www.tierce2bases.c4.fr Open in urlscan Pro
5.135.149.81 Public Scan

Go To Rescan
Add Verdict Report

URL:
http://www.tierce2bases.c4.fr/
Submission: On January 05 via manual (January 5th 2024, 5:03:03 pm UTC) from BF — Scanned from FR

Summary HTTP 71 Redirects Behaviour Indicators

Summary

This website contacted 17 IPs in 3 countries across 17 domains to perform 71 HTTP transactions. The main IP is 5.135.149.81, located in Le Chesnay, France and belongs to OVH, FR. The main domain is www.tierce2bases.c4.fr.

This is the only time www.tierce2bases.c4.fr was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
10	5.135.149.81 5.135.149.81	16276 (OVH) (OVH)
8	194.150.236.236 194.150.236.236	44976 (HIWIT_AS) (HIWIT_AS)
1	194.150.236.179 194.150.236.179	44976 (HIWIT_AS) (HIWIT_AS)
19	185.119.26.1 185.119.26.1	203544 (WEBDEVIIN-AS) (WEBDEVIIN-AS)
1 3	91.198.105.122 91.198.105.122	35393 (EURO-WEB-AS) (EURO-WEB-AS)
8	2a00:1450:400... 2a00:1450:4001:813::2002	15169 (GOOGLE) (GOOGLE)
2	54.183.194.234 54.183.194.234	16509 (AMAZON-02) (AMAZON-02)
2	2a00:1450:400... 2a00:1450:4001:80f::2008	15169 (GOOGLE) (GOOGLE)
1 3	2a00:1450:400... 2a00:1450:4001:806::2002	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:806::200a	15169 (GOOGLE) (GOOGLE)
9	2a00:1450:400... 2a00:1450:4001:829::2001	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:80e::2002	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:806::2003	15169 (GOOGLE) (GOOGLE)
2	172.217.16.194 172.217.16.194	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:80f::2003	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:813::2004	15169 (GOOGLE) (GOOGLE)
71	17

10 5.135.149.81 (Le Chesnay, France)

ASN16276 (OVH, FR)
PTR: web3.venez.net

www.tierce2bases.c4.fr	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
www.venez.fr	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

8 194.150.236.236 (France)

ASN44976 (HIWIT_AS, FR)
PTR: ns76.hiwit.net

www.tresorturf.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
www.duvaldestin.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 194.150.236.179 (France)

ASN44976 (HIWIT_AS, FR)
PTR: ns19.hiwit.net

www.bazireturf.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

19 185.119.26.1 (France)

ASN203544 (WEBDEVIIN-AS, FR)
PTR: 1.26.119.185.in-addr.arpa

payment.allopass.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 91.198.105.122 (France) 1 redirects

ASN35393 (EURO-WEB-AS, FR)

www.gambling-affiliation.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
static.gambling-affiliation.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

8 2a00:1450:4001:813::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

pagead2.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 54.183.194.234 (San Jose, United States)

ASN16509 (AMAZON-02, US)
PTR: ec2-54-183-194-234.us-west-1.compute.amazonaws.com

gmu-apps.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:80f::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.googletagmanager.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1450:4001:806::2002 (Frankfurt am Main, Germany) 1 redirects

ASN15169 (GOOGLE, US)

googleads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:806::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

9 2a00:1450:4001:829::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

tpc.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:80e::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.googletagservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:806::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 172.217.16.194 (United States)

ASN15169 (GOOGLE, US)
PTR: fra16s08-in-f2.1e100.net

www.googleadservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:80f::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:813::2004 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
19	allopass.com payment.allopass.com	399 KB
17	googlesyndication.com pagead2.googlesyndication.com — Cisco Umbrella Rank: 140 tpc.googlesyndication.com — Cisco Umbrella Rank: 185	272 KB
7	venez.fr www.venez.fr	9 KB
7	tresorturf.com www.tresorturf.com	180 KB
3	doubleclick.net 1 redirects googleads.g.doubleclick.net — Cisco Umbrella Rank: 68	52 KB
3	gambling-affiliation.com 1 redirects www.gambling-affiliation.com static.gambling-affiliation.com	147 KB
3	c4.fr www.tierce2bases.c4.fr	3 KB
2	googleadservices.com www.googleadservices.com — Cisco Umbrella Rank: 173
2	gstatic.com www.gstatic.com fonts.gstatic.com	49 KB
2	googletagmanager.com www.googletagmanager.com — Cisco Umbrella Rank: 114	156 KB
2	gmu-apps.com gmu-apps.com	6 KB
1	google.com www.google.com — Cisco Umbrella Rank: 6	1 KB
1	googletagservices.com www.googletagservices.com — Cisco Umbrella Rank: 271	65 KB
1	googleapis.com fonts.googleapis.com — Cisco Umbrella Rank: 115	2 KB
1	duvaldestin.com www.duvaldestin.com	7 KB
1	bazireturf.com www.bazireturf.com	19 KB
0	genhit.com Failed pronosturf.genhit.com Failed
71	17

	Domain	Requested by
19	payment.allopass.com	www.tresorturf.com payment.allopass.com
9	tpc.googlesyndication.com	googleads.g.doubleclick.net pagead2.googlesyndication.com tpc.googlesyndication.com www.tierce2bases.c4.fr
8	pagead2.googlesyndication.com	www.tierce2bases.c4.fr pagead2.googlesyndication.com googleads.g.doubleclick.net tpc.googlesyndication.com www.googletagservices.com
7	www.venez.fr	www.tierce2bases.c4.fr www.venez.fr
7	www.tresorturf.com	www.tierce2bases.c4.fr www.tresorturf.com
3	googleads.g.doubleclick.net	1 redirects pagead2.googlesyndication.com
3	www.tierce2bases.c4.fr	www.tierce2bases.c4.fr
2	www.googleadservices.com	www.tierce2bases.c4.fr
2	www.googletagmanager.com	payment.allopass.com www.googletagmanager.com
2	gmu-apps.com	payment.allopass.com www.tierce2bases.c4.fr
2	www.gambling-affiliation.com	1 redirects www.tresorturf.com
1	www.google.com	tpc.googlesyndication.com
1	fonts.gstatic.com	fonts.googleapis.com
1	www.gstatic.com	googleads.g.doubleclick.net
1	www.googletagservices.com	googleads.g.doubleclick.net
1	fonts.googleapis.com	googleads.g.doubleclick.net
1	static.gambling-affiliation.com	www.tresorturf.com
1	www.duvaldestin.com	www.tresorturf.com
1	www.bazireturf.com	www.tresorturf.com
0	pronosturf.genhit.com Failed	www.tresorturf.com
71	20

This site contains no links.

Subject Issuer	Validity	Valid
*.allopass.com Sectigo RSA Domain Validation Secure Server CA	`2023-10-06` - `2024-10-07`	a year	crt.sh
venez.fr R3	`2023-12-04` - `2024-03-03`	3 months	crt.sh
static.gambling-affiliation.com Gandi RSA Domain Validation Secure Server CA 3	`2023-08-31` - `2024-08-31`	a year	crt.sh
gmu-apps.com Amazon RSA 2048 M02	`2023-12-02` - `2024-12-30`	a year	crt.sh
*.google-analytics.com GTS CA 1C3	`2023-11-20` - `2024-02-12`	3 months	crt.sh
*.g.doubleclick.net GTS CA 1C3	`2023-11-20` - `2024-02-12`	3 months	crt.sh
upload.video.google.com GTS CA 1C3	`2023-11-20` - `2024-02-12`	3 months	crt.sh
tpc.googlesyndication.com GTS CA 1C3	`2023-11-20` - `2024-02-12`	3 months	crt.sh
*.gstatic.com GTS CA 1C3	`2023-11-20` - `2024-02-12`	3 months	crt.sh
www.googleadservices.com GTS CA 1C3	`2023-11-20` - `2024-02-12`	3 months	crt.sh
www.google.com GTS CA 1C3	`2023-11-20` - `2024-02-12`	3 months	crt.sh

This page contains 11 frames:

Primary Page: http://www.tierce2bases.c4.fr/
Frame ID: B200EF246A579BDB71E637BC94121E45
Requests: 1 HTTP requests in this frame

Frame: http://www.tierce2bases.c4.fr/barre-tierce2bases.c4.fr.html
Frame ID: 4CD7465E6C96B7931B773884796265AA
Requests: 9 HTTP requests in this frame

Frame: http://www.tresorturf.com/jk2/tierce2bases/
Frame ID: 85F3C1FD882CFC46EE761EB0E6C8B6C1
Requests: 12 HTTP requests in this frame

Frame: http://www.tierce2bases.c4.fr/stats-tierce2bases.c4.fr.html
Frame ID: D23416C9F98C274893812EEE749DD1E0
Requests: 1 HTTP requests in this frame

Frame: https://payment.allopass.com/buy/buy.apu?ids=322617&idd=1411089
Frame ID: BA9AC4E9298DED41136628A4BC428339
Requests: 23 HTTP requests in this frame

Frame: https://www.venez.fr/alternate-barre.htm
Frame ID: 6AECDCDCF448AB82321F13197A9E0545
Requests: 4 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/html/r20240103/r20190131/zrt_lookup_fy2021.html
Frame ID: B52E1F2B28FE464FB4C6B7FE3027D89B
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5203714787387788&output=html&h=90&slotname=4563536207&adk=2647235303&adf=3604715433&pi=t.ma~as.4563536207&w=970&format=970x90&url=http%3A%2F%2Fwww.tierce2bases.c4.fr%2F&ea=0&wgl=1&dt=1704474179262&bpp=2&bdt=350&idt=238&shv=r20240103&mjsv=m202401020101&ptt=9&saldr=aa&correlator=4635507236880&frm=23&ife=1&pv=2&ga_vid=667922066.1704474180&ga_sid=1704474180&ga_hid=1084341584&ga_fc=0&nhd=1&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&adx=20&ady=0&biw=1600&bih=1200&isw=1600&ish=90&ifk=2675767453&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44798934%2C95320870&oid=2&pvsid=2462421786956786&tmod=1372565186&uas=0&nvt=1&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C90&vis=1&rsz=o%7Co%7CaeE%7C&abl=NA&pfx=0&fu=4&bc=23&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=1&uci=1.yce91ymcfh4h&fsb=1&dtd=245
Frame ID: F1DA0C9B90B9998B145E97A9F0D436B8
Requests: 16 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/bg/gPTZx8Qg5YtqHYATuVEq7wiNXgGYJLmNtV6Q-nRIA0Y.js
Frame ID: 3B6FA0A745C86F8B1B72815C9707BD90
Requests: 1 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Frame ID: 755D8B5B75197668B4CC563454624C18
Requests: 3 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/aframe
Frame ID: 5C344717CE200776653EFD1D53E26220
Requests: 2 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

TIERCE2BASES

Detected technologies

FingerprintJS (JavaScript libraries) Expand

Overall confidence: 100%
Detected patterns

fingerprint(\d)?(?:\.min)?\.js

Google AdSense (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

googlesyndication\.com/

Google Tag Manager (Tag Managers) Expand

Overall confidence: 100%
Detected patterns

googletagmanager\.com/gtm\.js

jQuery (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

jquery[.-]([\d.]*\d)[^/]*\.js
jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

Page Statistics

71
Requests

77 %
HTTPS

56 %
IPv6

17
Domains

20
Subdomains

17
IPs

3
Countries

1368 kB
Transfer

2738 kB
Size

6
Cookies

0 Outgoing links

These are links going to different origins than the main page.

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 10

http://www.gambling-affiliation.com/cpm/v=hkuYlj2JAOIOVqp6BEHCOVAhRnIzw86B2qn6.tCXsTmyGy88.tSXpu-7IufP2hxImxLWo8Ujm4EP.-9CPIbtBw__&s= HTTP 301
https://www.gambling-affiliation.com/cpm/v=hkuYlj2JAOIOVqp6BEHCOVAhRnIzw86B2qn6.tCXsTmyGy88.tSXpu-7IufP2hxImxLWo8Ujm4EP.-9CPIbtBw__&s=

Request Chain 59

https://googleads.g.doubleclick.net/pagead/adview?ai=CUA25QzaYZa6UJdbZ_tMP-4uLuA7z4srPc8eXurnrEfiM-5ClFBABIKK6_gJg--GFg5wKoAGJxtzlAsgBCakC4hg3xWNTsj6oAwHIA8sEqgTVAU_QKgriAxJePD8zuC5nGu-E0EZQ8UUQj7LzwRhMpn0dzRh61rAw1QUFNlLxsBPpKH-KC79bSZ2Roe6opcnsytYYpP7WaiP44qc6qO8fjzFc1ve2MCpaUukIviWRfifvMxj-yr82OB97dnDDD8KyWjiE7FYVnUiLGLPWvLJqi1xq0IL7gXRhCdGlXAyubci5seeLYLQqudYIw6OGG8je6E2Ubyu97VghOSZ0gYjzoZExAdOZkMy3kZB9nWFeA9ps1rwrFjMt2I9QwRB_rfhQ2oXl0NTxjMAE6JONz8wEiAXp9tjpS5IFBAgEGAGSBQQIBRgEoAYugAfzreckqAfZtrECqAeOzhuoB5PYG6gH7paxAqgH_p6xAqgH1ckbqAemvhvYBwDyBwQQhMUF0ggfCIDhgBAQARgfMgKqAjoCgEBIvf3BOliKkYCQ3caDA5oJNWh0dHBzOi8vbWFnYXNpbi5hbmltYWxpcy5jb20vNjYtYW5pbWFsaXMtbGEtbWFkZWxlaW5lgAoByAsBmAzK5N2loQSiDAgqBgoEu7uxArgTgwTYEw7QFQGAFwGyFxwKGggAEhRwdWItNTIwMzcxNDc4NzM4Nzc4OBgA&sigh=WoabdbFPXUQ&uach_m=%5BUACH%5D&ase=2&nis=4&cid=CAQSTwAvHhf_HpR3pCfnwm_NNCIzj3iwozmc7-2coNR9hIhCFd4pxPiOI5zjoBw24xFP9VhtrMom2bHVopiJ4pzU0vWpFBgowyjrk4EMAJjMG9MYAQ&template_id=515&cbvp=2&vis=1 HTTP 302
https://www.googleadservices.com/pagead/ar-adview/?nrh={%22debug_key%22:%229208963424030965872%22,%22debug_reporting%22:true,%22destination%22:%22https://animalis.com%22,%22event_report_window%22:%22259200%22,%22expiry%22:%222592000%22,%22filter_data%22:{%222%22:[%22750199561%22],%2222%22:[%22true%22],%224%22:[%2201-05%22],%226%22:[%22true%22]},%22priority%22:%22500%22,%22source_event_id%22:%229379464493765238593%22}&andc=true

71 HTTP transactions
3 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H/1.1 200
OK Primary Request / Show response
www.tierce2bases.c4.fr/ 3 KB
1 KB 87ms
25ms Document
text/html 5.135.149.81
OVH

General

Check archive.org

Show headers Download Go to

Full URL: http://www.tierce2bases.c4.fr/
Protocol: HTTP/1.1
Server: 5.135.149.81 Le Chesnay, France, ASN16276 (OVH, FR),
Reverse DNS: web3.venez.net
Software: Apache /
Resource Hash: 8d94eaa3224b045273b8b70f8473e549b09e03fa2bf66e187250df90dd94c08a

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36
accept-language: fr-FR,fr;q=0.9

Response headers

Connection: Keep-Alive
Content-Encoding: gzip
Content-Length: 1097
Content-Type: text/html; charset=iso-8859-1
Date: Fri, 05 Jan 2024 17:02:58 GMT
Keep-Alive: timeout=5, max=100
Server: Apache
Vary: Accept-Encoding

GET
H/1.1 200
OK barre-tierce2bases.c4.fr.html Show response
www.tierce2bases.c4.fr/ Frame 4CD7 3 KB
2 KB 151ms
151ms Document
text/html 5.135.149.81
OVH

General

Check archive.org

Show headers Download Go to

Full URL: http://www.tierce2bases.c4.fr/barre-tierce2bases.c4.fr.html
Requested by: Host: www.tierce2bases.c4.fr
URL: http://www.tierce2bases.c4.fr/
Protocol: HTTP/1.1
Server: 5.135.149.81 Le Chesnay, France, ASN16276 (OVH, FR),
Reverse DNS: web3.venez.net
Software: Apache /
Resource Hash: 457151d0356dc0ac710d86115f409cbe0d5331eccef0c7e12b324614de744a81

Request headers

Referer: http://www.tierce2bases.c4.fr/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36
accept-language: fr-FR,fr;q=0.9

Response headers

Cache-Control: no-store, no-cache, must-revalidate post-check=0, pre-check=0
Connection: Keep-Alive
Content-Encoding: gzip
Content-Length: 1461
Content-Type: text/html; charset=ISO-8859-1
Date: Fri, 05 Jan 2024 17:02:58 GMT
Expires: Fri, 05 Jan 2024 17:02:58 GMT
Keep-Alive: timeout=5, max=99
Last-Modified: Fri, 05 Jan 2024 17:02:58 GMT
Pragma: no-cache
Server: Apache
Vary: Accept-Encoding

GET
H/1.1 200
OK / Show response
www.tresorturf.com/jk2/tierce2bases/ Frame 85F3 9 KB
9 KB 131ms
82ms Document
text/html 194.150.236.236
HIWIT_AS

General

Check archive.org

Show headers Download Go to

Full URL: http://www.tresorturf.com/jk2/tierce2bases/
Requested by: Host: www.tierce2bases.c4.fr
URL: http://www.tierce2bases.c4.fr/
Protocol: HTTP/1.1
Server: 194.150.236.236 , France, ASN44976 (HIWIT_AS, FR),
Reverse DNS: ns76.hiwit.net
Software: Apache /
Resource Hash: fc003d8d44df57872d436a7f1e4fe45b744d4ad4acd9c65984cc7fe29b2c3af8

Request headers

Referer: http://www.tierce2bases.c4.fr/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36
accept-language: fr-FR,fr;q=0.9

Response headers

Connection: Keep-Alive
Content-Type: text/html
Date: Fri, 05 Jan 2024 17:02:58 GMT
Keep-Alive: timeout=15, max=100
Server: Apache
Transfer-Encoding: chunked
Vary: Host

GET
H/1.1 200
OK stats-tierce2bases.c4.fr.html Show response
www.tierce2bases.c4.fr/ Frame D234 0
192 B 140ms
114ms Document
text/html 5.135.149.81
OVH

General

Check archive.org

Show headers Download Go to

Full URL: http://www.tierce2bases.c4.fr/stats-tierce2bases.c4.fr.html
Requested by: Host: www.tierce2bases.c4.fr
URL: http://www.tierce2bases.c4.fr/
Protocol: HTTP/1.1
Server: 5.135.149.81 Le Chesnay, France, ASN16276 (OVH, FR),
Reverse DNS: web3.venez.net
Software: Apache /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: http://www.tierce2bases.c4.fr/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36
accept-language: fr-FR,fr;q=0.9

Response headers

Connection: Keep-Alive
Content-Length: 0
Content-Type: text/html; charset=iso-8859-1
Date: Fri, 05 Jan 2024 17:02:58 GMT
Keep-Alive: timeout=5, max=100
Server: Apache

GET
H/1.1 200
OK h1.png
www.tresorturf.com/jk2/tierce2bases/ Frame 85F3 28 KB
28 KB 24ms
18ms Image
image/png 194.150.236.236
HIWIT_AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://www.tresorturf.com/jk2/tierce2bases/h1.png
Requested by: Host: www.tresorturf.com
URL: http://www.tresorturf.com/jk2/tierce2bases/
Protocol: HTTP/1.1
Server: 194.150.236.236 , France, ASN44976 (HIWIT_AS, FR),
Reverse DNS: ns76.hiwit.net
Software: Apache /
Resource Hash: 9c39139a8cdbf5c5ee4a5d23dcb28caf43a2f77832441404c3a35d6c6b39d306

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: http://www.tresorturf.com/jk2/tierce2bases/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

Date: Fri, 05 Jan 2024 17:02:58 GMT
Last-Modified: Mon, 26 Jun 2023 01:02:19 GMT
Server: Apache
ETag: "2a691e0-6f20-5fefde6fbdcc0"
Vary: Host
Content-Type: image/png
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=15, max=99
Content-Length: 28448

GET
H/1.1 200
OK header.jpg
www.tresorturf.com/jk2/tierce2bases/ Frame 85F3 50 KB
50 KB 36ms
19ms Image
image/jpeg 194.150.236.236
HIWIT_AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://www.tresorturf.com/jk2/tierce2bases/header.jpg
Requested by: Host: www.tresorturf.com
URL: http://www.tresorturf.com/jk2/tierce2bases/
Protocol: HTTP/1.1
Server: 194.150.236.236 , France, ASN44976 (HIWIT_AS, FR),
Reverse DNS: ns76.hiwit.net
Software: Apache /
Resource Hash: bb5ed35c3c6ba6939eae25123756b01634c7a54609e2bba0451eb114f04032ca

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: http://www.tresorturf.com/jk2/tierce2bases/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

Date: Fri, 05 Jan 2024 17:02:58 GMT
Last-Modified: Mon, 26 Jun 2023 01:02:20 GMT
Server: Apache
ETag: "2a703de-c686-5fefde70b1f00"
Vary: Host
Content-Type: image/jpeg
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=15, max=100
Content-Length: 50822

GET logo
pronosturf.genhit.com/ Frame 85F3 0
0

GET
H/1.1 200
OK logo.gif
www.bazireturf.com/img/ Frame 85F3 19 KB
19 KB 76ms
18ms Image
image/gif 194.150.236.179
HIWIT_AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://www.bazireturf.com/img/logo.gif
Requested by: Host: www.tresorturf.com
URL: http://www.tresorturf.com/jk2/tierce2bases/
Protocol: HTTP/1.1
Server: 194.150.236.179 , France, ASN44976 (HIWIT_AS, FR),
Reverse DNS: ns19.hiwit.net
Software: Apache /
Resource Hash: e3a0169c93ee99ee209e212f1f9b711712aa8546cd9bc4a8f4bc431df18dabde

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: http://www.tresorturf.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

Date: Fri, 05 Jan 2024 17:02:58 GMT
Last-Modified: Wed, 30 Nov 2016 07:10:42 GMT
Server: Apache
ETag: "169be12-4c74-5427f67204080"
Vary: Host
Content-Type: image/gif
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=15, max=100
Content-Length: 19572

GET
H/1.1 200
OK logo.gif
www.tresorturf.com/img/ Frame 85F3 7 KB
7 KB 37ms
19ms Image
image/gif 194.150.236.236
HIWIT_AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://www.tresorturf.com/img/logo.gif
Requested by: Host: www.tresorturf.com
URL: http://www.tresorturf.com/jk2/tierce2bases/
Protocol: HTTP/1.1
Server: 194.150.236.236 , France, ASN44976 (HIWIT_AS, FR),
Reverse DNS: ns76.hiwit.net
Software: Apache /
Resource Hash: 6708a8ec82fad521076f2579c9873b1335aad3bd231cdb2972ea0bfb38689d97

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: http://www.tresorturf.com/jk2/tierce2bases/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

Date: Fri, 05 Jan 2024 17:02:58 GMT
Last-Modified: Mon, 26 Jun 2023 01:03:21 GMT
Server: Apache
ETag: "2b6f1b3-1cc2-5fefdeaade840"
Vary: Host
Content-Type: image/gif
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=15, max=100
Content-Length: 7362

GET
H/1.1 200
OK logo.gif
www.duvaldestin.com/ Frame 85F3 7 KB
7 KB 62ms
19ms Image
image/gif 194.150.236.236
HIWIT_AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://www.duvaldestin.com/logo.gif
Requested by: Host: www.tresorturf.com
URL: http://www.tresorturf.com/jk2/tierce2bases/
Protocol: HTTP/1.1
Server: 194.150.236.236 , France, ASN44976 (HIWIT_AS, FR),
Reverse DNS: ns76.hiwit.net
Software: Apache /
Resource Hash: 89af640141b51d2387b765b728134e7f2ba8e841e759e4d59fd3b6bba1e6eb9d

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: http://www.tresorturf.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

Date: Fri, 05 Jan 2024 17:02:58 GMT
Last-Modified: Mon, 26 Jun 2023 01:25:02 GMT
Server: Apache
ETag: "283f41c-1bed-5fefe38399780"
Vary: Host
Content-Type: image/gif
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=15, max=100
Content-Length: 7149

GET
H/1.1 200
OK buy.apu Show response
payment.allopass.com/buy/ Frame BA9A 10 KB
4 KB 260ms
101ms Document
text/html 185.119.26.1
WEBDEVIIN-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://payment.allopass.com/buy/buy.apu?ids=322617&idd=1411089
Requested by: Host: www.tresorturf.com
URL: http://www.tresorturf.com/jk2/tierce2bases/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 185.119.26.1 , France, ASN203544 (WEBDEVIIN-AS, FR),
Reverse DNS: 1.26.119.185.in-addr.arpa
Software: Apache /
Resource Hash: 33586483d0218fce3417f7c7dadb33529971fda76ca0a20a0a3eeaf922573cd4

Request headers

Referer: http://www.tresorturf.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36
accept-language: fr-FR,fr;q=0.9

Response headers

Access-Control-Allow-Origin: *
Cache-Control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
Connection: close
Content-Encoding: gzip
Content-Length: 3219
Content-Type: text/html; charset=UTF-8
Date: Fri, 05 Jan 2024 17:02:59 GMT
Expires: Thu, 19 Nov 1981 08:52:00 GMT
P3P: CP='NON NID OTPa OUR NOR' policy-ref='http://payment.allopass.com/info/p3p/policy-references.xml'
Pragma: no-cache
Server: Apache
Vary: Accept-Encoding

GET
H2

200

v=hkuYlj2JAOIOVqp6BEHCOVAhRnIzw86B2qn6.tCXsTmyGy88.tSXpu-7IufP2hxImxLWo8Ujm4EP.-9CPIbtBw__&s= Show response
www.gambling-affiliation.com/cpm/ Frame 85F3
Redirect Chain

http://www.gambling-affiliation.com/cpm/v=hkuYlj2JAOIOVqp6BEHCOVAhRnIzw86B2qn6.tCXsTmyGy88.tSXpu-7IufP2hxImxLWo8Ujm4EP.-9CPIbtBw__&s=
https://www.gambling-affiliation.com/cpm/v=hkuYlj2JAOIOVqp6BEHCOVAhRnIzw86B2qn6.tCXsTmyGy88.tSXpu-7IufP2hxImxLWo8Ujm4EP.-9CPIbtBw__&s=

338 B
426 B

184ms
146ms

Script
application/javascript

91.198.105.122
EURO-WEB-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://www.gambling-affiliation.com/cpm/v=hkuYlj2JAOIOVqp6BEHCOVAhRnIzw86B2qn6.tCXsTmyGy88.tSXpu-7IufP2hxImxLWo8Ujm4EP.-9CPIbtBw__&s=
Requested by: Host: www.tresorturf.com
URL: http://www.tresorturf.com/jk2/tierce2bases/
Protocol: H2
Server: 91.198.105.122 , France, ASN35393 (EURO-WEB-AS, FR),
Reverse DNS
Software: Apache /
Resource Hash: 259d4c3c889fb18588e343dd066fa4b68f1d3bf181c8131fee53af8df1e4abdc

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: http://www.tresorturf.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date: Fri, 05 Jan 2024 17:02:58 GMT
server: Apache
content-length: 338
content-type: application/javascript

Redirect headers

location: https://www.gambling-affiliation.com/cpm/v=hkuYlj2JAOIOVqp6BEHCOVAhRnIzw86B2qn6.tCXsTmyGy88.tSXpu-7IufP2hxImxLWo8Ujm4EP.-9CPIbtBw__&s=
content-length: 0

GET
H/1.1 200
OK h3.png
www.tresorturf.com/jk2/tierce2bases/ Frame 85F3 28 KB
29 KB 26ms
18ms Image
image/png 194.150.236.236
HIWIT_AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://www.tresorturf.com/jk2/tierce2bases/h3.png
Requested by: Host: www.tresorturf.com
URL: http://www.tresorturf.com/jk2/tierce2bases/
Protocol: HTTP/1.1
Server: 194.150.236.236 , France, ASN44976 (HIWIT_AS, FR),
Reverse DNS: ns76.hiwit.net
Software: Apache /
Resource Hash: ca6231e9f0cd1b9174e69a1fba2115c930e02355d4ce1ffa6f1df460cf2e9754

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: http://www.tresorturf.com/jk2/tierce2bases/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

Date: Fri, 05 Jan 2024 17:02:58 GMT
Last-Modified: Mon, 26 Jun 2023 01:02:19 GMT
Server: Apache
ETag: "2a6ad9f-71b4-5fefde6fbdcc0"
Vary: Host
Content-Type: image/png
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=15, max=100
Content-Length: 29108

GET
H/1.1 200
OK site.js Show response
www.venez.fr/js/ Frame 4CD7 2 KB
1 KB 185ms
25ms Script
application/javascript 5.135.149.81
OVH

General

Check archive.org

Show headers Download Go to

Full URL: https://www.venez.fr/js/site.js?www.venez.fr
Requested by: Host: www.tierce2bases.c4.fr
URL: http://www.tierce2bases.c4.fr/barre-tierce2bases.c4.fr.html
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 5.135.149.81 Le Chesnay, France, ASN16276 (OVH, FR),
Reverse DNS: web3.venez.net
Software: Apache /
Resource Hash: 0c91a24c2deb753c963c48cd9c3e5d16ee96128b30bce193c4324e121728c306

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: http://www.tierce2bases.c4.fr/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

Date: Fri, 05 Jan 2024 17:02:58 GMT
Content-Encoding: gzip
Last-Modified: Fri, 05 Jan 2024 17:02:58 GMT
Server: Apache
Vary: Accept-Encoding
Content-Type: application/javascript
Cache-Control: public, max-age=604800
Connection: Keep-Alive
Keep-Alive: timeout=5, max=100
Content-Length: 1023
Expires: Fri, 12 Jan 2024 17:02:58 GMT

GET
H/1.1 200
OK separateur90.gif
www.venez.fr/images/ Frame 4CD7 82 B
388 B 186ms
25ms Image
image/gif 5.135.149.81
OVH

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.venez.fr/images/separateur90.gif
Requested by: Host: www.tierce2bases.c4.fr
URL: http://www.tierce2bases.c4.fr/barre-tierce2bases.c4.fr.html
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 5.135.149.81 Le Chesnay, France, ASN16276 (OVH, FR),
Reverse DNS: web3.venez.net
Software: Apache /
Resource Hash: 3289fc83b622ca0a13683fa81b006a05de135d1938744d6e30e5c9be2f2d782a

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: http://www.tierce2bases.c4.fr/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

Date: Fri, 05 Jan 2024 17:02:58 GMT
Last-Modified: Thu, 15 Nov 2018 22:11:22 GMT
Server: Apache
ETag: "52-57abb54b25680"
Content-Type: image/gif
Cache-Control: max-age=604800, public
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=100
Content-Length: 82

GET
H/1.1 200
OK adsbygoogle.js Show response
pagead2.googlesyndication.com/pagead/js/ Frame 4CD7 145 KB
54 KB 94ms
70ms Script
text/javascript 2a00:1450:4001:813::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

http://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js

Requested by

Host: www.tierce2bases.c4.fr
URL: http://www.tierce2bases.c4.fr/barre-tierce2bases.c4.fr.html

Protocol

HTTP/1.1

Server

2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e45103f381199c07652f60ab4177bb69c689c97f6f8d769e94dd70a46077d7d5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: http://www.tierce2bases.c4.fr/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

Date: Fri, 05 Jan 2024 17:02:59 GMT
Content-Encoding: gzip
X-Content-Type-Options: nosniff
P3P: policyref="http://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
Cross-Origin-Resource-Policy: cross-origin
Content-Disposition: attachment; filename="f.txt"
Content-Length: 54247
X-XSS-Protection: 0
Server: cafe
ETag: 16858336283094482974
Vary: Accept-Encoding
Content-Type: text/javascript; charset=UTF-8
Access-Control-Allow-Origin: *
Cache-Control: private, max-age=3600, stale-while-revalidate=3600
Timing-Allow-Origin: *
Expires: Fri, 05 Jan 2024 17:02:59 GMT

GET
H/1.1 200
OK h2.png
www.tresorturf.com/jk2/tierce2bases/ Frame 85F3 28 KB
28 KB 35ms
18ms Image
image/png 194.150.236.236
HIWIT_AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://www.tresorturf.com/jk2/tierce2bases/h2.png
Requested by: Host: www.tresorturf.com
URL: http://www.tresorturf.com/jk2/tierce2bases/
Protocol: HTTP/1.1
Server: 194.150.236.236 , France, ASN44976 (HIWIT_AS, FR),
Reverse DNS: ns76.hiwit.net
Software: Apache /
Resource Hash: c2f6982a1c5f57ed42aafa7261b845f912581a8b872bb2669bed465c86762de0

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: http://www.tresorturf.com/jk2/tierce2bases/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

Date: Fri, 05 Jan 2024 17:02:58 GMT
Last-Modified: Mon, 26 Jun 2023 01:02:19 GMT
Server: Apache
ETag: "2a69e07-6ed6-5fefde6fbdcc0"
Vary: Host
Content-Type: image/png
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=15, max=100
Content-Length: 28374

GET
H/1.1 200
OK puce.png
www.tresorturf.com/jk2/tierce2bases/ Frame 85F3 28 KB
29 KB 36ms
19ms Image
image/png 194.150.236.236
HIWIT_AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://www.tresorturf.com/jk2/tierce2bases/puce.png
Requested by: Host: www.tresorturf.com
URL: http://www.tresorturf.com/jk2/tierce2bases/
Protocol: HTTP/1.1
Server: 194.150.236.236 , France, ASN44976 (HIWIT_AS, FR),
Reverse DNS: ns76.hiwit.net
Software: Apache /
Resource Hash: 0648398ec4da51a7512445f76e211c21dc24b17cf44e2dd9e777ad1b53c19e55

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: http://www.tresorturf.com/jk2/tierce2bases/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

Date: Fri, 05 Jan 2024 17:02:58 GMT
Last-Modified: Mon, 26 Jun 2023 01:02:21 GMT
Server: Apache
ETag: "2a99127-711c-5fefde71a6140"
Vary: Host
Content-Type: image/png
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=15, max=100
Content-Length: 28956

GET
H/1.1 200
OK alternate-barre.htm Show response
www.venez.fr/ Frame 6AEC 2 KB
1 KB 26ms
25ms Document
text/html 5.135.149.81
OVH

General

Check archive.org

Show headers Download Go to

Full URL: https://www.venez.fr/alternate-barre.htm
Requested by: Host: www.tierce2bases.c4.fr
URL: http://www.tierce2bases.c4.fr/barre-tierce2bases.c4.fr.html
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 5.135.149.81 Le Chesnay, France, ASN16276 (OVH, FR),
Reverse DNS: web3.venez.net
Software: Apache /
Resource Hash: 0a0b02f9d66b1587c17cc67c934986ee07192c2565bfeccc1d2b1487ee6cb1f9

Request headers

Referer: http://www.tierce2bases.c4.fr/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36
accept-language: fr-FR,fr;q=0.9

Response headers

Connection: Keep-Alive
Content-Encoding: gzip
Content-Length: 874
Content-Type: text/html; charset=iso-8859-1
Date: Fri, 05 Jan 2024 17:02:58 GMT
Keep-Alive: timeout=5, max=99
Server: Apache
Vary: Accept-Encoding

GET
H/1.1 200
OK barre90.gif
www.venez.fr/images/ Frame 4CD7 110 B
416 B 24ms
24ms Image
image/gif 5.135.149.81
OVH

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.venez.fr/images/barre90.gif
Requested by: Host: www.tierce2bases.c4.fr
URL: http://www.tierce2bases.c4.fr/barre-tierce2bases.c4.fr.html
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 5.135.149.81 Le Chesnay, France, ASN16276 (OVH, FR),
Reverse DNS: web3.venez.net
Software: Apache /
Resource Hash: 49d4ba84e10d9d1f2a83956dde4f20625fd11efc01f60a3a4552a9e09a05a74f

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: http://www.tierce2bases.c4.fr/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

Date: Fri, 05 Jan 2024 17:02:58 GMT
Last-Modified: Thu, 15 Nov 2018 22:06:23 GMT
Server: Apache
ETag: "6e-57abb42dff5c0"
Content-Type: image/gif
Cache-Control: max-age=604800, public
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=99
Content-Length: 110

GET
H/1.1 200
OK 120x60.gif
www.venez.fr/images/ Frame 6AEC 4 KB
4 KB 25ms
25ms Image
image/gif 5.135.149.81
OVH

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.venez.fr/images/120x60.gif
Requested by: Host: www.venez.fr
URL: https://www.venez.fr/alternate-barre.htm
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 5.135.149.81 Le Chesnay, France, ASN16276 (OVH, FR),
Reverse DNS: web3.venez.net
Software: Apache /
Resource Hash: 7dc792d48132ff15a9ad8c11a139bf26f8e13aa3df30a71582ae406ddffdab4f

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://www.venez.fr/alternate-barre.htm
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

Date: Fri, 05 Jan 2024 17:02:58 GMT
Last-Modified: Wed, 02 Mar 2011 00:16:24 GMT
Server: Apache
ETag: "f4c-49d74d2b9c600"
Content-Type: image/gif
Cache-Control: max-age=604800, public
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=98
Content-Length: 3916

GET
H/1.1 200
OK site.js Show response
www.venez.fr/js/ Frame 6AEC 2 KB
1 KB 26ms
26ms Script
application/javascript 5.135.149.81
OVH

General

Check archive.org

Show headers Download Go to

Full URL: https://www.venez.fr/js/site.js?www.venez.fr
Requested by: Host: www.venez.fr
URL: https://www.venez.fr/alternate-barre.htm
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 5.135.149.81 Le Chesnay, France, ASN16276 (OVH, FR),
Reverse DNS: web3.venez.net
Software: Apache /
Resource Hash: 0c91a24c2deb753c963c48cd9c3e5d16ee96128b30bce193c4324e121728c306

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://www.venez.fr/alternate-barre.htm
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

Date: Fri, 05 Jan 2024 17:02:58 GMT
Content-Encoding: gzip
Last-Modified: Fri, 05 Jan 2024 17:02:58 GMT
Server: Apache
Vary: Accept-Encoding
Content-Type: application/javascript
Cache-Control: public, max-age=604800
Connection: Keep-Alive
Keep-Alive: timeout=5, max=98
Content-Length: 1023
Expires: Fri, 12 Jan 2024 17:02:58 GMT

GET
H/1.1 200
OK barre90.gif
www.venez.fr/images/ Frame 6AEC 110 B
416 B 49ms
25ms Image
image/gif 5.135.149.81
OVH

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.venez.fr/images/barre90.gif
Requested by: Host: www.venez.fr
URL: https://www.venez.fr/alternate-barre.htm
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 5.135.149.81 Le Chesnay, France, ASN16276 (OVH, FR),
Reverse DNS: web3.venez.net
Software: Apache /
Resource Hash: 49d4ba84e10d9d1f2a83956dde4f20625fd11efc01f60a3a4552a9e09a05a74f

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://www.venez.fr/alternate-barre.htm
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

Date: Fri, 05 Jan 2024 17:02:58 GMT
Last-Modified: Thu, 15 Nov 2018 22:06:23 GMT
Server: Apache
ETag: "6e-57abb42dff5c0"
Content-Type: image/gif
Cache-Control: max-age=604800, public
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=97
Content-Length: 110

GET
H2 200 26000.gif
static.gambling-affiliation.com/uploads/ads/ Frame 85F3 146 KB
147 KB 91ms
35ms Image
image/gif 91.198.105.122
EURO-WEB-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://static.gambling-affiliation.com/uploads/ads/26000.gif
Requested by: Host: www.tresorturf.com
URL: http://www.tresorturf.com/jk2/tierce2bases/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 91.198.105.122 , France, ASN35393 (EURO-WEB-AS, FR),
Reverse DNS
Software: nginx/1.15.5 /
Resource Hash: f4c51d5a9f7e35e48ca9d03af47a0a9cf4e9e512a0388fc7190ada8a8dc445dc

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: http://www.tresorturf.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date: Fri, 05 Jan 2024 17:02:59 GMT
last-modified: Wed, 19 May 2021 07:06:53 GMT
server: nginx/1.15.5
accept-ranges: bytes
etag: "60a4b90d-24973"
content-length: 149875
content-type: image/gif

GET
H/1.1 200
OK jBox.all.min.css
payment.allopass.com/static/css/jBox/ Frame BA9A 16 KB
4 KB 56ms
20ms Stylesheet
text/css 185.119.26.1
WEBDEVIIN-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://payment.allopass.com/static/css/jBox/jBox.all.min.css
Requested by: Host: payment.allopass.com
URL: https://payment.allopass.com/buy/buy.apu?ids=322617&idd=1411089
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 185.119.26.1 , France, ASN203544 (WEBDEVIIN-AS, FR),
Reverse DNS: 1.26.119.185.in-addr.arpa
Software: Apache /
Resource Hash: 16393c3e769e20445f7f78adf6a188dae9d932249842c1033dc2144bac1296ac

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://payment.allopass.com/buy/buy.apu?ids=322617&idd=1411089
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

Date: Fri, 05 Jan 2024 17:02:59 GMT
Content-Encoding: gzip
Last-Modified: Mon, 21 Aug 2023 10:50:27 GMT
Server: Apache
ETag: "2176b-40d7-6036ca56d02c0"
Vary: Accept-Encoding
Content-Type: text/css
Connection: close
Accept-Ranges: bytes
Content-Length: 3631

GET
H/1.1 200
OK base.css
payment.allopass.com/static/css/ Frame BA9A 81 KB
15 KB 59ms
24ms Stylesheet
text/css 185.119.26.1
WEBDEVIIN-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://payment.allopass.com/static/css/base.css?68
Requested by: Host: payment.allopass.com
URL: https://payment.allopass.com/buy/buy.apu?ids=322617&idd=1411089
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 185.119.26.1 , France, ASN203544 (WEBDEVIIN-AS, FR),
Reverse DNS: 1.26.119.185.in-addr.arpa
Software: Apache /
Resource Hash: 3975eb898756e296608f964f0fe799ecf25bbf79467666a3c3218dad3db1de6e

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://payment.allopass.com/buy/buy.apu?ids=322617&idd=1411089
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

Date: Fri, 05 Jan 2024 17:02:59 GMT
Content-Encoding: gzip
Last-Modified: Mon, 21 Aug 2023 10:50:27 GMT
Server: Apache
ETag: "21901-143f2-6036ca56d02c0"
Vary: Accept-Encoding
Content-Type: text/css
Connection: close
Accept-Ranges: bytes
Content-Length: 14739

GET
H/1.1 200
OK carousel.css
payment.allopass.com/static/css/ Frame BA9A 21 KB
3 KB 57ms
21ms Stylesheet
text/css 185.119.26.1
WEBDEVIIN-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://payment.allopass.com/static/css/carousel.css?68
Requested by: Host: payment.allopass.com
URL: https://payment.allopass.com/buy/buy.apu?ids=322617&idd=1411089
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 185.119.26.1 , France, ASN203544 (WEBDEVIIN-AS, FR),
Reverse DNS: 1.26.119.185.in-addr.arpa
Software: Apache /
Resource Hash: 1decf61f3465e4585a9a8cd868c343796bb6f43dfd1f03fa0b361dab97b4627c

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://payment.allopass.com/buy/buy.apu?ids=322617&idd=1411089
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

Date: Fri, 05 Jan 2024 17:02:59 GMT
Content-Encoding: gzip
Last-Modified: Mon, 21 Aug 2023 10:50:27 GMT
Server: Apache
ETag: "215fe-54eb-6036ca56d02c0"
Vary: Accept-Encoding
Content-Type: text/css
Connection: close
Accept-Ranges: bytes
Content-Length: 2387

GET
H/1.1 200
OK jquery-1.3.2.min.js Show response
payment.allopass.com/static/js/ext/ Frame BA9A 56 KB
20 KB 60ms
24ms Script
application/javascript 185.119.26.1
WEBDEVIIN-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://payment.allopass.com/static/js/ext/jquery-1.3.2.min.js
Requested by: Host: payment.allopass.com
URL: https://payment.allopass.com/buy/buy.apu?ids=322617&idd=1411089
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 185.119.26.1 , France, ASN203544 (WEBDEVIIN-AS, FR),
Reverse DNS: 1.26.119.185.in-addr.arpa
Software: Apache /
Resource Hash: c8370a2d050359e9d505acc411e6f457a49b21360a21e6cbc9229bad3a767899

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://payment.allopass.com/buy/buy.apu?ids=322617&idd=1411089
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

Date: Fri, 05 Jan 2024 17:02:59 GMT
Content-Encoding: gzip
Last-Modified: Mon, 21 Aug 2023 10:50:27 GMT
Server: Apache
ETag: "4106b-dfa6-6036ca56d02c0"
Vary: Accept-Encoding
Content-Type: application/javascript
Connection: close
Accept-Ranges: bytes
Content-Length: 19740

GET
H/1.1 200
OK jquery-1.11.3.min.js Show response
payment.allopass.com/static/js/ext/ Frame BA9A 94 KB
33 KB 61ms
26ms Script
application/javascript 185.119.26.1
WEBDEVIIN-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://payment.allopass.com/static/js/ext/jquery-1.11.3.min.js
Requested by: Host: payment.allopass.com
URL: https://payment.allopass.com/buy/buy.apu?ids=322617&idd=1411089
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 185.119.26.1 , France, ASN203544 (WEBDEVIIN-AS, FR),
Reverse DNS: 1.26.119.185.in-addr.arpa
Software: Apache /
Resource Hash: ecb916133a9376911f10bc5c659952eb0031e457f5df367cde560edbfba38fb8

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://payment.allopass.com/buy/buy.apu?ids=322617&idd=1411089
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

Date: Fri, 05 Jan 2024 17:02:59 GMT
Content-Encoding: gzip
Last-Modified: Mon, 21 Aug 2023 10:50:27 GMT
Server: Apache
ETag: "21a20-176d5-6036ca56d02c0"
Vary: Accept-Encoding
Content-Type: application/javascript
Connection: close
Accept-Ranges: bytes
Content-Length: 33279

GET
H/1.1 200
OK general.js Show response
payment.allopass.com/onetime/scripts/ Frame BA9A 4 KB
2 KB 56ms
20ms Script
application/javascript 185.119.26.1
WEBDEVIIN-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://payment.allopass.com/onetime/scripts/general.js?04
Requested by: Host: payment.allopass.com
URL: https://payment.allopass.com/buy/buy.apu?ids=322617&idd=1411089
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 185.119.26.1 , France, ASN203544 (WEBDEVIIN-AS, FR),
Reverse DNS: 1.26.119.185.in-addr.arpa
Software: Apache /
Resource Hash: c1893b3f02db32e36ee562842bc299d27c047656416c204667abf42f04777d2a

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://payment.allopass.com/buy/buy.apu?ids=322617&idd=1411089
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

Date: Fri, 05 Jan 2024 17:02:59 GMT
Content-Encoding: gzip
Last-Modified: Mon, 21 Aug 2023 10:50:26 GMT
Server: Apache
ETag: "2090b-f37-6036ca55dc080"
Vary: Accept-Encoding
Content-Type: application/javascript
Connection: close
Accept-Ranges: bytes
Content-Length: 1593

GET
H/1.1 200
OK jBox.all.min.js Show response
payment.allopass.com/static/js/ext/ Frame BA9A 51 KB
13 KB 115ms
22ms Script
application/javascript 185.119.26.1
WEBDEVIIN-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://payment.allopass.com/static/js/ext/jBox.all.min.js
Requested by: Host: payment.allopass.com
URL: https://payment.allopass.com/buy/buy.apu?ids=322617&idd=1411089
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 185.119.26.1 , France, ASN203544 (WEBDEVIIN-AS, FR),
Reverse DNS: 1.26.119.185.in-addr.arpa
Software: Apache /
Resource Hash: d176bb09818fe74dc0e1d369c411c2e3ca68bbf64a8eb76b43ec306520229833

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://payment.allopass.com/buy/buy.apu?ids=322617&idd=1411089
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

Date: Fri, 05 Jan 2024 17:02:59 GMT
Content-Encoding: gzip
Last-Modified: Mon, 21 Aug 2023 10:50:27 GMT
Server: Apache
ETag: "41069-cb59-6036ca56d02c0"
Vary: Accept-Encoding
Content-Type: application/javascript
Connection: close
Accept-Ranges: bytes
Content-Length: 12605

GET
H2 200 top.js Show response
gmu-apps.com/js/ Frame BA9A 54 KB
6 KB 593ms
169ms Script
application/javascript 54.183.194.234
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://gmu-apps.com/js/top.js
Requested by: Host: payment.allopass.com
URL: https://payment.allopass.com/buy/buy.apu?ids=322617&idd=1411089
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 54.183.194.234 San Jose, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-54-183-194-234.us-west-1.compute.amazonaws.com
Software: Apache /
Resource Hash: cdca24fd19906ad7adbf066e55d3ee87750c3901e9b5d1beb538408274d32109

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://payment.allopass.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 05 Jan 2024 17:02:59 GMT
content-encoding: gzip
last-modified: Fri, 02 Apr 2021 20:31:35 GMT
server: Apache
vary: Accept-Encoding
content-type: application/javascript
cache-control: max-age=0, no-cache, no-store, must-revalidate
accept-ranges: bytes
content-length: 5772
expires: Sun, 8 Mar 1981 10:00:00 GMT

GET
H/1.1 200
OK fr.png
payment.allopass.com/icons/flags/24x24/ Frame BA9A 536 B
774 B 55ms
19ms Image
image/png 185.119.26.1
WEBDEVIIN-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://payment.allopass.com/icons/flags/24x24/fr.png
Requested by: Host: payment.allopass.com
URL: https://payment.allopass.com/buy/buy.apu?ids=322617&idd=1411089
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 185.119.26.1 , France, ASN203544 (WEBDEVIIN-AS, FR),
Reverse DNS: 1.26.119.185.in-addr.arpa
Software: Apache /
Resource Hash: 54df4beda3ad05d5c621511ff15b2882588ff457e36132035d5f21fb29f2a750

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://payment.allopass.com/buy/buy.apu?ids=322617&idd=1411089
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

Date: Fri, 05 Jan 2024 17:02:59 GMT
Last-Modified: Tue, 26 Nov 2019 14:39:45 GMT
Server: Apache
ETag: "22c1e-218-59840d9ebee40"
Content-Type: image/png
Connection: close
Accept-Ranges: bytes
Content-Length: 536

GET
H/1.1 200
OK check-codes.js Show response
payment.allopass.com/static/js/ Frame BA9A 2 KB
1 KB 56ms
20ms Script
application/javascript 185.119.26.1
WEBDEVIIN-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://payment.allopass.com/static/js/check-codes.js?01
Requested by: Host: payment.allopass.com
URL: https://payment.allopass.com/buy/buy.apu?ids=322617&idd=1411089
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 185.119.26.1 , France, ASN203544 (WEBDEVIIN-AS, FR),
Reverse DNS: 1.26.119.185.in-addr.arpa
Software: Apache /
Resource Hash: 97a9de3830f4bd7bcb7cf4805dbdcf1f4c6e843fcd4a814c6a5d7bc2b11fee1a

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://payment.allopass.com/buy/buy.apu?ids=322617&idd=1411089
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

Date: Fri, 05 Jan 2024 17:02:59 GMT
Content-Encoding: gzip
Last-Modified: Mon, 21 Aug 2023 10:50:27 GMT
Server: Apache
ETag: "21801-9d7-6036ca56d02c0"
Vary: Accept-Encoding
Content-Type: application/javascript
Connection: close
Accept-Ranges: bytes
Content-Length: 795

GET
H/1.1 200
OK fingerprint2.min.js Show response
payment.allopass.com/static/js/ext/ Frame BA9A 33 KB
10 KB 76ms
21ms Script
application/javascript 185.119.26.1
WEBDEVIIN-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://payment.allopass.com/static/js/ext/fingerprint2.min.js
Requested by: Host: payment.allopass.com
URL: https://payment.allopass.com/buy/buy.apu?ids=322617&idd=1411089
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 185.119.26.1 , France, ASN203544 (WEBDEVIIN-AS, FR),
Reverse DNS: 1.26.119.185.in-addr.arpa
Software: Apache /
Resource Hash: faf063f091dd745b82f9aeb12544a10ef3ee5989078c1a90d377d863fff884c7

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://payment.allopass.com/buy/buy.apu?ids=322617&idd=1411089
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

Date: Fri, 05 Jan 2024 17:02:59 GMT
Content-Encoding: gzip
Last-Modified: Mon, 21 Aug 2023 10:50:27 GMT
Server: Apache
ETag: "21a1e-8432-6036ca56d02c0"
Vary: Accept-Encoding
Content-Type: application/javascript
Connection: close
Accept-Ranges: bytes
Content-Length: 10209

GET
H/1.1 200
OK arrow-down.png
payment.allopass.com/static/css/images/ Frame BA9A 315 B
553 B 55ms
19ms Image
image/png 185.119.26.1
WEBDEVIIN-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://payment.allopass.com/static/css/images/arrow-down.png
Requested by: Host: payment.allopass.com
URL: https://payment.allopass.com/buy/buy.apu?ids=322617&idd=1411089
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 185.119.26.1 , France, ASN203544 (WEBDEVIIN-AS, FR),
Reverse DNS: 1.26.119.185.in-addr.arpa
Software: Apache /
Resource Hash: c0a130d7b90ac605b17acd40337aa673f2f6b1779801ba8ea7d894d38b87ba36

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://payment.allopass.com/buy/buy.apu?ids=322617&idd=1411089
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

Date: Fri, 05 Jan 2024 17:02:59 GMT
Last-Modified: Mon, 21 Aug 2023 10:50:27 GMT
Server: Apache
ETag: "21648-13b-6036ca56d02c0"
Content-Type: image/png
Connection: close
Accept-Ranges: bytes
Content-Length: 315

GET
H/1.1 200
OK carousel.js Show response
payment.allopass.com/static/js/ Frame BA9A 7 KB
2 KB 56ms
21ms Script
application/javascript 185.119.26.1
WEBDEVIIN-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://payment.allopass.com/static/js/carousel.js?5
Requested by: Host: payment.allopass.com
URL: https://payment.allopass.com/buy/buy.apu?ids=322617&idd=1411089
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 185.119.26.1 , France, ASN203544 (WEBDEVIIN-AS, FR),
Reverse DNS: 1.26.119.185.in-addr.arpa
Software: Apache /
Resource Hash: 8db08a66fc20669ae93e6d8e919f56a863ce77d3e1ea0bb97efc4c35da450435

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://payment.allopass.com/buy/buy.apu?ids=322617&idd=1411089
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

Date: Fri, 05 Jan 2024 17:02:59 GMT
Content-Encoding: gzip
Last-Modified: Mon, 21 Aug 2023 10:50:27 GMT
Server: Apache
ETag: "41064-1b55-6036ca56d02c0"
Vary: Accept-Encoding
Content-Type: application/javascript
Connection: close
Accept-Ranges: bytes
Content-Length: 1830

GET
H2 200 gtm.js Show response
www.googletagmanager.com/ Frame BA9A 167 KB
61 KB 90ms
33ms Script
application/javascript 2a00:1450:4001:80f::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtm.js?id=GTM-NVK252XV

Requested by

Host: payment.allopass.com
URL: https://payment.allopass.com/buy/buy.apu?ids=322617&idd=1411089

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80f::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

d3408564874da519b57250eac73a08d05ea11d9f5c4b1da4a7f20da3a9a0c670

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://payment.allopass.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date: Fri, 05 Jan 2024 17:02:59 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 61975
x-xss-protection: 0
last-modified: Fri, 05 Jan 2024 15:00:00 GMT
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Fri, 05 Jan 2024 17:02:59 GMT

GET
H/1.1 200
OK duration.css
payment.allopass.com/static/css/ Frame BA9A 3 KB
1 KB 35ms
20ms Stylesheet
text/css 185.119.26.1
WEBDEVIIN-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://payment.allopass.com/static/css/duration.css
Requested by: Host: payment.allopass.com
URL: https://payment.allopass.com/static/css/base.css?68
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 185.119.26.1 , France, ASN203544 (WEBDEVIIN-AS, FR),
Reverse DNS: 1.26.119.185.in-addr.arpa
Software: Apache /
Resource Hash: b88598db6441341112078d3c81ea00ddf76e566ad9c68dcfec28a4d5100ca7b8

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://payment.allopass.com/static/css/base.css?68
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

Date: Fri, 05 Jan 2024 17:02:59 GMT
Content-Encoding: gzip
Last-Modified: Mon, 21 Aug 2023 10:50:27 GMT
Server: Apache
ETag: "215ff-b61-6036ca56d02c0"
Vary: Accept-Encoding
Content-Type: text/css
Connection: close
Accept-Ranges: bytes
Content-Length: 793

GET
H2 200 show_ads_impl_with_ama_fy2021.js Show response
pagead2.googlesyndication.com/pagead/managed/js/adsense/m202401020101/ Frame 4CD7 403 KB
137 KB 141ms
84ms Script
text/javascript 2a00:1450:4001:813::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202401020101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-5203714787387788&plah=www.tierce2bases.c4.fr

Requested by

Host: pagead2.googlesyndication.com
URL: http://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

b355dc0b3b5128f1eecc537956602d4b1d7404edd34bcc6babcff293c8780fd6

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: http://www.tierce2bases.c4.fr/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date: Fri, 05 Jan 2024 17:02:59 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 139431
x-xss-protection: 0
server: cafe
etag: 12115618095265971971
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=3600, stale-while-revalidate=3600
timing-allow-origin: *
expires: Fri, 05 Jan 2024 17:02:59 GMT

GET
H2 200 zrt_lookup_fy2021.html Show response
googleads.g.doubleclick.net/pagead/html/r20240103/r20190131/ Frame B52E 9 KB
4 KB 90ms
26ms Document
text/html 2a00:1450:4001:806::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/html/r20240103/r20190131/zrt_lookup_fy2021.html

Requested by

Host: pagead2.googlesyndication.com
URL: http://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:806::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e93b8c0ae5b5910b7107c8b455eda029935c56efa8de0be2443d8eabba207197

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: http://www.tierce2bases.c4.fr/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36
accept-language: fr-FR,fr;q=0.9

Response headers

age: 4771
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=1209600
content-encoding: br
content-length: 4173
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Fri, 05 Jan 2024 15:43:28 GMT
etag: 9219409622527106327
expires: Fri, 19 Jan 2024 15:43:28 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 ads Show response
googleads.g.doubleclick.net/pagead/ Frame F1DA 160 KB
48 KB 604ms
603ms Document
text/html 2a00:1450:4001:806::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5203714787387788&output=html&h=90&slotname=4563536207&adk=2647235303&adf=3604715433&pi=t.ma~as.4563536207&w=970&format=970x90&url=http%3A%2F%2Fwww.tierce2bases.c4.fr%2F&ea=0&wgl=1&dt=1704474179262&bpp=2&bdt=350&idt=238&shv=r20240103&mjsv=m202401020101&ptt=9&saldr=aa&correlator=4635507236880&frm=23&ife=1&pv=2&ga_vid=667922066.1704474180&ga_sid=1704474180&ga_hid=1084341584&ga_fc=0&nhd=1&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&adx=20&ady=0&biw=1600&bih=1200&isw=1600&ish=90&ifk=2675767453&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44798934%2C95320870&oid=2&pvsid=2462421786956786&tmod=1372565186&uas=0&nvt=1&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C90&vis=1&rsz=o%7Co%7CaeE%7C&abl=NA&pfx=0&fu=4&bc=23&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=1&uci=1.yce91ymcfh4h&fsb=1&dtd=245

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202401020101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-5203714787387788&plah=www.tierce2bases.c4.fr

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:806::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

b635e85cff13be6d5327738d47ca96b3c06a5804d0b85607825c23dcf8ace337

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: http://www.tierce2bases.c4.fr/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36
accept-language: fr-FR,fr;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private
content-encoding: br
content-length: 48818
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Fri, 05 Jan 2024 17:03:00 GMT
expires: Fri, 05 Jan 2024 17:03:00 GMT
observe-browsing-topics: ?1
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H/1.1 200
OK secure-lock.gif
payment.allopass.com/static/css/icons/ Frame BA9A 181 B
418 B 56ms
20ms Image
image/gif 185.119.26.1
WEBDEVIIN-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://payment.allopass.com/static/css/icons/secure-lock.gif
Requested by: Host: payment.allopass.com
URL: https://payment.allopass.com/static/css/base.css?68
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 185.119.26.1 , France, ASN203544 (WEBDEVIIN-AS, FR),
Reverse DNS: 1.26.119.185.in-addr.arpa
Software: Apache /
Resource Hash: b74d93c2e43195ed06c03dcc855663cce5faec3d82a53598eb84f0714bb5ced9

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://payment.allopass.com/static/css/base.css?68
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

Date: Fri, 05 Jan 2024 17:02:59 GMT
Last-Modified: Mon, 21 Aug 2023 10:50:27 GMT
Server: Apache
ETag: "40f91-b5-6036ca56d02c0"
Content-Type: image/gif
Connection: close
Accept-Ranges: bytes
Content-Length: 181

GET
H/1.1 200
OK field.png
payment.allopass.com/static/css/images/ Frame BA9A 170 B
407 B 55ms
19ms Image
image/png 185.119.26.1
WEBDEVIIN-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://payment.allopass.com/static/css/images/field.png
Requested by: Host: payment.allopass.com
URL: https://payment.allopass.com/static/css/base.css?68
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 185.119.26.1 , France, ASN203544 (WEBDEVIIN-AS, FR),
Reverse DNS: 1.26.119.185.in-addr.arpa
Software: Apache /
Resource Hash: 7ffb9e58d885b0eaf644c52103b65f0019590149c75e77ff18f826d9bb3fa4e9

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://payment.allopass.com/static/css/base.css?68
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

Date: Fri, 05 Jan 2024 17:02:59 GMT
Last-Modified: Mon, 21 Aug 2023 10:50:27 GMT
Server: Apache
ETag: "21747-aa-6036ca56d02c0"
Content-Type: image/png
Connection: close
Accept-Ranges: bytes
Content-Length: 170

GET
H/1.1 200
OK allopass-logo-small.svg
payment.allopass.com/static/css/images/ Frame BA9A 116 KB
116 KB 56ms
20ms Image
image/svg+xml 185.119.26.1
WEBDEVIIN-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://payment.allopass.com/static/css/images/allopass-logo-small.svg
Requested by: Host: payment.allopass.com
URL: https://payment.allopass.com/static/css/base.css?68
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 185.119.26.1 , France, ASN203544 (WEBDEVIIN-AS, FR),
Reverse DNS: 1.26.119.185.in-addr.arpa
Software: Apache /
Resource Hash: a82d1b3a85473bad87120c7d6b42782c0b5132e88feab8d6bd22a65ac85f70d4

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://payment.allopass.com/static/css/base.css?68
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

Date: Fri, 05 Jan 2024 17:02:59 GMT
Last-Modified: Mon, 21 Aug 2023 10:50:27 GMT
Server: Apache
ETag: "2194c-1cf64-6036ca56d02c0"
Content-Type: image/svg+xml
Connection: close
Accept-Ranges: bytes
Content-Length: 118628

GET
H/1.1 200
OK carousel-row-mobiyo.png
payment.allopass.com/static/css/images/ Frame BA9A 87 KB
87 KB 56ms
21ms Image
image/png 185.119.26.1
WEBDEVIIN-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://payment.allopass.com/static/css/images/carousel-row-mobiyo.png
Requested by: Host: payment.allopass.com
URL: https://payment.allopass.com/static/css/carousel.css?68
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 185.119.26.1 , France, ASN203544 (WEBDEVIIN-AS, FR),
Reverse DNS: 1.26.119.185.in-addr.arpa
Software: Apache /
Resource Hash: 5b0231eec0d06b77f534fe202e99a40e89685551d6f1afdebc3c581e3ea76a0b

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://payment.allopass.com/static/css/carousel.css?68
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

Date: Fri, 05 Jan 2024 17:02:59 GMT
Last-Modified: Mon, 21 Aug 2023 10:50:27 GMT
Server: Apache
ETag: "40fa1-15a80-6036ca56d02c0"
Content-Type: image/png
Connection: close
Accept-Ranges: bytes
Content-Length: 88704

GET
H/1.1 200
OK carousel-row.png
payment.allopass.com/static/css/images/ Frame BA9A 87 KB
87 KB 55ms
19ms Image
image/png 185.119.26.1
WEBDEVIIN-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://payment.allopass.com/static/css/images/carousel-row.png
Requested by: Host: payment.allopass.com
URL: https://payment.allopass.com/static/css/carousel.css?68
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 185.119.26.1 , France, ASN203544 (WEBDEVIIN-AS, FR),
Reverse DNS: 1.26.119.185.in-addr.arpa
Software: Apache /
Resource Hash: 3826392fad8affe0e8f105c96299f4b3550fdd588c90603a12cc3db9b8e529c0

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://payment.allopass.com/static/css/carousel.css?68
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

Date: Fri, 05 Jan 2024 17:02:59 GMT
Last-Modified: Mon, 21 Aug 2023 10:50:27 GMT
Server: Apache
ETag: "21653-15c04-6036ca56d02c0"
Content-Type: image/png
Connection: close
Accept-Ranges: bytes
Content-Length: 89092

GET
H2 200 destination Show response
www.googletagmanager.com/gtag/ Frame BA9A 292 KB
96 KB 38ms
38ms Script
application/javascript 2a00:1450:4001:80f::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/destination?id=G-QG320G96PZ&l=dataLayer&cx=c

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-NVK252XV

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80f::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

2b188734c8126daedbd786ed76ac0d6743f0b15d6887fc65cb0da74d12c2cd11

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://payment.allopass.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date: Fri, 05 Jan 2024 17:02:59 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
access-control-allow-headers: Cache-Control
content-length: 97699
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires: Fri, 05 Jan 2024 17:02:59 GMT

GET
H2 200 css
fonts.googleapis.com/ Frame F1DA 14 KB
2 KB 89ms
33ms Stylesheet
text/css 2a00:1450:4001:806::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Google%20Sans%3A400%2C500

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5203714787387788&output=html&h=90&slotname=4563536207&adk=2647235303&adf=3604715433&pi=t.ma~as.4563536207&w=970&format=970x90&url=http%3A%2F%2Fwww.tierce2bases.c4.fr%2F&ea=0&wgl=1&dt=1704474179262&bpp=2&bdt=350&idt=238&shv=r20240103&mjsv=m202401020101&ptt=9&saldr=aa&correlator=4635507236880&frm=23&ife=1&pv=2&ga_vid=667922066.1704474180&ga_sid=1704474180&ga_hid=1084341584&ga_fc=0&nhd=1&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&adx=20&ady=0&biw=1600&bih=1200&isw=1600&ish=90&ifk=2675767453&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44798934%2C95320870&oid=2&pvsid=2462421786956786&tmod=1372565186&uas=0&nvt=1&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C90&vis=1&rsz=o%7Co%7CaeE%7C&abl=NA&pfx=0&fu=4&bc=23&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=1&uci=1.yce91ymcfh4h&fsb=1&dtd=245

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:806::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

aade7746342f608807b7eb107059c842fe200e1ff09e146db822250055cecaed

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Fri, 05 Jan 2024 17:03:00 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
last-modified: Fri, 05 Jan 2024 16:43:10 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Fri, 05 Jan 2024 17:03:00 GMT

GET
H2 200 nessie_icon_tiamat_white.png
tpc.googlesyndication.com/pagead/images/ Frame F1DA 225 B
355 B 91ms
30ms Image
image/png 2a00:1450:4001:829::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/pagead/images/nessie_icon_tiamat_white.png

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:829::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

5719cdd3acdb2b6a5b9ae0bee910fc88fbc0f297f83235c02865d78eeed48446

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date: Thu, 04 Jan 2024 19:32:51 GMT
x-content-type-options: nosniff
server: cafe
age: 77409
etag: 14085932017949564970
vary: Accept-Encoding
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-type: image/png
cache-control: public, max-age=86400
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 225
x-xss-protection: 0
expires: Fri, 05 Jan 2024 19:32:51 GMT

GET
H2 200 load_preloaded_resource_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20240103/r20110914/client/ Frame F1DA 2 KB
902 B 75ms
32ms Script
text/javascript 2a00:1450:4001:829::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20240103/r20110914/client/load_preloaded_resource_fy2021.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:829::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

41d2526e9c4595fc1fc747555bda18a041033a863a9b2ed180e7b5836918facd

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date: Fri, 05 Jan 2024 14:41:09 GMT
content-encoding: br
x-content-type-options: nosniff
age: 8511
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 795
x-xss-protection: 0
server: cafe
etag: 4925184154378345226
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Fri, 19 Jan 2024 14:41:09 GMT

GET
H2 200 6701214875553410679
tpc.googlesyndication.com/simgad/ Frame F1DA 3 KB
3 KB 94ms
52ms Image
image/jpeg 2a00:1450:4001:829::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/simgad/6701214875553410679?w=100&h=100&tw=1&q=75

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:829::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

5c7ce634fcc576169731d26bd6460f3f0252259da823c6f54fd0006ed5e46fe2

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

expires: Tue, 31 Dec 2024 23:19:53 GMT
date: Mon, 01 Jan 2024 23:19:53 GMT
x-content-type-options: nosniff
age: 322987
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 2844
x-xss-protection: 0
last-modified: Sun, 10 Apr 2022 23:23:34 GMT
server: sffe
report-to: {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="content-ads-owners"
allow-fenced-frame-automatic-beacons: true

GET
DATA 200
OK truncated
/ Frame F1DA 195 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 9e34975a0a58f4262f18fc35a4a9efb9f9b3962b87772f8fa5c006d5b7bc3f57

Request headers

accept-language: fr-FR,fr;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
DATA 200
OK truncated
/ Frame F1DA 336 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: be3b15b1e68cf3e9278293d3b50491fe16c985e0ee5968852cac4fc062a7134e

Request headers

accept-language: fr-FR,fr;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
H2 200 abg_lite_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20240103/r20110914/ Frame F1DA 23 KB
9 KB 71ms
34ms Script
text/javascript 2a00:1450:4001:829::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20240103/r20110914/abg_lite_fy2021.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:829::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

428f4d59e61cdf9887ad4cd7c4592a24b214d2d9c0ba09db01c4cfde66a3cd11

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date: Fri, 05 Jan 2024 14:39:26 GMT
content-encoding: br
x-content-type-options: nosniff
age: 8614
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 9276
x-xss-protection: 0
server: cafe
etag: 3558958386372919956
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Fri, 19 Jan 2024 14:39:26 GMT

GET
H2 200 window_focus_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20240103/r20110914/client/ Frame F1DA 3 KB
1 KB 70ms
33ms Script
text/javascript 2a00:1450:4001:829::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20240103/r20110914/client/window_focus_fy2021.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:829::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date: Fri, 05 Jan 2024 14:36:45 GMT
content-encoding: br
x-content-type-options: nosniff
age: 8775
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1236
x-xss-protection: 0
server: cafe
etag: 15004572836499977866
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Fri, 19 Jan 2024 14:36:45 GMT

GET
H2 200 qs_click_protection_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20240103/r20110914/client/ Frame F1DA 20 KB
9 KB 64ms
27ms Script
text/javascript 2a00:1450:4001:829::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20240103/r20110914/client/qs_click_protection_fy2021.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:829::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

2f764c969a82705ba7838239087f5ff9b33e978b6bae2657e299b6b14c30ad7f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date: Fri, 05 Jan 2024 14:36:43 GMT
content-encoding: br
x-content-type-options: nosniff
age: 8777
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 8523
x-xss-protection: 0
server: cafe
etag: 16500369019378894752
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Fri, 19 Jan 2024 14:36:43 GMT

GET
H2 200 ufs_web_display.js Show response
www.googletagservices.com/activeview/js/current/ Frame F1DA 204 KB
65 KB 97ms
39ms Script
text/javascript 2a00:1450:4001:80e::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/ufs_web_display.js?cache=r20110914

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

8941597d26275d5e8775ac804bffb1d86f749d0cfe471777800a4543e4b65603

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date: Fri, 05 Jan 2024 17:03:00 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 65775
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1704286440049996"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
timing-allow-origin: *
expires: Fri, 05 Jan 2024 17:03:00 GMT

GET
H2 200 f9d9b65dbd646119ce96bad0f484d579.js Show response
www.gstatic.com/mysidia/ Frame F1DA 37 KB
16 KB 82ms
24ms Script
text/javascript 2a00:1450:4001:806::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/mysidia/f9d9b65dbd646119ce96bad0f484d579.js?tag=mysidia_one_click_handler_one_afma_2019

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:806::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

457852000f1b85c1d570224fe5aaacc709625fc3bff458ad4e8a35420d21843d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date: Wed, 03 Jan 2024 09:13:33 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 200967
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/mysidia
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 15460
x-xss-protection: 0
last-modified: Thu, 07 Dec 2023 22:13:01 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="mysidia"
vary: Accept-Encoding
report-to: {"group":"mysidia","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/mysidia"}]}
content-type: text/javascript
cache-control: public, max-age=7776000
accept-ranges: bytes
expires: Tue, 02 Apr 2024 09:13:33 GMT

GET
DATA 200
OK truncated
/ Frame F1DA 216 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: c05783611ae87dbb38ddad020d4da0fa6ef6d584fd957a3f962837e562be6321

Request headers

accept-language: fr-FR,fr;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

Content-Type: image/png

GET
H3

200

/
www.googleadservices.com/pagead/ar-adview/ Frame F1DA
Redirect Chain

https://googleads.g.doubleclick.net/pagead/adview?ai=CUA25QzaYZa6UJdbZ_tMP-4uLuA7z4srPc8eXurnrEfiM-5ClFBABIKK6_gJg--GFg5wKoAGJxtzlAsgBCakC4hg3xWNTsj6oAwHIA8sEqgTVAU_QKgriAxJePD8zuC5nGu-E0EZQ8UUQj7L...
https://www.googleadservices.com/pagead/ar-adview/?nrh={%22debug_key%22:%229208963424030965872%22,%22debug_reporting%22:true,%22destination%22:%22https://animalis.com%22,%22event_report_window%22:%...

0
0

111ms
60ms

Fetch
text/css

172.217.16.194
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googleadservices.com/pagead/ar-adview/?nrh={%22debug_key%22:%229208963424030965872%22,%22debug_reporting%22:true,%22destination%22:%22https://animalis.com%22,%22event_report_window%22:%22259200%22,%22expiry%22:%222592000%22,%22filter_data%22:{%222%22:[%22750199561%22],%2222%22:[%22true%22],%224%22:[%2201-05%22],%226%22:[%22true%22]},%22priority%22:%22500%22,%22source_event_id%22:%229379464493765238593%22}&andc=true

Requested by

Host: www.tierce2bases.c4.fr
URL: http://www.tierce2bases.c4.fr/

Protocol

Server

172.217.16.194 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s08-in-f2.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date: Fri, 05 Jan 2024 17:03:00 GMT
x-content-type-options: nosniff
attribution-reporting-register-source: {"debug_key":"9208963424030965872","debug_reporting":true,"destination":"https://animalis.com","event_report_window":"259200","expiry":"2592000","filter_data":{"2":["750199561"],"22":["true"],"4":["01-05"],"6":["true"]},"priority":"500","source_event_id":"9379464493765238593"}
server: cafe
content-type: text/css; charset=UTF-8
access-control-allow-origin: https://googleads.g.doubleclick.net
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: private
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 05 Jan 2024 17:03:00 GMT

Redirect headers

content-security-policy: script-src 'none'; object-src 'none'
date: Fri, 05 Jan 2024 17:03:00 GMT
x-content-type-options: nosniff
server: cafe
content-type: text/html; charset=UTF-8
location: https://www.googleadservices.com/pagead/ar-adview/?nrh={"debug_key":"9208963424030965872","debug_reporting":true,"destination":"https://animalis.com","event_report_window":"259200","expiry":"2592000","filter_data":{"2":["750199561"],"22":["true"],"4":["01-05"],"6":["true"]},"priority":"500","source_event_id":"9379464493765238593"}&andc=true
access-control-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0

GET
H2 200 4UasrENHsxJlGDuGo1OIlJfC6l_24rlCK1Yo_Iqcsih3SAyH6cAwhX9RPjIUvQ.woff2
fonts.gstatic.com/s/googlesans/v58/ Frame F1DA 33 KB
34 KB 88ms
27ms Font
font/woff2 2a00:1450:4001:80f::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/googlesans/v58/4UasrENHsxJlGDuGo1OIlJfC6l_24rlCK1Yo_Iqcsih3SAyH6cAwhX9RPjIUvQ.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Google%20Sans%3A400%2C500

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80f::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

65c99d3b9f1a1b905046e30d00a97f2d4d605e565c32917e7a89a35926e04b98

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://googleads.g.doubleclick.net
accept-language: fr-FR,fr;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date: Tue, 02 Jan 2024 04:01:15 GMT
x-content-type-options: nosniff
age: 306105
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 34108
x-xss-protection: 0
last-modified: Tue, 23 May 2023 16:35:55 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 01 Jan 2025 04:01:15 GMT

GET
H3 200 sodar Show response
pagead2.googlesyndication.com/getconfig/ Frame 4CD7 16 KB
12 KB 128ms
74ms XHR
application/json 2a00:1450:4001:813::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gda&tv=r20240103&st=env

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

1992d0f1a90d3876770bca35c2e60388513ff74d8c3b8667626b66a74961d043

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: http://www.tierce2bases.c4.fr/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date: Fri, 05 Jan 2024 17:03:00 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
content-type: application/json; charset=UTF-8
access-control-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 12175
x-xss-protection: 0

GET
H2 200 gPTZx8Qg5YtqHYATuVEq7wiNXgGYJLmNtV6Q-nRIA0Y.js Show response
pagead2.googlesyndication.com/bg/ Frame 3B6F 50 KB
20 KB 25ms
24ms Script
text/javascript 2a00:1450:4001:813::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/gPTZx8Qg5YtqHYATuVEq7wiNXgGYJLmNtV6Q-nRIA0Y.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

80f4d9c7c420e58b6a1d8013b9512aef088d5e019824b98db55e90fa74480346

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date: Thu, 04 Jan 2024 20:29:11 GMT
content-encoding: br
x-content-type-options: nosniff
age: 74029
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 19632
x-xss-protection: 0
last-modified: Tue, 28 Nov 2023 18:18:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Fri, 03 Jan 2025 20:29:11 GMT

OPTIONS
H2 204 /
www.googleadservices.com/pagead/ar-adview/ Frame 0
0 138ms
62ms Preflight
text/html 172.217.16.194
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.217.16.194 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s08-in-f2.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept: */*
Access-Control-Request-Headers: attribution-reporting-eligible
Access-Control-Request-Method: GET
Origin: https://googleads.g.doubleclick.net
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: attribution-reporting-eligible
access-control-allow-methods: POST, GET, OPTIONS
access-control-allow-origin: https://googleads.g.doubleclick.net
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
content-type: text/html; charset=UTF-8
date: Fri, 05 Jan 2024 17:03:00 GMT
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 sodar2.js Show response
tpc.googlesyndication.com/sodar/ Frame 4CD7 17 KB
7 KB 49ms
49ms Script
text/javascript 2a00:1450:4001:829::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:829::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: http://www.tierce2bases.c4.fr/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date: Fri, 05 Jan 2024 17:03:00 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 6386
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
etag: "1637097310169751"
vary: Accept-Encoding
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Fri, 05 Jan 2024 17:03:00 GMT

GET
H3 200 runner.html Show response
tpc.googlesyndication.com/sodar/sodar2/225/ Frame 755D 13 KB
5 KB 25ms
24ms Document
text/html 2a00:1450:4001:829::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: http://www.tierce2bases.c4.fr/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36
accept-language: fr-FR,fr;q=0.9

Response headers

accept-ranges: bytes
age: 21189
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=31536000
content-encoding: gzip
content-length: 5046
content-type: text/html
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy: cross-origin
date: Fri, 05 Jan 2024 11:09:51 GMT
expires: Sat, 04 Jan 2025 11:09:51 GMT
last-modified: Mon, 21 Jun 2021 20:47:05 GMT
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server: sffe
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 aframe Show response
www.google.com/recaptcha/api2/ Frame 5C34 829 B
1 KB 91ms
34ms Document
text/html 2a00:1450:4001:813::2004
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/recaptcha/api2/aframe

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:813::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

GSE /

Resource Hash

6b7abbba02df06f8de6a943cb28df4aa26b356705ed9369276a23a275592f6f6

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-FELTzQkk9KDZOl5CEe40jg' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: http://www.tierce2bases.c4.fr/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36
accept-language: fr-FR,fr;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private, max-age=300
content-encoding: gzip
content-security-policy: script-src 'report-sample' 'nonce-FELTzQkk9KDZOl5CEe40jg' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-type: text/html; charset=utf-8
cross-origin-embedder-policy: require-corp
cross-origin-resource-policy: cross-origin
date: Fri, 05 Jan 2024 17:03:00 GMT
expires: Fri, 05 Jan 2024 17:03:00 GMT
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
server: GSE
x-content-type-options: nosniff
x-xss-protection: 1; mode=block

POST
H2 200 chk.php Show response
gmu-apps.com/ Frame BA9A 0
94 B 481ms
166ms XHR
text/html 54.183.194.234
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://gmu-apps.com/chk.php
Requested by: Host: www.tierce2bases.c4.fr
URL: http://www.tierce2bases.c4.fr/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 54.183.194.234 San Jose, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-54-183-194-234.us-west-1.compute.amazonaws.com
Software: Apache /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://payment.allopass.com/
accept-language: fr-FR,fr;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36
Content-Type: application/x-www-form-urlencoded

Response headers

access-control-allow-origin: *
date: Fri, 05 Jan 2024 17:03:00 GMT
server: Apache
content-length: 0
content-type: text/html; charset=UTF-8

GET
H3 200 Dtt_-LR3WxpzwV0Gscftq1A_D1owstvxoTnWWhwY4Ow.js Show response
pagead2.googlesyndication.com/bg/ Frame 755D 39 KB
15 KB 25ms
25ms Script
text/javascript 2a00:1450:4001:813::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/Dtt_-LR3WxpzwV0Gscftq1A_D1owstvxoTnWWhwY4Ow.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

0edb7ff8b4775b1a73c15d06b1c7edab503f0f5a30b2dbf1a139d65a1c18e0ec

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date: Fri, 05 Jan 2024 15:03:40 GMT
content-encoding: br
x-content-type-options: nosniff
age: 7160
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 15165
x-xss-protection: 0
last-modified: Tue, 28 Nov 2023 18:18:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Sat, 04 Jan 2025 15:03:40 GMT

GET
H3 204 sodar
pagead2.googlesyndication.com/pagead/ Frame 5C34 0
0 59ms
59ms Image
text/html 2a00:1450:4001:813::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&li=gda_r20240103&jk=2462421786956786&rc=
Requested by: Host: www.tierce2bases.c4.fr
URL: http://www.tierce2bases.c4.fr/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://www.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

GET
H3 204 generate_204
tpc.googlesyndication.com/ Frame 755D 0
10 B 24ms
24ms Image
text/plain 2a00:1450:4001:829::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://tpc.googlesyndication.com/generate_204?d05BeQ
Requested by: Host: www.tierce2bases.c4.fr
URL: http://www.tierce2bases.c4.fr/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:829::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date: Fri, 05 Jan 2024 17:03:00 GMT
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0

GET
H3 204 sodar
pagead2.googlesyndication.com/pagead/ Frame 4CD7 0
0 61ms
61ms Image
text/html 2a00:1450:4001:813::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&t=2&li=gda_r20240103&jk=2462421786956786&bg=!hoWlhcrNAAY3kmNgF5I7ADQBe5WfOCw1dN4U29Dm3FEFcQ_OO9ndSWPJOCUP2ThVPItMXxBoabyJt4lKR3zqopGVjkNOAgAAAERSAAAAAmgBB5kC4sORqNO7kneVQ--Nf5BT37RXUg6csjhRsiPdi7wK_zD9FwvRSnjmo8E8i1tzkmj0gdqmAlOVkWAAb8Fnp2GbQSwzhSVKNIWxyGV8Rn3z753eo8aL_ewkpWPHgBj-fICxL4cvhubYDN0-bFgdWF4BWRGLK2zXSuV-FPB2AT9zSaTkwAsazOUoHvznSmYhUAisUVT-B2R91cR-ivaffAA7PXj-unQybyKvJw3Zbt-_Ik82hp7BsfVR5g7IJfb-CUNPtNmHc-adLFdHyaU1nFTiw45fMu65xGd1MY_dUxeK3WXOpkdGC5fvFqNTVtyfMhVdxb1hZneSGmCFLKmgsoUPEOjgjIG7sqn3kzUylec6u-oqMYyNQbxOvHJtHm7T9yAjp2UbIrvHucqA2hzOnaCshXPfP6mXESYH5sZDiQQ6zInTHlNUBXwzwfe1lTxf38qHXBrWbSMkkE8oTGWFl-ypEa33tA01F37NLB_iSN9Nvhtr8asp_r15EGSXyAPSa3iEOWzAhwIfXBL1FAuCNHPmatO4D96wnvSLdhWd9yYXtEtdFo6eVtXY-NaOvQ2ZiVATLolnIF6tIxUEmr279tNxPN4A7qTMarGX9TkOKdyGZJCq5iX3dG43PW4tR5VIbkjNwIW0n-slv0glO1W8ZMoqPfBInfjP8-ySS3jKpJ8aYNMTWknTnP_C9SgCEKkpfGDo2h9EGUxMQyrmT_XocBIlyJgDxH-u-KMe8VOgMiu_T0x0khwfcrqEBga3rYWm7nalq76-a-gXjRAXGjzBNK1Siz9S2UgHuJdCfxPQSsL7baSarNCW_QSL73HWRPwxDn21LZPtxrRx_nYfyoEHBqOz9WV6QKpsin-RejRvia3pMKaIlatcWsP3pFEgDWVP-Pk2qW4l_z8kg45Fu-prOP-HIZwhAwzHHXc98Bv2X8XOf-8WqiMOSAHYvm093XlpxabekM_Xj56Fqs4xO_kjnsIeMUoXFg
Requested by: Host: www.tierce2bases.c4.fr
URL: http://www.tierce2bases.c4.fr/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: http://www.tierce2bases.c4.fr/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

GET
H3 200 activeview Show response
pagead2.googlesyndication.com/pcs/ Frame F1DA 42 B
64 B 65ms
65ms Fetch
image/gif 2a00:1450:4001:813::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjsurPAZljzG5JjSdgURZWoV3Po1-Zs1ssltn_seycSlp-xfk4aVhWNEYGNxCoYwTRgEjyOzgXMaETjYuhVqX1yrLpec5tzTZ4PIVAImrn81SPgZosE8qxZ_1b8WSSE3VPgdp7GVoLnn3PTARzTcmnqlZ9AX7WKcQhmNlInhji4upFjKgrDtCiGL9AWmUY0gVvuItwbW2NmXzvY8RZS9r3CP65EPcTS3jklbNVMFOyStpvxqtmUzi8EOClKp7dayps50dKK9axbx4Wi3fTdjgydgy_BIWP3-sMntz40iC707MjrQGcSc89k-JL2DP2PEj4VYl_33x6CIwTzfD1-KwtgTrq7D5m0JBdVHL4VOKtwtnkDL9HuDffS8OQfHajdcaGIR4ObHO2bEwQMhHF1kuVHuCxfJNzDOhTJpfH2aqCDbCo36lXUtAKIm2xlqIOup3XS9R05snNNGU4AgbAJ5RnEhPLbE4jibdRCWiVMCsyyMev9J9ci-O1ucHGspz8eYL6-BmjRv3qxFObwTKdRbBwQmpPj8cc7YqRmTOZU7ot6wj0dfHuV0SMr0Ues1ji6K0K_6fVwxWPsLC--gBRpxDYg1D_EzDbUuVMw5dcfcLEUM7dY_cOW5OxBeUT7PO7I-8HQO-mkIYD-wJ7QtK-c3kgBSjM5PHtcVv3fdBOnbQyOFyVLBCYS0ekI7HToJDIsdYa4S8qSqZdx2IIIIZuyW-y5BH9za8O6p8DJRsPYnG4yH0nL6ZbXhuDHq3YHZY5jqsNEP4_G6LQ1jIOMYncWyFEmvyUqa04ZMz0a6nwvsZ3FDzDYW1DJS4rVICAe-bF7yEHQFkQOsMss9GzqssG47rVlGaPaQT-5ytes9mny1YTCJ1den4lM9X-eA3wCghHYUp_vXWBevTl-q97O1DBo5NGBqHCRo1zzRy7qNm2YmWGmBNnzifNNk-Yc3zxaIQkia3wzzOiwNClc9eetGAJTB5FQZOmTnLliXCS72yHYIL7Seb1B43ZEhfleJ_fU0JiMmf2i0-1EZzHLpqgJ0z9aNWAOhct_ITJe_tbXF-tZVe91g-n1xizwaaLO5VPlIpzmsWbGeeBCLhX5tI8QcsqhRT5JtBFFfcHGke-QwyS87pMSe7O3e62fHmJ_C4A0fIWtjXyCdO7mB0tLmKqCXxhjzCHauMJk6qUpT8WBw78cvfhwIw6KZj97WfLY8pL9zS0frqPAQSk8bhC4Ru1jX4&sai=AMfl-YSUmaOeSRcMS9Rg0IoDP8fDjClkulSfNp1iREfB08FtqCRJIfOUN4wQxyHS1ZAXX43dS3pWmyw44xxOfRufZiDqfPC8VST9ZnXID1nbxZpW8mquFvvYyqomEOzddhL-Ub-hop1ip1FUE1POQp3DcCwR1fwoblLgRDkA09w&sig=Cg0ArKJSzLcQqlPRB56rEAE&cid=CAQSTwAvHhf_HpR3pCfnwm_NNCIzj3iwozmc7-2coNR9hIhCFd4pxPiOI5zjoBw24xFP9VhtrMom2bHVopiJ4pzU0vWpFBgowyjrk4EMAJjMG9MYAQ&id=lidar2&mcvt=1000&p=0,0,90,970&mtos=1000,1000,1000,1000,1000&tos=1000,0,0,0,0&v=20240103&bin=7&avms=nio&bs=0,0&mc=1&if=1&vu=1&app=0&itpl=22&adk=2647235303&rs=2&la=0&cr=0&vs=4&r=v&rst=1704474179508&rpt=814&met=mue&wmsd=0&pbe=0&vae=0&spb=0&ffslot=0&reach=0&io2=0

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/ufs_web_display.js?cache=r20110914

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 05 Jan 2024 17:03:01 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain: pronosturf.genhit.com
URL: http://pronosturf.genhit.com/logo

Verdicts & Comments Add Verdict or Comment

8 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

6 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
payment.allopass.com/	1969-12-31 23:59:59	Name: ShopSessionId Value: 421944d9-ed96-44c3-9101-06adc1f9bc0a
.allopass.com/	1970-01-21 02:13:30	Name: AP_CUSK Value: 3639354458
.c4.fr/	1970-01-21 02:49:30	Name: __gads Value: ID=b8aa82b3748c5cfb:T=1704474179:RT=1704474179:S=ALNI_MYYngDyZJKmgaKJaCSmFKpczKH7KA
.c4.fr/	1970-01-21 02:49:30	Name: __gpi Value: UID=00000cef3ce0fb70:T=1704474179:RT=1704474179:S=ALNI_MYhb8obq6y1xVmskrDH-wyMvstw5w
.doubleclick.net/	1970-01-21 02:49:30	Name: IDE Value: AHWqTUnjjj9pUThdJnMMF43dkIe9kWeqnJPnWtRdAqXZwR91aJxQ2Wp1y475eLY6exE
.googleadservices.com/	1970-01-20 19:37:30	Name: ar_debug Value: 1

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

fonts.googleapis.com
fonts.gstatic.com
gmu-apps.com
googleads.g.doubleclick.net
pagead2.googlesyndication.com
payment.allopass.com
pronosturf.genhit.com
static.gambling-affiliation.com
tpc.googlesyndication.com
www.bazireturf.com
www.duvaldestin.com
www.gambling-affiliation.com
www.google.com
www.googleadservices.com
www.googletagmanager.com
www.googletagservices.com
www.gstatic.com
www.tierce2bases.c4.fr
www.tresorturf.com
www.venez.fr
pronosturf.genhit.com
172.217.16.194
185.119.26.1
194.150.236.179
194.150.236.236
2a00:1450:4001:806::2002
2a00:1450:4001:806::2003
2a00:1450:4001:806::200a
2a00:1450:4001:80e::2002
2a00:1450:4001:80f::2003
2a00:1450:4001:80f::2008
2a00:1450:4001:813::2002
2a00:1450:4001:813::2004
2a00:1450:4001:829::2001
5.135.149.81
54.183.194.234
91.198.105.122
0648398ec4da51a7512445f76e211c21dc24b17cf44e2dd9e777ad1b53c19e55
0a0b02f9d66b1587c17cc67c934986ee07192c2565bfeccc1d2b1487ee6cb1f9
0c91a24c2deb753c963c48cd9c3e5d16ee96128b30bce193c4324e121728c306
0edb7ff8b4775b1a73c15d06b1c7edab503f0f5a30b2dbf1a139d65a1c18e0ec
16393c3e769e20445f7f78adf6a188dae9d932249842c1033dc2144bac1296ac
1992d0f1a90d3876770bca35c2e60388513ff74d8c3b8667626b66a74961d043
1decf61f3465e4585a9a8cd868c343796bb6f43dfd1f03fa0b361dab97b4627c
259d4c3c889fb18588e343dd066fa4b68f1d3bf181c8131fee53af8df1e4abdc
2b188734c8126daedbd786ed76ac0d6743f0b15d6887fc65cb0da74d12c2cd11
2f764c969a82705ba7838239087f5ff9b33e978b6bae2657e299b6b14c30ad7f
3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5
3289fc83b622ca0a13683fa81b006a05de135d1938744d6e30e5c9be2f2d782a
33586483d0218fce3417f7c7dadb33529971fda76ca0a20a0a3eeaf922573cd4
3826392fad8affe0e8f105c96299f4b3550fdd588c90603a12cc3db9b8e529c0
3975eb898756e296608f964f0fe799ecf25bbf79467666a3c3218dad3db1de6e
41d2526e9c4595fc1fc747555bda18a041033a863a9b2ed180e7b5836918facd
428f4d59e61cdf9887ad4cd7c4592a24b214d2d9c0ba09db01c4cfde66a3cd11
457151d0356dc0ac710d86115f409cbe0d5331eccef0c7e12b324614de744a81
457852000f1b85c1d570224fe5aaacc709625fc3bff458ad4e8a35420d21843d
49d4ba84e10d9d1f2a83956dde4f20625fd11efc01f60a3a4552a9e09a05a74f
54df4beda3ad05d5c621511ff15b2882588ff457e36132035d5f21fb29f2a750
55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a
5719cdd3acdb2b6a5b9ae0bee910fc88fbc0f297f83235c02865d78eeed48446
5b0231eec0d06b77f534fe202e99a40e89685551d6f1afdebc3c581e3ea76a0b
5c7ce634fcc576169731d26bd6460f3f0252259da823c6f54fd0006ed5e46fe2
61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb
65c99d3b9f1a1b905046e30d00a97f2d4d605e565c32917e7a89a35926e04b98
6708a8ec82fad521076f2579c9873b1335aad3bd231cdb2972ea0bfb38689d97
6b7abbba02df06f8de6a943cb28df4aa26b356705ed9369276a23a275592f6f6
7dc792d48132ff15a9ad8c11a139bf26f8e13aa3df30a71582ae406ddffdab4f
7ffb9e58d885b0eaf644c52103b65f0019590149c75e77ff18f826d9bb3fa4e9
80f4d9c7c420e58b6a1d8013b9512aef088d5e019824b98db55e90fa74480346
8941597d26275d5e8775ac804bffb1d86f749d0cfe471777800a4543e4b65603
89af640141b51d2387b765b728134e7f2ba8e841e759e4d59fd3b6bba1e6eb9d
8d94eaa3224b045273b8b70f8473e549b09e03fa2bf66e187250df90dd94c08a
8db08a66fc20669ae93e6d8e919f56a863ce77d3e1ea0bb97efc4c35da450435
97a9de3830f4bd7bcb7cf4805dbdcf1f4c6e843fcd4a814c6a5d7bc2b11fee1a
9c39139a8cdbf5c5ee4a5d23dcb28caf43a2f77832441404c3a35d6c6b39d306
9e34975a0a58f4262f18fc35a4a9efb9f9b3962b87772f8fa5c006d5b7bc3f57
a82d1b3a85473bad87120c7d6b42782c0b5132e88feab8d6bd22a65ac85f70d4
aade7746342f608807b7eb107059c842fe200e1ff09e146db822250055cecaed
b355dc0b3b5128f1eecc537956602d4b1d7404edd34bcc6babcff293c8780fd6
b635e85cff13be6d5327738d47ca96b3c06a5804d0b85607825c23dcf8ace337
b74d93c2e43195ed06c03dcc855663cce5faec3d82a53598eb84f0714bb5ced9
b88598db6441341112078d3c81ea00ddf76e566ad9c68dcfec28a4d5100ca7b8
bb5ed35c3c6ba6939eae25123756b01634c7a54609e2bba0451eb114f04032ca
be3b15b1e68cf3e9278293d3b50491fe16c985e0ee5968852cac4fc062a7134e
c05783611ae87dbb38ddad020d4da0fa6ef6d584fd957a3f962837e562be6321
c0a130d7b90ac605b17acd40337aa673f2f6b1779801ba8ea7d894d38b87ba36
c1893b3f02db32e36ee562842bc299d27c047656416c204667abf42f04777d2a
c2f6982a1c5f57ed42aafa7261b845f912581a8b872bb2669bed465c86762de0
c8370a2d050359e9d505acc411e6f457a49b21360a21e6cbc9229bad3a767899
ca6231e9f0cd1b9174e69a1fba2115c930e02355d4ce1ffa6f1df460cf2e9754
cdca24fd19906ad7adbf066e55d3ee87750c3901e9b5d1beb538408274d32109
d176bb09818fe74dc0e1d369c411c2e3ca68bbf64a8eb76b43ec306520229833
d3408564874da519b57250eac73a08d05ea11d9f5c4b1da4a7f20da3a9a0c670
e3a0169c93ee99ee209e212f1f9b711712aa8546cd9bc4a8f4bc431df18dabde
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e45103f381199c07652f60ab4177bb69c689c97f6f8d769e94dd70a46077d7d5
e93b8c0ae5b5910b7107c8b455eda029935c56efa8de0be2443d8eabba207197
ecb916133a9376911f10bc5c659952eb0031e457f5df367cde560edbfba38fb8
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
f4c51d5a9f7e35e48ca9d03af47a0a9cf4e9e512a0388fc7190ada8a8dc445dc
faf063f091dd745b82f9aeb12544a10ef3ee5989078c1a90d377d863fff884c7
fc003d8d44df57872d436a7f1e4fe45b744d4ad4acd9c65984cc7fe29b2c3af8

www.tierce2bases.c4.fr Open in urlscan Pro 5.135.149.81 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Detected technologies

Page Statistics

71 Requests

77 %HTTPS

56 %IPv6

17 Domains

20 Subdomains

17 IPs

3 Countries

1368 kBTransfer

2738 kBSize

6 Cookies

0 Outgoing links

Redirected requests

71 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 3 data transactions

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

www.tierce2bases.c4.fr Open in urlscan Pro
5.135.149.81 Public Scan

Screenshot
Live screenshot

Full Image

71
Requests

77 %
HTTPS

56 %
IPv6

17
Domains

20
Subdomains

17
IPs

3
Countries

1368 kB
Transfer

2738 kB
Size

6
Cookies

71 HTTP transactions
3 data transactions