www.larichesseturf.lachezvos.com Open in urlscan Pro
5.135.149.81 Public Scan

Go To Rescan
Add Verdict Report

URL:
http://www.larichesseturf.lachezvos.com/pages/abonnes
Submission: On June 13 via manual (June 13th 2021, 9:14:08 am UTC) from BF

Summary HTTP 44 Redirects Behaviour Indicators

Summary

This website contacted 15 IPs in 3 countries across 13 domains to perform 44 HTTP transactions. The main IP is 5.135.149.81, located in France and belongs to OVH, FR. The main domain is www.larichesseturf.lachezvos.com.

This is the only time www.larichesseturf.lachezvos.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
10	5.135.149.81 5.135.149.81	16276 (OVH) (OVH)
4	194.150.236.165 194.150.236.165	44976 (HIWIT_AS) (HIWIT_AS)
7	2a00:1450:400... 2a00:1450:4001:802::2002	15169 (GOOGLE) (GOOGLE)
1	185.119.26.1 185.119.26.1	203544 (WEBDEVIIN-AS) (WEBDEVIIN-AS)
1	194.150.236.236 194.150.236.236	44976 (HIWIT_AS) (HIWIT_AS)
3	2a00:1450:400... 2a00:1450:4001:80e::2002	15169 (GOOGLE) (GOOGLE)
1	172.217.23.98 172.217.23.98	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:831::2002	15169 (GOOGLE) (GOOGLE)
3	2a00:1450:400... 2a00:1450:4001:810::2002	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:811::200a	15169 (GOOGLE) (GOOGLE)
7	2a00:1450:400... 2a00:1450:4001:82a::2001	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:801::2003	15169 (GOOGLE) (GOOGLE)
3	2a00:1450:400... 2a00:1450:4001:82f::2003	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:812::2004	15169 (GOOGLE) (GOOGLE)
44	15

10 5.135.149.81 (France)

ASN16276 (OVH, FR)
PTR: web3.venez.net

www.larichesseturf.lachezvos.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
www.venez.fr	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 194.150.236.165 (France)

ASN44976 (HIWIT_AS, FR)
PTR: ns5.hiwit.net

www.sansechec.ouba.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

7 2a00:1450:4001:802::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

pagead2.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 185.119.26.1 (France)

ASN203544 (WEBDEVIIN-AS, FR)
PTR: 1.26.119.185.in-addr.arpa

payment.allopass.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 194.150.236.236 (France)

ASN44976 (HIWIT_AS, FR)
PTR: ns76.hiwit.net

www.mondeturf.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1450:4001:80e::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

googleads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 172.217.23.98 (United States)

ASN15169 (GOOGLE, US)
PTR: fra16s45-in-f2.1e100.net

partner.googleadservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:831::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

adservice.google.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1450:4001:810::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

adservice.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
www.googletagservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:811::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

7 2a00:1450:4001:82a::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

tpc.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:801::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1450:4001:82f::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:812::2004 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
14	googlesyndication.com pagead2.googlesyndication.com tpc.googlesyndication.com	243 KB
7	venez.fr www.venez.fr	9 KB
4	gstatic.com www.gstatic.com fonts.gstatic.com	57 KB
4	ouba.com www.sansechec.ouba.com	459 KB
3	doubleclick.net googleads.g.doubleclick.net	28 KB
3	lachezvos.com www.larichesseturf.lachezvos.com	3 KB
2	googletagservices.com www.googletagservices.com	65 KB
2	google.com adservice.google.com www.google.com	1 KB
1	googleapis.com fonts.googleapis.com	765 B
1	google.de adservice.google.de	853 B
1	googleadservices.com partner.googleadservices.com	659 B
1	mondeturf.net www.mondeturf.net	12 KB
1	allopass.com payment.allopass.com	2 KB
44	13

	Domain	Requested by
7	tpc.googlesyndication.com	googleads.g.doubleclick.net pagead2.googlesyndication.com tpc.googlesyndication.com
7	pagead2.googlesyndication.com	www.larichesseturf.lachezvos.com pagead2.googlesyndication.com googleads.g.doubleclick.net tpc.googlesyndication.com www.googletagservices.com
7	www.venez.fr	www.larichesseturf.lachezvos.com www.venez.fr
4	www.sansechec.ouba.com	www.larichesseturf.lachezvos.com www.sansechec.ouba.com
3	fonts.gstatic.com	fonts.googleapis.com
3	googleads.g.doubleclick.net	pagead2.googlesyndication.com googleads.g.doubleclick.net
3	www.larichesseturf.lachezvos.com	www.larichesseturf.lachezvos.com
2	www.googletagservices.com	pagead2.googlesyndication.com googleads.g.doubleclick.net
1	www.google.com	tpc.googlesyndication.com
1	www.gstatic.com	googleads.g.doubleclick.net
1	fonts.googleapis.com	googleads.g.doubleclick.net
1	adservice.google.com	pagead2.googlesyndication.com
1	adservice.google.de	pagead2.googlesyndication.com
1	partner.googleadservices.com	pagead2.googlesyndication.com
1	www.mondeturf.net	www.sansechec.ouba.com
1	payment.allopass.com	www.sansechec.ouba.com
44	16

This site contains no links.

Subject Issuer	Validity	Valid
venez.fr R3	`2021-04-12` - `2021-07-11`	3 months	crt.sh
*.allopass.com R3	`2021-05-04` - `2021-08-02`	3 months	crt.sh
*.g.doubleclick.net GTS CA 1C3	`2021-05-17` - `2021-08-09`	3 months	crt.sh
*.googleadservices.com GTS CA 1C3	`2021-05-17` - `2021-08-09`	3 months	crt.sh
*.google.de GTS CA 1C3	`2021-05-17` - `2021-08-09`	3 months	crt.sh
*.google.com GTS CA 1C3	`2021-05-17` - `2021-08-09`	3 months	crt.sh
upload.video.google.com GTS CA 1O1	`2021-05-17` - `2021-08-09`	3 months	crt.sh
tpc.googlesyndication.com GTS CA 1C3	`2021-05-17` - `2021-08-09`	3 months	crt.sh
*.gstatic.com GTS CA 1C3	`2021-05-17` - `2021-08-09`	3 months	crt.sh
www.google.com GTS CA 1C3	`2021-05-17` - `2021-08-09`	3 months	crt.sh

This page contains 10 frames:

Primary Page: http://www.larichesseturf.lachezvos.com/pages/abonnes
Frame ID: CE33D279CA550005886D6E8460B5D878
Requests: 1 HTTP requests in this frame

Frame: http://www.larichesseturf.lachezvos.com/barre-larichesseturf.lachezvos.com.html
Frame ID: 30BDA7229C1A9576B1AA6872063C91CC
Requests: 13 HTTP requests in this frame

Frame: http://www.sansechec.ouba.com/larichesseturf/pages/abonnes
Frame ID: D99625E30E65C414B3AC1275E295147C
Requests: 6 HTTP requests in this frame

Frame: http://www.larichesseturf.lachezvos.com/stats-larichesseturf.lachezvos.com.html
Frame ID: BBC43F74890DBC41956390617AA397BE
Requests: 1 HTTP requests in this frame

Frame: https://www.venez.fr/alternate-barre.htm
Frame ID: D29032602B76F14146F680F7D175B209
Requests: 4 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/html/r20210607/r20190131/zrt_lookup.html
Frame ID: AC75CED64550975610AA9C1D040E92D1
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5203714787387788&output=html&h=90&slotname=4563536207&adk=2647235303&adf=3604715433&pi=t.ma~as.4563536207&w=970&psa=0&format=970x90&url=http%3A%2F%2Fwww.larichesseturf.lachezvos.com%2Fpages%2Fabonnes&ea=0&flash=0&wgl=1&dt=1623575631208&bpp=4&bdt=107&idt=80&shv=r20210607&cbv=%2Fr20190131&ptt=9&saldr=aa&correlator=7969938032980&frm=23&ife=1&pv=2&ga_vid=368343812.1623575631&ga_sid=1623575631&ga_hid=1577198076&ga_fc=0&nhd=1&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=20&ady=0&biw=1600&bih=1200&isw=1600&ish=90&ifk=3907804965&scr_x=0&scr_y=0&eid=31060956%2C31061048&oid=3&pvsid=1591413603707558&eae=2&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C90&vis=1&rsz=o%7Co%7CaeE%7C&abl=NA&pfx=0&fu=4&bc=23&ifi=1&uci=1.cwpm1rv4tm07&fsb=1&dtd=100
Frame ID: C6CEF22F54BEB126DFC33A6513DA68EA
Requests: 16 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/bg/wQPplS2CBbapxPPsKjLjCt6L9Rv2P8O8syxzKLSpyaY.js
Frame ID: 7AF0F2AAA1CF4AA4CD1BC6CEB343BCAD
Requests: 1 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/223/runner.html
Frame ID: 0135784875FB1F690650667BED25FD77
Requests: 2 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/aframe
Frame ID: F565C8505D837FD74DD818CD69977C4F
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Detected technologies

Apache (Web Servers) Expand

Overall confidence: 100%
Detected patterns

headers server /(?:Apache(?:$|\/([\d.]+)|[^/-])|(?:^|\b)HTTPD)/i

Page Statistics

44
Requests

80 %
HTTPS

64 %
IPv6

13
Domains

16
Subdomains

15
IPs

3
Countries

883 kB
Transfer

1373 kB
Size

2
Cookies

0 Outgoing links

These are links going to different origins than the main page.

Redirected requests

There were HTTP redirect chains for the following requests:

44 HTTP transactions
2 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H/1.1 200
OK Primary Request abonnes Show response
www.larichesseturf.lachezvos.com/pages/ 3 KB
1 KB 57ms
14ms Document
text/html 5.135.149.81
OVH

General

Check archive.org

Show headers Download Go to

Full URL: http://www.larichesseturf.lachezvos.com/pages/abonnes
Protocol: HTTP/1.1
Server: 5.135.149.81 , France, ASN16276 (OVH, FR),
Reverse DNS: web3.venez.net
Software: Apache /
Resource Hash: 9e4e095ff2f29eeec786bcc18d1edb982ba7db56e7f76a6757c08533dc583777

Request headers

Host: www.larichesseturf.lachezvos.com
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Accept-Encoding: gzip, deflate
Accept-Language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Sun, 13 Jun 2021 09:13:50 GMT
Server: Apache
Vary: Accept-Encoding
Content-Encoding: gzip
Content-Length: 1103
Keep-Alive: timeout=5, max=100
Connection: Keep-Alive
Content-Type: text/html; charset=iso-8859-1

GET
H/1.1 200
OK barre-larichesseturf.lachezvos.com.html Show response
www.larichesseturf.lachezvos.com/ Frame 30BD 3 KB
2 KB 102ms
102ms Document
text/html 5.135.149.81
OVH

General

Check archive.org

Show headers Download Go to

Full URL: http://www.larichesseturf.lachezvos.com/barre-larichesseturf.lachezvos.com.html
Requested by: Host: www.larichesseturf.lachezvos.com
URL: http://www.larichesseturf.lachezvos.com/pages/abonnes
Protocol: HTTP/1.1
Server: 5.135.149.81 , France, ASN16276 (OVH, FR),
Reverse DNS: web3.venez.net
Software: Apache /
Resource Hash: 9b6e6992be17d05a1f105c8ed3ac0b302141480075645860b400483eafd5ebc0

Request headers

Host: www.larichesseturf.lachezvos.com
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Referer: http://www.larichesseturf.lachezvos.com/pages/abonnes
Accept-Encoding: gzip, deflate
Accept-Language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: http://www.larichesseturf.lachezvos.com/pages/abonnes

Response headers

Date: Sun, 13 Jun 2021 09:13:50 GMT
Server: Apache
Expires: Sun, 13 Jun 2021 09:13:50 GMT
Last-Modified: Sun, 13 Jun 2021 09:13:50 GMT
Cache-Control: no-store, no-cache, must-revalidate post-check=0, pre-check=0
Pragma: no-cache
Vary: Accept-Encoding
Content-Encoding: gzip
Content-Length: 1491
Keep-Alive: timeout=5, max=99
Connection: Keep-Alive
Content-Type: text/html; charset=ISO-8859-1

GET
H/1.1 200
OK Cookie set abonnes Show response
www.sansechec.ouba.com/larichesseturf/pages/ Frame D996 3 KB
3 KB 176ms
140ms Document
text/html 194.150.236.165
HIWIT_AS

General

Check archive.org

Show headers Download Go to

Full URL: http://www.sansechec.ouba.com/larichesseturf/pages/abonnes
Requested by: Host: www.larichesseturf.lachezvos.com
URL: http://www.larichesseturf.lachezvos.com/pages/abonnes
Protocol: HTTP/1.1
Server: 194.150.236.165 , France, ASN44976 (HIWIT_AS, FR),
Reverse DNS: ns5.hiwit.net
Software: Apache /
Resource Hash: 8c5f0c4fd8c40cb2c48bfcbe311753a9d18626c51f71cf47c6739ce3150e9bba

Request headers

Host: www.sansechec.ouba.com
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Referer: http://www.larichesseturf.lachezvos.com/
Accept-Encoding: gzip, deflate
Accept-Language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: http://www.larichesseturf.lachezvos.com/

Response headers

Date: Sun, 13 Jun 2021 09:13:51 GMT
Server: Apache
Content-Location: abonnes.php
Vary: negotiate,Host
TCN: choice
Expires: Thu, 19 Nov 1981 08:52:00 GMT
Cache-Control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
Pragma: no-cache
Set-Cookie: PHPSESSID=23f9e5debd61cd441a009ae412a2e78f; path=/
Keep-Alive: timeout=15, max=100
Connection: Keep-Alive
Transfer-Encoding: chunked
Content-Type: text/html

GET
H/1.1 200
OK stats-larichesseturf.lachezvos.com.html Show response
www.larichesseturf.lachezvos.com/ Frame BBC4 0
192 B 99ms
93ms Document
text/html 5.135.149.81
OVH

General

Check archive.org

Show headers Download Go to

Full URL: http://www.larichesseturf.lachezvos.com/stats-larichesseturf.lachezvos.com.html
Requested by: Host: www.larichesseturf.lachezvos.com
URL: http://www.larichesseturf.lachezvos.com/pages/abonnes
Protocol: HTTP/1.1
Server: 5.135.149.81 , France, ASN16276 (OVH, FR),
Reverse DNS: web3.venez.net
Software: Apache /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Host: www.larichesseturf.lachezvos.com
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Referer: http://www.larichesseturf.lachezvos.com/pages/abonnes
Accept-Encoding: gzip, deflate
Accept-Language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: http://www.larichesseturf.lachezvos.com/pages/abonnes

Response headers

Date: Sun, 13 Jun 2021 09:13:50 GMT
Server: Apache
Content-Length: 0
Keep-Alive: timeout=5, max=100
Connection: Keep-Alive
Content-Type: text/html; charset=iso-8859-1

GET
H/1.1 200
OK site.js Show response
www.venez.fr/js/ Frame 30BD 2 KB
1 KB 54ms
11ms Script
application/javascript 5.135.149.81
OVH

General

Check archive.org

Show headers Download Go to

Full URL: https://www.venez.fr/js/site.js?www.venez.fr
Requested by: Host: www.larichesseturf.lachezvos.com
URL: http://www.larichesseturf.lachezvos.com/barre-larichesseturf.lachezvos.com.html
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 5.135.149.81 , France, ASN16276 (OVH, FR),
Reverse DNS: web3.venez.net
Software: Apache /
Resource Hash: 0c91a24c2deb753c963c48cd9c3e5d16ee96128b30bce193c4324e121728c306

Request headers

Referer: http://www.larichesseturf.lachezvos.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Sun, 13 Jun 2021 09:13:50 GMT
Content-Encoding: gzip
Last-Modified: Sun, 13 Jun 2021 09:13:50 GMT
Server: Apache
Vary: Accept-Encoding
Content-Type: application/javascript
Cache-Control: public, max-age=604800
Connection: Keep-Alive
Keep-Alive: timeout=5, max=100
Content-Length: 1023
Expires: Sun, 20 Jun 2021 09:13:50 GMT

GET
H/1.1 200
OK separateur90.gif
www.venez.fr/images/ Frame 30BD 82 B
388 B 55ms
10ms Image
image/gif 5.135.149.81
OVH

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.venez.fr/images/separateur90.gif
Requested by: Host: www.larichesseturf.lachezvos.com
URL: http://www.larichesseturf.lachezvos.com/barre-larichesseturf.lachezvos.com.html
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 5.135.149.81 , France, ASN16276 (OVH, FR),
Reverse DNS: web3.venez.net
Software: Apache /
Resource Hash: 3289fc83b622ca0a13683fa81b006a05de135d1938744d6e30e5c9be2f2d782a

Request headers

Referer: http://www.larichesseturf.lachezvos.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Sun, 13 Jun 2021 09:13:50 GMT
Last-Modified: Thu, 15 Nov 2018 22:11:22 GMT
Server: Apache
ETag: "52-57abb54b25680"
Content-Type: image/gif
Cache-Control: max-age=604800, public
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=100
Content-Length: 82

GET
H/1.1 200
OK adsbygoogle.js Show response
pagead2.googlesyndication.com/pagead/js/ Frame 30BD 134 KB
48 KB 29ms
23ms Script
text/javascript 2a00:1450:4001:802::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

http://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js

Requested by

Host: www.larichesseturf.lachezvos.com
URL: http://www.larichesseturf.lachezvos.com/barre-larichesseturf.lachezvos.com.html

Protocol

HTTP/1.1

Server

2a00:1450:4001:802::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

6d88e36cfd8eada9864ce6d2f583de57913a2b6f2ea013fabc72cf5f1011fa27

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: http://www.larichesseturf.lachezvos.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Timing-Allow-Origin: *
Date: Sun, 13 Jun 2021 09:13:51 GMT
Content-Encoding: gzip
X-Content-Type-Options: nosniff
Server: cafe
ETag: 16872819095905553886
Vary: Accept-Encoding, Origin
P3P: policyref="http://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
Cache-Control: private, max-age=3600
Cross-Origin-Resource-Policy: cross-origin
Content-Disposition: attachment; filename="f.txt"
Content-Type: text/javascript; charset=UTF-8
Content-Length: 48395
X-XSS-Protection: 0
Expires: Sun, 13 Jun 2021 09:13:51 GMT

GET
H/1.1 200
OK alternate-barre.htm Show response
www.venez.fr/ Frame D290 2 KB
1 KB 10ms
10ms Document
text/html 5.135.149.81
OVH

General

Check archive.org

Show headers Download Go to

Full URL: https://www.venez.fr/alternate-barre.htm
Requested by: Host: www.larichesseturf.lachezvos.com
URL: http://www.larichesseturf.lachezvos.com/barre-larichesseturf.lachezvos.com.html
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 5.135.149.81 , France, ASN16276 (OVH, FR),
Reverse DNS: web3.venez.net
Software: Apache /
Resource Hash: 64285bab3df02efd821e5aecbdcf40b26599031e599c4069f9477b1d137235a7

Request headers

Host: www.venez.fr
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site: cross-site
Sec-Fetch-Mode: navigate
Sec-Fetch-Dest: iframe
Referer: http://www.larichesseturf.lachezvos.com/
Accept-Encoding: gzip, deflate, br
Accept-Language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: http://www.larichesseturf.lachezvos.com/

Response headers

Date: Sun, 13 Jun 2021 09:13:50 GMT
Server: Apache
Vary: Accept-Encoding
Content-Encoding: gzip
Content-Length: 874
Keep-Alive: timeout=5, max=99
Connection: Keep-Alive
Content-Type: text/html; charset=iso-8859-1

GET
H/1.1 200
OK barre90.gif
www.venez.fr/images/ Frame 30BD 110 B
416 B 11ms
10ms Image
image/gif 5.135.149.81
OVH

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.venez.fr/images/barre90.gif
Requested by: Host: www.larichesseturf.lachezvos.com
URL: http://www.larichesseturf.lachezvos.com/barre-larichesseturf.lachezvos.com.html
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 5.135.149.81 , France, ASN16276 (OVH, FR),
Reverse DNS: web3.venez.net
Software: Apache /
Resource Hash: 49d4ba84e10d9d1f2a83956dde4f20625fd11efc01f60a3a4552a9e09a05a74f

Request headers

Referer: http://www.larichesseturf.lachezvos.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Sun, 13 Jun 2021 09:13:50 GMT
Last-Modified: Thu, 15 Nov 2018 22:06:23 GMT
Server: Apache
ETag: "6e-57abb42dff5c0"
Content-Type: image/gif
Cache-Control: max-age=604800, public
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=99
Content-Length: 110

GET
H/1.1 200
OK 120x60.gif
www.venez.fr/images/ Frame D290 4 KB
4 KB 10ms
9ms Image
image/gif 5.135.149.81
OVH

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.venez.fr/images/120x60.gif
Requested by: Host: www.venez.fr
URL: https://www.venez.fr/alternate-barre.htm
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 5.135.149.81 , France, ASN16276 (OVH, FR),
Reverse DNS: web3.venez.net
Software: Apache /
Resource Hash: 7dc792d48132ff15a9ad8c11a139bf26f8e13aa3df30a71582ae406ddffdab4f

Request headers

Referer: https://www.venez.fr/alternate-barre.htm
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Sun, 13 Jun 2021 09:13:50 GMT
Last-Modified: Wed, 02 Mar 2011 00:16:24 GMT
Server: Apache
ETag: "f4c-49d74d2b9c600"
Content-Type: image/gif
Cache-Control: max-age=604800, public
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=98
Content-Length: 3916

GET
H/1.1 200
OK site.js Show response
www.venez.fr/js/ Frame D290 2 KB
1 KB 10ms
10ms Script
application/javascript 5.135.149.81
OVH

General

Check archive.org

Show headers Download Go to

Full URL: https://www.venez.fr/js/site.js?www.venez.fr
Requested by: Host: www.venez.fr
URL: https://www.venez.fr/alternate-barre.htm
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 5.135.149.81 , France, ASN16276 (OVH, FR),
Reverse DNS: web3.venez.net
Software: Apache /
Resource Hash: 0c91a24c2deb753c963c48cd9c3e5d16ee96128b30bce193c4324e121728c306

Request headers

Referer: https://www.venez.fr/alternate-barre.htm
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Sun, 13 Jun 2021 09:13:50 GMT
Content-Encoding: gzip
Last-Modified: Sun, 13 Jun 2021 09:13:50 GMT
Server: Apache
Vary: Accept-Encoding
Content-Type: application/javascript
Cache-Control: public, max-age=604800
Connection: Keep-Alive
Keep-Alive: timeout=5, max=98
Content-Length: 1023
Expires: Sun, 20 Jun 2021 09:13:50 GMT

GET
H/1.1 200
OK secure.apu Show response
payment.allopass.com/api/ Frame D996 1 KB
2 KB 141ms
31ms Script
text/javascript 185.119.26.1
WEBDEVIIN-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://payment.allopass.com/api/secure.apu?ids=350782&idd=1533505
Requested by: Host: www.sansechec.ouba.com
URL: http://www.sansechec.ouba.com/larichesseturf/pages/abonnes
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 185.119.26.1 , France, ASN203544 (WEBDEVIIN-AS, FR),
Reverse DNS: 1.26.119.185.in-addr.arpa
Software: Apache /
Resource Hash: bf8c40124df0401548e7f758058e9f79243595f922157a87effdbfcf95e02755

Request headers

Referer: http://www.sansechec.ouba.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Sun, 13 Jun 2021 09:13:51 GMT
Server: Apache
Connection: close
Content-Length: 1533
X-Allopass-Token: 60c5cc4f49282
Content-Type: text/javascript; charset=utf-8

GET
H/1.1 200
OK style.css
www.sansechec.ouba.com/larichesseturf/style/ Frame D996 4 KB
4 KB 26ms
22ms Stylesheet
text/css 194.150.236.165
HIWIT_AS

General

Check archive.org

Show headers Download Go to

Full URL: http://www.sansechec.ouba.com/larichesseturf/style/style.css
Requested by: Host: www.sansechec.ouba.com
URL: http://www.sansechec.ouba.com/larichesseturf/pages/abonnes
Protocol: HTTP/1.1
Server: 194.150.236.165 , France, ASN44976 (HIWIT_AS, FR),
Reverse DNS: ns5.hiwit.net
Software: Apache /
Resource Hash: 13bbb92831da0c0b4b7f83f6c8126ff442659cceac698661fa7fc8b4dce4b5a5

Request headers

Referer: http://www.sansechec.ouba.com/larichesseturf/pages/abonnes
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Sun, 13 Jun 2021 09:13:51 GMT
Last-Modified: Mon, 01 Aug 2016 16:54:44 GMT
Server: Apache
ETag: "182ba14-1004-5390574fe5d00"
Vary: Host
Content-Type: text/css
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=15, max=99
Content-Length: 4100

GET
H/1.1 200
OK logo.gif
www.mondeturf.net/img/ Frame D996 12 KB
12 KB 83ms
35ms Image
image/gif 194.150.236.236
HIWIT_AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://www.mondeturf.net/img/logo.gif
Requested by: Host: www.sansechec.ouba.com
URL: http://www.sansechec.ouba.com/larichesseturf/pages/abonnes
Protocol: HTTP/1.1
Server: 194.150.236.236 , France, ASN44976 (HIWIT_AS, FR),
Reverse DNS: ns76.hiwit.net
Software: Apache /
Resource Hash: f467eff1aac9b2dc064cb6fa231e3612367bc4f32aebead30e6390199bbd7949

Request headers

Referer: http://www.sansechec.ouba.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Sun, 13 Jun 2021 09:13:51 GMT
Last-Modified: Wed, 20 Jan 2021 06:54:07 GMT
Server: Apache
ETag: "2525cdf-2fd3-5b94f6be0c1c0"
Vary: Host
Content-Type: image/gif
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=15, max=100
Content-Length: 12243

GET
H/1.1 200
OK barre90.gif
www.venez.fr/images/ Frame D290 110 B
416 B 10ms
9ms Image
image/gif 5.135.149.81
OVH

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.venez.fr/images/barre90.gif
Requested by: Host: www.venez.fr
URL: https://www.venez.fr/alternate-barre.htm
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 5.135.149.81 , France, ASN16276 (OVH, FR),
Reverse DNS: web3.venez.net
Software: Apache /
Resource Hash: 49d4ba84e10d9d1f2a83956dde4f20625fd11efc01f60a3a4552a9e09a05a74f

Request headers

Referer: https://www.venez.fr/alternate-barre.htm
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Sun, 13 Jun 2021 09:13:50 GMT
Last-Modified: Thu, 15 Nov 2018 22:06:23 GMT
Server: Apache
ETag: "6e-57abb42dff5c0"
Content-Type: image/gif
Cache-Control: max-age=604800, public
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=97
Content-Length: 110

GET
H2 200 show_ads_impl_with_ama_fy2019.js Show response
pagead2.googlesyndication.com/pagead/js/r20210607/r20190131/ Frame 30BD 231 KB
86 KB 53ms
32ms Script
text/javascript 2a00:1450:4001:802::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/r20210607/r20190131/show_ads_impl_with_ama_fy2019.js?client=ca-pub-5203714787387788&plah=www.larichesseturf.lachezvos.com&amaexp=1

Requested by

Host: pagead2.googlesyndication.com
URL: http://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:802::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

707df6884f2bb0cc5f7ab83b77128324cb16418856afcf5d5731d934d297fe13

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: http://www.larichesseturf.lachezvos.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sun, 13 Jun 2021 09:13:51 GMT
content-encoding: gzip
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 87427
x-xss-protection: 0
server: cafe
etag: 18285230650351733317
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=3600, stale-while-revalidate=3600
timing-allow-origin: *
expires: Sun, 13 Jun 2021 09:13:51 GMT

GET
H2 200 zrt_lookup.html Show response
googleads.g.doubleclick.net/pagead/html/r20210607/r20190131/ Frame AC75 10 KB
5 KB 6ms
5ms Document
text/html 2a00:1450:4001:80e::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/html/r20210607/r20190131/zrt_lookup.html

Requested by

Host: pagead2.googlesyndication.com
URL: http://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

c0c1edf85ee406ff6e457dba599598152cc971f399f53c204fd30b978662f385

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: googleads.g.doubleclick.net
:scheme: https
:path: /pagead/html/r20210607/r20190131/zrt_lookup.html
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: http://www.larichesseturf.lachezvos.com/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: http://www.larichesseturf.lachezvos.com/

Response headers

p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
vary: Accept-Encoding
date: Sat, 12 Jun 2021 17:09:07 GMT
expires: Sat, 26 Jun 2021 17:09:07 GMT
content-type: text/html; charset=UTF-8
etag: 3869991350818612685
x-content-type-options: nosniff
content-encoding: gzip
server: cafe
content-length: 4515
x-xss-protection: 0
cache-control: public, max-age=1209600
age: 57884
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H2 200 cookie.js Show response
partner.googleadservices.com/gampad/ Frame 30BD 203 B
659 B 44ms
20ms Script
text/javascript 172.217.23.98
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://partner.googleadservices.com/gampad/cookie.js?domain=www.larichesseturf.lachezvos.com&callback=_gfp_s_&client=ca-pub-5203714787387788

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/r20210607/r20190131/show_ads_impl_with_ama_fy2019.js?client=ca-pub-5203714787387788&plah=www.larichesseturf.lachezvos.com&amaexp=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.217.23.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s45-in-f2.1e100.net

Software

cafe /

Resource Hash

09f4b9ae7443630e481f32b71073ab2a47b82a20f9ca5b5a7b5e7fea56d8503a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: http://www.larichesseturf.lachezvos.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sun, 13 Jun 2021 09:13:51 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-type: text/javascript; charset=UTF-8
cache-control: private
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 193
x-xss-protection: 0

GET
H2 200 integrator.js Show response
adservice.google.de/adsid/ Frame 30BD 107 B
853 B 35ms
14ms Script
application/javascript 2a00:1450:4001:831::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.de/adsid/integrator.js?domain=www.larichesseturf.lachezvos.com

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: http://www.larichesseturf.lachezvos.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin: *
date: Sun, 13 Jun 2021 09:13:51 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/javascript; charset=UTF-8
alt-svc: h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H2 200 integrator.js Show response
adservice.google.com/adsid/ Frame 30BD 107 B
570 B 33ms
14ms Script
application/javascript 2a00:1450:4001:810::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.com/adsid/integrator.js?domain=www.larichesseturf.lachezvos.com

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: http://www.larichesseturf.lachezvos.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin: *
date: Sun, 13 Jun 2021 09:13:51 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/javascript; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H3-29 200 ads Show response
googleads.g.doubleclick.net/pagead/ Frame C6CE 71 KB
24 KB 622ms
608ms Document
text/html 2a00:1450:4001:80e::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5203714787387788&output=html&h=90&slotname=4563536207&adk=2647235303&adf=3604715433&pi=t.ma~as.4563536207&w=970&psa=0&format=970x90&url=http%3A%2F%2Fwww.larichesseturf.lachezvos.com%2Fpages%2Fabonnes&ea=0&flash=0&wgl=1&dt=1623575631208&bpp=4&bdt=107&idt=80&shv=r20210607&cbv=%2Fr20190131&ptt=9&saldr=aa&correlator=7969938032980&frm=23&ife=1&pv=2&ga_vid=368343812.1623575631&ga_sid=1623575631&ga_hid=1577198076&ga_fc=0&nhd=1&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=20&ady=0&biw=1600&bih=1200&isw=1600&ish=90&ifk=3907804965&scr_x=0&scr_y=0&eid=31060956%2C31061048&oid=3&pvsid=1591413603707558&eae=2&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C90&vis=1&rsz=o%7Co%7CaeE%7C&abl=NA&pfx=0&fu=4&bc=23&ifi=1&uci=1.cwpm1rv4tm07&fsb=1&dtd=100

Requested by

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

0b7c94e045e29551b19762cbe6f0d8360b7949f2765eccb6f433161448975775

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: googleads.g.doubleclick.net
:scheme: https
:path: /pagead/ads?client=ca-pub-5203714787387788&output=html&h=90&slotname=4563536207&adk=2647235303&adf=3604715433&pi=t.ma~as.4563536207&w=970&psa=0&format=970x90&url=http%3A%2F%2Fwww.larichesseturf.lachezvos.com%2Fpages%2Fabonnes&ea=0&flash=0&wgl=1&dt=1623575631208&bpp=4&bdt=107&idt=80&shv=r20210607&cbv=%2Fr20190131&ptt=9&saldr=aa&correlator=7969938032980&frm=23&ife=1&pv=2&ga_vid=368343812.1623575631&ga_sid=1623575631&ga_hid=1577198076&ga_fc=0&nhd=1&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=20&ady=0&biw=1600&bih=1200&isw=1600&ish=90&ifk=3907804965&scr_x=0&scr_y=0&eid=31060956%2C31061048&oid=3&pvsid=1591413603707558&eae=2&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C90&vis=1&rsz=o%7Co%7CaeE%7C&abl=NA&pfx=0&fu=4&bc=23&ifi=1&uci=1.cwpm1rv4tm07&fsb=1&dtd=100
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: http://www.larichesseturf.lachezvos.com/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: http://www.larichesseturf.lachezvos.com/

Response headers

p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
x-content-type-options: nosniff
content-encoding: br
date: Sun, 13 Jun 2021 09:13:51 GMT
server: cafe
content-length: 24233
x-xss-protection: 0
set-cookie: test_cookie=CheckForPermission; expires=Sun, 13-Jun-2021 09:28:51 GMT; path=/; domain=.doubleclick.net; Secure; HttpOnly; SameSite=none
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
expires: Sun, 13 Jun 2021 09:13:51 GMT
cache-control: private

GET
H2 200 osd.js Show response
www.googletagservices.com/activeview/js/current/ Frame 30BD 73 KB
28 KB 33ms
14ms Script
text/javascript 2a00:1450:4001:810::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/osd.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

8f4b8d2def1fa5e09bafacbb8ac66e614d74f1cdbace1417cedef55c0d9a83db

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: http://www.larichesseturf.lachezvos.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sun, 13 Jun 2021 09:13:51 GMT
content-encoding: gzip
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
server: sffe
etag: "1623410781212720"
vary: Accept-Encoding
content-type: text/javascript
cache-control: private, max-age=3000
x-content-type-options: nosniff
accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 28237
x-xss-protection: 0
expires: Sun, 13 Jun 2021 09:13:51 GMT

GET
H/1.1 200
OK 111.jpg
www.sansechec.ouba.com/larichesseturf/images/ Frame D996 315 KB
315 KB 27ms
26ms Image
image/jpeg 194.150.236.165
HIWIT_AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://www.sansechec.ouba.com/larichesseturf/images/111.jpg
Requested by: Host: www.sansechec.ouba.com
URL: http://www.sansechec.ouba.com/larichesseturf/style/style.css
Protocol: HTTP/1.1
Server: 194.150.236.165 , France, ASN44976 (HIWIT_AS, FR),
Reverse DNS: ns5.hiwit.net
Software: Apache /
Resource Hash: d439928ed705c83c9077f91dc326b7559e3cdbad692142c9448a72b5deb821d6

Request headers

Referer: http://www.sansechec.ouba.com/larichesseturf/style/style.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Sun, 13 Jun 2021 09:13:51 GMT
Last-Modified: Mon, 14 Mar 2016 08:43:11 GMT
Server: Apache
ETag: "182b9d8-4ea8e-52dfe454a65c0"
Vary: Host
Content-Type: image/jpeg
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=15, max=98
Content-Length: 322190

GET
H/1.1 200
OK richesse.gif
www.sansechec.ouba.com/larichesseturf/images/ Frame D996 136 KB
136 KB 27ms
26ms Image
image/gif 194.150.236.165
HIWIT_AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://www.sansechec.ouba.com/larichesseturf/images/richesse.gif
Requested by: Host: www.sansechec.ouba.com
URL: http://www.sansechec.ouba.com/larichesseturf/style/style.css
Protocol: HTTP/1.1
Server: 194.150.236.165 , France, ASN44976 (HIWIT_AS, FR),
Reverse DNS: ns5.hiwit.net
Software: Apache /
Resource Hash: 6069df0fce802405de9f425cdba957c67b3f3a4d3c1a775a96b10ae552d7c8e3

Request headers

Referer: http://www.sansechec.ouba.com/larichesseturf/style/style.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Sun, 13 Jun 2021 09:13:51 GMT
Last-Modified: Mon, 14 Mar 2016 09:02:09 GMT
Server: Apache
ETag: "182ba16-21f43-52dfe891ee640"
Vary: Host
Content-Type: image/gif
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=15, max=100
Content-Length: 139075

GET
H2 200 css
fonts.googleapis.com/ Frame C6CE 6 KB
765 B 23ms
23ms Stylesheet
text/css 2a00:1450:4001:811::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Roboto%3A300%2C400%2C700

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5203714787387788&output=html&h=90&slotname=4563536207&adk=2647235303&adf=3604715433&pi=t.ma~as.4563536207&w=970&psa=0&format=970x90&url=http%3A%2F%2Fwww.larichesseturf.lachezvos.com%2Fpages%2Fabonnes&ea=0&flash=0&wgl=1&dt=1623575631208&bpp=4&bdt=107&idt=80&shv=r20210607&cbv=%2Fr20190131&ptt=9&saldr=aa&correlator=7969938032980&frm=23&ife=1&pv=2&ga_vid=368343812.1623575631&ga_sid=1623575631&ga_hid=1577198076&ga_fc=0&nhd=1&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=20&ady=0&biw=1600&bih=1200&isw=1600&ish=90&ifk=3907804965&scr_x=0&scr_y=0&eid=31060956%2C31061048&oid=3&pvsid=1591413603707558&eae=2&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C90&vis=1&rsz=o%7Co%7CaeE%7C&abl=NA&pfx=0&fu=4&bc=23&ifi=1&uci=1.cwpm1rv4tm07&fsb=1&dtd=100

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:811::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

fbe1583d8642d89d0c349b00c0125e485dd55976282165a6b5f2d29ea9d44549

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
last-modified: Sun, 13 Jun 2021 07:17:03 GMT
server: ESF
date: Sun, 13 Jun 2021 09:13:51 GMT
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Sun, 13 Jun 2021 09:13:51 GMT

GET
H2 200 load_preloaded_resource_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20210607/r20110914/client/ Frame C6CE 1 KB
990 B 32ms
11ms Script
text/javascript 2a00:1450:4001:82a::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20210607/r20110914/client/load_preloaded_resource_fy2019.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

49aea8d1206dbb5e3c8a7d4db9274d2efa2111d8b53acb901efc378b1feca381

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sun, 13 Jun 2021 09:01:11 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 760
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 882
x-xss-protection: 0
server: cafe
etag: 11243716317595354070
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sun, 27 Jun 2021 09:01:11 GMT

GET
H2 200 abg_lite_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20210607/r20110914/ Frame C6CE 17 KB
7 KB 27ms
7ms Script
text/javascript 2a00:1450:4001:82a::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20210607/r20110914/abg_lite_fy2019.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

0fc32732b1520df908e4ce5063434010c35725a930e0cc9df0be61c66a87cf32

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sun, 13 Jun 2021 09:13:50 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 1
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 7010
x-xss-protection: 0
server: cafe
etag: 16168581138844513892
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sun, 27 Jun 2021 09:13:50 GMT

GET
H2 200 window_focus_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20210607/r20110914/client/ Frame C6CE 2 KB
1 KB 28ms
11ms Script
text/javascript 2a00:1450:4001:82a::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20210607/r20110914/client/window_focus_fy2019.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

d1ac43e9327c147dc04b1efcd475ba7e9d464e6504eaffb167d0412d339b39e5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sun, 13 Jun 2021 09:12:42 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 69
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1316
x-xss-protection: 0
server: cafe
etag: 797314601362473214
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sun, 27 Jun 2021 09:12:42 GMT

GET
H3-29 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame C6CE 122 KB
37 KB 28ms
14ms Script
text/javascript 2a00:1450:4001:810::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

34b6e9936a2f024eef4f545bf4a1e717141704b00a75167fc7080fc6789e3881

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sun, 13 Jun 2021 09:13:51 GMT
content-encoding: gzip
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
server: sffe
etag: "1623410775224219"
vary: Accept-Encoding
content-type: text/javascript
cache-control: private, max-age=3000
x-content-type-options: nosniff
accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 38028
x-xss-protection: 0
expires: Sun, 13 Jun 2021 09:13:51 GMT

GET
H2 200 qs_click_protection_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20210607/r20110914/client/ Frame C6CE 13 KB
6 KB 23ms
6ms Script
text/javascript 2a00:1450:4001:82a::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20210607/r20110914/client/qs_click_protection_fy2019.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3a677da8f32851941b090ee6e9294757cba154033200b20231b2a4ca7f62a820

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sun, 13 Jun 2021 09:09:11 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 280
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 5644
x-xss-protection: 0
server: cafe
etag: 16788636151609896382
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sun, 27 Jun 2021 09:09:11 GMT

GET
H2 200 ef1eb58ff665bb7a112fcf12029c3c9f.js Show response
www.gstatic.com/mysidia/ Frame C6CE 25 KB
11 KB 26ms
5ms Script
text/javascript 2a00:1450:4001:801::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/mysidia/ef1eb58ff665bb7a112fcf12029c3c9f.js?tag=mysidia_one_click_handler_one_afma_2019

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:801::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

6abc2434abfe8bbfe104529364729f23d4de16bcf260ff1513d6f6a1937d3fa1

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sat, 12 Jun 2021 05:33:28 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 99623
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/mysidia
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 10553
x-xss-protection: 0
last-modified: Tue, 08 Jun 2021 05:15:54 GMT
server: sffe
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=7776000
accept-ranges: bytes
expires: Fri, 10 Sep 2021 05:33:28 GMT

GET
H3-29 200 adview
googleads.g.doubleclick.net/pagead/ Frame C6CE 0
0 18ms
17ms Fetch
text/html 2a00:1450:4001:80e::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/adview?ai=CSjMUT8zFYOv7FM-qtweKwofYAenZjZ1itqOj-M0MrNTYjxMQASCiuv4CYJWKuILIB6AB4KHSmQPIAQmpAn7GHqepULQ-qAMByAPLBKoEgAJP0Mprk_Gmr80fOIkAndqbu0LmXW7swft2Vr3kS80GKyQztbyVUihgWdMwZ-UT-XSVCU07IVgaLWXrIuCjtXVSFdsWDb9z5JlHQ2QW541qbHTs7v6cvZsdlxWISvNTVpR87ymMTdT2oqAsSUcrg9S3cgLWcy4-U53EazMb92es260zwG-gHuEv8Oyrv6woR0t1gniE2T_4GlfYHS9Alv1sqz4LcRiFtgIhFOPCXfd5t1qCz8MIx8K3NG3YoiokjZ561rda3v5-NlQ1sS3CtGze8H_QTqlLCcbu8p8_N6UgjI8UeNYYRcco_UmPnn_N75esslooF8vagU3NfdGqOdZawASjwZLdsgOSBQQIBBgBkgUECAUYBKAGLoAHiN6tZqgHipyxAqgH1ckbqAfw2RuoB_LZG6gHjs4bqAeT2BuoB7oGqAfulrECqAemvhuoB-zVG9gHAPIHBBCm0B_SCAkIgOGAEBABGB-ACgHICwHYEwzQFQGAFwGyFxoKGAgAEhRwdWItNTIwMzcxNDc4NzM4Nzc4OA&sigh=BXfdZD1ytt8&template_id=484

Requested by

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5203714787387788&output=html&h=90&slotname=4563536207&adk=2647235303&adf=3604715433&pi=t.ma~as.4563536207&w=970&psa=0&format=970x90&url=http%3A%2F%2Fwww.larichesseturf.lachezvos.com%2Fpages%2Fabonnes&ea=0&flash=0&wgl=1&dt=1623575631208&bpp=4&bdt=107&idt=80&shv=r20210607&cbv=%2Fr20190131&ptt=9&saldr=aa&correlator=7969938032980&frm=23&ife=1&pv=2&ga_vid=368343812.1623575631&ga_sid=1623575631&ga_hid=1577198076&ga_fc=0&nhd=1&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=20&ady=0&biw=1600&bih=1200&isw=1600&ish=90&ifk=3907804965&scr_x=0&scr_y=0&eid=31060956%2C31061048&oid=3&pvsid=1591413603707558&eae=2&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C90&vis=1&rsz=o%7Co%7CaeE%7C&abl=NA&pfx=0&fu=4&bc=23&ifi=1&uci=1.cwpm1rv4tm07&fsb=1&dtd=100
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin: *
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
server: cafe
date: Sun, 13 Jun 2021 09:13:51 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: private
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
expires: Sun, 13 Jun 2021 09:13:51 GMT

GET
H2 200 6592766407814317453
tpc.googlesyndication.com/simgad/18134181145235574538/ Frame C6CE 64 KB
64 KB 22ms
12ms Image
image/jpeg 2a00:1450:4001:82a::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/simgad/18134181145235574538/6592766407814317453

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

98343613e5bb3f022768ae38a605e0179bd9a799fde71fcbe9cab66b6f1f6791

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sat, 12 Jun 2021 08:13:09 GMT
x-content-type-options: nosniff
age: 90042
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 65104
x-xss-protection: 0
last-modified: Mon, 03 Aug 2020 14:19:07 GMT
server: sffe
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Sun, 12 Jun 2022 08:13:09 GMT

GET
DATA 200
OK truncated
/ Frame C6CE 206 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 76ebd2a7078570fa9f6a50855b4ade57c6b558cca7c95801b2b247406b274975

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
DATA 200
OK truncated
/ Frame C6CE 214 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 29df2bc938c1ed0fe63afe0e65d68ef9bd4625acf39e917e93aaf68f24885e95

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type: image/png

GET
H2 200 KFOlCnqEu92Fr1MmWUlfBBc4.woff2
fonts.gstatic.com/s/roboto/v27/ Frame C6CE 15 KB
16 KB 6ms
5ms Font
font/woff2 2a00:1450:4001:82f::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v27/KFOlCnqEu92Fr1MmWUlfBBc4.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto%3A300%2C400%2C700

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82f::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

0eaeadb58e6995ba85eccb6198aaef77eeb1d4b66699e4e1f3fc10eb6adfcdb9

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Origin: https://googleads.g.doubleclick.net
Referer: https://fonts.googleapis.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sat, 12 Jun 2021 15:02:11 GMT
x-content-type-options: nosniff
age: 65501
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 15828
x-xss-protection: 0
last-modified: Mon, 05 Apr 2021 21:10:46 GMT
server: sffe
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Sun, 12 Jun 2022 15:02:11 GMT

GET
H3-29 200 KFOlCnqEu92Fr1MmSU5fBBc4.woff2
fonts.gstatic.com/s/roboto/v27/ Frame C6CE 15 KB
15 KB 15ms
14ms Font
font/woff2 2a00:1450:4001:82f::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v27/KFOlCnqEu92Fr1MmSU5fBBc4.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto%3A300%2C400%2C700

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82f::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

33530b007071281a97e79baab13ddf7cc4b9de942ebd3e212224857335f7cb97

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Origin: https://googleads.g.doubleclick.net
Referer: https://fonts.googleapis.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sat, 12 Jun 2021 05:12:17 GMT
x-content-type-options: nosniff
age: 100895
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 15732
x-xss-protection: 0
last-modified: Mon, 05 Apr 2021 21:10:39 GMT
server: sffe
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Sun, 12 Jun 2022 05:12:17 GMT

GET
H3-29 200 KFOmCnqEu92Fr1Mu4mxK.woff2
fonts.gstatic.com/s/roboto/v27/ Frame C6CE 15 KB
15 KB 16ms
15ms Font
font/woff2 2a00:1450:4001:82f::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v27/KFOmCnqEu92Fr1Mu4mxK.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto%3A300%2C400%2C700

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82f::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

cc46322d5c4d41da447f26f7fa714827f2ec9a112968c12ef5736c7494985eca

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Origin: https://googleads.g.doubleclick.net
Referer: https://fonts.googleapis.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sat, 12 Jun 2021 17:35:42 GMT
x-content-type-options: nosniff
age: 56290
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 15688
x-xss-protection: 0
last-modified: Mon, 05 Apr 2021 21:10:35 GMT
server: sffe
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Sun, 12 Jun 2022 17:35:42 GMT

GET
H3-29 200 sodar Show response
pagead2.googlesyndication.com/getconfig/ Frame 30BD 10 KB
8 KB 31ms
17ms XHR
application/json 2a00:1450:4001:802::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gda&tv=r20210607&st=env

Requested by

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:802::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

10d1fb6fae275687d3dfa68e525ff9d9412fa78d7a0aeff9cb35291f3e25a007

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: http://www.larichesseturf.lachezvos.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin: *
date: Sun, 13 Jun 2021 09:13:52 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin: *
cache-control: private
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/json; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 7869
x-xss-protection: 0

GET
H3-29 200 wQPplS2CBbapxPPsKjLjCt6L9Rv2P8O8syxzKLSpyaY.js Show response
pagead2.googlesyndication.com/bg/ Frame 7AF0 14 KB
6 KB 20ms
6ms Script
text/javascript 2a00:1450:4001:802::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/wQPplS2CBbapxPPsKjLjCt6L9Rv2P8O8syxzKLSpyaY.js

Requested by

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:802::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

c103e9952d8205b6a9c4f3ec2a32e30ade8bf51bf63fc3bcb32c7328b4a9c9a6

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sat, 12 Jun 2021 19:26:57 GMT
content-encoding: br
x-content-type-options: nosniff
age: 49615
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 5768
x-xss-protection: 0
last-modified: Mon, 31 May 2021 08:58:00 GMT
server: sffe
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Sun, 12 Jun 2022 19:26:57 GMT

GET
H3-29 200 sodar2.js Show response
tpc.googlesyndication.com/sodar/ Frame 30BD 17 KB
6 KB 28ms
13ms Script
text/javascript 2a00:1450:4001:82a::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2.js

Requested by

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

e684839cbcef6b16753dae73e92a49b7115f55e83662ead12d5e05bf7b9915fb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: http://www.larichesseturf.lachezvos.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sun, 13 Jun 2021 09:13:52 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: sffe
etag: "1622653785071769"
vary: Accept-Encoding
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 6437
x-xss-protection: 0
expires: Sun, 13 Jun 2021 09:13:52 GMT

GET
H3-29 200 runner.html Show response
tpc.googlesyndication.com/sodar/sodar2/223/ Frame 0135 12 KB
5 KB 6ms
6ms Document
text/html 2a00:1450:4001:82a::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2/223/runner.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

de7dd7e8a5f2257d16c23c395b9262c6fa04689c81b0e2b8bf7f5bae9f4177dc

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: tpc.googlesyndication.com
:scheme: https
:path: /sodar/sodar2/223/runner.html
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: http://www.larichesseturf.lachezvos.com/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: http://www.larichesseturf.lachezvos.com/

Response headers

accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-type: text/html
cross-origin-resource-policy: cross-origin
content-length: 5022
date: Sun, 13 Jun 2021 08:50:06 GMT
expires: Mon, 13 Jun 2022 08:50:06 GMT
last-modified: Wed, 17 Mar 2021 18:24:30 GMT
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
cache-control: public, max-age=31536000
age: 1426
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H2 200 aframe Show response
www.google.com/recaptcha/api2/ Frame F565 783 B
779 B 23ms
23ms Document
text/html 2a00:1450:4001:812::2004
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/recaptcha/api2/aframe

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:812::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

GSE /

Resource Hash

4d83b89571b638f91b19d5e99b8ce417ecac4d83b6a574d74f6fe8bdcd9ae8da

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-RbEjdxKsX1UsHr+FlaBCtQ' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

:method: GET
:authority: www.google.com
:scheme: https
:path: /recaptcha/api2/aframe
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: http://www.larichesseturf.lachezvos.com/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: http://www.larichesseturf.lachezvos.com/

Response headers

expires: Sun, 13 Jun 2021 09:13:52 GMT
date: Sun, 13 Jun 2021 09:13:52 GMT
cache-control: private, max-age=300
content-type: text/html; charset=utf-8
content-security-policy: script-src 'report-sample' 'nonce-RbEjdxKsX1UsHr+FlaBCtQ' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-encoding: gzip
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
content-length: 512
server: GSE
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H3-29 200 wQPplS2CBbapxPPsKjLjCt6L9Rv2P8O8syxzKLSpyaY.js Show response
pagead2.googlesyndication.com/bg/ Frame 0135 14 KB
6 KB 6ms
6ms Script
text/javascript 2a00:1450:4001:802::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/wQPplS2CBbapxPPsKjLjCt6L9Rv2P8O8syxzKLSpyaY.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2/223/runner.html

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:802::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

c103e9952d8205b6a9c4f3ec2a32e30ade8bf51bf63fc3bcb32c7328b4a9c9a6

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sat, 12 Jun 2021 19:26:57 GMT
content-encoding: br
x-content-type-options: nosniff
age: 49615
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 5768
x-xss-protection: 0
last-modified: Mon, 31 May 2021 08:58:00 GMT
server: sffe
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Sun, 12 Jun 2022 19:26:57 GMT

GET
H3-29 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame 30BD 0
20 B 43ms
42ms Image
image/gif 2a00:1450:4001:802::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar2&v=223&t=2&li=gda_r20210607&jk=1591413603707558&bg=!UVKlUhbNAAY6sG-_OrA7ACkAdvg8Wr8J3ED1GMtI7FoG7jxz0cMuNYwFYXaLSpZcBrTGQxqXzsk5JAIAAAB4UgAAAA1oAQeZAqhlMU6ZipmGOwkgS_M4K3Wt3TdT0ODfzVJX5XqA6wQjJ_g4T8xfny_wV8AZRr-vJHqVsF1Es4ro3OgWJUd6hLuRz_GAQ9Qfs331Yi_I78uw0IzDhvgIAJccjk6sKbqdn9e9t5ZEzmt3ehao2vOFW3n5k_RMZs2Qt7QjcZnpgfKk6w7UNKbWIlyWZu2RDGPlyPXQNlXUCL7bOxtsWnodBMROZkRG1OG_cOPfMUnbRxjn3a__fvzabquhtlFcenDRpbiTHwS8ms5-_9koHxBmghub5D8zQRUq5u7WQ81foWOMF7T0hy3H461NsRoIYlTQSMAbo8NPDK4sKtwpH2hWaLCAY_DRD91O0gHGv4hj1gMkH0-w4RqPiAmrDTViUTMGzFQguS1Y13kWLr2qH5pPV5RNKopBwrsKelL3asn9e7JGSD8UeyCC_sOmZ66XpQ-9cp3jSYj_pg-iO1vcjQpttbbj_gZCtyCOHTGw6eub7chD9cvv2vD1ck4swBIGtPNoGgW8NueV_C-j-5edpzcMHOXaQPjQqqSwxFbRk1dahFlv2brb0jzlqh5MeOydr6-iV50LHLeaVAnXKcx_ci7LgrldPQkAtuZoo-seQV6-8SNlmZvg4mMT3fSwejXhOEn87yy57wvnyNnLpzKcT6XgGXgG65dVO1UtnDrSe9mg0WqOm7xP1AbmqQjm0zDdZAy3_ztaH6aWIF2JuERJ01d_yX05gYDkon6wirUTIc8W3IS1uenxbrpPWPcp3umya5N5RAC2yQImQSOIy42iVImZI9V_XnnHC_2mzco8Xq42nQ-Du2GQUHP_2QnIy9VKNjLvSzO3ISI8GW9g-_XlywxzMMViyukiTlVzrNi7wG1aMCwJcUWuEJNGDgL4WjE-t5C69oDxp9UROrM4VA

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:802::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: http://www.larichesseturf.lachezvos.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 13 Jun 2021 09:13:52 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3-29 200 activeview Show response
pagead2.googlesyndication.com/pcs/ Frame C6CE 42 B
64 B 16ms
16ms Fetch
image/gif 2a00:1450:4001:802::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjsvpW_QXKgIjVPzSKWSwk3bcD0hnkuwRo_N7LjmUpw5VAYmj5FWRkKTrLBSCTTf1QQf_LaljcNhMl86WZEAzejydGObwg3Nvuwv_0IRKef4HuPVWv7ch_spjZ-Lacw&sai=AMfl-YQuXG0RepXBjsTie2_-JacZeXrQLNK4Xli3cevXPoT9M8EDQWkYcpiXJ1ZrK1aYrR8CINEfAt14r3eW&sig=Cg0ArKJSzFjhEv0btv7PEAE&id=lidar2&mcvt=1000&p=0,20,90,990&mtos=1000,1000,1000,1000,1000&tos=1000,0,0,0,0&v=20210611&bin=7&avms=nio&bs=0,0&mc=1&if=1&app=0&itpl=22&adk=2647235303&rs=2&met=mue&la=0&cr=0&osd=1&vs=4&eosm=0&rst=1623575631312&dlt=623&rpt=68&isd=0&msd=0&r=v

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:802::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 13 Jun 2021 09:13:53 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin: *
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Verdicts & Comments Add Verdict or Comment

15 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

2 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

			Domain/Path	Expires	Name / Value
			.doubleclick.net/	1970-01-20 04:21:11	Name: IDE Value: AHWqTUnrQLx0iTDjSkHg6-iRiDFE1tNdsaQdeoIxZyx_AmVD2BKVtSWsRp1VEItBU50
			.lachezvos.com/	1970-01-20 04:21:11	Name: __gads Value: ID=52dde0100531c2d3-227d8aafebc80012:T=1623575631:RT=1623575631:S=ALNI_MZsj5ZqmjS6HAnmCxtUUMViatHxdg

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

adservice.google.com
adservice.google.de
fonts.googleapis.com
fonts.gstatic.com
googleads.g.doubleclick.net
pagead2.googlesyndication.com
partner.googleadservices.com
payment.allopass.com
tpc.googlesyndication.com
www.google.com
www.googletagservices.com
www.gstatic.com
www.larichesseturf.lachezvos.com
www.mondeturf.net
www.sansechec.ouba.com
www.venez.fr
172.217.23.98
185.119.26.1
194.150.236.165
194.150.236.236
2a00:1450:4001:801::2003
2a00:1450:4001:802::2002
2a00:1450:4001:80e::2002
2a00:1450:4001:810::2002
2a00:1450:4001:811::200a
2a00:1450:4001:812::2004
2a00:1450:4001:82a::2001
2a00:1450:4001:82f::2003
2a00:1450:4001:831::2002
5.135.149.81
09f4b9ae7443630e481f32b71073ab2a47b82a20f9ca5b5a7b5e7fea56d8503a
0b7c94e045e29551b19762cbe6f0d8360b7949f2765eccb6f433161448975775
0c91a24c2deb753c963c48cd9c3e5d16ee96128b30bce193c4324e121728c306
0eaeadb58e6995ba85eccb6198aaef77eeb1d4b66699e4e1f3fc10eb6adfcdb9
0fc32732b1520df908e4ce5063434010c35725a930e0cc9df0be61c66a87cf32
10d1fb6fae275687d3dfa68e525ff9d9412fa78d7a0aeff9cb35291f3e25a007
13bbb92831da0c0b4b7f83f6c8126ff442659cceac698661fa7fc8b4dce4b5a5
29df2bc938c1ed0fe63afe0e65d68ef9bd4625acf39e917e93aaf68f24885e95
3289fc83b622ca0a13683fa81b006a05de135d1938744d6e30e5c9be2f2d782a
33530b007071281a97e79baab13ddf7cc4b9de942ebd3e212224857335f7cb97
34b6e9936a2f024eef4f545bf4a1e717141704b00a75167fc7080fc6789e3881
3a677da8f32851941b090ee6e9294757cba154033200b20231b2a4ca7f62a820
49aea8d1206dbb5e3c8a7d4db9274d2efa2111d8b53acb901efc378b1feca381
49d4ba84e10d9d1f2a83956dde4f20625fd11efc01f60a3a4552a9e09a05a74f
4d83b89571b638f91b19d5e99b8ce417ecac4d83b6a574d74f6fe8bdcd9ae8da
6069df0fce802405de9f425cdba957c67b3f3a4d3c1a775a96b10ae552d7c8e3
64285bab3df02efd821e5aecbdcf40b26599031e599c4069f9477b1d137235a7
6abc2434abfe8bbfe104529364729f23d4de16bcf260ff1513d6f6a1937d3fa1
6d88e36cfd8eada9864ce6d2f583de57913a2b6f2ea013fabc72cf5f1011fa27
707df6884f2bb0cc5f7ab83b77128324cb16418856afcf5d5731d934d297fe13
76ebd2a7078570fa9f6a50855b4ade57c6b558cca7c95801b2b247406b274975
7dc792d48132ff15a9ad8c11a139bf26f8e13aa3df30a71582ae406ddffdab4f
8c5f0c4fd8c40cb2c48bfcbe311753a9d18626c51f71cf47c6739ce3150e9bba
8f4b8d2def1fa5e09bafacbb8ac66e614d74f1cdbace1417cedef55c0d9a83db
98343613e5bb3f022768ae38a605e0179bd9a799fde71fcbe9cab66b6f1f6791
9b6e6992be17d05a1f105c8ed3ac0b302141480075645860b400483eafd5ebc0
9e4e095ff2f29eeec786bcc18d1edb982ba7db56e7f76a6757c08533dc583777
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
bf8c40124df0401548e7f758058e9f79243595f922157a87effdbfcf95e02755
c0c1edf85ee406ff6e457dba599598152cc971f399f53c204fd30b978662f385
c103e9952d8205b6a9c4f3ec2a32e30ade8bf51bf63fc3bcb32c7328b4a9c9a6
cc46322d5c4d41da447f26f7fa714827f2ec9a112968c12ef5736c7494985eca
d1ac43e9327c147dc04b1efcd475ba7e9d464e6504eaffb167d0412d339b39e5
d439928ed705c83c9077f91dc326b7559e3cdbad692142c9448a72b5deb821d6
de7dd7e8a5f2257d16c23c395b9262c6fa04689c81b0e2b8bf7f5bae9f4177dc
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e684839cbcef6b16753dae73e92a49b7115f55e83662ead12d5e05bf7b9915fb
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
f467eff1aac9b2dc064cb6fa231e3612367bc4f32aebead30e6390199bbd7949
fbe1583d8642d89d0c349b00c0125e485dd55976282165a6b5f2d29ea9d44549

www.larichesseturf.lachezvos.com Open in urlscan Pro 5.135.149.81 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Detected technologies

Page Statistics

44 Requests

80 %HTTPS

64 %IPv6

13 Domains

16 Subdomains

15 IPs

3 Countries

883 kBTransfer

1373 kBSize

2 Cookies

0 Outgoing links

Redirected requests

44 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 2 data transactions

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

www.larichesseturf.lachezvos.com Open in urlscan Pro
5.135.149.81 Public Scan

Screenshot
Live screenshot

Full Image

44
Requests

80 %
HTTPS

64 %
IPv6

13
Domains

16
Subdomains

15
IPs

3
Countries

883 kB
Transfer

1373 kB
Size

2
Cookies

44 HTTP transactions
2 data transactions