urlscan.io logo urlscan.io
SecurityTrails logo

www.okcourse.1s.fr Open in urlscan Pro
5.135.149.81  Public Scan

Go To Rescan Add Verdict Report
URL: http://www.okcourse.1s.fr/
Submission: On September 05 via manual from MA
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 17 IPs in 3 countries across 18 domains to perform 45 HTTP transactions. The main IP is 5.135.149.81, located in France and belongs to OVH, FR. The main domain is www.okcourse.1s.fr.
This is the only time www.okcourse.1s.fr was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

10    5.135.149.81 (France)

ASN16276 (OVH, FR)
PTR: web3.venez.net
www.okcourse.1s.fr
www.venez.fr
9    194.150.236.165 (France)

ASN44976 (HIWIT_AS, FR)
PTR: ns5.hiwit.net
www.pronoscourse.com
www.levainqueur.com
5    2a00:1450:4001:827::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
pagead2.googlesyndication.com
1    173.225.100.28 (United States)

ASN19318 (IS-AS-1, US)
turftriomphe.com
4    194.150.236.190 (France)

ASN44976 (HIWIT_AS, FR)
PTR: ns30.hiwit.net
www.turfsur.com
zetop.info
www.zetop.info
www.snprono.powa.fr
1    194.150.236.236 (France)

ASN44976 (HIWIT_AS, FR)
PTR: ns76.hiwit.net
www.biltoturf.com
8    2606:4700:3038::6815:ea1a (United States)

ASN13335 (CLOUDFLARENET, US)
img.root-top.com
2    91.121.164.142 (France)

ASN16276 (OVH, FR)
PTR: ns360576.ip-91-121-164.eu
nsm05.casimages.com
4    185.119.26.1 (France)

ASN203544 (WEBDEVIIN-AS, FR)
PTR: 1.26.119.185.in-addr.arpa
payment.allopass.com
www.allopass.com
1    2a00:1450:4001:80f::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
googleads.g.doubleclick.net
1    142.250.185.130 (United States)

ASN15169 (GOOGLE, US)
PTR: fra16s50-in-f2.1e100.net
partner.googleadservices.com
1    2a00:1450:4001:80e::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
adservice.google.de
1    2a00:1450:4001:810::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
adservice.google.com
1    2a00:1450:4001:809::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
googleads.g.doubleclick.net
1    2a00:1450:4001:808::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.googletagservices.com
2    2a00:1450:4001:82f::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
tpc.googlesyndication.com
1    2a00:1450:4001:802::2004 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.google.com
Domain Requested by
8 img.root-top.com 6 redirects www.pronoscourse.com
8 www.pronoscourse.com www.okcourse.1s.fr
www.pronoscourse.com
7 www.venez.fr www.okcourse.1s.fr
www.venez.fr
5 pagead2.googlesyndication.com www.okcourse.1s.fr
pagead2.googlesyndication.com
tpc.googlesyndication.com
3 www.allopass.com www.pronoscourse.com
3 www.okcourse.1s.fr www.okcourse.1s.fr
2 tpc.googlesyndication.com pagead2.googlesyndication.com
tpc.googlesyndication.com
2 googleads.g.doubleclick.net pagead2.googlesyndication.com
2 nsm05.casimages.com 1 redirects www.pronoscourse.com
1 www.google.com tpc.googlesyndication.com
1 www.googletagservices.com pagead2.googlesyndication.com
1 adservice.google.com pagead2.googlesyndication.com
1 adservice.google.de pagead2.googlesyndication.com
1 partner.googleadservices.com pagead2.googlesyndication.com
1 payment.allopass.com www.pronoscourse.com
1 www.snprono.powa.fr www.pronoscourse.com
1 www.biltoturf.com www.pronoscourse.com
1 www.zetop.info www.pronoscourse.com
1 zetop.info 1 redirects
1 www.turfsur.com www.pronoscourse.com
1 www.levainqueur.com www.pronoscourse.com
1 turftriomphe.com www.pronoscourse.com
45 22

This site contains no links.

Subject Issuer Validity Valid
venez.fr
R3		 2021-07-05 -
2021-10-03		 3 months crt.sh
*.casimages.com
Sectigo RSA Domain Validation Secure Server CA		 2021-04-04 -
2022-05-05		 a year crt.sh
sni.cloudflaressl.com
Cloudflare Inc ECC CA-3		 2021-07-03 -
2022-07-02		 a year crt.sh
*.allopass.com
R3		 2021-07-04 -
2021-10-02		 3 months crt.sh
*.g.doubleclick.net
GTS CA 1C3		 2021-08-16 -
2021-11-08		 3 months crt.sh
*.googleadservices.com
GTS CA 1C3		 2021-08-16 -
2021-11-08		 3 months crt.sh
*.google.de
GTS CA 1C3		 2021-08-16 -
2021-11-08		 3 months crt.sh
*.google.com
GTS CA 1C3		 2021-08-16 -
2021-11-08		 3 months crt.sh
tpc.googlesyndication.com
GTS CA 1C3		 2021-08-16 -
2021-11-08		 3 months crt.sh
www.google.com
GTS CA 1C3		 2021-08-16 -
2021-11-08		 3 months crt.sh

This page contains 9 frames:

Primary Page: http://www.okcourse.1s.fr/
Frame ID: 1B3024ADDD2F6CC4B0CDD945DAF397C1
Requests: 1 HTTP requests in this frame

Frame: http://www.okcourse.1s.fr/barre-okcourse.1s.fr.html
Frame ID: ADFB75997667428BE5CC1AE16D53DD77
Requests: 13 HTTP requests in this frame

Frame: http://www.pronoscourse.com/turf/okcourse/
Frame ID: 07353D3DD165414FB070702E85650D07
Requests: 21 HTTP requests in this frame

Frame: http://www.okcourse.1s.fr/stats-okcourse.1s.fr.html
Frame ID: 23BA2953406E72D8A1B9D0F69879755C
Requests: 1 HTTP requests in this frame

Frame: https://www.venez.fr/alternate-barre.htm
Frame ID: F7E5C9E2F7F390F91619588E8BD308CC
Requests: 4 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/html/r20210831/r20190131/zrt_lookup.html
Frame ID: 13482E37F84DA1C9BE17A680175A0D23
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5203714787387788&output=html&h=90&slotname=4563536207&adk=2647235303&adf=3604715433&pi=t.ma~as.4563536207&w=970&psa=0&format=970x90&url=http%3A%2F%2Fwww.okcourse.1s.fr%2F&ea=0&flash=0&wgl=1&dt=1630873809805&bpp=5&bdt=208&idt=85&shv=r20210831&mjsv=m202109010101&ptt=9&saldr=aa&correlator=3541453719618&frm=23&ife=1&pv=2&ga_vid=2124846053.1630873810&ga_sid=1630873810&ga_hid=340037605&ga_fc=0&nhd=1&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=20&ady=0&biw=1600&bih=1200&isw=1600&ish=90&ifk=3951849178&scr_x=0&scr_y=0&eid=44747621%2C31062297&oid=3&pvsid=2639088436338165&eae=2&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C90&vis=1&rsz=o%7Co%7CaeE%7C&abl=NA&pfx=0&fu=4&bc=23&ifi=1&uci=1.hodumpw5vlx9&fsb=1&dtd=103
Frame ID: 43E529BD6E9DA4DDFF4A7320A6377D47
Requests: 1 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/224/runner.html
Frame ID: 51555B60D3DDD50683813CAE3B133367
Requests: 2 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/aframe
Frame ID: 593B9A3202505A75DD87E0384068B96D
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page Title

OKCOURSE

Detected technologies

Overall confidence: 100%
Detected patterns
  • headers server /(?:Apache(?:$|\/([\d.]+)|[^/-])|(?:^|\b)HTTPD)/i

Page Statistics

45
Requests

60 %
HTTPS

53 %
IPv6

18
Domains

22
Subdomains

17
IPs

3
Countries

715 kB
Transfer

1049 kB
Size

2
Cookies

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 10
  • http://zetop.info/img/logo_zetop.gif HTTP 301
  • http://www.zetop.info/img/logo_zetop.gif
Request Chain 12
  • http://img.root-top.com/topsite/secreturf/banner.gif HTTP 301
  • https://img.root-top.com/topsite/secreturf/banner.gif HTTP 302
  • http://www.snprono.powa.fr/secreturf.gif
Request Chain 13
  • http://img.root-top.com/topsite/ficebook/banner.gif HTTP 301
  • https://img.root-top.com/topsite/ficebook/banner.gif HTTP 302
  • http://nsm05.casimages.com/img/2011/10/07/1110070340161338798861456.gif HTTP 301
  • https://nsm05.casimages.com/img/2011/10/07/1110070340161338798861456.gif
Request Chain 14
  • http://img.root-top.com/topsite/turfistes/banner.gif HTTP 301
  • https://img.root-top.com/topsite/turfistes/banner.gif
Request Chain 15
  • http://img.root-top.com/topsite/turfplus/banner.gif HTTP 301
  • https://img.root-top.com/topsite/turfplus/banner.gif

45 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Primary Request /
www.okcourse.1s.fr/ 		3 KB
1 KB 		Document
General
Check archive.org
Download Go to
Full URL
http://www.okcourse.1s.fr/
Protocol
HTTP/1.1
Server
5.135.149.81 , France, ASN16276 (OVH, FR),
Reverse DNS
web3.venez.net
Software
Apache /
Resource Hash
b8100fdd4fb8f487bd553c326fdcef870e9f5f94315bc2106802ec71c64e58a0

Request headers

Host
www.okcourse.1s.fr
Connection
keep-alive
Pragma
no-cache
Cache-Control
no-cache
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
Accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Accept-Encoding
gzip, deflate
Accept-Language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

Date
Sun, 05 Sep 2021 20:30:08 GMT
Server
Apache
Vary
Accept-Encoding
Content-Encoding
gzip
Content-Length
1086
Keep-Alive
timeout=5, max=100
Connection
Keep-Alive
Content-Type
text/html; charset=iso-8859-1
barre-okcourse.1s.fr.html
www.okcourse.1s.fr/ Frame ADFB 		3 KB
2 KB 		Document
General
Check archive.org
Download Go to
Full URL
http://www.okcourse.1s.fr/barre-okcourse.1s.fr.html
Requested by
Host: www.okcourse.1s.fr
URL: http://www.okcourse.1s.fr/
Protocol
HTTP/1.1
Server
5.135.149.81 , France, ASN16276 (OVH, FR),
Reverse DNS
web3.venez.net
Software
Apache /
Resource Hash
733dc3c92732a5ad3d940d85aad599e0c964bae05c7214ea2a95a459a177fa34

Request headers

Host
www.okcourse.1s.fr
Connection
keep-alive
Pragma
no-cache
Cache-Control
no-cache
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
Accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Referer
http://www.okcourse.1s.fr/
Accept-Encoding
gzip, deflate
Accept-Language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
Referer
http://www.okcourse.1s.fr/

Response headers

Date
Sun, 05 Sep 2021 20:30:08 GMT
Server
Apache
Expires
Sun, 05 Sep 2021 20:30:08 GMT
Last-Modified
Sun, 05 Sep 2021 20:30:08 GMT
Cache-Control
no-store, no-cache, must-revalidate post-check=0, pre-check=0
Pragma
no-cache
Vary
Accept-Encoding
Content-Encoding
gzip
Content-Length
1483
Keep-Alive
timeout=5, max=99
Connection
Keep-Alive
Content-Type
text/html; charset=ISO-8859-1
/
www.pronoscourse.com/turf/okcourse/ Frame 0735 		12 KB
12 KB 		Document
General
Check archive.org
Download Go to
Full URL
http://www.pronoscourse.com/turf/okcourse/
Requested by
Host: www.okcourse.1s.fr
URL: http://www.okcourse.1s.fr/
Protocol
HTTP/1.1
Server
194.150.236.165 , France, ASN44976 (HIWIT_AS, FR),
Reverse DNS
ns5.hiwit.net
Software
Apache /
Resource Hash
53aaa4252b93b0945c69ba3004baafa9f51a570fb92df413ffadac358d36996e

Request headers

Host
www.pronoscourse.com
Connection
keep-alive
Pragma
no-cache
Cache-Control
no-cache
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
Accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Referer
http://www.okcourse.1s.fr/
Accept-Encoding
gzip, deflate
Accept-Language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
Referer
http://www.okcourse.1s.fr/

Response headers

Date
Sun, 05 Sep 2021 20:30:09 GMT
Server
Apache
Vary
Host
Keep-Alive
timeout=15, max=100
Connection
Keep-Alive
Transfer-Encoding
chunked
Content-Type
text/html
stats-okcourse.1s.fr.html
www.okcourse.1s.fr/ Frame 23BA 		0
192 B 		Document
General
Check archive.org
Download Go to
Full URL
http://www.okcourse.1s.fr/stats-okcourse.1s.fr.html
Requested by
Host: www.okcourse.1s.fr
URL: http://www.okcourse.1s.fr/
Protocol
HTTP/1.1
Server
5.135.149.81 , France, ASN16276 (OVH, FR),
Reverse DNS
web3.venez.net
Software
Apache /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Host
www.okcourse.1s.fr
Connection
keep-alive
Pragma
no-cache
Cache-Control
no-cache
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
Accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Referer
http://www.okcourse.1s.fr/
Accept-Encoding
gzip, deflate
Accept-Language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
Referer
http://www.okcourse.1s.fr/

Response headers

Date
Sun, 05 Sep 2021 20:30:08 GMT
Server
Apache
Content-Length
0
Keep-Alive
timeout=5, max=100
Connection
Keep-Alive
Content-Type
text/html; charset=iso-8859-1
site.js
www.venez.fr/js/ Frame ADFB 		2 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.venez.fr/js/site.js?www.venez.fr
Requested by
Host: www.okcourse.1s.fr
URL: http://www.okcourse.1s.fr/barre-okcourse.1s.fr.html
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
5.135.149.81 , France, ASN16276 (OVH, FR),
Reverse DNS
web3.venez.net
Software
Apache /
Resource Hash
0c91a24c2deb753c963c48cd9c3e5d16ee96128b30bce193c4324e121728c306

Request headers

Referer
http://www.okcourse.1s.fr/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

Date
Sun, 05 Sep 2021 20:30:09 GMT
Content-Encoding
gzip
Last-Modified
Sun, 05 Sep 2021 20:30:09 GMT
Server
Apache
Vary
Accept-Encoding
Content-Type
application/javascript
Cache-Control
public, max-age=604800
Connection
Keep-Alive
Keep-Alive
timeout=5, max=100
Content-Length
1023
Expires
Sun, 12 Sep 2021 20:30:09 GMT
separateur90.gif
www.venez.fr/images/ Frame ADFB 		82 B
388 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.venez.fr/images/separateur90.gif
Requested by
Host: www.okcourse.1s.fr
URL: http://www.okcourse.1s.fr/barre-okcourse.1s.fr.html
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
5.135.149.81 , France, ASN16276 (OVH, FR),
Reverse DNS
web3.venez.net
Software
Apache /
Resource Hash
3289fc83b622ca0a13683fa81b006a05de135d1938744d6e30e5c9be2f2d782a

Request headers

Referer
http://www.okcourse.1s.fr/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

Date
Sun, 05 Sep 2021 20:30:09 GMT
Last-Modified
Thu, 15 Nov 2018 22:11:22 GMT
Server
Apache
ETag
"52-57abb54b25680"
Content-Type
image/gif
Cache-Control
max-age=604800, public
Connection
Keep-Alive
Accept-Ranges
bytes
Keep-Alive
timeout=5, max=100
Content-Length
82
adsbygoogle.js
pagead2.googlesyndication.com/pagead/js/ Frame ADFB 		138 KB
49 KB 		Script
General
Check archive.org
Download Go to
Full URL
http://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js
Requested by
Host: www.okcourse.1s.fr
URL: http://www.okcourse.1s.fr/barre-okcourse.1s.fr.html
Protocol
HTTP/1.1
Server
2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
d42551b36f344c14cbab00492d682f78ff716f25436e56f2ec19605017f49071
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
http://www.okcourse.1s.fr/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

Timing-Allow-Origin
*
Date
Sun, 05 Sep 2021 20:30:09 GMT
Content-Encoding
gzip
X-Content-Type-Options
nosniff
Server
cafe
ETag
7468415767210843005
Vary
Accept-Encoding, Origin
P3P
policyref="http://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
Cache-Control
private, max-age=3600
Cross-Origin-Resource-Policy
cross-origin
Content-Disposition
attachment; filename="f.txt"
Content-Type
text/javascript; charset=UTF-8
Content-Length
49509
X-XSS-Protection
0
Expires
Sun, 05 Sep 2021 20:30:09 GMT
h1.png
www.pronoscourse.com/turf/okcourse/ Frame 0735 		37 KB
37 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
http://www.pronoscourse.com/turf/okcourse/h1.png
Requested by
Host: www.pronoscourse.com
URL: http://www.pronoscourse.com/turf/okcourse/
Protocol
HTTP/1.1
Server
194.150.236.165 , France, ASN44976 (HIWIT_AS, FR),
Reverse DNS
ns5.hiwit.net
Software
Apache /
Resource Hash
fd9a88b284b0f18fc1e6864a32bac1b81c4ce2d64c96bccecc4549f0f536ec6e

Request headers

Referer
http://www.pronoscourse.com/turf/okcourse/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

Date
Sun, 05 Sep 2021 20:30:09 GMT
Last-Modified
Mon, 21 Aug 2017 12:40:17 GMT
Server
Apache
ETag
"194da7b-9350-55742c7e9ce40"
Vary
Host
Content-Type
image/png
Connection
Keep-Alive
Accept-Ranges
bytes
Keep-Alive
timeout=15, max=99
Content-Length
37712
logo2.gif
turftriomphe.com/lien/ Frame 0735 		77 KB
77 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
http://turftriomphe.com/lien/logo2.gif
Requested by
Host: www.pronoscourse.com
URL: http://www.pronoscourse.com/turf/okcourse/
Protocol
HTTP/1.1
Server
173.225.100.28 , United States, ASN19318 (IS-AS-1, US),
Reverse DNS
Software
LiteSpeed /
Resource Hash
7adb98959fb28df7c99082b45bbf1f1f75b818282b220ea5c86b667912aa402d

Request headers

Referer
http://www.pronoscourse.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Sun, 05 Sep 2021 20:30:09 GMT
last-modified
Tue, 03 Nov 2015 11:59:38 GMT
server
LiteSpeed
content-type
image/gif
cache-control
public, max-age=604800
Connection
Keep-Alive
accept-ranges
bytes
Keep-Alive
timeout=5, max=100
content-length
78622
expires
Sun, 12 Sep 2021 20:30:09 GMT
logo.gif
www.levainqueur.com/ Frame 0735 		28 KB
28 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
http://www.levainqueur.com/logo.gif
Requested by
Host: www.pronoscourse.com
URL: http://www.pronoscourse.com/turf/okcourse/
Protocol
HTTP/1.1
Server
194.150.236.165 , France, ASN44976 (HIWIT_AS, FR),
Reverse DNS
ns5.hiwit.net
Software
Apache /
Resource Hash
6270f4fc23be1ddceb334705172b0470d61d28d201fcc23402dbdc8bac85bdc7

Request headers

Referer
http://www.pronoscourse.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

Date
Sun, 05 Sep 2021 20:30:09 GMT
Last-Modified
Tue, 13 Oct 2015 12:36:31 GMT
Server
Apache
ETag
"e76ccd-70a5-521fbb20911c0"
Vary
Host
Content-Type
image/gif
Connection
Keep-Alive
Accept-Ranges
bytes
Keep-Alive
timeout=15, max=100
Content-Length
28837
logo.gif
www.turfsur.com/img/ Frame 0735 		11 KB
11 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
http://www.turfsur.com/img/logo.gif
Requested by
Host: www.pronoscourse.com
URL: http://www.pronoscourse.com/turf/okcourse/
Protocol
HTTP/1.1
Server
194.150.236.190 , France, ASN44976 (HIWIT_AS, FR),
Reverse DNS
ns30.hiwit.net
Software
Apache /
Resource Hash
9bd0c1e96f9d3b63b53ba8c355ada916479d8815034cab0aad1540c3c602d896

Request headers

Referer
http://www.pronoscourse.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

Date
Sun, 05 Sep 2021 20:30:09 GMT
Last-Modified
Mon, 05 Mar 2018 05:51:23 GMT
Server
Apache
ETag
"878aad-2cb9-566a3ea782cc0"
Vary
Host
Content-Type
image/gif
Connection
Keep-Alive
Accept-Ranges
bytes
Keep-Alive
timeout=10, max=100
Content-Length
11449
logo_zetop.gif
www.zetop.info/img/ Frame 0735
Redirect Chain
  • http://zetop.info/img/logo_zetop.gif
  • http://www.zetop.info/img/logo_zetop.gif
11 KB
11 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
http://www.zetop.info/img/logo_zetop.gif
Requested by
Host: www.pronoscourse.com
URL: http://www.pronoscourse.com/turf/okcourse/
Protocol
HTTP/1.1
Server
194.150.236.190 , France, ASN44976 (HIWIT_AS, FR),
Reverse DNS
ns30.hiwit.net
Software
Apache /
Resource Hash
7c9a501ff24c88a1c67c41a92315b5c7b94e19bed6381da81631f691e501a8be

Request headers

Referer
http://www.pronoscourse.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

Date
Sun, 05 Sep 2021 20:30:09 GMT
Last-Modified
Thu, 06 Jun 2013 09:17:28 GMT
Server
Apache
ETag
"64570c-2ac9-4de78c87e3a00"
Vary
Host
Content-Type
image/gif
Connection
Keep-Alive
Accept-Ranges
bytes
Keep-Alive
timeout=10, max=100
Content-Length
10953

Redirect headers

Location
http://www.zetop.info/img/logo_zetop.gif
Date
Sun, 05 Sep 2021 20:30:09 GMT
Server
Apache
Connection
Keep-Alive
Keep-Alive
timeout=10, max=100
Content-Length
248
Content-Type
text/html; charset=iso-8859-1
logo.gif
www.biltoturf.com/ Frame 0735 		6 KB
6 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
http://www.biltoturf.com/logo.gif
Requested by
Host: www.pronoscourse.com
URL: http://www.pronoscourse.com/turf/okcourse/
Protocol
HTTP/1.1
Server
194.150.236.236 , France, ASN44976 (HIWIT_AS, FR),
Reverse DNS
ns76.hiwit.net
Software
Apache /
Resource Hash
ead7dff95228a235e92f3cc50bcd67d3e448ccb40cee683514504e8a59aa8f30

Request headers

Referer
http://www.pronoscourse.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

Date
Sun, 05 Sep 2021 20:30:09 GMT
Last-Modified
Sat, 24 Apr 2021 03:49:26 GMT
Server
Apache
ETag
"2563ddd-165f-5c0afcc7b5d80"
Vary
Host
Content-Type
image/gif
Connection
Keep-Alive
Accept-Ranges
bytes
Keep-Alive
timeout=15, max=100
Content-Length
5727
secreturf.gif
www.snprono.powa.fr/ Frame 0735
Redirect Chain
  • http://img.root-top.com/topsite/secreturf/banner.gif
  • https://img.root-top.com/topsite/secreturf/banner.gif
  • http://www.snprono.powa.fr/secreturf.gif
26 KB
26 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
http://www.snprono.powa.fr/secreturf.gif
Requested by
Host: www.pronoscourse.com
URL: http://www.pronoscourse.com/turf/okcourse/
Protocol
HTTP/1.1
Server
194.150.236.190 , France, ASN44976 (HIWIT_AS, FR),
Reverse DNS
ns30.hiwit.net
Software
Apache /
Resource Hash
0c9a44b18ceb770e00ec78282dbb2b4b880686e3ab7d97933710b0f85d56a725

Request headers

Referer
http://www.pronoscourse.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

Date
Sun, 05 Sep 2021 20:30:09 GMT
Last-Modified
Sat, 14 Nov 2020 05:14:08 GMT
Server
Apache
ETag
"a51079-666d-5b40a36f12800"
Vary
Host
Content-Type
image/gif
Connection
Keep-Alive
Accept-Ranges
bytes
Keep-Alive
timeout=10, max=100
Content-Length
26221

Redirect headers

date
Sun, 05 Sep 2021 20:30:09 GMT
cf-cache-status
BYPASS
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=rCIGYBpwZvYsOReMJtkoZQrR0VDVu2pYR98YjrbuAmwhna%2F6yKEvk7PkOmPVz5r90RQgL%2F8KDspYhPrBKOVluM1u1iSCQADbYfYbKpThPAj60UQfskd4tfdegBm1w6n51Rh8Ln%2FuU0z7DyTPov1h"}],"group":"cf-nel","max_age":604800}
content-type
text/html; charset=iso-8859-1
location
http://www.snprono.powa.fr/secreturf.gif
cf-ray
68a236be9b71dfbf-FRA
alt-svc
h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
1110070340161338798861456.gif
nsm05.casimages.com/img/2011/10/07/ Frame 0735
Redirect Chain
  • http://img.root-top.com/topsite/ficebook/banner.gif
  • https://img.root-top.com/topsite/ficebook/banner.gif
  • http://nsm05.casimages.com/img/2011/10/07/1110070340161338798861456.gif
  • https://nsm05.casimages.com/img/2011/10/07/1110070340161338798861456.gif
8 KB
9 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://nsm05.casimages.com/img/2011/10/07/1110070340161338798861456.gif
Requested by
Host: www.pronoscourse.com
URL: http://www.pronoscourse.com/turf/okcourse/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
91.121.164.142 , France, ASN16276 (OVH, FR),
Reverse DNS
ns360576.ip-91-121-164.eu
Software
Apache /
Resource Hash
c208d77e0e089f3e3b6e76a7811758dc5fe21725e55e37d22d54a878cefec06c
Security Headers
Name Value
Strict-Transport-Security max-age=31556926

Request headers

Referer
http://www.pronoscourse.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

Date
Sun, 05 Sep 2021 20:42:26 GMT
Last-Modified
Thu, 14 Jan 2016 06:35:23 GMT
Server
Apache
ETag
"9c6610d-219d-529457dc380c0"
Strict-Transport-Security
max-age=31556926
Content-Type
image/gif
Access-Control-Allow-Origin
https://www.casimages.com
Cache-Control
max-age=31536000
Connection
Keep-Alive
Accept-Ranges
bytes
Keep-Alive
timeout=5, max=100
Content-Length
8605
Expires
Mon, 05 Sep 2022 20:42:26 GMT

Redirect headers

Location
https://nsm05.casimages.com/img/2011/10/07/1110070340161338798861456.gif
Date
Sun, 05 Sep 2021 20:42:26 GMT
Server
Apache
Connection
Keep-Alive
Keep-Alive
timeout=5, max=100
Content-Length
280
Content-Type
text/html; charset=iso-8859-1
banner.gif
img.root-top.com/topsite/turfistes/ Frame 0735
Redirect Chain
  • http://img.root-top.com/topsite/turfistes/banner.gif
  • https://img.root-top.com/topsite/turfistes/banner.gif
10 KB
11 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://img.root-top.com/topsite/turfistes/banner.gif
Requested by
Host: www.pronoscourse.com
URL: http://www.pronoscourse.com/turf/okcourse/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3038::6815:ea1a , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
af129e8897fa809e39ad3c7c11ab7d6934b8bd278e7ddde41e246fbab9b36475

Request headers

Referer
http://www.pronoscourse.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Sun, 05 Sep 2021 20:30:09 GMT
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
53755
alt-svc
h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
content-length
10667
last-modified
Sun, 05 Sep 2021 05:34:14 GMT
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=lrBRBvN3xOOAVrJNCmV%2F9262CP2tBFmGiEWcJA8qsFZiLDjiABV%2FeIEeTy8gNc4l2OfrN0phsWpd6xrOCIbXpI2V6zywwxxvgX3FOXDqxbk0dIJaz2NGuNYV%2BAL%2FjcV2B3%2BjqJH2leVpvpzec0EO"}],"group":"cf-nel","max_age":604800}
content-type
image/gif
cache-control
max-age=14400, must-revalidate
accept-ranges
bytes
cf-ray
68a236be9b6fdfbf-FRA
expires
Wed, 08 Sep 2021 05:34:14 GMT

Redirect headers

Date
Sun, 05 Sep 2021 20:30:09 GMT
CF-Cache-Status
HIT
NEL
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Server
cloudflare
Age
586
Vary
Accept-Encoding
Report-To
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=RKz5aGGLEOZyB3zhcf8QOEo7BdegplUarE9T4xk9FvLIIf3VXpaTDXdySR43g8Kgkr9c1HdN%2FPZCtSQ0rWW2yxyT1Jsyv4676ZdLqxqJ1Pv9LLA6XNnGVjnFnCTT9UAGHqVISCh0sbgqCJ8T2i2T"}],"group":"cf-nel","max_age":604800}
location
https://img.root-top.com/topsite/turfistes/banner.gif
Cache-Control
max-age=14400
Connection
keep-alive
CF-RAY
68a236be592d5bf9-FRA
alt-svc
h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
Content-Length
0
banner.gif
img.root-top.com/topsite/turfplus/ Frame 0735
Redirect Chain
  • http://img.root-top.com/topsite/turfplus/banner.gif
  • https://img.root-top.com/topsite/turfplus/banner.gif
4 KB
4 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://img.root-top.com/topsite/turfplus/banner.gif
Requested by
Host: www.pronoscourse.com
URL: http://www.pronoscourse.com/turf/okcourse/
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2606:4700:3038::6815:ea1a , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
c89138fe4d60f677872fa14679dd7d6807b9f614bd62beb3ffc112f082442b8d

Request headers

Referer
http://www.pronoscourse.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Sun, 05 Sep 2021 20:30:09 GMT
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
4753
alt-svc
h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
content-length
3872
last-modified
Wed, 14 Sep 2011 18:49:04 GMT
server
cloudflare
etag
"510718442"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=LA5B5l1FzZI61tsysvbb532G1noyhIYQrCqi7uyDnOfptCT3mfbZA1o4xNtyqwEXEBOU5vwpRr5MyrVcczNP6pRmAzHqxiiYMuuJuQNkXm%2B3mP%2BP2oUljXuAXH5ZNHo5RK5o2V4vz0DgAmKBpOfP"}],"group":"cf-nel","max_age":604800}
content-type
image/png
cache-control
max-age=2678400
accept-ranges
bytes
cf-ray
68a236bf2c2f2bc2-FRA
expires
Fri, 06 Aug 2021 08:28:23 GMT

Redirect headers

Date
Sun, 05 Sep 2021 20:30:09 GMT
CF-Cache-Status
EXPIRED
NEL
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Server
cloudflare
Vary
Accept-Encoding
Report-To
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=rRwYRvgLrINFpYNJMSx6r9Sz%2FYBVYrYkch0yjigMvyhoHTzNML6d9QB8D53%2FqdCg8jPSf1Ks6Y1pWPkTXF5NAdPAN%2FVi5qxNYAjExXkUpT7roCAgBmsYVVarXp3KqZDlMvdHjvycXOPE6MR0JZ2S"}],"group":"cf-nel","max_age":604800}
location
https://img.root-top.com/topsite/turfplus/banner.gif
Cache-Control
max-age=14400
Connection
keep-alive
CF-RAY
68a236be5c305b3e-FRA
alt-svc
h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
Content-Length
0
ratio-thieben.jpg
www.pronoscourse.com/turf/okcourse/ Frame 0735 		21 KB
21 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
http://www.pronoscourse.com/turf/okcourse/ratio-thieben.jpg
Requested by
Host: www.pronoscourse.com
URL: http://www.pronoscourse.com/turf/okcourse/
Protocol
HTTP/1.1
Server
194.150.236.165 , France, ASN44976 (HIWIT_AS, FR),
Reverse DNS
ns5.hiwit.net
Software
Apache /
Resource Hash
7160bd72a44b798efb5afaa7fdb0a7bac0aaf59e8664872d4d4038936ba98f09

Request headers

Referer
http://www.pronoscourse.com/turf/okcourse/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

Date
Sun, 05 Sep 2021 20:30:09 GMT
Last-Modified
Mon, 21 Aug 2017 12:40:30 GMT
Server
Apache
ETag
"194da85-540e-55742c8b02b80"
Vary
Host
Content-Type
image/jpeg
Connection
Keep-Alive
Accept-Ranges
bytes
Keep-Alive
timeout=15, max=98
Content-Length
21518
162x56.png
payment.allopass.com/static/subscribe/button/fr/ Frame 0735 		5 KB
6 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://payment.allopass.com/static/subscribe/button/fr/162x56.png
Requested by
Host: www.pronoscourse.com
URL: http://www.pronoscourse.com/turf/okcourse/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
185.119.26.1 , France, ASN203544 (WEBDEVIIN-AS, FR),
Reverse DNS
1.26.119.185.in-addr.arpa
Software
Apache /
Resource Hash
34e7ec58a2f22a541e1e99155fd40117f26c9d180e3ce835ad4e1d3e78a971ef

Request headers

Referer
http://www.pronoscourse.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

Date
Sun, 05 Sep 2021 20:30:09 GMT
Last-Modified
Mon, 20 Jan 2020 15:32:43 GMT
Server
Apache
ETag
"21c86-1529-59c94009dfcc0"
Content-Type
image/png
Connection
close
Accept-Ranges
bytes
Content-Length
5417
cb_top.gif
www.allopass.com/imgweb/script/fr/ Frame 0735 		4 KB
4 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.allopass.com/imgweb/script/fr/cb_top.gif
Requested by
Host: www.pronoscourse.com
URL: http://www.pronoscourse.com/turf/okcourse/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
185.119.26.1 , France, ASN203544 (WEBDEVIIN-AS, FR),
Reverse DNS
1.26.119.185.in-addr.arpa
Software
Apache /
Resource Hash
7f38549db9690596f644b7ba991295edbd27d04675e572ab637d99070b8781dc

Request headers

Referer
http://www.pronoscourse.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

Date
Sun, 05 Sep 2021 20:30:09 GMT
Last-Modified
Tue, 26 Nov 2019 14:39:46 GMT
Server
Apache
ETag
"43833-10e0-59840d9fb3080"
Content-Type
image/gif
Connection
close
Accept-Ranges
bytes
Content-Length
4320
cb_bot.gif
www.allopass.com/img/ Frame 0735 		1 KB
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.allopass.com/img/cb_bot.gif
Requested by
Host: www.pronoscourse.com
URL: http://www.pronoscourse.com/turf/okcourse/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
185.119.26.1 , France, ASN203544 (WEBDEVIIN-AS, FR),
Reverse DNS
1.26.119.185.in-addr.arpa
Software
Apache /
Resource Hash
f0eafb2ce8fb76c316ef690f0e871b1a15ba1ba6b84930c1b48f75f24d51aa86

Request headers

Referer
http://www.pronoscourse.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

Date
Sun, 05 Sep 2021 20:30:09 GMT
Last-Modified
Tue, 26 Nov 2019 14:39:45 GMT
Server
Apache
ETag
"22919-4e1-59840d9ebee40"
Content-Type
image/gif
Connection
close
Accept-Ranges
bytes
Content-Length
1249
removed.png
www.pronoscourse.com/turf/okcourse/ Frame 0735 		84 KB
84 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
http://www.pronoscourse.com/turf/okcourse/removed.png
Requested by
Host: www.pronoscourse.com
URL: http://www.pronoscourse.com/turf/okcourse/
Protocol
HTTP/1.1
Server
194.150.236.165 , France, ASN44976 (HIWIT_AS, FR),
Reverse DNS
ns5.hiwit.net
Software
Apache /
Resource Hash
88713f99c954c0f5761ee395cc8547512727fb916944b4b73cf837338a3a7b6b

Request headers

Referer
http://www.pronoscourse.com/turf/okcourse/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

Date
Sun, 05 Sep 2021 20:30:09 GMT
Last-Modified
Thu, 01 Apr 2021 12:24:10 GMT
Server
Apache
ETag
"7590f4-14edc-5bee84ef62e80"
Vary
Host
Content-Type
image/png
Connection
Keep-Alive
Accept-Ranges
bytes
Keep-Alive
timeout=15, max=100
Content-Length
85724
h3.png
www.pronoscourse.com/turf/okcourse/ Frame 0735 		36 KB
36 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
http://www.pronoscourse.com/turf/okcourse/h3.png
Requested by
Host: www.pronoscourse.com
URL: http://www.pronoscourse.com/turf/okcourse/
Protocol
HTTP/1.1
Server
194.150.236.165 , France, ASN44976 (HIWIT_AS, FR),
Reverse DNS
ns5.hiwit.net
Software
Apache /
Resource Hash
2a310f32d8373df54670694698582bd4e4dc6ef5b78edb455fcdfe4062f079f7

Request headers

Referer
http://www.pronoscourse.com/turf/okcourse/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

Date
Sun, 05 Sep 2021 20:30:09 GMT
Last-Modified
Mon, 21 Aug 2017 12:40:20 GMT
Server
Apache
ETag
"194da7d-9001-55742c8179500"
Vary
Host
Content-Type
image/png
Connection
Keep-Alive
Accept-Ranges
bytes
Keep-Alive
timeout=15, max=100
Content-Length
36865
arp.png
www.pronoscourse.com/turf/okcourse/ Frame 0735 		38 KB
39 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
http://www.pronoscourse.com/turf/okcourse/arp.png
Requested by
Host: www.pronoscourse.com
URL: http://www.pronoscourse.com/turf/okcourse/
Protocol
HTTP/1.1
Server
194.150.236.165 , France, ASN44976 (HIWIT_AS, FR),
Reverse DNS
ns5.hiwit.net
Software
Apache /
Resource Hash
d30b2702160b42dfd255cee1243074fa00a4f8c948260898f42575cc3e38ea44

Request headers

Referer
http://www.pronoscourse.com/turf/okcourse/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

Date
Sun, 05 Sep 2021 20:30:09 GMT
Last-Modified
Mon, 21 Aug 2017 12:40:11 GMT
Server
Apache
ETag
"194da78-991c-55742c78e40c0"
Vary
Host
Content-Type
image/png
Connection
Keep-Alive
Accept-Ranges
bytes
Keep-Alive
timeout=15, max=100
Content-Length
39196
h2.png
www.pronoscourse.com/turf/okcourse/ Frame 0735 		29 KB
29 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
http://www.pronoscourse.com/turf/okcourse/h2.png
Requested by
Host: www.pronoscourse.com
URL: http://www.pronoscourse.com/turf/okcourse/
Protocol
HTTP/1.1
Server
194.150.236.165 , France, ASN44976 (HIWIT_AS, FR),
Reverse DNS
ns5.hiwit.net
Software
Apache /
Resource Hash
1dfedd383e1fc3d297e6a301ebd3045097c859b39b0c490bcff19527e05d56dd

Request headers

Referer
http://www.pronoscourse.com/turf/okcourse/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

Date
Sun, 05 Sep 2021 20:30:09 GMT
Last-Modified
Mon, 21 Aug 2017 12:40:19 GMT
Server
Apache
ETag
"194da7c-72ce-55742c80852c0"
Vary
Host
Content-Type
image/png
Connection
Keep-Alive
Accept-Ranges
bytes
Keep-Alive
timeout=15, max=100
Content-Length
29390
puce.png
www.pronoscourse.com/turf/okcourse/ Frame 0735 		37 KB
37 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
http://www.pronoscourse.com/turf/okcourse/puce.png
Requested by
Host: www.pronoscourse.com
URL: http://www.pronoscourse.com/turf/okcourse/
Protocol
HTTP/1.1
Server
194.150.236.165 , France, ASN44976 (HIWIT_AS, FR),
Reverse DNS
ns5.hiwit.net
Software
Apache /
Resource Hash
7ba1be9ed52aed9e6819410043bd889a772408200485a26ed6a5f57027a71d8a

Request headers

Referer
http://www.pronoscourse.com/turf/okcourse/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

Date
Sun, 05 Sep 2021 20:30:09 GMT
Last-Modified
Mon, 21 Aug 2017 12:40:29 GMT
Server
Apache
ETag
"194da84-927c-55742c8a0e940"
Vary
Host
Content-Type
image/png
Connection
Keep-Alive
Accept-Ranges
bytes
Keep-Alive
timeout=15, max=100
Content-Length
37500
bt_ok.png
www.allopass.com/img/ Frame 0735 		753 B
991 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.allopass.com/img/bt_ok.png
Requested by
Host: www.pronoscourse.com
URL: http://www.pronoscourse.com/turf/okcourse/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
185.119.26.1 , France, ASN203544 (WEBDEVIIN-AS, FR),
Reverse DNS
1.26.119.185.in-addr.arpa
Software
Apache /
Resource Hash
d1d6b5efe0d6c2540778435a8f7873cbec1eb76a2b107370388a8806cb5dda6a

Request headers

Referer
http://www.pronoscourse.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

Date
Sun, 05 Sep 2021 20:30:09 GMT
Last-Modified
Tue, 26 Nov 2019 14:39:46 GMT
Server
Apache
ETag
"23384-2f1-59840d9fb3080"
Content-Type
image/png
Connection
close
Accept-Ranges
bytes
Content-Length
753
alternate-barre.htm
www.venez.fr/ Frame F7E5 		2 KB
1 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://www.venez.fr/alternate-barre.htm
Requested by
Host: www.okcourse.1s.fr
URL: http://www.okcourse.1s.fr/barre-okcourse.1s.fr.html
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
5.135.149.81 , France, ASN16276 (OVH, FR),
Reverse DNS
web3.venez.net
Software
Apache /
Resource Hash
eb738bd0528cb2a57922f397e8e1b5a48e395c69840ac3957dc5364d53e8958e

Request headers

Host
www.venez.fr
Connection
keep-alive
Pragma
no-cache
Cache-Control
no-cache
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
Accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site
cross-site
Sec-Fetch-Mode
navigate
Sec-Fetch-Dest
iframe
Referer
http://www.okcourse.1s.fr/
Accept-Encoding
gzip, deflate, br
Accept-Language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
Referer
http://www.okcourse.1s.fr/

Response headers

Date
Sun, 05 Sep 2021 20:30:09 GMT
Server
Apache
Vary
Accept-Encoding
Content-Encoding
gzip
Content-Length
873
Keep-Alive
timeout=5, max=99
Connection
Keep-Alive
Content-Type
text/html; charset=iso-8859-1
barre90.gif
www.venez.fr/images/ Frame ADFB 		110 B
416 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.venez.fr/images/barre90.gif
Requested by
Host: www.okcourse.1s.fr
URL: http://www.okcourse.1s.fr/barre-okcourse.1s.fr.html
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
5.135.149.81 , France, ASN16276 (OVH, FR),
Reverse DNS
web3.venez.net
Software
Apache /
Resource Hash
49d4ba84e10d9d1f2a83956dde4f20625fd11efc01f60a3a4552a9e09a05a74f

Request headers

Referer
http://www.okcourse.1s.fr/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

Date
Sun, 05 Sep 2021 20:30:09 GMT
Last-Modified
Thu, 15 Nov 2018 22:06:23 GMT
Server
Apache
ETag
"6e-57abb42dff5c0"
Content-Type
image/gif
Cache-Control
max-age=604800, public
Connection
Keep-Alive
Accept-Ranges
bytes
Keep-Alive
timeout=5, max=99
Content-Length
110
120x60.gif
www.venez.fr/images/ Frame F7E5 		4 KB
4 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.venez.fr/images/120x60.gif
Requested by
Host: www.venez.fr
URL: https://www.venez.fr/alternate-barre.htm
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
5.135.149.81 , France, ASN16276 (OVH, FR),
Reverse DNS
web3.venez.net
Software
Apache /
Resource Hash
7dc792d48132ff15a9ad8c11a139bf26f8e13aa3df30a71582ae406ddffdab4f

Request headers

Referer
https://www.venez.fr/alternate-barre.htm
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

Date
Sun, 05 Sep 2021 20:30:09 GMT
Last-Modified
Wed, 02 Mar 2011 00:16:24 GMT
Server
Apache
ETag
"f4c-49d74d2b9c600"
Content-Type
image/gif
Cache-Control
max-age=604800, public
Connection
Keep-Alive
Accept-Ranges
bytes
Keep-Alive
timeout=5, max=98
Content-Length
3916
site.js
www.venez.fr/js/ Frame F7E5 		2 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.venez.fr/js/site.js?www.venez.fr
Requested by
Host: www.venez.fr
URL: https://www.venez.fr/alternate-barre.htm
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
5.135.149.81 , France, ASN16276 (OVH, FR),
Reverse DNS
web3.venez.net
Software
Apache /
Resource Hash
0c91a24c2deb753c963c48cd9c3e5d16ee96128b30bce193c4324e121728c306

Request headers

Referer
https://www.venez.fr/alternate-barre.htm
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

Date
Sun, 05 Sep 2021 20:30:09 GMT
Content-Encoding
gzip
Last-Modified
Sun, 05 Sep 2021 20:30:09 GMT
Server
Apache
Vary
Accept-Encoding
Content-Type
application/javascript
Cache-Control
public, max-age=604800
Connection
Keep-Alive
Keep-Alive
timeout=5, max=98
Content-Length
1023
Expires
Sun, 12 Sep 2021 20:30:09 GMT
show_ads_impl_with_ama_fy2019.js
pagead2.googlesyndication.com/pagead/managed/js/adsense/m202109010101/ Frame ADFB 		250 KB
94 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202109010101/show_ads_impl_with_ama_fy2019.js?client=ca-pub-5203714787387788&plah=www.okcourse.1s.fr
Requested by
Host: pagead2.googlesyndication.com
URL: http://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
cb658d8af264091d320d32e952cb1756ea0145c2f6497b182a39e7ce4e466653
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
http://www.okcourse.1s.fr/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Sun, 05 Sep 2021 20:30:09 GMT
content-encoding
gzip
x-content-type-options
nosniff
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
95178
x-xss-protection
0
server
cafe
etag
9330497266985682447
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
cache-control
private, max-age=3600, stale-while-revalidate=3600
timing-allow-origin
*
expires
Sun, 05 Sep 2021 20:30:09 GMT
zrt_lookup.html
googleads.g.doubleclick.net/pagead/html/r20210831/r20190131/ Frame 1348 		10 KB
5 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/html/r20210831/r20190131/zrt_lookup.html
Requested by
Host: pagead2.googlesyndication.com
URL: http://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
bf5230ffb8745d28c11ae8b743868364f9be8379300bd59d235f402a53ea96ee
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

:method
GET
:authority
googleads.g.doubleclick.net
:scheme
https
:path
/pagead/html/r20210831/r20190131/zrt_lookup.html
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
http://www.okcourse.1s.fr/
accept-encoding
gzip, deflate, br
accept-language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
Referer
http://www.okcourse.1s.fr/

Response headers

p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin
*
cross-origin-resource-policy
cross-origin
vary
Accept-Encoding
date
Sun, 05 Sep 2021 16:02:37 GMT
expires
Sun, 19 Sep 2021 16:02:37 GMT
content-type
text/html; charset=UTF-8
etag
13836150016441684253
x-content-type-options
nosniff
content-encoding
gzip
server
cafe
content-length
4591
x-xss-protection
0
age
16052
cache-control
public, max-age=1209600
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
barre90.gif
www.venez.fr/images/ Frame F7E5 		110 B
416 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.venez.fr/images/barre90.gif
Requested by
Host: www.venez.fr
URL: https://www.venez.fr/alternate-barre.htm
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
5.135.149.81 , France, ASN16276 (OVH, FR),
Reverse DNS
web3.venez.net
Software
Apache /
Resource Hash
49d4ba84e10d9d1f2a83956dde4f20625fd11efc01f60a3a4552a9e09a05a74f

Request headers

Referer
https://www.venez.fr/alternate-barre.htm
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

Date
Sun, 05 Sep 2021 20:30:09 GMT
Last-Modified
Thu, 15 Nov 2018 22:06:23 GMT
Server
Apache
ETag
"6e-57abb42dff5c0"
Content-Type
image/gif
Cache-Control
max-age=604800, public
Connection
Keep-Alive
Accept-Ranges
bytes
Keep-Alive
timeout=5, max=97
Content-Length
110
cookie.js
partner.googleadservices.com/gampad/ Frame ADFB 		195 B
653 B 		Script
General
Check archive.org
Download Go to
Full URL
https://partner.googleadservices.com/gampad/cookie.js?domain=www.okcourse.1s.fr&callback=_gfp_s_&client=ca-pub-5203714787387788
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202109010101/show_ads_impl_with_ama_fy2019.js?client=ca-pub-5203714787387788&plah=www.okcourse.1s.fr
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.185.130 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s50-in-f2.1e100.net
Software
cafe /
Resource Hash
6d3e5f8a2b6e519fd311ee99393af64aba32086a2511bd7e6d843bf43b6409a3
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
http://www.okcourse.1s.fr/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Sun, 05 Sep 2021 20:30:09 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-type
text/javascript; charset=UTF-8
cache-control
private
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
187
x-xss-protection
0
integrator.js
adservice.google.de/adsid/ Frame ADFB 		107 B
853 B 		Script
General
Check archive.org
Download Go to
Full URL
https://adservice.google.de/adsid/integrator.js?domain=www.okcourse.1s.fr
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202109010101/show_ads_impl_with_ama_fy2019.js?client=ca-pub-5203714787387788&plah=www.okcourse.1s.fr
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
http://www.okcourse.1s.fr/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

timing-allow-origin
*
date
Sun, 05 Sep 2021 20:30:09 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control
private, no-cache, no-store
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
application/javascript; charset=UTF-8
alt-svc
h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length
100
x-xss-protection
0
integrator.js
adservice.google.com/adsid/ Frame ADFB 		107 B
570 B 		Script
General
Check archive.org
Download Go to
Full URL
https://adservice.google.com/adsid/integrator.js?domain=www.okcourse.1s.fr
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202109010101/show_ads_impl_with_ama_fy2019.js?client=ca-pub-5203714787387788&plah=www.okcourse.1s.fr
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
http://www.okcourse.1s.fr/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

timing-allow-origin
*
date
Sun, 05 Sep 2021 20:30:09 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control
private, no-cache, no-store
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
application/javascript; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
100
x-xss-protection
0
ads
googleads.g.doubleclick.net/pagead/ Frame 43E5 		436 B
234 B 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5203714787387788&output=html&h=90&slotname=4563536207&adk=2647235303&adf=3604715433&pi=t.ma~as.4563536207&w=970&psa=0&format=970x90&url=http%3A%2F%2Fwww.okcourse.1s.fr%2F&ea=0&flash=0&wgl=1&dt=1630873809805&bpp=5&bdt=208&idt=85&shv=r20210831&mjsv=m202109010101&ptt=9&saldr=aa&correlator=3541453719618&frm=23&ife=1&pv=2&ga_vid=2124846053.1630873810&ga_sid=1630873810&ga_hid=340037605&ga_fc=0&nhd=1&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=20&ady=0&biw=1600&bih=1200&isw=1600&ish=90&ifk=3951849178&scr_x=0&scr_y=0&eid=44747621%2C31062297&oid=3&pvsid=2639088436338165&eae=2&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C90&vis=1&rsz=o%7Co%7CaeE%7C&abl=NA&pfx=0&fu=4&bc=23&ifi=1&uci=1.hodumpw5vlx9&fsb=1&dtd=103
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202109010101/show_ads_impl_with_ama_fy2019.js?client=ca-pub-5203714787387788&plah=www.okcourse.1s.fr
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:809::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
db157e175593af7b6bd5e92568a86137611b551c6ca7608b292e7922a63c4e13
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

:method
GET
:authority
googleads.g.doubleclick.net
:scheme
https
:path
/pagead/ads?client=ca-pub-5203714787387788&output=html&h=90&slotname=4563536207&adk=2647235303&adf=3604715433&pi=t.ma~as.4563536207&w=970&psa=0&format=970x90&url=http%3A%2F%2Fwww.okcourse.1s.fr%2F&ea=0&flash=0&wgl=1&dt=1630873809805&bpp=5&bdt=208&idt=85&shv=r20210831&mjsv=m202109010101&ptt=9&saldr=aa&correlator=3541453719618&frm=23&ife=1&pv=2&ga_vid=2124846053.1630873810&ga_sid=1630873810&ga_hid=340037605&ga_fc=0&nhd=1&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=20&ady=0&biw=1600&bih=1200&isw=1600&ish=90&ifk=3951849178&scr_x=0&scr_y=0&eid=44747621%2C31062297&oid=3&pvsid=2639088436338165&eae=2&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C90&vis=1&rsz=o%7Co%7CaeE%7C&abl=NA&pfx=0&fu=4&bc=23&ifi=1&uci=1.hodumpw5vlx9&fsb=1&dtd=103
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
http://www.okcourse.1s.fr/
accept-encoding
gzip, deflate, br
accept-language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
Referer
http://www.okcourse.1s.fr/

Response headers

p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin
*
cross-origin-resource-policy
cross-origin
content-type
text/html; charset=UTF-8
x-content-type-options
nosniff
content-encoding
br
date
Sun, 05 Sep 2021 20:30:09 GMT
server
cafe
content-length
211
x-xss-protection
0
set-cookie
test_cookie=CheckForPermission; expires=Sun, 05-Sep-2021 20:45:09 GMT; path=/; domain=.doubleclick.net; Secure; HttpOnly; SameSite=none
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
expires
Sun, 05 Sep 2021 20:30:09 GMT
cache-control
private
osd.js
www.googletagservices.com/activeview/js/current/ Frame ADFB 		72 KB
27 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/activeview/js/current/osd.js
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202109010101/show_ads_impl_with_ama_fy2019.js?client=ca-pub-5203714787387788&plah=www.okcourse.1s.fr
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:808::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
bd3a2482b7b952b621e16a05c3bb1847829d057fb1384f4c32d1362b8153e967
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
http://www.okcourse.1s.fr/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Sun, 05 Sep 2021 20:30:09 GMT
content-encoding
gzip
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
server
sffe
etag
"1630496339498273"
vary
Accept-Encoding
content-type
text/javascript
cache-control
private, max-age=3000
x-content-type-options
nosniff
accept-ranges
bytes
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
27562
x-xss-protection
0
expires
Sun, 05 Sep 2021 20:30:09 GMT
sodar
pagead2.googlesyndication.com/getconfig/ Frame ADFB 		11 KB
8 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gda&tv=r20210831&st=env
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202109010101/show_ads_impl_with_ama_fy2019.js?client=ca-pub-5203714787387788&plah=www.okcourse.1s.fr
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
fc65c1fd74a439e50920aa452f6be7bff0c9e7e46fe3a6c45eb561dbf9f50db2
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
http://www.okcourse.1s.fr/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

timing-allow-origin
*
date
Sun, 05 Sep 2021 20:30:10 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin
*
cache-control
private
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
application/json; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
8600
x-xss-protection
0
sodar2.js
tpc.googlesyndication.com/sodar/ Frame ADFB 		17 KB
7 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/sodar2.js
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202109010101/show_ads_impl_with_ama_fy2019.js?client=ca-pub-5203714787387788&plah=www.okcourse.1s.fr
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
a5ead9037af4a0e749e217f63b25a25493a7705e17d98f04b336ab1370a353db
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
http://www.okcourse.1s.fr/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Sun, 05 Sep 2021 20:30:10 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
sffe
etag
"1624308425655142"
vary
Accept-Encoding
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
6467
x-xss-protection
0
expires
Sun, 05 Sep 2021 20:30:10 GMT
runner.html
tpc.googlesyndication.com/sodar/sodar2/224/ Frame 5155 		12 KB
5 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/sodar2/224/runner.html
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
4fa0156d693856f79289525c8e4db988a188d55ce0283351c96d811c7ce3e2c3
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

:method
GET
:authority
tpc.googlesyndication.com
:scheme
https
:path
/sodar/sodar2/224/runner.html
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
http://www.okcourse.1s.fr/
accept-encoding
gzip, deflate, br
accept-language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
Referer
http://www.okcourse.1s.fr/

Response headers

accept-ranges
bytes
vary
Accept-Encoding
content-encoding
gzip
content-type
text/html
cross-origin-resource-policy
cross-origin
content-length
5029
date
Sun, 05 Sep 2021 19:19:21 GMT
expires
Mon, 05 Sep 2022 19:19:21 GMT
last-modified
Wed, 02 Jun 2021 17:09:45 GMT
x-content-type-options
nosniff
server
sffe
x-xss-protection
0
cache-control
public, max-age=31536000
age
4249
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
aframe
www.google.com/recaptcha/api2/ Frame 593B 		783 B
945 B 		Document
General
Check archive.org
Download Go to
Full URL
https://www.google.com/recaptcha/api2/aframe
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:802::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
GSE /
Resource Hash
ca5e6e21e6e24643da6acb19c1daaaad2126653453e4c17a2410ca95e049a880
Security Headers
Name Value
Content-Security-Policy script-src 'report-sample' 'nonce-Da11DFg32WNEGyVZJ2BOCA' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

:method
GET
:authority
www.google.com
:scheme
https
:path
/recaptcha/api2/aframe
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
http://www.okcourse.1s.fr/
accept-encoding
gzip, deflate, br
accept-language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
Referer
http://www.okcourse.1s.fr/

Response headers

cross-origin-resource-policy
cross-origin
cross-origin-embedder-policy-report-only
require-corp; report-to="recaptcha"
report-to
{"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
expires
Sun, 05 Sep 2021 20:30:10 GMT
date
Sun, 05 Sep 2021 20:30:10 GMT
cache-control
private, max-age=300
content-type
text/html; charset=utf-8
content-security-policy
script-src 'report-sample' 'nonce-Da11DFg32WNEGyVZJ2BOCA' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-encoding
gzip
x-content-type-options
nosniff
x-xss-protection
1; mode=block
content-length
514
server
GSE
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
WyPn2IgoBqLw06x46K_q_eg8d-IpxicgJR-1ncxoZqI.js
pagead2.googlesyndication.com/bg/ Frame 5155 		35 KB
13 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/bg/WyPn2IgoBqLw06x46K_q_eg8d-IpxicgJR-1ncxoZqI.js
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2/224/runner.html
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
5b23e7d8882806a2f0d3ac78e8afeafde83c77e229c62720251fb59dcc6866a2
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Sun, 05 Sep 2021 20:19:06 GMT
content-encoding
br
x-content-type-options
nosniff
age
664
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
13351
x-xss-protection
0
last-modified
Mon, 30 Aug 2021 12:58:00 GMT
server
sffe
vary
Accept-Encoding
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Mon, 05 Sep 2022 20:19:06 GMT
sodar
pagead2.googlesyndication.com/pagead/ Frame ADFB 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=224&t=2&li=gda_r20210831&jk=2639088436338165&bg=!JSalJmLNAAYJpm41CaY7ACkAdvg8Wix7-GGBqZ8c3eQ0mEgRq4oNjh-MK3M_6DVct8FROW7s2Zl6xwIAAABsUgAAAAtoAQeZAouDyIu_RSViohnD0kUrjapRxOvwgrdEgSEHXgGN-nxbVFzm-oXNOkgogMUuF4R7M7MSEX5miYsrLETERO31T6Nd2dWqWy5vd7ZJ2kB4h5mNG-qFdcN5CFKd8HtgOK9vHm4-0XWOQK5T79tQMsMbVWvDSc3eQAm-HeIlx1i4gRXcOiYlxc0oWJWgN25f2smlCFjElRUjC1YQna6PZpW4RFgWxwK-VpfaasiiVwxBDFXxDlsohUhoP0lJEkzTQn6hRkESEYpFqM4lKAncjjzFKoVfU0wIi4Z8sm8X9hAULT2tKXbDgp3H-zCQysJaePwlLl2uy72E7CKS5ASzMdTEWkhYQALR7y6j73Y6424-ZNJHYtDdtbwJ6cs3y_uo9hf-I5vGu3TXol2iLW0s682CddrsXmNPN47eQmDmVOg1kHoY8nYp0XyExSadKT9qQnYn1NNjkMJBHGS-5gEn9m7OCjBRf0TnPkSxBx-C4vtDw1O8o50uHjSymIqNqk40anE7VgMnXVuNgJodBZ5ogOI6_LeQmjBAMw0D8gFhW9FFVlnMDJ2IDrIMIXW5IQyujntp7Gd99qj0JCHH3tsO9yhBm30AvStIWxD8dgJMc5MS3Dc27jdqbF2wl9OQ5qotOvOrCcoliIDgos4mDwrqFgZJqcYRHx6T2oHGeHCaNz5dCqtCEbqJ3ieMG-0lffNGXygMHZhCxJyvK3DDzlYgKJ0EAZzPW1lpLtAYLxStYz8U5TdHKGiivG8ckkD8McqCKNsoDgYpKGoXKSicyYelG8IDWC-0zGyTyLN89yUzr0UmbT70-5kYO3JEwfnDjy5Zr6SwujMsfE0gnvUu-w6aXRFiW0azs58Wn6uO0TOD-lk
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
http://www.okcourse.1s.fr/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

Verdicts & Comments Add Verdict or Comment

15 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| 0 object| 1 object| 2 object| onbeforexrselect object| ontransitionrun object| ontransitionstart object| ontransitioncancel boolean| originAgentCluster object| trustedTypes boolean| crossOriginIsolated object| google_reactive_ads_global_state object| google_ad_modifications number| google_global_correlator object| google_prev_clients object| google_jobrunner

2 Cookies

Domain/Path Name / Value
.doubleclick.net/ Name: test_cookie
Value: CheckForPermission
.1s.fr/ Name: __gads
Value: ID=ddb08806fa6db4eb-22270094f6c80006:T=1630873809:RT=1630873809:S=ALNI_MbhhiqwcsFRuUtKe5FywxbQo8Q_iQ

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

adservice.google.com
adservice.google.de
googleads.g.doubleclick.net
img.root-top.com
nsm05.casimages.com
pagead2.googlesyndication.com
partner.googleadservices.com
payment.allopass.com
tpc.googlesyndication.com
turftriomphe.com
www.allopass.com
www.biltoturf.com
www.google.com
www.googletagservices.com
www.levainqueur.com
www.okcourse.1s.fr
www.pronoscourse.com
www.snprono.powa.fr
www.turfsur.com
www.venez.fr
www.zetop.info
zetop.info
142.250.185.130
173.225.100.28
185.119.26.1
194.150.236.165
194.150.236.190
194.150.236.236
2606:4700:3038::6815:ea1a
2a00:1450:4001:802::2004
2a00:1450:4001:808::2002
2a00:1450:4001:809::2002
2a00:1450:4001:80e::2002
2a00:1450:4001:80f::2002
2a00:1450:4001:810::2002
2a00:1450:4001:827::2002
2a00:1450:4001:82f::2001
5.135.149.81
91.121.164.142
0c91a24c2deb753c963c48cd9c3e5d16ee96128b30bce193c4324e121728c306
0c9a44b18ceb770e00ec78282dbb2b4b880686e3ab7d97933710b0f85d56a725
1dfedd383e1fc3d297e6a301ebd3045097c859b39b0c490bcff19527e05d56dd
2a310f32d8373df54670694698582bd4e4dc6ef5b78edb455fcdfe4062f079f7
3289fc83b622ca0a13683fa81b006a05de135d1938744d6e30e5c9be2f2d782a
34e7ec58a2f22a541e1e99155fd40117f26c9d180e3ce835ad4e1d3e78a971ef
49d4ba84e10d9d1f2a83956dde4f20625fd11efc01f60a3a4552a9e09a05a74f
4fa0156d693856f79289525c8e4db988a188d55ce0283351c96d811c7ce3e2c3
53aaa4252b93b0945c69ba3004baafa9f51a570fb92df413ffadac358d36996e
5b23e7d8882806a2f0d3ac78e8afeafde83c77e229c62720251fb59dcc6866a2
6270f4fc23be1ddceb334705172b0470d61d28d201fcc23402dbdc8bac85bdc7
6d3e5f8a2b6e519fd311ee99393af64aba32086a2511bd7e6d843bf43b6409a3
7160bd72a44b798efb5afaa7fdb0a7bac0aaf59e8664872d4d4038936ba98f09
733dc3c92732a5ad3d940d85aad599e0c964bae05c7214ea2a95a459a177fa34
7adb98959fb28df7c99082b45bbf1f1f75b818282b220ea5c86b667912aa402d
7ba1be9ed52aed9e6819410043bd889a772408200485a26ed6a5f57027a71d8a
7c9a501ff24c88a1c67c41a92315b5c7b94e19bed6381da81631f691e501a8be
7dc792d48132ff15a9ad8c11a139bf26f8e13aa3df30a71582ae406ddffdab4f
7f38549db9690596f644b7ba991295edbd27d04675e572ab637d99070b8781dc
88713f99c954c0f5761ee395cc8547512727fb916944b4b73cf837338a3a7b6b
9bd0c1e96f9d3b63b53ba8c355ada916479d8815034cab0aad1540c3c602d896
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
a5ead9037af4a0e749e217f63b25a25493a7705e17d98f04b336ab1370a353db
af129e8897fa809e39ad3c7c11ab7d6934b8bd278e7ddde41e246fbab9b36475
b8100fdd4fb8f487bd553c326fdcef870e9f5f94315bc2106802ec71c64e58a0
bd3a2482b7b952b621e16a05c3bb1847829d057fb1384f4c32d1362b8153e967
bf5230ffb8745d28c11ae8b743868364f9be8379300bd59d235f402a53ea96ee
c208d77e0e089f3e3b6e76a7811758dc5fe21725e55e37d22d54a878cefec06c
c89138fe4d60f677872fa14679dd7d6807b9f614bd62beb3ffc112f082442b8d
ca5e6e21e6e24643da6acb19c1daaaad2126653453e4c17a2410ca95e049a880
cb658d8af264091d320d32e952cb1756ea0145c2f6497b182a39e7ce4e466653
d1d6b5efe0d6c2540778435a8f7873cbec1eb76a2b107370388a8806cb5dda6a
d30b2702160b42dfd255cee1243074fa00a4f8c948260898f42575cc3e38ea44
d42551b36f344c14cbab00492d682f78ff716f25436e56f2ec19605017f49071
db157e175593af7b6bd5e92568a86137611b551c6ca7608b292e7922a63c4e13
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
ead7dff95228a235e92f3cc50bcd67d3e448ccb40cee683514504e8a59aa8f30
eb738bd0528cb2a57922f397e8e1b5a48e395c69840ac3957dc5364d53e8958e
f0eafb2ce8fb76c316ef690f0e871b1a15ba1ba6b84930c1b48f75f24d51aa86
fc65c1fd74a439e50920aa452f6be7bff0c9e7e46fe3a6c45eb561dbf9f50db2
fd9a88b284b0f18fc1e6864a32bac1b81c4ce2d64c96bccecc4549f0f536ec6e