www.avisdespros.c4.fr Open in urlscan Pro
5.135.149.81 Public Scan

Go To Rescan
Add Verdict Report

URL:
http://www.avisdespros.c4.fr/
Submission: On January 08 via manual (January 8th 2024, 12:49:31 am UTC) from BF — Scanned from FR

Summary HTTP 67 Redirects Behaviour Indicators

Summary

This website contacted 16 IPs in 4 countries across 13 domains to perform 67 HTTP transactions. The main IP is 5.135.149.81, located in Le Chesnay, France and belongs to OVH, FR. The main domain is www.avisdespros.c4.fr.

This is the only time www.avisdespros.c4.fr was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
10	5.135.149.81 5.135.149.81	16276 (OVH) (OVH)
6	194.150.236.236 194.150.236.236	44976 (HIWIT_AS) (HIWIT_AS)
1	2a00:1450:400... 2a00:1450:4001:810::2002	15169 (GOOGLE) (GOOGLE)
4	91.198.105.122 91.198.105.122	35393 (EURO-WEB-AS) (EURO-WEB-AS)
4	185.119.26.1 185.119.26.1	203544 (WEBDEVIIN-AS) (WEBDEVIIN-AS)
11	2a00:1450:400... 2a00:1450:4001:828::2002	15169 (GOOGLE) (GOOGLE)
3	2a00:1450:400... 2a00:1450:4001:811::2002	15169 (GOOGLE) (GOOGLE)
2	2a00:1450:400... 2a00:1450:4001:81c::2008	15169 (GOOGLE) (GOOGLE)
11	2a00:1450:400... 2a00:1450:4001:830::2006	15169 (GOOGLE) (GOOGLE)
7	2a00:1450:400... 2a00:1450:4001:81c::2001	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:80f::2002	15169 (GOOGLE) (GOOGLE)
2 4	142.250.185.98 142.250.185.98	15169 (GOOGLE) (GOOGLE)
2 4	104.18.36.155 104.18.36.155	13335 (CLOUDFLAR...) (CLOUDFLARENET)
2 2	185.89.210.180 185.89.210.180	29990 (ASN-APPNEX) (ASN-APPNEX)
2	142.250.184.198 142.250.184.198	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:828::2004	15169 (GOOGLE) (GOOGLE)
67	16

10 5.135.149.81 (Le Chesnay, France)

ASN16276 (OVH, FR)
PTR: web3.venez.net

www.avisdespros.c4.fr	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
www.venez.fr	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 194.150.236.236 (France)

ASN44976 (HIWIT_AS, FR)
PTR: ns76.hiwit.net

www.lemaitreturf.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:810::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

pagead2.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 91.198.105.122 (France)

ASN35393 (EURO-WEB-AS, FR)

www.gambling-affiliation.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
static.gambling-affiliation.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 185.119.26.1 (France)

ASN203544 (WEBDEVIIN-AS, FR)
PTR: 1.26.119.185.in-addr.arpa

payment.allopass.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

11 2a00:1450:4001:828::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

pagead2.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1450:4001:811::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

googleads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:81c::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.googletagmanager.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

11 2a00:1450:4001:830::2006 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

s0.2mdn.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

7 2a00:1450:4001:81c::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

tpc.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:80f::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.googletagservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 142.250.185.98 (United States) 2 redirects

ASN15169 (GOOGLE, US)
PTR: fra16s49-in-f2.1e100.net

cm.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 104.18.36.155 (None, ) 2 redirects

ASN13335 (CLOUDFLARENET, US)

dsum-sec.casalemedia.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 185.89.210.180 (Frankfurt am Main, Germany) 2 redirects

ASN29990 (ASN-APPNEX, US)
PTR: 958.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net

ib.adnxs.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 142.250.184.198 (United States)

ASN15169 (GOOGLE, US)
PTR: fra24s11-in-f6.1e100.net

ad.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:828::2004 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
19	googlesyndication.com pagead2.googlesyndication.com — Cisco Umbrella Rank: 140 tpc.googlesyndication.com — Cisco Umbrella Rank: 185	293 KB
11	2mdn.net s0.2mdn.net — Cisco Umbrella Rank: 407	255 KB
9	doubleclick.net 2 redirects googleads.g.doubleclick.net — Cisco Umbrella Rank: 68 cm.g.doubleclick.net — Cisco Umbrella Rank: 338 ad.doubleclick.net — Cisco Umbrella Rank: 199	50 KB
7	venez.fr www.venez.fr	9 KB
6	lemaitreturf.com www.lemaitreturf.com	2 MB
4	casalemedia.com 2 redirects dsum-sec.casalemedia.com — Cisco Umbrella Rank: 1194	2 KB
4	allopass.com payment.allopass.com	11 KB
4	gambling-affiliation.com www.gambling-affiliation.com static.gambling-affiliation.com	324 KB
3	c4.fr www.avisdespros.c4.fr	3 KB
2	adnxs.com 2 redirects ib.adnxs.com — Cisco Umbrella Rank: 356	2 KB
2	googletagmanager.com www.googletagmanager.com — Cisco Umbrella Rank: 114	156 KB
1	google.com www.google.com — Cisco Umbrella Rank: 6	1 KB
1	googletagservices.com www.googletagservices.com — Cisco Umbrella Rank: 271	65 KB
67	13

	Domain	Requested by
12	pagead2.googlesyndication.com	www.avisdespros.c4.fr pagead2.googlesyndication.com googleads.g.doubleclick.net tpc.googlesyndication.com www.googletagservices.com
11	s0.2mdn.net	www.avisdespros.c4.fr s0.2mdn.net
7	tpc.googlesyndication.com	www.avisdespros.c4.fr googleads.g.doubleclick.net tpc.googlesyndication.com pagead2.googlesyndication.com
7	www.venez.fr	www.avisdespros.c4.fr www.venez.fr
6	www.lemaitreturf.com	www.avisdespros.c4.fr www.lemaitreturf.com
4	dsum-sec.casalemedia.com	2 redirects googleads.g.doubleclick.net
4	cm.g.doubleclick.net	2 redirects googleads.g.doubleclick.net
4	payment.allopass.com	www.lemaitreturf.com payment.allopass.com
3	googleads.g.doubleclick.net	pagead2.googlesyndication.com googleads.g.doubleclick.net
3	www.avisdespros.c4.fr	www.avisdespros.c4.fr
2	ad.doubleclick.net	www.avisdespros.c4.fr
2	ib.adnxs.com	2 redirects
2	www.googletagmanager.com	payment.allopass.com www.googletagmanager.com
2	static.gambling-affiliation.com	www.lemaitreturf.com
2	www.gambling-affiliation.com	www.lemaitreturf.com
1	www.google.com	tpc.googlesyndication.com
1	www.googletagservices.com	googleads.g.doubleclick.net
67	17

This site contains no links.

Subject Issuer	Validity	Valid
lemaitreturf.com R3	`2023-11-24` - `2024-02-22`	3 months	crt.sh
venez.fr R3	`2023-12-04` - `2024-03-03`	3 months	crt.sh
www.gambling-affiliation.com Gandi RSA Domain Validation Secure Server CA 3	`2023-10-24` - `2024-10-24`	a year	crt.sh
*.allopass.com Sectigo RSA Domain Validation Secure Server CA	`2023-10-06` - `2024-10-07`	a year	crt.sh
static.gambling-affiliation.com Gandi RSA Domain Validation Secure Server CA 3	`2023-08-31` - `2024-08-31`	a year	crt.sh
*.g.doubleclick.net GTS CA 1C3	`2023-11-20` - `2024-02-12`	3 months	crt.sh
*.google-analytics.com GTS CA 1C3	`2023-11-20` - `2024-02-12`	3 months	crt.sh
*.doubleclick.net GTS CA 1C3	`2023-11-20` - `2024-02-12`	3 months	crt.sh
tpc.googlesyndication.com GTS CA 1C3	`2023-11-20` - `2024-02-12`	3 months	crt.sh
www.google.com GTS CA 1C3	`2023-11-20` - `2024-02-12`	3 months	crt.sh

This page contains 13 frames:

Primary Page: http://www.avisdespros.c4.fr/
Frame ID: 5E9B0F0816D5240EA6C527DF91D6D0DE
Requests: 1 HTTP requests in this frame

Frame: http://www.avisdespros.c4.fr/barre-avisdespros.c4.fr.html
Frame ID: A0F4CFB24EAF3D35FD5928EB5F5650A7
Requests: 9 HTTP requests in this frame

Frame: https://www.lemaitreturf.com/lespros2/avisdespros/
Frame ID: 7869BE0D1B6147922380A56DD799193C
Requests: 16 HTTP requests in this frame

Frame: http://www.avisdespros.c4.fr/stats-avisdespros.c4.fr.html
Frame ID: EC2C536CECE9A09A28BF59609DD6764B
Requests: 1 HTTP requests in this frame

Frame: https://www.venez.fr/alternate-barre.htm
Frame ID: 5AA2AE270A79D64B8306D82FF30B1095
Requests: 4 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/html/r20240103/r20190131/zrt_lookup_inhead_fy2021.html?hello=world
Frame ID: 233D5C14B8D8B218C77F6184D4AABB35
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5203714787387788&output=html&h=90&slotname=4563536207&adk=2647235303&adf=3604715433&pi=t.ma~as.4563536207&w=970&format=970x90&url=http%3A%2F%2Fwww.avisdespros.c4.fr%2F&ea=0&wgl=1&dt=1704674966906&bpp=2&bdt=348&idt=369&shv=r20240103&mjsv=m202401020101&ptt=9&saldr=aa&correlator=1733438557362&frm=23&ife=1&pv=2&ga_vid=1204936129.1704674967&ga_sid=1704674967&ga_hid=331026841&ga_fc=0&nhd=1&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&adx=20&ady=0&biw=1600&bih=1200&isw=1600&ish=90&ifk=306685714&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C31079714%2C44795922%2C44809004&oid=2&pvsid=2060551453027972&tmod=1287939796&uas=0&nvt=1&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C90&vis=1&rsz=o%7Co%7CaeE%7C&abl=NA&pfx=0&fu=4&bc=23&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=1&uci=1.xj45euwmmydz&fsb=1&dtd=375
Frame ID: 26CA80C09565D41D7038F8639416A956
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/xbbe/pixel?d=CPDkLxCoi2UY_OrEmAEwAQ&v=APEucNX7bthau8IpI0_M6AYqKmf1WT4B3yLYNXPfUz3DVX-2Ve0IUFL0HUqwDX2oKTfmDhg67U65g92Oa-_f0jdmfodeM3DSDCWVPnkBZyaRA9YVF2c0_RftqFU5Suwr4-O7fk_Z827OLbNP_sIH9929eBq6EeblzpKQ2gsi0wg-r4I2uGCI6Bs
Frame ID: B29FCF95DEB9BF1AF3799F4761160B5C
Requests: 5 HTTP requests in this frame

Frame: https://s0.2mdn.net/879366/express_html_inpage_rendering_lib_200_278.js
Frame ID: 7DBAF0D73C2F7898426FA8B8B987D513
Requests: 12 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/62bHydCX.html
Frame ID: 0211B125753FBD31CE347AC2AD67C8C7
Requests: 3 HTTP requests in this frame

Frame: https://s0.2mdn.net/sadbundle/15205685216655332109/index.html?ev=01_250
Frame ID: DF3ADA6D0585E9AAFA34FE35F0E71B25
Requests: 10 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Frame ID: 466B9E07EE1A2BE53EB21A92788961B9
Requests: 3 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/aframe
Frame ID: 664DD48B9E5936F489D2FDAF8AF99008
Requests: 2 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

AVIS DES PROS

Detected technologies

DoubleClick Campaign Manager (DCM) (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

2mdn\.net

Google AdSense (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

googlesyndication\.com/
2mdn\.net

Google Tag Manager (Tag Managers) Expand

Overall confidence: 100%
Detected patterns

googletagmanager\.com/gtm\.js

Page Statistics

67
Requests

90 %
HTTPS

50 %
IPv6

13
Domains

17
Subdomains

16
IPs

4
Countries

3109 kB
Transfer

4518 kB
Size

10
Cookies

0 Outgoing links

These are links going to different origins than the main page.

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 38

https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_dbm HTTP 302
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=&google_error=15

Request Chain 39

https://dsum-sec.casalemedia.com/rrum?ixi=0&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D HTTP 302
https://dsum-sec.casalemedia.com/rrum?cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D&cm_dsp_id=85&ixi=0&C=1 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_hm=ZZtGlxMwyIkOW-Sp4bzDmQAA HTTP 302
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=&google_error=15

Request Chain 41

https://ib.adnxs.com/getuid?https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=${BASE64_UID_ENC} HTTP 307
https://ib.adnxs.com/bounce?%2Fgetuid%3Fhttps%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dappnexus%26google_hm%3D%24%7BBASE64_UID_ENC%7D HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=NzA5NTc5Nzk1MjYyMTQ4MDEwNg%3D%3D

67 HTTP transactions
1 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H/1.1 200
OK Primary Request / Show response
www.avisdespros.c4.fr/ 3 KB
1 KB 104ms
28ms Document
text/html 5.135.149.81
OVH

General

Check archive.org

Show headers Download Go to

Full URL: http://www.avisdespros.c4.fr/
Protocol: HTTP/1.1
Server: 5.135.149.81 Le Chesnay, France, ASN16276 (OVH, FR),
Reverse DNS: web3.venez.net
Software: Apache /
Resource Hash: 565455760ff3d548e128a39e4f9bafa35d7a77f09e9415e34f7c63252441a8ff

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36
accept-language: fr-FR,fr;q=0.9

Response headers

Connection: Keep-Alive
Content-Encoding: gzip
Content-Length: 1091
Content-Type: text/html; charset=iso-8859-1
Date: Mon, 08 Jan 2024 00:49:26 GMT
Keep-Alive: timeout=5, max=100
Server: Apache
Vary: Accept-Encoding

GET
H/1.1 200
OK barre-avisdespros.c4.fr.html Show response
www.avisdespros.c4.fr/ Frame A0F4 3 KB
2 KB 120ms
120ms Document
text/html 5.135.149.81
OVH

General

Check archive.org

Show headers Download Go to

Full URL: http://www.avisdespros.c4.fr/barre-avisdespros.c4.fr.html
Requested by: Host: www.avisdespros.c4.fr
URL: http://www.avisdespros.c4.fr/
Protocol: HTTP/1.1
Server: 5.135.149.81 Le Chesnay, France, ASN16276 (OVH, FR),
Reverse DNS: web3.venez.net
Software: Apache /
Resource Hash: 32f2c3d6a1b9ff37e86b481bbbf7faf5ef528261df074afcd1fa85ebac55a6ba

Request headers

Referer: http://www.avisdespros.c4.fr/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36
accept-language: fr-FR,fr;q=0.9

Response headers

Cache-Control: no-store, no-cache, must-revalidate post-check=0, pre-check=0
Connection: Keep-Alive
Content-Encoding: gzip
Content-Length: 1490
Content-Type: text/html; charset=ISO-8859-1
Date: Mon, 08 Jan 2024 00:49:26 GMT
Expires: Mon, 08 Jan 2024 00:49:26 GMT
Keep-Alive: timeout=5, max=99
Last-Modified: Mon, 08 Jan 2024 00:49:26 GMT
Pragma: no-cache
Server: Apache
Vary: Accept-Encoding

GET
H/1.1 200
OK / Show response
www.lemaitreturf.com/lespros2/avisdespros/ Frame 7869 1 MB
1 MB 210ms
86ms Document
text/html 194.150.236.236
HIWIT_AS

General

Check archive.org

Show headers Download Go to

Full URL

https://www.lemaitreturf.com/lespros2/avisdespros/

Requested by

Host: www.avisdespros.c4.fr
URL: http://www.avisdespros.c4.fr/

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

194.150.236.236 , France, ASN44976 (HIWIT_AS, FR),

Reverse DNS

ns76.hiwit.net

Software

Apache /

Resource Hash

d58a4f50c5c453fef8e055131d7a1657cc5a0dc7d3f544acf23c49a7ceabf0b4

Security Headers

Name	Value
Strict-Transport-Security	max-age=15768000

Request headers

Referer: http://www.avisdespros.c4.fr/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36
accept-language: fr-FR,fr;q=0.9

Response headers

Cache-Control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
Connection: Keep-Alive
Content-Type: text/html
Date: Mon, 08 Jan 2024 00:49:26 GMT
Expires: Thu, 19 Nov 1981 08:52:00 GMT
Keep-Alive: timeout=15, max=100
Pragma: no-cache
Server: Apache
Strict-Transport-Security: max-age=15768000
Transfer-Encoding: chunked
Vary: Host

GET
H/1.1 200
OK stats-avisdespros.c4.fr.html Show response
www.avisdespros.c4.fr/ Frame EC2C 0
192 B 134ms
108ms Document
text/html 5.135.149.81
OVH

General

Check archive.org

Show headers Download Go to

Full URL: http://www.avisdespros.c4.fr/stats-avisdespros.c4.fr.html
Requested by: Host: www.avisdespros.c4.fr
URL: http://www.avisdespros.c4.fr/
Protocol: HTTP/1.1
Server: 5.135.149.81 Le Chesnay, France, ASN16276 (OVH, FR),
Reverse DNS: web3.venez.net
Software: Apache /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: http://www.avisdespros.c4.fr/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36
accept-language: fr-FR,fr;q=0.9

Response headers

Connection: Keep-Alive
Content-Length: 0
Content-Type: text/html; charset=iso-8859-1
Date: Mon, 08 Jan 2024 00:49:26 GMT
Keep-Alive: timeout=5, max=100
Server: Apache

GET
H/1.1 200
OK site.js Show response
www.venez.fr/js/ Frame A0F4 2 KB
1 KB 164ms
27ms Script
application/javascript 5.135.149.81
OVH

General

Check archive.org

Show headers Download Go to

Full URL: https://www.venez.fr/js/site.js?www.venez.fr
Requested by: Host: www.avisdespros.c4.fr
URL: http://www.avisdespros.c4.fr/barre-avisdespros.c4.fr.html
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 5.135.149.81 Le Chesnay, France, ASN16276 (OVH, FR),
Reverse DNS: web3.venez.net
Software: Apache /
Resource Hash: 0c91a24c2deb753c963c48cd9c3e5d16ee96128b30bce193c4324e121728c306

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: http://www.avisdespros.c4.fr/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

Date: Mon, 08 Jan 2024 00:49:26 GMT
Content-Encoding: gzip
Last-Modified: Mon, 08 Jan 2024 00:49:26 GMT
Server: Apache
Vary: Accept-Encoding
Content-Type: application/javascript
Cache-Control: public, max-age=604800
Connection: Keep-Alive
Keep-Alive: timeout=5, max=100
Content-Length: 1023
Expires: Mon, 15 Jan 2024 00:49:26 GMT

GET
H/1.1 200
OK separateur90.gif
www.venez.fr/images/ Frame A0F4 82 B
388 B 165ms
28ms Image
image/gif 5.135.149.81
OVH

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.venez.fr/images/separateur90.gif
Requested by: Host: www.avisdespros.c4.fr
URL: http://www.avisdespros.c4.fr/barre-avisdespros.c4.fr.html
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 5.135.149.81 Le Chesnay, France, ASN16276 (OVH, FR),
Reverse DNS: web3.venez.net
Software: Apache /
Resource Hash: 3289fc83b622ca0a13683fa81b006a05de135d1938744d6e30e5c9be2f2d782a

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: http://www.avisdespros.c4.fr/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

Date: Mon, 08 Jan 2024 00:49:26 GMT
Last-Modified: Thu, 15 Nov 2018 22:11:22 GMT
Server: Apache
ETag: "52-57abb54b25680"
Content-Type: image/gif
Cache-Control: max-age=604800, public
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=100
Content-Length: 82

GET
H/1.1 200
OK adsbygoogle.js Show response
pagead2.googlesyndication.com/pagead/js/ Frame A0F4 146 KB
54 KB 106ms
77ms Script
text/javascript 2a00:1450:4001:810::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

http://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js

Requested by

Host: www.avisdespros.c4.fr
URL: http://www.avisdespros.c4.fr/barre-avisdespros.c4.fr.html

Protocol

HTTP/1.1

Server

2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e1e7117361d551b7b5daed377d8d9eea53ab733b366e1add7e977672e2f78be2

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: http://www.avisdespros.c4.fr/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

Date: Mon, 08 Jan 2024 00:49:26 GMT
Content-Encoding: gzip
X-Content-Type-Options: nosniff
P3P: policyref="http://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
Cross-Origin-Resource-Policy: cross-origin
Content-Disposition: attachment; filename="f.txt"
Content-Length: 54298
X-XSS-Protection: 0
Server: cafe
ETag: 11517021295371004170
Vary: Accept-Encoding
Content-Type: text/javascript; charset=UTF-8
Access-Control-Allow-Origin: *
Cache-Control: private, max-age=3600, stale-while-revalidate=3600
Timing-Allow-Origin: *
Expires: Mon, 08 Jan 2024 00:49:26 GMT

GET
H/1.1 200
OK head.jpg
www.lemaitreturf.com/lespros2/avisdespros/ Frame 7869 111 KB
111 KB 62ms
21ms Image
image/jpeg 194.150.236.236
HIWIT_AS

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.lemaitreturf.com/lespros2/avisdespros/head.jpg

Requested by

Host: www.lemaitreturf.com
URL: https://www.lemaitreturf.com/lespros2/avisdespros/

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

194.150.236.236 , France, ASN44976 (HIWIT_AS, FR),

Reverse DNS

ns76.hiwit.net

Software

Apache /

Resource Hash

3cc224a17920964c03b7914a29ad608a0f2ea998426e213843bf9fc8718fc0d4

Security Headers

Name	Value
Strict-Transport-Security	max-age=15768000

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://www.lemaitreturf.com/lespros2/avisdespros/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

Date: Mon, 08 Jan 2024 00:49:26 GMT
Strict-Transport-Security: max-age=15768000
Last-Modified: Tue, 17 Jan 2023 18:33:11 GMT
Server: Apache
ETag: "2a19e6f-1bc39-5f279ee9107c0"
Vary: Host
Content-Type: image/jpeg
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=15, max=100
Content-Length: 113721

GET
H2 200 v=IHErDrKoljVgj1EzLUneJuRQKzIO0R07L32vXIEv5TGL8rsN26OTKFg-4PxNQUkeK8aV2k00uORQvMWLix6avw__&s= Show response
www.gambling-affiliation.com/cpm/ Frame 7869 329 B
417 B 240ms
154ms Script
application/javascript 91.198.105.122
EURO-WEB-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://www.gambling-affiliation.com/cpm/v=IHErDrKoljVgj1EzLUneJuRQKzIO0R07L32vXIEv5TGL8rsN26OTKFg-4PxNQUkeK8aV2k00uORQvMWLix6avw__&s=
Requested by: Host: www.lemaitreturf.com
URL: https://www.lemaitreturf.com/lespros2/avisdespros/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 91.198.105.122 , France, ASN35393 (EURO-WEB-AS, FR),
Reverse DNS
Software: Apache /
Resource Hash: 2038e75d6253a4fff12afdec036e27703f1575215661ed15bdb353d7cf93f059

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://www.lemaitreturf.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date: Mon, 08 Jan 2024 00:49:26 GMT
server: Apache
content-length: 329
content-type: application/javascript

GET
H2 200 v=c-uMZ7rGrk.wx.hUDZmT8YbUNpJRfs6tUnYvdKbA8VI_ Show response
www.gambling-affiliation.com/cpm/ Frame 7869 339 B
426 B 286ms
200ms Script
application/javascript 91.198.105.122
EURO-WEB-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://www.gambling-affiliation.com/cpm/v=c-uMZ7rGrk.wx.hUDZmT8YbUNpJRfs6tUnYvdKbA8VI_
Requested by: Host: www.lemaitreturf.com
URL: https://www.lemaitreturf.com/lespros2/avisdespros/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 91.198.105.122 , France, ASN35393 (EURO-WEB-AS, FR),
Reverse DNS
Software: Apache /
Resource Hash: de421ad2eb9e68d7798320a44138c37baea59c11ddff99bc492e10be0ccbfe4c

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://www.lemaitreturf.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date: Mon, 08 Jan 2024 00:49:26 GMT
server: Apache
content-length: 339
content-type: application/javascript

GET
H/1.1 200
OK img1.jpg
www.lemaitreturf.com/lespros2/avisdespros/ Frame 7869 34 KB
35 KB 62ms
21ms Image
image/jpeg 194.150.236.236
HIWIT_AS

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.lemaitreturf.com/lespros2/avisdespros/img1.jpg

Requested by

Host: www.lemaitreturf.com
URL: https://www.lemaitreturf.com/lespros2/avisdespros/

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

194.150.236.236 , France, ASN44976 (HIWIT_AS, FR),

Reverse DNS

ns76.hiwit.net

Software

Apache /

Resource Hash

a01be423300cf1a6d29a8bc43a753bd1369f2fb6d8a1a7b27da437870014dc78

Security Headers

Name	Value
Strict-Transport-Security	max-age=15768000

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://www.lemaitreturf.com/lespros2/avisdespros/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

Date: Mon, 08 Jan 2024 00:49:26 GMT
Strict-Transport-Security: max-age=15768000
Last-Modified: Tue, 17 Jan 2023 18:33:13 GMT
Server: Apache
ETag: "2a19e73-8984-5f279eeaf8c40"
Vary: Host
Content-Type: image/jpeg
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=15, max=100
Content-Length: 35204

GET
H/1.1 200
OK checkout.apu Show response
payment.allopass.com/buy/ Frame 7869 11 KB
4 KB 241ms
89ms Script
text/html 185.119.26.1
WEBDEVIIN-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://payment.allopass.com/buy/checkout.apu?ids=357314&idd=1558788&lang=fr
Requested by: Host: www.lemaitreturf.com
URL: https://www.lemaitreturf.com/lespros2/avisdespros/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 185.119.26.1 , France, ASN203544 (WEBDEVIIN-AS, FR),
Reverse DNS: 1.26.119.185.in-addr.arpa
Software: Apache /
Resource Hash: d396441f8562d3ff1d34d9a7047108880c3c2300b299913be8ae2328d64808ad

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://www.lemaitreturf.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

Pragma: no-cache
Date: Mon, 08 Jan 2024 00:49:26 GMT
Content-Encoding: gzip
Server: Apache
Vary: Accept-Encoding
P3P: CP='NON NID OTPa OUR NOR' policy-ref='http://payment.allopass.com/info/p3p/policy-references.xml'
Content-Type: text/html
Cache-Control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
Connection: close
Content-Length: 2964
Expires: Thu, 19 Nov 1981 08:52:00 GMT

GET
H/1.1 200
OK arp2.jpg
www.lemaitreturf.com/lespros2/avisdespros/ Frame 7869 318 KB
319 KB 64ms
22ms Image
image/jpeg 194.150.236.236
HIWIT_AS

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.lemaitreturf.com/lespros2/avisdespros/arp2.jpg

Requested by

Host: www.lemaitreturf.com
URL: https://www.lemaitreturf.com/lespros2/avisdespros/

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

194.150.236.236 , France, ASN44976 (HIWIT_AS, FR),

Reverse DNS

ns76.hiwit.net

Software

Apache /

Resource Hash

69a8a6cd34033c248f0fb8bb083673e6d6030ef4f3c5eda7978468d1b2c10873

Security Headers

Name	Value
Strict-Transport-Security	max-age=15768000

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://www.lemaitreturf.com/lespros2/avisdespros/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

Date: Mon, 08 Jan 2024 00:49:26 GMT
Strict-Transport-Security: max-age=15768000
Last-Modified: Tue, 17 Jan 2023 18:33:02 GMT
Server: Apache
ETag: "2a19e23-4f94b-5f279ee07b380"
Vary: Host
Content-Type: image/jpeg
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=15, max=100
Content-Length: 325963

GET
H/1.1 200
OK alternate-barre.htm Show response
www.venez.fr/ Frame 5AA2 2 KB
1 KB 129ms
128ms Document
text/html 5.135.149.81
OVH

General

Check archive.org

Show headers Download Go to

Full URL: https://www.venez.fr/alternate-barre.htm
Requested by: Host: www.avisdespros.c4.fr
URL: http://www.avisdespros.c4.fr/barre-avisdespros.c4.fr.html
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 5.135.149.81 Le Chesnay, France, ASN16276 (OVH, FR),
Reverse DNS: web3.venez.net
Software: Apache /
Resource Hash: 4310fb01c7dbcc91881084db621a67f1f2790c33cc481ef1234b8d0a414e46b1

Request headers

Referer: http://www.avisdespros.c4.fr/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36
accept-language: fr-FR,fr;q=0.9

Response headers

Connection: Keep-Alive
Content-Encoding: gzip
Content-Length: 873
Content-Type: text/html; charset=iso-8859-1
Date: Mon, 08 Jan 2024 00:49:26 GMT
Keep-Alive: timeout=5, max=99
Server: Apache
Vary: Accept-Encoding

GET
H/1.1 200
OK barre90.gif
www.venez.fr/images/ Frame A0F4 110 B
416 B 29ms
29ms Image
image/gif 5.135.149.81
OVH

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.venez.fr/images/barre90.gif
Requested by: Host: www.avisdespros.c4.fr
URL: http://www.avisdespros.c4.fr/barre-avisdespros.c4.fr.html
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 5.135.149.81 Le Chesnay, France, ASN16276 (OVH, FR),
Reverse DNS: web3.venez.net
Software: Apache /
Resource Hash: 49d4ba84e10d9d1f2a83956dde4f20625fd11efc01f60a3a4552a9e09a05a74f

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: http://www.avisdespros.c4.fr/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

Date: Mon, 08 Jan 2024 00:49:26 GMT
Last-Modified: Thu, 15 Nov 2018 22:06:23 GMT
Server: Apache
ETag: "6e-57abb42dff5c0"
Content-Type: image/gif
Cache-Control: max-age=604800, public
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=99
Content-Length: 110

GET
H/1.1 200
OK 120x60.gif
www.venez.fr/images/ Frame 5AA2 4 KB
4 KB 28ms
28ms Image
image/gif 5.135.149.81
OVH

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.venez.fr/images/120x60.gif
Requested by: Host: www.venez.fr
URL: https://www.venez.fr/alternate-barre.htm
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 5.135.149.81 Le Chesnay, France, ASN16276 (OVH, FR),
Reverse DNS: web3.venez.net
Software: Apache /
Resource Hash: 7dc792d48132ff15a9ad8c11a139bf26f8e13aa3df30a71582ae406ddffdab4f

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://www.venez.fr/alternate-barre.htm
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

Date: Mon, 08 Jan 2024 00:49:26 GMT
Last-Modified: Wed, 02 Mar 2011 00:16:24 GMT
Server: Apache
ETag: "f4c-49d74d2b9c600"
Content-Type: image/gif
Cache-Control: max-age=604800, public
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=98
Content-Length: 3916

GET
H/1.1 200
OK site.js Show response
www.venez.fr/js/ Frame 5AA2 2 KB
1 KB 27ms
27ms Script
application/javascript 5.135.149.81
OVH

General

Check archive.org

Show headers Download Go to

Full URL: https://www.venez.fr/js/site.js?www.venez.fr
Requested by: Host: www.venez.fr
URL: https://www.venez.fr/alternate-barre.htm
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 5.135.149.81 Le Chesnay, France, ASN16276 (OVH, FR),
Reverse DNS: web3.venez.net
Software: Apache /
Resource Hash: 0c91a24c2deb753c963c48cd9c3e5d16ee96128b30bce193c4324e121728c306

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://www.venez.fr/alternate-barre.htm
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

Date: Mon, 08 Jan 2024 00:49:26 GMT
Content-Encoding: gzip
Last-Modified: Mon, 08 Jan 2024 00:49:26 GMT
Server: Apache
Vary: Accept-Encoding
Content-Type: application/javascript
Cache-Control: public, max-age=604800
Connection: Keep-Alive
Keep-Alive: timeout=5, max=98
Content-Length: 1023
Expires: Mon, 15 Jan 2024 00:49:26 GMT

GET
H/1.1 200
OK barre90.gif
www.venez.fr/images/ Frame 5AA2 110 B
416 B 50ms
26ms Image
image/gif 5.135.149.81
OVH

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.venez.fr/images/barre90.gif
Requested by: Host: www.venez.fr
URL: https://www.venez.fr/alternate-barre.htm
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 5.135.149.81 Le Chesnay, France, ASN16276 (OVH, FR),
Reverse DNS: web3.venez.net
Software: Apache /
Resource Hash: 49d4ba84e10d9d1f2a83956dde4f20625fd11efc01f60a3a4552a9e09a05a74f

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://www.venez.fr/alternate-barre.htm
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

Date: Mon, 08 Jan 2024 00:49:26 GMT
Last-Modified: Thu, 15 Nov 2018 22:06:23 GMT
Server: Apache
ETag: "6e-57abb42dff5c0"
Content-Type: image/gif
Cache-Control: max-age=604800, public
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=97
Content-Length: 110

GET
H2 200 62482.jpg
static.gambling-affiliation.com/uploads/ads/ Frame 7869 115 KB
116 KB 113ms
42ms Image
image/jpeg 91.198.105.122
EURO-WEB-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://static.gambling-affiliation.com/uploads/ads/62482.jpg
Requested by: Host: www.lemaitreturf.com
URL: https://www.lemaitreturf.com/lespros2/avisdespros/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 91.198.105.122 , France, ASN35393 (EURO-WEB-AS, FR),
Reverse DNS
Software: nginx/1.15.5 /
Resource Hash: 24c6c6cef0212392bd8472c94a831aaad088a6a727061af17ce115506e2698cb

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://www.lemaitreturf.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date: Mon, 08 Jan 2024 00:49:26 GMT
last-modified: Tue, 07 Mar 2023 17:08:20 GMT
server: nginx/1.15.5
accept-ranges: bytes
etag: "64076f84-1cdc9"
content-length: 118217
content-type: image/jpeg

GET
H2 200 show_ads_impl_with_ama_fy2021.js Show response
pagead2.googlesyndication.com/pagead/managed/js/adsense/m202401020101/ Frame A0F4 403 KB
137 KB 149ms
86ms Script
text/javascript 2a00:1450:4001:828::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202401020101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-5203714787387788&plah=www.avisdespros.c4.fr

Requested by

Host: pagead2.googlesyndication.com
URL: http://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

f1e6213f4c9ab8c62ef1753ccb1ada7664851ce3ce6a72db5afcc79fffe7af7c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: http://www.avisdespros.c4.fr/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date: Mon, 08 Jan 2024 00:49:27 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 139431
x-xss-protection: 0
server: cafe
etag: 1953852868397499227
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=3600, stale-while-revalidate=3600
timing-allow-origin: *
expires: Mon, 08 Jan 2024 00:49:27 GMT

GET
H2 200 zrt_lookup_inhead_fy2021.html Show response
googleads.g.doubleclick.net/pagead/html/r20240103/r20190131/ Frame 233D 9 KB
4 KB 90ms
27ms Document
text/html 2a00:1450:4001:811::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/html/r20240103/r20190131/zrt_lookup_inhead_fy2021.html?hello=world

Requested by

Host: pagead2.googlesyndication.com
URL: http://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:811::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

acad1a12850c7f0b5f1874f385a84f10539ad98a380784ef08df5eacb7d4b0c7

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: http://www.avisdespros.c4.fr/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36
accept-language: fr-FR,fr;q=0.9

Response headers

age: 3080
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=1209600
content-encoding: br
content-length: 4168
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Sun, 07 Jan 2024 23:58:06 GMT
etag: 3009746639812436877
expires: Sun, 21 Jan 2024 23:58:06 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 25995.gif
static.gambling-affiliation.com/uploads/ads/ Frame 7869 207 KB
208 KB 65ms
41ms Image
image/gif 91.198.105.122
EURO-WEB-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://static.gambling-affiliation.com/uploads/ads/25995.gif
Requested by: Host: www.lemaitreturf.com
URL: https://www.lemaitreturf.com/lespros2/avisdespros/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 91.198.105.122 , France, ASN35393 (EURO-WEB-AS, FR),
Reverse DNS
Software: nginx/1.15.5 /
Resource Hash: 1816069af86c24f0cc7eb81c78311efc0aba9aded5642284cf673bb1c7130e7e

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://www.lemaitreturf.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date: Mon, 08 Jan 2024 00:49:26 GMT
last-modified: Wed, 19 May 2021 07:07:11 GMT
server: nginx/1.15.5
accept-ranges: bytes
etag: "60a4b91f-33dd1"
content-length: 212433
content-type: image/gif

GET
H2 200 gtm.js Show response
www.googletagmanager.com/ Frame 7869 167 KB
61 KB 112ms
43ms Script
application/javascript 2a00:1450:4001:81c::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtm.js?id=GTM-NVK252XV

Requested by

Host: payment.allopass.com
URL: https://payment.allopass.com/buy/checkout.apu?ids=357314&idd=1558788&lang=fr

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:81c::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

769157b92b0a94c3bb2311f0c42edba38c841afb73fe48f56dfe9b685691bdb6

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://www.lemaitreturf.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date: Mon, 08 Jan 2024 00:49:27 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 61972
x-xss-protection: 0
last-modified: Mon, 08 Jan 2024 00:00:00 GMT
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Mon, 08 Jan 2024 00:49:27 GMT

GET
H/1.1 200
OK buy-button.css
payment.allopass.com/static/css/ Frame 7869 2 KB
830 B 67ms
25ms Stylesheet
text/css 185.119.26.1
WEBDEVIIN-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://payment.allopass.com/static/css/buy-button.css?1
Requested by: Host: payment.allopass.com
URL: https://payment.allopass.com/buy/checkout.apu?ids=357314&idd=1558788&lang=fr
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 185.119.26.1 , France, ASN203544 (WEBDEVIIN-AS, FR),
Reverse DNS: 1.26.119.185.in-addr.arpa
Software: Apache /
Resource Hash: 95eb15e76b752a9c78d6281cd3b7c43a8fbc2931783edf3bf3703af55eff06e2

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://www.lemaitreturf.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

Date: Mon, 08 Jan 2024 00:49:26 GMT
Content-Encoding: gzip
Last-Modified: Mon, 21 Aug 2023 10:50:27 GMT
Server: Apache
ETag: "235e8-69a-6036ca56d02c0"
Vary: Accept-Encoding
Content-Type: text/css
Connection: close
Accept-Ranges: bytes
Content-Length: 546

GET
H/1.1 200
OK 162x56.png
payment.allopass.com/static/buy/button/fr/ Frame 7869 6 KB
6 KB 73ms
26ms Image
image/png 185.119.26.1
WEBDEVIIN-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://payment.allopass.com/static/buy/button/fr/162x56.png
Requested by: Host: www.lemaitreturf.com
URL: https://www.lemaitreturf.com/lespros2/avisdespros/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 185.119.26.1 , France, ASN203544 (WEBDEVIIN-AS, FR),
Reverse DNS: 1.26.119.185.in-addr.arpa
Software: Apache /
Resource Hash: 7dd9659e56e92abc376e04d427903b2cfca1d52d854d38e35fefa4cf9e7fd9db

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://www.lemaitreturf.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

Date: Mon, 08 Jan 2024 00:49:26 GMT
Last-Modified: Mon, 21 Aug 2023 10:50:27 GMT
Server: Apache
ETag: "215ee-1688-6036ca56d02c0"
Content-Type: image/png
Connection: close
Accept-Ranges: bytes
Content-Length: 5768

GET
H/1.1 200
OK date.png
www.lemaitreturf.com/lespros2/avisdespros/ Frame 7869 35 KB
36 KB 22ms
22ms Image
image/png 194.150.236.236
HIWIT_AS

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.lemaitreturf.com/lespros2/avisdespros/date.png

Requested by

Host: www.lemaitreturf.com
URL: https://www.lemaitreturf.com/lespros2/avisdespros/

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

194.150.236.236 , France, ASN44976 (HIWIT_AS, FR),

Reverse DNS

ns76.hiwit.net

Software

Apache /

Resource Hash

2137deaa987e3f79fa0e0d8a3392c98fbe32c9f50132bf87dec513a46394ff8c

Security Headers

Name	Value
Strict-Transport-Security	max-age=15768000

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://www.lemaitreturf.com/lespros2/avisdespros/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

Date: Mon, 08 Jan 2024 00:49:26 GMT
Strict-Transport-Security: max-age=15768000
Last-Modified: Tue, 17 Jan 2023 18:33:06 GMT
Server: Apache
ETag: "2a19e5f-8d17-5f279ee44bc80"
Vary: Host
Content-Type: image/png
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=15, max=99
Content-Length: 36119

GET
H/1.1 200
OK bt_ok.gif
payment.allopass.com/imgweb/common/ Frame 7869 753 B
991 B 74ms
26ms Image
image/gif 185.119.26.1
WEBDEVIIN-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://payment.allopass.com/imgweb/common/bt_ok.gif
Requested by: Host: www.lemaitreturf.com
URL: https://www.lemaitreturf.com/lespros2/avisdespros/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 185.119.26.1 , France, ASN203544 (WEBDEVIIN-AS, FR),
Reverse DNS: 1.26.119.185.in-addr.arpa
Software: Apache /
Resource Hash: d1d6b5efe0d6c2540778435a8f7873cbec1eb76a2b107370388a8806cb5dda6a

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://www.lemaitreturf.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

Date: Mon, 08 Jan 2024 00:49:27 GMT
Last-Modified: Tue, 26 Nov 2019 14:39:46 GMT
Server: Apache
ETag: "22a09-2f1-59840d9fb3080"
Content-Type: image/gif
Connection: close
Accept-Ranges: bytes
Content-Length: 753

GET
H/1.1 200
OK arpnum.png
www.lemaitreturf.com/lespros2/avisdespros/ Frame 7869 65 KB
66 KB 22ms
22ms Image
image/png 194.150.236.236
HIWIT_AS

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.lemaitreturf.com/lespros2/avisdespros/arpnum.png

Requested by

Host: www.lemaitreturf.com
URL: https://www.lemaitreturf.com/lespros2/avisdespros/

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

194.150.236.236 , France, ASN44976 (HIWIT_AS, FR),

Reverse DNS

ns76.hiwit.net

Software

Apache /

Resource Hash

8bb70ac0971f19679c9be2cbaf6183506597a7e8eec04eb29f3182e838a33b40

Security Headers

Name	Value
Strict-Transport-Security	max-age=15768000

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://www.lemaitreturf.com/lespros2/avisdespros/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

Date: Mon, 08 Jan 2024 00:49:26 GMT
Strict-Transport-Security: max-age=15768000
Last-Modified: Tue, 17 Jan 2023 18:33:03 GMT
Server: Apache
ETag: "2a19e24-104ae-5f279ee16f5c0"
Vary: Host
Content-Type: image/png
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=15, max=99
Content-Length: 66734

GET
H2 200 destination Show response
www.googletagmanager.com/gtag/ Frame 7869 292 KB
96 KB 49ms
48ms Script
application/javascript 2a00:1450:4001:81c::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/destination?id=G-QG320G96PZ&l=dataLayer&cx=c

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-NVK252XV

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:81c::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

42c30773e94d9babf2effdf3e643f1757d7f882ba311c35b317d4f2eb91746ce

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://www.lemaitreturf.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date: Mon, 08 Jan 2024 00:49:27 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
access-control-allow-headers: Cache-Control
content-length: 97700
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires: Mon, 08 Jan 2024 00:49:27 GMT

GET
H2 200 ads Show response
googleads.g.doubleclick.net/pagead/ Frame 26CA 112 KB
45 KB 420ms
419ms Document
text/html 2a00:1450:4001:811::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5203714787387788&output=html&h=90&slotname=4563536207&adk=2647235303&adf=3604715433&pi=t.ma~as.4563536207&w=970&format=970x90&url=http%3A%2F%2Fwww.avisdespros.c4.fr%2F&ea=0&wgl=1&dt=1704674966906&bpp=2&bdt=348&idt=369&shv=r20240103&mjsv=m202401020101&ptt=9&saldr=aa&correlator=1733438557362&frm=23&ife=1&pv=2&ga_vid=1204936129.1704674967&ga_sid=1704674967&ga_hid=331026841&ga_fc=0&nhd=1&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&adx=20&ady=0&biw=1600&bih=1200&isw=1600&ish=90&ifk=306685714&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C31079714%2C44795922%2C44809004&oid=2&pvsid=2060551453027972&tmod=1287939796&uas=0&nvt=1&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C90&vis=1&rsz=o%7Co%7CaeE%7C&abl=NA&pfx=0&fu=4&bc=23&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=1&uci=1.xj45euwmmydz&fsb=1&dtd=375

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202401020101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-5203714787387788&plah=www.avisdespros.c4.fr

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:811::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3924cd8bf60d917751f21716ca103d2d78def37b4c66e6b79686d53d398ef287

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: http://www.avisdespros.c4.fr/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36
accept-language: fr-FR,fr;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private
content-encoding: br
content-length: 45738
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Mon, 08 Jan 2024 00:49:27 GMT
expires: Mon, 08 Jan 2024 00:49:27 GMT
observe-browsing-topics: ?1
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 pixel Show response
googleads.g.doubleclick.net/xbbe/ Frame B29F 624 B
246 B 69ms
68ms Document
text/html 2a00:1450:4001:811::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/xbbe/pixel?d=CPDkLxCoi2UY_OrEmAEwAQ&v=APEucNX7bthau8IpI0_M6AYqKmf1WT4B3yLYNXPfUz3DVX-2Ve0IUFL0HUqwDX2oKTfmDhg67U65g92Oa-_f0jdmfodeM3DSDCWVPnkBZyaRA9YVF2c0_RftqFU5Suwr4-O7fk_Z827OLbNP_sIH9929eBq6EeblzpKQ2gsi0wg-r4I2uGCI6Bs

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5203714787387788&output=html&h=90&slotname=4563536207&adk=2647235303&adf=3604715433&pi=t.ma~as.4563536207&w=970&format=970x90&url=http%3A%2F%2Fwww.avisdespros.c4.fr%2F&ea=0&wgl=1&dt=1704674966906&bpp=2&bdt=348&idt=369&shv=r20240103&mjsv=m202401020101&ptt=9&saldr=aa&correlator=1733438557362&frm=23&ife=1&pv=2&ga_vid=1204936129.1704674967&ga_sid=1704674967&ga_hid=331026841&ga_fc=0&nhd=1&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&adx=20&ady=0&biw=1600&bih=1200&isw=1600&ish=90&ifk=306685714&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C31079714%2C44795922%2C44809004&oid=2&pvsid=2060551453027972&tmod=1287939796&uas=0&nvt=1&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C90&vis=1&rsz=o%7Co%7CaeE%7C&abl=NA&pfx=0&fu=4&bc=23&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=1&uci=1.xj45euwmmydz&fsb=1&dtd=375

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:811::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

9ff367082be1d94abc86ad1e75ff921cc5d53846e860267372fade66305f9120

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5203714787387788&output=html&h=90&slotname=4563536207&adk=2647235303&adf=3604715433&pi=t.ma~as.4563536207&w=970&format=970x90&url=http%3A%2F%2Fwww.avisdespros.c4.fr%2F&ea=0&wgl=1&dt=1704674966906&bpp=2&bdt=348&idt=369&shv=r20240103&mjsv=m202401020101&ptt=9&saldr=aa&correlator=1733438557362&frm=23&ife=1&pv=2&ga_vid=1204936129.1704674967&ga_sid=1704674967&ga_hid=331026841&ga_fc=0&nhd=1&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&adx=20&ady=0&biw=1600&bih=1200&isw=1600&ish=90&ifk=306685714&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C31079714%2C44795922%2C44809004&oid=2&pvsid=2060551453027972&tmod=1287939796&uas=0&nvt=1&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C90&vis=1&rsz=o%7Co%7CaeE%7C&abl=NA&pfx=0&fu=4&bc=23&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=1&uci=1.xj45euwmmydz&fsb=1&dtd=375
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36
accept-language: fr-FR,fr;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private
content-encoding: br
content-length: 222
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Mon, 08 Jan 2024 00:49:27 GMT
expires: Mon, 08 Jan 2024 00:49:27 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 express_html_inpage_rendering_lib_200_278.js Show response
s0.2mdn.net/879366/ Frame 7DBA 111 KB
39 KB 119ms
27ms Script
text/javascript 2a00:1450:4001:830::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/879366/express_html_inpage_rendering_lib_200_278.js

Requested by

Host: www.avisdespros.c4.fr
URL: http://www.avisdespros.c4.fr/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:830::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

1642dd5dc126df4feff2255cba0988528507973d842d0a73331a5873f6b9d4e5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
Origin: https://googleads.g.doubleclick.net
accept-language: fr-FR,fr;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date: Sun, 07 Jan 2024 21:44:20 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 11107
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 39806
x-xss-protection: 0
last-modified: Tue, 14 Mar 2023 18:44:05 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=86400
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Mon, 08 Jan 2024 21:44:20 GMT

GET
H2 200 omrhp_fy2021.js Show response
pagead2.googlesyndication.com/pagead/js/r20240103/r20110914/elements/html/ Frame 7DBA 7 KB
3 KB 28ms
27ms Script
text/javascript 2a00:1450:4001:828::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/r20240103/r20110914/elements/html/omrhp_fy2021.js

Requested by

Host: www.avisdespros.c4.fr
URL: http://www.avisdespros.c4.fr/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

c4b813f7aa04eca20be469b259cca2779799f58e280d73488bd7386940d2d146

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date: Mon, 08 Jan 2024 00:37:58 GMT
content-encoding: br
x-content-type-options: nosniff
age: 689
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 3071
x-xss-protection: 0
server: cafe
etag: 10674441169935035545
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Mon, 22 Jan 2024 00:37:58 GMT

GET
H2 200 abg_lite_fy2021.js Show response
pagead2.googlesyndication.com/pagead/js/r20240103/r20110914/ Frame 7DBA 23 KB
9 KB 27ms
27ms Script
text/javascript 2a00:1450:4001:828::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/r20240103/r20110914/abg_lite_fy2021.js

Requested by

Host: www.avisdespros.c4.fr
URL: http://www.avisdespros.c4.fr/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

428f4d59e61cdf9887ad4cd7c4592a24b214d2d9c0ba09db01c4cfde66a3cd11

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date: Sun, 07 Jan 2024 14:42:56 GMT
content-encoding: br
x-content-type-options: nosniff
age: 36391
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 9276
x-xss-protection: 0
server: cafe
etag: 3558958386372919956
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sun, 21 Jan 2024 14:42:56 GMT

GET
H2 200 Q12zgMmT.js Show response
tpc.googlesyndication.com/sodar/ Frame 7DBA 41 KB
14 KB 109ms
31ms Script
text/javascript 2a00:1450:4001:81c::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/Q12zgMmT.js

Requested by

Host: www.avisdespros.c4.fr
URL: http://www.avisdespros.c4.fr/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:81c::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

435db380c9936c0970dcd3d9941eab6aec2fcf2a38c3e2b4e02d957e8e76bd1f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date: Fri, 05 Jan 2024 18:05:08 GMT
content-encoding: br
x-content-type-options: nosniff
age: 197059
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 13937
x-xss-protection: 0
last-modified: Fri, 25 Aug 2023 23:48:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
vary: Accept-Encoding
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Sat, 04 Jan 2025 18:05:08 GMT

GET
H2 200 window_focus_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20240103/r20110914/client/ Frame 7DBA 3 KB
1 KB 108ms
31ms Script
text/javascript 2a00:1450:4001:81c::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20240103/r20110914/client/window_focus_fy2021.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:81c::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date: Sun, 07 Jan 2024 19:44:03 GMT
content-encoding: br
x-content-type-options: nosniff
age: 18324
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1236
x-xss-protection: 0
server: cafe
etag: 15004572836499977866
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sun, 21 Jan 2024 19:44:03 GMT

GET
H2 200 qs_click_protection_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20240103/r20110914/client/ Frame 7DBA 20 KB
9 KB 104ms
27ms Script
text/javascript 2a00:1450:4001:81c::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20240103/r20110914/client/qs_click_protection_fy2021.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:81c::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

2f764c969a82705ba7838239087f5ff9b33e978b6bae2657e299b6b14c30ad7f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date: Sun, 07 Jan 2024 10:12:40 GMT
content-encoding: br
x-content-type-options: nosniff
age: 52607
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 8523
x-xss-protection: 0
server: cafe
etag: 16500369019378894752
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sun, 21 Jan 2024 10:12:40 GMT

GET
H2 200 ufs_web_display.js Show response
www.googletagservices.com/activeview/js/current/ Frame 7DBA 204 KB
65 KB 119ms
39ms Script
text/javascript 2a00:1450:4001:80f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/ufs_web_display.js?cache=r20110914

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

8941597d26275d5e8775ac804bffb1d86f749d0cfe471777800a4543e4b65603

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date: Mon, 08 Jan 2024 00:49:27 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 65775
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1704286440049996"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
timing-allow-origin: *
expires: Mon, 08 Jan 2024 00:49:27 GMT

GET
H2 200 gen_204
pagead2.googlesyndication.com/pagead/ Frame 7DBA 42 B
173 B 63ms
63ms Image
image/gif 2a00:1450:4001:828::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=xbid&dbm_b=AKAmf-D1so-CQ4Szv3OE21M9HNtvOiOYm_j5y8DvRxo1b9XTjEQvyP8et1u8e_MTLbqaKJddT7ExBaJuPYjZC9Ttkb1q8Zt4dfpJSHeSA2JbCXrYL2GgLfg

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 08 Jan 2024 00:49:27 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2

200

rum
dsum-sec.casalemedia.com/ Frame B29F
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_dbm
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=&google_error=15

43 B
342 B

39ms
39ms

Image
image/gif

104.18.36.155
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=&google_error=15
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CPDkLxCoi2UY_OrEmAEwAQ&v=APEucNX7bthau8IpI0_M6AYqKmf1WT4B3yLYNXPfUz3DVX-2Ve0IUFL0HUqwDX2oKTfmDhg67U65g92Oa-_f0jdmfodeM3DSDCWVPnkBZyaRA9YVF2c0_RftqFU5Suwr4-O7fk_Z827OLbNP_sIH9929eBq6EeblzpKQ2gsi0wg-r4I2uGCI6Bs
Protocol: H2
Server: 104.18.36.155 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 08 Jan 2024 00:49:27 GMT
cf-cache-status: DYNAMIC
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=kIhz%2BWxhNBxg83tQ7qqYetPA8T5p6O5KHAwygXCq%2BZsU%2FuBmVbo%2FRe0ZbHrJoDIHZearUnafJs8dZgV7CflO2sgNHb%2BpaER4IUfwO7zG0zzTl9AjjzY9%2FT5mg3xicf%2FTsPqwxV3EbP6Biw%3D%3D"}],"group":"cf-nel","max_age":604800}
p3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
content-type: image/gif
cache-control: no-cache
cf-ray: 842070d5eee41e58-FRA
alt-svc: h3=":443"; ma=86400
content-length: 43
expires: 0

Redirect headers

pragma: no-cache
date: Mon, 08 Jan 2024 00:49:27 GMT
server: HTTP server (unknown)
content-type: text/html; charset=UTF-8
location: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=&google_error=15
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 288
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3

200

rum
dsum-sec.casalemedia.com/ Frame B29F
Redirect Chain

https://dsum-sec.casalemedia.com/rrum?ixi=0&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D
https://dsum-sec.casalemedia.com/rrum?cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D&cm_dsp_id=85&ixi=0&C=1
https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_hm=ZZtGlxMwyIkOW-Sp4bzDmQAA
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=&google_error=15

43 B
772 B

46ms
46ms

Image
image/gif

104.18.36.155
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=&google_error=15
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CPDkLxCoi2UY_OrEmAEwAQ&v=APEucNX7bthau8IpI0_M6AYqKmf1WT4B3yLYNXPfUz3DVX-2Ve0IUFL0HUqwDX2oKTfmDhg67U65g92Oa-_f0jdmfodeM3DSDCWVPnkBZyaRA9YVF2c0_RftqFU5Suwr4-O7fk_Z827OLbNP_sIH9929eBq6EeblzpKQ2gsi0wg-r4I2uGCI6Bs
Protocol: H3
Server: 104.18.36.155 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 08 Jan 2024 00:49:28 GMT
cf-cache-status: DYNAMIC
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=HRPp%2BMaSb7SAx3JNO2u979RNetYDCAP%2B0syuu4YGIEhr151RlzQdYJpDV58L%2B069gy%2FarlkB5hNpUU2CgPiI1vgSYYRABWJ91nXt0ecNgfGrL%2BOkvIU3AFPTCie4Sl2WMEh3G3uvfd%2BD7Q%3D%3D"}],"group":"cf-nel","max_age":604800}
p3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
content-type: image/gif
cache-control: no-cache
cf-ray: 842070d65a3e784a-CDG
alt-svc: h3=":443"; ma=86400
content-length: 43
expires: 0

Redirect headers

pragma: no-cache
date: Mon, 08 Jan 2024 00:49:28 GMT
server: HTTP server (unknown)
content-type: text/html; charset=UTF-8
location: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=&google_error=15
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 288
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 pixel
cm.g.doubleclick.net/ Frame B29F 170 B
409 B 126ms
37ms Image
image/png 142.250.185.98
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_cm&google_dbm

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CPDkLxCoi2UY_OrEmAEwAQ&v=APEucNX7bthau8IpI0_M6AYqKmf1WT4B3yLYNXPfUz3DVX-2Ve0IUFL0HUqwDX2oKTfmDhg67U65g92Oa-_f0jdmfodeM3DSDCWVPnkBZyaRA9YVF2c0_RftqFU5Suwr4-O7fk_Z827OLbNP_sIH9929eBq6EeblzpKQ2gsi0wg-r4I2uGCI6Bs

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.185.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s49-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 08 Jan 2024 00:49:27 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2

200

pixel
cm.g.doubleclick.net/ Frame B29F
Redirect Chain

https://ib.adnxs.com/getuid?https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=${BASE64_UID_ENC}
https://ib.adnxs.com/bounce?%2Fgetuid%3Fhttps%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dappnexus%26google_hm%3D%24%7BBASE64_UID_ENC%7D
https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=NzA5NTc5Nzk1MjYyMTQ4MDEwNg%3D%3D

170 B
232 B

39ms
38ms

Image
image/png

142.250.185.98
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=NzA5NTc5Nzk1MjYyMTQ4MDEwNg%3D%3D

Requested by

Protocol

Server

142.250.185.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s49-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 08 Jan 2024 00:49:27 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma: no-cache
date: Mon, 08 Jan 2024 00:49:27 GMT
an-x-request-uuid: 8442b280-c7e6-445b-8e09-e62a582d1ab7
server: nginx/1.23.4
accept-ch: Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type: text/html; charset=utf-8
access-control-allow-origin: *
cache-control: no-store, no-cache, private
access-control-allow-credentials: true
location: https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=NzA5NTc5Nzk1MjYyMTQ4MDEwNg%3D%3D
x-proxy-origin: 178.33.144.179; 178.33.144.179; 958.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
content-length: 0
x-xss-protection: 0
expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
DATA 200
OK truncated
/ Frame 7DBA 213 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 2c4cfa277a8a102fcb2b85ecb52c4af483cc09ac0bc706bee6596c5755ae8365

Request headers

accept-language: fr-FR,fr;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

Content-Type: image/png

GET
H2 200 62bHydCX.html Show response
tpc.googlesyndication.com/sodar/ Frame 0211 38 KB
13 KB 28ms
28ms Document
text/html 2a00:1450:4001:81c::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/62bHydCX.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/Q12zgMmT.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:81c::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

eb66c7c9d097d5ba414230f422484c17fa6f37157d30e1ded2cc5f65a9667987

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36
accept-language: fr-FR,fr;q=0.9

Response headers

accept-ranges: bytes
age: 486249
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=31536000
content-encoding: br
content-length: 13045
content-type: text/html
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy: cross-origin
date: Tue, 02 Jan 2024 09:45:18 GMT
expires: Wed, 01 Jan 2025 09:45:18 GMT
last-modified: Fri, 25 Aug 2023 23:48:00 GMT
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 index.html Show response
s0.2mdn.net/sadbundle/15205685216655332109/ Frame DF3A 31 KB
6 KB 84ms
28ms Document
text/html 2a00:1450:4001:830::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/sadbundle/15205685216655332109/index.html?ev=01_250

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/879366/express_html_inpage_rendering_lib_200_278.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

6bbd36ef2ed3cfff7447866d022aa96df2b0c3d0c7cd00470e6e9605d5435038

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36
accept-language: fr-FR,fr;q=0.9

Response headers

accept-ranges: bytes
access-control-allow-origin: *
age: 265718
allow-fenced-frame-automatic-beacons: true
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=31536000
content-encoding: gzip
content-length: 5704
content-type: text/html
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
cross-origin-resource-policy: cross-origin
date: Thu, 04 Jan 2024 23:00:49 GMT
expires: Fri, 03 Jan 2025 23:00:49 GMT
last-modified: Thu, 14 Dec 2023 11:10:04 GMT
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-dns-prefetch-control: off
x-xss-protection: 0

GET
H2 200 view
ad.doubleclick.net/pcs/ Frame 7DBA 0
0 174ms
78ms Fetch
image/gif 142.250.184.198
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://ad.doubleclick.net/pcs/view?xai=AKAOjssVj4D6NMnukcxtKVnWFkVzTUGxlRHF6FFyV8qxw0LkMpHQM2hQuCCCmrU_uFs7_LkirBCoy7mzfRB0_4-zHJIfl0NbIwNs2zJZ2-uHZSQ2xl2GgYUd5ESopC1UJo7EhXpemtlN-tSoQI0V8o1ndass8srlDgmjpTJta9CekNdymUwE6DqBLs1wynWuXdAKviBLQGhaz-ujA_In8f9e2MvfqiX6xzfDT4UmSeMsjpf9o1tFzxjmssQN4yzmIrfRdTiP8vc16-Qr21WWjNN40_p6dgMt75HzQwXsjuCdVbaZDZhmtDb8wAuqg47VNDUBmKMKC4rLWzkHURyk1x6mIxhZeq3AgCitW3FBx1TBGyYjvFHmgfTPxw_qt0ek3RmfdonljpPBJb5ixAVdoTkrsqYF7ByKIRL6yA3Nzzed3aAm-i2uLlkErseEX8A1pD6e1Pzeq-rYKf3v1d19DeaklrO_98hBDbW4A_h5uCkrwFYCAnWWniYaBeekqKeVAJ3kKzeLqocC0I0PhF4zTwj3MT-K1aUAVspinDzlDXHc7jH82b-afODMVj0b2-Lrf8DdGz-N84quxtOgIsXf_5oe51YKwgTLtnchwH52DzpnTd89SddIPd_ZUInucUXMs50KAGwccUEQQ7HNGDUFzXsATgCcBs_0lflvrhwj6VcZyiMpLA8FnWRNv4oBGxHtKdvkhzbC6WQEu9sYykgaK0TlJg4QGFAAwZzZ8Ct8FJHzLnLW3SrzJSZ8y1DaABDQIOApVcc48fDak3cSdfZlrgltkIP9O-xEU7USZ_KO_A9hf4AzNwUHKVypkXSt3WCyjRiapf0UpjmhNbV7gKxgSQtlP3J7zdv7IE_xVmpa-z-AtmhmwEBSmuXW-RBdjtYIzayyA6XA_HNmS6CWxyqJtU6j79K3YpP0XzgU0pvoTaIjy6OIZhyOPB7Xbz12K8-OrEDRRhecu4QlDQq73EfBjxFxUbhmvuFoV1bx8ym3DEDw0XIk5L8_OJ5-9tQvISoPxFAyQkvtoaSbzkum5GwCqis10eDpZbZtf50oeZnKoEgmVdjc01wmEAwSzxtSkh1xEvroetTv0Ixag9nFvaSNe-z2PEj5D9RA3j0Q0VpyuEay9N5RMTE0WgcCWf5dWaIM5GIQGKbRjr_mNi7UuEHHcEOx_fcaZHFc4xXsIwuGsCwg275gVTNOA7NDO1mUDqEpBmJcLwPBE3v4gp0WhP1WFZgKqCKVEKv3ZJ1yFtP8Q6rMwRKvpuozNR6UiyaZ7jO5X55LYuv_SqN45CiY6e0zeS5LZuvN1MXMooV04W_SuGsu9-w7CkEGvffF8a2zayJIHuSoQ5hUQdZ_I28Y5OWXXg4dzcL_&sai=AMfl-YQSyoI2U94LVP2LzC41usd_NLo8_oMSQGdO6C_mcjQjEUqDxn7kZgx9RTazcbXJzzS8NmvBGOhR53cM_MO4CoWpPjhvK-X6R0LevtKjTRUr133vsmME-CpyohP9kw7LvcHl9Rq3IJAbyzYqvIRnCynvcH0pgww8GXH5L_3JZjAOsvLr2DqA_KlOlagSoSYob_r6HvjBhf7aEwoncTnVEPpqM8UKHsRmy07znin2PuiwQN5HeAmUzvSTPZbbYPs8vc9HKcvj5pX0yOvIu2SajIcH2uhi4GstIZUsms5HPhNyzdSlOz6uGvRq-8lfyvZN1vGg0I7DvFmiHHL9vMyfTJKdwZvW5rONNpILUotko-z9h9d2SpRM2EF9FnLx3y1yPjycj_yg-2kyev-R_wp17zLkuY9_GTcJRz0UoeksJDdOlhkT_euZs6107WUE0iKeubxtFECNhp1Ky0u-np74yiM4HwwQZlP9EXZimHAQZ9AADI0tBeaqzji9YpOwYuMtpAK9oMu_6-0&sig=Cg0ArKJSzBlvU68ZBaCyEAE&uach_m=%5BUACH%5D&pr=missingexchangepricemacro&crd=aHR0cHM6Ly9iaXRkZWZlbmRlci5jb20saHR0cHM6Ly9iaXRkZWZlbmRlci5mcg&fbs_aeid=%5Bgw_fbsaeid%5D&urlfix=1&omid=0&rm=1&ctpt=164&cbvp=1&cstd=159&cisv=r20240103.98409&arae=0&ftch=1&adurl=

Requested by

Host: www.avisdespros.c4.fr
URL: http://www.avisdespros.c4.fr/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.184.198 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s11-in-f6.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

content-security-policy: script-src 'none'; object-src 'none'
date: Mon, 08 Jan 2024 00:49:28 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server: cafe
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin: *
content-type: image/gif
cache-control: private
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0

GET
H3 200 8f0cec8041c165cafb6d32d04ed8f04b.js Show response
s0.2mdn.net/sadbundle/15205685216655332109/ Frame DF3A 135 KB
39 KB 28ms
28ms Script
application/x-javascript 2a00:1450:4001:830::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/sadbundle/15205685216655332109/8f0cec8041c165cafb6d32d04ed8f04b.js

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/15205685216655332109/index.html?ev=01_250

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

8eb600d1bfa136d87da7690cd2032c1906a76dcc1df0dc43fd0eb219d5356e68

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://s0.2mdn.net/sadbundle/15205685216655332109/index.html?ev=01_250
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

expires: Fri, 03 Jan 2025 13:21:10 GMT
date: Thu, 04 Jan 2024 13:21:10 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 300498
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 39491
x-xss-protection: 0
last-modified: Thu, 14 Dec 2023 11:10:04 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: application/x-javascript
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
allow-fenced-frame-automatic-beacons: true

GET
H3 200 Dtt_-LR3WxpzwV0Gscftq1A_D1owstvxoTnWWhwY4Ow.js Show response
pagead2.googlesyndication.com/bg/ Frame 0211 39 KB
15 KB 28ms
27ms Script
text/javascript 2a00:1450:4001:828::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/Dtt_-LR3WxpzwV0Gscftq1A_D1owstvxoTnWWhwY4Ow.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/62bHydCX.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

0edb7ff8b4775b1a73c15d06b1c7edab503f0f5a30b2dbf1a139d65a1c18e0ec

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date: Sun, 07 Jan 2024 16:51:12 GMT
content-encoding: br
x-content-type-options: nosniff
age: 28696
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 15165
x-xss-protection: 0
last-modified: Tue, 28 Nov 2023 18:18:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Mon, 06 Jan 2025 16:51:12 GMT

GET
H3 200 9c69f07deadda884c61396a404004929.svg
s0.2mdn.net/sadbundle/15205685216655332109/media/ Frame DF3A 1 KB
643 B 29ms
28ms Image
image/svg+xml 2a00:1450:4001:830::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/sadbundle/15205685216655332109/media/9c69f07deadda884c61396a404004929.svg

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/15205685216655332109/index.html?ev=01_250

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

fa3efcb1022504df85ff9f59acd76923266eb8a078b3e746457223967d82ba2e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://s0.2mdn.net/sadbundle/15205685216655332109/index.html?ev=01_250
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

expires: Fri, 03 Jan 2025 13:21:10 GMT
date: Thu, 04 Jan 2024 13:21:10 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 300498
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 613
x-xss-protection: 0
last-modified: Thu, 14 Dec 2023 11:10:04 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
allow-fenced-frame-automatic-beacons: true

GET
H3 200 1c6b34ea327760cdc6583ab92f7e8832.png
s0.2mdn.net/sadbundle/15205685216655332109/media/ Frame DF3A 8 KB
8 KB 30ms
29ms Image
image/png 2a00:1450:4001:830::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/sadbundle/15205685216655332109/media/1c6b34ea327760cdc6583ab92f7e8832.png

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/15205685216655332109/index.html?ev=01_250

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

59e50d4289f223d9c475d992d8069c2b799704feefdd7e8eabebd2a49bb31df1

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://s0.2mdn.net/sadbundle/15205685216655332109/index.html?ev=01_250
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

expires: Fri, 03 Jan 2025 13:21:10 GMT
date: Thu, 04 Jan 2024 13:21:10 GMT
x-content-type-options: nosniff
age: 300498
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 8224
x-xss-protection: 0
last-modified: Thu, 14 Dec 2023 11:10:04 GMT
server: sffe
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
allow-fenced-frame-automatic-beacons: true

GET
H3 200 8c68f26fc9961acfb78efaa74f684c27.png
s0.2mdn.net/sadbundle/15205685216655332109/media/ Frame DF3A 2 KB
2 KB 85ms
84ms Image
image/png 2a00:1450:4001:830::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/sadbundle/15205685216655332109/media/8c68f26fc9961acfb78efaa74f684c27.png

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/15205685216655332109/index.html?ev=01_250

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

5deec59d8ecaebf084aeb4dfdd665b3b5ae8aefa8a7cc7f76707524772912bcd

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://s0.2mdn.net/sadbundle/15205685216655332109/index.html?ev=01_250
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

expires: Sat, 04 Jan 2025 08:45:30 GMT
date: Fri, 05 Jan 2024 08:45:30 GMT
x-content-type-options: nosniff
age: 230638
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 2104
x-xss-protection: 0
last-modified: Thu, 14 Dec 2023 11:10:04 GMT
server: sffe
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
allow-fenced-frame-automatic-beacons: true

GET
H3 200 6d7052ff6df13eae564657f4b45cc79a.svg
s0.2mdn.net/sadbundle/15205685216655332109/media/ Frame DF3A 5 KB
3 KB 84ms
83ms Image
image/svg+xml 2a00:1450:4001:830::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/sadbundle/15205685216655332109/media/6d7052ff6df13eae564657f4b45cc79a.svg

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/15205685216655332109/index.html?ev=01_250

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

caf195ab94cbfaf21aaae06763f8600b9801e4a8423311963e8e913cddc06150

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://s0.2mdn.net/sadbundle/15205685216655332109/index.html?ev=01_250
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

expires: Sat, 04 Jan 2025 20:08:17 GMT
date: Fri, 05 Jan 2024 20:08:17 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 189671
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 2640
x-xss-protection: 0
last-modified: Thu, 14 Dec 2023 11:10:04 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
allow-fenced-frame-automatic-beacons: true

GET
H3 200 ibm_plex_sans_700_normal.ttf
s0.2mdn.net/sadbundle/15205685216655332109/fonts/ Frame DF3A 172 KB
75 KB 31ms
31ms Font
font/ttf 2a00:1450:4001:830::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/sadbundle/15205685216655332109/fonts/ibm_plex_sans_700_normal.ttf

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/15205685216655332109/index.html?ev=01_250

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

856c41d7d47bba74b107e526ef8f49968fb2a3a129cdc3c5ef5899ba3c2dc181

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://s0.2mdn.net/sadbundle/15205685216655332109/index.html?ev=01_250
Origin: https://s0.2mdn.net
accept-language: fr-FR,fr;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

expires: Fri, 03 Jan 2025 13:21:10 GMT
date: Thu, 04 Jan 2024 13:21:10 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 300498
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 76650
x-xss-protection: 0
last-modified: Thu, 14 Dec 2023 11:10:04 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: font/ttf
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
allow-fenced-frame-automatic-beacons: true

GET
H3 200 ibm_plex_sans_500_normal.ttf
s0.2mdn.net/sadbundle/15205685216655332109/fonts/ Frame DF3A 173 KB
80 KB 37ms
37ms Font
font/ttf 2a00:1450:4001:830::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/sadbundle/15205685216655332109/fonts/ibm_plex_sans_500_normal.ttf

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/15205685216655332109/index.html?ev=01_250

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

11ddde88c29ef7e51f5c03da7fde285085469879139d006f631a62dba9bbd069

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://s0.2mdn.net/sadbundle/15205685216655332109/index.html?ev=01_250
Origin: https://s0.2mdn.net
accept-language: fr-FR,fr;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

expires: Fri, 03 Jan 2025 13:21:10 GMT
date: Thu, 04 Jan 2024 13:21:10 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 300498
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 81411
x-xss-protection: 0
last-modified: Thu, 14 Dec 2023 11:10:04 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: font/ttf
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
allow-fenced-frame-automatic-beacons: true

GET
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame 0211 0
20 B 64ms
64ms Image
image/gif 2a00:1450:4001:828::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar&v=44&t=2&bgai=BIJK7l0abZdOUF6fs_tMP7ai4-AEAAAAAOAHgBAI&bg=!xcalxonNAAY3kmNgF5I7ADQBe5WfOH0qS_zSyCP3N2WNOqk7KYITS8zI232rnjXyH0AyJnfbQni8Z66heDAyJNeDUX2IAgAAAC9SAAAAAWgBB5kDLIEQll9ki0dgb8s9lHx0O17afd2AF6C9aMKUs6XfAtNpS68-x4XWXwhYh0KISa69bTawyGFnQdVNlcVZFN8JOzkz_ngWoXBv37v_RxB5v0_Qn96XPRJAPBOcVskf8Sj5VPJl5wVK4zXk-94duJXaRrjYshTlpuFa0z4CqevY1p5Eodur-fMnC9uOSSaqydvehr6iBVME4zB_ymtjFkkIUmVL0RcMDWBIb8zz31q15iMeJ27v1A_6B4pnN4MRjStNrZGHflXfnH5WaIBLZkBXU_medEbvn5L2YV4n4cK5gzznRtggYECEYLDidN8qLMywTdngaILxlqUNyYVufKkc2JUFry1_Xo39FH-oi2gy5C7Tt2LaswIA0NKOc8EhDK991gv-b4lJ7odV52lGx_NJYEu4KkBhBggNOQ1dzVzL-WUolv0IT9ttkP9J2Tp-BnIePdqZgCLtHJOTnlIXiR8evPm5DYpYd9DGtNBdmmYnCn8ViKpYWQtkP6wpPWvZU0345sHQ7ZkfipNYoQ-Hdkd84OI2xymWSif-MS9M84XX75OgknLbktgga5ZIC1uJHzJ7MFgvm7oyBKDvI3ZtnrfhhxBG9knmK55tG8T5eLqJDNc0StB1hZYPQ14ApCvI-P0Jk3nO3JCIbfz8JTcnC5aj4-UlZhWd-DO9Kb0RjKsBKdD3ik5Y45Lgd2qlKMMB90JtZx65EGx5qK0Q0AoTWvQHig0ETtJqtDXqpgCUY5qW1jrg-GKq8-qmDMqNoWHDC7h4kqJ6xKl-Ib3ELt-kqnSMsRAj6t2XNY4a3n9R14FY6U1PHHovIiYMBWvwdE4Zyu5gCknMZYyQCUcPgowsZnCg5ffXF7CsSfVJL_gDtRj6D6SDdLfBz4fWx49aUFrkandp-RLVb4Qb9P5mqMi4mqyafaEnude8LD8dt3kMp1p_58-bi7NrRcR33Kobs4-91g7mdbg4gfSF-wbifmEYsVtYURtBEo_rXw3oxRMiygu5rhPKS5a6T62u3EenuzDQ_z-KRkSq9OB1YPmZQIgm8ElUxIYy8DR9REnvHucQpzkV1BwnvAlpVrAznRUZ60IF

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 08 Jan 2024 00:49:28 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 view
ad.doubleclick.net/pcs/ Frame 7DBA 0
0 68ms
68ms Fetch
image/gif 142.250.184.198
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://ad.doubleclick.net/pcs/view?xai=AKAOjssVj4D6NMnukcxtKVnWFkVzTUGxlRHF6FFyV8qxw0LkMpHQM2hQuCCCmrU_uFs7_LkirBCoy7mzfRB0_4-zHJIfl0NbIwNs2zJZ2-uHZSQ2xl2GgYUd5ESopC1UJo7EhXpemtlN-tSoQI0V8o1ndass8srlDgmjpTJta9CekNdymUwE6DqBLs1wynWuXdAKviBLQGhaz-ujA_In8f9e2MvfqiX6xzfDT4UmSeMsjpf9o1tFzxjmssQN4yzmIrfRdTiP8vc16-Qr21WWjNN40_p6dgMt75HzQwXsjuCdVbaZDZhmtDb8wAuqg47VNDUBmKMKC4rLWzkHURyk1x6mIxhZeq3AgCitW3FBx1TBGyYjvFHmgfTPxw_qt0ek3RmfdonljpPBJb5ixAVdoTkrsqYF7ByKIRL6yA3Nzzed3aAm-i2uLlkErseEX8A1pD6e1Pzeq-rYKf3v1d19DeaklrO_98hBDbW4A_h5uCkrwFYCAnWWniYaBeekqKeVAJ3kKzeLqocC0I0PhF4zTwj3MT-K1aUAVspinDzlDXHc7jH82b-afODMVj0b2-Lrf8DdGz-N84quxtOgIsXf_5oe51YKwgTLtnchwH52DzpnTd89SddIPd_ZUInucUXMs50KAGwccUEQQ7HNGDUFzXsATgCcBs_0lflvrhwj6VcZyiMpLA8FnWRNv4oBGxHtKdvkhzbC6WQEu9sYykgaK0TlJg4QGFAAwZzZ8Ct8FJHzLnLW3SrzJSZ8y1DaABDQIOApVcc48fDak3cSdfZlrgltkIP9O-xEU7USZ_KO_A9hf4AzNwUHKVypkXSt3WCyjRiapf0UpjmhNbV7gKxgSQtlP3J7zdv7IE_xVmpa-z-AtmhmwEBSmuXW-RBdjtYIzayyA6XA_HNmS6CWxyqJtU6j79K3YpP0XzgU0pvoTaIjy6OIZhyOPB7Xbz12K8-OrEDRRhecu4QlDQq73EfBjxFxUbhmvuFoV1bx8ym3DEDw0XIk5L8_OJ5-9tQvISoPxFAyQkvtoaSbzkum5GwCqis10eDpZbZtf50oeZnKoEgmVdjc01wmEAwSzxtSkh1xEvroetTv0Ixag9nFvaSNe-z2PEj5D9RA3j0Q0VpyuEay9N5RMTE0WgcCWf5dWaIM5GIQGKbRjr_mNi7UuEHHcEOx_fcaZHFc4xXsIwuGsCwg275gVTNOA7NDO1mUDqEpBmJcLwPBE3v4gp0WhP1WFZgKqCKVEKv3ZJ1yFtP8Q6rMwRKvpuozNR6UiyaZ7jO5X55LYuv_SqN45CiY6e0zeS5LZuvN1MXMooV04W_SuGsu9-w7CkEGvffF8a2zayJIHuSoQ5hUQdZ_I28Y5OWXXg4dzcL_&sai=AMfl-YQSyoI2U94LVP2LzC41usd_NLo8_oMSQGdO6C_mcjQjEUqDxn7kZgx9RTazcbXJzzS8NmvBGOhR53cM_MO4CoWpPjhvK-X6R0LevtKjTRUr133vsmME-CpyohP9kw7LvcHl9Rq3IJAbyzYqvIRnCynvcH0pgww8GXH5L_3JZjAOsvLr2DqA_KlOlagSoSYob_r6HvjBhf7aEwoncTnVEPpqM8UKHsRmy07znin2PuiwQN5HeAmUzvSTPZbbYPs8vc9HKcvj5pX0yOvIu2SajIcH2uhi4GstIZUsms5HPhNyzdSlOz6uGvRq-8lfyvZN1vGg0I7DvFmiHHL9vMyfTJKdwZvW5rONNpILUotko-z9h9d2SpRM2EF9FnLx3y1yPjycj_yg-2kyev-R_wp17zLkuY9_GTcJRz0UoeksJDdOlhkT_euZs6107WUE0iKeubxtFECNhp1Ky0u-np74yiM4HwwQZlP9EXZimHAQZ9AADI0tBeaqzji9YpOwYuMtpAK9oMu_6-0&sig=Cg0ArKJSzBlvU68ZBaCyEAE&uach_m=%5BUACH%5D&pr=missingexchangepricemacro&crd=aHR0cHM6Ly9iaXRkZWZlbmRlci5jb20saHR0cHM6Ly9iaXRkZWZlbmRlci5mcg&fbs_aeid=%5Bgw_fbsaeid%5D&urlfix=1&omid=0&rm=1&ctpt=417&vt=11&dtpt=253&dett=3&cstd=159&cisv=r20240103.98409&arae=0&ftch=1&adurl=

Requested by

Host: www.avisdespros.c4.fr
URL: http://www.avisdespros.c4.fr/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.184.198 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s11-in-f6.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date: Mon, 08 Jan 2024 00:49:28 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: private
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0

GET
H3 200 sodar Show response
pagead2.googlesyndication.com/getconfig/ Frame A0F4 16 KB
12 KB 132ms
77ms XHR
application/json 2a00:1450:4001:828::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gda&tv=r20240103&st=env

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

d52957a44499c980259c1944bc5ff180af6ea00f39e738d449efb35c30e29bba

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: http://www.avisdespros.c4.fr/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date: Mon, 08 Jan 2024 00:49:28 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
content-type: application/json; charset=UTF-8
access-control-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 12259
x-xss-protection: 0

GET
H3 200 sodar2.js Show response
tpc.googlesyndication.com/sodar/ Frame A0F4 17 KB
6 KB 49ms
49ms Script
text/javascript 2a00:1450:4001:81c::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:81c::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: http://www.avisdespros.c4.fr/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date: Mon, 08 Jan 2024 00:49:28 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 6386
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
etag: "1637097310169751"
vary: Accept-Encoding
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Mon, 08 Jan 2024 00:49:28 GMT

GET
H3 200 runner.html Show response
tpc.googlesyndication.com/sodar/sodar2/225/ Frame 466B 13 KB
5 KB 30ms
29ms Document
text/html 2a00:1450:4001:81c::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:81c::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: http://www.avisdespros.c4.fr/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36
accept-language: fr-FR,fr;q=0.9

Response headers

accept-ranges: bytes
age: 16507
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=31536000
content-encoding: gzip
content-length: 5046
content-type: text/html
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy: cross-origin
date: Sun, 07 Jan 2024 20:14:21 GMT
expires: Mon, 06 Jan 2025 20:14:21 GMT
last-modified: Mon, 21 Jun 2021 20:47:05 GMT
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server: sffe
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 aframe Show response
www.google.com/recaptcha/api2/ Frame 664D 829 B
1 KB 107ms
39ms Document
text/html 2a00:1450:4001:828::2004
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/recaptcha/api2/aframe

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:828::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

GSE /

Resource Hash

14022faaf1c461ba1191c90079483e7e60edd39b05a48ef30857be928b795eb0

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-KPkyDp4P-bSPdCZOufb-og' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: http://www.avisdespros.c4.fr/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36
accept-language: fr-FR,fr;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private, max-age=300
content-encoding: gzip
content-security-policy: script-src 'report-sample' 'nonce-KPkyDp4P-bSPdCZOufb-og' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-type: text/html; charset=utf-8
cross-origin-embedder-policy: require-corp
cross-origin-resource-policy: cross-origin
date: Mon, 08 Jan 2024 00:49:28 GMT
expires: Mon, 08 Jan 2024 00:49:28 GMT
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
server: GSE
x-content-type-options: nosniff
x-xss-protection: 1; mode=block

GET
H3 200 Dtt_-LR3WxpzwV0Gscftq1A_D1owstvxoTnWWhwY4Ow.js Show response
pagead2.googlesyndication.com/bg/ Frame 466B 39 KB
15 KB 27ms
27ms Script
text/javascript 2a00:1450:4001:828::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/Dtt_-LR3WxpzwV0Gscftq1A_D1owstvxoTnWWhwY4Ow.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

0edb7ff8b4775b1a73c15d06b1c7edab503f0f5a30b2dbf1a139d65a1c18e0ec

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date: Sun, 07 Jan 2024 16:51:12 GMT
content-encoding: br
x-content-type-options: nosniff
age: 28696
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 15165
x-xss-protection: 0
last-modified: Tue, 28 Nov 2023 18:18:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Mon, 06 Jan 2025 16:51:12 GMT

GET
H3 204 sodar
pagead2.googlesyndication.com/pagead/ Frame 664D 0
0 63ms
62ms Image
text/html 2a00:1450:4001:828::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&li=gda_r20240103&jk=2060551453027972&rc=
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://www.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

GET
H3 204 generate_204
tpc.googlesyndication.com/ Frame 466B 0
10 B 29ms
29ms Image
text/plain 2a00:1450:4001:81c::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://tpc.googlesyndication.com/generate_204?OXlTuA
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:81c::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date: Mon, 08 Jan 2024 00:49:28 GMT
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0

GET
H3 204 sodar
pagead2.googlesyndication.com/pagead/ Frame A0F4 0
0 66ms
65ms Image
text/html 2a00:1450:4001:828::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&t=2&li=gda_r20240103&jk=2060551453027972&bg=!eHulezTNAAY3kmNgF5I7ADQBe5WfOAOvN3TB92_3jO481XrabvHooXqr85Z7PAHrem-yRBbx8xd67j4mppyFGOw8HPN_AgAAAEJSAAAAAmgBBwoAXLowEhKKAYC3bAzv29VMJNTXCYpyAaiqXkEkog_SMatIyYbmtv6-AfyDdP4wvzcY79fUHMEgagBMHvK5Myo39EHMQB5WuMKXMb8rwtnu-OIHJW1SdHW1dcblh7yDmQLdKCjZceYdT-kdFoZLTosSUAYYbLgVH8ZSybOLUqf4llOQ8djzQ0M2PEiDem-Axu9aE5XuoksR7749XlzDZWa0k7iqG-QZmRivzKqEi_ufh7L61qatIXqOCJlXgN44n6V1z1JLBEfxih3dpk7NHo7F8XtK8ok5AaquZiiPSrRbvarcSGTnWSttqDLd4c2aymRZOONeTcQyxrZLBnry9VHjqf-Pbp_kFydQ5I7yXl4HAEhl6dDiFUIgwz_ad_ojtGZpnrrmxPJfmLcBsRIFlWhoRSeuGSAd4YKfAYSQ30Kl6YH1NxWlGnc_Y-ZpXqxgVS0c5Sbf7AGde9bJqYHDFCt2PxFEmhM-Pwp9RAXQ3R4pIi51RtOFMCigWPoVg_7w8kTHYqNu6pTuSLJ7yGG_P5VXowp49hLTjeGtY5zQQymneBJOS-95U7DAMJT6e-BREmtFL9kRJjJeGJReAirN5an9jeLQ3iF6M1ifKdI95cPNJyshVpuLRq0jpRicapgPDb9hkJ-AZWdLVODtxI6FZ9RSddpwbdF7tA1o9YWb8tn8idLLpq9NQZNfd1jYzU3l_NhJATDLpvmAzwsvYOk5omYv8W66wWafvlV2KUgiCnl2vVYZClIVdS56vcIV7mbjDP4oI7HZ5tpxGbvJW19BkgV8Jx-HIaNoqnJsuJ0xVPWWaFOhhWY-XdCgdxo1cFduzz5eE8bxB02xKWL2zotVemMOI9J-0lnsXVF9qZY1-NVYt7ys43ouSN_3zSzsWFtzsOqR3U7PZ--1LPmPPtTADFs_c_9Pm9Cdoc1E2rkZqypFMeUnCd7_V93zV6EKFYVB1xZ_6rfQIYAoLEEdlDjT_PkkpTDrBJmphbHhRziAin54JGUQXGOlsyaxoi0qqZj6qGjt77zAHKv4qDmh5oFDp40s_y6mYF5AZo5Lj9ZQZ_rinWA-MtrFmmMFXFRskucOdfsuYURrJTTOsTJO7x8JKA
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: http://www.avisdespros.c4.fr/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

GET
H3 200 activeview Show response
pagead2.googlesyndication.com/pcs/ Frame 7DBA 42 B
64 B 65ms
65ms Fetch
image/gif 2a00:1450:4001:828::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjsvLQSfQ-kAthoFnTyKxVHCAoEinJV7Y2Gr9Q8DINwpmrouB6dJD-JsS6iaYNvp2IADu1nLconhcybpxP-feDkMvwWCEfoeAGkvKjgrtaB3IKvMkiYEpurDkGvfRI4JT-IBrBef7EDBmrnuZN3F4OyqiNCAE&sai=AMfl-YSpkzmX0DcMDxIdFQgJW3pBwAlrlXO9krtM4ZB3hQy5EroF5dxzM2FA2v49L1eCzxsA5ueVAeBIYJG3WVYAPpYSn6KrS1tw038uKZ1Fx5dX0_dhDCI-ZyM9bVOSUFCosGZdDifEf_pYW1iuYG7-iQ&sig=Cg0ArKJSzM7mof5BLIXtEAE&cid=CAQSTwAvHhf__3Mau3CfBatIsn7wDOQOEm7isLGpqPH8i1jvZvuyvmuLqSMcK64QGmXYz_I9nP3RIRaGBPJCFcAT4IsgEs6jmcN6X1vw2PXdAvUYAQ&id=lidar2&mcvt=1000&p=0,0,90,728&mtos=1000,1000,1000,1000,1000&tos=1000,0,0,0,0&v=20240103&bin=7&avms=nio&bs=0,0&mc=1&if=1&vu=1&app=0&itpl=20&adk=2647235303&rs=2&la=0&cr=0&vs=4&r=v&rst=1704674967712&rpt=395&met=ie&wmsd=0&pbe=0&vae=0&spb=0&ffslot=0&reach=0&io2=0

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/ufs_web_display.js?cache=r20110914

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 08 Jan 2024 00:49:29 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 9c69f07deadda884c61396a404004929.svg
s0.2mdn.net/sadbundle/15205685216655332109/media/ Frame DF3A 1 KB
643 B 28ms
27ms Image
image/svg+xml 2a00:1450:4001:830::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/sadbundle/15205685216655332109/media/9c69f07deadda884c61396a404004929.svg

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/15205685216655332109/8f0cec8041c165cafb6d32d04ed8f04b.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

fa3efcb1022504df85ff9f59acd76923266eb8a078b3e746457223967d82ba2e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://s0.2mdn.net/sadbundle/15205685216655332109/index.html?ev=01_250
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

expires: Fri, 03 Jan 2025 13:21:10 GMT
date: Thu, 04 Jan 2024 13:21:10 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 300501
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 613
x-xss-protection: 0
last-modified: Thu, 14 Dec 2023 11:10:04 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
allow-fenced-frame-automatic-beacons: true

GET
H3 200 6d7052ff6df13eae564657f4b45cc79a.svg
s0.2mdn.net/sadbundle/15205685216655332109/media/ Frame DF3A 5 KB
3 KB 29ms
29ms Image
image/svg+xml 2a00:1450:4001:830::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/sadbundle/15205685216655332109/media/6d7052ff6df13eae564657f4b45cc79a.svg

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/15205685216655332109/8f0cec8041c165cafb6d32d04ed8f04b.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

caf195ab94cbfaf21aaae06763f8600b9801e4a8423311963e8e913cddc06150

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://s0.2mdn.net/sadbundle/15205685216655332109/index.html?ev=01_250
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

expires: Sat, 04 Jan 2025 20:08:17 GMT
date: Fri, 05 Jan 2024 20:08:17 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 189674
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 2640
x-xss-protection: 0
last-modified: Thu, 14 Dec 2023 11:10:04 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
allow-fenced-frame-automatic-beacons: true

Verdicts & Comments Add Verdict or Comment

8 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

10 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
payment.allopass.com/	1969-12-31 23:59:59	Name: ShopSessionId Value: dcc9f72d-0f42-4f85-9924-60c28d28dfaf
.allopass.com/	1970-01-21 02:16:50	Name: AP_CUSK Value: 3639598198
.doubleclick.net/	1970-01-21 02:52:50	Name: IDE Value: AHWqTUkWI7dHJhtRqg15vra7jCnDvI94UtGTVs8dlH3Zz1YbGoan_I6u3igcKfnN
.c4.fr/	1970-01-21 02:52:50	Name: __gads Value: ID=f9246a8db765ff64:T=1704674967:RT=1704674967:S=ALNI_MboBbN9Gkh0k3AsJGNf36W3KRq0Qg
.c4.fr/	1970-01-21 02:52:50	Name: __gpi Value: UID=00000d3c3993f3bd:T=1704674967:RT=1704674967:S=ALNI_MaGqV28zU_tdUscPhUwmr3MWXD6Pw
.adnxs.com/	1970-01-20 19:40:50	Name: uuid2 Value: 7095797952621480106
.adnxs.com/	1970-01-21 03:07:14	Name: XANDR_PANID Value: 7-RKjGqnBial1-7XVdc12oA06YDq67savnJQ0ZWq8gaKOTvtAw8xcHevPfP0uS6ZgNx9ROaZJZ4GgF3No6emvGibRBB5xFDNdtl8kKVsLiM.
.casalemedia.com/	1970-01-21 02:16:50	Name: CMID Value: ZZtGlxMwyIkOW-Sp4bzDmQAA
.casalemedia.com/	1970-01-20 19:40:50	Name: CMPS Value: 2124
.casalemedia.com/	1970-01-20 19:40:50	Name: CMPRO Value: 2124

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

ad.doubleclick.net
cm.g.doubleclick.net
dsum-sec.casalemedia.com
googleads.g.doubleclick.net
ib.adnxs.com
pagead2.googlesyndication.com
payment.allopass.com
s0.2mdn.net
static.gambling-affiliation.com
tpc.googlesyndication.com
www.avisdespros.c4.fr
www.gambling-affiliation.com
www.google.com
www.googletagmanager.com
www.googletagservices.com
www.lemaitreturf.com
www.venez.fr
104.18.36.155
142.250.184.198
142.250.185.98
185.119.26.1
185.89.210.180
194.150.236.236
2a00:1450:4001:80f::2002
2a00:1450:4001:810::2002
2a00:1450:4001:811::2002
2a00:1450:4001:81c::2001
2a00:1450:4001:81c::2008
2a00:1450:4001:828::2002
2a00:1450:4001:828::2004
2a00:1450:4001:830::2006
5.135.149.81
91.198.105.122
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
0c91a24c2deb753c963c48cd9c3e5d16ee96128b30bce193c4324e121728c306
0edb7ff8b4775b1a73c15d06b1c7edab503f0f5a30b2dbf1a139d65a1c18e0ec
11ddde88c29ef7e51f5c03da7fde285085469879139d006f631a62dba9bbd069
14022faaf1c461ba1191c90079483e7e60edd39b05a48ef30857be928b795eb0
1642dd5dc126df4feff2255cba0988528507973d842d0a73331a5873f6b9d4e5
1816069af86c24f0cc7eb81c78311efc0aba9aded5642284cf673bb1c7130e7e
2038e75d6253a4fff12afdec036e27703f1575215661ed15bdb353d7cf93f059
2137deaa987e3f79fa0e0d8a3392c98fbe32c9f50132bf87dec513a46394ff8c
24c6c6cef0212392bd8472c94a831aaad088a6a727061af17ce115506e2698cb
2c4cfa277a8a102fcb2b85ecb52c4af483cc09ac0bc706bee6596c5755ae8365
2f764c969a82705ba7838239087f5ff9b33e978b6bae2657e299b6b14c30ad7f
3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5
3289fc83b622ca0a13683fa81b006a05de135d1938744d6e30e5c9be2f2d782a
32f2c3d6a1b9ff37e86b481bbbf7faf5ef528261df074afcd1fa85ebac55a6ba
3924cd8bf60d917751f21716ca103d2d78def37b4c66e6b79686d53d398ef287
3cc224a17920964c03b7914a29ad608a0f2ea998426e213843bf9fc8718fc0d4
428f4d59e61cdf9887ad4cd7c4592a24b214d2d9c0ba09db01c4cfde66a3cd11
42c30773e94d9babf2effdf3e643f1757d7f882ba311c35b317d4f2eb91746ce
4310fb01c7dbcc91881084db621a67f1f2790c33cc481ef1234b8d0a414e46b1
435db380c9936c0970dcd3d9941eab6aec2fcf2a38c3e2b4e02d957e8e76bd1f
49d4ba84e10d9d1f2a83956dde4f20625fd11efc01f60a3a4552a9e09a05a74f
55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a
565455760ff3d548e128a39e4f9bafa35d7a77f09e9415e34f7c63252441a8ff
59e50d4289f223d9c475d992d8069c2b799704feefdd7e8eabebd2a49bb31df1
5deec59d8ecaebf084aeb4dfdd665b3b5ae8aefa8a7cc7f76707524772912bcd
61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb
69a8a6cd34033c248f0fb8bb083673e6d6030ef4f3c5eda7978468d1b2c10873
6bbd36ef2ed3cfff7447866d022aa96df2b0c3d0c7cd00470e6e9605d5435038
769157b92b0a94c3bb2311f0c42edba38c841afb73fe48f56dfe9b685691bdb6
7dc792d48132ff15a9ad8c11a139bf26f8e13aa3df30a71582ae406ddffdab4f
7dd9659e56e92abc376e04d427903b2cfca1d52d854d38e35fefa4cf9e7fd9db
856c41d7d47bba74b107e526ef8f49968fb2a3a129cdc3c5ef5899ba3c2dc181
8941597d26275d5e8775ac804bffb1d86f749d0cfe471777800a4543e4b65603
8bb70ac0971f19679c9be2cbaf6183506597a7e8eec04eb29f3182e838a33b40
8eb600d1bfa136d87da7690cd2032c1906a76dcc1df0dc43fd0eb219d5356e68
95eb15e76b752a9c78d6281cd3b7c43a8fbc2931783edf3bf3703af55eff06e2
9ff367082be1d94abc86ad1e75ff921cc5d53846e860267372fade66305f9120
a01be423300cf1a6d29a8bc43a753bd1369f2fb6d8a1a7b27da437870014dc78
acad1a12850c7f0b5f1874f385a84f10539ad98a380784ef08df5eacb7d4b0c7
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b
c4b813f7aa04eca20be469b259cca2779799f58e280d73488bd7386940d2d146
caf195ab94cbfaf21aaae06763f8600b9801e4a8423311963e8e913cddc06150
d1d6b5efe0d6c2540778435a8f7873cbec1eb76a2b107370388a8806cb5dda6a
d396441f8562d3ff1d34d9a7047108880c3c2300b299913be8ae2328d64808ad
d52957a44499c980259c1944bc5ff180af6ea00f39e738d449efb35c30e29bba
d58a4f50c5c453fef8e055131d7a1657cc5a0dc7d3f544acf23c49a7ceabf0b4
de421ad2eb9e68d7798320a44138c37baea59c11ddff99bc492e10be0ccbfe4c
e1e7117361d551b7b5daed377d8d9eea53ab733b366e1add7e977672e2f78be2
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
eb66c7c9d097d5ba414230f422484c17fa6f37157d30e1ded2cc5f65a9667987
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
f1e6213f4c9ab8c62ef1753ccb1ada7664851ce3ce6a72db5afcc79fffe7af7c
fa3efcb1022504df85ff9f59acd76923266eb8a078b3e746457223967d82ba2e

www.avisdespros.c4.fr Open in urlscan Pro 5.135.149.81 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Detected technologies

Page Statistics

67 Requests

90 %HTTPS

50 %IPv6

13 Domains

17 Subdomains

16 IPs

4 Countries

3109 kBTransfer

4518 kBSize

10 Cookies

0 Outgoing links

Redirected requests

67 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 1 data transactions

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

www.avisdespros.c4.fr Open in urlscan Pro
5.135.149.81 Public Scan

Screenshot
Live screenshot

Full Image

67
Requests

90 %
HTTPS

50 %
IPv6

13
Domains

17
Subdomains

16
IPs

4
Countries

3109 kB
Transfer

4518 kB
Size

10
Cookies

67 HTTP transactions
1 data transactions