7zvjj-XZMSbdpV9YZoTlMV9ZG_EO-M9kv3SZPK73OpWAgyxCkGPyOOJPi9-h-UHe_RpkFkS9PtqhhqEE1TQez7P2MZwFUcoW7SyqjqfcRIINK2JdGGiBluXEmK0YgzJee2d2soas3SiJx4DbHcmqigZh6n9si2M4HmypFHq_RenksRZKT7G7uyknpmiv0E3jOZKunIkjqaTPGUoJtsMZBY3sFvG-ljPM_9PuXqc2zrujGu2ytKuG_VbCMHZeenKGYRW92f7N_afqk23kCB4GirTmm784G1N7Ywt8xumD4uEbVquo4vutbF28mZqWI9nuibI0t-7speVdo-lQWfS4LdvQrdaTHMpKWyU2id1vCHEWKBHikiMQn5DQY8DZN7rR23ZzVtABjbFEm7NmEmqFoJhgGad6VRw-w7vAL9hmK81PXpCBAv1vCYfv0V-Zo7L4Yb-8dBM&sig=Cg0ArKJSzBu4ZwjGcydWEAE&uach_m=%5BUACH%5D&pr=missingexchangepricemacro&crd=aHR0cHM6Ly9iaXRkZWZlbmRlci5jb20saHR0cHM6Ly9iaXRkZWZlbmRlci5mcg&fbs_aeid=%5Bgw_fbsaeid%5D&urlfix=1&omid=0&rm=1&ctpt=115&cbvp=1&cstd=114&cisv=r20231206.43952&arae=0&ftch=1&adurl=

Requested by

Host: www.avisdespros.c4.fr
URL: http://www.avisdespros.c4.fr/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.217.16.134 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

zrh04s06-in-f134.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

content-security-policy: script-src 'none'; object-src 'none'
date: Thu, 07 Dec 2023 23:30:22 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server: cafe
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin: *
content-type: image/gif
cache-control: private
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0

GET
DATA 200
OK truncated
/ Frame 5A33 218 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: ee5f229d4ee4a87d0ada746094c48fb43d42f5eab5cf744cb6af1cb94017438f

Request headers

accept-language: fr-FR,fr;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

Content-Type: image/png

GET
H2 200 62bHydCX.html Show response
tpc.googlesyndication.com/sodar/ Frame 4F60 38 KB
13 KB 25ms
24ms Document
text/html 2a00:1450:4001:81c::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/62bHydCX.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/Q12zgMmT.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:81c::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

eb66c7c9d097d5ba414230f422484c17fa6f37157d30e1ded2cc5f65a9667987

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36
accept-language: fr-FR,fr;q=0.9

Response headers

accept-ranges: bytes
age: 224337
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=31536000
content-encoding: br
content-length: 13045
content-type: text/html
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy: cross-origin
date: Tue, 05 Dec 2023 09:11:25 GMT
expires: Wed, 04 Dec 2024 09:11:25 GMT
last-modified: Fri, 25 Aug 2023 23:48:00 GMT
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 5a29c1c336288e5257bd73435885887b.js Show response
s0.2mdn.net/sadbundle/3268888029877978355/ Frame 957C 130 KB
38 KB 25ms
24ms Script
application/x-javascript 2a00:1450:4001:830::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/sadbundle/3268888029877978355/5a29c1c336288e5257bd73435885887b.js

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/3268888029877978355/index.html?ev=01_250

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

38440b053a0325f0744177d98a6f77018a3c7e2ccf062f79f76abe4d55bac679

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://s0.2mdn.net/sadbundle/3268888029877978355/index.html?ev=01_250
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Tue, 05 Dec 2023 08:46:09 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 225853
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 38377
x-xss-protection: 0
last-modified: Wed, 15 Nov 2023 15:04:03 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: application/x-javascript
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Wed, 04 Dec 2024 08:46:09 GMT

GET
H3 200 Dtt_-LR3WxpzwV0Gscftq1A_D1owstvxoTnWWhwY4Ow.js Show response
pagead2.googlesyndication.com/bg/ Frame 4F60 39 KB
15 KB 24ms
24ms Script
text/javascript 2a00:1450:4001:831::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/Dtt_-LR3WxpzwV0Gscftq1A_D1owstvxoTnWWhwY4Ow.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/62bHydCX.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

0edb7ff8b4775b1a73c15d06b1c7edab503f0f5a30b2dbf1a139d65a1c18e0ec

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Thu, 07 Dec 2023 09:57:35 GMT
content-encoding: br
x-content-type-options: nosniff
age: 48767
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 15165
x-xss-protection: 0
last-modified: Tue, 28 Nov 2023 18:18:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Fri, 06 Dec 2024 09:57:35 GMT

GET
H2 200 css
fonts.googleapis.com/ Frame 957C 6 KB
1 KB 92ms
33ms Stylesheet
text/css 2a00:1450:4001:831::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=IBM+Plex+Sans:600|Roboto:500|Roboto:700

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/3268888029877978355/5a29c1c336288e5257bd73435885887b.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:831::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

bc5445db040f70bf604270838acfd95ccdf29a7b67770ce7f0bdf30fc0678038

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://s0.2mdn.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Thu, 07 Dec 2023 23:30:22 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
last-modified: Thu, 07 Dec 2023 23:20:16 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Thu, 07 Dec 2023 23:30:22 GMT

GET
H3 200 732e6b6c27a20285e7b8e3ff8714511a.png
s0.2mdn.net/sadbundle/3268888029877978355/media/ Frame 957C 5 KB
5 KB 25ms
24ms Image
image/png 2a00:1450:4001:830::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/sadbundle/3268888029877978355/media/732e6b6c27a20285e7b8e3ff8714511a.png

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/3268888029877978355/index.html?ev=01_250

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

0aa1be81fda06de2efd9639b18bd2580f814320b13ccbef13a8d1c30f5ee3d4e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://s0.2mdn.net/sadbundle/3268888029877978355/index.html?ev=01_250
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Mon, 04 Dec 2023 22:49:42 GMT
x-content-type-options: nosniff
age: 261640
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 4840
x-xss-protection: 0
last-modified: Wed, 15 Nov 2023 15:04:03 GMT
server: sffe
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Tue, 03 Dec 2024 22:49:42 GMT

GET
H3 200 14a5357efe026c52e8c22f698ff46157.png
s0.2mdn.net/sadbundle/3268888029877978355/media/ Frame 957C 794 B
821 B 26ms
25ms Image
image/png 2a00:1450:4001:830::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/sadbundle/3268888029877978355/media/14a5357efe026c52e8c22f698ff46157.png

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/3268888029877978355/index.html?ev=01_250

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

5bce27ce4b302cea70cf511c73d44c7dd0e38aa5b4744101662253be55946b31

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://s0.2mdn.net/sadbundle/3268888029877978355/index.html?ev=01_250
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Tue, 05 Dec 2023 04:15:20 GMT
x-content-type-options: nosniff
age: 242102
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 794
x-xss-protection: 0
last-modified: Wed, 15 Nov 2023 15:04:03 GMT
server: sffe
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Wed, 04 Dec 2024 04:15:20 GMT

GET
H3 200 c16184f967ef0aa68e4960402d920774.png
s0.2mdn.net/sadbundle/3268888029877978355/media/ Frame 957C 9 KB
10 KB 27ms
25ms Image
image/png 2a00:1450:4001:830::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/sadbundle/3268888029877978355/media/c16184f967ef0aa68e4960402d920774.png

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/3268888029877978355/index.html?ev=01_250

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

98fd2b5a818cc924222ce20be58a36e91f730654b487c484f3c524894411e4a2

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://s0.2mdn.net/sadbundle/3268888029877978355/index.html?ev=01_250
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Sat, 02 Dec 2023 01:09:34 GMT
x-content-type-options: nosniff
age: 512448
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 9705
x-xss-protection: 0
last-modified: Wed, 15 Nov 2023 15:04:03 GMT
server: sffe
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Sun, 01 Dec 2024 01:09:34 GMT

GET
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame 4F60 0
20 B 61ms
61ms Image
image/gif 2a00:1450:4001:831::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar&v=44&t=2&bgai=Bo6RQjVVyZdTrKrfYz7sPnImIyA4AAAAAOAHgBAI&bg=!wcKlwo3NAAY3kmNgF5I7ADQBe5WfOPTkDIWvsXdzYl4iR04c3lLFw97ohMCfkDurAJ5kJI71ZmcdEcAjeMrl5XrmaVX6AgAAAC1SAAAAAmgBB5kDdWK0uTDPEALUx_LM_1GHZDp5nyXSB7ypHZefqtQHIxEXL7UFNL7mIBANLjWUEtmojovZXB-9kWp4dZfOFYWMlSx5Yy_Wd-vWGZoyfQCscBivc7L3IM8VhhTgahRg2hUftdADC0UdwsmDV_dt_Ack5-Kphuv96Nr2apsUjifJWvwH9V5C5UbYayOUXUe_rwhHFrPgeyyEyOAfVKs5xkEZMJGuPZ3SYp1it4xkwMhNMIzvhfdEU0B2RixSj7v3vQAzquOohN_nlyjPp00AfmCDoNdEzw6guBIqjaU6MXhaVmgL2zOG1oSOm-HekLxSWUT_ptWaKFLA08EWYvYTynOyRooJdeYmVD9imY4K-c8XX_qo1FZfMGtgb5DaO-46Vc0du2HEO8lfJdzKIRr-I5xyZIcgHOKHc39ElzMQrz5mKB--exDPaZyGa8_mEn0nA4GcmW178truveZnI8J9QgbIreCvkFFeIjK_4EkGaB3w31gq1sIFoHUBTSiBfdDFrh8xh0FAI9TBAvp8qSRiDuUmy93-1509WDGr0eV_mBdXZSlSpBFlfObWX2QLHrBYZM1X3Ot4lPnP2etJr6P9kpagQLYEkMTQcCHVdXoFMZngiaqnp4b-bHVIIkyyl6wwHAoFoEfLvda3Yit2UmPNs7FKjZrWlVLOAVGZNZKPHt9MVkHGw3hlrbX1hT9AeDdkJZ60fmZD4nDZOW8X4siNRH2iVaeNs1VyTt5NkAO7rk423aHIwYUJcLmcykBJ_geNV9wvEHt7SddWXh6yceuO7qOGqdygoT7pRITPHgEFeiR5PLIN2EsB0a7ptKuOJSlexysqqoSCMLXu7eOLdarLZToIb8ucdcGh_HVDFiW1yuKOoG_iD8idD1wUCz_rFPLMP_G54TMrv8kMMPQQPDUGJvRI95Kfms-jTj7xrqY0JJeubrExxdubI-11bHqHFRJnJOfP4Z5Yka14VacflEYIKiMn_ZRLgTrhqVP5zB2RjSVMTfBhvzI4zp8Pahzsk7HxgOlVeP3xXQhLi4hD5CuJLyCAgoewk9x_K1wc-ebY7qZiVmpgBu3hHQAxKy_lLxD8Z2Z2tG7bQn0bLHiaourZYCzIbXN4TJFG0XwpKI8T25Aa8T_XYPOJHBOKnYFJvTV571AevyBTYzqlh7u2ID6nUbH9h183MwYNOA

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 07 Dec 2023 23:30:22 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 zYX9KVElMYYaJe8bpLHnCwDKjQ76AIFsdA.woff2
fonts.gstatic.com/s/ibmplexsans/v19/ Frame 957C 20 KB
20 KB 107ms
50ms Font
font/woff2 2a00:1450:4001:829::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/ibmplexsans/v19/zYX9KVElMYYaJe8bpLHnCwDKjQ76AIFsdA.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=IBM+Plex+Sans:600|Roboto:500|Roboto:700

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:829::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

31535a91ce3f6b8ed3ddedadab1e49957e2220263a640df1a3f14f6fdfe15eb6

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://s0.2mdn.net
accept-language: fr-FR,fr;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Tue, 05 Dec 2023 08:44:11 GMT
x-content-type-options: nosniff
age: 225971
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 20356
x-xss-protection: 0
last-modified: Tue, 02 May 2023 16:19:23 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 04 Dec 2024 08:44:11 GMT

GET
H2 200 KFOlCnqEu92Fr1MmEU9fBBc4.woff2
fonts.gstatic.com/s/roboto/v30/ Frame 957C 16 KB
16 KB 80ms
24ms Font
font/woff2 2a00:1450:4001:829::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v30/KFOlCnqEu92Fr1MmEU9fBBc4.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=IBM+Plex+Sans:600|Roboto:500|Roboto:700

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:829::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

b019538234514166ec7665359d097403358f8a4c991901983922fb4d56989f1e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://s0.2mdn.net
accept-language: fr-FR,fr;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Fri, 01 Dec 2023 23:58:11 GMT
x-content-type-options: nosniff
age: 516731
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 15920
x-xss-protection: 0
last-modified: Wed, 11 May 2022 19:24:45 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Sat, 30 Nov 2024 23:58:11 GMT

GET
H2 200 KFOlCnqEu92Fr1MmWUlfBBc4.woff2
fonts.gstatic.com/s/roboto/v30/ Frame 957C 15 KB
16 KB 86ms
31ms Font
font/woff2 2a00:1450:4001:829::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v30/KFOlCnqEu92Fr1MmWUlfBBc4.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=IBM+Plex+Sans:600|Roboto:500|Roboto:700

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:829::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

f5aebdfea35d1e7656ef4acc5db1f243209755ae3300943ef8fc6280f363c860

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://s0.2mdn.net
accept-language: fr-FR,fr;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Wed, 06 Dec 2023 19:32:51 GMT
x-content-type-options: nosniff
age: 100651
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 15860
x-xss-protection: 0
last-modified: Wed, 11 May 2022 19:24:42 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Thu, 05 Dec 2024 19:32:51 GMT

GET
H2 200 view
ad.doubleclick.net/pcs/ Frame 5A33 0
0 64ms
63ms Fetch
image/gif 172.217.16.134
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://ad.doubleclick.net/pcs/view?xai=AKAOjst4MXlQTOvGEELPdWiZpUiPQec0nW_HiAy1uFj2RIgEbMjRqhv8z_oI2o7fCmyz2kOAFRNaYExkLXasQx9PUZGLIFDiIDanaOwfh0zqVj372PtAopcuSV9V1veVDd5jCB3uGV6AQJtHxK5zI-7IebAFZv9HJTXQ5l4x7I3bmTCU7OSqUU84AHqo_4F8nRMBxtO1FnRA837MZNZZ_eBVRKqdOQXMc8cEM27v6L8xBrJCyTP9umXOVJJL1bLGXCpBnhM0T4_3iSH-3lXkQjfsIT6SL5OsgwAl_JyTNZJUwLzABJCeS9XrkMN4dj8K4CeZ2pVdLBSMH66GhJJAEKsIV-GOQFEzFQhcdE8L4Sn-vuOVuF2lbAXxW2rkMWAu9uvE3we2wtJkCgJ4uhSvb_Wk6ioDssV0Ai9PVV1SvJ_yDNVyOnIWaEtw3cVDFszdQLbyznTDMVr3NKdADHaeS1rPYHv0cw6KTNKEQk8vGPb8hvWgkbnrssQzrtgzgLfuThWOfn_k4zf3pm9gYZs3bi-rkWm5XYniIUnDjNDcLCslR5iZW1m6QHQBi0ZLKSgzcGydrzvr018a24dmo8MaD8d4m4e9Cil0jB8IVwf1VelhM3iQXR38EQrssOTi7jcaME5kuxAIG1N8JjkXgwy2jAtuvTwCgB3pcxcC26yP_855xoABB468DOZvfc3AF5dWJipz9oBCN-PYvXyxxvW-zVn1ZTdyWWwElx4QJIbrj0MacTjzSeMGn-ZF8yGkFu-VkK2w_tmIQIim_82_Au8WR2a-tgyGSKLGILCr56vD1np0mJQgNlOASERIqMdrSEsA63aFpLy7zqAnf2HL7GPeDJ3tvbIdxNfQ0Kj4n1G9jDowJcD6O6ISuj756TNRPKo-2UOQwe-ga0FL-B8oRuJGSkhhdWpavWzi7VkAEegIH8tIJrUURRiIXeC99XN41MVSzLakaIGJHNOwzsG0tMsUusJa-liJS3Op88x6elTqsNCxE_jkHgjXTx9DMxPbfrLdPYHBFjeirBYfOWAg74Gdw4t3oX4t0o2EwDpW3JeKYRj1W8p1N4KqgsAVxlcXSe3uy2LLYg7xTzwsajq18eBgHWME7KBOU_ATOpS2QFfpjL02XPC5KqKTDkgVQWtRIiyIx2mKXIVI4cpVZ0DW-NtQdftA3liNI2a3RMkzUG4wyf8aUtiSU06zPOJ4Dk8t9nGAS63GVkTkfNDsofhtQDAvst6o4-07FcyjDzmsOyK-B_1YWT79o0CTceCP_osKvZ2AIb6LlXTvmeEkWdUMNu1OOL4dFbzifWCWLPRZQQ36k5gDXtqRQk0ouSyNrtZsOcSnTlm-CR84aqKVyBoZKs7bwJyUgn2WGcARjWOMvYU-gamS5NlLnA&sai=AMfl-YRd1MoSx6fTMgg4LDADMkvt4UJdfYdYI-XQj4qITfc3xsYxjQU5Xd27TQjstSfC3iYw7zvjj-XZMSbdpV9YZoTlMV9ZG_EO-M9kv3SZPK73OpWAgyxCkGPyOOJPi9-h-UHe_RpkFkS9PtqhhqEE1TQez7P2MZwFUcoW7SyqjqfcRIINK2JdGGiBluXEmK0YgzJee2d2soas3SiJx4DbHcmqigZh6n9si2M4HmypFHq_RenksRZKT7G7uyknpmiv0E3jOZKunIkjqaTPGUoJtsMZBY3sFvG-ljPM_9PuXqc2zrujGu2ytKuG_VbCMHZeenKGYRW92f7N_afqk23kCB4GirTmm784G1N7Ywt8xumD4uEbVquo4vutbF28mZqWI9nuibI0t-7speVdo-lQWfS4LdvQrdaTHMpKWyU2id1vCHEWKBHikiMQn5DQY8DZN7rR23ZzVtABjbFEm7NmEmqFoJhgGad6VRw-w7vAL9hmK81PXpCBAv1vCYfv0V-Zo7L4Yb-8dBM&sig=Cg0ArKJSzBu4ZwjGcydWEAE&uach_m=%5BUACH%5D&pr=missingexchangepricemacro&crd=aHR0cHM6Ly9iaXRkZWZlbmRlci5jb20saHR0cHM6Ly9iaXRkZWZlbmRlci5mcg&fbs_aeid=%5Bgw_fbsaeid%5D&urlfix=1&omid=0&rm=1&ctpt=459&vt=11&dtpt=344&dett=3&cstd=114&cisv=r20231206.43952&arae=0&ftch=1&adurl=

Requested by

Host: www.avisdespros.c4.fr
URL: http://www.avisdespros.c4.fr/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.217.16.134 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

zrh04s06-in-f134.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Thu, 07 Dec 2023 23:30:22 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: private
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0

GET
H3 200 sodar Show response
pagead2.googlesyndication.com/getconfig/ Frame 140F 16 KB
12 KB 122ms
73ms XHR
application/json 2a00:1450:4001:831::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gda&tv=r20231206&st=env

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

575c10a567aadde1c9f73670aeab035cfcc8ce1b8f702fb40c94516749785416

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: http://www.avisdespros.c4.fr/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Thu, 07 Dec 2023 23:30:22 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
content-type: application/json; charset=UTF-8
access-control-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 12109
x-xss-protection: 0

GET
H2 200 css
fonts.googleapis.com/ Frame 957C 2 KB
657 B 34ms
33ms Stylesheet
text/css 2a00:1450:4001:831::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=IBM+Plex+Sans:700

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/3268888029877978355/5a29c1c336288e5257bd73435885887b.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:831::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

49e1305a9ecb2f5c422140d4f4209bb7cabf62eb6767790af1c583b354def463

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://s0.2mdn.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Thu, 07 Dec 2023 23:30:22 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
last-modified: Thu, 07 Dec 2023 23:30:22 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Thu, 07 Dec 2023 23:30:22 GMT

GET
H3 200 732e6b6c27a20285e7b8e3ff8714511a.png
s0.2mdn.net/sadbundle/3268888029877978355/media/ Frame 957C 5 KB
5 KB 24ms
24ms Image
image/png 2a00:1450:4001:830::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/sadbundle/3268888029877978355/media/732e6b6c27a20285e7b8e3ff8714511a.png

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

0aa1be81fda06de2efd9639b18bd2580f814320b13ccbef13a8d1c30f5ee3d4e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://s0.2mdn.net/sadbundle/3268888029877978355/index.html?ev=01_250
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Mon, 04 Dec 2023 22:49:42 GMT
x-content-type-options: nosniff
age: 261640
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 4840
x-xss-protection: 0
last-modified: Wed, 15 Nov 2023 15:04:03 GMT
server: sffe
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Tue, 03 Dec 2024 22:49:42 GMT

GET
H3 200 14a5357efe026c52e8c22f698ff46157.png
s0.2mdn.net/sadbundle/3268888029877978355/media/ Frame 957C 794 B
821 B 25ms
25ms Image
image/png 2a00:1450:4001:830::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/sadbundle/3268888029877978355/media/14a5357efe026c52e8c22f698ff46157.png

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

5bce27ce4b302cea70cf511c73d44c7dd0e38aa5b4744101662253be55946b31

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://s0.2mdn.net/sadbundle/3268888029877978355/index.html?ev=01_250
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Tue, 05 Dec 2023 04:15:20 GMT
x-content-type-options: nosniff
age: 242102
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 794
x-xss-protection: 0
last-modified: Wed, 15 Nov 2023 15:04:03 GMT
server: sffe
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Wed, 04 Dec 2024 04:15:20 GMT

GET
H3 200 c16184f967ef0aa68e4960402d920774.png
s0.2mdn.net/sadbundle/3268888029877978355/media/ Frame 957C 9 KB
10 KB 26ms
25ms Image
image/png 2a00:1450:4001:830::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/sadbundle/3268888029877978355/media/c16184f967ef0aa68e4960402d920774.png

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

98fd2b5a818cc924222ce20be58a36e91f730654b487c484f3c524894411e4a2

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://s0.2mdn.net/sadbundle/3268888029877978355/index.html?ev=01_250
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Sat, 02 Dec 2023 01:09:34 GMT
x-content-type-options: nosniff
age: 512448
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 9705
x-xss-protection: 0
last-modified: Wed, 15 Nov 2023 15:04:03 GMT
server: sffe
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Sun, 01 Dec 2024 01:09:34 GMT

GET
H2 200 zYX9KVElMYYaJe8bpLHnCwDKjWr7AIFsdA.woff2
fonts.gstatic.com/s/ibmplexsans/v19/ Frame 957C 19 KB
19 KB 24ms
24ms Font
font/woff2 2a00:1450:4001:829::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/ibmplexsans/v19/zYX9KVElMYYaJe8bpLHnCwDKjWr7AIFsdA.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=IBM+Plex+Sans:700

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:829::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

fff71a83690454ee6ea9014780a6797408918cb90cde1f0f3be65ea28a03c678

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://s0.2mdn.net
accept-language: fr-FR,fr;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Wed, 06 Dec 2023 19:43:58 GMT
x-content-type-options: nosniff
age: 99984
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 19440
x-xss-protection: 0
last-modified: Tue, 02 May 2023 16:08:34 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Thu, 05 Dec 2024 19:43:58 GMT

GET
H3 200 sodar2.js Show response
tpc.googlesyndication.com/sodar/ Frame 140F 17 KB
6 KB 96ms
96ms Script
text/javascript 2a00:1450:4001:81c::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:81c::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: http://www.avisdespros.c4.fr/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Thu, 07 Dec 2023 23:30:22 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 6386
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
etag: "1637097310169751"
vary: Accept-Encoding
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Thu, 07 Dec 2023 23:30:22 GMT

GET
H3 200 runner.html Show response
tpc.googlesyndication.com/sodar/sodar2/225/ Frame A4FA 13 KB
5 KB 25ms
24ms Document
text/html 2a00:1450:4001:81c::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:81c::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: http://www.avisdespros.c4.fr/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36
accept-language: fr-FR,fr;q=0.9

Response headers

accept-ranges: bytes
age: 1356
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=31536000
content-encoding: gzip
content-length: 5046
content-type: text/html
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy: cross-origin
date: Thu, 07 Dec 2023 23:07:46 GMT
expires: Fri, 06 Dec 2024 23:07:46 GMT
last-modified: Mon, 21 Jun 2021 20:47:05 GMT
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server: sffe
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 aframe Show response
www.google.com/recaptcha/api2/ Frame A4A8 829 B
1 KB 93ms
35ms Document
text/html 2a00:1450:4001:81c::2004
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/recaptcha/api2/aframe

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:81c::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

GSE /

Resource Hash

e593903c00334ddde70be79bf736f41e828d3f090983d70334db96ad9cf2bf96

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-cvgpI_px8A_MXSmov7BFjg' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: http://www.avisdespros.c4.fr/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36
accept-language: fr-FR,fr;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private, max-age=300
content-encoding: gzip
content-security-policy: script-src 'report-sample' 'nonce-cvgpI_px8A_MXSmov7BFjg' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-type: text/html; charset=utf-8
cross-origin-embedder-policy: require-corp
cross-origin-resource-policy: cross-origin
date: Thu, 07 Dec 2023 23:30:23 GMT
expires: Thu, 07 Dec 2023 23:30:23 GMT
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
server: GSE
x-content-type-options: nosniff
x-xss-protection: 1; mode=block

GET
H3 200 Dtt_-LR3WxpzwV0Gscftq1A_D1owstvxoTnWWhwY4Ow.js Show response
pagead2.googlesyndication.com/bg/ Frame A4FA 39 KB
15 KB 24ms
24ms Script
text/javascript 2a00:1450:4001:831::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/Dtt_-LR3WxpzwV0Gscftq1A_D1owstvxoTnWWhwY4Ow.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

0edb7ff8b4775b1a73c15d06b1c7edab503f0f5a30b2dbf1a139d65a1c18e0ec

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Thu, 07 Dec 2023 09:57:35 GMT
content-encoding: br
x-content-type-options: nosniff
age: 48767
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 15165
x-xss-protection: 0
last-modified: Tue, 28 Nov 2023 18:18:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Fri, 06 Dec 2024 09:57:35 GMT

GET
H3 204 sodar
pagead2.googlesyndication.com/pagead/ Frame A4A8 0
0 58ms
58ms Image
text/html 2a00:1450:4001:831::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&li=gda_r20231206&jk=938984271938111&rc=
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://www.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

GET
H3 204 generate_204
tpc.googlesyndication.com/ Frame A4FA 0
10 B 24ms
24ms Image
text/plain 2a00:1450:4001:81c::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://tpc.googlesyndication.com/generate_204?Gsg8yw
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:81c::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Thu, 07 Dec 2023 23:30:23 GMT
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0

GET
H3 204 sodar
pagead2.googlesyndication.com/pagead/ Frame 140F 0
0 61ms
61ms Image
text/html 2a00:1450:4001:831::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&t=2&li=gda_r20231206&jk=938984271938111&bg=!g4ClgM_NAAY3kmNgF5I7ADQBe5WfOCd9teE4CcDDQRi4QOtz1SRTkOPVRO5nOSxVM2EU9mPPTUrM-VLervo2UWA5-s5zAgAAADFSAAAAAmgBB5kDLEhx3wuBKatbu9RbtLyFS5CpVmy5wVxiPn85vHtctFgwPhywqA96tdaFTQMUg2QpALJIWkmORnZuCUsjYBM5UCxDgo4AejUJqwPf-8rZp61tZ4Rlkn4-7llCDieu8MtyzfHtkFaaLC1t8eGxegGS6o0FS-yDABUHpS1yQIDiyV7r4qMVXbyYM99CU6u-Oa4fMu7sVfDOsYZURuJGLh9LNnzuddbrADvY0RUdRVCm-9IQv25NNp7nOkn6XRVbUo6586NO9GOBZ5v5QrnzIBJqGKDtHlras2sebBL-nyeeT7aRWk7YWCK7PsdTmbrJ81VReyoP8Z6scmQDQVt3CrKMWyVp29IraZjajIBer8K7dtM7OgP08ZAJU4Nb8BlrwplPoBH5TDogqz-MUkv--yHAiCAcFxn5YRhfOYwZaVH8H9sGxevEe9O6T2u1iMMp61PB8tvzwg3QN8LkB-YoNCUg3VtvAtv99roKEcWAgfUHGeySR_1aH7wdREeuc5s65Kz6bdv8zssPyn46KFAeIKCkx7DD-PXpqhziu_LKtikGe4nnZdJnpnMc5nj6LwucsYjag_gYNjovJTYdmcOI7xZxxcN4APQUalLZ0J6Ddw5Fdxtw1hm3bTEPAoD3R8o2XNOPbZa3poAKelfRahNfgorpjkuDmJHo2bW-7qK0w2R4sA9YvwIBIXX2B42RdX1H3sHPPn8ULL51LB0pfDp1gh4ALBIih7KUsv7pVt7FOQiBZKGKsxruVgQF-JiLWJUu7d1-j9WU-P086N5mJ5Gg-JEJcCneL7KfoWNd3pHwXcKWAtd0h0YiB4Xbd0aAaQ9E4Bey_BgzOv1y-_-QOI_HDQr9O7Eb4wuOgNIfYFubG12m1BQJ3rliu495AEWat2TPOtEVt2cyKHg9sAJKYD2lar4rcQXKin-E1J6CnEVX_Gd6-a1rTxg_ZTrMviKH6OqTYqTe9FIR6H1m20VAHc0davfZMG1A3pOyvWIsqRewL3T1k1zhJgJyhMjjjjKW6Q80NHUMBZUDFUPuyuVd4CyZ4_WHUPxqmMiJ0D0p2VIPhiEWXts63rGQ9PMfzp7GvStm
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: http://www.avisdespros.c4.fr/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

GET
H3 200 activeview Show response
pagead2.googlesyndication.com/pcs/ Frame 5A33 42 B
64 B 63ms
63ms Fetch
image/gif 2a00:1450:4001:831::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjsuBCoedM8whcVii8XjOHkLvqDwgNfC5FlrFXeaSu6LgeAIROXFzpiKuoR-AMXIsmqYEaWXyJZsuGSyDRDs4Uo-HCgugEIuYLYG-VnSV0TaUkHoTxHsoZ4lg41wmIOTv_I1yO8YgVSnbW1Yb&sai=AMfl-YTF3ui6PmDQ_V1ML3DrnYU63UMVyt5UQEust1rB2fGzWIEsjIceTILaSrKSplCcz_eVxljisN4vEbG-nwZ68gos3kALdTFtjrsWX6WIbTrS6Ct_VI1LtfYJz2wrCAxXzyphVf59pKFehN-EtdgXgYofQwyJZX2IlfrB&sig=Cg0ArKJSzODQ7ust3QxEEAE&cid=CAQSTwDICaaNMhIoQmAkh23FCGct1itiyQBneRjVkIE0RQI-OlJYjmEI-etSndb-tvZ3R_g7hFGxCi-v-hDBHutvzUFCCJQmMUXahVlJ2wqR5EMYAQ&id=lidar2&mcvt=1000&p=0,0,90,728&mtos=1000,1000,1000,1000,1000&tos=1000,0,0,0,0&v=20231206&bin=7&avms=nio&bs=0,0&mc=1&if=1&vu=1&app=0&itpl=20&adk=2647235303&rs=2&la=0&cr=0&vs=4&r=v&rst=1701991822210&rpt=363&met=ie&wmsd=0&pbe=0&vae=0&spb=0&ffslot=0&reach=0&io2=0

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/ufs_web_display.js?cache=r20110914

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 07 Dec 2023 23:30:23 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Verdicts & Comments Add Verdict or Comment

8 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

10 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
payment.allopass.com/	1969-12-31 23:59:59	Name: ShopSessionId Value: 73883ee1-fc09-4fc6-8e2e-136b6c3bd6d8
.allopass.com/	1970-01-21 01:32:07	Name: AP_CUSK Value: 3636434772
.doubleclick.net/	1970-01-21 02:08:07	Name: IDE Value: AHWqTUntB87IuhbFLVGWPpTIsXEIkIkLE57E_B87CcITg4N9nUrdauAOMv_80DG2
.c4.fr/	1970-01-21 02:08:07	Name: __gads Value: ID=a68f22846a531330:T=1701991821:RT=1701991821:S=ALNI_MZF8_KxEPuds6DktfsJqqKpVXwbmw
.c4.fr/	1970-01-21 02:08:07	Name: __gpi Value: UID=00000d0f747940fe:T=1701991821:RT=1701991821:S=ALNI_MbfDPSWas-hDfNu1zb8yoqh04je2Q
.adnxs.com/	1970-01-20 18:56:07	Name: uuid2 Value: 347130242223811205
.casalemedia.com/	1970-01-21 01:32:07	Name: CMID Value: ZXJVjn0jtkzlhf743JxzBAAA
.casalemedia.com/	1970-01-20 18:56:07	Name: CMPS Value: 3276
.casalemedia.com/	1970-01-20 18:56:07	Name: CMPRO Value: 3276
.adnxs.com/	1970-01-20 18:56:07	Name: anj Value: dTM7k!M41.D>6NRF']wIg2C%yl<.%x!]tbPl1M>e)ZlrFUfJ+tGXvWBM#E[=MrN@SFqV=UaBxAr<?Zmq]%KW0TL6DcbpRzqF1`b_o)56fO

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

ad.doubleclick.net
cm.g.doubleclick.net
dsum-sec.casalemedia.com
fonts.googleapis.com
fonts.gstatic.com
googleads.g.doubleclick.net
ib.adnxs.com
pagead2.googlesyndication.com
payment.allopass.com
s0.2mdn.net
static.gambling-affiliation.com
tpc.googlesyndication.com
www.avisdespros.c4.fr
www.gambling-affiliation.com
www.google.com
www.googletagmanager.com
www.googletagservices.com
www.lemaitreturf.com
www.venez.fr
172.217.16.134
172.217.18.98
172.64.151.101
185.119.26.1
194.150.236.236
2a00:1450:4001:806::2002
2a00:1450:4001:808::2002
2a00:1450:4001:81c::2001
2a00:1450:4001:81c::2004
2a00:1450:4001:829::2003
2a00:1450:4001:82f::2008
2a00:1450:4001:830::2006
2a00:1450:4001:831::2002
2a00:1450:4001:831::200a
37.252.171.149
5.135.149.81
91.198.105.122
0aa1be81fda06de2efd9639b18bd2580f814320b13ccbef13a8d1c30f5ee3d4e
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
0c91a24c2deb753c963c48cd9c3e5d16ee96128b30bce193c4324e121728c306
0edb7ff8b4775b1a73c15d06b1c7edab503f0f5a30b2dbf1a139d65a1c18e0ec
1642dd5dc126df4feff2255cba0988528507973d842d0a73331a5873f6b9d4e5
1816069af86c24f0cc7eb81c78311efc0aba9aded5642284cf673bb1c7130e7e
1ebd2d71202a6ccca8b17b531abe8c1ca3bdfd3f9f8d8f5f0576debeddf119f3
1fc8dfdb8f646e934bf93bc6f793604bb12c6b304c04ac509aa86cdc1a2dbbea
2038e75d6253a4fff12afdec036e27703f1575215661ed15bdb353d7cf93f059
2137deaa987e3f79fa0e0d8a3392c98fbe32c9f50132bf87dec513a46394ff8c
21602d46c4e666495bdd0f84c3dfe552b57dd5111b4f1aa970a637c747635b81
24c6c6cef0212392bd8472c94a831aaad088a6a727061af17ce115506e2698cb
26f5f6b55fbe101684882779bbabc6e37d413ce3b81a27be02bde3faacf3c04c
2707353719838c1408f923fee74c16732d52ed0b1c73e8bdefc3ff773209ff0d
31535a91ce3f6b8ed3ddedadab1e49957e2220263a640df1a3f14f6fdfe15eb6
3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5
3289fc83b622ca0a13683fa81b006a05de135d1938744d6e30e5c9be2f2d782a
38440b053a0325f0744177d98a6f77018a3c7e2ccf062f79f76abe4d55bac679
3cc224a17920964c03b7914a29ad608a0f2ea998426e213843bf9fc8718fc0d4
435db380c9936c0970dcd3d9941eab6aec2fcf2a38c3e2b4e02d957e8e76bd1f
49960f984fc012019486b53cc7eac521a215cdbf0cc667264f7188a901034f16
49d4ba84e10d9d1f2a83956dde4f20625fd11efc01f60a3a4552a9e09a05a74f
49e1305a9ecb2f5c422140d4f4209bb7cabf62eb6767790af1c583b354def463
4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef
55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a
575c10a567aadde1c9f73670aeab035cfcc8ce1b8f702fb40c94516749785416
5bce27ce4b302cea70cf511c73d44c7dd0e38aa5b4744101662253be55946b31
61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb
69a8a6cd34033c248f0fb8bb083673e6d6030ef4f3c5eda7978468d1b2c10873
72216dfa064a0a997f95bc4b24cefb808434e90e38b4dd78c77384294fde6ca9
7dc792d48132ff15a9ad8c11a139bf26f8e13aa3df30a71582ae406ddffdab4f
7dd9659e56e92abc376e04d427903b2cfca1d52d854d38e35fefa4cf9e7fd9db
8bb70ac0971f19679c9be2cbaf6183506597a7e8eec04eb29f3182e838a33b40
95eb15e76b752a9c78d6281cd3b7c43a8fbc2931783edf3bf3703af55eff06e2
98fd2b5a818cc924222ce20be58a36e91f730654b487c484f3c524894411e4a2
9ff367082be1d94abc86ad1e75ff921cc5d53846e860267372fade66305f9120
a01be423300cf1a6d29a8bc43a753bd1369f2fb6d8a1a7b27da437870014dc78
a04fa6af32e77548f1c3e27b7014f3520c7494f317fa80b58f8704de83e4b821
a627e83f25d1449e427c45fad41e4647885fc2b048ad2070353fd570ada02ab6
ad3fdd86805dc2ae820f1b4bd50072626ca1dfaed87f5755e2b320ebfd2ea33d
b019538234514166ec7665359d097403358f8a4c991901983922fb4d56989f1e
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b
bc5445db040f70bf604270838acfd95ccdf29a7b67770ce7f0bdf30fc0678038
c4b813f7aa04eca20be469b259cca2779799f58e280d73488bd7386940d2d146
c8fffb0b438b7f9403ccd47fddc2de355f2f685fe2f59ac9d4c15f82854d79b1
c99c8265f9e93d67774a2eae4e5d44d7b4b1b6c957dac6a29bc9ab14eb191b59
d1d6b5efe0d6c2540778435a8f7873cbec1eb76a2b107370388a8806cb5dda6a
d396441f8562d3ff1d34d9a7047108880c3c2300b299913be8ae2328d64808ad
de421ad2eb9e68d7798320a44138c37baea59c11ddff99bc492e10be0ccbfe4c
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e593903c00334ddde70be79bf736f41e828d3f090983d70334db96ad9cf2bf96
eb66c7c9d097d5ba414230f422484c17fa6f37157d30e1ded2cc5f65a9667987
ee5f229d4ee4a87d0ada746094c48fb43d42f5eab5cf744cb6af1cb94017438f
ee78374e907329e6279411cdb60e55662fcb5d52404d945d8672431f3229865c
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
f5aebdfea35d1e7656ef4acc5db1f243209755ae3300943ef8fc6280f363c860
fd0d333fa18e19bbd37f031a47cdb450b2f74918edf4420482b5012f5ef65b96
fff71a83690454ee6ea9014780a6797408918cb90cde1f0f3be65ea28a03c678

www.avisdespros.c4.fr Open in urlscan Pro 5.135.149.81 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Detected technologies

Page Statistics

71 Requests

89 %HTTPS

53 %IPv6

15 Domains

19 Subdomains

18 IPs

3 Countries

2921 kBTransfer

4120 kBSize

10 Cookies

0 Outgoing links

Redirected requests

71 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 1 data transactions

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

www.avisdespros.c4.fr Open in urlscan Pro
5.135.149.81 Public Scan

Screenshot
Live screenshot

Full Image

71
Requests

89 %
HTTPS

53 %
IPv6

15
Domains

19
Subdomains

18
IPs

3
Countries

2921 kB
Transfer

4120 kB
Size

10
Cookies

71 HTTP transactions
1 data transactions