turfologie.fr.gd Open in urlscan Pro
193.238.27.28 Public Scan

Go To Rescan
Add Verdict Report

URL:
https://turfologie.fr.gd/
Submission: On January 29 via api (January 29th 2024, 4:39:44 pm UTC) from US — Scanned from FR

Summary HTTP 200 Redirects Links 22 Behaviour Indicators

Summary

This website contacted 40 IPs in 7 countries across 40 domains to perform 200 HTTP transactions. The main IP is 193.238.27.28, located in Germany and belongs to IPX-AS15598, DE. The main domain is turfologie.fr.gd.
TLS certificate: Issued by R3 on January 22nd 2024. Valid for: 3 months.

This is the only time turfologie.fr.gd was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
1	193.238.27.28 193.238.27.28	15598 (IPX-AS15598) (IPX-AS15598)
1	2606:4700::68... 2606:4700::6811:180e	13335 (CLOUDFLAR...) (CLOUDFLARENET)
24	2a00:1450:400... 2a00:1450:4001:827::2002	15169 (GOOGLE) (GOOGLE)
22	178.162.223.113 178.162.223.113	28753 (LEASEWEB-...) (LEASEWEB-DE-FRA-10)
1	95.142.100.82 95.142.100.82	47543 (ATOM86-AS) (ATOM86-AS)
1	2a00:1450:400... 2a00:1450:4001:80f::2004	15169 (GOOGLE) (GOOGLE)
4	178.162.223.114 178.162.223.114	28753 (LEASEWEB-...) (LEASEWEB-DE-FRA-10)
11	2a00:1450:400... 2a00:1450:4001:831::2001	15169 (GOOGLE) (GOOGLE)
2	2600:9000:205... 2600:9000:2057:9800:1e:5c56:d400:93a1	16509 (AMAZON-02) (AMAZON-02)
1	2606:4700:303... 2606:4700:3038::6815:ea1a	13335 (CLOUDFLAR...) (CLOUDFLARENET)
11	2a00:1450:400... 2a00:1450:4001:829::2002	15169 (GOOGLE) (GOOGLE)
1	2a06:98c1:312... 2a06:98c1:3120::3	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1 2	2a02:cb40:200... 2a02:cb40:200::242	20546 (SOPRADO-ANY) (SOPRADO-ANY)
1	88.99.189.169 88.99.189.169	24940 (HETZNER-AS) (HETZNER-AS)
1	176.9.183.55 176.9.183.55	24940 (HETZNER-AS) (HETZNER-AS)
3	3.75.56.58 3.75.56.58	16509 (AMAZON-02) (AMAZON-02)
41	2a00:1450:400... 2a00:1450:4001:82f::2006	15169 (GOOGLE) (GOOGLE)
14	2a00:1450:400... 2a00:1450:4001:827::2001	15169 (GOOGLE) (GOOGLE)
4	2a00:1450:400... 2a00:1450:4001:828::2002	15169 (GOOGLE) (GOOGLE)
9 16	216.58.212.130 216.58.212.130	15169 (GOOGLE) (GOOGLE)
6 12	104.18.36.155 104.18.36.155	13335 (CLOUDFLAR...) (CLOUDFLARENET)
6 9	185.89.210.46 185.89.210.46	29990 (ASN-APPNEX) (ASN-APPNEX)
1 3	52.28.39.71 52.28.39.71	16509 (AMAZON-02) (AMAZON-02)
6	142.250.185.102 142.250.185.102	15169 (GOOGLE) (GOOGLE)
12	2606:4700:20:... 2606:4700:20::681a:bd1	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	2a00:1450:400... 2a00:1450:4001:82b::2004	15169 (GOOGLE) (GOOGLE)
1	2620:116:800d... 2620:116:800d:21:e365:4988:e8a7:3270	16509 (AMAZON-02) (AMAZON-02)
1	2a02:fa8:8806... 2a02:fa8:8806:20::2010	41041 (VCLK-EU-SE) (VCLK-EU-SE)
2 2	52.57.64.28 52.57.64.28	16509 (AMAZON-02) (AMAZON-02)
1 1	34.91.62.186 34.91.62.186	396982 (GOOGLE-CL...) (GOOGLE-CLOUD-PLATFORM)
1	98.98.134.243 98.98.134.243	21859 (ZEN-ECN) (ZEN-ECN)
2 2	72.246.169.24 72.246.169.24	16625 (AKAMAI-AS) (AKAMAI-AS)
1	2600:1901:0:7... 2600:1901:0:76b9::	15169 (GOOGLE) (GOOGLE)
1 2	18.193.12.180 18.193.12.180	16509 (AMAZON-02) (AMAZON-02)
1	2606:4700:20:... 2606:4700:20::ac43:444e	13335 (CLOUDFLAR...) (CLOUDFLARENET)
2	2606:4700:20:... 2606:4700:20::681a:ad1	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1 2	2606:4700:20:... 2606:4700:20::681a:dd7	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	163.181.92.233 163.181.92.233	24429 (TAOBAO Zh...) (TAOBAO Zhejiang Taobao Network Co.)
1 1	5.150.170.6 5.150.170.6	31151 (PHG-AS) (PHG-AS)
1 1	18.239.50.103 18.239.50.103	16509 (AMAZON-02) (AMAZON-02)
3 4	104.17.142.22 104.17.142.22	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	23.192.250.178 23.192.250.178	16625 (AKAMAI-AS) (AKAMAI-AS)
1 2	95.131.136.1 95.131.136.1	47841 (OXALIDE) (OXALIDE)
1	192.229.220.129 192.229.220.129	15133 (EDGECAST) (EDGECAST)
200	40

1 193.238.27.28 (Germany)

ASN15598 (IPX-AS15598, DE)
PTR: fr.gd

turfologie.fr.gd	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700::6811:180e (United States)

ASN13335 (CLOUDFLARENET, US)

cdnjs.cloudflare.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

24 2a00:1450:4001:827::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

pagead2.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

22 178.162.223.113 (Schwerte, Germany)

ASN28753 (LEASEWEB-DE-FRA-10, DE)
PTR: misc.webme.com

theme.webme.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 95.142.100.82 (Netherlands)

ASN47543 (ATOM86-AS, NL)
PTR: ofwallet.bestpaths.net

pubdirecte.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:80f::2004 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

t3.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 178.162.223.114 (Schwerte, Germany)

ASN28753 (LEASEWEB-DE-FRA-10, DE)
PTR: img.webme.com

img.webme.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

11 2a00:1450:4001:831::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

1.bp.blogspot.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
3.bp.blogspot.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
2.bp.blogspot.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
4.bp.blogspot.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
blogger.googleusercontent.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2600:9000:2057:9800:1e:5c56:d400:93a1 (United States)

ASN16509 (AMAZON-02, US)

static.wixstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700:3038::6815:ea1a (United States)

ASN13335 (CLOUDFLARENET, US)

img.root-top.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

11 2a00:1450:4001:829::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

googleads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a06:98c1:3120::3 (United States)

ASN13335 (CLOUDFLARENET, US)

asrv205.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a02:cb40:200::242 (Germany) 1 redirects

ASN20546 (SOPRADO-ANY, DE)

t.adcell.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 88.99.189.169 (Ahnsbeck, Germany)

ASN24940 (HETZNER-AS, DE)
PTR: s30n57.meinserver.io

feuerwehrstore.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 176.9.183.55 (Germany)

ASN24940 (HETZNER-AS, DE)
PTR: static.55.183.9.176.clients.your-server.de

fwdtrk.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 3.75.56.58 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-3-75-56-58.eu-central-1.compute.amazonaws.com

visifeed.org	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

41 2a00:1450:4001:82f::2006 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

s0.2mdn.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

14 2a00:1450:4001:827::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

tpc.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2a00:1450:4001:828::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.googletagservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

16 216.58.212.130 (United States) 9 redirects

ASN15169 (GOOGLE, US)
PTR: ams15s21-in-f2.1e100.net

cm.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

12 104.18.36.155 (None, ) 6 redirects

ASN13335 (CLOUDFLARENET, US)

dsum-sec.casalemedia.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

9 185.89.210.46 (Frankfurt am Main, Germany) 6 redirects

ASN29990 (ASN-APPNEX, US)
PTR: 940.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net

ib.adnxs.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 52.28.39.71 (Frankfurt am Main, Germany) 1 redirects

ASN16509 (AMAZON-02, US)
PTR: ec2-52-28-39-71.eu-central-1.compute.amazonaws.com

api.yieldads.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 142.250.185.102 (United States)

ASN15169 (GOOGLE, US)
PTR: fra16s49-in-f6.1e100.net

ad.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

12 2606:4700:20::681a:bd1 (United States)

ASN13335 (CLOUDFLARENET, US)

as.ad4m.at	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
ad4m.at	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
assets.ad4m.at	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:82b::2004 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2620:116:800d:21:e365:4988:e8a7:3270 (United States)

ASN16509 (AMAZON-02, US)

cms.quantserve.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a02:fa8:8806:20::2010 (Singapore)

ASN41041 (VCLK-EU-SE, US)

dclk-match.dotomi.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 52.57.64.28 (Frankfurt am Main, Germany) 2 redirects

ASN16509 (AMAZON-02, US)
PTR: ec2-52-57-64-28.eu-central-1.compute.amazonaws.com

pm.w55c.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 34.91.62.186 (Groningen, Netherlands) 1 redirects

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 186.62.91.34.bc.googleusercontent.com

um.simpli.fi	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 98.98.134.243 (United States)

ASN21859 (ZEN-ECN, US)

pixel-sync.sitescout.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 72.246.169.24 (Frankfurt am Main, Germany) 2 redirects

ASN16625 (AKAMAI-AS, US)
PTR: a72-246-169-24.deploy.static.akamaitechnologies.com

e.dlx.addthis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2600:1901:0:76b9:: (Kansas City, United States)

ASN15169 (GOOGLE, US)

prod-rtb.ad4mat.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 18.193.12.180 (Frankfurt am Main, Germany) 1 redirects

ASN16509 (AMAZON-02, US)
PTR: ec2-18-193-12-180.eu-central-1.compute.amazonaws.com

nakoona.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700:20::ac43:444e (United States)

ASN13335 (CLOUDFLARENET, US)

static-de.ad4mat.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2606:4700:20::681a:ad1 (United States)

ASN13335 (CLOUDFLARENET, US)

ad4m.at	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2606:4700:20::681a:dd7 (United States) 1 redirects

ASN13335 (CLOUDFLARENET, US)

r.linksprf.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 163.181.92.233 (Frankfurt am Main, Germany)

ASN24429 (TAOBAO Zhejiang Taobao Network Co.,Ltd, CN)

www.linkbux.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 5.150.170.6 (United Kingdom) 1 redirects

ASN31151 (PHG-AS, GB)

prf.hn	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 18.239.50.103 (United States) 1 redirects

ASN16509 (AMAZON-02, US)
PTR: server-18-239-50-103.ams58.r.cloudfront.net

merrell.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 104.17.142.22 (None, ) 3 redirects

ASN13335 (CLOUDFLARENET, US)

www.merrell.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 23.192.250.178 (Düsseldorf, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a23-192-250-178.deploy.static.akamaitechnologies.com

www.awin1.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 95.131.136.1 (France) 1 redirects

ASN47841 (OXALIDE, FR)
PTR: front.netaffiliation.net

zcz.willemsefrance.fr	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
action.metaffiliation.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 192.229.220.129 (United States)

ASN15133 (EDGECAST, US)

img.metaffiliation.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
41	2mdn.net s0.2mdn.net — Cisco Umbrella Rank: 336	823 KB
38	googlesyndication.com pagead2.googlesyndication.com — Cisco Umbrella Rank: 110 tpc.googlesyndication.com — Cisco Umbrella Rank: 157	445 KB
33	doubleclick.net 9 redirects googleads.g.doubleclick.net — Cisco Umbrella Rank: 38 cm.g.doubleclick.net — Cisco Umbrella Rank: 260 ad.doubleclick.net — Cisco Umbrella Rank: 163	128 KB
26	webme.com theme.webme.com img.webme.com — Cisco Umbrella Rank: 414033	209 KB
14	ad4m.at as.ad4m.at — Cisco Umbrella Rank: 29340 ad4m.at — Cisco Umbrella Rank: 11475 assets.ad4m.at — Cisco Umbrella Rank: 41583	150 KB
12	casalemedia.com 6 redirects dsum-sec.casalemedia.com — Cisco Umbrella Rank: 622	6 KB
10	blogspot.com 1.bp.blogspot.com — Cisco Umbrella Rank: 11960 3.bp.blogspot.com — Cisco Umbrella Rank: 14261 2.bp.blogspot.com — Cisco Umbrella Rank: 15271 4.bp.blogspot.com — Cisco Umbrella Rank: 15285	49 KB
9	adnxs.com 6 redirects ib.adnxs.com — Cisco Umbrella Rank: 253	10 KB
5	merrell.com 4 redirects merrell.com — Cisco Umbrella Rank: 167666 www.merrell.com — Cisco Umbrella Rank: 231182	2 KB
4	googletagservices.com www.googletagservices.com — Cisco Umbrella Rank: 230	260 KB
3	yieldads.net 1 redirects api.yieldads.net — Cisco Umbrella Rank: 120597	15 KB
3	visifeed.org visifeed.org — Cisco Umbrella Rank: 119580	2 KB
2	metaffiliation.com 1 redirects action.metaffiliation.com — Cisco Umbrella Rank: 181020 img.metaffiliation.com — Cisco Umbrella Rank: 92279	135 KB
2	linksprf.com 1 redirects r.linksprf.com — Cisco Umbrella Rank: 81816	2 KB
2	nakoona.com 1 redirects nakoona.com — Cisco Umbrella Rank: 555685	2 KB
2	ad4mat.net prod-rtb.ad4mat.net — Cisco Umbrella Rank: 125344 static-de.ad4mat.net — Cisco Umbrella Rank: 164401	1013 B
2	addthis.com 2 redirects e.dlx.addthis.com — Cisco Umbrella Rank: 1946	1 KB
2	w55c.net 2 redirects pm.w55c.net — Cisco Umbrella Rank: 875	2 KB
2	adcell.com 1 redirects t.adcell.com — Cisco Umbrella Rank: 57836	628 B
2	wixstatic.com static.wixstatic.com — Cisco Umbrella Rank: 5688	15 KB
1	willemsefrance.fr zcz.willemsefrance.fr	724 B
1	awin1.com www.awin1.com — Cisco Umbrella Rank: 16092	703 B
1	prf.hn 1 redirects prf.hn — Cisco Umbrella Rank: 28427	398 B
1	linkbux.com www.linkbux.com — Cisco Umbrella Rank: 144219	1 KB
1	sitescout.com pixel-sync.sitescout.com — Cisco Umbrella Rank: 722	187 B
1	simpli.fi 1 redirects um.simpli.fi — Cisco Umbrella Rank: 856	762 B
1	dotomi.com dclk-match.dotomi.com — Cisco Umbrella Rank: 3445	104 B
1	quantserve.com cms.quantserve.com — Cisco Umbrella Rank: 764	464 B
1	google.com www.google.com — Cisco Umbrella Rank: 2
1	fwdtrk.com fwdtrk.com fwd.fwdtrk.com Failed	2 KB
1	feuerwehrstore.de feuerwehrstore.de	11 MB
1	asrv205.com asrv205.com	1 KB
1	googleusercontent.com blogger.googleusercontent.com — Cisco Umbrella Rank: 12324	12 KB
1	root-top.com img.root-top.com	5 KB
1	gstatic.com t3.gstatic.com	9 KB
1	pubdirecte.com pubdirecte.com	1 KB
1	cloudflare.com cdnjs.cloudflare.com — Cisco Umbrella Rank: 225	2 KB
1	fr.gd turfologie.fr.gd	349 KB
0	gemius.pl Failed googlecm.hit.gemius.pl Failed
0	cpmaffiliation.com Failed www.cpmaffiliation.com Failed
200	40

	Domain	Requested by
41	s0.2mdn.net	turfologie.fr.gd s0.2mdn.net
24	pagead2.googlesyndication.com	turfologie.fr.gd pagead2.googlesyndication.com tpc.googlesyndication.com googleads.g.doubleclick.net www.googletagservices.com
22	theme.webme.com	turfologie.fr.gd
16	cm.g.doubleclick.net	9 redirects googleads.g.doubleclick.net turfologie.fr.gd
14	tpc.googlesyndication.com	turfologie.fr.gd tpc.googlesyndication.com googleads.g.doubleclick.net
12	dsum-sec.casalemedia.com	6 redirects googleads.g.doubleclick.net
11	googleads.g.doubleclick.net	pagead2.googlesyndication.com turfologie.fr.gd googleads.g.doubleclick.net
9	ib.adnxs.com	6 redirects googleads.g.doubleclick.net
6	assets.ad4m.at	as.ad4m.at
6	ad.doubleclick.net	turfologie.fr.gd
4	www.merrell.com	3 redirects www.linkbux.com
4	ad4m.at	as.ad4m.at ad4m.at
4	as.ad4m.at	googleads.g.doubleclick.net as.ad4m.at ad4m.at
4	www.googletagservices.com	turfologie.fr.gd googleads.g.doubleclick.net
4	1.bp.blogspot.com	turfologie.fr.gd
4	img.webme.com	turfologie.fr.gd
3	api.yieldads.net	1 redirects visifeed.org api.yieldads.net
3	visifeed.org	fwdtrk.com visifeed.org
3	3.bp.blogspot.com	turfologie.fr.gd
2	r.linksprf.com	1 redirects nakoona.com
2	nakoona.com	1 redirects api.yieldads.net
2	e.dlx.addthis.com	2 redirects
2	pm.w55c.net	2 redirects
2	t.adcell.com	1 redirects asrv205.com
2	static.wixstatic.com	turfologie.fr.gd
2	2.bp.blogspot.com	turfologie.fr.gd
1	img.metaffiliation.com	as.ad4m.at
1	action.metaffiliation.com	1 redirects
1	zcz.willemsefrance.fr	as.ad4m.at
1	www.awin1.com	as.ad4m.at
1	merrell.com	1 redirects
1	prf.hn	1 redirects
1	www.linkbux.com	r.linksprf.com
1	static-de.ad4mat.net	as.ad4m.at
1	prod-rtb.ad4mat.net	googleads.g.doubleclick.net
1	pixel-sync.sitescout.com	googleads.g.doubleclick.net
1	um.simpli.fi	1 redirects
1	dclk-match.dotomi.com	googleads.g.doubleclick.net
1	cms.quantserve.com	googleads.g.doubleclick.net
1	www.google.com	googleads.g.doubleclick.net
1	fwdtrk.com	asrv205.com
1	feuerwehrstore.de	asrv205.com
1	asrv205.com	turfologie.fr.gd
1	blogger.googleusercontent.com	turfologie.fr.gd
1	img.root-top.com	turfologie.fr.gd
1	4.bp.blogspot.com	turfologie.fr.gd
1	t3.gstatic.com	turfologie.fr.gd
1	pubdirecte.com	turfologie.fr.gd
1	cdnjs.cloudflare.com	turfologie.fr.gd
1	turfologie.fr.gd
0	googlecm.hit.gemius.pl Failed	googleads.g.doubleclick.net
0	fwd.fwdtrk.com Failed	fwdtrk.com
0	www.cpmaffiliation.com Failed	turfologie.fr.gd
200	53

This site contains links to these domains. Also see Links.

Domain
www.linkredirect.biz
pubdirecte.com
pronocourse.ifrance.com
www.root-top.com
www.fortunepmu.fr.gd
www.turfpmu.fr.gd
elvyturf.blogspot.com
www.jeugagnant.fr.gd
www.chevalcourse.wixsite.com
www.triotierce.fr.gd
www.basecouple.fr.gd
www.jeupmu.wixsite.com
www.franckyturf.fr.gd
yannpmu.blogspot.com
mariacourse.blogspot.com
www.facebook.com
www.ma-page.fr

Subject Issuer	Validity	Valid
fr.gd R3	`2024-01-22` - `2024-04-21`	3 months	crt.sh
sni.cloudflaressl.com Cloudflare Inc ECC CA-3	`2023-07-03` - `2024-07-02`	a year	crt.sh
*.g.doubleclick.net GTS CA 1C3	`2024-01-02` - `2024-03-26`	3 months	crt.sh
misc.webme.com R3	`2024-01-22` - `2024-04-21`	3 months	crt.sh
pubdirecte.com R3	`2023-11-14` - `2024-02-12`	3 months	crt.sh
*.gstatic.com GTS CA 1C3	`2024-01-02` - `2024-03-26`	3 months	crt.sh
img.webme.com R3	`2024-01-22` - `2024-04-21`	3 months	crt.sh
misc-sni.blogspot.com GTS CA 1C3	`2024-01-02` - `2024-03-26`	3 months	crt.sh
*.wixstatic.com Sectigo RSA Domain Validation Secure Server CA	`2024-01-01` - `2024-06-29`	6 months	crt.sh
root-top.com E1	`2023-12-28` - `2024-03-27`	3 months	crt.sh
*.googleusercontent.com GTS CA 1C3	`2024-01-02` - `2024-03-26`	3 months	crt.sh
asrv205.com GTS CA 1P5	`2023-12-04` - `2024-03-03`	3 months	crt.sh
adcell.com Certum Domain Validation CA SHA2	`2023-07-28` - `2024-07-27`	a year	crt.sh
fwdtrk.com R3	`2024-01-20` - `2024-04-19`	3 months	crt.sh
visifeed.org R3	`2024-01-09` - `2024-04-08`	3 months	crt.sh
*.doubleclick.net GTS CA 1C3	`2024-01-02` - `2024-03-26`	3 months	crt.sh
tpc.googlesyndication.com GTS CA 1C3	`2024-01-02` - `2024-03-26`	3 months	crt.sh
api.yieldads.net Amazon RSA 2048 M01	`2023-10-04` - `2024-11-02`	a year	crt.sh
www.google.com GTS CA 1C3	`2024-01-02` - `2024-03-26`	3 months	crt.sh
quantserve.com R3	`2023-12-27` - `2024-03-26`	3 months	crt.sh
*.dotomi.com GlobalSign RSA OV SSL CA 2018	`2023-08-15` - `2024-09-15`	a year	crt.sh
*.sitescout.com GeoTrust TLS RSA CA G1	`2024-01-15` - `2025-02-01`	a year	crt.sh
prod-rtb.ad4mat.net GTS CA 1D4	`2024-01-18` - `2024-04-17`	3 months	crt.sh
nakoona.com Amazon RSA 2048 M02	`2023-09-04` - `2024-10-03`	a year	crt.sh
ad4mat.net GTS CA 1P5	`2024-01-16` - `2024-04-15`	3 months	crt.sh
linksprf.com GTS CA 1P5	`2024-01-02` - `2024-04-01`	3 months	crt.sh
*.linkbux.com RapidSSL TLS RSA CA G1	`2023-07-26` - `2024-08-08`	a year	crt.sh
www.merrell.com DigiCert Global G2 TLS RSA SHA256 2020 CA1	`2024-01-22` - `2025-01-21`	a year	crt.sh
www.awin1.com DigiCert TLS RSA SHA256 2020 CA1	`2024-01-10` - `2025-01-10`	a year	crt.sh
zcz.willemsefrance.fr R3	`2024-01-02` - `2024-04-01`	3 months	crt.sh

This page contains 30 frames:

Primary Page: https://turfologie.fr.gd/
Frame ID: 81BBF2777EF198D8B3289E4C14C9FBF0
Requests: 52 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/html/r20240122/r20190131/zrt_lookup_fy2021.html
Frame ID: 889C03D997268B3EE9BE41925090C9E3
Requests: 1 HTTP requests in this frame

Frame: https://asrv205.com/adframe/eyJpZCI6NiwicHVibGlzaGVyX2lkIjo0LCJ3aWR0aCI6MzAwLCJoZWlnaHQiOjI1MH0=?ct=CLICKTRACKING
Frame ID: F0FA35B719FAF812BE42886824E15EBC
Requests: 2 HTTP requests in this frame

Frame: https://t.adcell.com/p/view?promoId=365122&slotId=105746&pv=1
Frame ID: BAE2D441DDC26868CB96644302BCE144
Requests: 1 HTTP requests in this frame

Frame: https://fwdtrk.com/track/eyJjYW1wYWlnbl9pZCI6MjksImNyZWF0aXZlX2lkIjozOSwicHVibGlzaGVyX2lkIjo0LCJ6b25lX2lkIjo2LCJmcmFtZV90eXBlIjoiRnJhbWVzIiwiZnJhbWVfZ3RtZG9tYWluIjoiZndkLmZ3ZHRyay5jb20iLCJmcmFtZV9jYW1wYWlnbmlkIjoiNjBjOTEwNmEtZGQ3Yi00ZjNiLTk3ODktNDQxNTIzZGQzYzVlIiwiZnJhbWVfdGFyZ2V0IjoiOEZZIiwiZnJhbWVfdGFyZ2V0X2lkIjoxLCJmcmFtZV9hZGRjb3VudHJ5IjowLCJjb3VudHJ5IjoiRlIiLCJ0cyI6MTcwNjU0NjM4MH0%3D
Frame ID: 1643C6F127EB6016536B935165D7F041
Requests: 2 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5309472016820672&output=html&adk=1812271804&adf=3025194257&lmt=1706546380&plat=2%3A16777216%2C9%3A32776%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32%2C41%3A32%2C42%3A32&plas=260x945_l%7C260x945_r&format=0x0&url=https%3A%2F%2Fturfologie.fr.gd%2F&host=ca-host-pub-1483906849246906&pra=5&wgl=1&easpi=1&asro=0&aslmt=0.4&asamt=-1&asedf=0&asefa=1&aseiel=1~2~4~6&aslcwct=150&asacwct=25&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1706546379848&bpp=2&bdt=234&idt=248&shv=r20240122&mjsv=m202401230101&ptt=9&saldr=aa&abxe=1&nras=1&correlator=5185171188298&frm=20&pv=2&ga_vid=2112861678.1706546380&ga_sid=1706546380&ga_hid=1426785995&ga_fc=0&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C31079265%2C31080533%2C31080619%2C95322184%2C95320869%2C95321626%2C95322164%2C95323006&oid=2&pvsid=3681854001375556&tmod=713479794&uas=0&nvt=1&fsapi=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=32768&bc=31&bz=1&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=1&uci=a!1&fsb=1&dtd=258
Frame ID: FEA45885EB9D1918F69B9A968310A1FA
Requests: 1 HTTP requests in this frame

Frame: https://visifeed.org/i?n=1&t=101&ts=e_60c9106a-dd7b-4f3b-9789-441523dd3c5e&l=k%7B&phash=14426602d095f6046b3a008e7d69186a78de6ab3895e575d5502ceca210baeed&ci=yC_w3Mu%3B&its=9F%5Bt%2ALp5e%3DbA%24QD%3BxoPWbVW&an=l0%3FGo%2CBt&ve=8DY&ppos=ww2G&wm=%7Eu0Zq%23Sv6p
Frame ID: F898978248AF0C24B754057CC626C773
Requests: 2 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5309472016820672&output=html&h=280&adk=3809598800&adf=854766408&pi=t.aa~a.1415116625~rp.4&w=1200&fwrn=4&fwrnh=100&lmt=1706546380&rafmt=1&to=qs&pwprc=3996251837&format=1200x280&url=https%3A%2F%2Fturfologie.fr.gd%2F&host=ca-host-pub-1483906849246906&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1706546380758&bpp=1&bdt=1144&idt=-M&shv=r20240122&mjsv=m202401230101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=2&correlator=5185171188298&frm=20&pv=1&ga_vid=2112861678.1706546380&ga_sid=1706546380&ga_hid=1426785995&ga_fc=0&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=200&ady=1509&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C31079265%2C31080533%2C31080619%2C95322184%2C95320869%2C95321626%2C95322164%2C95323006&oid=2&pvsid=3681854001375556&tmod=713479794&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&bz=1&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=2&uci=a!2&btvi=1&fsb=1&dtd=3
Frame ID: 0DD03FA8535AE5E49D83DEE983BF072F
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5309472016820672&output=html&h=90&adk=2743202993&adf=1839787983&pi=t.aa~a.1182920990~rp.3&w=1200&fwrn=4&fwrnh=100&lmt=1706546380&rafmt=1&to=qs&pwprc=3996251837&format=1200x90&url=https%3A%2F%2Fturfologie.fr.gd%2F&host=ca-host-pub-1483906849246906&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1706546380758&bpp=1&bdt=1144&idt=0&shv=r20240122&mjsv=m202401230101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C1200x280&nras=3&correlator=5185171188298&frm=20&pv=1&ga_vid=2112861678.1706546380&ga_sid=1706546380&ga_hid=1426785995&ga_fc=0&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=200&ady=1821&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C31079265%2C31080533%2C31080619%2C95322184%2C95320869%2C95321626%2C95322164%2C95323006&oid=2&pvsid=3681854001375556&tmod=713479794&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&bz=1&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=3&uci=a!3&btvi=2&fsb=1&dtd=5
Frame ID: 35D4E719B3508F6DF8653E59779B583F
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/html/r20240122/r20110914/zrt_lookup_fy2021.html?fsb=1
Frame ID: C36071F73ED6DE4DA94E6F78114E9112
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/html/r20240122/r20110914/zrt_lookup_fy2021.html?fsb=1
Frame ID: 1ACDA2A47F6B039578A8F35A5BCAFA6A
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/html/r20240122/r20110914/zrt_lookup_fy2021.html?fsb=1
Frame ID: 95A11F220205CB6900CA227BDF397242
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/xbbe/pixel?d=CPDkLxCoi2UYqeTEmAEwAQ&v=APEucNWW4zwNuOn41HgxAeVUOxRONXwTTa2p_ImON0wZ_wyFmWoOJncFz03gx_Tb4YLCWiawlMZjUwRp7YCe9gE_2DdatlBSB3_Kzh49Nfblr-JDArT_CCQo6wkax2dr9wllC6YhO6Vl6cnv81zzwEJe6CFseaMSp2CpZZlBON6hUW6ynaHRuuU
Frame ID: 0BA2E5B24210B999EA33BEC34028B053
Requests: 5 HTTP requests in this frame

Frame: https://s0.2mdn.net/879366/express_html_inpage_rendering_lib_200_278.js
Frame ID: 9EBE1797B2E1D59F7731758CF3E80DF4
Requests: 12 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/xbbe/pixel?d=CPDkLxCoi2UYqeTEmAEwAQ&v=APEucNW9a70WwTq9AE5qRemW1W02rh8CXlj-3ivsheCNmexUjZRvkjPZ10ubUvTHnh-INUZEc4ovnw4mIcoahVePnbSRyvlrkK12d0QaUt1QCmky29HojW0mVboXxq_6Eura0_Hdbq5-Tka5HK63FXLnllgeDg7zg7YvXv2k_lXGsb7za_tpjE8
Frame ID: 7C1946EE82755F308772FE1D870C7484
Requests: 5 HTTP requests in this frame

Frame: https://s0.2mdn.net/879366/express_html_inpage_rendering_lib_200_278.js
Frame ID: 7E0DC6D63AF9B51429C75F9607349B00
Requests: 12 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/xbbe/pixel?d=CPDkLxCoi2UY_OrEmAEwAQ&v=APEucNX4qiNqus2dTDy_l83XcUP9NFaqcPPjE65R78qml3Gi0patGIGCQZJh_p0vMzCfAI4fqglJB1mtDSOXe0evke-8V_TFvxrjZSUtqJhpzlbXh06-aOku2CjNPu4TMfLgxl0bu2p05cUI3B934_m4cpFqtGUph4aot0dbfXwJlrtBTeKnnwA
Frame ID: 2EF19C129C80433CCDD8E9EF7E593CEE
Requests: 5 HTTP requests in this frame

Frame: https://s0.2mdn.net/879366/express_html_inpage_rendering_lib_200_278.js
Frame ID: 6D735FB45FBC72D8F6271A2C48743EA7
Requests: 12 HTTP requests in this frame

Frame: https://www.merrell.com/FR/fr_FR/home
Frame ID: B9ACDA5AF73778A846075AC99954A056
Requests: 7 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/62bHydCX.html
Frame ID: ACBE2DAF450E0924247BD3F0CE623244
Requests: 3 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/62bHydCX.html
Frame ID: 95500FFC902E0031CDBF4B28E0D5BC0E
Requests: 3 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/62bHydCX.html
Frame ID: CB28DE59BC9273926B77AC4E4895A709
Requests: 3 HTTP requests in this frame

Frame: https://s0.2mdn.net/sadbundle/7135979241717318397/index.html?ev=01_250
Frame ID: D27212ADEBDF5E2A57C4FD8DCCEEF9C1
Requests: 12 HTTP requests in this frame

Frame: https://s0.2mdn.net/sadbundle/7135979241717318397/index.html?ev=01_250
Frame ID: E39F3F46A2304B7E28D6A3A4F35335CA
Requests: 12 HTTP requests in this frame

Frame: https://s0.2mdn.net/sadbundle/15205685216655332109/index.html?ev=01_250
Frame ID: 45D83B018FF8E2E91E3F4C00E18C6CA7
Requests: 14 HTTP requests in this frame

Frame: https://as.ad4m.at/ad/dr?ed=1jdcytn525d253gq9mkv2acvgq5y9yb36n5733xqmans96n7z2f1vk2y52m86m6qcn0tsyattmrpxtm04h5yddfkr3wcecwh08s4qnsp2b8aanhtbxpp5jfmr4a5m83rq4vrx4mg19ytvy5hqck339gztg6cspad714jqf44zzrmm3c98pdd373ewcs56217aam5vqxkaymr9xmygvtxmbd434km2e4jnm2kb44ednyt894etwvvvjfh716cbmgmrkznr9e1s77vtyk2rrsnge3dxb7dbjygkc3d3nka64mv1nveb4y8raykrntkc64wp0b9dxbxx1m2pknqp6kykqd1045ve5bd2tdg00hv606b6c9erve3p5fkcxnhxmmqqvzjp43c852ah4h8s7sz503n7z7c83nmjm3whbv4yqy0m4nvae7x3b0&x=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCLhjmzNS3ZefUNIOl_tMP2siSqAXi0rL2YcexjoqOCMCNtwEQASAAYPvhhYOcCoIBF2NhLXB1Yi01MzA5NDcyMDE2ODIwNjcyyAEJqQIslPxxvCiyPqgDAcgDAqoEyQFP0MVZSvSR_AEPS-iWJwPF8tT_seVxwHl-TvxtTtriJwJjeqUCi34rhT0dauxHiyssWr7Hd5NiPEaWS8nfJdHD95ri01EPEAeqCDGclYpjfmIxCWseedKj_lBfHvsaPCdoq44uyRXKPpEQXb5q6VM3wb7j9x_ZqDOJJxYwvNLzV1tvgB2R0xPRI1VUvx_aYmMIZwpXiGAsg7JfWw4c22fhsZ0BmLREqQywLjHElrhoJEPnnZhrYmajyHf8gtHt_M5WGfZUwhb320OABvjMiNHHpbHPI6AGIagHpr4bqAeW2BuoB6qbsQKoB4OtsQKoB_-esQKoB9-fsQLYBwDSCB0IgOGAEBABMgKqAjoCgEBIvf3BOljAnsfWhIOEA_oLAggBgAwB0BUBgBcB%26num%3D1%26sig%3DAOD64_31UGafS58E6dfBAsNis8fDdj5e_A%26client%3Dca-pub-5309472016820672%26adurl%3D
Frame ID: 4CC2413EF17A6671966A4964D65E09EA
Requests: 5 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/pagead/js/r20240122/r20110914/client/window_focus_fy2021.js
Frame ID: D89CC0E155B2FEF663EB382E94D6A3A5
Requests: 7 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html
Frame ID: AAA7E8A9EE1662C6B0C8C3CAC8AF0FE8
Requests: 9 HTTP requests in this frame

Frame: https://ad4m.at/cookie-frame.html
Frame ID: 725987C9D8CBA4ACFAC1EAF9B34319BD
Requests: 1 HTTP requests in this frame

Frame: https://as.ad4m.at/ad/rar?a=196790%2C197918%2C15737&b=ZkGTwfqrhzXdAHmHDHDt3t19zPSVTXTx33tJ%2CY8gUrfZxf54jDHVH9HetQt6WVpFAT1T4pphr%2CY8gUrfZxf1ezsVH9HetQtY6ACAT1T4pphr&f=9EqCMf7Aad4JKUKHBH2tzCPXQJHwTmTZYYsd%2Cq76smf3RuJQGKCZHgHDtRC45VZhPTgTA22C3%2Cq76smf3RuD9ZsZHgHDtRCK48sPTgTA22C3&c=728&d=90&e=&g=617ff30be3fdf0fb67ba411a53612b2e%2F15196297185498404435&i=71382%2C82249%2C2951&j=16%2C15%2C15&k=0&l=0&m=0&n=&p=&q=&o=suite_Netmix_Reach61_Tech&r=1706546382908&h=https%3A%2F%2Fas.ad4m.at%2Fdct%3Fed%3D1kqsw9cy4xgzckn0gjzs76be2c293cngmfs8r26sy2f0d9aq6ng3e5spwmj5783tm1tk9yqfvagmewdq9khd61bafjt9cqvrxxy2zdcyz9c99g47fy21g82xhjztbyzbxsrtcsng2s0x316p8hsa304r2xzcnf7xndn43z2c1xgd8489chq1hswswxqnpergxf1efx9ydtghyvjb2hps3y3tv25d9r2f8mr2z38htd4ctzcezb87vavm6r09j8qtk5kqzevpj48gj5a9fsw0%26h%3Dhttps%253A%252F%252Fadclick.g.doubleclick.net%252Faclk%253Fsa%253DL%2526ai%253DCLhjmzNS3ZefUNIOl_tMP2siSqAXi0rL2YcexjoqOCMCNtwEQASAAYPvhhYOcCoIBF2NhLXB1Yi01MzA5NDcyMDE2ODIwNjcyyAEJqQIslPxxvCiyPqgDAcgDAqoEyQFP0MVZSvSR_AEPS-iWJwPF8tT_seVxwHl-TvxtTtriJwJjeqUCi34rhT0dauxHiyssWr7Hd5NiPEaWS8nfJdHD95ri01EPEAeqCDGclYpjfmIxCWseedKj_lBfHvsaPCdoq44uyRXKPpEQXb5q6VM3wb7j9x_ZqDOJJxYwvNLzV1tvgB2R0xPRI1VUvx_aYmMIZwpXiGAsg7JfWw4c22fhsZ0BmLREqQywLjHElrhoJEPnnZhrYmajyHf8gtHt_M5WGfZUwhb320OABvjMiNHHpbHPI6AGIagHpr4bqAeW2BuoB6qbsQKoB4OtsQKoB_-esQKoB9-fsQLYBwDSCB0IgOGAEBABMgKqAjoCgEBIvf3BOljAnsfWhIOEA_oLAggBgAwB0BUBgBcB%2526num%253D1%2526sig%253DAOD64_31UGafS58E6dfBAsNis8fDdj5e_A%2526client%253Dca-pub-5309472016820672%2526adurl%253D&y=1&s=&z=0
Frame ID: 0DB034DB59CF2C703A3DF5AB73ED4F0E
Requests: 11 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

TURFOLOGIE: LA DOCTRINE DES TURFISTES - BIENVENUE

Detected technologies

AppNexus (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

adnxs\.(?:net|com)

DoubleClick Campaign Manager (DCM) (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

2mdn\.net

Google AdSense (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

googlesyndication\.com/
2mdn\.net

Osano (Cookie compliance) Expand

Overall confidence: 100%
Detected patterns

cookieconsent\.min\.js

Page Statistics

200
Requests

90 %
HTTPS

45 %
IPv6

40
Domains

53
Subdomains

40
IPs

7
Countries

13862 kB
Transfer

17539 kB
Size

47
Cookies

22 Outgoing links

These are links going to different origins than the main page.

URL: http://www.linkredirect.biz/script/redirect.php?url=https%3A%2F%2Fmaxjeux.jimdofree.com%2F&cp=48981&id=37578577&s=26566&said=132891&bann=240758
Title: Max-jeux

Search URL Search Domain Scan URL

URL: http://pubdirecte.com/?said=132891
Title: Pubdirecte

Search URL Search Domain Scan URL

URL: https://pubdirecte.com/?said=132891&id=132891
Title: Votre pub ici avec Pubdirecte.com

Search URL Search Domain Scan URL

URL: ftp://pronocourse.ifrance.com/
Title: TURFOLOGIE

Search URL Search Domain Scan URL

URL: http://www.root-top.com/topsite/sitespmu/in.php?ID=2

Search URL Search Domain Scan URL

URL: http://www.fortunepmu.fr.gd/

Search URL Search Domain Scan URL

URL: http://www.turfpmu.fr.gd/

Search URL Search Domain Scan URL

URL: https://elvyturf.blogspot.com/

Search URL Search Domain Scan URL

URL: http://www.jeugagnant.fr.gd/

Search URL Search Domain Scan URL

URL: http://www.chevalcourse.wixsite.com/chevalcourse

Search URL Search Domain Scan URL

URL: http://www.triotierce.fr.gd/

Search URL Search Domain Scan URL

URL: http://www.basecouple.fr.gd/

Search URL Search Domain Scan URL

URL: http://www.root-top.com/topsite/turfologie/in.php?ID=23

Search URL Search Domain Scan URL

URL: http://www.root-top.com/topsite/lesetoilesduturf/in.php?ID=317

Search URL Search Domain Scan URL

URL: http://www.jeupmu.wixsite.com/pmufr

Search URL Search Domain Scan URL

URL: http://www.franckyturf.fr.gd/

Search URL Search Domain Scan URL

URL: http://www.root-top.com/topsite/topsitedesturfistes/in.php?ID=425

Search URL Search Domain Scan URL

URL: https://yannpmu.blogspot.com/

Search URL Search Domain Scan URL

URL: https://mariacourse.blogspot.com/

Search URL Search Domain Scan URL

URL: https://www.facebook.com/pmu.turfologie/
Title: SUIVEZ-NOUS SUR FACEBOOK

Search URL Search Domain Scan URL

URL: https://www.facebook.com/turfologie/
Title: https://www.facebook.com/Turfologie/

Search URL Search Domain Scan URL

URL: https://www.ma-page.fr/?c=4000&utm_source=selfpromotion&utm_campaign=overlay&utm_medium=footer
Title: Ce site web a été créé gratuitement avec Ma-page.fr. Tu veux aussi ton propre site web ? S'inscrire gratuitement

Search URL Search Domain Scan URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 50

https://t.adcell.com/p/image?promoId=364452&slotId=105746 HTTP 302
https://feuerwehrstore.de/media/image/41/f5/7a/300-250-copyZO0mcZt7SwAPP.jpg

Request Chain 93

https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_dbm HTTP 302
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEMG2w2nz40OKU-mAHwBonsc&google_cver=1

Request Chain 94

https://dsum-sec.casalemedia.com/rrum?ixi=0&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D HTTP 302
https://dsum-sec.casalemedia.com/rrum?cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D&cm_dsp_id=85&ixi=0&C=1 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_hm=ZbfUzWrMKxylSHZdiR77bwAA HTTP 302
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEC0jBzPwf82U5Ew1_nZFu4Q&google_cver=1

Request Chain 95

https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_cm&google_dbm HTTP 302
https://ib.adnxs.com/setuid?entity=101&code=CAESEKhaqv3NuynChpIlBEj8VYQ&google_cver=1

Request Chain 96

https://ib.adnxs.com/getuid?https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=${BASE64_UID_ENC} HTTP 307
https://ib.adnxs.com/bounce?%2Fgetuid%3Fhttps%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dappnexus%26google_hm%3D%24%7BBASE64_UID_ENC%7D HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=NTgyMjMzNzA1ODIzNDMzOTAyMA%3D%3D

Request Chain 97

https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_dbm HTTP 302
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEBSHVqqzUOd5PJcvbzazcVg&google_cver=1

Request Chain 98

https://dsum-sec.casalemedia.com/rrum?ixi=0&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D HTTP 302
https://dsum-sec.casalemedia.com/rrum?cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D&cm_dsp_id=85&ixi=0&C=1 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_hm=ZbfUzbofVCmHprPBZAQudAAA HTTP 302
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEC0jBzPwf82U5Ew1_nZFu4Q&google_cver=1

Request Chain 99

https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_cm&google_dbm HTTP 302
https://ib.adnxs.com/setuid?entity=101&code=CAESEPAT0UzppAiVxcLUteEx_6U&google_cver=1

Request Chain 100

https://ib.adnxs.com/getuid?https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=${BASE64_UID_ENC} HTTP 307
https://ib.adnxs.com/bounce?%2Fgetuid%3Fhttps%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dappnexus%26google_hm%3D%24%7BBASE64_UID_ENC%7D HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=MzI4NDM2Nzk0MDEwMzA2NDA3

Request Chain 102

https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_dbm HTTP 302
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEMM09K6CS8KN96e1Y4_2eok&google_cver=1

Request Chain 103

https://dsum-sec.casalemedia.com/rrum?ixi=0&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D HTTP 302
https://dsum-sec.casalemedia.com/rrum?cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D&cm_dsp_id=85&ixi=0&C=1 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_hm=ZbfUzUP2rtXUpkO52ViA9gAA HTTP 302
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEC0jBzPwf82U5Ew1_nZFu4Q&google_cver=1

Request Chain 104

https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_cm&google_dbm HTTP 302
https://ib.adnxs.com/setuid?entity=101&code=CAESEGlx3rJb3RQmV_vpfnLZ1Yk&google_cver=1

Request Chain 105

https://ib.adnxs.com/getuid?https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=${BASE64_UID_ENC} HTTP 307
https://ib.adnxs.com/bounce?%2Fgetuid%3Fhttps%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dappnexus%26google_hm%3D%24%7BBASE64_UID_ENC%7D HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=NTA2NzQ5NTcwNDc2MTY0NTY5Ng%3D%3D

Request Chain 132

https://pm.w55c.net/ping_match.gif?ei=GOOGLE&rurl=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3D9675309%26google_hm%3D_wfivefivec64esc_&google_gid=CAESEJ4pDeXgFeUMxDvWKBZIZWA&google_cver=1&google_push=AXcoOmQx8NJVgab4AjHdE3VnfSrTgMPFeCywG0vvPtHaMjkNf7J3j8EZvvW9a5D9BWYTpGbF4ysrVQCSSE6DEkQS_2f_nY4H4R5F5ljcsajn78f2XvnOo4u65tqzdriOYhwiOCiDfSr50D9U-up0sVFUyjWG6VE HTTP 302
https://pm.w55c.net/ping_match.gif?scc=1&ei=GOOGLE&rurl=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3D9675309%26google_hm%3D_wfivefivec64esc_&google_gid=CAESEJ4pDeXgFeUMxDvWKBZIZWA&google_cver=1&google_push=AXcoOmQx8NJVgab4AjHdE3VnfSrTgMPFeCywG0vvPtHaMjkNf7J3j8EZvvW9a5D9BWYTpGbF4ysrVQCSSE6DEkQS_2f_nY4H4R5F5ljcsajn78f2XvnOo4u65tqzdriOYhwiOCiDfSr50D9U-up0sVFUyjWG6VE HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=9675309&google_hm=RlplS2dPRmMxUnV1RkQ1&google_gid=CAESEJ4pDeXgFeUMxDvWKBZIZWA&google_cver=1&google_push=AXcoOmQx8NJVgab4AjHdE3VnfSrTgMPFeCywG0vvPtHaMjkNf7J3j8EZvvW9a5D9BWYTpGbF4ysrVQCSSE6DEkQS_2f_nY4H4R5F5ljcsajn78f2XvnOo4u65tqzdriOYhwiOCiDfSr50D9U-up0sVFUyjWG6VE

Request Chain 133

https://um.simpli.fi/gp_match?google_gid=CAESEFmO0y2gDPT7amutkpzmvxc&google_cver=1&google_push=AXcoOmR1_Y1hHEi1d_ujIVGFVhIMXbNwO-yltMt6xxTxMCe_8ElTzN6WR_0k1UopUwTTvpEQvmpZTg9NQIVo7txbEsj9KaKyyiSmMDvX-lAiRKS39ITa38fRHAxnwooOG8Fl6vpuYx2E8JjCyOnUePw5561QqHI HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=simplifi&google_hm=D5096B85F26746338EE1CC398306A2CB&google_push=AXcoOmR1_Y1hHEi1d_ujIVGFVhIMXbNwO-yltMt6xxTxMCe_8ElTzN6WR_0k1UopUwTTvpEQvmpZTg9NQIVo7txbEsj9KaKyyiSmMDvX-lAiRKS39ITa38fRHAxnwooOG8Fl6vpuYx2E8JjCyOnUePw5561QqHI

Request Chain 135

https://e.dlx.addthis.com/e/a-1189/s-3614?redirect_provider_id=3614&ru=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Ddatalogix_dmp%26google_hm%3D%3CNA_ID%3E%26google_push%3DAXcoOmSkXPF-c7x2nJ1PDjTlt-k6M9DXUh_BgNydOSK12M0W19W0MWv4XIDslTJ3_RoQIjoSh-nQ6GBUv5XWRqFtRcSTEBXD2fgD7idhd183ldfOY6M1cTQxWObk8R-wnfegqkizzXqJagbAaSZ40ckJUKRSeME&google_gid=CAESEM0up0JooE8ASkiW-kU2ksI&google_cver=1 HTTP 302
https://e.dlx.addthis.com/e/a-1189/s-3614?redirect_provider_id=3614&ru=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Ddatalogix_dmp%26google_hm%3D%3CNA_ID%3E%26google_push%3DAXcoOmSkXPF-c7x2nJ1PDjTlt-k6M9DXUh_BgNydOSK12M0W19W0MWv4XIDslTJ3_RoQIjoSh-nQ6GBUv5XWRqFtRcSTEBXD2fgD7idhd183ldfOY6M1cTQxWObk8R-wnfegqkizzXqJagbAaSZ40ckJUKRSeME&google_gid=CAESEM0up0JooE8ASkiW-kU2ksI&google_cver=1&rd=Y HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=datalogix_dmp&google_hm=MjAyNDAxMjkxNjM5NDEwMDAxNTI5OTkwNzYxNw%3D%3D&google_push=AXcoOmSkXPF-c7x2nJ1PDjTlt-k6M9DXUh_BgNydOSK12M0W19W0MWv4XIDslTJ3_RoQIjoSh-nQ6GBUv5XWRqFtRcSTEBXD2fgD7idhd183ldfOY6M1cTQxWObk8R-wnfegqkizzXqJagbAaSZ40ckJUKRSeME

Request Chain 142

https://api.yieldads.net/redirect?publisherId=45bc403dq64rzpuj&market=de&placementId=14426602d095f6046b3a008e7d69186a78de6ab3895e575d5502ceca210bae00&placementId2=60c9106a-dd7b-4f3b-9789-441523dd3c5e&fp=W3sia2V5IjoidXNlcl9hZ2VudCIsInZhbHVlIjoiTW96aWxsYS81LjAgKFdpbmRvd3MgTlQgMTAuMDsgV2luNjQ7IHg2NCkgQXBwbGVXZWJLaXQvNTM3LjM2IChLSFRNTCwgbGlrZSBHZWNrbykgQ2hyb21lLzEyMC4wLjYwOTkuMjI0IFNhZmFyaS81MzcuMzYifSx7ImtleSI6Imxhbmd1YWdlIiwidmFsdWUiOiJlbi1VUyJ9LHsia2V5IjoibmF2aWdhdG9yX3BsYXRmb3JtIiwidmFsdWUiOiJXaW4zMiJ9LHsia2V5IjoicmVndWxhcl9wbHVnaW5zIiwidmFsdWUiOlsiQ2hyb21lIFBERiBQbHVnaW46OlBvcnRhYmxlIERvY3VtZW50IEZvcm1hdDo6YXBwbGljYXRpb24veC1nb29nbGUtY2hyb21lLXBkZn5wZGYiLCJDaHJvbWUgUERGIFZpZXdlcjo6OjphcHBsaWNhdGlvbi9wZGZ%2BcGRmIiwiTmF0aXZlIENsaWVudDo6OjphcHBsaWNhdGlvbi94LW5hY2x%2BLGFwcGxpY2F0aW9uL3gtcG5hY2x%2BIl19LHsia2V5IjoianNfZm9udHMiLCJ2YWx1ZSI6W119LHsia2V5IjoiYXBwX2NvZGVfbmFtZSIsInZhbHVlIjoiTW96aWxsYSJ9LHsia2V5IjoiYnVpbGRfaWQiLCJ2YWx1ZSI6IiJ9LHsia2V5IjoicHJvZHVjdCIsInZhbHVlIjoiR2Vja28ifSx7ImtleSI6InZlbmRvciIsInZhbHVlIjoiR29vZ2xlIEluYy4ifSx7ImtleSI6InZlbmRvcl9zdWIiLCJ2YWx1ZSI6IiJ9LHsia2V5IjoiYXBwX3ZlcnNpb24iLCJ2YWx1ZSI6IjUuMCAoV2luZG93cyBOVCAxMC4wOyBXaW42NDsgeDY0KSBBcHBsZVdlYktpdC81MzcuMzYgKEtIVE1MLCBsaWtlIEdlY2tvKSBDaHJvbWUvMTIwLjAuNjA5OS4yMjQgU2FmYXJpLzUzNy4zNiJ9XQ%3D%3D HTTP 302
https://nakoona.com/y?t=merrell.com&cid=a3cbfaf734bffba709eee0dd9f49a3715d4dae0116ec588b46f06fcb2948ceec&identifier=c150519a19414017 HTTP 302
https://nakoona.com/search/merrell.com

Request Chain 181

https://r.linksprf.com/v1/redirect?url=https://merrell.com&api_key=0c9f1e13224812486ecdd05fb272f01d&site_id=5a43b939b8a5408586ff2f7960675eb5&type=url&source=https://nakoona.com/de/search/merrell.com&yk_tag=a3cbfaf734bffba709eee0dd9f49a3715d4dae0116ec588b46f06fcb2948ceec HTTP 302
https://r.linksprf.com/v2/go?t=ct6p6%3Ae%2Fewb.5i6kdu7.4o0%2F4r8cd%2F3b9b3F1y0G4r3Svjd_ummBcJlVeQrMmU2vF5%25_3os6tbhtluunBJ8EXx_a1pLo9rf_a4Z9Pc%3F0rY%3DjtOph%25aAW2L%25EFGeXrhlw.yox%26biA%3D90e0B0o0V4p8c62dkca4t8m7c4x1banfl1w1wc%2F2sft9h&e=1&ai=90e870cab1ea4219a7c796eaca5aa44e&sct=0&ct=1706546381852&cu=63ddc8448074471da6f51b1ece26f69c&ykuid=4fd70b69842d480dac2b29e52dc82045&sc=1&cs=85688ccf704d6b15c3ade70a2ef3f928

Request Chain 186

https://prf.hn/click/camref:1100lvhsR/pubref:lb_44t3q1x/[subaffiliatedomain:https%3A%2F%2Fwww.yieldkit.com%2F]/destination:https%3A%2F%2Fmerrell.com HTTP 302
https://merrell.com/?clickref=1100lycgIMnk HTTP 301
https://www.merrell.com/ HTTP 301
https://www.merrell.com/US/en/gateway?utm_source=Criteo&utm_medium=Display_Prospecting&utm_campaign=DIS_PROS-MERR-US-ECOM-EVERGREEN-MID_FUNNEL-LAL&utm_content=Dynamic&cto_pld=uXiXSUQJAQBbvO98FaUNDg HTTP 301
https://www.merrell.com/FR/fr_FR/incoming?cto_pld=uXiXSUQJAQBbvO98FaUNDg&utm_campaign=DIS_PROS-MERR-US-ECOM-EVERGREEN-MID_FUNNEL-LAL&utm_medium=Display_Prospecting&utm_source=Criteo&utm_content=Dynamic HTTP 301
https://www.merrell.com/FR/fr_FR/home

Request Chain 197

https://action.metaffiliation.com/trk.php?maff=P4E34356C8631D13&argsite=oneidY8gUrfZxf1ezsVH9HetQtY6ACAT1T4pphroneid__suite_Netmix_Reach61_Tech&gdpr_consent=&gdpr=0&gdpr_pd=0 HTTP 302
https://img.metaffiliation.com/4/58179/img_13_13_33.gif

200 HTTP transactions
5 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H/1.1 200
OK Primary Request / Show response
turfologie.fr.gd/ 532 KB
349 KB 420ms
154ms Document
text/html 193.238.27.28
IPX-AS15598

General

Check archive.org

Show headers Download Go to

Full URL: https://turfologie.fr.gd/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 193.238.27.28 , Germany, ASN15598 (IPX-AS15598, DE),
Reverse DNS: fr.gd
Software: nginx /
Resource Hash: 4dcbe1af30b1a82ce448bd78e809e00c077c0e5aaef6425308baffe1b2614114

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
accept-language: fr-FR,fr;q=0.9

Response headers

Accept-Ranges: bytes
Age: 0
Cache-Control: no-store, no-cache, must-revalidate
Connection: keep-alive
Content-Encoding: gzip
Content-Type: text/html; charset=ISO-8859-15
Date: Mon, 29 Jan 2024 16:39:39 GMT
Expires: Thu, 19 Nov 1981 08:52:00 GMT
Pragma: no-cache
Server: nginx
Transfer-Encoding: chunked
Vary: User-Agent,Accept-Encoding
Via: 1.1 varnish-v4
X-Varnish: 325691613
X-wm-1: b5c15a4f00826b560de2380c0e08f5b7
X-wm-VIP: 193.238.27.28
X-wm-req.backend: SitesGET
X-wm-req.backend.healthy: true
X-wm-req.restarts: 0

GET
H2 200 cookieconsent.min.js Show response
cdnjs.cloudflare.com/ajax/libs/cookieconsent2/1.0.9/ 4 KB
2 KB 83ms
32ms Script
application/javascript 2606:4700::6811:180e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdnjs.cloudflare.com/ajax/libs/cookieconsent2/1.0.9/cookieconsent.min.js

Requested by

Host: turfologie.fr.gd
URL: https://turfologie.fr.gd/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6811:180e , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

190fc02d8e8f1dd5acc40f48d0d6203e6115eb31e3f47f55db0c3f07797d68f0

Security Headers

Name	Value
Strict-Transport-Security	max-age=15780000
X-Content-Type-Options	nosniff

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://turfologie.fr.gd/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Mon, 29 Jan 2024 16:39:39 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=15780000
age: 5318904
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 1618
last-modified: Mon, 04 May 2020 16:09:17 GMT
server: cloudflare
cf-cdnjs-via: cfworker/kv
etag: "5eb03e2d-11d8"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=UOnBvlpM2XWmjZJLkuBbVbN1GkETCtEsA1yRiyT%2BniEjf3U0O32N3lJ4lxbZRDJcQ4IE1f9qgQuC904uluvpxl4KHg26mn%2BJny2%2BIiTZ2bxH3P3Wb8%2FWwBhuRs9XHnbIEVl0L8JqkYl%2B%2B9LLubKUrELh"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: public, max-age=30672000
accept-ranges: bytes
timing-allow-origin: *
cf-ray: 84d2e998fd2c02b1-CDG
expires: Sat, 18 Jan 2025 16:39:39 GMT

GET
H2 200 adsbygoogle.js Show response
pagead2.googlesyndication.com/pagead/js/ 149 KB
51 KB 175ms
103ms Script
text/javascript 2a00:1450:4001:827::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js?client=ca-pub-5309472016820672&host=ca-host-pub-1483906849246906

Requested by

Host: turfologie.fr.gd
URL: https://turfologie.fr.gd/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

43a58bdef8d1816ea065c003217da26881fe93168ef4264ef31559c9126a591e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://turfologie.fr.gd/
Origin: https://turfologie.fr.gd
accept-language: fr-FR,fr;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Mon, 29 Jan 2024 16:39:39 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 51379
x-xss-protection: 0
server: cafe
etag: 15450632343672260532
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=3600, stale-while-revalidate=3600
timing-allow-origin: *
link: <https://googleads.g.doubleclick.net>; rel="preconnect"; crossorigin
expires: Mon, 29 Jan 2024 16:39:39 GMT

GET
H/1.1 200
OK navi_top.gif
theme.webme.com/designs/red/images/ 179 B
593 B 253ms
30ms Image
image/gif 178.162.223.113
LEASEWEB-DE-FRA-10

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://theme.webme.com/designs/red/images/navi_top.gif
Requested by: Host: turfologie.fr.gd
URL: https://turfologie.fr.gd/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 178.162.223.113 Schwerte, Germany, ASN28753 (LEASEWEB-DE-FRA-10, DE),
Reverse DNS: misc.webme.com
Software: nginx /
Resource Hash: 54ad7cfdcc7748fb783d92d9d666f5759a29bda63e567910ce1cf8eff6967896

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://turfologie.fr.gd/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

Date: Mon, 29 Jan 2024 16:39:39 GMT
Via: 1.1 varnish-v4, 1.1 varnish-v4
Last-Modified: Tue, 20 May 2014 07:37:46 GMT
Server: nginx
X-wm-VIP: 193.238.27.17
Age: 18905
Content-Type: image/gif
X-Varnish: 302941846, 481612846 481661678
Cache-Control: max-age=3628800
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 179
Expires: Mon, 11 Mar 2024 11:24:34 GMT

GET
H/1.1 200
OK navi_bottom.gif
theme.webme.com/designs/red/images/ 76 B
489 B 262ms
31ms Image
image/gif 178.162.223.113
LEASEWEB-DE-FRA-10

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://theme.webme.com/designs/red/images/navi_bottom.gif
Requested by: Host: turfologie.fr.gd
URL: https://turfologie.fr.gd/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 178.162.223.113 Schwerte, Germany, ASN28753 (LEASEWEB-DE-FRA-10, DE),
Reverse DNS: misc.webme.com
Software: nginx /
Resource Hash: 1fd6969927a4a317c74fd5afac662d8cc4ed463a3bfa0e8451727b190e1b94c6

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://turfologie.fr.gd/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

Date: Mon, 29 Jan 2024 16:39:39 GMT
Via: 1.1 varnish-v4, 1.1 varnish-v4
Last-Modified: Tue, 20 May 2014 07:37:46 GMT
Server: nginx
X-wm-VIP: 193.238.27.17
Age: 18905
Content-Type: image/gif
X-Varnish: 301603685, 481612848 480354167
Cache-Control: max-age=3628800
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 76
Expires: Mon, 11 Mar 2024 11:24:34 GMT

GET
H/1.1 200
OK cont_top.gif
theme.webme.com/designs/red/images/ 3 KB
3 KB 265ms
31ms Image
image/gif 178.162.223.113
LEASEWEB-DE-FRA-10

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://theme.webme.com/designs/red/images/cont_top.gif
Requested by: Host: turfologie.fr.gd
URL: https://turfologie.fr.gd/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 178.162.223.113 Schwerte, Germany, ASN28753 (LEASEWEB-DE-FRA-10, DE),
Reverse DNS: misc.webme.com
Software: nginx /
Resource Hash: 1666ec75f3cb121771756e411f628196bfd832b35d223d84f0fee320aaf05a45

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://turfologie.fr.gd/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

Date: Mon, 29 Jan 2024 16:39:39 GMT
Via: 1.1 varnish-v4, 1.1 varnish-v4
Last-Modified: Tue, 20 May 2014 07:37:46 GMT
Server: nginx
X-wm-VIP: 193.238.27.17
Age: 19005
Content-Type: image/gif
X-Varnish: 294974918, 483314098 481176140
Cache-Control: max-age=3628800
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 2582
Expires: Mon, 11 Mar 2024 11:22:54 GMT

GET
H/1.1 200
OK banniere.php Show response
pubdirecte.com/script/ 2 KB
1 KB 289ms
34ms Script
application/javascript 95.142.100.82
ATOM86-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://pubdirecte.com/script/banniere.php?said=132891
Requested by: Host: turfologie.fr.gd
URL: https://turfologie.fr.gd/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 95.142.100.82 , Netherlands, ASN47543 (ATOM86-AS, NL),
Reverse DNS: ofwallet.bestpaths.net
Software: Apache /
Resource Hash: ca346dbc70307d4bb3ecf4e9fb38c3d24647d139cbb7a4bbef77c0097308aed3

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://turfologie.fr.gd/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

Pragma: no-cache
Date: Mon, 29 Jan 2024 16:39:39 GMT
Content-Encoding: gzip
Server: Apache
X-ssl: 1
Vary: Accept-Encoding,User-Agent
Content-Type: application/javascript
Access-Control-Allow-Origin: *
Cache-Control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
Connection: close
Content-Length: 662
Expires: Sun, 01 Jan 2014 00:00:00 GMT

GET
H2 200 images
t3.gstatic.com/ 9 KB
9 KB 130ms
33ms Image
image/jpeg 2a00:1450:4001:80f::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://t3.gstatic.com/images?q=tbn:ANd9GcRyN4ispYXXSX3TbPUDRKn1xrfWH4fDvkWcTqSI8QtjyjwK8Bskyg

Requested by

Host: turfologie.fr.gd
URL: https://turfologie.fr.gd/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80f::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

e2a3eb1a03693266907509ffeb5ea09db2bc6a3243e334eb9c01dc4fbada4a8f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://turfologie.fr.gd/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Mon, 29 Jan 2024 11:35:34 GMT
x-content-type-options: nosniff
age: 18245
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/images-tbn
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 9110
x-xss-protection: 0
last-modified: Thu, 31 Dec 2015 23:52:14 GMT
server: sffe
report-to: {"group":"images-tbn","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/images-tbn"}]}
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="images-tbn"
expires: Tue, 28 Jan 2025 11:35:34 GMT

GET
H/1.1 200
OK 5936eaff2200001500c6c942.gif
img.webme.com/pic/t/turfologie/ 65 KB
66 KB 234ms
63ms Image
image/gif 178.162.223.114
LEASEWEB-DE-FRA-10

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://img.webme.com/pic/t/turfologie/5936eaff2200001500c6c942.gif
Requested by: Host: turfologie.fr.gd
URL: https://turfologie.fr.gd/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 178.162.223.114 Schwerte, Germany, ASN28753 (LEASEWEB-DE-FRA-10, DE),
Reverse DNS: img.webme.com
Software: nginx /
Resource Hash: 553b860f94773ca8e317533a2d099e9326f369792cd4cb21052c0cb5d5f80aa7

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://turfologie.fr.gd/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

Date: Mon, 29 Jan 2024 16:39:39 GMT
Via: 1.1 varnish-v4, 1.1 varnish-v4
Last-Modified: Tue, 02 Oct 2018 14:57:34 GMT
Server: nginx
X-wm-VIP: 193.238.27.18
Age: 27894
ETag: "5bb3875e-10539"
X-Varnish: 262773246, 481612834 472622133
Content-Type: image/gif
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 66873

GET
H2 200 1.gif
1.bp.blogspot.com/-BD5RmPbbXEw/WePsXr6sfZI/AAAAAAAAAHk/xA9VeXE9njYRxTLmxU5vhYzFYaaXiscKACLcBGAs/s1600/ 12 KB
12 KB 105ms
33ms Image
image/gif 2a00:1450:4001:831::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://1.bp.blogspot.com/-BD5RmPbbXEw/WePsXr6sfZI/AAAAAAAAAHk/xA9VeXE9njYRxTLmxU5vhYzFYaaXiscKACLcBGAs/s1600/1.gif

Requested by

Host: turfologie.fr.gd
URL: https://turfologie.fr.gd/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:831::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

fife /

Resource Hash

841daeb38076ca3b8f1023b2ed02d28409b48ed9613eebf2f739dc7d2183f93b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://turfologie.fr.gd/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Mon, 29 Jan 2024 15:21:46 GMT
x-content-type-options: nosniff
age: 4673
content-disposition: inline;filename="1.gif"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 11928
x-xss-protection: 0
server: fife
etag: "v7b"
vary: Origin
content-type: image/gif
access-control-allow-origin: *
access-control-expose-headers: Content-Length
cache-control: public, max-age=86400, no-transform
timing-allow-origin: *
expires: Tue, 30 Jan 2024 15:21:46 GMT

GET
H2 200 7-Fortunepmu.jpg
3.bp.blogspot.com/-0buXtmhM_Bo/WeP0sRgGFcI/AAAAAAAAAIY/ejgorUHYluc3_liBj-el_lynYZCeFmeCQCLcBGAs/s1600/ 7 KB
7 KB 105ms
32ms Image
image/jpeg 2a00:1450:4001:831::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://3.bp.blogspot.com/-0buXtmhM_Bo/WeP0sRgGFcI/AAAAAAAAAIY/ejgorUHYluc3_liBj-el_lynYZCeFmeCQCLcBGAs/s1600/7-Fortunepmu.jpg

Requested by

Host: turfologie.fr.gd
URL: https://turfologie.fr.gd/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:831::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

fife /

Resource Hash

0ff70c3d9aedd4f0ca4024d40c709184fc5f3376ed65e14dd3bb6fb047d6b26a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://turfologie.fr.gd/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Mon, 29 Jan 2024 15:21:47 GMT
x-content-type-options: nosniff
age: 4672
content-disposition: inline;filename="7-Fortunepmu.jpg"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 7373
x-xss-protection: 0
server: fife
etag: "v8b"
vary: Origin
content-type: image/jpeg
access-control-allow-origin: *
access-control-expose-headers: Content-Length
cache-control: public, max-age=86400, no-transform
timing-allow-origin: *
expires: Tue, 30 Jan 2024 15:21:47 GMT

GET
H2 200 6-Turfpmu.jpg
2.bp.blogspot.com/-LuCkl6Foklk/WeP0rvxX2PI/AAAAAAAAAIQ/IneZz9cB4LQnPrfv35BOYO7DLmwzxqxMQCLcBGAs/s1600/ 3 KB
3 KB 105ms
32ms Image
image/jpeg 2a00:1450:4001:831::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://2.bp.blogspot.com/-LuCkl6Foklk/WeP0rvxX2PI/AAAAAAAAAIQ/IneZz9cB4LQnPrfv35BOYO7DLmwzxqxMQCLcBGAs/s1600/6-Turfpmu.jpg

Requested by

Host: turfologie.fr.gd
URL: https://turfologie.fr.gd/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:831::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

fife /

Resource Hash

df1223d55de9b704eee83ada4110b2c72ac62150620b5b7ba9969fbdc5f0f670

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://turfologie.fr.gd/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Mon, 29 Jan 2024 15:21:47 GMT
x-content-type-options: nosniff
age: 4672
content-disposition: inline;filename="6-Turfpmu.jpg"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 2753
x-xss-protection: 0
server: fife
etag: "v8b"
vary: Origin
content-type: image/jpeg
access-control-allow-origin: *
access-control-expose-headers: Content-Length
cache-control: public, max-age=86400, no-transform
timing-allow-origin: *
expires: Tue, 30 Jan 2024 15:21:47 GMT

GET
H2 200 5-Elvyturf.jpg
4.bp.blogspot.com/-zrp7AJ5IDIo/WeP0rYo67SI/AAAAAAAAAIM/4MkNeX01eYsxKBq1gbW-YQ-omLlsm1IdACLcBGAs/s1600/ 4 KB
4 KB 155ms
41ms Image
image/jpeg 2a00:1450:4001:831::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://4.bp.blogspot.com/-zrp7AJ5IDIo/WeP0rYo67SI/AAAAAAAAAIM/4MkNeX01eYsxKBq1gbW-YQ-omLlsm1IdACLcBGAs/s1600/5-Elvyturf.jpg

Requested by

Host: turfologie.fr.gd
URL: https://turfologie.fr.gd/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:831::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

fife /

Resource Hash

dd694ce4f5c42e852c4fefe654d7e946e3febca32a9b225f0d2533c4c09a7af4

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://turfologie.fr.gd/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Mon, 29 Jan 2024 15:21:46 GMT
x-content-type-options: nosniff
age: 4673
content-disposition: inline;filename="5-Elvyturf.jpg"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 3846
x-xss-protection: 0
server: fife
etag: "v8b"
vary: Origin
content-type: image/jpeg
access-control-allow-origin: *
access-control-expose-headers: Content-Length
cache-control: public, max-age=86400, no-transform
timing-allow-origin: *
expires: Tue, 30 Jan 2024 15:21:46 GMT

GET
H2 200 9-Jeugagnant.jpg
1.bp.blogspot.com/-mm4blhBro28/WeP1R9wSsSI/AAAAAAAAAIg/GNdkb8XyBJA7poDE6cyOsiHs3k4Kpw_5wCLcBGAs/s1600/ 3 KB
3 KB 111ms
45ms Image
image/jpeg 2a00:1450:4001:831::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://1.bp.blogspot.com/-mm4blhBro28/WeP1R9wSsSI/AAAAAAAAAIg/GNdkb8XyBJA7poDE6cyOsiHs3k4Kpw_5wCLcBGAs/s1600/9-Jeugagnant.jpg

Requested by

Host: turfologie.fr.gd
URL: https://turfologie.fr.gd/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:831::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

fife /

Resource Hash

5fe6d6f3586a8cd3eb4854532649dadd38d5c783ebc54e18f4ee53760cdea049

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://turfologie.fr.gd/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Mon, 29 Jan 2024 15:21:47 GMT
x-content-type-options: nosniff
age: 4672
content-disposition: inline;filename="9-Jeugagnant.jpg"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 3360
x-xss-protection: 0
server: fife
etag: "v8b"
vary: Origin
content-type: image/jpeg
access-control-allow-origin: *
access-control-expose-headers: Content-Length
cache-control: public, max-age=86400, no-transform
timing-allow-origin: *
expires: Tue, 30 Jan 2024 15:21:47 GMT

GET
H2 200 2.jpg
1.bp.blogspot.com/-5vVMQdatzKE/WePtEHIzIII/AAAAAAAAAHo/BscQJqA2JGY622rB36fO-nn9FMs74_jXACLcBGAs/s1600/ 7 KB
7 KB 107ms
41ms Image
image/jpeg 2a00:1450:4001:831::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://1.bp.blogspot.com/-5vVMQdatzKE/WePtEHIzIII/AAAAAAAAAHo/BscQJqA2JGY622rB36fO-nn9FMs74_jXACLcBGAs/s1600/2.jpg

Requested by

Host: turfologie.fr.gd
URL: https://turfologie.fr.gd/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:831::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

fife /

Resource Hash

e9ce2ffeea5b16b30a437724a8e2d62c3fb24c79946ee6b2b9dd04e5f925ee27

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://turfologie.fr.gd/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Mon, 29 Jan 2024 15:21:46 GMT
x-content-type-options: nosniff
age: 4673
content-disposition: inline;filename="2.jpg"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 7042
x-xss-protection: 0
server: fife
etag: "v7b"
vary: Origin
content-type: image/jpeg
access-control-allow-origin: *
access-control-expose-headers: Content-Length
cache-control: public, max-age=86400, no-transform
timing-allow-origin: *
expires: Tue, 30 Jan 2024 15:21:46 GMT

GET
H2 200 8-Triotierce.jpg
3.bp.blogspot.com/-HkOXoFzsoJY/WeP0sqqvUuI/AAAAAAAAAIc/mbH6RHcOD8YzeCAts9mos3esNLkTtfgSwCLcBGAs/s1600/ 3 KB
4 KB 103ms
37ms Image
image/jpeg 2a00:1450:4001:831::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://3.bp.blogspot.com/-HkOXoFzsoJY/WeP0sqqvUuI/AAAAAAAAAIc/mbH6RHcOD8YzeCAts9mos3esNLkTtfgSwCLcBGAs/s1600/8-Triotierce.jpg

Requested by

Host: turfologie.fr.gd
URL: https://turfologie.fr.gd/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:831::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

fife /

Resource Hash

7ff761f2ba0d8641eed5cbd75d0d86f2c82e1171c6b85db25b9f0e56da21e4be

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://turfologie.fr.gd/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Mon, 29 Jan 2024 15:21:46 GMT
x-content-type-options: nosniff
age: 4673
content-disposition: inline;filename="8-Triotierce.jpg"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 3489
x-xss-protection: 0
server: fife
etag: "v8b"
vary: Origin
content-type: image/jpeg
access-control-allow-origin: *
access-control-expose-headers: Content-Length
cache-control: public, max-age=86400, no-transform
timing-allow-origin: *
expires: Tue, 30 Jan 2024 15:21:46 GMT

GET
H2 200 10-Basecouple.jpg
3.bp.blogspot.com/-59og58k-L8k/WeP1Rw8OqzI/AAAAAAAAAIo/OM9CRBd6BGsgFMWLYjEAfL0eh7odAfLugCLcBGAs/s1600/ 3 KB
3 KB 34ms
34ms Image
image/jpeg 2a00:1450:4001:831::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://3.bp.blogspot.com/-59og58k-L8k/WeP1Rw8OqzI/AAAAAAAAAIo/OM9CRBd6BGsgFMWLYjEAfL0eh7odAfLugCLcBGAs/s1600/10-Basecouple.jpg

Requested by

Host: turfologie.fr.gd
URL: https://turfologie.fr.gd/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:831::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

fife /

Resource Hash

d25c183a7ea5847b7502fdec80211907a7dd9dbb824461c1592809e467a2c64c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://turfologie.fr.gd/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Mon, 29 Jan 2024 15:21:46 GMT
x-content-type-options: nosniff
age: 4673
content-disposition: inline;filename="10-Basecouple.jpg"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 2914
x-xss-protection: 0
server: fife
etag: "v8b"
vary: Origin
content-type: image/jpeg
access-control-allow-origin: *
access-control-expose-headers: Content-Length
cache-control: public, max-age=86400, no-transform
timing-allow-origin: *
expires: Tue, 30 Jan 2024 15:21:46 GMT

GET
H2 200 image.png
static.wixstatic.com/media/73840e_39fb5ede54a04dda8ce2fe6632a79cf0~mv2.png/v1/fill/w_94,h_63,al_c,lg_1,q_85,enc_auto/ 7 KB
7 KB 125ms
35ms Image
image/webp 2600:9000:2057:9800:1e:5c56:d400:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://static.wixstatic.com/media/73840e_39fb5ede54a04dda8ce2fe6632a79cf0~mv2.png/v1/fill/w_94,h_63,al_c,lg_1,q_85,enc_auto/image.png
Requested by: Host: turfologie.fr.gd
URL: https://turfologie.fr.gd/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2057:9800:1e:5c56:d400:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: openresty/1.21.4.1 /
Resource Hash: 7394eeaf28b5df7e74fa81967eb75e52a9931abe1eaa34b30ed39f8f80a2c104

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://turfologie.fr.gd/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Tue, 09 Jan 2024 19:12:14 GMT
via: 1.1 google, 1.1 d3039ad83798b26ecb9f9f1e666afe26.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA6-C1
age: 1718845
x-cache: Hit from cloudfront
alt-svc: h3=":443"; ma=86400
content-length: 6948
wix-tracer: 2ajMSUZ1c5aQ7h9hCD7mZ12Weqg
server: openresty/1.21.4.1
vary: Accept
content-type: image/webp
access-control-allow-origin: *
cache-control: public, max-age=15552000, immutable
timing-allow-origin: *
x-amz-cf-id: rNEIYLLHCVNMJed3r67v24UOGbIYRehQ2VJT3fr1IlP6flwDbkgMmw==
x-seen-by: image-manipulator-7c76496fbd-vhhxk

GET
H2 200 4-Jeupmu.jpg
2.bp.blogspot.com/-xq2Gpuafdug/WeP0ri4QeTI/AAAAAAAAAIU/I74QvrB3ZhAlUYl7VlbsnR7u0nW_Pe0swCLcBGAs/s1600/ 3 KB
3 KB 36ms
35ms Image
image/jpeg 2a00:1450:4001:831::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://2.bp.blogspot.com/-xq2Gpuafdug/WeP0ri4QeTI/AAAAAAAAAIU/I74QvrB3ZhAlUYl7VlbsnR7u0nW_Pe0swCLcBGAs/s1600/4-Jeupmu.jpg

Requested by

Host: turfologie.fr.gd
URL: https://turfologie.fr.gd/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:831::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

fife /

Resource Hash

66ca37fff82b4c704deedd773e690c7a0a3a0d28014376b00fe5222fda4ee688

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://turfologie.fr.gd/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Mon, 29 Jan 2024 15:21:46 GMT
x-content-type-options: nosniff
age: 4673
content-disposition: inline;filename="4-Jeupmu.jpg"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 2672
x-xss-protection: 0
server: fife
etag: "v8b"
vary: Origin
content-type: image/jpeg
access-control-allow-origin: *
access-control-expose-headers: Content-Length
cache-control: public, max-age=86400, no-transform
timing-allow-origin: *
expires: Tue, 30 Jan 2024 15:21:46 GMT

GET
H2 200 11-Franckyturf.jpg
1.bp.blogspot.com/-jwvAv4AQ6os/WeP1RzULVCI/AAAAAAAAAIk/SucIVZUNs4cWJi8bPNrJeOGNGx6BdqALgCLcBGAs/s1600/ 3 KB
3 KB 32ms
32ms Image
image/jpeg 2a00:1450:4001:831::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://1.bp.blogspot.com/-jwvAv4AQ6os/WeP1RzULVCI/AAAAAAAAAIk/SucIVZUNs4cWJi8bPNrJeOGNGx6BdqALgCLcBGAs/s1600/11-Franckyturf.jpg

Requested by

Host: turfologie.fr.gd
URL: https://turfologie.fr.gd/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:831::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

fife /

Resource Hash

aa420362f766c5ef90bd60b72610df9dcb600728866f887d8dd1ed76134e6ed3

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://turfologie.fr.gd/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Mon, 29 Jan 2024 15:21:46 GMT
x-content-type-options: nosniff
age: 4673
content-disposition: inline;filename="11-Franckyturf.jpg"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 3154
x-xss-protection: 0
server: fife
etag: "v8b"
vary: Origin
content-type: image/jpeg
access-control-allow-origin: *
access-control-expose-headers: Content-Length
cache-control: public, max-age=86400, no-transform
timing-allow-origin: *
expires: Tue, 30 Jan 2024 15:21:46 GMT

GET
H2 200 image.png
static.wixstatic.com/media/73840e_ebb5801846244b5d8798b9774e63e2be~mv2.png/v1/fill/w_94,h_63,al_c,lg_1,q_85,enc_auto/ 7 KB
8 KB 125ms
38ms Image
image/webp 2600:9000:2057:9800:1e:5c56:d400:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://static.wixstatic.com/media/73840e_ebb5801846244b5d8798b9774e63e2be~mv2.png/v1/fill/w_94,h_63,al_c,lg_1,q_85,enc_auto/image.png
Requested by: Host: turfologie.fr.gd
URL: https://turfologie.fr.gd/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2057:9800:1e:5c56:d400:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: openresty/1.21.4.1 /
Resource Hash: 1fb0a580c99750c2747697cfee51e4ce88d2c2214cff33d1d88ad5fa7dffcf7c

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://turfologie.fr.gd/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Sun, 14 Jan 2024 08:03:10 GMT
via: 1.1 google, 1.1 d3039ad83798b26ecb9f9f1e666afe26.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA6-C1
age: 1326989
x-cache: Hit from cloudfront
alt-svc: h3=":443"; ma=86400
content-length: 7434
wix-tracer: 2awAhzSZdrSxs8oav62VyUuRXlc
server: openresty/1.21.4.1
vary: Accept
content-type: image/webp
access-control-allow-origin: *
cache-control: public, max-age=15552000, immutable
timing-allow-origin: *
x-amz-cf-id: dcuhIzUnZ58MBN1phuvs0Z51-m7l-2QLeE7nj-NCFAP9enQTabA_0g==
x-seen-by: image-manipulator-84f467849-xsdgk

GET
H/1.1 200
OK turfologie1.jpg
img.webme.com/pic/t/turfologie/ 18 KB
18 KB 206ms
73ms Image
image/jpeg 178.162.223.114
LEASEWEB-DE-FRA-10

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://img.webme.com/pic/t/turfologie/turfologie1.jpg
Requested by: Host: turfologie.fr.gd
URL: https://turfologie.fr.gd/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 178.162.223.114 Schwerte, Germany, ASN28753 (LEASEWEB-DE-FRA-10, DE),
Reverse DNS: img.webme.com
Software: nginx /
Resource Hash: 159853db9ab81a3c75aacd096aa7ccd964c5fdff6a313cd281f1e15b37450d65

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://turfologie.fr.gd/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

Date: Mon, 29 Jan 2024 16:39:39 GMT
Via: 1.1 varnish-v4, 1.1 varnish-v4
Last-Modified: Sun, 04 Jan 2015 19:31:40 GMT
Server: nginx
X-wm-VIP: 193.238.27.18
Age: 19165
ETag: "54a9951c-47c1"
X-Varnish: 280740312, 483314084 481919551
Content-Type: image/jpeg
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 18369

GET
H2 200 banner.gif
img.root-top.com/topsite/turfologie/ 4 KB
5 KB 128ms
39ms Image
image/png 2606:4700:3038::6815:ea1a
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://img.root-top.com/topsite/turfologie/banner.gif
Requested by: Host: turfologie.fr.gd
URL: https://turfologie.fr.gd/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3038::6815:ea1a , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 597b8d67ab1ae1248dc69b6ef66b49d95eedc1ab74ae74234d86e3668d72e58e

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://turfologie.fr.gd/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Mon, 29 Jan 2024 16:39:39 GMT
cf-cache-status: HIT
last-modified: Tue, 29 Nov 2022 12:52:50 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
age: 373256
etag: "1229025579"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=9%2FN77enP0WioSIckiCNkKNSeva%2B%2Fw8QyikcdbBmmiOFKUqBhSJOd45jrlMX2bsgbV4Ort6ycwhO%2FnrwhapgVyiXVyBfbYXGJV65Gtata%2Bcm4f%2Bxh91JJjRrrXQ4Qf5diuId5YS8Nc%2Fe1X4wrym3l"}],"group":"cf-nel","max_age":604800}
content-type: image/png
cache-control: max-age=2678400
accept-ranges: bytes
cf-ray: 84d2e99a7d9b88bc-LHR
alt-svc: h3=":443"; ma=86400
content-length: 4424

GET
H2 200 AVvXsEjWiXAdxHXRsuyhdLWYAvcmHgSayhi7lWQXbhhMpnlqz03dMFqA_jiHg5OLR01x_da6mVmelcUJb5H1FaWg_y05HtXDohlYhEZ9YHveypUU5Eglv2pH5Wd9CcDtUU5ha7ZQv31wYlv3u-ZyalnS6PZqpLQUDuytRgNUS-jyWOY6tG5iHxIyJ8AtG0zi=s175
blogger.googleusercontent.com/img/a/ 12 KB
12 KB 524ms
449ms Image
image/jpeg 2a00:1450:4001:831::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://blogger.googleusercontent.com/img/a/AVvXsEjWiXAdxHXRsuyhdLWYAvcmHgSayhi7lWQXbhhMpnlqz03dMFqA_jiHg5OLR01x_da6mVmelcUJb5H1FaWg_y05HtXDohlYhEZ9YHveypUU5Eglv2pH5Wd9CcDtUU5ha7ZQv31wYlv3u-ZyalnS6PZqpLQUDuytRgNUS-jyWOY6tG5iHxIyJ8AtG0zi=s175

Requested by

Host: turfologie.fr.gd
URL: https://turfologie.fr.gd/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:831::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

fife /

Resource Hash

65138a48b724e8ab3a71783ad462dc20ebe73578473396fd8e67034014f98d34

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://turfologie.fr.gd/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Mon, 29 Jan 2024 16:39:40 GMT
x-content-type-options: nosniff
server: fife
etag: "v37d"
vary: Origin
content-type: image/jpeg
access-control-expose-headers: Content-Length
cache-control: public, max-age=86400, no-transform
content-disposition: inline;filename="YANNPMU1.jpg"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 11922
x-xss-protection: 0
expires: Tue, 30 Jan 2024 16:39:40 GMT

GET
H/1.1 200
OK prono.gif
img.webme.com/pic/t/turfologie/ 19 KB
20 KB 192ms
62ms Image
image/gif 178.162.223.114
LEASEWEB-DE-FRA-10

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://img.webme.com/pic/t/turfologie/prono.gif
Requested by: Host: turfologie.fr.gd
URL: https://turfologie.fr.gd/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 178.162.223.114 Schwerte, Germany, ASN28753 (LEASEWEB-DE-FRA-10, DE),
Reverse DNS: img.webme.com
Software: nginx /
Resource Hash: 9ad1049fcb759fc4f80bac0b8e7872eb695c31e52cc1740f3c3684976109691c

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://turfologie.fr.gd/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

Date: Mon, 29 Jan 2024 16:39:39 GMT
Via: 1.1 varnish-v4, 1.1 varnish-v4
Last-Modified: Sun, 04 Jan 2015 19:31:40 GMT
Server: nginx
X-wm-VIP: 193.238.27.18
Age: 28270
ETag: "54a9951c-4d31"
X-Varnish: 258939715, 481612832 478788434
Content-Type: image/gif
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 19761

GET
H/1.1 200
OK links.gif
theme.webme.com/designs/red/images/ 661 B
1 KB 244ms
35ms Image
image/gif 178.162.223.113
LEASEWEB-DE-FRA-10

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://theme.webme.com/designs/red/images/links.gif
Requested by: Host: turfologie.fr.gd
URL: https://turfologie.fr.gd/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 178.162.223.113 Schwerte, Germany, ASN28753 (LEASEWEB-DE-FRA-10, DE),
Reverse DNS: misc.webme.com
Software: nginx /
Resource Hash: 1ab0b4fe8e006ad238509e6f8649d1eb27057e01b85be4f71d7e38494167a10c

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://turfologie.fr.gd/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

Date: Mon, 29 Jan 2024 16:39:39 GMT
Via: 1.1 varnish-v4, 1.1 varnish-v4
Last-Modified: Tue, 20 May 2014 07:37:46 GMT
Server: nginx
X-wm-VIP: 193.238.27.17
Age: 18668
Content-Type: image/gif
X-Varnish: 282281306, 481612844 481027365
Cache-Control: max-age=3628800
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 661
Expires: Mon, 11 Mar 2024 11:28:31 GMT

GET
H/1.1 200
OK main_bg.gif
theme.webme.com/designs/red/images/ 2 KB
2 KB 216ms
31ms Image
image/gif 178.162.223.113
LEASEWEB-DE-FRA-10

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://theme.webme.com/designs/red/images/main_bg.gif
Requested by: Host: turfologie.fr.gd
URL: https://turfologie.fr.gd/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 178.162.223.113 Schwerte, Germany, ASN28753 (LEASEWEB-DE-FRA-10, DE),
Reverse DNS: misc.webme.com
Software: nginx /
Resource Hash: 3afaa830a3aa5d42db9b5201fff4a3345c6f64054f0930e4daf4831b85922137

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://turfologie.fr.gd/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

Date: Mon, 29 Jan 2024 16:39:39 GMT
Via: 1.1 varnish-v4, 1.1 varnish-v4
Last-Modified: Tue, 20 May 2014 07:37:46 GMT
Server: nginx
X-wm-VIP: 193.238.27.17
Age: 18488
Content-Type: image/gif
X-Varnish: 302233996, 481612840 476825016
Cache-Control: max-age=3628800
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 1544
Expires: Mon, 11 Mar 2024 11:31:31 GMT

GET
H/1.1 200
OK page_main_bg.gif
theme.webme.com/designs/red/images/ 2 KB
2 KB 225ms
31ms Image
image/gif 178.162.223.113
LEASEWEB-DE-FRA-10

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://theme.webme.com/designs/red/images/page_main_bg.gif
Requested by: Host: turfologie.fr.gd
URL: https://turfologie.fr.gd/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 178.162.223.113 Schwerte, Germany, ASN28753 (LEASEWEB-DE-FRA-10, DE),
Reverse DNS: misc.webme.com
Software: nginx /
Resource Hash: 5e37d2be701c29dad961e773416506081bb5bffc923fee65e0312fdc09b31128

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://turfologie.fr.gd/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

Date: Mon, 29 Jan 2024 16:39:39 GMT
Via: 1.1 varnish-v4, 1.1 varnish-v4
Last-Modified: Tue, 20 May 2014 07:37:46 GMT
Server: nginx
X-wm-VIP: 193.238.27.17
Age: 18624
Content-Type: image/gif
X-Varnish: 301631220, 483314092 478293226
Cache-Control: max-age=3628800
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 1609
Expires: Mon, 11 Mar 2024 11:29:15 GMT

GET
H/1.1 200
OK navi_bg.gif
theme.webme.com/designs/red/images/ 8 KB
8 KB 210ms
31ms Image
image/gif 178.162.223.113
LEASEWEB-DE-FRA-10

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://theme.webme.com/designs/red/images/navi_bg.gif
Requested by: Host: turfologie.fr.gd
URL: https://turfologie.fr.gd/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 178.162.223.113 Schwerte, Germany, ASN28753 (LEASEWEB-DE-FRA-10, DE),
Reverse DNS: misc.webme.com
Software: nginx /
Resource Hash: 109f6b3eb28407f4550623d2b245d13786479e7e9e731b78a3c063b25696d766

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://turfologie.fr.gd/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

Date: Mon, 29 Jan 2024 16:39:39 GMT
Via: 1.1 varnish-v4, 1.1 varnish-v4
Last-Modified: Tue, 20 May 2014 07:37:46 GMT
Server: nginx
X-wm-VIP: 193.238.27.17
Age: 18624
Content-Type: image/gif
X-Varnish: 300662064, 481612838 480124335
Cache-Control: max-age=3628800
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 8181
Expires: Mon, 11 Mar 2024 11:29:15 GMT

GET
H/1.1 200
OK navhead.gif
theme.webme.com/designs/red/images/ 306 B
720 B 244ms
33ms Image
image/gif 178.162.223.113
LEASEWEB-DE-FRA-10

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://theme.webme.com/designs/red/images/navhead.gif
Requested by: Host: turfologie.fr.gd
URL: https://turfologie.fr.gd/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 178.162.223.113 Schwerte, Germany, ASN28753 (LEASEWEB-DE-FRA-10, DE),
Reverse DNS: misc.webme.com
Software: nginx /
Resource Hash: 423c559de3422e758482c643fe8e464dc9aa3a4796de6aeac7b5eb7097aee345

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://turfologie.fr.gd/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

Date: Mon, 29 Jan 2024 16:39:39 GMT
Via: 1.1 varnish-v4, 1.1 varnish-v4
Last-Modified: Tue, 20 May 2014 07:37:46 GMT
Server: nginx
X-wm-VIP: 193.238.27.17
Age: 18624
Content-Type: image/gif
X-Varnish: 279955018, 483180753 480458943
Cache-Control: max-age=3628800
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 306
Expires: Mon, 11 Mar 2024 11:29:15 GMT

GET
H/1.1 200
OK button_bg.gif
theme.webme.com/designs/red/images/ 3 KB
4 KB 211ms
31ms Image
image/gif 178.162.223.113
LEASEWEB-DE-FRA-10

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://theme.webme.com/designs/red/images/button_bg.gif
Requested by: Host: turfologie.fr.gd
URL: https://turfologie.fr.gd/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 178.162.223.113 Schwerte, Germany, ASN28753 (LEASEWEB-DE-FRA-10, DE),
Reverse DNS: misc.webme.com
Software: nginx /
Resource Hash: 48438a48bfcec8017ece6d6b4d132be283fe7ff7d07190211ad3b3def726cce0

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://turfologie.fr.gd/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

Date: Mon, 29 Jan 2024 16:39:39 GMT
Via: 1.1 varnish-v4, 1.1 varnish-v4
Last-Modified: Tue, 20 May 2014 07:37:46 GMT
Server: nginx
X-wm-VIP: 193.238.27.17
Age: 18624
Content-Type: image/gif
X-Varnish: 301631224, 483314090 478293233
Cache-Control: max-age=3628800
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 3551
Expires: Mon, 11 Mar 2024 11:29:15 GMT

GET
H/1.1 200
OK cont_bg.gif
theme.webme.com/designs/red/images/ 1 KB
2 KB 228ms
31ms Image
image/gif 178.162.223.113
LEASEWEB-DE-FRA-10

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://theme.webme.com/designs/red/images/cont_bg.gif
Requested by: Host: turfologie.fr.gd
URL: https://turfologie.fr.gd/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 178.162.223.113 Schwerte, Germany, ASN28753 (LEASEWEB-DE-FRA-10, DE),
Reverse DNS: misc.webme.com
Software: nginx /
Resource Hash: 8f43a236fa4ace8a54fdae64ae08c47b986ce6011b3a7dda873fead7700590de

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://turfologie.fr.gd/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

Date: Mon, 29 Jan 2024 16:39:39 GMT
Via: 1.1 varnish-v4, 1.1 varnish-v4
Last-Modified: Tue, 20 May 2014 07:37:46 GMT
Server: nginx
X-wm-VIP: 193.238.27.17
Age: 18624
Content-Type: image/gif
X-Varnish: 301631222, 481612842 476824177
Cache-Control: max-age=3628800
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 1482
Expires: Mon, 11 Mar 2024 11:29:15 GMT

GET
H/1.1 200
OK cont_head_bg.gif
theme.webme.com/designs/red/images/ 6 KB
6 KB 245ms
40ms Image
image/gif 178.162.223.113
LEASEWEB-DE-FRA-10

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://theme.webme.com/designs/red/images/cont_head_bg.gif
Requested by: Host: turfologie.fr.gd
URL: https://turfologie.fr.gd/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 178.162.223.113 Schwerte, Germany, ASN28753 (LEASEWEB-DE-FRA-10, DE),
Reverse DNS: misc.webme.com
Software: nginx /
Resource Hash: a6499fa2053ae92d979b0ee3d129d94b1b42427cce83c3579da01e1df1e03333

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://turfologie.fr.gd/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

Date: Mon, 29 Jan 2024 16:39:39 GMT
Via: 1.1 varnish-v4, 1.1 varnish-v4
Last-Modified: Tue, 20 May 2014 07:37:46 GMT
Server: nginx
X-wm-VIP: 193.238.27.17
Age: 18624
Content-Type: image/gif
X-Varnish: 302424428, 483314094 480556256
Cache-Control: max-age=3628800
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 6138
Expires: Mon, 11 Mar 2024 11:29:15 GMT

GET
H/1.1 200
OK cont_bottom.gif
theme.webme.com/designs/red/images/ 4 KB
4 KB 32ms
32ms Image
image/gif 178.162.223.113
LEASEWEB-DE-FRA-10

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://theme.webme.com/designs/red/images/cont_bottom.gif
Requested by: Host: turfologie.fr.gd
URL: https://turfologie.fr.gd/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 178.162.223.113 Schwerte, Germany, ASN28753 (LEASEWEB-DE-FRA-10, DE),
Reverse DNS: misc.webme.com
Software: nginx /
Resource Hash: 23d7ce986c8d9b7e7a58cffb62d3592d91343e152fe4de7cffa87a2c1af591e1

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://turfologie.fr.gd/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

Date: Mon, 29 Jan 2024 16:39:39 GMT
Via: 1.1 varnish-v4, 1.1 varnish-v4
Last-Modified: Tue, 20 May 2014 07:37:46 GMT
Server: nginx
X-wm-VIP: 193.238.27.17
Age: 19005
Content-Type: image/gif
X-Varnish: 301370843, 481612850 476411410
Cache-Control: max-age=3628800
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 4031
Expires: Mon, 11 Mar 2024 11:22:54 GMT

GET
H/1.1 200
OK bottom2.gif
theme.webme.com/designs/red/images/ 1 KB
2 KB 31ms
31ms Image
image/gif 178.162.223.113
LEASEWEB-DE-FRA-10

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://theme.webme.com/designs/red/images/bottom2.gif
Requested by: Host: turfologie.fr.gd
URL: https://turfologie.fr.gd/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 178.162.223.113 Schwerte, Germany, ASN28753 (LEASEWEB-DE-FRA-10, DE),
Reverse DNS: misc.webme.com
Software: nginx /
Resource Hash: 0722ae40df7755ab819b4b15fc12e7368f0baa17b030a3a932ca8675fd72b730

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://turfologie.fr.gd/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

Date: Mon, 29 Jan 2024 16:39:39 GMT
Via: 1.1 varnish-v4, 1.1 varnish-v4
Last-Modified: Tue, 20 May 2014 07:37:46 GMT
Server: nginx
X-wm-VIP: 193.238.27.17
Age: 18310
Content-Type: image/gif
X-Varnish: 289791792, 483314100 482050827
Cache-Control: max-age=3628800
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 1525
Expires: Mon, 11 Mar 2024 11:34:29 GMT

GET
H/1.1 200
OK left_bottom.gif
theme.webme.com/designs/red/images/ 129 B
543 B 32ms
32ms Image
image/gif 178.162.223.113
LEASEWEB-DE-FRA-10

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://theme.webme.com/designs/red/images/left_bottom.gif
Requested by: Host: turfologie.fr.gd
URL: https://turfologie.fr.gd/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 178.162.223.113 Schwerte, Germany, ASN28753 (LEASEWEB-DE-FRA-10, DE),
Reverse DNS: misc.webme.com
Software: nginx /
Resource Hash: d0172b3d0f42c368dd557f0da5eff0a43e2c82a072d88b9965753d7611e42ece

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://turfologie.fr.gd/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

Date: Mon, 29 Jan 2024 16:39:39 GMT
Via: 1.1 varnish-v4, 1.1 varnish-v4
Last-Modified: Tue, 20 May 2014 07:37:46 GMT
Server: nginx
X-wm-VIP: 193.238.27.17
Age: 18934
Content-Type: image/gif
X-Varnish: 301830244, 481612852 480122296
Cache-Control: max-age=3628800
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 129
Expires: Mon, 11 Mar 2024 11:24:04 GMT

GET
H/1.1 200
OK bottom.gif
theme.webme.com/designs/red/images/ 2 KB
2 KB 32ms
32ms Image
image/gif 178.162.223.113
LEASEWEB-DE-FRA-10

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://theme.webme.com/designs/red/images/bottom.gif
Requested by: Host: turfologie.fr.gd
URL: https://turfologie.fr.gd/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 178.162.223.113 Schwerte, Germany, ASN28753 (LEASEWEB-DE-FRA-10, DE),
Reverse DNS: misc.webme.com
Software: nginx /
Resource Hash: d5a8b97841a922e387c50ea7812a8a5fe25499bd8b9487d11dafbcd1eaf4f12e

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://turfologie.fr.gd/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

Date: Mon, 29 Jan 2024 16:39:39 GMT
Via: 1.1 varnish-v4, 1.1 varnish-v4
Last-Modified: Tue, 20 May 2014 07:37:46 GMT
Server: nginx
X-wm-VIP: 193.238.27.17
Age: 18934
Content-Type: image/gif
X-Varnish: 297815901, 483314102 480122299
Cache-Control: max-age=3628800
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 1957
Expires: Mon, 11 Mar 2024 11:24:04 GMT

GET
H3 200 show_ads_impl_with_ama_fy2021.js Show response
pagead2.googlesyndication.com/pagead/managed/js/adsense/m202401230101/ 405 KB
138 KB 165ms
100ms Script
text/javascript 2a00:1450:4001:827::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202401230101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-5309472016820672&plah=turfologie.fr.gd

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js?client=ca-pub-5309472016820672&host=ca-host-pub-1483906849246906

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e8c9a7ca1873705534b95263941c6f0844fe2b4f7c93af6bf5ca7edaafc5cb31

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://turfologie.fr.gd/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Mon, 29 Jan 2024 16:39:39 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 140749
x-xss-protection: 0
server: cafe
etag: 12981312837647013359
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=3600, stale-while-revalidate=3600
timing-allow-origin: *
expires: Mon, 29 Jan 2024 16:39:39 GMT

GET
H2 200 zrt_lookup_fy2021.html Show response
googleads.g.doubleclick.net/pagead/html/r20240122/r20190131/ Frame 889C 9 KB
5 KB 102ms
31ms Document
text/html 2a00:1450:4001:829::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/html/r20240122/r20190131/zrt_lookup_fy2021.html

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js?client=ca-pub-5309472016820672&host=ca-host-pub-1483906849246906

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

9ba2c2b2479cc7044e4af1a0123ec24531e8ad57aa91d4d5655405a148271589

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://turfologie.fr.gd/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
accept-language: fr-FR,fr;q=0.9

Response headers

age: 6218
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=1209600
content-encoding: br
content-length: 4209
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Mon, 29 Jan 2024 14:56:01 GMT
etag: 3890843268177463596
expires: Mon, 12 Feb 2024 14:56:01 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
DATA 200
OK truncated
/ 127 KB
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 8b7addddf8ff620b9e0449bedae9a17f259c4356f1d046a9c4037b3a8dfb4090

Request headers

accept-language: fr-FR,fr;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

Content-Type: image/png

GET 103839-200x90.js
www.cpmaffiliation.com/ 0
0

GET
H2 200 eyJpZCI6NiwicHVibGlzaGVyX2lkIjo0LCJ3aWR0aCI6MzAwLCJoZWlnaHQiOjI1MH0= Show response
asrv205.com/adframe/ Frame F0FA 2 KB
1 KB 143ms
70ms Document
text/html 2a06:98c1:3120::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://asrv205.com/adframe/eyJpZCI6NiwicHVibGlzaGVyX2lkIjo0LCJ3aWR0aCI6MzAwLCJoZWlnaHQiOjI1MH0=?ct=CLICKTRACKING
Requested by: Host: turfologie.fr.gd
URL: https://turfologie.fr.gd/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a06:98c1:3120::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: b15763502c97d1c6f0d6a4e51a2d99acb6349dd057ace57507c5cc3ab39f5fda

Request headers

Referer: https://turfologie.fr.gd/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
accept-language: fr-FR,fr;q=0.9

Response headers

alt-svc: h3=":443"; ma=86400
cf-cache-status: DYNAMIC
cf-ray: 84d2e99b0edd2a73-CDG
content-encoding: gzip
content-type: text/html; charset=UTF-8
date: Mon, 29 Jan 2024 16:39:40 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=9CW6lRwssIVnA2LDKI02KuENS4HEv7FKV1FvfhNzh0eYTUbKROIoRAeL%2FsryLn6%2B%2F1j1ofk4VjHFAoo%2Fpz4dAl70cutb1jf6YNfHsKKTE2MfzMAQd33MxeYSzaOasdGvBIlntiVfxOCppw%3D%3D"}],"group":"cf-nel","max_age":604800}
server: cloudflare

GET
H/1.1 200
OK turfologie1.jpg
img.webme.com/pic/t/turfologie/ 18 KB
18 KB 31ms
31ms Image
image/jpeg 178.162.223.114
LEASEWEB-DE-FRA-10

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://img.webme.com/pic/t/turfologie/turfologie1.jpg
Requested by: Host: turfologie.fr.gd
URL: https://turfologie.fr.gd/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 178.162.223.114 Schwerte, Germany, ASN28753 (LEASEWEB-DE-FRA-10, DE),
Reverse DNS: img.webme.com
Software: nginx /
Resource Hash: 159853db9ab81a3c75aacd096aa7ccd964c5fdff6a313cd281f1e15b37450d65

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://turfologie.fr.gd/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

Date: Mon, 29 Jan 2024 16:39:39 GMT
Via: 1.1 varnish-v4, 1.1 varnish-v4
Last-Modified: Sun, 04 Jan 2015 19:31:40 GMT
Server: nginx
X-wm-VIP: 193.238.27.18
Age: 19165
ETag: "54a9951c-47c1"
X-Varnish: 280740312, 483314096 481919551
Content-Type: image/jpeg
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 18369

GET
DATA 200
OK truncated
/ 233 KB
0 Image
image/jpeg

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: e8e59257cc797123383f4dea6d1a72f6fb729342e3b23b75f311b70f0dc1ef96

Request headers

accept-language: fr-FR,fr;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

Content-Type: image/jpeg

GET
H/1.1 200
OK bottom2.gif
theme.webme.com/designs/red/images/ 1 KB
2 KB 70ms
31ms Image
image/gif 178.162.223.113
LEASEWEB-DE-FRA-10

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://theme.webme.com/designs/red/images/bottom2.gif
Requested by: Host: turfologie.fr.gd
URL: https://turfologie.fr.gd/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 178.162.223.113 Schwerte, Germany, ASN28753 (LEASEWEB-DE-FRA-10, DE),
Reverse DNS: misc.webme.com
Software: nginx /
Resource Hash: 0722ae40df7755ab819b4b15fc12e7368f0baa17b030a3a932ca8675fd72b730

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://turfologie.fr.gd/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

Date: Mon, 29 Jan 2024 16:39:40 GMT
Via: 1.1 varnish-v4, 1.1 varnish-v4
Last-Modified: Tue, 20 May 2014 07:37:46 GMT
Server: nginx
X-wm-VIP: 193.238.27.17
Age: 18310
Content-Type: image/gif
X-Varnish: 289791792, 483314110 482050827
Cache-Control: max-age=3628800
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 1525
Expires: Mon, 11 Mar 2024 11:34:29 GMT

GET
H/1.1 200
OK left_bg.gif
theme.webme.com/designs/red/images/ 16 KB
17 KB 73ms
62ms Image
image/gif 178.162.223.113
LEASEWEB-DE-FRA-10

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://theme.webme.com/designs/red/images/left_bg.gif
Requested by: Host: turfologie.fr.gd
URL: https://turfologie.fr.gd/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 178.162.223.113 Schwerte, Germany, ASN28753 (LEASEWEB-DE-FRA-10, DE),
Reverse DNS: misc.webme.com
Software: nginx /
Resource Hash: 2473cc965138dc8812b4d0c859cfc515520053140ee238d90bbf8cdf0c78aae5

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://turfologie.fr.gd/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

Date: Mon, 29 Jan 2024 16:39:39 GMT
Via: 1.1 varnish-v4, 1.1 varnish-v4
Last-Modified: Tue, 20 May 2014 07:37:46 GMT
Server: nginx
X-wm-VIP: 193.238.27.17
Age: 18624
Content-Type: image/gif
X-Varnish: 300662062, 483314104 480556247
Cache-Control: max-age=3628800
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 16492
Expires: Mon, 11 Mar 2024 11:29:15 GMT

GET
H/1.1 200
OK left_bg2.gif
theme.webme.com/designs/red/images/ 23 KB
24 KB 93ms
62ms Image
image/gif 178.162.223.113
LEASEWEB-DE-FRA-10

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://theme.webme.com/designs/red/images/left_bg2.gif
Requested by: Host: turfologie.fr.gd
URL: https://turfologie.fr.gd/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 178.162.223.113 Schwerte, Germany, ASN28753 (LEASEWEB-DE-FRA-10, DE),
Reverse DNS: misc.webme.com
Software: nginx /
Resource Hash: 2add0e4009bce96985012f6401fd770a91e3cf4e88baf75196e5cf82574aa3c1

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://turfologie.fr.gd/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

Date: Mon, 29 Jan 2024 16:39:40 GMT
Via: 1.1 varnish-v4, 1.1 varnish-v4
Last-Modified: Tue, 20 May 2014 07:37:46 GMT
Server: nginx
X-wm-VIP: 193.238.27.17
Age: 18624
Content-Type: image/gif
X-Varnish: 302424420, 483314106 480124338
Cache-Control: max-age=3628800
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 23961
Expires: Mon, 11 Mar 2024 11:29:15 GMT

GET
H/1.1 200
OK head.gif
theme.webme.com/designs/red/images/ 285 B
699 B 64ms
33ms Image
image/gif 178.162.223.113
LEASEWEB-DE-FRA-10

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://theme.webme.com/designs/red/images/head.gif
Requested by: Host: turfologie.fr.gd
URL: https://turfologie.fr.gd/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 178.162.223.113 Schwerte, Germany, ASN28753 (LEASEWEB-DE-FRA-10, DE),
Reverse DNS: misc.webme.com
Software: nginx /
Resource Hash: 4d06e8fc97b79c64e8ee6f4b18ab1f8a87e5152e67626175fbdd8d1be134a29c

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://turfologie.fr.gd/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

Date: Mon, 29 Jan 2024 16:39:40 GMT
Via: 1.1 varnish-v4, 1.1 varnish-v4
Last-Modified: Tue, 20 May 2014 07:37:46 GMT
Server: nginx
X-wm-VIP: 193.238.27.17
Age: 18218
Content-Type: image/gif
X-Varnish: 300406455, 481612860 480744253
Cache-Control: max-age=3628800
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 285
Expires: Mon, 11 Mar 2024 11:36:01 GMT

GET
H/1.1 200
OK top.gif
theme.webme.com/designs/red/images/ 2 KB
2 KB 63ms
31ms Image
image/gif 178.162.223.113
LEASEWEB-DE-FRA-10

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://theme.webme.com/designs/red/images/top.gif
Requested by: Host: turfologie.fr.gd
URL: https://turfologie.fr.gd/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 178.162.223.113 Schwerte, Germany, ASN28753 (LEASEWEB-DE-FRA-10, DE),
Reverse DNS: misc.webme.com
Software: nginx /
Resource Hash: c93fecb64ed5d07ff64c5c4fc58e93c4db668ffc72bff3161685e1bd8f3a7a62

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://turfologie.fr.gd/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

Date: Mon, 29 Jan 2024 16:39:40 GMT
Via: 1.1 varnish-v4, 1.1 varnish-v4
Last-Modified: Tue, 20 May 2014 07:37:46 GMT
Server: nginx
X-wm-VIP: 193.238.27.17
Age: 18218
Content-Type: image/gif
X-Varnish: 302758419, 483314108 461431902
Cache-Control: max-age=3628800
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 1729
Expires: Mon, 11 Mar 2024 11:36:01 GMT

GET
H/1.1 200
OK main.gif
theme.webme.com/designs/red/images/ 1 KB
2 KB 39ms
31ms Image
image/gif 178.162.223.113
LEASEWEB-DE-FRA-10

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://theme.webme.com/designs/red/images/main.gif
Requested by: Host: turfologie.fr.gd
URL: https://turfologie.fr.gd/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 178.162.223.113 Schwerte, Germany, ASN28753 (LEASEWEB-DE-FRA-10, DE),
Reverse DNS: misc.webme.com
Software: nginx /
Resource Hash: f37f49ebadc359e8c6cc15bee36eafa51f6823c2cb397677a7b5c0f9b7aa84d0

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://turfologie.fr.gd/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

Date: Mon, 29 Jan 2024 16:39:39 GMT
Via: 1.1 varnish-v4, 1.1 varnish-v4
Last-Modified: Tue, 20 May 2014 07:37:46 GMT
Server: nginx
X-wm-VIP: 193.238.27.17
Age: 18218
Content-Type: image/gif
X-Varnish: 302758417, 481612854 480744250
Cache-Control: max-age=3628800
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 1215
Expires: Mon, 11 Mar 2024 11:36:01 GMT

GET
H/1.1 200
OK rechts.gif
theme.webme.com/designs/red/images/ 653 B
1 KB 64ms
33ms Image
image/gif 178.162.223.113
LEASEWEB-DE-FRA-10

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://theme.webme.com/designs/red/images/rechts.gif
Requested by: Host: turfologie.fr.gd
URL: https://turfologie.fr.gd/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 178.162.223.113 Schwerte, Germany, ASN28753 (LEASEWEB-DE-FRA-10, DE),
Reverse DNS: misc.webme.com
Software: nginx /
Resource Hash: 30cb2bc81a65120d2d982b5c00d9172887eedc6ba3070b4595efc676c0188eee

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://turfologie.fr.gd/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

Date: Mon, 29 Jan 2024 16:39:40 GMT
Via: 1.1 varnish-v4, 1.1 varnish-v4
Last-Modified: Tue, 20 May 2014 07:37:46 GMT
Server: nginx
X-wm-VIP: 193.238.27.17
Age: 18788
Content-Type: image/gif
X-Varnish: 302041572, 481612858 477748426
Cache-Control: max-age=3628800
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 653
Expires: Mon, 11 Mar 2024 11:26:31 GMT

GET
H2

200

300-250-copyZO0mcZt7SwAPP.jpg
feuerwehrstore.de/media/image/41/f5/7a/ Frame F0FA
Redirect Chain

https://t.adcell.com/p/image?promoId=364452&slotId=105746
https://feuerwehrstore.de/media/image/41/f5/7a/300-250-copyZO0mcZt7SwAPP.jpg

11 MB
11 MB

129ms
34ms

Image
image/jpeg

88.99.189.169
HETZNER-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://feuerwehrstore.de/media/image/41/f5/7a/300-250-copyZO0mcZt7SwAPP.jpg
Requested by: Host: asrv205.com
URL: https://asrv205.com/adframe/eyJpZCI6NiwicHVibGlzaGVyX2lkIjo0LCJ3aWR0aCI6MzAwLCJoZWlnaHQiOjI1MH0=?ct=CLICKTRACKING
Protocol: H2
Server: 88.99.189.169 Ahnsbeck, Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: s30n57.meinserver.io
Software: nginx /
Resource Hash: 94630d41fac805597c3df017110fe1627315e10e89d0f3f02a2023f00a7df25a

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://asrv205.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Mon, 29 Jan 2024 16:39:40 GMT
last-modified: Sun, 17 Dec 2023 16:03:16 GMT
server: nginx
etag: "657f1bc4-af6a2f"
vary: Accept-Encoding
content-type: image/jpeg
cache-control: max-age=2592000
accept-ranges: bytes
content-length: 11495983
expires: Wed, 28 Feb 2024 16:39:40 GMT

Redirect headers

date: Mon, 29 Jan 2024 16:39:40 GMT
strict-transport-security: max-age=15768000
server: myracloud
content-type: text/html
location: https://feuerwehrstore.de/media/image/41/f5/7a/300-250-copyZO0mcZt7SwAPP.jpg
cache-control: max-age=0
content-length: 0
expires: Mon, 29 Jan 2024 16:39:40 GMT

GET
H2 200 view Show response
t.adcell.com/p/ Frame BAE2 42 B
420 B 154ms
66ms Document
image/gif 2a02:cb40:200::242
SOPRADO-ANY

General

Check archive.org

Show headers Download Go to

Full URL

https://t.adcell.com/p/view?promoId=365122&slotId=105746&pv=1

Requested by

Host: asrv205.com
URL: https://asrv205.com/adframe/eyJpZCI6NiwicHVibGlzaGVyX2lkIjo0LCJ3aWR0aCI6MzAwLCJoZWlnaHQiOjI1MH0=?ct=CLICKTRACKING

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:cb40:200::242 , Germany, ASN20546 (SOPRADO-ANY, DE),

Reverse DNS

Software

myracloud /

Resource Hash

b2c78c910f5ea29e3a9d223dabc203c055c8708b1fe7d83788b490638126db4d

Security Headers

Name	Value
Strict-Transport-Security	max-age=15768000

Request headers

Referer: https://asrv205.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
accept-language: fr-FR,fr;q=0.9

Response headers

cache-control: private, no-cache, no-cache=Set-Cookie, proxy-revalidate
content-length: 42
content-type: image/gif
date: Mon, 29 Jan 2024 16:39:40 GMT
expires: Sat, 11 Jan 2003 12:59:00 GMT
last-modified: Wed, 11 Jan 2006 12:59:00 GMT
pragma: no-cache
server: myracloud
strict-transport-security: max-age=15768000

GET
H/1.1 200
OK eyJjYW1wYWlnbl9pZCI6MjksImNyZWF0aXZlX2lkIjozOSwicHVibGlzaGVyX2lkIjo0LCJ6b25lX2lkIjo2LCJmcmFtZV90eXBlIjoiRnJhbWVzIiwiZnJhbWVfZ3RtZG9tYWluIjoiZndkLmZ3ZHRyay5jb20iLCJmcmFtZV9jYW1wYWlnbmlkIjoiNjBjOTEwN... Show response
fwdtrk.com/track/ Frame 1643 1 KB
2 KB 474ms
387ms Document
text/html 176.9.183.55
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://fwdtrk.com/track/eyJjYW1wYWlnbl9pZCI6MjksImNyZWF0aXZlX2lkIjozOSwicHVibGlzaGVyX2lkIjo0LCJ6b25lX2lkIjo2LCJmcmFtZV90eXBlIjoiRnJhbWVzIiwiZnJhbWVfZ3RtZG9tYWluIjoiZndkLmZ3ZHRyay5jb20iLCJmcmFtZV9jYW1wYWlnbmlkIjoiNjBjOTEwNmEtZGQ3Yi00ZjNiLTk3ODktNDQxNTIzZGQzYzVlIiwiZnJhbWVfdGFyZ2V0IjoiOEZZIiwiZnJhbWVfdGFyZ2V0X2lkIjoxLCJmcmFtZV9hZGRjb3VudHJ5IjowLCJjb3VudHJ5IjoiRlIiLCJ0cyI6MTcwNjU0NjM4MH0%3D
Requested by: Host: asrv205.com
URL: https://asrv205.com/adframe/eyJpZCI6NiwicHVibGlzaGVyX2lkIjo0LCJ3aWR0aCI6MzAwLCJoZWlnaHQiOjI1MH0=?ct=CLICKTRACKING
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 176.9.183.55 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: static.55.183.9.176.clients.your-server.de
Software: nginx/1.18.0 (Ubuntu) /
Resource Hash: 689ce17bd42665bbeffed17eb99c4559a0cf46d6dac29a7f9fe52b2a11ebe9ed

Request headers

Referer: https://asrv205.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
accept-language: fr-FR,fr;q=0.9

Response headers

Cache-Control: no-cache, private
Connection: keep-alive
Content-Encoding: gzip
Content-Type: text/html; charset=UTF-8
Date: Mon, 29 Jan 2024 16:39:40 GMT
Server: nginx/1.18.0 (Ubuntu)
Transfer-Encoding: chunked

GET
H2 200 ads Show response
googleads.g.doubleclick.net/pagead/ Frame FEA4 410 KB
90 KB 542ms
541ms Document
text/html 2a00:1450:4001:829::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5309472016820672&output=html&adk=1812271804&adf=3025194257&lmt=1706546380&plat=2%3A16777216%2C9%3A32776%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32%2C41%3A32%2C42%3A32&plas=260x945_l%7C260x945_r&format=0x0&url=https%3A%2F%2Fturfologie.fr.gd%2F&host=ca-host-pub-1483906849246906&pra=5&wgl=1&easpi=1&asro=0&aslmt=0.4&asamt=-1&asedf=0&asefa=1&aseiel=1~2~4~6&aslcwct=150&asacwct=25&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1706546379848&bpp=2&bdt=234&idt=248&shv=r20240122&mjsv=m202401230101&ptt=9&saldr=aa&abxe=1&nras=1&correlator=5185171188298&frm=20&pv=2&ga_vid=2112861678.1706546380&ga_sid=1706546380&ga_hid=1426785995&ga_fc=0&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C31079265%2C31080533%2C31080619%2C95322184%2C95320869%2C95321626%2C95322164%2C95323006&oid=2&pvsid=3681854001375556&tmod=713479794&uas=0&nvt=1&fsapi=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=32768&bc=31&bz=1&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=1&uci=a!1&fsb=1&dtd=258

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202401230101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-5309472016820672&plah=turfologie.fr.gd

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

80b02292cc996dd87a5dfb45f54ccfb6399bb72e44715c6635a758dcfa831cea

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://turfologie.fr.gd/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
accept-language: fr-FR,fr;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private
content-encoding: br
content-length: 91837
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Mon, 29 Jan 2024 16:39:40 GMT
expires: Mon, 29 Jan 2024 16:39:40 GMT
observe-browsing-topics: ?1
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ 0
20 B 232ms
231ms Image
image/gif 2a00:1450:4001:827::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=ach_evt&tn=A&id=selfpromotionOverlay&ign=false&pw=1600&ph=1200&x=0&y=0

Requested by

Host: turfologie.fr.gd
URL: https://turfologie.fr.gd/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://turfologie.fr.gd/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 29 Jan 2024 16:39:40 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET track
fwd.fwdtrk.com/ Frame 1643 0
0

GET
H/1.1 200
OK d Show response
visifeed.org/ Frame F898 403 B
736 B 389ms
318ms Document
text/html 3.75.56.58
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://visifeed.org/d?t=8FY&ts=e_60c9106a-dd7b-4f3b-9789-441523dd3c5e
Requested by: Host: fwdtrk.com
URL: https://fwdtrk.com/track/eyJjYW1wYWlnbl9pZCI6MjksImNyZWF0aXZlX2lkIjozOSwicHVibGlzaGVyX2lkIjo0LCJ6b25lX2lkIjo2LCJmcmFtZV90eXBlIjoiRnJhbWVzIiwiZnJhbWVfZ3RtZG9tYWluIjoiZndkLmZ3ZHRyay5jb20iLCJmcmFtZV9jYW1wYWlnbmlkIjoiNjBjOTEwNmEtZGQ3Yi00ZjNiLTk3ODktNDQxNTIzZGQzYzVlIiwiZnJhbWVfdGFyZ2V0IjoiOEZZIiwiZnJhbWVfdGFyZ2V0X2lkIjoxLCJmcmFtZV9hZGRjb3VudHJ5IjowLCJjb3VudHJ5IjoiRlIiLCJ0cyI6MTcwNjU0NjM4MH0%3D
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 3.75.56.58 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-3-75-56-58.eu-central-1.compute.amazonaws.com
Software: nginx/1.18.0 (Ubuntu) / PHP/7.4.25
Resource Hash: 36cae405b6b38f87e39096b6494288aed55727dbcd483a61eb56214039b3a26d

Request headers

Referer: https://fwdtrk.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
accept-language: fr-FR,fr;q=0.9

Response headers

Cache-Control: no-store, no-cache, must-revalidate, max-age=0 post-check=0, pre-check=0
Connection: keep-alive
Content-Encoding: gzip
Content-Type: text/html; charset=UTF-8
Date: Mon, 29 Jan 2024 16:39:40 GMT
Pragma: no-cache
Referrer-Policy: no-referrer
Server: nginx/1.18.0 (Ubuntu)
Transfer-Encoding: chunked
X-Powered-By: PHP/7.4.25

GET
H3 200 reactive_library_fy2021.js Show response
pagead2.googlesyndication.com/pagead/managed/js/adsense/m202401230101/ 165 KB
56 KB 97ms
97ms Script
text/javascript 2a00:1450:4001:827::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202401230101/reactive_library_fy2021.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

bdeda30940ee9170dfd5a71b7498a8c845f405487cb13af212dd079154ea1b7e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://turfologie.fr.gd/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Mon, 29 Jan 2024 16:39:40 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 57007
x-xss-protection: 0
server: cafe
etag: 17867120388900059677
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=1209600
timing-allow-origin: *
expires: Mon, 29 Jan 2024 16:39:40 GMT

GET
H3 200 ads Show response
googleads.g.doubleclick.net/pagead/ Frame 0DD0 706 B
380 B 416ms
416ms Document
text/html 2a00:1450:4001:829::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5309472016820672&output=html&h=280&adk=3809598800&adf=854766408&pi=t.aa~a.1415116625~rp.4&w=1200&fwrn=4&fwrnh=100&lmt=1706546380&rafmt=1&to=qs&pwprc=3996251837&format=1200x280&url=https%3A%2F%2Fturfologie.fr.gd%2F&host=ca-host-pub-1483906849246906&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1706546380758&bpp=1&bdt=1144&idt=-M&shv=r20240122&mjsv=m202401230101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=2&correlator=5185171188298&frm=20&pv=1&ga_vid=2112861678.1706546380&ga_sid=1706546380&ga_hid=1426785995&ga_fc=0&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=200&ady=1509&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C31079265%2C31080533%2C31080619%2C95322184%2C95320869%2C95321626%2C95322164%2C95323006&oid=2&pvsid=3681854001375556&tmod=713479794&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&bz=1&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=2&uci=a!2&btvi=1&fsb=1&dtd=3

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

d08f8512754f8069096f945c803182b88bb8143b0de43e254627f498c766adf7

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://turfologie.fr.gd/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
accept-language: fr-FR,fr;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private
content-encoding: br
content-length: 355
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Mon, 29 Jan 2024 16:39:41 GMT
expires: Mon, 29 Jan 2024 16:39:41 GMT
observe-browsing-topics: ?1
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 ads Show response
googleads.g.doubleclick.net/pagead/ Frame 35D4 48 KB
18 KB 420ms
419ms Document
text/html 2a00:1450:4001:829::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5309472016820672&output=html&h=90&adk=2743202993&adf=1839787983&pi=t.aa~a.1182920990~rp.3&w=1200&fwrn=4&fwrnh=100&lmt=1706546380&rafmt=1&to=qs&pwprc=3996251837&format=1200x90&url=https%3A%2F%2Fturfologie.fr.gd%2F&host=ca-host-pub-1483906849246906&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1706546380758&bpp=1&bdt=1144&idt=0&shv=r20240122&mjsv=m202401230101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C1200x280&nras=3&correlator=5185171188298&frm=20&pv=1&ga_vid=2112861678.1706546380&ga_sid=1706546380&ga_hid=1426785995&ga_fc=0&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=200&ady=1821&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C31079265%2C31080533%2C31080619%2C95322184%2C95320869%2C95321626%2C95322164%2C95323006&oid=2&pvsid=3681854001375556&tmod=713479794&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&bz=1&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=3&uci=a!3&btvi=2&fsb=1&dtd=5

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

7100c26e8fa2804ab080d1067a5ec547cff677b166123ecdb59333126ffb4e86

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://turfologie.fr.gd/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
accept-language: fr-FR,fr;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private
content-encoding: br
content-length: 17979
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Mon, 29 Jan 2024 16:39:41 GMT
expires: Mon, 29 Jan 2024 16:39:41 GMT
observe-browsing-topics: ?1
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ 0
20 B 233ms
232ms Image
image/gif 2a00:1450:4001:827::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=ama_auto_rs&sts=pflna&evt=place&vh=1200&eid=44759876%2C44759927%2C31079265%2C31080533%2C31080619%2C95322184%2C95320869%2C95321626%2C95322164%2C95323006&hl=fr&pvc=3681854001375556

Requested by

Host: turfologie.fr.gd
URL: https://turfologie.fr.gd/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://turfologie.fr.gd/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 29 Jan 2024 16:39:40 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 zrt_lookup_fy2021.html Show response
googleads.g.doubleclick.net/pagead/html/r20240122/r20110914/ Frame C360 9 KB
4 KB 32ms
31ms Document
text/html 2a00:1450:4001:829::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/html/r20240122/r20110914/zrt_lookup_fy2021.html?fsb=1

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

9ba2c2b2479cc7044e4af1a0123ec24531e8ad57aa91d4d5655405a148271589

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://turfologie.fr.gd/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
accept-language: fr-FR,fr;q=0.9

Response headers

age: 16789
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=1209600
content-encoding: br
content-length: 4209
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Mon, 29 Jan 2024 11:59:51 GMT
etag: 3890843268177463596
expires: Mon, 12 Feb 2024 11:59:51 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 zrt_lookup_fy2021.html Show response
googleads.g.doubleclick.net/pagead/html/r20240122/r20110914/ Frame 1ACD 9 KB
4 KB 32ms
32ms Document
text/html 2a00:1450:4001:829::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/html/r20240122/r20110914/zrt_lookup_fy2021.html?fsb=1

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

9ba2c2b2479cc7044e4af1a0123ec24531e8ad57aa91d4d5655405a148271589

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://turfologie.fr.gd/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
accept-language: fr-FR,fr;q=0.9

Response headers

age: 16789
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=1209600
content-encoding: br
content-length: 4209
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Mon, 29 Jan 2024 11:59:51 GMT
etag: 3890843268177463596
expires: Mon, 12 Feb 2024 11:59:51 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 zrt_lookup_fy2021.html Show response
googleads.g.doubleclick.net/pagead/html/r20240122/r20110914/ Frame 95A1 9 KB
4 KB 33ms
33ms Document
text/html 2a00:1450:4001:829::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/html/r20240122/r20110914/zrt_lookup_fy2021.html?fsb=1

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

9ba2c2b2479cc7044e4af1a0123ec24531e8ad57aa91d4d5655405a148271589

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://turfologie.fr.gd/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
accept-language: fr-FR,fr;q=0.9

Response headers

age: 16789
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=1209600
content-encoding: br
content-length: 4209
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Mon, 29 Jan 2024 11:59:51 GMT
etag: 3890843268177463596
expires: Mon, 12 Feb 2024 11:59:51 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H/1.1 200
OK i Show response
visifeed.org/ Frame F898 408 B
736 B 41ms
41ms Document
text/html 3.75.56.58
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://visifeed.org/i?n=1&t=101&ts=e_60c9106a-dd7b-4f3b-9789-441523dd3c5e&l=k%7B&phash=14426602d095f6046b3a008e7d69186a78de6ab3895e575d5502ceca210baeed&ci=yC_w3Mu%3B&its=9F%5Bt%2ALp5e%3DbA%24QD%3BxoPWbVW&an=l0%3FGo%2CBt&ve=8DY&ppos=ww2G&wm=%7Eu0Zq%23Sv6p
Requested by: Host: visifeed.org
URL: https://visifeed.org/d?t=8FY&ts=e_60c9106a-dd7b-4f3b-9789-441523dd3c5e
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 3.75.56.58 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-3-75-56-58.eu-central-1.compute.amazonaws.com
Software: nginx/1.18.0 (Ubuntu) / PHP/7.4.25
Resource Hash: 38b2698052e7283850118e1bd672f49fc427549928478b6911dc2662a22f5c0b

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
accept-language: fr-FR,fr;q=0.9

Response headers

Cache-Control: no-store, no-cache, must-revalidate, max-age=0 post-check=0, pre-check=0
Connection: keep-alive
Content-Encoding: gzip
Content-Type: text/html; charset=UTF-8
Date: Mon, 29 Jan 2024 16:39:40 GMT
Pragma: no-cache
Referrer-Policy: no-referrer
Server: nginx/1.18.0 (Ubuntu)
Transfer-Encoding: chunked
X-Powered-By: PHP/7.4.25

GET
H3 200 pixel Show response
googleads.g.doubleclick.net/xbbe/ Frame 0BA2 624 B
246 B 69ms
69ms Document
text/html 2a00:1450:4001:829::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/xbbe/pixel?d=CPDkLxCoi2UYqeTEmAEwAQ&v=APEucNWW4zwNuOn41HgxAeVUOxRONXwTTa2p_ImON0wZ_wyFmWoOJncFz03gx_Tb4YLCWiawlMZjUwRp7YCe9gE_2DdatlBSB3_Kzh49Nfblr-JDArT_CCQo6wkax2dr9wllC6YhO6Vl6cnv81zzwEJe6CFseaMSp2CpZZlBON6hUW6ynaHRuuU

Requested by

Host: turfologie.fr.gd
URL: https://turfologie.fr.gd/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

9ff367082be1d94abc86ad1e75ff921cc5d53846e860267372fade66305f9120

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/pagead/html/r20240122/r20110914/zrt_lookup_fy2021.html?fsb=1
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
accept-language: fr-FR,fr;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private
content-encoding: br
content-length: 222
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Mon, 29 Jan 2024 16:39:41 GMT
expires: Mon, 29 Jan 2024 16:39:41 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 express_html_inpage_rendering_lib_200_278.js Show response
s0.2mdn.net/879366/ Frame 9EBE 111 KB
39 KB 106ms
33ms Script
text/javascript 2a00:1450:4001:82f::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/879366/express_html_inpage_rendering_lib_200_278.js

Requested by

Host: turfologie.fr.gd
URL: https://turfologie.fr.gd/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82f::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

1642dd5dc126df4feff2255cba0988528507973d842d0a73331a5873f6b9d4e5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
Origin: https://googleads.g.doubleclick.net
accept-language: fr-FR,fr;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Sun, 28 Jan 2024 17:14:48 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 84293
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 39806
x-xss-protection: 0
last-modified: Tue, 14 Mar 2023 18:44:05 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=86400
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Mon, 29 Jan 2024 17:14:48 GMT

GET
H3 200 omrhp_fy2021.js Show response
pagead2.googlesyndication.com/pagead/js/r20240122/r20110914/elements/html/ Frame 9EBE 8 KB
3 KB 34ms
34ms Script
text/javascript 2a00:1450:4001:827::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/r20240122/r20110914/elements/html/omrhp_fy2021.js

Requested by

Host: turfologie.fr.gd
URL: https://turfologie.fr.gd/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef34301455784e8a56ecc7a80985d6fd317ddd8328b6232dc0bc3223d79c91c2

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Mon, 29 Jan 2024 16:24:31 GMT
content-encoding: br
x-content-type-options: nosniff
age: 909
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 3206
x-xss-protection: 0
server: cafe
etag: 12640889860211258669
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Mon, 12 Feb 2024 16:24:31 GMT

GET
H3 200 abg_lite_fy2021.js Show response
pagead2.googlesyndication.com/pagead/js/r20240122/r20110914/ Frame 9EBE 23 KB
9 KB 36ms
35ms Script
text/javascript 2a00:1450:4001:827::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/r20240122/r20110914/abg_lite_fy2021.js

Requested by

Host: turfologie.fr.gd
URL: https://turfologie.fr.gd/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

eb4fec10d8f4484b291b7c7d0de59d1b4375e000029fd1a128ad10c270d8d803

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Mon, 29 Jan 2024 10:23:48 GMT
content-encoding: br
x-content-type-options: nosniff
age: 22552
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 9319
x-xss-protection: 0
server: cafe
etag: 16165788300067284045
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Mon, 12 Feb 2024 10:23:48 GMT

GET
H2 200 Q12zgMmT.js Show response
tpc.googlesyndication.com/sodar/ Frame 9EBE 41 KB
14 KB 152ms
75ms Script
text/javascript 2a00:1450:4001:827::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/Q12zgMmT.js

Requested by

Host: turfologie.fr.gd
URL: https://turfologie.fr.gd/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:827::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

435db380c9936c0970dcd3d9941eab6aec2fcf2a38c3e2b4e02d957e8e76bd1f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Thu, 25 Jan 2024 11:54:17 GMT
content-encoding: br
x-content-type-options: nosniff
age: 362724
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 13937
x-xss-protection: 0
last-modified: Fri, 25 Aug 2023 23:48:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
vary: Accept-Encoding
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Fri, 24 Jan 2025 11:54:17 GMT

GET
H2 200 window_focus_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20240122/r20110914/client/ Frame 9EBE 3 KB
1 KB 160ms
84ms Script
text/javascript 2a00:1450:4001:827::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20240122/r20110914/client/window_focus_fy2021.js

Requested by

Host: turfologie.fr.gd
URL: https://turfologie.fr.gd/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:827::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Sun, 28 Jan 2024 21:06:05 GMT
content-encoding: br
x-content-type-options: nosniff
age: 70416
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1236
x-xss-protection: 0
server: cafe
etag: 15004572836499977866
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sun, 11 Feb 2024 21:06:05 GMT

GET
H2 200 qs_click_protection_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20240122/r20110914/client/ Frame 9EBE 20 KB
9 KB 109ms
33ms Script
text/javascript 2a00:1450:4001:827::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20240122/r20110914/client/qs_click_protection_fy2021.js

Requested by

Host: turfologie.fr.gd
URL: https://turfologie.fr.gd/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:827::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

d58acf16b5e4521c9eb24fe9fd97308e5f8be1297e4b63a547e5b610611799ae

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Sun, 28 Jan 2024 23:41:57 GMT
content-encoding: br
x-content-type-options: nosniff
age: 61064
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 8492
x-xss-protection: 0
server: cafe
etag: 9878124937798820110
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sun, 11 Feb 2024 23:41:57 GMT

GET
H2 200 ufs_web_display.js Show response
www.googletagservices.com/activeview/js/current/ Frame 9EBE 205 KB
65 KB 137ms
41ms Script
text/javascript 2a00:1450:4001:828::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/ufs_web_display.js?cache=r20110914

Requested by

Host: turfologie.fr.gd
URL: https://turfologie.fr.gd/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

1fcab795411fac2ef4fe726fc3ee3ad3192ff76a846fa3b28616b3b6e61fae83

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Mon, 29 Jan 2024 16:39:41 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 66337
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1706100845105677"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
timing-allow-origin: *
expires: Mon, 29 Jan 2024 16:39:41 GMT

GET
H3 200 gen_204
pagead2.googlesyndication.com/pagead/ Frame 9EBE 42 B
63 B 235ms
235ms Image
image/gif 2a00:1450:4001:827::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=xbid&dbm_b=AKAmf-C1M9ylrGArFgpNmBBYGO-JP_RN5x4Q85qcVDnq-GwXpRb8IhJGTKCwhExSperBzYRJH8NOGvM4MxremjeXVCkX7shkXq03m1lNXMRi5JcZznMi9yk

Requested by

Host: turfologie.fr.gd
URL: https://turfologie.fr.gd/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 29 Jan 2024 16:39:41 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 pixel Show response
googleads.g.doubleclick.net/xbbe/ Frame 7C19 624 B
246 B 72ms
70ms Document
text/html 2a00:1450:4001:829::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/xbbe/pixel?d=CPDkLxCoi2UYqeTEmAEwAQ&v=APEucNW9a70WwTq9AE5qRemW1W02rh8CXlj-3ivsheCNmexUjZRvkjPZ10ubUvTHnh-INUZEc4ovnw4mIcoahVePnbSRyvlrkK12d0QaUt1QCmky29HojW0mVboXxq_6Eura0_Hdbq5-Tka5HK63FXLnllgeDg7zg7YvXv2k_lXGsb7za_tpjE8

Requested by

Host: turfologie.fr.gd
URL: https://turfologie.fr.gd/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

9ff367082be1d94abc86ad1e75ff921cc5d53846e860267372fade66305f9120

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/pagead/html/r20240122/r20110914/zrt_lookup_fy2021.html?fsb=1
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
accept-language: fr-FR,fr;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private
content-encoding: br
content-length: 222
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Mon, 29 Jan 2024 16:39:41 GMT
expires: Mon, 29 Jan 2024 16:39:41 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 express_html_inpage_rendering_lib_200_278.js Show response
s0.2mdn.net/879366/ Frame 7E0D 111 KB
39 KB 117ms
69ms Script
text/javascript 2a00:1450:4001:82f::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/879366/express_html_inpage_rendering_lib_200_278.js

Requested by

Host: turfologie.fr.gd
URL: https://turfologie.fr.gd/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82f::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

1642dd5dc126df4feff2255cba0988528507973d842d0a73331a5873f6b9d4e5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
Origin: https://googleads.g.doubleclick.net
accept-language: fr-FR,fr;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Sun, 28 Jan 2024 17:14:48 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 84293
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 39806
x-xss-protection: 0
last-modified: Tue, 14 Mar 2023 18:44:05 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=86400
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Mon, 29 Jan 2024 17:14:48 GMT

GET
H3 200 omrhp_fy2021.js Show response
pagead2.googlesyndication.com/pagead/js/r20240122/r20110914/elements/html/ Frame 7E0D 8 KB
3 KB 33ms
33ms Script
text/javascript 2a00:1450:4001:827::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/r20240122/r20110914/elements/html/omrhp_fy2021.js

Requested by

Host: turfologie.fr.gd
URL: https://turfologie.fr.gd/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef34301455784e8a56ecc7a80985d6fd317ddd8328b6232dc0bc3223d79c91c2

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Mon, 29 Jan 2024 16:24:31 GMT
content-encoding: br
x-content-type-options: nosniff
age: 910
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 3206
x-xss-protection: 0
server: cafe
etag: 12640889860211258669
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Mon, 12 Feb 2024 16:24:31 GMT

GET
H3 200 abg_lite_fy2021.js Show response
pagead2.googlesyndication.com/pagead/js/r20240122/r20110914/ Frame 7E0D 23 KB
9 KB 33ms
33ms Script
text/javascript 2a00:1450:4001:827::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/r20240122/r20110914/abg_lite_fy2021.js

Requested by

Host: turfologie.fr.gd
URL: https://turfologie.fr.gd/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

eb4fec10d8f4484b291b7c7d0de59d1b4375e000029fd1a128ad10c270d8d803

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Mon, 29 Jan 2024 10:23:48 GMT
content-encoding: br
x-content-type-options: nosniff
age: 22553
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 9319
x-xss-protection: 0
server: cafe
etag: 16165788300067284045
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Mon, 12 Feb 2024 10:23:48 GMT

GET
H2 200 Q12zgMmT.js Show response
tpc.googlesyndication.com/sodar/ Frame 7E0D 41 KB
14 KB 118ms
66ms Script
text/javascript 2a00:1450:4001:827::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/Q12zgMmT.js

Requested by

Host: turfologie.fr.gd
URL: https://turfologie.fr.gd/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:827::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

435db380c9936c0970dcd3d9941eab6aec2fcf2a38c3e2b4e02d957e8e76bd1f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Thu, 25 Jan 2024 11:54:17 GMT
content-encoding: br
x-content-type-options: nosniff
age: 362724
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 13937
x-xss-protection: 0
last-modified: Fri, 25 Aug 2023 23:48:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
vary: Accept-Encoding
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Fri, 24 Jan 2025 11:54:17 GMT

GET
H2 200 window_focus_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20240122/r20110914/client/ Frame 7E0D 3 KB
1 KB 116ms
64ms Script
text/javascript 2a00:1450:4001:827::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20240122/r20110914/client/window_focus_fy2021.js

Requested by

Host: turfologie.fr.gd
URL: https://turfologie.fr.gd/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:827::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Sun, 28 Jan 2024 21:06:05 GMT
content-encoding: br
x-content-type-options: nosniff
age: 70416
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1236
x-xss-protection: 0
server: cafe
etag: 15004572836499977866
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sun, 11 Feb 2024 21:06:05 GMT

GET
H2 200 qs_click_protection_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20240122/r20110914/client/ Frame 7E0D 20 KB
8 KB 87ms
36ms Script
text/javascript 2a00:1450:4001:827::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20240122/r20110914/client/qs_click_protection_fy2021.js

Requested by

Host: turfologie.fr.gd
URL: https://turfologie.fr.gd/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:827::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

d58acf16b5e4521c9eb24fe9fd97308e5f8be1297e4b63a547e5b610611799ae

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Sun, 28 Jan 2024 23:41:57 GMT
content-encoding: br
x-content-type-options: nosniff
age: 61064
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 8492
x-xss-protection: 0
server: cafe
etag: 9878124937798820110
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sun, 11 Feb 2024 23:41:57 GMT

GET
H2 200 ufs_web_display.js Show response
www.googletagservices.com/activeview/js/current/ Frame 7E0D 205 KB
65 KB 169ms
99ms Script
text/javascript 2a00:1450:4001:828::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/ufs_web_display.js?cache=r20110914

Requested by

Host: turfologie.fr.gd
URL: https://turfologie.fr.gd/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

1fcab795411fac2ef4fe726fc3ee3ad3192ff76a846fa3b28616b3b6e61fae83

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Mon, 29 Jan 2024 16:39:41 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 66337
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1706100845105677"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
timing-allow-origin: *
expires: Mon, 29 Jan 2024 16:39:41 GMT

GET
H3 200 gen_204
pagead2.googlesyndication.com/pagead/ Frame 7E0D 42 B
63 B 232ms
232ms Image
image/gif 2a00:1450:4001:827::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=xbid&dbm_b=AKAmf-B1VPySzXNkRb40HdK4YkQMNYzfxLW20202yCHHHIpPNVoASjc4vuXLmBATnNBUtqnzkTnHy8eoH-76bSAHnP3pS5sw8Vf-aIBMpuKsq5Es_EoDD_Y

Requested by

Host: turfologie.fr.gd
URL: https://turfologie.fr.gd/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 29 Jan 2024 16:39:41 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 pixel Show response
googleads.g.doubleclick.net/xbbe/ Frame 2EF1 624 B
246 B 71ms
70ms Document
text/html 2a00:1450:4001:829::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/xbbe/pixel?d=CPDkLxCoi2UY_OrEmAEwAQ&v=APEucNX4qiNqus2dTDy_l83XcUP9NFaqcPPjE65R78qml3Gi0patGIGCQZJh_p0vMzCfAI4fqglJB1mtDSOXe0evke-8V_TFvxrjZSUtqJhpzlbXh06-aOku2CjNPu4TMfLgxl0bu2p05cUI3B934_m4cpFqtGUph4aot0dbfXwJlrtBTeKnnwA

Requested by

Host: turfologie.fr.gd
URL: https://turfologie.fr.gd/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

9ff367082be1d94abc86ad1e75ff921cc5d53846e860267372fade66305f9120

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/pagead/html/r20240122/r20110914/zrt_lookup_fy2021.html?fsb=1
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
accept-language: fr-FR,fr;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private
content-encoding: br
content-length: 222
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Mon, 29 Jan 2024 16:39:41 GMT
expires: Mon, 29 Jan 2024 16:39:41 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 express_html_inpage_rendering_lib_200_278.js Show response
s0.2mdn.net/879366/ Frame 6D73 111 KB
39 KB 125ms
94ms Script
text/javascript 2a00:1450:4001:82f::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/879366/express_html_inpage_rendering_lib_200_278.js

Requested by

Host: turfologie.fr.gd
URL: https://turfologie.fr.gd/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82f::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

1642dd5dc126df4feff2255cba0988528507973d842d0a73331a5873f6b9d4e5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
Origin: https://googleads.g.doubleclick.net
accept-language: fr-FR,fr;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Sun, 28 Jan 2024 17:14:48 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 84293
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 39806
x-xss-protection: 0
last-modified: Tue, 14 Mar 2023 18:44:05 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=86400
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Mon, 29 Jan 2024 17:14:48 GMT

GET
H3 200 omrhp_fy2021.js Show response
pagead2.googlesyndication.com/pagead/js/r20240122/r20110914/elements/html/ Frame 6D73 8 KB
3 KB 31ms
31ms Script
text/javascript 2a00:1450:4001:827::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/r20240122/r20110914/elements/html/omrhp_fy2021.js

Requested by

Host: turfologie.fr.gd
URL: https://turfologie.fr.gd/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef34301455784e8a56ecc7a80985d6fd317ddd8328b6232dc0bc3223d79c91c2

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Mon, 29 Jan 2024 16:24:31 GMT
content-encoding: br
x-content-type-options: nosniff
age: 910
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 3206
x-xss-protection: 0
server: cafe
etag: 12640889860211258669
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Mon, 12 Feb 2024 16:24:31 GMT

GET
H3 200 abg_lite_fy2021.js Show response
pagead2.googlesyndication.com/pagead/js/r20240122/r20110914/ Frame 6D73 23 KB
9 KB 32ms
32ms Script
text/javascript 2a00:1450:4001:827::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/r20240122/r20110914/abg_lite_fy2021.js

Requested by

Host: turfologie.fr.gd
URL: https://turfologie.fr.gd/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

eb4fec10d8f4484b291b7c7d0de59d1b4375e000029fd1a128ad10c270d8d803

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Mon, 29 Jan 2024 10:23:48 GMT
content-encoding: br
x-content-type-options: nosniff
age: 22553
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 9319
x-xss-protection: 0
server: cafe
etag: 16165788300067284045
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Mon, 12 Feb 2024 10:23:48 GMT

GET
H2 200 Q12zgMmT.js Show response
tpc.googlesyndication.com/sodar/ Frame 6D73 41 KB
14 KB 123ms
88ms Script
text/javascript 2a00:1450:4001:827::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/Q12zgMmT.js

Requested by

Host: turfologie.fr.gd
URL: https://turfologie.fr.gd/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:827::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

435db380c9936c0970dcd3d9941eab6aec2fcf2a38c3e2b4e02d957e8e76bd1f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Thu, 25 Jan 2024 11:54:17 GMT
content-encoding: br
x-content-type-options: nosniff
age: 362724
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 13937
x-xss-protection: 0
last-modified: Fri, 25 Aug 2023 23:48:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
vary: Accept-Encoding
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Fri, 24 Jan 2025 11:54:17 GMT

GET
H2 200 window_focus_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20240122/r20110914/client/ Frame 6D73 3 KB
1 KB 122ms
88ms Script
text/javascript 2a00:1450:4001:827::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20240122/r20110914/client/window_focus_fy2021.js

Requested by

Host: turfologie.fr.gd
URL: https://turfologie.fr.gd/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:827::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Sun, 28 Jan 2024 21:06:05 GMT
content-encoding: br
x-content-type-options: nosniff
age: 70416
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1236
x-xss-protection: 0
server: cafe
etag: 15004572836499977866
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sun, 11 Feb 2024 21:06:05 GMT

GET
H2 200 qs_click_protection_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20240122/r20110914/client/ Frame 6D73 20 KB
8 KB 75ms
41ms Script
text/javascript 2a00:1450:4001:827::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20240122/r20110914/client/qs_click_protection_fy2021.js

Requested by

Host: turfologie.fr.gd
URL: https://turfologie.fr.gd/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:827::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

d58acf16b5e4521c9eb24fe9fd97308e5f8be1297e4b63a547e5b610611799ae

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Sun, 28 Jan 2024 23:41:57 GMT
content-encoding: br
x-content-type-options: nosniff
age: 61064
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 8492
x-xss-protection: 0
server: cafe
etag: 9878124937798820110
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sun, 11 Feb 2024 23:41:57 GMT

GET
H2 200 ufs_web_display.js Show response
www.googletagservices.com/activeview/js/current/ Frame 6D73 205 KB
65 KB 167ms
114ms Script
text/javascript 2a00:1450:4001:828::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/ufs_web_display.js?cache=r20110914

Requested by

Host: turfologie.fr.gd
URL: https://turfologie.fr.gd/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

1fcab795411fac2ef4fe726fc3ee3ad3192ff76a846fa3b28616b3b6e61fae83

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Mon, 29 Jan 2024 16:39:41 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 66337
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1706100845105677"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
timing-allow-origin: *
expires: Mon, 29 Jan 2024 16:39:41 GMT

GET
H3 200 gen_204
pagead2.googlesyndication.com/pagead/ Frame 6D73 42 B
63 B 232ms
232ms Image
image/gif 2a00:1450:4001:827::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=xbid&dbm_b=AKAmf-AuPmab-GIg3ecg7JfLabqYEv8isDfm_Ul5vva4lY9OxdRwv_P3XSR5MTT_9moDCSl1d8w6mTVTeBVk4qxDlEuF3dJUNgn42Cqs9oSernq6GIFSq4Q

Requested by

Host: turfologie.fr.gd
URL: https://turfologie.fr.gd/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 29 Jan 2024 16:39:41 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H/1.1 200
OK d Show response
visifeed.org/ Frame B9AC 347 B
671 B 51ms
51ms Document
text/html 3.75.56.58
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://visifeed.org/d?t=101&ts=e_60c9106a-dd7b-4f3b-9789-441523dd3c5e&l=k%7B&phash=14426602d095f6046b3a008e7d69186a78de6ab3895e575d5502ceca210bae00&ci=yC_w3Mu%3B&its=9F%5Bt%2ALp5e%3DbA%24QD%3BxoPWbVW&an=l0%3FGo%2CBt&ve=8DY&ppos=ww2G&wm=%7Eu0Zq%23Sv6p
Requested by: Host: visifeed.org
URL: https://visifeed.org/i?n=1&t=101&ts=e_60c9106a-dd7b-4f3b-9789-441523dd3c5e&l=k%7B&phash=14426602d095f6046b3a008e7d69186a78de6ab3895e575d5502ceca210baeed&ci=yC_w3Mu%3B&its=9F%5Bt%2ALp5e%3DbA%24QD%3BxoPWbVW&an=l0%3FGo%2CBt&ve=8DY&ppos=ww2G&wm=%7Eu0Zq%23Sv6p
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 3.75.56.58 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-3-75-56-58.eu-central-1.compute.amazonaws.com
Software: nginx/1.18.0 (Ubuntu) / PHP/7.4.25
Resource Hash: 90b7abfd8a66f10d9014b74060b640132bd630d50240e6ae1988df7017ce77f9

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
accept-language: fr-FR,fr;q=0.9

Response headers

Cache-Control: no-store, no-cache, must-revalidate, max-age=0 post-check=0, pre-check=0
Connection: keep-alive
Content-Encoding: gzip
Content-Type: text/html; charset=UTF-8
Date: Mon, 29 Jan 2024 16:39:41 GMT
Pragma: no-cache
Referrer-Policy: no-referrer
Server: nginx/1.18.0 (Ubuntu)
Transfer-Encoding: chunked
X-Powered-By: PHP/7.4.25

GET
H2

200

rum
dsum-sec.casalemedia.com/ Frame 0BA2
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_dbm
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEMG2w2nz40OKU-mAHwBonsc&google_cver=1

43 B
326 B

63ms
62ms

Image
image/gif

104.18.36.155
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEMG2w2nz40OKU-mAHwBonsc&google_cver=1
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CPDkLxCoi2UYqeTEmAEwAQ&v=APEucNWW4zwNuOn41HgxAeVUOxRONXwTTa2p_ImON0wZ_wyFmWoOJncFz03gx_Tb4YLCWiawlMZjUwRp7YCe9gE_2DdatlBSB3_Kzh49Nfblr-JDArT_CCQo6wkax2dr9wllC6YhO6Vl6cnv81zzwEJe6CFseaMSp2CpZZlBON6hUW6ynaHRuuU
Protocol: H2
Server: 104.18.36.155 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 29 Jan 2024 16:39:41 GMT
cf-cache-status: DYNAMIC
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=MBYlpAPUG62UtqoXhcepoK%2B5pbAQ7Fm1R8xo7p1qXUr3HPCMMLwLSR4312Ep7pinA0o%2F6bpVWT5uhtqIUjUW%2Bxg1TfvnHgLNMXX9hmPJafleujTIup8XUnS78uK8k2%2F89L1IxOZzHcXiSg%3D%3D"}],"group":"cf-nel","max_age":604800}
p3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
content-type: image/gif
cache-control: no-cache
cf-ray: 84d2e9a25e62019e-CDG
alt-svc: h3=":443"; ma=86400
content-length: 43
expires: 0

Redirect headers

pragma: no-cache
date: Mon, 29 Jan 2024 16:39:41 GMT
server: HTTP server (unknown)
content-type: text/html; charset=UTF-8
location: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEMG2w2nz40OKU-mAHwBonsc&google_cver=1
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 313
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3

200

rum
dsum-sec.casalemedia.com/ Frame 0BA2
Redirect Chain

https://dsum-sec.casalemedia.com/rrum?ixi=0&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D
https://dsum-sec.casalemedia.com/rrum?cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D&cm_dsp_id=85&ixi=0&C=1
https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_hm=ZbfUzWrMKxylSHZdiR77bwAA
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEC0jBzPwf82U5Ew1_nZFu4Q&google_cver=1

43 B
739 B

50ms
47ms

Image
image/gif

104.18.36.155
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEC0jBzPwf82U5Ew1_nZFu4Q&google_cver=1
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CPDkLxCoi2UYqeTEmAEwAQ&v=APEucNWW4zwNuOn41HgxAeVUOxRONXwTTa2p_ImON0wZ_wyFmWoOJncFz03gx_Tb4YLCWiawlMZjUwRp7YCe9gE_2DdatlBSB3_Kzh49Nfblr-JDArT_CCQo6wkax2dr9wllC6YhO6Vl6cnv81zzwEJe6CFseaMSp2CpZZlBON6hUW6ynaHRuuU
Protocol: H3
Server: 104.18.36.155 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 29 Jan 2024 16:39:41 GMT
cf-cache-status: DYNAMIC
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=LLBcp77pQL4J9Scm4jXrWaO2Wva0ET0PgmM3qOxtGKSOZgoR5gNjP8zy%2FKCCzjV0JULYJPWAtuAq2v%2FTQq9lS3dLf%2BizEO9vKpz6q5lS0lmC36g7LRnwFVCeRybYN5l3qGC%2FNa%2Bog%2Fr0xQ%3D%3D"}],"group":"cf-nel","max_age":604800}
p3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
content-type: image/gif
cache-control: no-cache
cf-ray: 84d2e9a31a1f2c73-FRA
alt-svc: h3=":443"; ma=86400
content-length: 43
expires: 0

Redirect headers

pragma: no-cache
date: Mon, 29 Jan 2024 16:39:41 GMT
server: HTTP server (unknown)
content-type: text/html; charset=UTF-8
location: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEC0jBzPwf82U5Ew1_nZFu4Q&google_cver=1
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 313
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2

200

setuid
ib.adnxs.com/ Frame 0BA2
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_cm&google_dbm
https://ib.adnxs.com/setuid?entity=101&code=CAESEKhaqv3NuynChpIlBEj8VYQ&google_cver=1

43 B
1 KB

27ms
26ms

Image
image/gif

185.89.210.46
ASN-APPNEX

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ib.adnxs.com/setuid?entity=101&code=CAESEKhaqv3NuynChpIlBEj8VYQ&google_cver=1

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CPDkLxCoi2UYqeTEmAEwAQ&v=APEucNWW4zwNuOn41HgxAeVUOxRONXwTTa2p_ImON0wZ_wyFmWoOJncFz03gx_Tb4YLCWiawlMZjUwRp7YCe9gE_2DdatlBSB3_Kzh49Nfblr-JDArT_CCQo6wkax2dr9wllC6YhO6Vl6cnv81zzwEJe6CFseaMSp2CpZZlBON6hUW6ynaHRuuU

Protocol

Server

185.89.210.46 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),

Reverse DNS

940.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net

Software

nginx/1.23.4 /

Resource Hash

4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 29 Jan 2024 16:39:41 GMT
an-x-request-uuid: c2fa51b2-7919-4a0a-9116-aafb2294099f
server: nginx/1.23.4
accept-ch: Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type: image/gif
cache-control: no-store, no-cache, private
x-proxy-origin: 92.222.212.17; 92.222.212.17; 940.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
content-length: 43
x-xss-protection: 0
expires: Sat, 15 Nov 2008 16:00:00 GMT

Redirect headers

pragma: no-cache
date: Mon, 29 Jan 2024 16:39:41 GMT
server: HTTP server (unknown)
content-type: text/html; charset=UTF-8
location: https://ib.adnxs.com/setuid?entity=101&code=CAESEKhaqv3NuynChpIlBEj8VYQ&google_cver=1
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 290
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2

200

pixel
cm.g.doubleclick.net/ Frame 0BA2
Redirect Chain

https://ib.adnxs.com/getuid?https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=${BASE64_UID_ENC}
https://ib.adnxs.com/bounce?%2Fgetuid%3Fhttps%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dappnexus%26google_hm%3D%24%7BBASE64_UID_ENC%7D
https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=NTgyMjMzNzA1ODIzNDMzOTAyMA%3D%3D

170 B
232 B

43ms
43ms

Image
image/png

216.58.212.130
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=NTgyMjMzNzA1ODIzNDMzOTAyMA%3D%3D

Requested by

Protocol

Server

216.58.212.130 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

ams15s21-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 29 Jan 2024 16:39:41 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma: no-cache
date: Mon, 29 Jan 2024 16:39:41 GMT
an-x-request-uuid: 4e31ba16-874a-42fe-9b9b-d2067b7e545c
server: nginx/1.23.4
accept-ch: Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type: text/html; charset=utf-8
access-control-allow-origin: *
cache-control: no-store, no-cache, private
access-control-allow-credentials: true
location: https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=NTgyMjMzNzA1ODIzNDMzOTAyMA%3D%3D
x-proxy-origin: 92.222.212.17; 92.222.212.17; 940.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
content-length: 0
x-xss-protection: 0
expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H2

200

rum
dsum-sec.casalemedia.com/ Frame 7C19
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_dbm
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEBSHVqqzUOd5PJcvbzazcVg&google_cver=1

43 B
330 B

56ms
56ms

Image
image/gif

104.18.36.155
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEBSHVqqzUOd5PJcvbzazcVg&google_cver=1
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CPDkLxCoi2UYqeTEmAEwAQ&v=APEucNW9a70WwTq9AE5qRemW1W02rh8CXlj-3ivsheCNmexUjZRvkjPZ10ubUvTHnh-INUZEc4ovnw4mIcoahVePnbSRyvlrkK12d0QaUt1QCmky29HojW0mVboXxq_6Eura0_Hdbq5-Tka5HK63FXLnllgeDg7zg7YvXv2k_lXGsb7za_tpjE8
Protocol: H2
Server: 104.18.36.155 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 29 Jan 2024 16:39:41 GMT
cf-cache-status: DYNAMIC
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=nqRAoEQz36lakZ2iR24uYFFcvQFJJcrcDyP%2BpYdmrRR%2F73%2FxGuExFVaMCt5WNewnO3r9BjCqvnw26Ju%2FgqCbLGyDsRBKikVxQAANCEtrZE3DC3TuCM1YpxMMbCzuL2MuiYUW%2BFetjo%2FQsg%3D%3D"}],"group":"cf-nel","max_age":604800}
p3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
content-type: image/gif
cache-control: no-cache
cf-ray: 84d2e9a25e4b019e-CDG
alt-svc: h3=":443"; ma=86400
content-length: 43
expires: 0

Redirect headers

pragma: no-cache
date: Mon, 29 Jan 2024 16:39:41 GMT
server: HTTP server (unknown)
content-type: text/html; charset=UTF-8
location: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEBSHVqqzUOd5PJcvbzazcVg&google_cver=1
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 313
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3

200

rum
dsum-sec.casalemedia.com/ Frame 7C19
Redirect Chain

https://dsum-sec.casalemedia.com/rrum?ixi=0&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D
https://dsum-sec.casalemedia.com/rrum?cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D&cm_dsp_id=85&ixi=0&C=1
https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_hm=ZbfUzbofVCmHprPBZAQudAAA
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEC0jBzPwf82U5Ew1_nZFu4Q&google_cver=1

43 B
774 B

48ms
45ms

Image
image/gif

104.18.36.155
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEC0jBzPwf82U5Ew1_nZFu4Q&google_cver=1
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CPDkLxCoi2UYqeTEmAEwAQ&v=APEucNW9a70WwTq9AE5qRemW1W02rh8CXlj-3ivsheCNmexUjZRvkjPZ10ubUvTHnh-INUZEc4ovnw4mIcoahVePnbSRyvlrkK12d0QaUt1QCmky29HojW0mVboXxq_6Eura0_Hdbq5-Tka5HK63FXLnllgeDg7zg7YvXv2k_lXGsb7za_tpjE8
Protocol: H3
Server: 104.18.36.155 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 29 Jan 2024 16:39:41 GMT
cf-cache-status: DYNAMIC
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=ShtJ5%2FQqvpc1n1XCpkfwa2r08ai%2B%2B213MlIGcerL1ohQiQ4H8qsFXWjGzqNtCKra49l1qYmqWwhtfEIkx%2FR4onplEQxYSDqxQo%2BzivfLw7rXca5W1X7%2BWl6AxzdjH8ePq%2BRlVwLQn6VlMg%3D%3D"}],"group":"cf-nel","max_age":604800}
p3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
content-type: image/gif
cache-control: no-cache
cf-ray: 84d2e9a31a1d2c73-FRA
alt-svc: h3=":443"; ma=86400
content-length: 43
expires: 0

Redirect headers

pragma: no-cache
date: Mon, 29 Jan 2024 16:39:41 GMT
server: HTTP server (unknown)
content-type: text/html; charset=UTF-8
location: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEC0jBzPwf82U5Ew1_nZFu4Q&google_cver=1
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 313
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2

200

setuid
ib.adnxs.com/ Frame 7C19
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_cm&google_dbm
https://ib.adnxs.com/setuid?entity=101&code=CAESEPAT0UzppAiVxcLUteEx_6U&google_cver=1

43 B
1 KB

28ms
27ms

Image
image/gif

185.89.210.46
ASN-APPNEX

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ib.adnxs.com/setuid?entity=101&code=CAESEPAT0UzppAiVxcLUteEx_6U&google_cver=1

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CPDkLxCoi2UYqeTEmAEwAQ&v=APEucNW9a70WwTq9AE5qRemW1W02rh8CXlj-3ivsheCNmexUjZRvkjPZ10ubUvTHnh-INUZEc4ovnw4mIcoahVePnbSRyvlrkK12d0QaUt1QCmky29HojW0mVboXxq_6Eura0_Hdbq5-Tka5HK63FXLnllgeDg7zg7YvXv2k_lXGsb7za_tpjE8

Protocol

Server

185.89.210.46 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),

Reverse DNS

940.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net

Software

nginx/1.23.4 /

Resource Hash

4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 29 Jan 2024 16:39:41 GMT
an-x-request-uuid: 9fda396e-bfe7-4a2c-9ebd-a79950ae298f
server: nginx/1.23.4
accept-ch: Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type: image/gif
cache-control: no-store, no-cache, private
x-proxy-origin: 92.222.212.17; 92.222.212.17; 940.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
content-length: 43
x-xss-protection: 0
expires: Sat, 15 Nov 2008 16:00:00 GMT

Redirect headers

pragma: no-cache
date: Mon, 29 Jan 2024 16:39:41 GMT
server: HTTP server (unknown)
content-type: text/html; charset=UTF-8
location: https://ib.adnxs.com/setuid?entity=101&code=CAESEPAT0UzppAiVxcLUteEx_6U&google_cver=1
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 290
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2

200

pixel
cm.g.doubleclick.net/ Frame 7C19
Redirect Chain

https://ib.adnxs.com/getuid?https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=${BASE64_UID_ENC}
https://ib.adnxs.com/bounce?%2Fgetuid%3Fhttps%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dappnexus%26google_hm%3D%24%7BBASE64_UID_ENC%7D
https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=MzI4NDM2Nzk0MDEwMzA2NDA3

170 B
243 B

43ms
42ms

Image
image/png

216.58.212.130
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=MzI4NDM2Nzk0MDEwMzA2NDA3

Requested by

Protocol

Server

216.58.212.130 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

ams15s21-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 29 Jan 2024 16:39:41 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma: no-cache
date: Mon, 29 Jan 2024 16:39:41 GMT
an-x-request-uuid: 374eca54-0de3-421c-8910-fb27c98bb14e
server: nginx/1.23.4
accept-ch: Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type: text/html; charset=utf-8
access-control-allow-origin: *
cache-control: no-store, no-cache, private
access-control-allow-credentials: true
location: https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=MzI4NDM2Nzk0MDEwMzA2NDA3
x-proxy-origin: 92.222.212.17; 92.222.212.17; 940.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
content-length: 0
x-xss-protection: 0
expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H2 200 redirect Show response
api.yieldads.net/ Frame B9AC 2 KB
2 KB 114ms
36ms Document
text/html 52.28.39.71
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://api.yieldads.net/redirect?publisherId=45bc403dq64rzpuj&market=de&placementId=14426602d095f6046b3a008e7d69186a78de6ab3895e575d5502ceca210bae00&placementId2=60c9106a-dd7b-4f3b-9789-441523dd3c5e
Requested by: Host: visifeed.org
URL: https://visifeed.org/d?t=101&ts=e_60c9106a-dd7b-4f3b-9789-441523dd3c5e&l=k%7B&phash=14426602d095f6046b3a008e7d69186a78de6ab3895e575d5502ceca210bae00&ci=yC_w3Mu%3B&its=9F%5Bt%2ALp5e%3DbA%24QD%3BxoPWbVW&an=l0%3FGo%2CBt&ve=8DY&ppos=ww2G&wm=%7Eu0Zq%23Sv6p
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.28.39.71 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-28-39-71.eu-central-1.compute.amazonaws.com
Software: nginx / PHP/8.2.15
Resource Hash: e9aa350606d3101ab591615bb585e9131027c7cebed1e190ff09be6f7ff048b4

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
accept-language: fr-FR,fr;q=0.9

Response headers

content-encoding: gzip
content-type: text/html; charset=UTF-8
date: Mon, 29 Jan 2024 16:39:41 GMT
server: nginx
x-powered-by: PHP/8.2.15

GET
H2

200

rum
dsum-sec.casalemedia.com/ Frame 2EF1
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_dbm
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEMM09K6CS8KN96e1Y4_2eok&google_cver=1

43 B
440 B

53ms
53ms

Image
image/gif

104.18.36.155
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEMM09K6CS8KN96e1Y4_2eok&google_cver=1
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CPDkLxCoi2UY_OrEmAEwAQ&v=APEucNX4qiNqus2dTDy_l83XcUP9NFaqcPPjE65R78qml3Gi0patGIGCQZJh_p0vMzCfAI4fqglJB1mtDSOXe0evke-8V_TFvxrjZSUtqJhpzlbXh06-aOku2CjNPu4TMfLgxl0bu2p05cUI3B934_m4cpFqtGUph4aot0dbfXwJlrtBTeKnnwA
Protocol: H2
Server: 104.18.36.155 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 29 Jan 2024 16:39:41 GMT
cf-cache-status: DYNAMIC
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=psAAayH58xJI1sI9DaoSwjC5dT3OC5yxqV%2BAYXmITugZQPYCdKFx%2FcNcrGVhKorErq7YzVsEwoGm5oyC4lZY0csaRPaRIeD%2B%2BhTju6CM6JOHGC0m%2FpzGwl5KfapJYm6SqfZZMJRL9ZB6Ng%3D%3D"}],"group":"cf-nel","max_age":604800}
p3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
content-type: image/gif
cache-control: no-cache
cf-ray: 84d2e9a25e4c019e-CDG
alt-svc: h3=":443"; ma=86400
content-length: 43
expires: 0

Redirect headers

pragma: no-cache
date: Mon, 29 Jan 2024 16:39:41 GMT
server: HTTP server (unknown)
content-type: text/html; charset=UTF-8
location: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEMM09K6CS8KN96e1Y4_2eok&google_cver=1
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 313
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3

200

rum
dsum-sec.casalemedia.com/ Frame 2EF1
Redirect Chain

https://dsum-sec.casalemedia.com/rrum?ixi=0&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D
https://dsum-sec.casalemedia.com/rrum?cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D&cm_dsp_id=85&ixi=0&C=1
https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_hm=ZbfUzUP2rtXUpkO52ViA9gAA
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEC0jBzPwf82U5Ew1_nZFu4Q&google_cver=1

43 B
737 B

57ms
54ms

Image
image/gif

104.18.36.155
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEC0jBzPwf82U5Ew1_nZFu4Q&google_cver=1
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CPDkLxCoi2UY_OrEmAEwAQ&v=APEucNX4qiNqus2dTDy_l83XcUP9NFaqcPPjE65R78qml3Gi0patGIGCQZJh_p0vMzCfAI4fqglJB1mtDSOXe0evke-8V_TFvxrjZSUtqJhpzlbXh06-aOku2CjNPu4TMfLgxl0bu2p05cUI3B934_m4cpFqtGUph4aot0dbfXwJlrtBTeKnnwA
Protocol: H3
Server: 104.18.36.155 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 29 Jan 2024 16:39:41 GMT
cf-cache-status: DYNAMIC
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=gZ%2Be6nspZzPe3XrK5JfKKUZaR69o%2BrCUtdHmfieQcKQosB6BX3UwqCgnB4Ng1WsP%2Br%2FbwLIc038IQkXDP55cuh5rt848%2Fd%2Fq7LsWODtalVr7AICQZfKMLfTZ9ptiPsjrOPLq2VAUxyC7cw%3D%3D"}],"group":"cf-nel","max_age":604800}
p3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
content-type: image/gif
cache-control: no-cache
cf-ray: 84d2e9a31a1c2c73-FRA
alt-svc: h3=":443"; ma=86400
content-length: 43
expires: 0

Redirect headers

pragma: no-cache
date: Mon, 29 Jan 2024 16:39:41 GMT
server: HTTP server (unknown)
content-type: text/html; charset=UTF-8
location: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEC0jBzPwf82U5Ew1_nZFu4Q&google_cver=1
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 313
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2

200

setuid
ib.adnxs.com/ Frame 2EF1
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_cm&google_dbm
https://ib.adnxs.com/setuid?entity=101&code=CAESEGlx3rJb3RQmV_vpfnLZ1Yk&google_cver=1

43 B
1 KB

55ms
54ms

Image
image/gif

185.89.210.46
ASN-APPNEX

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ib.adnxs.com/setuid?entity=101&code=CAESEGlx3rJb3RQmV_vpfnLZ1Yk&google_cver=1

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CPDkLxCoi2UY_OrEmAEwAQ&v=APEucNX4qiNqus2dTDy_l83XcUP9NFaqcPPjE65R78qml3Gi0patGIGCQZJh_p0vMzCfAI4fqglJB1mtDSOXe0evke-8V_TFvxrjZSUtqJhpzlbXh06-aOku2CjNPu4TMfLgxl0bu2p05cUI3B934_m4cpFqtGUph4aot0dbfXwJlrtBTeKnnwA

Protocol

Server

185.89.210.46 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),

Reverse DNS

940.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net

Software

nginx/1.23.4 /

Resource Hash

4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 29 Jan 2024 16:39:41 GMT
an-x-request-uuid: c2b724ac-c613-4d58-afda-741526bbd321
server: nginx/1.23.4
accept-ch: Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type: image/gif
cache-control: no-store, no-cache, private
x-proxy-origin: 92.222.212.17; 92.222.212.17; 940.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
content-length: 43
x-xss-protection: 0
expires: Sat, 15 Nov 2008 16:00:00 GMT

Redirect headers

pragma: no-cache
date: Mon, 29 Jan 2024 16:39:41 GMT
server: HTTP server (unknown)
content-type: text/html; charset=UTF-8
location: https://ib.adnxs.com/setuid?entity=101&code=CAESEGlx3rJb3RQmV_vpfnLZ1Yk&google_cver=1
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 290
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2

200

pixel
cm.g.doubleclick.net/ Frame 2EF1
Redirect Chain

https://ib.adnxs.com/getuid?https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=${BASE64_UID_ENC}
https://ib.adnxs.com/bounce?%2Fgetuid%3Fhttps%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dappnexus%26google_hm%3D%24%7BBASE64_UID_ENC%7D
https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=NTA2NzQ5NTcwNDc2MTY0NTY5Ng%3D%3D

170 B
232 B

42ms
42ms

Image
image/png

216.58.212.130
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=NTA2NzQ5NTcwNDc2MTY0NTY5Ng%3D%3D

Requested by

Protocol

Server

216.58.212.130 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

ams15s21-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 29 Jan 2024 16:39:41 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma: no-cache
date: Mon, 29 Jan 2024 16:39:41 GMT
an-x-request-uuid: e9efe4a4-5598-42cc-bbcd-adec048725d6
server: nginx/1.23.4
accept-ch: Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type: text/html; charset=utf-8
access-control-allow-origin: *
cache-control: no-store, no-cache, private
access-control-allow-credentials: true
location: https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=NTA2NzQ5NTcwNDc2MTY0NTY5Ng%3D%3D
x-proxy-origin: 92.222.212.17; 92.222.212.17; 940.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
content-length: 0
x-xss-protection: 0
expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
DATA 200
OK truncated
/ Frame 6D73 216 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 406626e06cf4dabde0855eff0372f6e95443e076c5f1d8df190a55c085fce1fe

Request headers

accept-language: fr-FR,fr;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

Content-Type: image/png

GET
H2 200 62bHydCX.html Show response
tpc.googlesyndication.com/sodar/ Frame ACBE 38 KB
13 KB 32ms
31ms Document
text/html 2a00:1450:4001:827::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/62bHydCX.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/Q12zgMmT.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:827::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

eb66c7c9d097d5ba414230f422484c17fa6f37157d30e1ded2cc5f65a9667987

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
accept-language: fr-FR,fr;q=0.9

Response headers

accept-ranges: bytes
age: 362724
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=31536000
content-encoding: br
content-length: 13045
content-type: text/html
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy: cross-origin
date: Thu, 25 Jan 2024 11:54:17 GMT
expires: Fri, 24 Jan 2025 11:54:17 GMT
last-modified: Fri, 25 Aug 2023 23:48:00 GMT
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 62bHydCX.html Show response
tpc.googlesyndication.com/sodar/ Frame 9550 38 KB
13 KB 32ms
32ms Document
text/html 2a00:1450:4001:827::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/62bHydCX.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/Q12zgMmT.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:827::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

eb66c7c9d097d5ba414230f422484c17fa6f37157d30e1ded2cc5f65a9667987

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
accept-language: fr-FR,fr;q=0.9

Response headers

accept-ranges: bytes
age: 362724
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=31536000
content-encoding: br
content-length: 13045
content-type: text/html
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy: cross-origin
date: Thu, 25 Jan 2024 11:54:17 GMT
expires: Fri, 24 Jan 2025 11:54:17 GMT
last-modified: Fri, 25 Aug 2023 23:48:00 GMT
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 62bHydCX.html Show response
tpc.googlesyndication.com/sodar/ Frame CB28 38 KB
13 KB 32ms
31ms Document
text/html 2a00:1450:4001:827::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/62bHydCX.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/Q12zgMmT.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:827::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

eb66c7c9d097d5ba414230f422484c17fa6f37157d30e1ded2cc5f65a9667987

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
accept-language: fr-FR,fr;q=0.9

Response headers

accept-ranges: bytes
age: 362724
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=31536000
content-encoding: br
content-length: 13045
content-type: text/html
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy: cross-origin
date: Thu, 25 Jan 2024 11:54:17 GMT
expires: Fri, 24 Jan 2025 11:54:17 GMT
last-modified: Fri, 25 Aug 2023 23:48:00 GMT
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 index.html Show response
s0.2mdn.net/sadbundle/7135979241717318397/ Frame D272 34 KB
6 KB 103ms
36ms Document
text/html 2a00:1450:4001:82f::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/sadbundle/7135979241717318397/index.html?ev=01_250

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/879366/express_html_inpage_rendering_lib_200_278.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82f::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

17deedac533c71f5d9bd4afad0ff830415948ddd4f69ce42ccedada14639c605

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
accept-language: fr-FR,fr;q=0.9

Response headers

accept-ranges: bytes
access-control-allow-origin: *
age: 351589
allow-fenced-frame-automatic-beacons: true
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=31536000
content-encoding: gzip
content-length: 5755
content-type: text/html
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
cross-origin-resource-policy: cross-origin
date: Thu, 25 Jan 2024 14:59:52 GMT
expires: Fri, 24 Jan 2025 14:59:52 GMT
last-modified: Thu, 14 Dec 2023 11:09:41 GMT
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-dns-prefetch-control: off
x-xss-protection: 0

GET
H2 200 view
ad.doubleclick.net/pcs/ Frame 9EBE 0
0 170ms
77ms Fetch
image/gif 142.250.185.102
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://ad.doubleclick.net/pcs/view?xai=AKAOjssOfhiyYNoOjIrZkwyvVrr5Jbmk6AB1MNj8gkMmRDMibKoElC7oSUr-wj_ghbB04uNTN9d2-Mab-9lr50foF9XwZlJFuQoX1e64tS5jJwqdqtGkxybOmzCOBH2t67-Bk-rTIhutK1kTSRSawYg6HJc8JK9NIc9PjqveXgCNTXnxcLmTTNdJIk4SyIlh2AWey6glXxHCi880xNgJEcnOPjILcqtbacUXl4HZZzJpS1FX_RmHwrwiqZ0KMziBK3rlim-T_17G8MycWWqAn38qJy4ukl-vdp_zOlaBJvr7XW_WnjlvWrd3Obr9hptXAg-XZOamUP7L4QoAmqnl29BElD3F-S4tHXqovgij70A_wQcl5NG152wAoIInKJchHraSxSh8tg9bu04P7UO4-KW13KE-IbAzbBgEvEksv8SCgIcMK7YF59_W0_dDpt5ooY_LZb4J7OjC-443q4qfK-zrI9TZ_LxfogB--RRo8Aaz5loB3zEtMP7LC---nlvMg2WCykle6x0KlbKyG0Yb6UESRAXu8EOhpohZ9RSytCpV_yYT-wVOoBb4_RZZ9digtpvceuOceX5zv03emCHEsN970R39cdXhRatV_eTY2Xme6L5QQ9pMzM33P8v7dAEzAXeLEgDqUuSzXzlUe_U2Bgt7ecsXir8KpiKDMtISP24DD5M9ladcd8As5woiGm4fBd-hXqHXY2G0TsvmBeazrnFlMn5QqKNmweMH_T5ToBlrtDrfDC52Lhp1GdfJofzNAUQUMZdQmh5MiQjPMrFAhXcsym0vWR9uORfQZO3hZnUr8UX9itVMqMF5FuJdtAO2EHf3ORlY5NyRv1Ln9eU7H1K4vt5K16_QHm9AoohJ0vZdvbYxFzQupq5vBLbbkOYTVn_9gu-svBTfnlJvkp9S6wNqoi0Firc60dBtkNVvDeROcCnrPZXseGnqsyZFSHXIW0p7pdLvwSJHyZl-4TdEbsftI4jCZZTQpQjwjbRQcYC1cb5oKbX8a_AMBrNp-SlUarmm1lCyVGNZGbmNWp9l0Zq7AhY4hK34o3yXpYl3P2GtT71X5BJ8nmB_iSqJ1V9ygzSQvUta6zY2fHSIa9KbobZJbJVf8bys0UpFff1ZgGSPuT2krXZKEjsMfEX3-KFbaTixoKwiY7O9YMFHyO5LHjW1FI2UIBhMZFeJ6Ru79pCdX_WbfvL6si-JUNyqVXEssw9-i3nw2DO-e9g1tw7OVthsKUihraJ2T3p6jH9sdn0O5DEzSaH0bL1SrAuqOsDMe3NtkaNQZ2d9gnH-ZWmym4-47kLH-Og&sai=AMfl-YTg5diSt-DVm40GGGJS9Ou2X-UfLdSkGPEmOwf9TezaMCC8JV8Vo_6siQuFP703Q1wKVIzhJUI92zWcK1L7ZSKaYEA1o-X1BJ5qsRy9dtY_E2oTbLDYIYPSAJwAixzLXjgEyn62Kil6c1kCbCR9NWfRAjZ18eQ9p0jBM3vtnWlU-DftHZzNmkf9uT_WsRF7H4URnUOLjAp1c13v_YXkmBm6YIQ7DfxUloX9XJYjNPMlNKOo81p0lCB0VTxPjSoN4f-0eUpg5m3V6A_9wv7kaZE_MvbdGtNTfM_VnDJ0SODuXSOspP4E98PdeUda0rukak2uib7NDZGa6MRMDf_xANslJrmSJPeAN0IQg9zVPGm5RoLzlnna-6bFw5Mtiu87B_Qdb7vKmfdYiBwr9Ek4EPQupaVZn088eypbyGRPcZ7ZFyqP_KxDzYCm_qd_1eBh4r8u6cQMAaMTrnK46XaXbsmQ2heukOXCMFmUmrpyytXV5HZjWJ3IUgelOJpKvhkjc15h&sig=Cg0ArKJSzD8CiYqzj7h1EAE&uach_m=%5BUACH%5D&pr=missingexchangepricemacro&crd=aHR0cHM6Ly9iaXRkZWZlbmRlci5jb20saHR0cHM6Ly9iaXRkZWZlbmRlci5mcg&fbs_aeid=%5Bgw_fbsaeid%5D&urlfix=1&omid=0&rm=1&ctpt=190&cbvp=1&cstd=188&cisv=r20240122.69846&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&arae=0&ftch=1&adurl=

Requested by

Host: turfologie.fr.gd
URL: https://turfologie.fr.gd/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.185.102 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s49-in-f6.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

content-security-policy: script-src 'none'; object-src 'none'
date: Mon, 29 Jan 2024 16:39:41 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server: cafe
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin: *
content-type: image/gif
cache-control: private
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0

GET
H3 200 index.html Show response
s0.2mdn.net/sadbundle/7135979241717318397/ Frame E39F 34 KB
6 KB 101ms
41ms Document
text/html 2a00:1450:4001:82f::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/sadbundle/7135979241717318397/index.html?ev=01_250

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/879366/express_html_inpage_rendering_lib_200_278.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82f::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

17deedac533c71f5d9bd4afad0ff830415948ddd4f69ce42ccedada14639c605

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
accept-language: fr-FR,fr;q=0.9

Response headers

accept-ranges: bytes
access-control-allow-origin: *
age: 351589
allow-fenced-frame-automatic-beacons: true
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=31536000
content-encoding: gzip
content-length: 5755
content-type: text/html
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
cross-origin-resource-policy: cross-origin
date: Thu, 25 Jan 2024 14:59:52 GMT
expires: Fri, 24 Jan 2025 14:59:52 GMT
last-modified: Thu, 14 Dec 2023 11:09:41 GMT
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-dns-prefetch-control: off
x-xss-protection: 0

GET
H2 200 view
ad.doubleclick.net/pcs/ Frame 7E0D 0
0 163ms
77ms Fetch
image/gif 142.250.185.102
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://ad.doubleclick.net/pcs/view?xai=AKAOjsuHyOOQERgsEu4XZpo76nI0WjR88b9MNSBN_-18qmTvEEY4k7w7-vxsdgu9sblv8HwpoZNVN5dDd1EScAWPSApLJY2W1fK166YeQ_DEl9sVKesUTxJmsFXIYTUG2THNmUCNEXOOw9m190mKwGMiFCx7BKuEPGNbHHpMgy37fNd97c6KAPCKwPsqCcTXK7l5EnD3ikL7ccy3Go_2JliNEK-uQLoQ2nZ7jgv5PKmapmSguoj-cXRnXwh6LTcTz4uJUqLIWPxbTVo-xhT5BFutdeikTeTB_8BPQLojGSvh7u3TcwPmVbJ0Xas7bVEa-hstp91U85Hkay8kSBxD57bo3c68sWEqdQnsIy6aqIV0FuNcDexm_oeBjFJNFmWiblV6CqN3iWtVj1OXWh-9_Q5JV5wkW4phtCRJ1cSure-0gvBFtnEOfDw7E388QPSnBy7cDgPKQkepsoylUvZ3gjMjcwr8tQF9aINRBUrVCrY-dzu7SZ4vOuFFsdefaMIxHnO9MlURhccab9sIoBMNlAdTy11oJ3FpVjwMwLavSJR7bVDAsxI8pgQip6-o2xy44vfAQ0cT1H-IQOr8FYJl80Vbj7wyl1NQWPbcETKJSbGGDdZoG3_0Tc2-PmJyawfaQmKBDouKBRCrQmrCsISXgqAtqFVJ-quBOh21iQ15-NV-y2iC6BYQYms7NG94tKilf-IFhFx4arZOH5_2wmrmHNVlJKn-Gi7HFMF5HiwSqfmLBosO-PBmr8VqU3FyS3Sn_omCZkEOhiNcVPJfe4p0LNn5MOwQNcHjeY97wV4BgZaRpyJB_9A-uxkJwnYfLEBsF_MfsI3kVF7iU_Qmti316aZYDYJfq2yPAk0y9hlbLwf0YHW43a9P12tPKzBO63jN1z1K7nnfjvCwGSV_PF_76_DBDSL7EFRm5_rH-5zcTL-ljX55YCk0tkyJNiLXxlO-pOsVSY-b4VHWcJN9mXrTDcaMZc2WRl6m1k8_lDTW5BcJbdUSffTTPuPuaEC8dDiv1mFt1oU77KoKOyCEqp2U8jzbRhJsrr9RdlUPBZfZIEF27_nNfhu3vz5xawHtEYmLtGU2h0cliraUe0Un85TS375HUFsSkZLTOB4SWzYKT3IsVhBcyhJDW3C83MPAi5x3i9vPhX8xtmWYYrycbS30DzgmV7AkKvQzKNYiY3iYIIe4IaUMWwDbeMuCiM8YV0qdQ3E40hnJNfY6GNMHB6TuNy4iZ83mlm31d_qQa285HVRGGZ8X2uaDDXM7LgH6pA1Qy9o2bJ2oCxXgniUrl-3DkCco_NCky_c&sai=AMfl-YQpZnV6VSeyIF8LaPQo-fnOo3Y7P_7r95e7ODU12s6Ae9J8sFEHU_33Hkt8_sCrsZmU2JZUqEb1Lhy9Y18hIROmhpS-b6fkam_R2q0q8dFtsl1JMka3u5tBpyt0PyAwcl87jatl5F3ZhjJSnda0MWh4uTP6lNdfRwcOopb40bPRYRLgJ0yfBQZWz12JlCStfdu3Bqf-PbWb1z0pogxEFRIW5gRkL5cig0HcdcMeQPbelCeOLs3QFXRwwq_B8AwRg7bfpcvno89XcccFGBiBS9aDBSFJGuwUP5e3vw1OR5_3rf5hyuiIMmcD59VicV9ZwHrm7ynBSBOWhewUGZw4UNwtaYztydnutb8icwBMRItND8b7d1wRElnHA1RgJ1SP3x6OfhES5JqJa9yMUn3mgm1ZDWjGa9Bxqy_YTpXg_OxzRmADOeeuI45PZ4bRnplx6b2gsdFIM4jvMpoelh90Df_phKIDr0uOt11ndsZS0VcNq1NvJPmC-YBDnRpb8k-S2PMO&sig=Cg0ArKJSzCIVEUFdksXQEAE&uach_m=%5BUACH%5D&pr=missingexchangepricemacro&crd=aHR0cHM6Ly9iaXRkZWZlbmRlci5jb20saHR0cHM6Ly9iaXRkZWZlbmRlci5mcg&fbs_aeid=%5Bgw_fbsaeid%5D&urlfix=1&omid=0&rm=1&ctpt=171&cbvp=1&cstd=170&cisv=r20240122.95635&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&arae=0&ftch=1&adurl=

Requested by

Host: turfologie.fr.gd
URL: https://turfologie.fr.gd/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.185.102 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s49-in-f6.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

content-security-policy: script-src 'none'; object-src 'none'
date: Mon, 29 Jan 2024 16:39:41 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server: cafe
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin: *
content-type: image/gif
cache-control: private
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0

GET
H3 200 index.html Show response
s0.2mdn.net/sadbundle/15205685216655332109/ Frame 45D8 31 KB
6 KB 89ms
32ms Document
text/html 2a00:1450:4001:82f::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/sadbundle/15205685216655332109/index.html?ev=01_250

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/879366/express_html_inpage_rendering_lib_200_278.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82f::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

6bbd36ef2ed3cfff7447866d022aa96df2b0c3d0c7cd00470e6e9605d5435038

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
accept-language: fr-FR,fr;q=0.9

Response headers

accept-ranges: bytes
access-control-allow-origin: *
age: 352426
allow-fenced-frame-automatic-beacons: true
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=31536000
content-encoding: gzip
content-length: 5704
content-type: text/html
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
cross-origin-resource-policy: cross-origin
date: Thu, 25 Jan 2024 14:45:55 GMT
expires: Fri, 24 Jan 2025 14:45:55 GMT
last-modified: Thu, 14 Dec 2023 11:10:04 GMT
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-dns-prefetch-control: off
x-xss-protection: 0

GET
H2 200 view
ad.doubleclick.net/pcs/ Frame 6D73 0
0 158ms
75ms Fetch
image/gif 142.250.185.102
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://ad.doubleclick.net/pcs/view?xai=AKAOjssOQ0EdsIdDUYIT2MJtfU9_DySiJEJ-My40gya99QrU27YWIc3hLz2ZgUfzF2q4r9GAhEXBsWQEHXB9P6b-oikM8IdgELo0RifTYfWzS9jNxoTVpTWXt9gzrOt0GqP_QZ2ExoCKBEsyQYBl7fPGlIFIPFjgovYdHQFIuB2qWmTh-P7qG6S8QHFFV2cH-jkVOjtypJQYa8ZB3UzNHY12kWDg_DoG9pttwubeMZUogOstt-h8ZoMc5Sb1iaiQqNcKPsdh_QBzNTk8Z2BM68X9ka5UTnifjHWh5bVFSt3g16wnv1lWkPNjSMogYJB-yUoQB6CrCoCPSWVdX492pAD0YGzElkAGV5F4ztYpwaqmFG5Dco9kMYiuSMTmpmDbkaCYEFk0yg5J7iIn8YQScBeMRGXyEzqOpWYHDEdzKVaLBK4bveXBJzf2-uFK-be1eKwe2ke_pjJ9_EafmZ3ONzU09DLd2MauDwJPEeDoi2N-YGpJJviI71XCkjQ-0sovEmu17EW0bmeITqvNXMqMG-eiulMB9Vy0oIZCjR7Qbdqufh09i6sz6YA_RW6r0dQtNqMWlUYVgUph1tdQgFzyuKyOwdZShy1RzLEitEeivjZKIRojt7drQHYYwWe-Mkd3TpNQ4t2OmeFBsIDREYNC6VxQUhrWea9zS9I3WmCrrz8LJ1lHG7HfrWMRuiJ7zNZSjFymxLQrvzEGgn7nrB1c4fBTkSjQ0JMOvmERdum_Fti0E2s0KATtN76E71EHCgHXIZFc72Q5gEqqm45G22ioQffLqOmkXm5fYuS6X0d_eVQ_Cl3di0X1aY2hw4R7Us0K1jGd_FEO847BMStQjvVaWaexJ7-8jWTYgUhiuBfAahEsIhGwl6kBS6vfCdLKtl9v8b-lcrRv4n6tOJXd1aNyIjBoOj9WQbmwVA9_ZT31ZdQkqNbYpzurQ-z2Zz5BygCW6IR00reU8FsRbztTplXaZwSQsSi3otElNVGFBapysJoXM04IXJT2RH_OKTSqkynASU2yxl9Ta9nUBapbgwwSHDvxIe5tXe1zE9Wx8He5eazucFq06vR-OQJ-ChXxUC7iBgZkjNBadViEnCNs6ywK8Z-wDFa5ywO0LxmwhrczaUZDrDOx2LrKQjKfrTNiX9wsHnjPfokymQ8W3x6rIuOqWLTWtqZXkTN9cclCpX4r7koY-IWlmbY5quYMhGEE8Z_wj01uZzxbJUKaDaNcyGmyM-2MWbUlkyKSD3uthpwohkoxDyzvenNvZlLADXsEpWfRbAhvYFHxzztv0aaUqz_jNH9OB8CvzQIu&sai=AMfl-YRMrrhg8rOLO_3qnAbt5FSrZH7QvQXPkF95v2Lcz7CBHfYmld2EkE6kLpG9Cyzd8pDGcW-_qke0DvKcDmf632uJkwvf5tMBoJUKhS0zvjPIqW6AzpSHToz_31jhDjOPUrbI4a8uM4ecUwdAtyYFMS-dHMaLeNjD5mKP95p4rS3gj52j4zKB9tfeAx7hZJpmpRzDp6aQqqUCmF21XIBZe4hpQMi0lcoL16bSKv0qdrigDgYYhQnX6Uv4ZlWHmIpOx3ALDv6slIzNSgaKZ37s8OE2R6r7hOtv52wQp9QdUsdE73Hei74S52CylJZQW-5JpnPoBK3sRL2lDGHzmFuaeBChfmdpj1y35v-Ebxp2Z7N2F_zVkomQlKVBkfVrnnqxSg4iDV-5eL09pw1ZPz6LQIi0QIW9R1FxyhjZg9T7tZyUL56q1XhFIPD6Di3Dhs4XWWFbm24qH45JXRVDCfdrI41ee7EPmdKptHMNv0Us6lhbl6knIchdfJFTElxsKr6NUS1y&sig=Cg0ArKJSzBw7Jwgf_NQ3EAE&uach_m=%5BUACH%5D&pr=missingexchangepricemacro&crd=aHR0cHM6Ly9iaXRkZWZlbmRlci5jb20saHR0cHM6Ly9iaXRkZWZlbmRlci5mcg&fbs_aeid=%5Bgw_fbsaeid%5D&urlfix=1&omid=0&rm=1&ctpt=158&cbvp=1&cstd=157&cisv=r20240122.88761&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&arae=0&ftch=1&adurl=

Requested by

Host: turfologie.fr.gd
URL: https://turfologie.fr.gd/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.185.102 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s49-in-f6.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

content-security-policy: script-src 'none'; object-src 'none'
date: Mon, 29 Jan 2024 16:39:41 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server: cafe
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin: *
content-type: image/gif
cache-control: private
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0

GET
H3 200 IHSjRKKj3q_1Pt3c2sGWHmUCy_Bw5n5yhKh9CWyZSw4.js Show response
pagead2.googlesyndication.com/bg/ Frame ACBE 39 KB
15 KB 32ms
32ms Script
text/javascript 2a00:1450:4001:827::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/IHSjRKKj3q_1Pt3c2sGWHmUCy_Bw5n5yhKh9CWyZSw4.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/62bHydCX.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

2074a344a2a3deaff53edddcdac1961e6502cbf070e67e7284a87d096c994b0e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Mon, 29 Jan 2024 09:45:49 GMT
content-encoding: br
x-content-type-options: nosniff
age: 24832
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 15219
x-xss-protection: 0
last-modified: Mon, 15 Jan 2024 09:58:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Tue, 28 Jan 2025 09:45:49 GMT

GET
H3 200 IHSjRKKj3q_1Pt3c2sGWHmUCy_Bw5n5yhKh9CWyZSw4.js Show response
pagead2.googlesyndication.com/bg/ Frame 9550 39 KB
15 KB 32ms
31ms Script
text/javascript 2a00:1450:4001:827::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/IHSjRKKj3q_1Pt3c2sGWHmUCy_Bw5n5yhKh9CWyZSw4.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/62bHydCX.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

2074a344a2a3deaff53edddcdac1961e6502cbf070e67e7284a87d096c994b0e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Mon, 29 Jan 2024 09:45:49 GMT
content-encoding: br
x-content-type-options: nosniff
age: 24832
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 15219
x-xss-protection: 0
last-modified: Mon, 15 Jan 2024 09:58:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Tue, 28 Jan 2025 09:45:49 GMT

GET
H2 200 fp.min.js Show response
api.yieldads.net/js/ Frame B9AC 34 KB
12 KB 34ms
33ms Script
application/javascript 52.28.39.71
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://api.yieldads.net/js/fp.min.js
Requested by: Host: api.yieldads.net
URL: https://api.yieldads.net/redirect?publisherId=45bc403dq64rzpuj&market=de&placementId=14426602d095f6046b3a008e7d69186a78de6ab3895e575d5502ceca210bae00&placementId2=60c9106a-dd7b-4f3b-9789-441523dd3c5e
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.28.39.71 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-28-39-71.eu-central-1.compute.amazonaws.com
Software: nginx /
Resource Hash: 7154071be46519e980b3d21b9fa291847e6e837065181c38322f7e2484b6cc07

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://api.yieldads.net/redirect?publisherId=45bc403dq64rzpuj&market=de&placementId=14426602d095f6046b3a008e7d69186a78de6ab3895e575d5502ceca210bae00&placementId2=60c9106a-dd7b-4f3b-9789-441523dd3c5e
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Mon, 29 Jan 2024 16:39:41 GMT
content-encoding: gzip
last-modified: Mon, 29 Jan 2024 08:21:39 GMT
server: nginx
etag: W/"65b76013-864c"
content-type: application/javascript

GET
H2 200 dr Show response
as.ad4m.at/ad/ Frame 4CC2 2 KB
3 KB 121ms
51ms Document
text/html 2606:4700:20::681a:bd1
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://as.ad4m.at/ad/dr?ed=1jdcytn525d253gq9mkv2acvgq5y9yb36n5733xqmans96n7z2f1vk2y52m86m6qcn0tsyattmrpxtm04h5yddfkr3wcecwh08s4qnsp2b8aanhtbxpp5jfmr4a5m83rq4vrx4mg19ytvy5hqck339gztg6cspad714jqf44zzrmm3c98pdd373ewcs56217aam5vqxkaymr9xmygvtxmbd434km2e4jnm2kb44ednyt894etwvvvjfh716cbmgmrkznr9e1s77vtyk2rrsnge3dxb7dbjygkc3d3nka64mv1nveb4y8raykrntkc64wp0b9dxbxx1m2pknqp6kykqd1045ve5bd2tdg00hv606b6c9erve3p5fkcxnhxmmqqvzjp43c852ah4h8s7sz503n7z7c83nmjm3whbv4yqy0m4nvae7x3b0&x=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCLhjmzNS3ZefUNIOl_tMP2siSqAXi0rL2YcexjoqOCMCNtwEQASAAYPvhhYOcCoIBF2NhLXB1Yi01MzA5NDcyMDE2ODIwNjcyyAEJqQIslPxxvCiyPqgDAcgDAqoEyQFP0MVZSvSR_AEPS-iWJwPF8tT_seVxwHl-TvxtTtriJwJjeqUCi34rhT0dauxHiyssWr7Hd5NiPEaWS8nfJdHD95ri01EPEAeqCDGclYpjfmIxCWseedKj_lBfHvsaPCdoq44uyRXKPpEQXb5q6VM3wb7j9x_ZqDOJJxYwvNLzV1tvgB2R0xPRI1VUvx_aYmMIZwpXiGAsg7JfWw4c22fhsZ0BmLREqQywLjHElrhoJEPnnZhrYmajyHf8gtHt_M5WGfZUwhb320OABvjMiNHHpbHPI6AGIagHpr4bqAeW2BuoB6qbsQKoB4OtsQKoB_-esQKoB9-fsQLYBwDSCB0IgOGAEBABMgKqAjoCgEBIvf3BOljAnsfWhIOEA_oLAggBgAwB0BUBgBcB%26num%3D1%26sig%3DAOD64_31UGafS58E6dfBAsNis8fDdj5e_A%26client%3Dca-pub-5309472016820672%26adurl%3D

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5309472016820672&output=html&h=90&adk=2743202993&adf=1839787983&pi=t.aa~a.1182920990~rp.3&w=1200&fwrn=4&fwrnh=100&lmt=1706546380&rafmt=1&to=qs&pwprc=3996251837&format=1200x90&url=https%3A%2F%2Fturfologie.fr.gd%2F&host=ca-host-pub-1483906849246906&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1706546380758&bpp=1&bdt=1144&idt=0&shv=r20240122&mjsv=m202401230101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C1200x280&nras=3&correlator=5185171188298&frm=20&pv=1&ga_vid=2112861678.1706546380&ga_sid=1706546380&ga_hid=1426785995&ga_fc=0&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=200&ady=1821&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C31079265%2C31080533%2C31080619%2C95322184%2C95320869%2C95321626%2C95322164%2C95323006&oid=2&pvsid=3681854001375556&tmod=713479794&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&bz=1&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=3&uci=a!3&btvi=2&fsb=1&dtd=5

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:20::681a:bd1 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

5e4630cc29be04eeee80f60c225b8e0a671c9782ce6c2d96f5bc387124a7a38c

Security Headers

Name	Value
Content-Security-Policy	block-all-mixed-content; report-to report-endpoint;report-uri /ad/rcv; upgrade-insecure-requests;sandbox allow-scripts allow-same-origin allow-popups allow-popups-to-escape-sandbox;base-uri https:;child-src ;connect-src https:;default-src 'self';font-src ;form-action 'none';frame-src ;img-src https: data:;manifest-src 'none';media-src 'none';object-src 'none';worker-src 'none';script-src https: 'unsafe-inline' 'unsafe-eval';style-src 'unsafe-inline'
Strict-Transport-Security	max-age=86400; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://googleads.g.doubleclick.net/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
accept-language: fr-FR,fr;q=0.9

Response headers

alt-svc: h3=":443"; ma=86400
cache-control: no-store, no-cache, must-revalidate, proxy-revalidate
cf-cache-status: DYNAMIC
cf-ray: 84d2e9a34cfb6f94-CDG
content-encoding: br
content-security-policy: block-all-mixed-content; report-to report-endpoint;report-uri /ad/rcv; upgrade-insecure-requests;sandbox allow-scripts allow-same-origin allow-popups allow-popups-to-escape-sandbox;base-uri https:;child-src *;connect-src https:;default-src 'self';font-src *;form-action 'none';frame-src *;img-src https: data:;manifest-src 'none';media-src 'none';object-src 'none';worker-src 'none';script-src https: 'unsafe-inline' 'unsafe-eval';style-src * 'unsafe-inline'
content-type: text/html; charset=utf-8
cross-origin-embedder-policy: unsafe-none
cross-origin-opener-policy: unsafe-none
cross-origin-resource-policy: cross-origin
date: Mon, 29 Jan 2024 16:39:41 GMT
expires: 0
nel: {"failure_fraction":"1.0","max_age":86400,"report_to":"report-endpoint","success_fraction":"0.0","include_subdomains":true}
permissions-policy: accelerometer=(),autoplay=(self),camera=(),display-capture=(),encrypted-media=(self),fullscreen=(),gamepad=(),geolocation=(),gyroscope=(),hid=(),identity-credentials-get=(),idle-detection=*,local-fonts=*,magnetometer=(),microphone=(),midi=(),otp-credentials=(),payment=(),picture-in-picture=(),screen-wake-lock=(),serial=(),sync-xhr=(),usb=(),web-share=*,xr-spatial-tracking=()
pragma: no-cache
referrer-policy: same-origin
report-to: {"endpoints":[{"url":"/ad/vre"}],"group":"report-endpoint","max_age":86400}
server: cloudflare
strict-transport-security: max-age=86400; includeSubDomains; preload
surrogate-control: no-store
vary: accept-encoding
via: 1.1 google
x-content-type-options: nosniff
x-download-options: noopen
x-xss-protection: 1; mode=block

GET
H3 200 window_focus_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20240122/r20110914/client/ Frame D89C 3 KB
1 KB 33ms
31ms Script
text/javascript 2a00:1450:4001:827::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20240122/r20110914/client/window_focus_fy2021.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Sun, 28 Jan 2024 21:06:05 GMT
content-encoding: br
x-content-type-options: nosniff
age: 70416
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1236
x-xss-protection: 0
server: cafe
etag: 15004572836499977866
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sun, 11 Feb 2024 21:06:05 GMT

GET
H3 200 cookie_push_onload.html Show response
pagead2.googlesyndication.com/pagead/s/ Frame AAA7 1 KB
643 B 34ms
33ms Document
text/html 2a00:1450:4001:827::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

9a9b7fb32e01fd70747f32efdbd0472fd681c85eebb0c42d10c7a514820a0062

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
accept-language: fr-FR,fr;q=0.9

Response headers

age: 26771
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=86400
content-encoding: br
content-length: 618
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Mon, 29 Jan 2024 09:13:30 GMT
etag: 48472445140208031
expires: Tue, 30 Jan 2024 09:13:30 GMT
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
server: cafe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 qs_click_protection_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20240122/r20110914/client/ Frame D89C 20 KB
8 KB 34ms
32ms Script
text/javascript 2a00:1450:4001:827::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20240122/r20110914/client/qs_click_protection_fy2021.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

d58acf16b5e4521c9eb24fe9fd97308e5f8be1297e4b63a547e5b610611799ae

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Sun, 28 Jan 2024 23:41:57 GMT
content-encoding: br
x-content-type-options: nosniff
age: 61064
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 8492
x-xss-protection: 0
server: cafe
etag: 9878124937798820110
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sun, 11 Feb 2024 23:41:57 GMT

GET
H2 204 l
www.google.com/ads/measurement/ Frame D89C 0
0 124ms
49ms Image
text/html 2a00:1450:4001:82b::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.google.com/ads/measurement/l?ebcid=ALh7CaRBJcOAf5fN0O_TYjce8fBEWHbAKVKZsxyN1fHsboJPXhC4zT5ietS3IHIYhSekowiKWO64zSmUELxMaKnty8MoQacHQQ
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5309472016820672&output=html&h=90&adk=2743202993&adf=1839787983&pi=t.aa~a.1182920990~rp.3&w=1200&fwrn=4&fwrnh=100&lmt=1706546380&rafmt=1&to=qs&pwprc=3996251837&format=1200x90&url=https%3A%2F%2Fturfologie.fr.gd%2F&host=ca-host-pub-1483906849246906&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1706546380758&bpp=1&bdt=1144&idt=0&shv=r20240122&mjsv=m202401230101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C1200x280&nras=3&correlator=5185171188298&frm=20&pv=1&ga_vid=2112861678.1706546380&ga_sid=1706546380&ga_hid=1426785995&ga_fc=0&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=200&ady=1821&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C31079265%2C31080533%2C31080619%2C95322184%2C95320869%2C95321626%2C95322164%2C95323006&oid=2&pvsid=3681854001375556&tmod=713479794&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&bz=1&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=3&uci=a!3&btvi=2&fsb=1&dtd=5
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a00:1450:4001:82b::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

GET
H2 200 ufs_web_display.js Show response
www.googletagservices.com/activeview/js/current/ Frame D89C 205 KB
65 KB 48ms
46ms Script
text/javascript 2a00:1450:4001:828::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/ufs_web_display.js?cache=r20110914

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

1fcab795411fac2ef4fe726fc3ee3ad3192ff76a846fa3b28616b3b6e61fae83

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Mon, 29 Jan 2024 16:39:41 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 66337
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1706100845105677"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
timing-allow-origin: *
expires: Mon, 29 Jan 2024 16:39:41 GMT

GET
H3 200 IHSjRKKj3q_1Pt3c2sGWHmUCy_Bw5n5yhKh9CWyZSw4.js Show response
pagead2.googlesyndication.com/bg/ Frame CB28 39 KB
15 KB 33ms
31ms Script
text/javascript 2a00:1450:4001:827::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/IHSjRKKj3q_1Pt3c2sGWHmUCy_Bw5n5yhKh9CWyZSw4.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/62bHydCX.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

2074a344a2a3deaff53edddcdac1961e6502cbf070e67e7284a87d096c994b0e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Mon, 29 Jan 2024 09:45:49 GMT
content-encoding: br
x-content-type-options: nosniff
age: 24832
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 15219
x-xss-protection: 0
last-modified: Mon, 15 Jan 2024 09:58:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Tue, 28 Jan 2025 09:45:49 GMT

GET
H3 200 8f0cec8041c165cafb6d32d04ed8f04b.js Show response
s0.2mdn.net/sadbundle/15205685216655332109/ Frame 45D8 135 KB
39 KB 32ms
32ms Script
application/x-javascript 2a00:1450:4001:82f::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/sadbundle/15205685216655332109/8f0cec8041c165cafb6d32d04ed8f04b.js

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/15205685216655332109/index.html?ev=01_250

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82f::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

8eb600d1bfa136d87da7690cd2032c1906a76dcc1df0dc43fd0eb219d5356e68

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://s0.2mdn.net/sadbundle/15205685216655332109/index.html?ev=01_250
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

expires: Sat, 25 Jan 2025 15:51:28 GMT
date: Fri, 26 Jan 2024 15:51:28 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 262093
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 39491
x-xss-protection: 0
last-modified: Thu, 14 Dec 2023 11:10:04 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: application/x-javascript
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
allow-fenced-frame-automatic-beacons: true

GET
H3 200 8f0cec8041c165cafb6d32d04ed8f04b.js Show response
s0.2mdn.net/sadbundle/7135979241717318397/ Frame D272 135 KB
39 KB 48ms
48ms Script
application/x-javascript 2a00:1450:4001:82f::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/sadbundle/7135979241717318397/8f0cec8041c165cafb6d32d04ed8f04b.js

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/7135979241717318397/index.html?ev=01_250

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82f::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

8eb600d1bfa136d87da7690cd2032c1906a76dcc1df0dc43fd0eb219d5356e68

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://s0.2mdn.net/sadbundle/7135979241717318397/index.html?ev=01_250
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

expires: Wed, 22 Jan 2025 18:22:20 GMT
date: Tue, 23 Jan 2024 18:22:20 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 512241
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 39491
x-xss-protection: 0
last-modified: Thu, 14 Dec 2023 11:09:41 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: application/x-javascript
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
allow-fenced-frame-automatic-beacons: true

GET
H3 200 8f0cec8041c165cafb6d32d04ed8f04b.js Show response
s0.2mdn.net/sadbundle/7135979241717318397/ Frame E39F 135 KB
39 KB 57ms
57ms Script
application/x-javascript 2a00:1450:4001:82f::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/sadbundle/7135979241717318397/8f0cec8041c165cafb6d32d04ed8f04b.js

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/7135979241717318397/index.html?ev=01_250

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82f::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

8eb600d1bfa136d87da7690cd2032c1906a76dcc1df0dc43fd0eb219d5356e68

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://s0.2mdn.net/sadbundle/7135979241717318397/index.html?ev=01_250
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

expires: Wed, 22 Jan 2025 18:22:20 GMT
date: Tue, 23 Jan 2024 18:22:20 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 512241
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 39491
x-xss-protection: 0
last-modified: Thu, 14 Dec 2023 11:09:41 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: application/x-javascript
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
allow-fenced-frame-automatic-beacons: true

GET
DATA 200
OK truncated
/ Frame D89C 215 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 1aa27637aee56c842da446ec4872f4bfc976df5bb29f33351629d2daa3c4531e

Request headers

accept-language: fr-FR,fr;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

Content-Type: image/png

GET
H2 200 dpixel
cms.quantserve.com/ Frame AAA7 35 B
464 B 122ms
34ms Image
image/gif 2620:116:800d:21:e365:4988:e8a7:3270
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cms.quantserve.com/dpixel?a=p-n5vvLvRdjg0ek&eid=0&qc_google_push=&google_gid=CAESED_edYuAqRIxl_QtJL-ygIQ&google_cver=1&google_push=AXcoOmQg7kRca6-tEy1E30pAqbf7KI9WjSnnjaJ9UTCX1AsVySr0fnXZgNVR79mytx8YYN0fHacBBxC5TFyLUbcioZsYKYcqxSxz7cTfxaJuHoTKNkHvVDYdC5dBB3uiEu6Jkub_I4QVtJTtHgvRrY6ozoH9o68

Requested by

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

2620:116:800d:21:e365:4988:e8a7:3270 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Resource Hash

a0d3a0aff7dc3bf32d2176fc3dcda6e7aba2867c4f4d1f7af6355d2cfc6c44f8

Security Headers

Name	Value
Strict-Transport-Security	max-age=86400

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 29 Jan 2024 16:39:41 GMT
strict-transport-security: max-age=86400
p3p: CP="NOI DSP COR NID CURa ADMa DEVa PSAo PSDo OUR SAMa IND COM NAV"
content-type: image/gif
cache-control: private, no-cache, no-store, proxy-revalidate
content-length: 35
expires: Fri, 04 Aug 1978 12:00:00 GMT

GET
H2 204 current
dclk-match.dotomi.com/match/bounce/ Frame AAA7 0
104 B 188ms
95ms Image
text/plain 2a02:fa8:8806:20::2010
VCLK-EU-SE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dclk-match.dotomi.com/match/bounce/current?networkId=14000&version=1&google_gid=CAESEKoivgU_eH_spK0zTPaRtAs&google_cver=1&google_push=AXcoOmQlJDVatpXBnsdpXtO-IiXxNwD8h6GvShT8ESNgeZVjzqzqqPenmNUo-ye8wG1Di7M2-hr5GL2Qf2PSq9lDg4hnSD76ZXvGBG0vmhm9uakBaaF9MBk8zdF4Nl0xyDrcMGZmgFDZ8EH8Tu4UjJGpsrA2U1g
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5309472016820672&output=html&h=90&adk=2743202993&adf=1839787983&pi=t.aa~a.1182920990~rp.3&w=1200&fwrn=4&fwrnh=100&lmt=1706546380&rafmt=1&to=qs&pwprc=3996251837&format=1200x90&url=https%3A%2F%2Fturfologie.fr.gd%2F&host=ca-host-pub-1483906849246906&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1706546380758&bpp=1&bdt=1144&idt=0&shv=r20240122&mjsv=m202401230101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C1200x280&nras=3&correlator=5185171188298&frm=20&pv=1&ga_vid=2112861678.1706546380&ga_sid=1706546380&ga_hid=1426785995&ga_fc=0&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=200&ady=1821&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C31079265%2C31080533%2C31080619%2C95322184%2C95320869%2C95321626%2C95322164%2C95323006&oid=2&pvsid=3681854001375556&tmod=713479794&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&bz=1&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=3&uci=a!3&btvi=2&fsb=1&dtd=5
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2a02:fa8:8806:20::2010 , Singapore, ASN41041 (VCLK-EU-SE, US),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 29 Jan 2024 16:39:41 GMT
cache-control: no-cache, private, max-age=0, no-store
server: nginx
expires: 0

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame AAA7
Redirect Chain

https://pm.w55c.net/ping_match.gif?ei=GOOGLE&rurl=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3D9675309%26google_hm%3D_wfivefivec64esc_&google_gid=CAESEJ4pDeXgFeUMxDvWKBZIZWA&google_cve...
https://pm.w55c.net/ping_match.gif?scc=1&ei=GOOGLE&rurl=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3D9675309%26google_hm%3D_wfivefivec64esc_&google_gid=CAESEJ4pDeXgFeUMxDvWKBZIZWA&goog...
https://cm.g.doubleclick.net/pixel?google_nid=9675309&google_hm=RlplS2dPRmMxUnV1RkQ1&google_gid=CAESEJ4pDeXgFeUMxDvWKBZIZWA&google_cver=1&google_push=AXcoOmQx8NJVgab4AjHdE3VnfSrTgMPFeCywG0vvPtHaMjk...

170 B
188 B

42ms
42ms

Image
image/png

216.58.212.130
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=9675309&google_hm=RlplS2dPRmMxUnV1RkQ1&google_gid=CAESEJ4pDeXgFeUMxDvWKBZIZWA&google_cver=1&google_push=AXcoOmQx8NJVgab4AjHdE3VnfSrTgMPFeCywG0vvPtHaMjkNf7J3j8EZvvW9a5D9BWYTpGbF4ysrVQCSSE6DEkQS_2f_nY4H4R5F5ljcsajn78f2XvnOo4u65tqzdriOYhwiOCiDfSr50D9U-up0sVFUyjWG6VE

Requested by

Protocol

Server

216.58.212.130 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

ams15s21-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 29 Jan 2024 16:39:41 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Pragma: no-cache
Date: Mon, 29 Jan 2024 16:39:41 GMT
Strict-Transport-Security: max-age=2592000; includeSubDomains
Server: PingMatch/v2.0.30-801-g0076fb7#rel-ec2-master i-01d275e55739701ae@eu-central-1b@dxedge-app-eu-central-1-prod-asg
Location: https://cm.g.doubleclick.net/pixel?google_nid=9675309&google_hm=RlplS2dPRmMxUnV1RkQ1&google_gid=CAESEJ4pDeXgFeUMxDvWKBZIZWA&google_cver=1&google_push=AXcoOmQx8NJVgab4AjHdE3VnfSrTgMPFeCywG0vvPtHaMjkNf7J3j8EZvvW9a5D9BWYTpGbF4ysrVQCSSE6DEkQS_2f_nY4H4R5F5ljcsajn78f2XvnOo4u65tqzdriOYhwiOCiDfSr50D9U-up0sVFUyjWG6VE
Cache-Control: no-cache, must-revalidate
Connection: keep-alive
Content-Length: 0
Expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame AAA7
Redirect Chain

https://um.simpli.fi/gp_match?google_gid=CAESEFmO0y2gDPT7amutkpzmvxc&google_cver=1&google_push=AXcoOmR1_Y1hHEi1d_ujIVGFVhIMXbNwO-yltMt6xxTxMCe_8ElTzN6WR_0k1UopUwTTvpEQvmpZTg9NQIVo7txbEsj9KaKyyiSmMD...
https://cm.g.doubleclick.net/pixel?google_nid=simplifi&google_hm=D5096B85F26746338EE1CC398306A2CB&google_push=AXcoOmR1_Y1hHEi1d_ujIVGFVhIMXbNwO-yltMt6xxTxMCe_8ElTzN6WR_0k1UopUwTTvpEQvmpZTg9NQIVo7tx...

170 B
188 B

43ms
43ms

Image
image/png

216.58.212.130
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=simplifi&google_hm=D5096B85F26746338EE1CC398306A2CB&google_push=AXcoOmR1_Y1hHEi1d_ujIVGFVhIMXbNwO-yltMt6xxTxMCe_8ElTzN6WR_0k1UopUwTTvpEQvmpZTg9NQIVo7txbEsj9KaKyyiSmMDvX-lAiRKS39ITa38fRHAxnwooOG8Fl6vpuYx2E8JjCyOnUePw5561QqHI

Requested by

Protocol

Server

216.58.212.130 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

ams15s21-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 29 Jan 2024 16:39:41 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

date: Mon, 29 Jan 2024 16:39:41 GMT
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-content-type-options: nosniff
server: openresty
access-control-allow-methods: GET, POST, OPTIONS
content-type: text/html
location: https://cm.g.doubleclick.net/pixel?google_nid=simplifi&google_hm=D5096B85F26746338EE1CC398306A2CB&google_push=AXcoOmR1_Y1hHEi1d_ujIVGFVhIMXbNwO-yltMt6xxTxMCe_8ElTzN6WR_0k1UopUwTTvpEQvmpZTg9NQIVo7txbEsj9KaKyyiSmMDvX-lAiRKS39ITa38fRHAxnwooOG8Fl6vpuYx2E8JjCyOnUePw5561QqHI
access-control-allow-origin: *
cache-control: no-cache
access-control-allow-headers: DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
content-length: 142
expires: Sun, 28 Jan 2024 16:39:41 GMT

GET
H2 204 pixelSync
pixel-sync.sitescout.com/dmp/ Frame AAA7 0
187 B 107ms
26ms Image
text/plain 98.98.134.243
ZEN-ECN

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pixel-sync.sitescout.com/dmp/pixelSync?nid=8&google_gid=CAESEGNMSn94-1B5lA3JJdfawHc&google_cver=1&google_push=AXcoOmQzYMHfvuiWXRKjg0zE8ejR5ig91sBDoylESbeKYcvcWgZVgvFuRn63TOEKLxQ6bavk0MzuqS2m13NWCe0pnJmls7TTVpy0lZSD3sTbKqD_RG4dvTXGon_Ml4OBOvrauCoJYf6pUAPNsfabXBj9aEMyPg
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5309472016820672&output=html&h=90&adk=2743202993&adf=1839787983&pi=t.aa~a.1182920990~rp.3&w=1200&fwrn=4&fwrnh=100&lmt=1706546380&rafmt=1&to=qs&pwprc=3996251837&format=1200x90&url=https%3A%2F%2Fturfologie.fr.gd%2F&host=ca-host-pub-1483906849246906&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1706546380758&bpp=1&bdt=1144&idt=0&shv=r20240122&mjsv=m202401230101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C1200x280&nras=3&correlator=5185171188298&frm=20&pv=1&ga_vid=2112861678.1706546380&ga_sid=1706546380&ga_hid=1426785995&ga_fc=0&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=200&ady=1821&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C31079265%2C31080533%2C31080619%2C95322184%2C95320869%2C95321626%2C95322164%2C95323006&oid=2&pvsid=3681854001375556&tmod=713479794&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&bz=1&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=3&uci=a!3&btvi=2&fsb=1&dtd=5
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 98.98.134.243 , United States, ASN21859 (ZEN-ECN, US),
Reverse DNS
Software: A /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

p3p: CP="NON DEVa PSAa PSDa OUR NOR NAV",policyref="/w3c/p3p.xml"
pragma: no-cache
date: Mon, 29 Jan 2024 16:39:40 GMT
cache-control: max-age=0,no-cache,no-store
server: A
expires: Tue, 11 Oct 1977 12:34:56 GMT

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame AAA7
Redirect Chain

https://e.dlx.addthis.com/e/a-1189/s-3614?redirect_provider_id=3614&ru=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Ddatalogix_dmp%26google_hm%3D%3CNA_ID%3E%26google_push%3DAXcoOmSkXPF-...
https://e.dlx.addthis.com/e/a-1189/s-3614?redirect_provider_id=3614&ru=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Ddatalogix_dmp%26google_hm%3D%3CNA_ID%3E%26google_push%3DAXcoOmSkXPF-...
https://cm.g.doubleclick.net/pixel?google_nid=datalogix_dmp&google_hm=MjAyNDAxMjkxNjM5NDEwMDAxNTI5OTkwNzYxNw%3D%3D&google_push=AXcoOmSkXPF-c7x2nJ1PDjTlt-k6M9DXUh_BgNydOSK12M0W19W0MWv4XIDslTJ3_RoQIj...

170 B
188 B

43ms
43ms

Image
image/png

216.58.212.130
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=datalogix_dmp&google_hm=MjAyNDAxMjkxNjM5NDEwMDAxNTI5OTkwNzYxNw%3D%3D&google_push=AXcoOmSkXPF-c7x2nJ1PDjTlt-k6M9DXUh_BgNydOSK12M0W19W0MWv4XIDslTJ3_RoQIjoSh-nQ6GBUv5XWRqFtRcSTEBXD2fgD7idhd183ldfOY6M1cTQxWObk8R-wnfegqkizzXqJagbAaSZ40ckJUKRSeME

Requested by

Host: turfologie.fr.gd
URL: https://turfologie.fr.gd/

Protocol

Server

216.58.212.130 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

ams15s21-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 29 Jan 2024 16:39:41 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

location: https://cm.g.doubleclick.net/pixel?google_nid=datalogix_dmp&google_hm=MjAyNDAxMjkxNjM5NDEwMDAxNTI5OTkwNzYxNw%3D%3D&google_push=AXcoOmSkXPF-c7x2nJ1PDjTlt-k6M9DXUh_BgNydOSK12M0W19W0MWv4XIDslTJ3_RoQIjoSh-nQ6GBUv5XWRqFtRcSTEBXD2fgD7idhd183ldfOY6M1cTQxWObk8R-wnfegqkizzXqJagbAaSZ40ckJUKRSeME
pragma: no-cache
date: Mon, 29 Jan 2024 16:39:41 GMT
cache-control: max-age=0, no-cache, no-store
strict-transport-security: max-age=2628000
content-length: 0
expires: Mon, 29 Jan 2024 16:39:41 GMT

GET googleredir
googlecm.hit.gemius.pl/ Frame AAA7 0
0

GET
H3 204 attr
cm.g.doubleclick.net/pixel/ Frame AAA7 0
12 B 41ms
40ms Image
text/html 216.58.212.130
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel/attr?d=AHNF13Iod1b0UAa3smus3c0HieOkcEZ9Ybv2oDmpZq0T4xgX_m_QrgYE9T6B5dhQTOEVWJpRCqizNA

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

216.58.212.130 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

ams15s21-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Mon, 29 Jan 2024 16:39:41 GMT
server: HTTP server (unknown)
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
content-type: text/html

GET
H2 200 default.css
as.ad4m.at/ad/style/0.1.50/one-ad/ Frame 4CC2 115 KB
14 KB 41ms
40ms Stylesheet
text/css 2606:4700:20::681a:bd1
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://as.ad4m.at/ad/style/0.1.50/one-ad/default.css
Requested by: Host: as.ad4m.at
URL: https://as.ad4m.at/ad/dr?ed=1jdcytn525d253gq9mkv2acvgq5y9yb36n5733xqmans96n7z2f1vk2y52m86m6qcn0tsyattmrpxtm04h5yddfkr3wcecwh08s4qnsp2b8aanhtbxpp5jfmr4a5m83rq4vrx4mg19ytvy5hqck339gztg6cspad714jqf44zzrmm3c98pdd373ewcs56217aam5vqxkaymr9xmygvtxmbd434km2e4jnm2kb44ednyt894etwvvvjfh716cbmgmrkznr9e1s77vtyk2rrsnge3dxb7dbjygkc3d3nka64mv1nveb4y8raykrntkc64wp0b9dxbxx1m2pknqp6kykqd1045ve5bd2tdg00hv606b6c9erve3p5fkcxnhxmmqqvzjp43c852ah4h8s7sz503n7z7c83nmjm3whbv4yqy0m4nvae7x3b0&x=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCLhjmzNS3ZefUNIOl_tMP2siSqAXi0rL2YcexjoqOCMCNtwEQASAAYPvhhYOcCoIBF2NhLXB1Yi01MzA5NDcyMDE2ODIwNjcyyAEJqQIslPxxvCiyPqgDAcgDAqoEyQFP0MVZSvSR_AEPS-iWJwPF8tT_seVxwHl-TvxtTtriJwJjeqUCi34rhT0dauxHiyssWr7Hd5NiPEaWS8nfJdHD95ri01EPEAeqCDGclYpjfmIxCWseedKj_lBfHvsaPCdoq44uyRXKPpEQXb5q6VM3wb7j9x_ZqDOJJxYwvNLzV1tvgB2R0xPRI1VUvx_aYmMIZwpXiGAsg7JfWw4c22fhsZ0BmLREqQywLjHElrhoJEPnnZhrYmajyHf8gtHt_M5WGfZUwhb320OABvjMiNHHpbHPI6AGIagHpr4bqAeW2BuoB6qbsQKoB4OtsQKoB_-esQKoB9-fsQLYBwDSCB0IgOGAEBABMgKqAjoCgEBIvf3BOljAnsfWhIOEA_oLAggBgAwB0BUBgBcB%26num%3D1%26sig%3DAOD64_31UGafS58E6dfBAsNis8fDdj5e_A%26client%3Dca-pub-5309472016820672%26adurl%3D
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:bd1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 5f5a0db09b2c7d59fce00d749f6b857d80edafcca6897c038c5b77fb942f1393

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://as.ad4m.at/ad/dr?ed=1jdcytn525d253gq9mkv2acvgq5y9yb36n5733xqmans96n7z2f1vk2y52m86m6qcn0tsyattmrpxtm04h5yddfkr3wcecwh08s4qnsp2b8aanhtbxpp5jfmr4a5m83rq4vrx4mg19ytvy5hqck339gztg6cspad714jqf44zzrmm3c98pdd373ewcs56217aam5vqxkaymr9xmygvtxmbd434km2e4jnm2kb44ednyt894etwvvvjfh716cbmgmrkznr9e1s77vtyk2rrsnge3dxb7dbjygkc3d3nka64mv1nveb4y8raykrntkc64wp0b9dxbxx1m2pknqp6kykqd1045ve5bd2tdg00hv606b6c9erve3p5fkcxnhxmmqqvzjp43c852ah4h8s7sz503n7z7c83nmjm3whbv4yqy0m4nvae7x3b0&x=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCLhjmzNS3ZefUNIOl_tMP2siSqAXi0rL2YcexjoqOCMCNtwEQASAAYPvhhYOcCoIBF2NhLXB1Yi01MzA5NDcyMDE2ODIwNjcyyAEJqQIslPxxvCiyPqgDAcgDAqoEyQFP0MVZSvSR_AEPS-iWJwPF8tT_seVxwHl-TvxtTtriJwJjeqUCi34rhT0dauxHiyssWr7Hd5NiPEaWS8nfJdHD95ri01EPEAeqCDGclYpjfmIxCWseedKj_lBfHvsaPCdoq44uyRXKPpEQXb5q6VM3wb7j9x_ZqDOJJxYwvNLzV1tvgB2R0xPRI1VUvx_aYmMIZwpXiGAsg7JfWw4c22fhsZ0BmLREqQywLjHElrhoJEPnnZhrYmajyHf8gtHt_M5WGfZUwhb320OABvjMiNHHpbHPI6AGIagHpr4bqAeW2BuoB6qbsQKoB4OtsQKoB_-esQKoB9-fsQLYBwDSCB0IgOGAEBABMgKqAjoCgEBIvf3BOljAnsfWhIOEA_oLAggBgAwB0BUBgBcB%26num%3D1%26sig%3DAOD64_31UGafS58E6dfBAsNis8fDdj5e_A%26client%3Dca-pub-5309472016820672%26adurl%3D
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Mon, 29 Jan 2024 16:39:41 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 2157154
cf-polished: origSize=118430
alt-svc: h3=":443"; ma=86400
cf-bgj: minify
last-modified: Thu, 02 Nov 2023 10:26:17 GMT
server: cloudflare
etag: W/"486507ccce9ac587d11c0ef3f32a109a"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=UTJvnBpDbaNqTTIdKdzrALXWMJqhtgitetwa29cAzaC71VUgX4gwioH2I8ruzJQUdmOeYbK2b%2BOVwg87bLLpvLZ4mw7%2BSLE%2Fu5q9dF%2BXXhogf6RuhJJwFZAs241ffQHH%2FqGTbLGg9tQ%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/css
cache-control: public, max-age=86400
cf-ray: 84d2e9a3ee286f94-CDG
expires: Tue, 30 Jan 2024 16:39:41 GMT

GET
H2 200 r62eglto.js Show response
ad4m.at/ Frame 4CC2 24 KB
10 KB 53ms
37ms Script
application/javascript 2606:4700:20::681a:bd1
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://ad4m.at/r62eglto.js
Requested by: Host: as.ad4m.at
URL: https://as.ad4m.at/ad/dr?ed=1jdcytn525d253gq9mkv2acvgq5y9yb36n5733xqmans96n7z2f1vk2y52m86m6qcn0tsyattmrpxtm04h5yddfkr3wcecwh08s4qnsp2b8aanhtbxpp5jfmr4a5m83rq4vrx4mg19ytvy5hqck339gztg6cspad714jqf44zzrmm3c98pdd373ewcs56217aam5vqxkaymr9xmygvtxmbd434km2e4jnm2kb44ednyt894etwvvvjfh716cbmgmrkznr9e1s77vtyk2rrsnge3dxb7dbjygkc3d3nka64mv1nveb4y8raykrntkc64wp0b9dxbxx1m2pknqp6kykqd1045ve5bd2tdg00hv606b6c9erve3p5fkcxnhxmmqqvzjp43c852ah4h8s7sz503n7z7c83nmjm3whbv4yqy0m4nvae7x3b0&x=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCLhjmzNS3ZefUNIOl_tMP2siSqAXi0rL2YcexjoqOCMCNtwEQASAAYPvhhYOcCoIBF2NhLXB1Yi01MzA5NDcyMDE2ODIwNjcyyAEJqQIslPxxvCiyPqgDAcgDAqoEyQFP0MVZSvSR_AEPS-iWJwPF8tT_seVxwHl-TvxtTtriJwJjeqUCi34rhT0dauxHiyssWr7Hd5NiPEaWS8nfJdHD95ri01EPEAeqCDGclYpjfmIxCWseedKj_lBfHvsaPCdoq44uyRXKPpEQXb5q6VM3wb7j9x_ZqDOJJxYwvNLzV1tvgB2R0xPRI1VUvx_aYmMIZwpXiGAsg7JfWw4c22fhsZ0BmLREqQywLjHElrhoJEPnnZhrYmajyHf8gtHt_M5WGfZUwhb320OABvjMiNHHpbHPI6AGIagHpr4bqAeW2BuoB6qbsQKoB4OtsQKoB_-esQKoB9-fsQLYBwDSCB0IgOGAEBABMgKqAjoCgEBIvf3BOljAnsfWhIOEA_oLAggBgAwB0BUBgBcB%26num%3D1%26sig%3DAOD64_31UGafS58E6dfBAsNis8fDdj5e_A%26client%3Dca-pub-5309472016820672%26adurl%3D
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:bd1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 098e6dc516d5b171a1bf126adf3b8e8510746bac17f477f73a6310587e4ab9e8

Request headers

accept-language: fr-FR,fr;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Mon, 29 Jan 2024 16:39:41 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Mon, 29 Jan 2024 10:45:44 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
age: 21221
etag: W/"ea6b8b5621410c697cbfca30307bc4ca"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=VpCjBrBjQ12IsOP7U%2FgdlhsW3WfLPquDg6sb0ggnuv5173bCTpOj%2FRFL8kr2ITqtTM6VUP84OmZUuxhqQsVPZE1MOZjBlnuw%2FynobXCjSU0HubZFyFh7Jkc5OyqLRJlY1qQ6Rj0%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=utf-8
cache-control: public, max-age=3600, must-revalidate, stale-while-revalidate=300
cf-ray: 84d2e9a3fe516f94-CDG
alt-svc: h3=":443"; ma=86400
expires: Mon, 29 Jan 2024 10:46:00 GMT

GET
H3 200 adview
googleads.g.doubleclick.net/pagead/ Frame D89C 0
19 B 70ms
70ms Image
text/html 2a00:1450:4001:829::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://googleads.g.doubleclick.net/pagead/adview?ai=Cw1yfzNS3ZefUNIOl_tMP2siSqAXi0rL2YcexjoqOCMCNtwEQASAAYPvhhYOcCoIBF2NhLXB1Yi01MzA5NDcyMDE2ODIwNjcyyAEJqQIslPxxvCiyPqgDAcgDAqoExgFP0MVZSvSR_AEPS-iWJwPF8tT_seVxwHl-TvxtTtriJwJjeqUCi34rhT0dauxHiyssWr7Hd5NiPEaWS8nfJdHD95ri01EPEAeqCDGclYpjfmIxCWseedKj_lBfHvsaPCdoq44uyRXKPpEQXb5q6VM3wb7j9x_ZqDOJJxYwvNLzV1tvgB2R0xPRI1VUvx_aYmMIZwpXiGAsg7JfWw4c22fh858gCmO9Lkx4qS0MN9irrQf8lzVhTH4qFs6cQVIE7eJOzCrLgt6ABvjMiNHHpbHPI6AGIagHpr4bqAeW2BuoB6qbsQKoB4OtsQKoB_-esQKoB9-fsQLYBwDSCB0IgOGAEBABMgKqAjoCgEBIvf3BOljAnsfWhIOEA4AKAfoLAggBgAwB0BUBgBcBshcaChgSFHB1Yi01MzA5NDcyMDE2ODIwNjcyGAA&sigh=542OLOyIHiA&uach_m=%5BUACH%5D&cid=CAQSPAAvHhf_BeMg3H1AXIKV82v01esQtCLCp0Fl2gNTyNCoOrNi0L_Ldz-QOopyiHPfl4D6VszAIS23ufc1rRgB&cbvp=2&vis=1

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5309472016820672&output=html&h=90&adk=2743202993&adf=1839787983&pi=t.aa~a.1182920990~rp.3&w=1200&fwrn=4&fwrnh=100&lmt=1706546380&rafmt=1&to=qs&pwprc=3996251837&format=1200x90&url=https%3A%2F%2Fturfologie.fr.gd%2F&host=ca-host-pub-1483906849246906&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1706546380758&bpp=1&bdt=1144&idt=0&shv=r20240122&mjsv=m202401230101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C1200x280&nras=3&correlator=5185171188298&frm=20&pv=1&ga_vid=2112861678.1706546380&ga_sid=1706546380&ga_hid=1426785995&ga_fc=0&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=200&ady=1821&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C31079265%2C31080533%2C31080619%2C95322184%2C95320869%2C95321626%2C95322164%2C95323006&oid=2&pvsid=3681854001375556&tmod=713479794&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&bz=1&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=3&uci=a!3&btvi=2&fsb=1&dtd=5
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

content-security-policy: script-src 'none'; object-src 'none'
date: Mon, 29 Jan 2024 16:39:41 GMT
x-content-type-options: nosniff
server: cafe
content-type: text/html; charset=UTF-8
access-control-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0

GET
H2 204 winResponse
prod-rtb.ad4mat.net/ Frame D89C 0
103 B 94ms
32ms Image
image/gif 2600:1901:0:76b9::
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://prod-rtb.ad4mat.net/winResponse?a=1hzat0eg2s8getrmrmk30efk50jafs1w0x128xht389c40947yr3z855f0mef03cx07gawk665rg08c9d0149d885063rxy1rk4n027bqx7faahpyc2n7kfd76rsax46s6mgjcxccpj6rk76efy6hs40ykpvv4xgfws6cqhv25d1hc4238q63ykbc1n32ramee2p57mngm0vrdcmh4rzdpcybm86n7c93jkb6q3pjv24e1km50zxtgwd000snayw9m39krccmf7pdvdxgtj8jtdefvpw8h21rd3z5ntxfa896kdm3eff5eyqzfbmmbajm1nnccgs3crb3fvxcwsj1snc3jzqfmy0erd40bhcr4qfvd3w9vsjsp1fmr5fp96s0117d129sm&b=ZbfUzAANKmcEf5KDAASkWhOdHiyeLLqDFdofaQ&cbvp=2
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5309472016820672&output=html&h=90&adk=2743202993&adf=1839787983&pi=t.aa~a.1182920990~rp.3&w=1200&fwrn=4&fwrnh=100&lmt=1706546380&rafmt=1&to=qs&pwprc=3996251837&format=1200x90&url=https%3A%2F%2Fturfologie.fr.gd%2F&host=ca-host-pub-1483906849246906&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1706546380758&bpp=1&bdt=1144&idt=0&shv=r20240122&mjsv=m202401230101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C1200x280&nras=3&correlator=5185171188298&frm=20&pv=1&ga_vid=2112861678.1706546380&ga_sid=1706546380&ga_hid=1426785995&ga_fc=0&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=200&ady=1821&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C31079265%2C31080533%2C31080619%2C95322184%2C95320869%2C95321626%2C95322164%2C95323006&oid=2&pvsid=3681854001375556&tmod=713479794&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&bz=1&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=3&uci=a!3&btvi=2&fsb=1&dtd=5
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:1901:0:76b9:: Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

access-control-allow-origin: *
date: Mon, 29 Jan 2024 16:39:41 GMT
via: 1.1 google
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-type: image/gif

GET
H2

200

merrell.com Show response
nakoona.com/search/ Frame B9AC
Redirect Chain

https://api.yieldads.net/redirect?publisherId=45bc403dq64rzpuj&market=de&placementId=14426602d095f6046b3a008e7d69186a78de6ab3895e575d5502ceca210bae00&placementId2=60c9106a-dd7b-4f3b-9789-441523dd3c...
https://nakoona.com/y?t=merrell.com&cid=a3cbfaf734bffba709eee0dd9f49a3715d4dae0116ec588b46f06fcb2948ceec&identifier=c150519a19414017
https://nakoona.com/search/merrell.com

528 B
1 KB

43ms
42ms

Document
text/html

18.193.12.180
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://nakoona.com/search/merrell.com
Requested by: Host: api.yieldads.net
URL: https://api.yieldads.net/redirect?publisherId=45bc403dq64rzpuj&market=de&placementId=14426602d095f6046b3a008e7d69186a78de6ab3895e575d5502ceca210bae00&placementId2=60c9106a-dd7b-4f3b-9789-441523dd3c5e
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 18.193.12.180 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-18-193-12-180.eu-central-1.compute.amazonaws.com
Software: nginx / PHP/7.1.33
Resource Hash: 9f4522a8a9342a068918269579be8514ae89cb49b1d385564d772c8c3beb1da3

Request headers

Referer: https://api.yieldads.net/redirect?publisherId=45bc403dq64rzpuj&market=de&placementId=14426602d095f6046b3a008e7d69186a78de6ab3895e575d5502ceca210bae00&placementId2=60c9106a-dd7b-4f3b-9789-441523dd3c5e
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
accept-language: fr-FR,fr;q=0.9

Response headers

cache-control: no-store, no-cache, must-revalidate
content-type: text/html; charset=UTF-8
date: Mon, 29 Jan 2024 16:39:41 GMT
expires: Thu, 19 Nov 1981 08:52:00 GMT
pragma: no-cache
referrer-policy: no-referrer
server: nginx
x-powered-by: PHP/7.1.33

Redirect headers

cache-control: no-store, no-cache, must-revalidate
content-type: text/html; charset=UTF-8
date: Mon, 29 Jan 2024 16:39:41 GMT
expires: Thu, 19 Nov 1981 08:52:00 GMT
location: https://nakoona.com/search/merrell.com
pragma: no-cache
referrer-policy: no-referrer
server: nginx
x-powered-by: PHP/7.1.33

GET
H3 200 9c69f07deadda884c61396a404004929.svg
s0.2mdn.net/sadbundle/15205685216655332109/media/ Frame 45D8 1 KB
643 B 33ms
33ms Image
image/svg+xml 2a00:1450:4001:82f::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/sadbundle/15205685216655332109/media/9c69f07deadda884c61396a404004929.svg

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/15205685216655332109/index.html?ev=01_250

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82f::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

fa3efcb1022504df85ff9f59acd76923266eb8a078b3e746457223967d82ba2e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://s0.2mdn.net/sadbundle/15205685216655332109/index.html?ev=01_250
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

expires: Fri, 24 Jan 2025 14:45:55 GMT
date: Thu, 25 Jan 2024 14:45:55 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 352426
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 613
x-xss-protection: 0
last-modified: Thu, 14 Dec 2023 11:10:04 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
allow-fenced-frame-automatic-beacons: true

GET
H3 200 1c6b34ea327760cdc6583ab92f7e8832.png
s0.2mdn.net/sadbundle/15205685216655332109/media/ Frame 45D8 8 KB
8 KB 35ms
35ms Image
image/png 2a00:1450:4001:82f::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/sadbundle/15205685216655332109/media/1c6b34ea327760cdc6583ab92f7e8832.png

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/15205685216655332109/index.html?ev=01_250

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82f::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

59e50d4289f223d9c475d992d8069c2b799704feefdd7e8eabebd2a49bb31df1

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://s0.2mdn.net/sadbundle/15205685216655332109/index.html?ev=01_250
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

expires: Fri, 24 Jan 2025 14:45:56 GMT
date: Thu, 25 Jan 2024 14:45:56 GMT
x-content-type-options: nosniff
age: 352425
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 8224
x-xss-protection: 0
last-modified: Thu, 14 Dec 2023 11:10:04 GMT
server: sffe
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
allow-fenced-frame-automatic-beacons: true

GET
H3 200 8c68f26fc9961acfb78efaa74f684c27.png
s0.2mdn.net/sadbundle/15205685216655332109/media/ Frame 45D8 2 KB
2 KB 34ms
34ms Image
image/png 2a00:1450:4001:82f::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/sadbundle/15205685216655332109/media/8c68f26fc9961acfb78efaa74f684c27.png

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/15205685216655332109/index.html?ev=01_250

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82f::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

5deec59d8ecaebf084aeb4dfdd665b3b5ae8aefa8a7cc7f76707524772912bcd

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://s0.2mdn.net/sadbundle/15205685216655332109/index.html?ev=01_250
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

expires: Wed, 22 Jan 2025 23:35:25 GMT
date: Tue, 23 Jan 2024 23:35:25 GMT
x-content-type-options: nosniff
age: 493456
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 2104
x-xss-protection: 0
last-modified: Thu, 14 Dec 2023 11:10:04 GMT
server: sffe
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
allow-fenced-frame-automatic-beacons: true

GET
H3 200 6d7052ff6df13eae564657f4b45cc79a.svg
s0.2mdn.net/sadbundle/15205685216655332109/media/ Frame 45D8 5 KB
3 KB 36ms
36ms Image
image/svg+xml 2a00:1450:4001:82f::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/sadbundle/15205685216655332109/media/6d7052ff6df13eae564657f4b45cc79a.svg

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/15205685216655332109/index.html?ev=01_250

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82f::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

caf195ab94cbfaf21aaae06763f8600b9801e4a8423311963e8e913cddc06150

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://s0.2mdn.net/sadbundle/15205685216655332109/index.html?ev=01_250
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

expires: Tue, 28 Jan 2025 15:46:50 GMT
date: Mon, 29 Jan 2024 15:46:50 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 3171
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 2640
x-xss-protection: 0
last-modified: Thu, 14 Dec 2023 11:10:04 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
allow-fenced-frame-automatic-beacons: true

GET
H3 200 9c69f07deadda884c61396a404004929.svg
s0.2mdn.net/sadbundle/7135979241717318397/media/ Frame D272 1 KB
643 B 122ms
121ms Image
image/svg+xml 2a00:1450:4001:82f::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/sadbundle/7135979241717318397/media/9c69f07deadda884c61396a404004929.svg

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/7135979241717318397/index.html?ev=01_250

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82f::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

fa3efcb1022504df85ff9f59acd76923266eb8a078b3e746457223967d82ba2e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://s0.2mdn.net/sadbundle/7135979241717318397/index.html?ev=01_250
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

expires: Fri, 24 Jan 2025 14:59:52 GMT
date: Thu, 25 Jan 2024 14:59:52 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 351589
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 613
x-xss-protection: 0
last-modified: Thu, 14 Dec 2023 11:09:41 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
allow-fenced-frame-automatic-beacons: true

GET
H3 200 bf3254c3b5fa5352e62964381dccaa8b.png
s0.2mdn.net/sadbundle/7135979241717318397/media/ Frame D272 15 KB
15 KB 36ms
36ms Image
image/png 2a00:1450:4001:82f::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/sadbundle/7135979241717318397/media/bf3254c3b5fa5352e62964381dccaa8b.png

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/7135979241717318397/index.html?ev=01_250

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82f::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

01d8d3a192ae9fc60e6f857b9341d7aeec4d05fc2e2dc3317f65413f8cfb4992

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://s0.2mdn.net/sadbundle/7135979241717318397/index.html?ev=01_250
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

expires: Fri, 24 Jan 2025 14:59:52 GMT
date: Thu, 25 Jan 2024 14:59:52 GMT
x-content-type-options: nosniff
age: 351589
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 14918
x-xss-protection: 0
last-modified: Thu, 14 Dec 2023 11:09:41 GMT
server: sffe
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
allow-fenced-frame-automatic-beacons: true

GET
H3 200 9401bca7c390a53a04ea672b0266554d.png
s0.2mdn.net/sadbundle/7135979241717318397/media/ Frame D272 2 KB
2 KB 119ms
119ms Image
image/png 2a00:1450:4001:82f::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/sadbundle/7135979241717318397/media/9401bca7c390a53a04ea672b0266554d.png

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/7135979241717318397/index.html?ev=01_250

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82f::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

36d54e4a3480145a1431b15dbe05120a18da23bd5221b4f86324775f6a7dcdc7

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://s0.2mdn.net/sadbundle/7135979241717318397/index.html?ev=01_250
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

expires: Thu, 23 Jan 2025 01:09:19 GMT
date: Wed, 24 Jan 2024 01:09:19 GMT
x-content-type-options: nosniff
age: 487822
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 2205
x-xss-protection: 0
last-modified: Thu, 14 Dec 2023 11:09:41 GMT
server: sffe
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
allow-fenced-frame-automatic-beacons: true

GET
H3 200 6d7052ff6df13eae564657f4b45cc79a.svg
s0.2mdn.net/sadbundle/7135979241717318397/media/ Frame D272 5 KB
3 KB 35ms
35ms Image
image/svg+xml 2a00:1450:4001:82f::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/sadbundle/7135979241717318397/media/6d7052ff6df13eae564657f4b45cc79a.svg

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/7135979241717318397/index.html?ev=01_250

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82f::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

caf195ab94cbfaf21aaae06763f8600b9801e4a8423311963e8e913cddc06150

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://s0.2mdn.net/sadbundle/7135979241717318397/index.html?ev=01_250
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

expires: Thu, 23 Jan 2025 01:09:19 GMT
date: Wed, 24 Jan 2024 01:09:19 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 487822
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 2640
x-xss-protection: 0
last-modified: Thu, 14 Dec 2023 11:09:41 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
allow-fenced-frame-automatic-beacons: true

GET
H3 200 ibm_plex_sans_700_normal.ttf
s0.2mdn.net/sadbundle/15205685216655332109/fonts/ Frame 45D8 172 KB
75 KB 39ms
38ms Font
font/ttf 2a00:1450:4001:82f::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/sadbundle/15205685216655332109/fonts/ibm_plex_sans_700_normal.ttf

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/15205685216655332109/index.html?ev=01_250

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82f::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

856c41d7d47bba74b107e526ef8f49968fb2a3a129cdc3c5ef5899ba3c2dc181

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://s0.2mdn.net/sadbundle/15205685216655332109/index.html?ev=01_250
Origin: https://s0.2mdn.net
accept-language: fr-FR,fr;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

expires: Wed, 22 Jan 2025 23:35:16 GMT
date: Tue, 23 Jan 2024 23:35:16 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 493465
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 76650
x-xss-protection: 0
last-modified: Thu, 14 Dec 2023 11:10:04 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: font/ttf
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
allow-fenced-frame-automatic-beacons: true

GET
H3 200 ibm_plex_sans_500_normal.ttf
s0.2mdn.net/sadbundle/15205685216655332109/fonts/ Frame 45D8 173 KB
80 KB 36ms
36ms Font
font/ttf 2a00:1450:4001:82f::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/sadbundle/15205685216655332109/fonts/ibm_plex_sans_500_normal.ttf

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/15205685216655332109/index.html?ev=01_250

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82f::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

11ddde88c29ef7e51f5c03da7fde285085469879139d006f631a62dba9bbd069

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://s0.2mdn.net/sadbundle/15205685216655332109/index.html?ev=01_250
Origin: https://s0.2mdn.net
accept-language: fr-FR,fr;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

expires: Fri, 24 Jan 2025 14:45:56 GMT
date: Thu, 25 Jan 2024 14:45:56 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 352425
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 81411
x-xss-protection: 0
last-modified: Thu, 14 Dec 2023 11:10:04 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: font/ttf
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
allow-fenced-frame-automatic-beacons: true

GET
H3 200 9c69f07deadda884c61396a404004929.svg
s0.2mdn.net/sadbundle/7135979241717318397/media/ Frame E39F 1 KB
643 B 117ms
117ms Image
image/svg+xml 2a00:1450:4001:82f::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/sadbundle/7135979241717318397/media/9c69f07deadda884c61396a404004929.svg

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/7135979241717318397/8f0cec8041c165cafb6d32d04ed8f04b.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82f::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

fa3efcb1022504df85ff9f59acd76923266eb8a078b3e746457223967d82ba2e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://s0.2mdn.net/sadbundle/7135979241717318397/index.html?ev=01_250
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

expires: Fri, 24 Jan 2025 14:59:52 GMT
date: Thu, 25 Jan 2024 14:59:52 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 351589
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 613
x-xss-protection: 0
last-modified: Thu, 14 Dec 2023 11:09:41 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
allow-fenced-frame-automatic-beacons: true

GET
H3 200 bf3254c3b5fa5352e62964381dccaa8b.png
s0.2mdn.net/sadbundle/7135979241717318397/media/ Frame E39F 15 KB
15 KB 118ms
115ms Image
image/png 2a00:1450:4001:82f::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/sadbundle/7135979241717318397/media/bf3254c3b5fa5352e62964381dccaa8b.png

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/7135979241717318397/8f0cec8041c165cafb6d32d04ed8f04b.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82f::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

01d8d3a192ae9fc60e6f857b9341d7aeec4d05fc2e2dc3317f65413f8cfb4992

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://s0.2mdn.net/sadbundle/7135979241717318397/index.html?ev=01_250
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

expires: Fri, 24 Jan 2025 14:59:52 GMT
date: Thu, 25 Jan 2024 14:59:52 GMT
x-content-type-options: nosniff
age: 351589
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 14918
x-xss-protection: 0
last-modified: Thu, 14 Dec 2023 11:09:41 GMT
server: sffe
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
allow-fenced-frame-automatic-beacons: true

GET
H3 200 9401bca7c390a53a04ea672b0266554d.png
s0.2mdn.net/sadbundle/7135979241717318397/media/ Frame E39F 2 KB
2 KB 119ms
117ms Image
image/png 2a00:1450:4001:82f::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/sadbundle/7135979241717318397/media/9401bca7c390a53a04ea672b0266554d.png

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/7135979241717318397/8f0cec8041c165cafb6d32d04ed8f04b.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82f::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

36d54e4a3480145a1431b15dbe05120a18da23bd5221b4f86324775f6a7dcdc7

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://s0.2mdn.net/sadbundle/7135979241717318397/index.html?ev=01_250
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

expires: Thu, 23 Jan 2025 01:09:19 GMT
date: Wed, 24 Jan 2024 01:09:19 GMT
x-content-type-options: nosniff
age: 487822
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 2205
x-xss-protection: 0
last-modified: Thu, 14 Dec 2023 11:09:41 GMT
server: sffe
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
allow-fenced-frame-automatic-beacons: true

GET
H3 200 6d7052ff6df13eae564657f4b45cc79a.svg
s0.2mdn.net/sadbundle/7135979241717318397/media/ Frame E39F 5 KB
3 KB 120ms
118ms Image
image/svg+xml 2a00:1450:4001:82f::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/sadbundle/7135979241717318397/media/6d7052ff6df13eae564657f4b45cc79a.svg

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/7135979241717318397/8f0cec8041c165cafb6d32d04ed8f04b.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82f::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

caf195ab94cbfaf21aaae06763f8600b9801e4a8423311963e8e913cddc06150

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://s0.2mdn.net/sadbundle/7135979241717318397/index.html?ev=01_250
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

expires: Thu, 23 Jan 2025 01:09:19 GMT
date: Wed, 24 Jan 2024 01:09:19 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 487822
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 2640
x-xss-protection: 0
last-modified: Thu, 14 Dec 2023 11:09:41 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
allow-fenced-frame-automatic-beacons: true

GET
H3 200 ibm_plex_sans_700_normal.ttf
s0.2mdn.net/sadbundle/7135979241717318397/fonts/ Frame D272 172 KB
75 KB 45ms
43ms Font
font/ttf 2a00:1450:4001:82f::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/sadbundle/7135979241717318397/fonts/ibm_plex_sans_700_normal.ttf

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/7135979241717318397/index.html?ev=01_250

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82f::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

856c41d7d47bba74b107e526ef8f49968fb2a3a129cdc3c5ef5899ba3c2dc181

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://s0.2mdn.net/sadbundle/7135979241717318397/index.html?ev=01_250
Origin: https://s0.2mdn.net
accept-language: fr-FR,fr;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

expires: Fri, 24 Jan 2025 14:59:52 GMT
date: Thu, 25 Jan 2024 14:59:52 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 351589
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 76650
x-xss-protection: 0
last-modified: Thu, 14 Dec 2023 11:09:41 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: font/ttf
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
allow-fenced-frame-automatic-beacons: true

GET
H3 200 ibm_plex_sans_500_normal.ttf
s0.2mdn.net/sadbundle/7135979241717318397/fonts/ Frame D272 173 KB
80 KB 50ms
48ms Font
font/ttf 2a00:1450:4001:82f::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/sadbundle/7135979241717318397/fonts/ibm_plex_sans_500_normal.ttf

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/7135979241717318397/index.html?ev=01_250

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82f::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

11ddde88c29ef7e51f5c03da7fde285085469879139d006f631a62dba9bbd069

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://s0.2mdn.net/sadbundle/7135979241717318397/index.html?ev=01_250
Origin: https://s0.2mdn.net
accept-language: fr-FR,fr;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

expires: Fri, 24 Jan 2025 14:59:52 GMT
date: Thu, 25 Jan 2024 14:59:52 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 351589
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 81411
x-xss-protection: 0
last-modified: Thu, 14 Dec 2023 11:09:41 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: font/ttf
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
allow-fenced-frame-automatic-beacons: true

GET
H3 200 ibm_plex_sans_700_normal.ttf
s0.2mdn.net/sadbundle/7135979241717318397/fonts/ Frame E39F 172 KB
75 KB 53ms
51ms Font
font/ttf 2a00:1450:4001:82f::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/sadbundle/7135979241717318397/fonts/ibm_plex_sans_700_normal.ttf

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/7135979241717318397/index.html?ev=01_250

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82f::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

856c41d7d47bba74b107e526ef8f49968fb2a3a129cdc3c5ef5899ba3c2dc181

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://s0.2mdn.net/sadbundle/7135979241717318397/index.html?ev=01_250
Origin: https://s0.2mdn.net
accept-language: fr-FR,fr;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

expires: Fri, 24 Jan 2025 14:59:52 GMT
date: Thu, 25 Jan 2024 14:59:52 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 351589
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 76650
x-xss-protection: 0
last-modified: Thu, 14 Dec 2023 11:09:41 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: font/ttf
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
allow-fenced-frame-automatic-beacons: true

GET
H3 200 ibm_plex_sans_500_normal.ttf
s0.2mdn.net/sadbundle/7135979241717318397/fonts/ Frame E39F 173 KB
80 KB 63ms
61ms Font
font/ttf 2a00:1450:4001:82f::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/sadbundle/7135979241717318397/fonts/ibm_plex_sans_500_normal.ttf

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/7135979241717318397/index.html?ev=01_250

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82f::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

11ddde88c29ef7e51f5c03da7fde285085469879139d006f631a62dba9bbd069

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://s0.2mdn.net/sadbundle/7135979241717318397/index.html?ev=01_250
Origin: https://s0.2mdn.net
accept-language: fr-FR,fr;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

expires: Fri, 24 Jan 2025 14:59:52 GMT
date: Thu, 25 Jan 2024 14:59:52 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 351589
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 81411
x-xss-protection: 0
last-modified: Thu, 14 Dec 2023 11:09:41 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: font/ttf
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
allow-fenced-frame-automatic-beacons: true

GET
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame ACBE 0
20 B 240ms
240ms Image
image/gif 2a00:1450:4001:827::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar&v=44&t=2&bgai=ByNZizNS3ZbWZDYeCtdEPhsmkqAMAAAAAOAHgBAI&bg=!PzylPHPNAAa8BdJLnAU7ADQBe5WfOEtcbxJnufMRSZMQ0qc-LYZ0U8hLk0k01yeR3xAI1OJzkptrroI-4I5RF1XaFrSDAgAAAK5SAAAAAWgBB5kC_PTdIUHunemmnkmtbw_ardE7u00gEs2vRdoNipPqy_KIu4TY6DIGLDRyjnmz4TF_D8qUZb3F58CwcJJolhS7Bt2_iRNnAu2Rthtd4CACLHEt5yHHHtg8WYh6BaWO_98CTTEBzAprUsyPHOarW3W3UWk7kMG8I0PBhdYta-545useejqaWNigCmTjSzOSWpeQSecSGot2sB7z4wGsib8PsALJl4lefPuM_LlzGYnTQMYCKAXmoHhljDGH39Pe2VJMj-BSMO7B6e83zlbCux7TXbYFaaP_g2mByQpq1pqM_0za1fC4wW0rEezFxbNTrV3GvXlMhmlcf2n8i3R8UOuCLSIvITu8fjortjHmOdnEzwyfAGcbQ7aglTGkj88hPeN1zAaJ04cqGhlTpzNJt2JUKeXj7jWG7XhXUuoZM9ZHqYHmmFoBfN_aHFXKHwfHvNqHFDhGkWDRGKJCLIjybS992GoYwt4MFauiCFkAFdTJaxWdNzAKJJDFomDK9KITuESucyVgGCLPbVfHfG0Chtc2HdXTuC5miYuf6ePZnRbbBmp17ko8JKMyhMB2RzrL6aLBw-9mpfJRZeacLel28v_tDSZGcqhR05ejbo4QxILk54B7AJunqLbfBLnGR-R7jm4eBo1Z4of60N9XrXrxIiAlAxA2RxYa2BHQt0YLIkS-85DE7ZcN7kWiaIvCr89wlXp-DgjmvesKDuxtDAVeN3cv5ccD4BkEaxCcsstXeRgtPf32zvotQGKHQMfTx89BLT4VNYieQDHwh88ufKG6ILH3SS3lerLD6Fz2NRUko1I9ayEDJiJ-OEZiNaNHoyzwSyKhlw9iT2QzAIDrLHgkCkFKMOv2PbIHHFMfRwWbNvO7D2b0llukpitkBRTRjwMjKLb1QTi6nK4jCWboMPgrCHZbrqmlweQqWY9ySRuTmtH_lwLnWHv8lmjKHKOvM_tlanjDxCFpZRLoYglQtg-vobUVFmWQuQn1gbAQJzuhxbnEQWaF_b-URM0SSjd9muJi

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20240122/r20110914/zrt_lookup_fy2021.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 29 Jan 2024 16:39:41 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 adchoices_default.png
static-de.ad4mat.net/ads/img/ad_markers_folder/ Frame 4CC2 350 B
910 B 113ms
43ms Image
image/png 2606:4700:20::ac43:444e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://static-de.ad4mat.net/ads/img/ad_markers_folder/adchoices_default.png
Requested by: Host: as.ad4m.at
URL: https://as.ad4m.at/ad/style/0.1.50/one-ad/default.css
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::ac43:444e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: d41dc07aed30cb54de661289691254b1288a52bcf4d121cec3acb89d4aa872a8

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://as.ad4m.at/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Mon, 29 Jan 2024 16:39:41 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 6063626
alt-svc: h3=":443"; ma=86400
content-length: 350
last-modified: Mon, 20 Nov 2023 11:04:04 GMT
server: cloudflare
etag: "e7fc49b61cae983db8c3a1dccf923b93"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=lvtRP3hW0sGERJnzVYqb4mpbK9uiEpxA6WXs%2B37wTkcpRuGlv17%2BQ7%2B2CnXHckO1S3cZ3Lpwap%2FKlubRi%2B6fbW8rtyffQ5NjSIgI89S3HDEy5HCR4Efm5QjvsNvAQTV6RoGCQMOnsE4QivO5w7aeLi3a"}],"group":"cf-nel","max_age":604800}
content-type: image/png
cache-control: public, max-age=315360000, immutable
accept-ranges: bytes
cf-ray: 84d2e9a4fd636f0e-CDG
expires: Tue, 19 Nov 2024 12:19:15 GMT

GET
H3 200 cookie-frame.html Show response
ad4m.at/ Frame 7259 2 KB
2 KB 48ms
48ms Document
text/html 2606:4700:20::681a:bd1
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://ad4m.at/cookie-frame.html
Requested by: Host: ad4m.at
URL: https://ad4m.at/r62eglto.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:20::681a:bd1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 0db16c25165bfd35ea9114187f3e97d7084a33135cb56fe276f6cdd2ab675647

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
accept-language: fr-FR,fr;q=0.9

Response headers

age: 2639346
alt-svc: h3=":443"; ma=86400
cache-control: public, max-age=3600, must-revalidate, stale-while-revalidate=86400, stale-if-error=86400
cf-cache-status: HIT
cf-ray: 84d2e9a48df16f36-CDG
content-encoding: br
content-language: en
content-type: text/html
date: Mon, 29 Jan 2024 16:39:41 GMT
expires: Wed, 29 Nov 2023 11:19:10 GMT
last-modified: Tue, 28 Nov 2023 11:49:55 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=teOtzTNGGoScfhW2zuDiUJQQA%2BpMcuuaV8pKgkkReCUR7WFHEHEUkZ51dCqVmzHKWldG3X%2Fx8Bd2QFGuIjq2RylBa9ZCZnWgVVqVTzLle2snqawnvP1mBPcBBkKlPokKOEGiFAQ%3D"}],"group":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding

GET
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame 9550 0
20 B 240ms
240ms Image
image/gif 2a00:1450:4001:827::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar&v=44&t=2&bgai=BPW46zNS3ZbSZDYeCtdEPhsmkqAMAAAAAOAHgBAI&bg=!xcalxonNAAa8BdJLnAU7ADQBe5WfOJqPKm9XsNXlY7T6WQjbEtnvnwjgeLNUeRLB5KUNwdnFkswegwPgXGmT8xxypLl6AgAAALRSAAAAAWgBB5kC_ry6W4m3-gY0bmTxoE3UkR7DRHagaQfKn4nFScbs3HFTiQduCOCHfJ5zi3gDgrDItg9IsbjSboEQ0HRxoU_VNdSQ1DX61y9zDQSTwxac7d8kbwHErUDnWHtrbDiY6oyQVK7Zq-TZOax7Lw1ijDeZQjIX_n28KAqQT8svbAr8SOehJ5MLR2TZJcoIiGnpvfaohYWktznc0fNhFMeucNdbFcBXoS4a78AWUOSaYxl70M_zVgyGAnJ7vUHH8XPiDuP0TK_zfUm4mPIG21JCq9ekNaCF2OAWQBrHRI41PEBTcjq4bVbFb0DKLz-1R2Fwl0PXd6d2QqLwF6rLGJUNfj9BObAkvHmtE-OS96BxNGJ9gWZB6fg3bAC7CJypWM0k5Yxe4i4lnXFbCO-qBwdncBU75FwuOS3g94agbidW_5IYTeqhR7khtrSCZsoy1q2F6MiFW_SN7qpKu3557VE1PLGWSDf9Z_wFwh6wQi4pajme_iSxAm5rbmQujioCXCPWS594MlivXzHQZOAaLBC2cjWZcVKq72KsdvARa4-bC4PcX0tSBBDZhLNDgaDyWnevsDeCcXFn6G7YH_LTS-BQ_vZc0ngfHaEhWvx2Bc22kX5u3MYlzTehmyTvtcaiyLrVE2ECM5g-z7vTjnMf5vFMLWF-sxyPT3za2G6plLgSS8YxU7Db0BgJhGtS0urrHdotxxRj7JSEmRA75WoJNDfWttQ9V0kFEP6JTJC2_h7xfUgzGbLVsRmU9hIt05oocnFKp5T5Ba35gTuP1_guvWdmdsa4z_rnMzqEAt7ikubvnklh4veebZ_d6KCfgEvyzAmdDMMiSvZ_roqe9nslhHxYJGm9AzMXWJpbEWU60-m8x0YM_RIv9zUJXq2VGcJ93Koel8qYK7AaCf7X4eMMqihaOR-1Hpt_wNfKbbRrnyAgnVWIJfMRHW3WsTM93oVuFdvdcb99HQX0OSksAFJHSo7GzhAwhXZEA38tezaWj9noxUxNMmSktjTNsrHD15pOoiuRc0E

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20240122/r20110914/zrt_lookup_fy2021.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 29 Jan 2024 16:39:41 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame CB28 0
20 B 241ms
240ms Image
image/gif 2a00:1450:4001:827::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar&v=44&t=2&bgai=BF964zNS3ZbaZDYeCtdEPhsmkqAMAAAAAOAHgBAI&bg=!RUalRgnNAAa8BdJLnAU7ADQBe5WfOEIcB1lkwzwXCqGpIUWSr_KgangEEBUdFll3P_Lk27uEE3j8yVMAbzZGPrPGzn8ZAgAAAHJSAAAAAWgBB5kDB-virV2XDZ4F7J1J-BuZk6FLw6Gxc4dcPlcIY-WfkplW3NvYYZ1lSIz93-f9SCLKBJZHBv5f5pXhbh1CsDYF1K0OFQtmSAFlr3NJZESQpZuScCkzrkss7As9MkCQafXQT0Yph3d4lk9IwnInm5Pghmvq89V46gTJvKewo65sk38jWZGZqK_Ei0cWw3KNXW8HVaTxswg6fHuR3o9PijINBrINU0Ii9UDOVRxwq0qc_7H5BZB2R0ekBPT0sJ8aL2a0YbWte9UjrYffPqTnuQDEjG2bUYN-u0DQ0BT8FPqYnJHPJA6AFqJV4nQaKxzY3LlEzex9DsRkwKS91Ma3YC44HsmCvYwzZoq19oPpL65eut9Fg7nJy9M0IYsVY_GooEgxJcy898QWTglWc4xRAkr4rlx4MqNtBgWZjROaFTVgcy0HPMaq7yEIxFOVgjiEeyK73qB7ST_T_q1kp3YZwC_t3ddOY4p3E-5Q5l62btvK5EzISo7hBseVjIAnWbG3IJ911ounT_B6tK7js90WbYp8rxHkWv08x6SLwg063R2IFnvBkVhAbG9hU0nNtx2JfzQFZGPT_g65R6fWutuv5UWgAsfXY6Jmw3vlK25m0g9djbRguzd_DyMQ1h3yWwQ4L89qmG6qYhxhboQCZpT-HMH0aiMdDiQr6nOfVmTrlhlXSpm_FoONFHWqOUTbLnsjuMwHfeYX0xQqumVjyTVFxesWn0LUOcEEu3f6Y4Dz5Vken3GzugjMsjQCNGreGtKYyHNzxJzsrAiGafgdh3FMGzIRbY8eDEolE-KHu53JlpaJbkuxL2zTEXQiTtp25yt_on4xgfofSnfdeXMnTG9oS_ZEGUumkg9C4bvsIhsMz1hU0MYSgZdcPzoBlOyX0Ry6Mxo16TAPwNS4e2VJa1yMpvB4n0zEKd-3kbliBDoS9d6vLpd1EV5D81b-_zF3m_z7xZEZt7s4--zIlHXCmNwpnhKj7FZFN5S3OG8wCwCnq4P9H3Ns1_VI8FzgeV9xO08ZqXeb9_VURlIS5Ks

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20240122/r20110914/zrt_lookup_fy2021.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 29 Jan 2024 16:39:41 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 view
ad.doubleclick.net/pcs/ Frame 6D73 0
0 69ms
68ms Fetch
image/gif 142.250.185.102
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://ad.doubleclick.net/pcs/view?xai=AKAOjssOQ0EdsIdDUYIT2MJtfU9_DySiJEJ-My40gya99QrU27YWIc3hLz2ZgUfzF2q4r9GAhEXBsWQEHXB9P6b-oikM8IdgELo0RifTYfWzS9jNxoTVpTWXt9gzrOt0GqP_QZ2ExoCKBEsyQYBl7fPGlIFIPFjgovYdHQFIuB2qWmTh-P7qG6S8QHFFV2cH-jkVOjtypJQYa8ZB3UzNHY12kWDg_DoG9pttwubeMZUogOstt-h8ZoMc5Sb1iaiQqNcKPsdh_QBzNTk8Z2BM68X9ka5UTnifjHWh5bVFSt3g16wnv1lWkPNjSMogYJB-yUoQB6CrCoCPSWVdX492pAD0YGzElkAGV5F4ztYpwaqmFG5Dco9kMYiuSMTmpmDbkaCYEFk0yg5J7iIn8YQScBeMRGXyEzqOpWYHDEdzKVaLBK4bveXBJzf2-uFK-be1eKwe2ke_pjJ9_EafmZ3ONzU09DLd2MauDwJPEeDoi2N-YGpJJviI71XCkjQ-0sovEmu17EW0bmeITqvNXMqMG-eiulMB9Vy0oIZCjR7Qbdqufh09i6sz6YA_RW6r0dQtNqMWlUYVgUph1tdQgFzyuKyOwdZShy1RzLEitEeivjZKIRojt7drQHYYwWe-Mkd3TpNQ4t2OmeFBsIDREYNC6VxQUhrWea9zS9I3WmCrrz8LJ1lHG7HfrWMRuiJ7zNZSjFymxLQrvzEGgn7nrB1c4fBTkSjQ0JMOvmERdum_Fti0E2s0KATtN76E71EHCgHXIZFc72Q5gEqqm45G22ioQffLqOmkXm5fYuS6X0d_eVQ_Cl3di0X1aY2hw4R7Us0K1jGd_FEO847BMStQjvVaWaexJ7-8jWTYgUhiuBfAahEsIhGwl6kBS6vfCdLKtl9v8b-lcrRv4n6tOJXd1aNyIjBoOj9WQbmwVA9_ZT31ZdQkqNbYpzurQ-z2Zz5BygCW6IR00reU8FsRbztTplXaZwSQsSi3otElNVGFBapysJoXM04IXJT2RH_OKTSqkynASU2yxl9Ta9nUBapbgwwSHDvxIe5tXe1zE9Wx8He5eazucFq06vR-OQJ-ChXxUC7iBgZkjNBadViEnCNs6ywK8Z-wDFa5ywO0LxmwhrczaUZDrDOx2LrKQjKfrTNiX9wsHnjPfokymQ8W3x6rIuOqWLTWtqZXkTN9cclCpX4r7koY-IWlmbY5quYMhGEE8Z_wj01uZzxbJUKaDaNcyGmyM-2MWbUlkyKSD3uthpwohkoxDyzvenNvZlLADXsEpWfRbAhvYFHxzztv0aaUqz_jNH9OB8CvzQIu&sai=AMfl-YRMrrhg8rOLO_3qnAbt5FSrZH7QvQXPkF95v2Lcz7CBHfYmld2EkE6kLpG9Cyzd8pDGcW-_qke0DvKcDmf632uJkwvf5tMBoJUKhS0zvjPIqW6AzpSHToz_31jhDjOPUrbI4a8uM4ecUwdAtyYFMS-dHMaLeNjD5mKP95p4rS3gj52j4zKB9tfeAx7hZJpmpRzDp6aQqqUCmF21XIBZe4hpQMi0lcoL16bSKv0qdrigDgYYhQnX6Uv4ZlWHmIpOx3ALDv6slIzNSgaKZ37s8OE2R6r7hOtv52wQp9QdUsdE73Hei74S52CylJZQW-5JpnPoBK3sRL2lDGHzmFuaeBChfmdpj1y35v-Ebxp2Z7N2F_zVkomQlKVBkfVrnnqxSg4iDV-5eL09pw1ZPz6LQIi0QIW9R1FxyhjZg9T7tZyUL56q1XhFIPD6Di3Dhs4XWWFbm24qH45JXRVDCfdrI41ee7EPmdKptHMNv0Us6lhbl6knIchdfJFTElxsKr6NUS1y&sig=Cg0ArKJSzBw7Jwgf_NQ3EAE&uach_m=%5BUACH%5D&pr=missingexchangepricemacro&crd=aHR0cHM6Ly9iaXRkZWZlbmRlci5jb20saHR0cHM6Ly9iaXRkZWZlbmRlci5mcg&fbs_aeid=%5Bgw_fbsaeid%5D&urlfix=1&omid=0&rm=1&ctpt=548&vt=11&dtpt=390&dett=3&cstd=157&cisv=r20240122.88761&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&arae=0&ftch=1&adurl=

Requested by

Host: turfologie.fr.gd
URL: https://turfologie.fr.gd/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.185.102 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s49-in-f6.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Mon, 29 Jan 2024 16:39:41 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: private
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0

GET
H3 200 9c69f07deadda884c61396a404004929.svg
s0.2mdn.net/sadbundle/15205685216655332109/media/ Frame 45D8 1 KB
643 B 32ms
31ms Image
image/svg+xml 2a00:1450:4001:82f::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/sadbundle/15205685216655332109/media/9c69f07deadda884c61396a404004929.svg

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/15205685216655332109/8f0cec8041c165cafb6d32d04ed8f04b.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82f::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

fa3efcb1022504df85ff9f59acd76923266eb8a078b3e746457223967d82ba2e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://s0.2mdn.net/sadbundle/15205685216655332109/index.html?ev=01_250
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

expires: Fri, 24 Jan 2025 14:45:55 GMT
date: Thu, 25 Jan 2024 14:45:55 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 352426
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 613
x-xss-protection: 0
last-modified: Thu, 14 Dec 2023 11:10:04 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
allow-fenced-frame-automatic-beacons: true

GET
H3 200 6d7052ff6df13eae564657f4b45cc79a.svg
s0.2mdn.net/sadbundle/15205685216655332109/media/ Frame 45D8 5 KB
3 KB 33ms
32ms Image
image/svg+xml 2a00:1450:4001:82f::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/sadbundle/15205685216655332109/media/6d7052ff6df13eae564657f4b45cc79a.svg

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/15205685216655332109/8f0cec8041c165cafb6d32d04ed8f04b.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82f::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

caf195ab94cbfaf21aaae06763f8600b9801e4a8423311963e8e913cddc06150

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://s0.2mdn.net/sadbundle/15205685216655332109/index.html?ev=01_250
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

expires: Tue, 28 Jan 2025 15:46:50 GMT
date: Mon, 29 Jan 2024 15:46:50 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 3171
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 2640
x-xss-protection: 0
last-modified: Thu, 14 Dec 2023 11:10:04 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
allow-fenced-frame-automatic-beacons: true

GET
H3 200 1c6b34ea327760cdc6583ab92f7e8832.png
s0.2mdn.net/sadbundle/15205685216655332109/media/ Frame 45D8 8 KB
8 KB 33ms
32ms Image
image/png 2a00:1450:4001:82f::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/sadbundle/15205685216655332109/media/1c6b34ea327760cdc6583ab92f7e8832.png

Requested by

Host: turfologie.fr.gd
URL: https://turfologie.fr.gd/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82f::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

59e50d4289f223d9c475d992d8069c2b799704feefdd7e8eabebd2a49bb31df1

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://s0.2mdn.net/sadbundle/15205685216655332109/index.html?ev=01_250
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

expires: Fri, 24 Jan 2025 14:45:56 GMT
date: Thu, 25 Jan 2024 14:45:56 GMT
x-content-type-options: nosniff
age: 352425
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 8224
x-xss-protection: 0
last-modified: Thu, 14 Dec 2023 11:10:04 GMT
server: sffe
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
allow-fenced-frame-automatic-beacons: true

GET
H3 200 8c68f26fc9961acfb78efaa74f684c27.png
s0.2mdn.net/sadbundle/15205685216655332109/media/ Frame 45D8 2 KB
2 KB 34ms
33ms Image
image/png 2a00:1450:4001:82f::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/sadbundle/15205685216655332109/media/8c68f26fc9961acfb78efaa74f684c27.png

Requested by

Host: turfologie.fr.gd
URL: https://turfologie.fr.gd/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82f::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

5deec59d8ecaebf084aeb4dfdd665b3b5ae8aefa8a7cc7f76707524772912bcd

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://s0.2mdn.net/sadbundle/15205685216655332109/index.html?ev=01_250
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

expires: Wed, 22 Jan 2025 23:35:25 GMT
date: Tue, 23 Jan 2024 23:35:25 GMT
x-content-type-options: nosniff
age: 493456
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 2104
x-xss-protection: 0
last-modified: Thu, 14 Dec 2023 11:10:04 GMT
server: sffe
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
allow-fenced-frame-automatic-beacons: true

GET
H2 200 view
ad.doubleclick.net/pcs/ Frame 9EBE 0
0 69ms
69ms Fetch
image/gif 142.250.185.102
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://ad.doubleclick.net/pcs/view?xai=AKAOjssOfhiyYNoOjIrZkwyvVrr5Jbmk6AB1MNj8gkMmRDMibKoElC7oSUr-wj_ghbB04uNTN9d2-Mab-9lr50foF9XwZlJFuQoX1e64tS5jJwqdqtGkxybOmzCOBH2t67-Bk-rTIhutK1kTSRSawYg6HJc8JK9NIc9PjqveXgCNTXnxcLmTTNdJIk4SyIlh2AWey6glXxHCi880xNgJEcnOPjILcqtbacUXl4HZZzJpS1FX_RmHwrwiqZ0KMziBK3rlim-T_17G8MycWWqAn38qJy4ukl-vdp_zOlaBJvr7XW_WnjlvWrd3Obr9hptXAg-XZOamUP7L4QoAmqnl29BElD3F-S4tHXqovgij70A_wQcl5NG152wAoIInKJchHraSxSh8tg9bu04P7UO4-KW13KE-IbAzbBgEvEksv8SCgIcMK7YF59_W0_dDpt5ooY_LZb4J7OjC-443q4qfK-zrI9TZ_LxfogB--RRo8Aaz5loB3zEtMP7LC---nlvMg2WCykle6x0KlbKyG0Yb6UESRAXu8EOhpohZ9RSytCpV_yYT-wVOoBb4_RZZ9digtpvceuOceX5zv03emCHEsN970R39cdXhRatV_eTY2Xme6L5QQ9pMzM33P8v7dAEzAXeLEgDqUuSzXzlUe_U2Bgt7ecsXir8KpiKDMtISP24DD5M9ladcd8As5woiGm4fBd-hXqHXY2G0TsvmBeazrnFlMn5QqKNmweMH_T5ToBlrtDrfDC52Lhp1GdfJofzNAUQUMZdQmh5MiQjPMrFAhXcsym0vWR9uORfQZO3hZnUr8UX9itVMqMF5FuJdtAO2EHf3ORlY5NyRv1Ln9eU7H1K4vt5K16_QHm9AoohJ0vZdvbYxFzQupq5vBLbbkOYTVn_9gu-svBTfnlJvkp9S6wNqoi0Firc60dBtkNVvDeROcCnrPZXseGnqsyZFSHXIW0p7pdLvwSJHyZl-4TdEbsftI4jCZZTQpQjwjbRQcYC1cb5oKbX8a_AMBrNp-SlUarmm1lCyVGNZGbmNWp9l0Zq7AhY4hK34o3yXpYl3P2GtT71X5BJ8nmB_iSqJ1V9ygzSQvUta6zY2fHSIa9KbobZJbJVf8bys0UpFff1ZgGSPuT2krXZKEjsMfEX3-KFbaTixoKwiY7O9YMFHyO5LHjW1FI2UIBhMZFeJ6Ru79pCdX_WbfvL6si-JUNyqVXEssw9-i3nw2DO-e9g1tw7OVthsKUihraJ2T3p6jH9sdn0O5DEzSaH0bL1SrAuqOsDMe3NtkaNQZ2d9gnH-ZWmym4-47kLH-Og&sai=AMfl-YTg5diSt-DVm40GGGJS9Ou2X-UfLdSkGPEmOwf9TezaMCC8JV8Vo_6siQuFP703Q1wKVIzhJUI92zWcK1L7ZSKaYEA1o-X1BJ5qsRy9dtY_E2oTbLDYIYPSAJwAixzLXjgEyn62Kil6c1kCbCR9NWfRAjZ18eQ9p0jBM3vtnWlU-DftHZzNmkf9uT_WsRF7H4URnUOLjAp1c13v_YXkmBm6YIQ7DfxUloX9XJYjNPMlNKOo81p0lCB0VTxPjSoN4f-0eUpg5m3V6A_9wv7kaZE_MvbdGtNTfM_VnDJ0SODuXSOspP4E98PdeUda0rukak2uib7NDZGa6MRMDf_xANslJrmSJPeAN0IQg9zVPGm5RoLzlnna-6bFw5Mtiu87B_Qdb7vKmfdYiBwr9Ek4EPQupaVZn088eypbyGRPcZ7ZFyqP_KxDzYCm_qd_1eBh4r8u6cQMAaMTrnK46XaXbsmQ2heukOXCMFmUmrpyytXV5HZjWJ3IUgelOJpKvhkjc15h&sig=Cg0ArKJSzD8CiYqzj7h1EAE&uach_m=%5BUACH%5D&pr=missingexchangepricemacro&crd=aHR0cHM6Ly9iaXRkZWZlbmRlci5jb20saHR0cHM6Ly9iaXRkZWZlbmRlci5mcg&fbs_aeid=%5Bgw_fbsaeid%5D&urlfix=1&omid=0&rm=1&ctpt=614&vt=11&dtpt=424&dett=3&cstd=188&cisv=r20240122.69846&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&arae=0&ftch=1&adurl=

Requested by

Host: turfologie.fr.gd
URL: https://turfologie.fr.gd/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.185.102 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s49-in-f6.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Mon, 29 Jan 2024 16:39:41 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: private
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0

GET
H2 200 view
ad.doubleclick.net/pcs/ Frame 7E0D 0
0 67ms
67ms Fetch
image/gif 142.250.185.102
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://ad.doubleclick.net/pcs/view?xai=AKAOjsuHyOOQERgsEu4XZpo76nI0WjR88b9MNSBN_-18qmTvEEY4k7w7-vxsdgu9sblv8HwpoZNVN5dDd1EScAWPSApLJY2W1fK166YeQ_DEl9sVKesUTxJmsFXIYTUG2THNmUCNEXOOw9m190mKwGMiFCx7BKuEPGNbHHpMgy37fNd97c6KAPCKwPsqCcTXK7l5EnD3ikL7ccy3Go_2JliNEK-uQLoQ2nZ7jgv5PKmapmSguoj-cXRnXwh6LTcTz4uJUqLIWPxbTVo-xhT5BFutdeikTeTB_8BPQLojGSvh7u3TcwPmVbJ0Xas7bVEa-hstp91U85Hkay8kSBxD57bo3c68sWEqdQnsIy6aqIV0FuNcDexm_oeBjFJNFmWiblV6CqN3iWtVj1OXWh-9_Q5JV5wkW4phtCRJ1cSure-0gvBFtnEOfDw7E388QPSnBy7cDgPKQkepsoylUvZ3gjMjcwr8tQF9aINRBUrVCrY-dzu7SZ4vOuFFsdefaMIxHnO9MlURhccab9sIoBMNlAdTy11oJ3FpVjwMwLavSJR7bVDAsxI8pgQip6-o2xy44vfAQ0cT1H-IQOr8FYJl80Vbj7wyl1NQWPbcETKJSbGGDdZoG3_0Tc2-PmJyawfaQmKBDouKBRCrQmrCsISXgqAtqFVJ-quBOh21iQ15-NV-y2iC6BYQYms7NG94tKilf-IFhFx4arZOH5_2wmrmHNVlJKn-Gi7HFMF5HiwSqfmLBosO-PBmr8VqU3FyS3Sn_omCZkEOhiNcVPJfe4p0LNn5MOwQNcHjeY97wV4BgZaRpyJB_9A-uxkJwnYfLEBsF_MfsI3kVF7iU_Qmti316aZYDYJfq2yPAk0y9hlbLwf0YHW43a9P12tPKzBO63jN1z1K7nnfjvCwGSV_PF_76_DBDSL7EFRm5_rH-5zcTL-ljX55YCk0tkyJNiLXxlO-pOsVSY-b4VHWcJN9mXrTDcaMZc2WRl6m1k8_lDTW5BcJbdUSffTTPuPuaEC8dDiv1mFt1oU77KoKOyCEqp2U8jzbRhJsrr9RdlUPBZfZIEF27_nNfhu3vz5xawHtEYmLtGU2h0cliraUe0Un85TS375HUFsSkZLTOB4SWzYKT3IsVhBcyhJDW3C83MPAi5x3i9vPhX8xtmWYYrycbS30DzgmV7AkKvQzKNYiY3iYIIe4IaUMWwDbeMuCiM8YV0qdQ3E40hnJNfY6GNMHB6TuNy4iZ83mlm31d_qQa285HVRGGZ8X2uaDDXM7LgH6pA1Qy9o2bJ2oCxXgniUrl-3DkCco_NCky_c&sai=AMfl-YQpZnV6VSeyIF8LaPQo-fnOo3Y7P_7r95e7ODU12s6Ae9J8sFEHU_33Hkt8_sCrsZmU2JZUqEb1Lhy9Y18hIROmhpS-b6fkam_R2q0q8dFtsl1JMka3u5tBpyt0PyAwcl87jatl5F3ZhjJSnda0MWh4uTP6lNdfRwcOopb40bPRYRLgJ0yfBQZWz12JlCStfdu3Bqf-PbWb1z0pogxEFRIW5gRkL5cig0HcdcMeQPbelCeOLs3QFXRwwq_B8AwRg7bfpcvno89XcccFGBiBS9aDBSFJGuwUP5e3vw1OR5_3rf5hyuiIMmcD59VicV9ZwHrm7ynBSBOWhewUGZw4UNwtaYztydnutb8icwBMRItND8b7d1wRElnHA1RgJ1SP3x6OfhES5JqJa9yMUn3mgm1ZDWjGa9Bxqy_YTpXg_OxzRmADOeeuI45PZ4bRnplx6b2gsdFIM4jvMpoelh90Df_phKIDr0uOt11ndsZS0VcNq1NvJPmC-YBDnRpb8k-S2PMO&sig=Cg0ArKJSzCIVEUFdksXQEAE&uach_m=%5BUACH%5D&pr=missingexchangepricemacro&crd=aHR0cHM6Ly9iaXRkZWZlbmRlci5jb20saHR0cHM6Ly9iaXRkZWZlbmRlci5mcg&fbs_aeid=%5Bgw_fbsaeid%5D&urlfix=1&omid=0&rm=1&ctpt=591&vt=11&dtpt=420&dett=3&cstd=170&cisv=r20240122.95635&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&arae=0&ftch=1&adurl=

Requested by

Host: turfologie.fr.gd
URL: https://turfologie.fr.gd/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.185.102 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s49-in-f6.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Mon, 29 Jan 2024 16:39:41 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: private
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0

GET
DATA 200
OK truncated
/ Frame 9EBE 219 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: bf3ddbe97885759feb1242d801e94a2a43cbb5c66d90f7d0068bde3405281546

Request headers

accept-language: fr-FR,fr;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

Content-Type: image/png

GET
H3 200 bf3254c3b5fa5352e62964381dccaa8b.png
s0.2mdn.net/sadbundle/7135979241717318397/media/ Frame D272 15 KB
15 KB 32ms
32ms Image
image/png 2a00:1450:4001:82f::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/sadbundle/7135979241717318397/media/bf3254c3b5fa5352e62964381dccaa8b.png

Requested by

Host: turfologie.fr.gd
URL: https://turfologie.fr.gd/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82f::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

01d8d3a192ae9fc60e6f857b9341d7aeec4d05fc2e2dc3317f65413f8cfb4992

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://s0.2mdn.net/sadbundle/7135979241717318397/index.html?ev=01_250
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

expires: Fri, 24 Jan 2025 14:59:52 GMT
date: Thu, 25 Jan 2024 14:59:52 GMT
x-content-type-options: nosniff
age: 351589
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 14918
x-xss-protection: 0
last-modified: Thu, 14 Dec 2023 11:09:41 GMT
server: sffe
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
allow-fenced-frame-automatic-beacons: true

GET
H3 200 9401bca7c390a53a04ea672b0266554d.png
s0.2mdn.net/sadbundle/7135979241717318397/media/ Frame D272 2 KB
2 KB 33ms
33ms Image
image/png 2a00:1450:4001:82f::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/sadbundle/7135979241717318397/media/9401bca7c390a53a04ea672b0266554d.png

Requested by

Host: turfologie.fr.gd
URL: https://turfologie.fr.gd/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82f::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

36d54e4a3480145a1431b15dbe05120a18da23bd5221b4f86324775f6a7dcdc7

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://s0.2mdn.net/sadbundle/7135979241717318397/index.html?ev=01_250
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

expires: Thu, 23 Jan 2025 01:09:19 GMT
date: Wed, 24 Jan 2024 01:09:19 GMT
x-content-type-options: nosniff
age: 487822
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 2205
x-xss-protection: 0
last-modified: Thu, 14 Dec 2023 11:09:41 GMT
server: sffe
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
allow-fenced-frame-automatic-beacons: true

OPTIONS
H3 200 rs
ad4m.at/ Frame 0
0 1225ms
1199ms Preflight
text/plain 2606:4700:20::681a:ad1
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://ad4m.at/rs
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:20::681a:ad1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Headers: content-type
Access-Control-Request-Method: POST
Origin: https://as.ad4m.at
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: content-type
access-control-allow-methods: GET,PATCH,POST,OPTIONS,DELETE
access-control-allow-origin: https://as.ad4m.at
access-control-max-age: 1800
allow: HEAD,POST,GET,OPTIONS
alt-svc: h3=":443"; ma=86400
cf-cache-status: DYNAMIC
cf-ray: 84d2e9a528bd6f99-CDG
content-length: 24
content-type: text/plain
date: Mon, 29 Jan 2024 16:39:42 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=OFGHh09Ck3ed3irR3uu7Hp1aZBy%2Fn1iM8D8X7mJSd6qpAay5ho5PrjmIAdIwx6xAlCCz0Km046ef7BaSt2JEiaPDa2TqEW7VHAKYG8EUr7HGymieNZytUZX6WyDTN%2BjKciHfDCI%3D"}],"group":"cf-nel","max_age":604800}
server: cloudflare
via: 1.1 google
x-backend-server: aa-reachservice-group-europe-west1-gh0k

POST
H3 200 rs Show response
ad4m.at/ Frame 4CC2 1 KB
2 KB 169ms
168ms XHR
text/plain 2606:4700:20::681a:ad1
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://ad4m.at/rs
Requested by: Host: ad4m.at
URL: https://ad4m.at/r62eglto.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:20::681a:ad1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 86fd5ccc7546e95a3ec7b5e9cbced30741f3875dceb70afa739590b92f7e46c1

Request headers

Referer
accept-language: fr-FR,fr;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
Content-Type: application/json

Response headers

date: Mon, 29 Jan 2024 16:39:42 GMT
via: 1.1 google
content-encoding: br
cf-cache-status: DYNAMIC
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=hIxrjNQ47ok%2FDDN9%2BfldanV96JVpaquPcz3NBfbcmdHpsLKwWWIjOyl9IaxKWybcIzUNOOYc0hSH9WnuxjoUilcaJoMqAVm542cBI83Ys49s0MzWtyEZLJuDILZ7U3eh8Fzsi5A%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/plain
access-control-allow-origin: https://as.ad4m.at
access-control-allow-credentials: true
cf-ray: 84d2e9acaeab6f99-CDG
x-backend-server: aa-reachservice-group-europe-west1-gh0k
alt-svc: h3=":443"; ma=86400

GET
DATA 200
OK truncated
/ Frame 7E0D 215 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: a2058c642eb55be05939a9b8b4eef20f4bce5b286e21f418e2d35a091d61c00b

Request headers

accept-language: fr-FR,fr;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

Content-Type: image/png

GET
H3 200 bf3254c3b5fa5352e62964381dccaa8b.png
s0.2mdn.net/sadbundle/7135979241717318397/media/ Frame E39F 15 KB
15 KB 32ms
32ms Image
image/png 2a00:1450:4001:82f::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/sadbundle/7135979241717318397/media/bf3254c3b5fa5352e62964381dccaa8b.png

Requested by

Host: turfologie.fr.gd
URL: https://turfologie.fr.gd/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82f::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

01d8d3a192ae9fc60e6f857b9341d7aeec4d05fc2e2dc3317f65413f8cfb4992

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://s0.2mdn.net/sadbundle/7135979241717318397/index.html?ev=01_250
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

expires: Fri, 24 Jan 2025 14:59:52 GMT
date: Thu, 25 Jan 2024 14:59:52 GMT
x-content-type-options: nosniff
age: 351589
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 14918
x-xss-protection: 0
last-modified: Thu, 14 Dec 2023 11:09:41 GMT
server: sffe
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
allow-fenced-frame-automatic-beacons: true

GET
H3 200 9401bca7c390a53a04ea672b0266554d.png
s0.2mdn.net/sadbundle/7135979241717318397/media/ Frame E39F 2 KB
2 KB 35ms
35ms Image
image/png 2a00:1450:4001:82f::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/sadbundle/7135979241717318397/media/9401bca7c390a53a04ea672b0266554d.png

Requested by

Host: turfologie.fr.gd
URL: https://turfologie.fr.gd/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82f::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

36d54e4a3480145a1431b15dbe05120a18da23bd5221b4f86324775f6a7dcdc7

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://s0.2mdn.net/sadbundle/7135979241717318397/index.html?ev=01_250
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

expires: Thu, 23 Jan 2025 01:09:19 GMT
date: Wed, 24 Jan 2024 01:09:19 GMT
x-content-type-options: nosniff
age: 487822
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 2205
x-xss-protection: 0
last-modified: Thu, 14 Dec 2023 11:09:41 GMT
server: sffe
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
allow-fenced-frame-automatic-beacons: true

GET
H2

200

go Show response
r.linksprf.com/v2/ Frame B9AC
Redirect Chain

https://r.linksprf.com/v1/redirect?url=https://merrell.com&api_key=0c9f1e13224812486ecdd05fb272f01d&site_id=5a43b939b8a5408586ff2f7960675eb5&type=url&source=https://nakoona.com/de/search/merrell.co...
https://r.linksprf.com/v2/go?t=ct6p6%3Ae%2Fewb.5i6kdu7.4o0%2F4r8cd%2F3b9b3F1y0G4r3Svjd_ummBcJlVeQrMmU2vF5%25_3os6tbhtluunBJ8EXx_a1pLo9rf_a4Z9Pc%3F0rY%3DjtOph%25aAW2L%25EFGeXrhlw.yox%26biA%3D90e0B0o...

2 KB
880 B

59ms
59ms

Document
text/html

2606:4700:20::681a:dd7
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://r.linksprf.com/v2/go?t=ct6p6%3Ae%2Fewb.5i6kdu7.4o0%2F4r8cd%2F3b9b3F1y0G4r3Svjd_ummBcJlVeQrMmU2vF5%25_3os6tbhtluunBJ8EXx_a1pLo9rf_a4Z9Pc%3F0rY%3DjtOph%25aAW2L%25EFGeXrhlw.yox%26biA%3D90e0B0o0V4p8c62dkca4t8m7c4x1banfl1w1wc%2F2sft9h&e=1&ai=90e870cab1ea4219a7c796eaca5aa44e&sct=0&ct=1706546381852&cu=63ddc8448074471da6f51b1ece26f69c&ykuid=4fd70b69842d480dac2b29e52dc82045&sc=1&cs=85688ccf704d6b15c3ade70a2ef3f928
Requested by: Host: nakoona.com
URL: https://nakoona.com/search/merrell.com
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:dd7 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: d85061f28af90e7768a69f6a1ee8c3ffea3ff98506ea8a26dc9b59a7c0227eef

Request headers

Referer: https://nakoona.com/search/merrell.com
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
accept-language: fr-FR,fr;q=0.9

Response headers

cf-cache-status: DYNAMIC
cf-ray: 84d2e9a6daf3025d-CDG
content-encoding: br
content-type: text/html;charset=UTF-8
date: Mon, 29 Jan 2024 16:39:41 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=oWdTG%2BFdrviYYU1PHE5jHuWVGgoUTkkGaloY4Nd4%2FRjZ3jD%2BsRWdKB%2BfioFnPbHWsseqRXO5qkD9gM3zsjJcW1YHtwKFzhNOy1Zcv8173%2FiFtp6al8UrSC1MewxvU4cMasqeG7vbidhlZPJW"}],"group":"cf-nel","max_age":604800}
server: cloudflare

Redirect headers

cf-cache-status: DYNAMIC
cf-ray: 84d2e9a5d8a4025d-CDG
content-length: 0
date: Mon, 29 Jan 2024 16:39:41 GMT
location: /v2/go?t=ct6p6%3Ae%2Fewb.5i6kdu7.4o0%2F4r8cd%2F3b9b3F1y0G4r3Svjd_ummBcJlVeQrMmU2vF5%25_3os6tbhtluunBJ8EXx_a1pLo9rf_a4Z9Pc%3F0rY%3DjtOph%25aAW2L%25EFGeXrhlw.yox%26biA%3D90e0B0o0V4p8c62dkca4t8m7c4x1banfl1w1wc%2F2sft9h&e=1&ai=90e870cab1ea4219a7c796eaca5aa44e&sct=0&ct=1706546381852&cu=63ddc8448074471da6f51b1ece26f69c&ykuid=4fd70b69842d480dac2b29e52dc82045&sc=1&cs=85688ccf704d6b15c3ade70a2ef3f928
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
p3p: CP="CAO PSA OUR"
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=qVlAmpE6dway7jfKk9k8%2BTZdvNuIGiDB1aag7FOadnZQnemPWvN%2B49IlSMhKIwRjp4H6EW%2B3TFde9DVuB5BdESU7x0twoABcdRF8s0AQ8KJ0Uc50QO7n0iM3WVjQz2UwF9KphPU17TsADrTV"}],"group":"cf-nel","max_age":604800}
server: cloudflare

GET
H/1.1 200
OK 2bcbpFVyoGBreS9jA_bmxByJwVhQXMGUEvL5W_aoh6ObjtYu0ncJ9E4x_arpoL91f_aXZ8PB Show response
www.linkbux.com/track/ Frame B9AC 1 KB
1 KB 614ms
341ms Document
text/html 163.181.92.233
TAOBAO Zhejiang T...

General

Check archive.org

Show headers Download Go to

Full URL: https://www.linkbux.com/track/2bcbpFVyoGBreS9jA_bmxByJwVhQXMGUEvL5W_aoh6ObjtYu0ncJ9E4x_arpoL91f_aXZ8PB?url=https%3A%2F%2Fmerrell.com&uid=v03040001438963ddc8448074471da6f51b1ece26f69c
Requested by: Host: r.linksprf.com
URL: https://r.linksprf.com/v2/go?t=ct6p6%3Ae%2Fewb.5i6kdu7.4o0%2F4r8cd%2F3b9b3F1y0G4r3Svjd_ummBcJlVeQrMmU2vF5%25_3os6tbhtluunBJ8EXx_a1pLo9rf_a4Z9Pc%3F0rY%3DjtOph%25aAW2L%25EFGeXrhlw.yox%26biA%3D90e0B0o0V4p8c62dkca4t8m7c4x1banfl1w1wc%2F2sft9h&e=1&ai=90e870cab1ea4219a7c796eaca5aa44e&sct=0&ct=1706546381852&cu=63ddc8448074471da6f51b1ece26f69c&ykuid=4fd70b69842d480dac2b29e52dc82045&sc=1&cs=85688ccf704d6b15c3ade70a2ef3f928
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 163.181.92.233 Frankfurt am Main, Germany, ASN24429 (TAOBAO Zhejiang Taobao Network Co.,Ltd, CN),
Reverse DNS
Software: Tengine /
Resource Hash: f6735fd2f749ea557cad9b6f76f70223a7bb0f634416b048179b923025dcacee

Request headers

Referer: https://r.linksprf.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
accept-language: fr-FR,fr;q=0.9

Response headers

Connection: keep-alive
Content-Encoding: gzip
Content-Type: text/html; charset=utf-8
Date: Mon, 29 Jan 2024 16:39:42 GMT
EagleId: a3b55c9c17065463822408387e
Server: Tengine
Timing-Allow-Origin: *
Transfer-Encoding: chunked
Vary: Accept-Encoding
Via: cache21.l2us2[158,0], ens-cache8.de5[310,0]

GET
H2 200 activeview Show response
pagead2.googlesyndication.com/pcs/ Frame 6D73 42 B
174 B 241ms
241ms Fetch
image/gif 2a00:1450:4001:827::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjsuYh2cHQoQmIEzzTPjhIFLrHW2Vv0x3iX6D4fSSZ3ZNefxEZOnAe6PPqo-m9KGwqE-6Lm0nxHnVpg1j1or5c-5x85rYrm7us7oSuMIHFRfQy_5UUnj5BXdiSBJ8Q4uERpUACI2TVWFNxoMggHZNOKkwQ8pW&sai=AMfl-YRR_k_yGCdLTeYow7OszIcNUCHzEn92fHJujlOoLpsJjS7Fulq0hQ5zppQzDqHdKRi28RlZFGHHdtEbJXXh2k_DcQsRF2rEb1tMNVo45TFLLLHC4V0SncK2PrgikuUSs10nbf47tuYuCPaTBmOZ&sig=Cg0ArKJSzKYTI_XKaifBEAE&cid=CAQSTgAvHhf_OUpvVd8wIDVz4TL9kLQNE5T-HeQ1e-J1mH6aRmYlhVuC14C2mUPvKEJjXS1auANR5MSZpyVtGsP1mbKEsQeyfUJQsKRcZCmVXhgB&id=lidar2&mcvt=1000&p=0,0,90,728&mtos=485,968,1000,1000,1000&tos=485,483,32,0,0&v=20240124&bin=7&avms=nio&bs=0,0&mc=1&if=1&vu=1&app=0&itpl=20&adk=1812271801&rs=2&la=0&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0%3D&vs=4&r=v&co=170654638100&rst=1706546381003&rpt=386&met=ie&wmsd=0&pbe=0&vae=0&spb=0&ffslot=0&reach=0&io2=0

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/ufs_web_display.js?cache=r20110914

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 29 Jan 2024 16:39:42 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 activeview Show response
pagead2.googlesyndication.com/pcs/ Frame 9EBE 42 B
64 B 242ms
241ms Fetch
image/gif 2a00:1450:4001:827::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjssGPn2q6wJBzWFnl2PbCriCx17dOeROypZUlR6i66r1Szdh7GryRbGXc8ej_aRnO-aQ11kPw5kdv57ay8iGeeswSoovDbRoQX87Isij9UBEM5gu9fC9HebvQHRmzsYBK6ZwrdNQPYMpJCLgrgjZHyRmr5av&sai=AMfl-YTK1rwQ0scBdPj7MSItyIPuVKveR8TAGhHh-OK9JR7iUeuVvmS_I2CMIHr67QV8V-LjzOqHfpL23W0Bdav4bLykAEM4L85AMjOYkOqxBI2OkGXebK2a4zRBTzWOyvKOyKYBkIpIurAPPw_1hW00&sig=Cg0ArKJSzC_rktRy-fsCEAE&cid=CAQSTgAvHhf_OUpvVd8wIDVz4TL9kLQNE5T-HeQ1e-J1mH6aRmYlhVuC14C2mUPvKEJjXS1auANR5MSZpyVtGsP1mbKEsQeyfUJQsKRcZCmVXhgB&id=lidar2&mcvt=1000&p=0,0,600,160&mtos=1000,1000,1000,1000,1000&tos=1000,0,0,0,0&v=20240124&bin=7&avms=nio&bs=0,0&mc=1&if=1&vu=1&app=0&itpl=20&adk=1812271803&rs=2&la=0&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0%3D&vs=4&r=v&co=170654638100&rst=1706546380961&rpt=377&met=ie&wmsd=0&pbe=0&vae=0&spb=0&ffslot=0&reach=0&io2=0

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/ufs_web_display.js?cache=r20110914

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 29 Jan 2024 16:39:42 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 activeview Show response
pagead2.googlesyndication.com/pcs/ Frame 7E0D 42 B
64 B 241ms
241ms Fetch
image/gif 2a00:1450:4001:827::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjsvLpbfEkhIV2qd8eiUddnRJ3o-M1eocxiNdWf3ZAbgoZtcqjsZLIX9Q-StrWXXHnr3I6Uo8uIj7qig-OmeL9Y5eV_YwwJ3FSo2a7WQk6XiYKJSUz2PGom6YMNgLc3G09IuzvDkcH29sQ4tUug5ChaE09mpJ&sai=AMfl-YT-T29fYpfQ_L7Qg8NaPW3Lf2Di3xdrXJxPHDps7UaZ8yraZKCeCnjuIxdxTpoHr2MVkDqVoCc6qetY_GBITH7-jEqWxVROKzxQbM23WWVmybYgz_3EbzyKz5koDu3Gvn2dJ21tArE46zYrjSc6&sig=Cg0ArKJSzDNed06Zu6twEAE&cid=CAQSTgAvHhf_OUpvVd8wIDVz4TL9kLQNE5T-HeQ1e-J1mH6aRmYlhVuC14C2mUPvKEJjXS1auANR5MSZpyVtGsP1mbKEsQeyfUJQsKRcZCmVXhgB&id=lidar2&mcvt=1000&p=0,0,600,160&mtos=1000,1000,1000,1000,1000&tos=1000,0,0,0,0&v=20240124&bin=7&avms=nio&bs=0,0&mc=1&if=1&vu=1&app=0&itpl=20&adk=1812271804&rs=2&la=0&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0%3D&vs=4&r=v&co=170654638100&rst=1706546380984&rpt=353&met=ie&wmsd=0&pbe=0&vae=0&spb=0&ffslot=0&reach=0&io2=0

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/ufs_web_display.js?cache=r20110914

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 29 Jan 2024 16:39:42 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2

200

home
www.merrell.com/FR/fr_FR/ Frame B9AC
Redirect Chain

https://prf.hn/click/camref:1100lvhsR/pubref:lb_44t3q1x/[subaffiliatedomain:https%3A%2F%2Fwww.yieldkit.com%2F]/destination:https%3A%2F%2Fmerrell.com
https://merrell.com/?clickref=1100lycgIMnk
https://www.merrell.com/
https://www.merrell.com/US/en/gateway?utm_source=Criteo&utm_medium=Display_Prospecting&utm_campaign=DIS_PROS-MERR-US-ECOM-EVERGREEN-MID_FUNNEL-LAL&utm_content=Dynamic&cto_pld=uXiXSUQJAQBbvO98FaUNDg
https://www.merrell.com/FR/fr_FR/incoming?cto_pld=uXiXSUQJAQBbvO98FaUNDg&utm_campaign=DIS_PROS-MERR-US-ECOM-EVERGREEN-MID_FUNNEL-LAL&utm_medium=Display_Prospecting&utm_source=Criteo&utm_content=Dyn...
https://www.merrell.com/FR/fr_FR/home

0
0

207ms
206ms

Document
text/html

104.17.142.22
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.merrell.com/FR/fr_FR/home

Requested by

Host: www.linkbux.com
URL: https://www.linkbux.com/track/2bcbpFVyoGBreS9jA_bmxByJwVhQXMGUEvL5W_aoh6ObjtYu0ncJ9E4x_arpoL91f_aXZ8PB?url=https%3A%2F%2Fmerrell.com&uid=v03040001438963ddc8448074471da6f51b1ece26f69c

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.17.142.22 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000
X-Frame-Options	SAMEORIGIN

Request headers

Referer: https://www.linkbux.com/track/2bcbpFVyoGBreS9jA_bmxByJwVhQXMGUEvL5W_aoh6ObjtYu0ncJ9E4x_arpoL91f_aXZ8PB?url=https%3A%2F%2Fmerrell.com&uid=v03040001438963ddc8448074471da6f51b1ece26f69c
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
accept-language: fr-FR,fr;q=0.9

Response headers

accept-ranges: bytes
cache-control: no-cache, no-store, must-revalidate
cf-cache-status: DYNAMIC
cf-ray: 84d2e9b2e95fd67a-CDG
content-encoding: gzip
content-type: text/html;charset=UTF-8
date: Mon, 29 Jan 2024 16:39:44 GMT
expires: Thu, 01 Dec 1994 16:00:00 GMT
pragma: no-cache
server: cloudflare
strict-transport-security: max-age=15552000
vary: accept-encoding
x-dw-request-base-id: zoR_IN6qt2UBAAB_
x-frame-options: SAMEORIGIN

Redirect headers

accept-ranges: bytes
cache-control: no-cache, no-store, must-revalidate
cf-cache-status: DYNAMIC
cf-ray: 84d2e9b1af19d67a-CDG
content-length: 99
content-type: text/html;charset=UTF-8
date: Mon, 29 Jan 2024 16:39:43 GMT
expires: Thu, 01 Dec 1994 16:00:00 GMT
location: /FR/fr_FR/home
pragma: no-cache
server: cloudflare
strict-transport-security: max-age=15552000
x-dw-request-base-id: zoSq-M_Ut2UBAAB_

GET
H3 200 rar Show response
as.ad4m.at/ad/ Frame 0DB0 9 KB
4 KB 68ms
68ms Document
text/html 2606:4700:20::681a:bd1
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://as.ad4m.at/ad/rar?a=196790%2C197918%2C15737&b=ZkGTwfqrhzXdAHmHDHDt3t19zPSVTXTx33tJ%2CY8gUrfZxf54jDHVH9HetQt6WVpFAT1T4pphr%2CY8gUrfZxf1ezsVH9HetQtY6ACAT1T4pphr&f=9EqCMf7Aad4JKUKHBH2tzCPXQJHwTmTZYYsd%2Cq76smf3RuJQGKCZHgHDtRC45VZhPTgTA22C3%2Cq76smf3RuD9ZsZHgHDtRCK48sPTgTA22C3&c=728&d=90&e=&g=617ff30be3fdf0fb67ba411a53612b2e%2F15196297185498404435&i=71382%2C82249%2C2951&j=16%2C15%2C15&k=0&l=0&m=0&n=&p=&q=&o=suite_Netmix_Reach61_Tech&r=1706546382908&h=https%3A%2F%2Fas.ad4m.at%2Fdct%3Fed%3D1kqsw9cy4xgzckn0gjzs76be2c293cngmfs8r26sy2f0d9aq6ng3e5spwmj5783tm1tk9yqfvagmewdq9khd61bafjt9cqvrxxy2zdcyz9c99g47fy21g82xhjztbyzbxsrtcsng2s0x316p8hsa304r2xzcnf7xndn43z2c1xgd8489chq1hswswxqnpergxf1efx9ydtghyvjb2hps3y3tv25d9r2f8mr2z38htd4ctzcezb87vavm6r09j8qtk5kqzevpj48gj5a9fsw0%26h%3Dhttps%253A%252F%252Fadclick.g.doubleclick.net%252Faclk%253Fsa%253DL%2526ai%253DCLhjmzNS3ZefUNIOl_tMP2siSqAXi0rL2YcexjoqOCMCNtwEQASAAYPvhhYOcCoIBF2NhLXB1Yi01MzA5NDcyMDE2ODIwNjcyyAEJqQIslPxxvCiyPqgDAcgDAqoEyQFP0MVZSvSR_AEPS-iWJwPF8tT_seVxwHl-TvxtTtriJwJjeqUCi34rhT0dauxHiyssWr7Hd5NiPEaWS8nfJdHD95ri01EPEAeqCDGclYpjfmIxCWseedKj_lBfHvsaPCdoq44uyRXKPpEQXb5q6VM3wb7j9x_ZqDOJJxYwvNLzV1tvgB2R0xPRI1VUvx_aYmMIZwpXiGAsg7JfWw4c22fhsZ0BmLREqQywLjHElrhoJEPnnZhrYmajyHf8gtHt_M5WGfZUwhb320OABvjMiNHHpbHPI6AGIagHpr4bqAeW2BuoB6qbsQKoB4OtsQKoB_-esQKoB9-fsQLYBwDSCB0IgOGAEBABMgKqAjoCgEBIvf3BOljAnsfWhIOEA_oLAggBgAwB0BUBgBcB%2526num%253D1%2526sig%253DAOD64_31UGafS58E6dfBAsNis8fDdj5e_A%2526client%253Dca-pub-5309472016820672%2526adurl%253D&y=1&s=&z=0

Requested by

Host: ad4m.at
URL: https://ad4m.at/r62eglto.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:20::681a:bd1 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

33941c75a879067d2324af52ef19991b574886a55f29bd35d28414c5c41c5de9

Security Headers

Name	Value
Content-Security-Policy	block-all-mixed-content; report-to report-endpoint;report-uri /ad/rcv; upgrade-insecure-requests;sandbox allow-scripts allow-same-origin allow-popups allow-popups-to-escape-sandbox;base-uri https:;child-src ;connect-src https:;default-src 'self';font-src ;form-action 'none';frame-src ;img-src https: data:;manifest-src 'none';media-src 'none';object-src 'none';worker-src 'none';script-src https: 'unsafe-inline' 'unsafe-eval';style-src 'unsafe-inline'
Strict-Transport-Security	max-age=86400; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://as.ad4m.at/ad/dr?ed=1jdcytn525d253gq9mkv2acvgq5y9yb36n5733xqmans96n7z2f1vk2y52m86m6qcn0tsyattmrpxtm04h5yddfkr3wcecwh08s4qnsp2b8aanhtbxpp5jfmr4a5m83rq4vrx4mg19ytvy5hqck339gztg6cspad714jqf44zzrmm3c98pdd373ewcs56217aam5vqxkaymr9xmygvtxmbd434km2e4jnm2kb44ednyt894etwvvvjfh716cbmgmrkznr9e1s77vtyk2rrsnge3dxb7dbjygkc3d3nka64mv1nveb4y8raykrntkc64wp0b9dxbxx1m2pknqp6kykqd1045ve5bd2tdg00hv606b6c9erve3p5fkcxnhxmmqqvzjp43c852ah4h8s7sz503n7z7c83nmjm3whbv4yqy0m4nvae7x3b0&x=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCLhjmzNS3ZefUNIOl_tMP2siSqAXi0rL2YcexjoqOCMCNtwEQASAAYPvhhYOcCoIBF2NhLXB1Yi01MzA5NDcyMDE2ODIwNjcyyAEJqQIslPxxvCiyPqgDAcgDAqoEyQFP0MVZSvSR_AEPS-iWJwPF8tT_seVxwHl-TvxtTtriJwJjeqUCi34rhT0dauxHiyssWr7Hd5NiPEaWS8nfJdHD95ri01EPEAeqCDGclYpjfmIxCWseedKj_lBfHvsaPCdoq44uyRXKPpEQXb5q6VM3wb7j9x_ZqDOJJxYwvNLzV1tvgB2R0xPRI1VUvx_aYmMIZwpXiGAsg7JfWw4c22fhsZ0BmLREqQywLjHElrhoJEPnnZhrYmajyHf8gtHt_M5WGfZUwhb320OABvjMiNHHpbHPI6AGIagHpr4bqAeW2BuoB6qbsQKoB4OtsQKoB_-esQKoB9-fsQLYBwDSCB0IgOGAEBABMgKqAjoCgEBIvf3BOljAnsfWhIOEA_oLAggBgAwB0BUBgBcB%26num%3D1%26sig%3DAOD64_31UGafS58E6dfBAsNis8fDdj5e_A%26client%3Dca-pub-5309472016820672%26adurl%3D
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
accept-language: fr-FR,fr;q=0.9

Response headers

alt-svc: h3=":443"; ma=86400
cache-control: no-store, no-cache, must-revalidate, proxy-revalidate
cf-cache-status: DYNAMIC
cf-ray: 84d2e9adcd636f36-CDG
content-encoding: br
content-security-policy: block-all-mixed-content; report-to report-endpoint;report-uri /ad/rcv; upgrade-insecure-requests;sandbox allow-scripts allow-same-origin allow-popups allow-popups-to-escape-sandbox;base-uri https:;child-src *;connect-src https:;default-src 'self';font-src *;form-action 'none';frame-src *;img-src https: data:;manifest-src 'none';media-src 'none';object-src 'none';worker-src 'none';script-src https: 'unsafe-inline' 'unsafe-eval';style-src * 'unsafe-inline'
content-type: text/html; charset=utf-8
cross-origin-embedder-policy: unsafe-none
cross-origin-opener-policy: unsafe-none
cross-origin-resource-policy: cross-origin
date: Mon, 29 Jan 2024 16:39:43 GMT
expires: 0
nel: {"failure_fraction":"1.0","max_age":86400,"report_to":"report-endpoint","success_fraction":"0.0","include_subdomains":true}
permissions-policy: accelerometer=(),autoplay=(self),camera=(),display-capture=(),encrypted-media=(self),fullscreen=(),gamepad=(),geolocation=(),gyroscope=(),hid=(),identity-credentials-get=(),idle-detection=*,local-fonts=*,magnetometer=(),microphone=(),midi=(),otp-credentials=(),payment=(),picture-in-picture=(),screen-wake-lock=(),serial=(),sync-xhr=(),usb=(),web-share=*,xr-spatial-tracking=()
pragma: no-cache
referrer-policy: same-origin
report-to: {"endpoints":[{"url":"/ad/vre"}],"group":"report-endpoint","max_age":86400}
server: cloudflare
strict-transport-security: max-age=86400; includeSubDomains; preload
surrogate-control: no-store
vary: accept-encoding
via: 1.1 google
x-content-type-options: nosniff
x-download-options: noopen
x-xss-protection: 1; mode=block

GET
H3 200 default.css
as.ad4m.at/ad/style/0.1.50/one-ad/ Frame 0DB0 115 KB
14 KB 59ms
59ms Stylesheet
text/css 2606:4700:20::681a:bd1
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://as.ad4m.at/ad/style/0.1.50/one-ad/default.css
Requested by: Host: as.ad4m.at
URL: https://as.ad4m.at/ad/rar?a=196790%2C197918%2C15737&b=ZkGTwfqrhzXdAHmHDHDt3t19zPSVTXTx33tJ%2CY8gUrfZxf54jDHVH9HetQt6WVpFAT1T4pphr%2CY8gUrfZxf1ezsVH9HetQtY6ACAT1T4pphr&f=9EqCMf7Aad4JKUKHBH2tzCPXQJHwTmTZYYsd%2Cq76smf3RuJQGKCZHgHDtRC45VZhPTgTA22C3%2Cq76smf3RuD9ZsZHgHDtRCK48sPTgTA22C3&c=728&d=90&e=&g=617ff30be3fdf0fb67ba411a53612b2e%2F15196297185498404435&i=71382%2C82249%2C2951&j=16%2C15%2C15&k=0&l=0&m=0&n=&p=&q=&o=suite_Netmix_Reach61_Tech&r=1706546382908&h=https%3A%2F%2Fas.ad4m.at%2Fdct%3Fed%3D1kqsw9cy4xgzckn0gjzs76be2c293cngmfs8r26sy2f0d9aq6ng3e5spwmj5783tm1tk9yqfvagmewdq9khd61bafjt9cqvrxxy2zdcyz9c99g47fy21g82xhjztbyzbxsrtcsng2s0x316p8hsa304r2xzcnf7xndn43z2c1xgd8489chq1hswswxqnpergxf1efx9ydtghyvjb2hps3y3tv25d9r2f8mr2z38htd4ctzcezb87vavm6r09j8qtk5kqzevpj48gj5a9fsw0%26h%3Dhttps%253A%252F%252Fadclick.g.doubleclick.net%252Faclk%253Fsa%253DL%2526ai%253DCLhjmzNS3ZefUNIOl_tMP2siSqAXi0rL2YcexjoqOCMCNtwEQASAAYPvhhYOcCoIBF2NhLXB1Yi01MzA5NDcyMDE2ODIwNjcyyAEJqQIslPxxvCiyPqgDAcgDAqoEyQFP0MVZSvSR_AEPS-iWJwPF8tT_seVxwHl-TvxtTtriJwJjeqUCi34rhT0dauxHiyssWr7Hd5NiPEaWS8nfJdHD95ri01EPEAeqCDGclYpjfmIxCWseedKj_lBfHvsaPCdoq44uyRXKPpEQXb5q6VM3wb7j9x_ZqDOJJxYwvNLzV1tvgB2R0xPRI1VUvx_aYmMIZwpXiGAsg7JfWw4c22fhsZ0BmLREqQywLjHElrhoJEPnnZhrYmajyHf8gtHt_M5WGfZUwhb320OABvjMiNHHpbHPI6AGIagHpr4bqAeW2BuoB6qbsQKoB4OtsQKoB_-esQKoB9-fsQLYBwDSCB0IgOGAEBABMgKqAjoCgEBIvf3BOljAnsfWhIOEA_oLAggBgAwB0BUBgBcB%2526num%253D1%2526sig%253DAOD64_31UGafS58E6dfBAsNis8fDdj5e_A%2526client%253Dca-pub-5309472016820672%2526adurl%253D&y=1&s=&z=0
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:20::681a:bd1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 5f5a0db09b2c7d59fce00d749f6b857d80edafcca6897c038c5b77fb942f1393

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://as.ad4m.at/ad/rar?a=196790%2C197918%2C15737&b=ZkGTwfqrhzXdAHmHDHDt3t19zPSVTXTx33tJ%2CY8gUrfZxf54jDHVH9HetQt6WVpFAT1T4pphr%2CY8gUrfZxf1ezsVH9HetQtY6ACAT1T4pphr&f=9EqCMf7Aad4JKUKHBH2tzCPXQJHwTmTZYYsd%2Cq76smf3RuJQGKCZHgHDtRC45VZhPTgTA22C3%2Cq76smf3RuD9ZsZHgHDtRCK48sPTgTA22C3&c=728&d=90&e=&g=617ff30be3fdf0fb67ba411a53612b2e%2F15196297185498404435&i=71382%2C82249%2C2951&j=16%2C15%2C15&k=0&l=0&m=0&n=&p=&q=&o=suite_Netmix_Reach61_Tech&r=1706546382908&h=https%3A%2F%2Fas.ad4m.at%2Fdct%3Fed%3D1kqsw9cy4xgzckn0gjzs76be2c293cngmfs8r26sy2f0d9aq6ng3e5spwmj5783tm1tk9yqfvagmewdq9khd61bafjt9cqvrxxy2zdcyz9c99g47fy21g82xhjztbyzbxsrtcsng2s0x316p8hsa304r2xzcnf7xndn43z2c1xgd8489chq1hswswxqnpergxf1efx9ydtghyvjb2hps3y3tv25d9r2f8mr2z38htd4ctzcezb87vavm6r09j8qtk5kqzevpj48gj5a9fsw0%26h%3Dhttps%253A%252F%252Fadclick.g.doubleclick.net%252Faclk%253Fsa%253DL%2526ai%253DCLhjmzNS3ZefUNIOl_tMP2siSqAXi0rL2YcexjoqOCMCNtwEQASAAYPvhhYOcCoIBF2NhLXB1Yi01MzA5NDcyMDE2ODIwNjcyyAEJqQIslPxxvCiyPqgDAcgDAqoEyQFP0MVZSvSR_AEPS-iWJwPF8tT_seVxwHl-TvxtTtriJwJjeqUCi34rhT0dauxHiyssWr7Hd5NiPEaWS8nfJdHD95ri01EPEAeqCDGclYpjfmIxCWseedKj_lBfHvsaPCdoq44uyRXKPpEQXb5q6VM3wb7j9x_ZqDOJJxYwvNLzV1tvgB2R0xPRI1VUvx_aYmMIZwpXiGAsg7JfWw4c22fhsZ0BmLREqQywLjHElrhoJEPnnZhrYmajyHf8gtHt_M5WGfZUwhb320OABvjMiNHHpbHPI6AGIagHpr4bqAeW2BuoB6qbsQKoB4OtsQKoB_-esQKoB9-fsQLYBwDSCB0IgOGAEBABMgKqAjoCgEBIvf3BOljAnsfWhIOEA_oLAggBgAwB0BUBgBcB%2526num%253D1%2526sig%253DAOD64_31UGafS58E6dfBAsNis8fDdj5e_A%2526client%253Dca-pub-5309472016820672%2526adurl%253D&y=1&s=&z=0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Mon, 29 Jan 2024 16:39:43 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 2157156
cf-polished: origSize=118430
alt-svc: h3=":443"; ma=86400
cf-bgj: minify
last-modified: Thu, 02 Nov 2023 10:26:17 GMT
server: cloudflare
etag: W/"486507ccce9ac587d11c0ef3f32a109a"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=TIVsciPLwPGHIPOcYzPv4tQNEc1%2Bpqbzns%2Bb%2FRBh7hj9gQjYZHPVHtP8RSMVAZ6NiFUk849G1vJ7Sea34xDos7oXYzPpz1Cvd2SKEpFWRIKKm%2FON0%2B%2BhVO14RUAVRwsT68lFnpRK%2Beg%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/css
cache-control: public, max-age=86400
cf-ray: 84d2e9ae3e926f36-CDG
expires: Tue, 30 Jan 2024 16:39:43 GMT

GET
H2 200 31A0E069CC6E65D06443D25481BB052E5252531C5557FD097A5A1C40B85EF34AAC89EC361A931DBD9E3CCF32717A3853AA2FF105B8A8D48E1EC18C5E49F650C1
assets.ad4m.at/logo/ Frame 0DB0 4 KB
5 KB 55ms
39ms Image
image/jpeg 2606:4700:20::681a:bd1
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://assets.ad4m.at/logo/31A0E069CC6E65D06443D25481BB052E5252531C5557FD097A5A1C40B85EF34AAC89EC361A931DBD9E3CCF32717A3853AA2FF105B8A8D48E1EC18C5E49F650C1
Requested by: Host: as.ad4m.at
URL: https://as.ad4m.at/ad/rar?a=196790%2C197918%2C15737&b=ZkGTwfqrhzXdAHmHDHDt3t19zPSVTXTx33tJ%2CY8gUrfZxf54jDHVH9HetQt6WVpFAT1T4pphr%2CY8gUrfZxf1ezsVH9HetQtY6ACAT1T4pphr&f=9EqCMf7Aad4JKUKHBH2tzCPXQJHwTmTZYYsd%2Cq76smf3RuJQGKCZHgHDtRC45VZhPTgTA22C3%2Cq76smf3RuD9ZsZHgHDtRCK48sPTgTA22C3&c=728&d=90&e=&g=617ff30be3fdf0fb67ba411a53612b2e%2F15196297185498404435&i=71382%2C82249%2C2951&j=16%2C15%2C15&k=0&l=0&m=0&n=&p=&q=&o=suite_Netmix_Reach61_Tech&r=1706546382908&h=https%3A%2F%2Fas.ad4m.at%2Fdct%3Fed%3D1kqsw9cy4xgzckn0gjzs76be2c293cngmfs8r26sy2f0d9aq6ng3e5spwmj5783tm1tk9yqfvagmewdq9khd61bafjt9cqvrxxy2zdcyz9c99g47fy21g82xhjztbyzbxsrtcsng2s0x316p8hsa304r2xzcnf7xndn43z2c1xgd8489chq1hswswxqnpergxf1efx9ydtghyvjb2hps3y3tv25d9r2f8mr2z38htd4ctzcezb87vavm6r09j8qtk5kqzevpj48gj5a9fsw0%26h%3Dhttps%253A%252F%252Fadclick.g.doubleclick.net%252Faclk%253Fsa%253DL%2526ai%253DCLhjmzNS3ZefUNIOl_tMP2siSqAXi0rL2YcexjoqOCMCNtwEQASAAYPvhhYOcCoIBF2NhLXB1Yi01MzA5NDcyMDE2ODIwNjcyyAEJqQIslPxxvCiyPqgDAcgDAqoEyQFP0MVZSvSR_AEPS-iWJwPF8tT_seVxwHl-TvxtTtriJwJjeqUCi34rhT0dauxHiyssWr7Hd5NiPEaWS8nfJdHD95ri01EPEAeqCDGclYpjfmIxCWseedKj_lBfHvsaPCdoq44uyRXKPpEQXb5q6VM3wb7j9x_ZqDOJJxYwvNLzV1tvgB2R0xPRI1VUvx_aYmMIZwpXiGAsg7JfWw4c22fhsZ0BmLREqQywLjHElrhoJEPnnZhrYmajyHf8gtHt_M5WGfZUwhb320OABvjMiNHHpbHPI6AGIagHpr4bqAeW2BuoB6qbsQKoB4OtsQKoB_-esQKoB9-fsQLYBwDSCB0IgOGAEBABMgKqAjoCgEBIvf3BOljAnsfWhIOEA_oLAggBgAwB0BUBgBcB%2526num%253D1%2526sig%253DAOD64_31UGafS58E6dfBAsNis8fDdj5e_A%2526client%253Dca-pub-5309472016820672%2526adurl%253D&y=1&s=&z=0
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:bd1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 1d1f6a84c35aab991d474a067d5f14e655fa8ea5c3519bb92d9a71d2988d9988

Request headers

accept-language: fr-FR,fr;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Mon, 29 Jan 2024 16:39:43 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 5231167
cf-polished: origSize=4505, status=webp_bigger
alt-svc: h3=":443"; ma=86400
content-length: 4232
cf-bgj: imgq:85,h2pri
last-modified: Thu, 12 Oct 2023 15:44:17 GMT
server: cloudflare
etag: "36214087bdcb89a564698df5c1defd1f"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=tCK2h0TH7%2FFaJJOQ%2Bfy3gJoT4tSWe14dxdkuQGSTz9XbSwHdfiqJ5XaVPKJ%2FjqLnr2G02W3fG4iD31ClznTKVviS6%2F5o0NQ898bhiKtcHx5HcdTIl28FCCqFv8q%2FSressGGW9xjwt%2BJDIJCn"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
cache-control: public, max-age=315360000, immutable
accept-ranges: bytes
cf-ray: 84d2e9ae4adb6f94-CDG

GET
H2 200 8CA49D8D79090BE352BFCF82B506B7D7F4E4BC522188C534F4134D324764EEED80C0EE215036BCC5E8727628B63576ED62EA385DC7897CD66DB6DA350B042577
assets.ad4m.at/product_image/ Frame 0DB0 17 KB
17 KB 81ms
65ms Image
image/jpeg 2606:4700:20::681a:bd1
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://assets.ad4m.at/product_image/8CA49D8D79090BE352BFCF82B506B7D7F4E4BC522188C534F4134D324764EEED80C0EE215036BCC5E8727628B63576ED62EA385DC7897CD66DB6DA350B042577
Requested by: Host: as.ad4m.at
URL: https://as.ad4m.at/ad/rar?a=196790%2C197918%2C15737&b=ZkGTwfqrhzXdAHmHDHDt3t19zPSVTXTx33tJ%2CY8gUrfZxf54jDHVH9HetQt6WVpFAT1T4pphr%2CY8gUrfZxf1ezsVH9HetQtY6ACAT1T4pphr&f=9EqCMf7Aad4JKUKHBH2tzCPXQJHwTmTZYYsd%2Cq76smf3RuJQGKCZHgHDtRC45VZhPTgTA22C3%2Cq76smf3RuD9ZsZHgHDtRCK48sPTgTA22C3&c=728&d=90&e=&g=617ff30be3fdf0fb67ba411a53612b2e%2F15196297185498404435&i=71382%2C82249%2C2951&j=16%2C15%2C15&k=0&l=0&m=0&n=&p=&q=&o=suite_Netmix_Reach61_Tech&r=1706546382908&h=https%3A%2F%2Fas.ad4m.at%2Fdct%3Fed%3D1kqsw9cy4xgzckn0gjzs76be2c293cngmfs8r26sy2f0d9aq6ng3e5spwmj5783tm1tk9yqfvagmewdq9khd61bafjt9cqvrxxy2zdcyz9c99g47fy21g82xhjztbyzbxsrtcsng2s0x316p8hsa304r2xzcnf7xndn43z2c1xgd8489chq1hswswxqnpergxf1efx9ydtghyvjb2hps3y3tv25d9r2f8mr2z38htd4ctzcezb87vavm6r09j8qtk5kqzevpj48gj5a9fsw0%26h%3Dhttps%253A%252F%252Fadclick.g.doubleclick.net%252Faclk%253Fsa%253DL%2526ai%253DCLhjmzNS3ZefUNIOl_tMP2siSqAXi0rL2YcexjoqOCMCNtwEQASAAYPvhhYOcCoIBF2NhLXB1Yi01MzA5NDcyMDE2ODIwNjcyyAEJqQIslPxxvCiyPqgDAcgDAqoEyQFP0MVZSvSR_AEPS-iWJwPF8tT_seVxwHl-TvxtTtriJwJjeqUCi34rhT0dauxHiyssWr7Hd5NiPEaWS8nfJdHD95ri01EPEAeqCDGclYpjfmIxCWseedKj_lBfHvsaPCdoq44uyRXKPpEQXb5q6VM3wb7j9x_ZqDOJJxYwvNLzV1tvgB2R0xPRI1VUvx_aYmMIZwpXiGAsg7JfWw4c22fhsZ0BmLREqQywLjHElrhoJEPnnZhrYmajyHf8gtHt_M5WGfZUwhb320OABvjMiNHHpbHPI6AGIagHpr4bqAeW2BuoB6qbsQKoB4OtsQKoB_-esQKoB9-fsQLYBwDSCB0IgOGAEBABMgKqAjoCgEBIvf3BOljAnsfWhIOEA_oLAggBgAwB0BUBgBcB%2526num%253D1%2526sig%253DAOD64_31UGafS58E6dfBAsNis8fDdj5e_A%2526client%253Dca-pub-5309472016820672%2526adurl%253D&y=1&s=&z=0
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:bd1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 61ba226b25a31c48913588b705efa2e16a5b9c67ced4652a94178eaffe21eaa1

Request headers

accept-language: fr-FR,fr;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Mon, 29 Jan 2024 16:39:43 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 5252937
cf-polished: status=not_needed
alt-svc: h3=":443"; ma=86400
content-length: 17407
cf-bgj: imgq:85,h2pri
last-modified: Fri, 10 Nov 2023 12:44:08 GMT
server: cloudflare
etag: "64b5b932a1ae54de2664e1f1c7b43b09"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=KrZ6vKeg5G4SPswQXNTK6wRe%2FQBaK1bkGwa5BGm5c8F3ZualK7xBnbFDgf8vpXTFuMPK7K5o1yW6OzUbO1wCi%2BwhsPDzveEOxaHZ1%2BD1nlEqpN5l7%2BOWskakgsbWa0%2F%2B%2BET9u%2FbrP87ZewBi"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
cache-control: public, max-age=315360000, immutable
accept-ranges: bytes
cf-ray: 84d2e9ae4ad56f94-CDG

GET
H/1.1 200
OK cshow.php
www.awin1.com/ Frame 0DB0 43 B
703 B 165ms
83ms Image
image/gif 23.192.250.178
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.awin1.com/cshow.php?s=3154253&v=25291&q=438546&r=412871&pv=1&pref3=oneidZkGTwfqrhzXdAHmHDHDt3t19zPSVTXTx33tJoneid__suite_Netmix_Reach61_Tech&gdpr_consent=&gdpr=0&gdpr_pd=0

Requested by

Host: as.ad4m.at
URL: https://as.ad4m.at/ad/rar?a=196790%2C197918%2C15737&b=ZkGTwfqrhzXdAHmHDHDt3t19zPSVTXTx33tJ%2CY8gUrfZxf54jDHVH9HetQt6WVpFAT1T4pphr%2CY8gUrfZxf1ezsVH9HetQtY6ACAT1T4pphr&f=9EqCMf7Aad4JKUKHBH2tzCPXQJHwTmTZYYsd%2Cq76smf3RuJQGKCZHgHDtRC45VZhPTgTA22C3%2Cq76smf3RuD9ZsZHgHDtRCK48sPTgTA22C3&c=728&d=90&e=&g=617ff30be3fdf0fb67ba411a53612b2e%2F15196297185498404435&i=71382%2C82249%2C2951&j=16%2C15%2C15&k=0&l=0&m=0&n=&p=&q=&o=suite_Netmix_Reach61_Tech&r=1706546382908&h=https%3A%2F%2Fas.ad4m.at%2Fdct%3Fed%3D1kqsw9cy4xgzckn0gjzs76be2c293cngmfs8r26sy2f0d9aq6ng3e5spwmj5783tm1tk9yqfvagmewdq9khd61bafjt9cqvrxxy2zdcyz9c99g47fy21g82xhjztbyzbxsrtcsng2s0x316p8hsa304r2xzcnf7xndn43z2c1xgd8489chq1hswswxqnpergxf1efx9ydtghyvjb2hps3y3tv25d9r2f8mr2z38htd4ctzcezb87vavm6r09j8qtk5kqzevpj48gj5a9fsw0%26h%3Dhttps%253A%252F%252Fadclick.g.doubleclick.net%252Faclk%253Fsa%253DL%2526ai%253DCLhjmzNS3ZefUNIOl_tMP2siSqAXi0rL2YcexjoqOCMCNtwEQASAAYPvhhYOcCoIBF2NhLXB1Yi01MzA5NDcyMDE2ODIwNjcyyAEJqQIslPxxvCiyPqgDAcgDAqoEyQFP0MVZSvSR_AEPS-iWJwPF8tT_seVxwHl-TvxtTtriJwJjeqUCi34rhT0dauxHiyssWr7Hd5NiPEaWS8nfJdHD95ri01EPEAeqCDGclYpjfmIxCWseedKj_lBfHvsaPCdoq44uyRXKPpEQXb5q6VM3wb7j9x_ZqDOJJxYwvNLzV1tvgB2R0xPRI1VUvx_aYmMIZwpXiGAsg7JfWw4c22fhsZ0BmLREqQywLjHElrhoJEPnnZhrYmajyHf8gtHt_M5WGfZUwhb320OABvjMiNHHpbHPI6AGIagHpr4bqAeW2BuoB6qbsQKoB4OtsQKoB_-esQKoB9-fsQLYBwDSCB0IgOGAEBABMgKqAjoCgEBIvf3BOljAnsfWhIOEA_oLAggBgAwB0BUBgBcB%2526num%253D1%2526sig%253DAOD64_31UGafS58E6dfBAsNis8fDdj5e_A%2526client%253Dca-pub-5309472016820672%2526adurl%253D&y=1&s=&z=0

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_256_GCM

Server

23.192.250.178 Düsseldorf, Germany, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a23-192-250-178.deploy.static.akamaitechnologies.com

Software

Resource Hash

2dfe28cbdb83f01c940de6a88ab86200154fd772d568035ac568664e52068363

Security Headers

Name	Value
Strict-Transport-Security	max-age=86400

Request headers

accept-language: fr-FR,fr;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

Pragma: no-cache
Date: Mon, 29 Jan 2024 16:39:43 GMT
Strict-Transport-Security: max-age=86400
Node: Helix
Content-Type: image/gif
P3P: policyref="http://www.awin1.com/w3c/p3p.xml", CP="NOI NID CURa ADMa PSAa HISa OUR IND UNI PUR COM NAV"
Cache-Control: no-store, no-cache, max-age=0, must-revalidate
Awin-Akamai-Rule-Set: default
Connection: keep-alive
Content-Length: 43
Expires: 0

GET
H2 200 AFF6BAA911431D484550C5329ABA161FA7757CFB6EBE4FCF146114BDBDDA973E17FF849DB70E2486ED5478159BA2EC634666746F211ACD7D4544B19F2720DF69
assets.ad4m.at/logo/ Frame 0DB0 7 KB
7 KB 56ms
42ms Image
image/webp 2606:4700:20::681a:bd1
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://assets.ad4m.at/logo/AFF6BAA911431D484550C5329ABA161FA7757CFB6EBE4FCF146114BDBDDA973E17FF849DB70E2486ED5478159BA2EC634666746F211ACD7D4544B19F2720DF69
Requested by: Host: as.ad4m.at
URL: https://as.ad4m.at/ad/rar?a=196790%2C197918%2C15737&b=ZkGTwfqrhzXdAHmHDHDt3t19zPSVTXTx33tJ%2CY8gUrfZxf54jDHVH9HetQt6WVpFAT1T4pphr%2CY8gUrfZxf1ezsVH9HetQtY6ACAT1T4pphr&f=9EqCMf7Aad4JKUKHBH2tzCPXQJHwTmTZYYsd%2Cq76smf3RuJQGKCZHgHDtRC45VZhPTgTA22C3%2Cq76smf3RuD9ZsZHgHDtRCK48sPTgTA22C3&c=728&d=90&e=&g=617ff30be3fdf0fb67ba411a53612b2e%2F15196297185498404435&i=71382%2C82249%2C2951&j=16%2C15%2C15&k=0&l=0&m=0&n=&p=&q=&o=suite_Netmix_Reach61_Tech&r=1706546382908&h=https%3A%2F%2Fas.ad4m.at%2Fdct%3Fed%3D1kqsw9cy4xgzckn0gjzs76be2c293cngmfs8r26sy2f0d9aq6ng3e5spwmj5783tm1tk9yqfvagmewdq9khd61bafjt9cqvrxxy2zdcyz9c99g47fy21g82xhjztbyzbxsrtcsng2s0x316p8hsa304r2xzcnf7xndn43z2c1xgd8489chq1hswswxqnpergxf1efx9ydtghyvjb2hps3y3tv25d9r2f8mr2z38htd4ctzcezb87vavm6r09j8qtk5kqzevpj48gj5a9fsw0%26h%3Dhttps%253A%252F%252Fadclick.g.doubleclick.net%252Faclk%253Fsa%253DL%2526ai%253DCLhjmzNS3ZefUNIOl_tMP2siSqAXi0rL2YcexjoqOCMCNtwEQASAAYPvhhYOcCoIBF2NhLXB1Yi01MzA5NDcyMDE2ODIwNjcyyAEJqQIslPxxvCiyPqgDAcgDAqoEyQFP0MVZSvSR_AEPS-iWJwPF8tT_seVxwHl-TvxtTtriJwJjeqUCi34rhT0dauxHiyssWr7Hd5NiPEaWS8nfJdHD95ri01EPEAeqCDGclYpjfmIxCWseedKj_lBfHvsaPCdoq44uyRXKPpEQXb5q6VM3wb7j9x_ZqDOJJxYwvNLzV1tvgB2R0xPRI1VUvx_aYmMIZwpXiGAsg7JfWw4c22fhsZ0BmLREqQywLjHElrhoJEPnnZhrYmajyHf8gtHt_M5WGfZUwhb320OABvjMiNHHpbHPI6AGIagHpr4bqAeW2BuoB6qbsQKoB4OtsQKoB_-esQKoB9-fsQLYBwDSCB0IgOGAEBABMgKqAjoCgEBIvf3BOljAnsfWhIOEA_oLAggBgAwB0BUBgBcB%2526num%253D1%2526sig%253DAOD64_31UGafS58E6dfBAsNis8fDdj5e_A%2526client%253Dca-pub-5309472016820672%2526adurl%253D&y=1&s=&z=0
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:bd1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 195a906292a7bd54a111043be568c05cb14ec644dc261936b4687a7f1678a21a

Request headers

accept-language: fr-FR,fr;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Mon, 29 Jan 2024 16:39:43 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 388540
cf-polished: qual=85, origFmt=jpeg, origSize=10626
alt-svc: h3=":443"; ma=86400
content-length: 6754
cf-bgj: imgq:85,h2pri
last-modified: Thu, 12 Oct 2023 15:32:20 GMT
server: cloudflare
etag: "a77961095a2aa8e29d3dd0bb3db9e45e"
vary: Accept
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=qabniYRcRXhtOzK%2FYO0aYKSNnrk8K1yGO7zkmuKuyZlts8veHG8oUv%2FVmo35pn1cWaBZj7kA7l4xT6TEV%2Bd4Y%2FT%2F8xcqnXMHVBnJmMQjd3ZcPBw6jcrL0AxWgggQOgND2Do7nKcDE5TYw4Ph"}],"group":"cf-nel","max_age":604800}
content-type: image/webp
cache-control: public, max-age=315360000, immutable
accept-ranges: bytes
cf-ray: 84d2e9ae4ace6f94-CDG

GET
H2 200 2E58E855307485959C0551D1859FD1FB1DD8C392D658137D355B0EBE3D8C5E2A4D6523EA88C84858EDA92C6BDE536CA8B30C4A5254E78FBE16502606BC4F31A6
assets.ad4m.at/product_image/ Frame 0DB0 31 KB
31 KB 55ms
41ms Image
image/jpeg 2606:4700:20::681a:bd1
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://assets.ad4m.at/product_image/2E58E855307485959C0551D1859FD1FB1DD8C392D658137D355B0EBE3D8C5E2A4D6523EA88C84858EDA92C6BDE536CA8B30C4A5254E78FBE16502606BC4F31A6
Requested by: Host: as.ad4m.at
URL: https://as.ad4m.at/ad/rar?a=196790%2C197918%2C15737&b=ZkGTwfqrhzXdAHmHDHDt3t19zPSVTXTx33tJ%2CY8gUrfZxf54jDHVH9HetQt6WVpFAT1T4pphr%2CY8gUrfZxf1ezsVH9HetQtY6ACAT1T4pphr&f=9EqCMf7Aad4JKUKHBH2tzCPXQJHwTmTZYYsd%2Cq76smf3RuJQGKCZHgHDtRC45VZhPTgTA22C3%2Cq76smf3RuD9ZsZHgHDtRCK48sPTgTA22C3&c=728&d=90&e=&g=617ff30be3fdf0fb67ba411a53612b2e%2F15196297185498404435&i=71382%2C82249%2C2951&j=16%2C15%2C15&k=0&l=0&m=0&n=&p=&q=&o=suite_Netmix_Reach61_Tech&r=1706546382908&h=https%3A%2F%2Fas.ad4m.at%2Fdct%3Fed%3D1kqsw9cy4xgzckn0gjzs76be2c293cngmfs8r26sy2f0d9aq6ng3e5spwmj5783tm1tk9yqfvagmewdq9khd61bafjt9cqvrxxy2zdcyz9c99g47fy21g82xhjztbyzbxsrtcsng2s0x316p8hsa304r2xzcnf7xndn43z2c1xgd8489chq1hswswxqnpergxf1efx9ydtghyvjb2hps3y3tv25d9r2f8mr2z38htd4ctzcezb87vavm6r09j8qtk5kqzevpj48gj5a9fsw0%26h%3Dhttps%253A%252F%252Fadclick.g.doubleclick.net%252Faclk%253Fsa%253DL%2526ai%253DCLhjmzNS3ZefUNIOl_tMP2siSqAXi0rL2YcexjoqOCMCNtwEQASAAYPvhhYOcCoIBF2NhLXB1Yi01MzA5NDcyMDE2ODIwNjcyyAEJqQIslPxxvCiyPqgDAcgDAqoEyQFP0MVZSvSR_AEPS-iWJwPF8tT_seVxwHl-TvxtTtriJwJjeqUCi34rhT0dauxHiyssWr7Hd5NiPEaWS8nfJdHD95ri01EPEAeqCDGclYpjfmIxCWseedKj_lBfHvsaPCdoq44uyRXKPpEQXb5q6VM3wb7j9x_ZqDOJJxYwvNLzV1tvgB2R0xPRI1VUvx_aYmMIZwpXiGAsg7JfWw4c22fhsZ0BmLREqQywLjHElrhoJEPnnZhrYmajyHf8gtHt_M5WGfZUwhb320OABvjMiNHHpbHPI6AGIagHpr4bqAeW2BuoB6qbsQKoB4OtsQKoB_-esQKoB9-fsQLYBwDSCB0IgOGAEBABMgKqAjoCgEBIvf3BOljAnsfWhIOEA_oLAggBgAwB0BUBgBcB%2526num%253D1%2526sig%253DAOD64_31UGafS58E6dfBAsNis8fDdj5e_A%2526client%253Dca-pub-5309472016820672%2526adurl%253D&y=1&s=&z=0
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:bd1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 955452fad18000b14d0f60058e77e3cac46e3c026deeef79124b82b4c7fe6d65

Request headers

accept-language: fr-FR,fr;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Mon, 29 Jan 2024 16:39:43 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 5152352
cf-polished: status=not_needed
alt-svc: h3=":443"; ma=86400
content-length: 31834
cf-bgj: imgq:85,h2pri
last-modified: Thu, 09 Nov 2023 09:50:10 GMT
server: cloudflare
etag: "2299d292e1cb570fbc6297737bec268a"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=mO6d%2Bw2Zy2KqDkfdetRAUrhGWfZaKXRmPEnj0Q%2FrYJj8llSTNasYyzX1ie8cCP1gRhugZG3T99nNOiiLUtVm7Ee2s5X76vnQdoHOLOMUVW3hdXynUYfOquNAgRzA09lroWlrVGxv7F2FGGMm"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
cache-control: public, max-age=315360000, immutable
accept-ranges: bytes
cf-ray: 84d2e9ae4ad96f94-CDG

GET
H/1.1 200
OK /
zcz.willemsefrance.fr/ Frame 0DB0 0
724 B 291ms
81ms Image
text/html 95.131.136.1
OXALIDE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://zcz.willemsefrance.fr/?t=P51205356C863195&argsite=oneidY8gUrfZxf54jDHVH9HetQt6WVpFAT1T4pphroneid__suite_Netmix_Reach61_Tech&gdpr_consent=&gdpr=0&gdpr_pd=0

Requested by

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_256_GCM

Server

95.131.136.1 , France, ASN47841 (OXALIDE, FR),

Reverse DNS

front.netaffiliation.net

Software

nginx /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000

Request headers

accept-language: fr-FR,fr;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

Date: Mon, 29 Jan 2024 16:39:43 GMT
Strict-Transport-Security: max-age=63072000
Content-Encoding: gzip
X-TRK-ERR-C: 0
Transfer-Encoding: chunked
X-TRK-ERR-M: data ko.
Connection: keep-alive
X-TRK-ERR-L: 3501
Referrer-Policy: origin-when-cross-origin
X-TRK-SRV: 7
Server: nginx
X-TRK-ERR-T: Exception
Vary: Accept-Encoding, Origin
Content-Type: text/html; charset=UTF-8
Access-Control-Allow-Origin: *
Access-Control-Allow-Credentials: true
Access-Control-Allow-Headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,X-Kwanko-Content-Type,X-Kwanko-Sdk-Version,X-KWKunijs-Debug,X-KWKunijs-Version

GET
H2 200 428B4F86A38145D669F90866C84A73C58435858F83697B5B6D22512EF73005EAE84F90ABCEA7772B8F8DE919A137DE18FAB6D754D4F2B3999316EE0F11152295
assets.ad4m.at/logo/ Frame 0DB0 14 KB
14 KB 78ms
64ms Image
image/webp 2606:4700:20::681a:bd1
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://assets.ad4m.at/logo/428B4F86A38145D669F90866C84A73C58435858F83697B5B6D22512EF73005EAE84F90ABCEA7772B8F8DE919A137DE18FAB6D754D4F2B3999316EE0F11152295
Requested by: Host: as.ad4m.at
URL: https://as.ad4m.at/ad/rar?a=196790%2C197918%2C15737&b=ZkGTwfqrhzXdAHmHDHDt3t19zPSVTXTx33tJ%2CY8gUrfZxf54jDHVH9HetQt6WVpFAT1T4pphr%2CY8gUrfZxf1ezsVH9HetQtY6ACAT1T4pphr&f=9EqCMf7Aad4JKUKHBH2tzCPXQJHwTmTZYYsd%2Cq76smf3RuJQGKCZHgHDtRC45VZhPTgTA22C3%2Cq76smf3RuD9ZsZHgHDtRCK48sPTgTA22C3&c=728&d=90&e=&g=617ff30be3fdf0fb67ba411a53612b2e%2F15196297185498404435&i=71382%2C82249%2C2951&j=16%2C15%2C15&k=0&l=0&m=0&n=&p=&q=&o=suite_Netmix_Reach61_Tech&r=1706546382908&h=https%3A%2F%2Fas.ad4m.at%2Fdct%3Fed%3D1kqsw9cy4xgzckn0gjzs76be2c293cngmfs8r26sy2f0d9aq6ng3e5spwmj5783tm1tk9yqfvagmewdq9khd61bafjt9cqvrxxy2zdcyz9c99g47fy21g82xhjztbyzbxsrtcsng2s0x316p8hsa304r2xzcnf7xndn43z2c1xgd8489chq1hswswxqnpergxf1efx9ydtghyvjb2hps3y3tv25d9r2f8mr2z38htd4ctzcezb87vavm6r09j8qtk5kqzevpj48gj5a9fsw0%26h%3Dhttps%253A%252F%252Fadclick.g.doubleclick.net%252Faclk%253Fsa%253DL%2526ai%253DCLhjmzNS3ZefUNIOl_tMP2siSqAXi0rL2YcexjoqOCMCNtwEQASAAYPvhhYOcCoIBF2NhLXB1Yi01MzA5NDcyMDE2ODIwNjcyyAEJqQIslPxxvCiyPqgDAcgDAqoEyQFP0MVZSvSR_AEPS-iWJwPF8tT_seVxwHl-TvxtTtriJwJjeqUCi34rhT0dauxHiyssWr7Hd5NiPEaWS8nfJdHD95ri01EPEAeqCDGclYpjfmIxCWseedKj_lBfHvsaPCdoq44uyRXKPpEQXb5q6VM3wb7j9x_ZqDOJJxYwvNLzV1tvgB2R0xPRI1VUvx_aYmMIZwpXiGAsg7JfWw4c22fhsZ0BmLREqQywLjHElrhoJEPnnZhrYmajyHf8gtHt_M5WGfZUwhb320OABvjMiNHHpbHPI6AGIagHpr4bqAeW2BuoB6qbsQKoB4OtsQKoB_-esQKoB9-fsQLYBwDSCB0IgOGAEBABMgKqAjoCgEBIvf3BOljAnsfWhIOEA_oLAggBgAwB0BUBgBcB%2526num%253D1%2526sig%253DAOD64_31UGafS58E6dfBAsNis8fDdj5e_A%2526client%253Dca-pub-5309472016820672%2526adurl%253D&y=1&s=&z=0
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:bd1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 409e6b9470bdafbf358f021cbab5fce4da17433e56ae8db83ea6ce81ec4190f9

Request headers

accept-language: fr-FR,fr;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Mon, 29 Jan 2024 16:39:43 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 397153
cf-polished: qual=85, origFmt=jpeg, origSize=16453
alt-svc: h3=":443"; ma=86400
content-length: 14170
cf-bgj: imgq:85,h2pri
last-modified: Thu, 09 Nov 2023 10:44:59 GMT
server: cloudflare
etag: "20362d69dcf9bded50cffba25b215fb1"
vary: Accept
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=ImsWXi%2BFz6Qqpc%2FkNgNkpC2XX53nGyfm5%2FqfDQAag%2BxxZjlThgGQWSMwx6qJm%2F99%2B9kMdHasb13%2FRUjvbkkqTz3QNhz%2BeAXl8cILGmgInsQwEM7%2BWbNEZTRzJLEb69oisX9wSoKXGoEyMkyw"}],"group":"cf-nel","max_age":604800}
content-type: image/webp
cache-control: public, max-age=315360000, immutable
accept-ranges: bytes
cf-ray: 84d2e9ae4ad06f94-CDG

GET
H2 200 F0432772436E6C2650E58DF5102BE7D3453906115ACEFD48EBE7ED3B341913EECAF487CB8A03037163CBFC62185CA2D7AC7345F7901A61AF74A0A01EB6EDEE85
assets.ad4m.at/ Frame 0DB0 29 KB
29 KB 57ms
43ms Image
image/jpeg 2606:4700:20::681a:bd1
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://assets.ad4m.at/F0432772436E6C2650E58DF5102BE7D3453906115ACEFD48EBE7ED3B341913EECAF487CB8A03037163CBFC62185CA2D7AC7345F7901A61AF74A0A01EB6EDEE85
Requested by: Host: as.ad4m.at
URL: https://as.ad4m.at/ad/rar?a=196790%2C197918%2C15737&b=ZkGTwfqrhzXdAHmHDHDt3t19zPSVTXTx33tJ%2CY8gUrfZxf54jDHVH9HetQt6WVpFAT1T4pphr%2CY8gUrfZxf1ezsVH9HetQtY6ACAT1T4pphr&f=9EqCMf7Aad4JKUKHBH2tzCPXQJHwTmTZYYsd%2Cq76smf3RuJQGKCZHgHDtRC45VZhPTgTA22C3%2Cq76smf3RuD9ZsZHgHDtRCK48sPTgTA22C3&c=728&d=90&e=&g=617ff30be3fdf0fb67ba411a53612b2e%2F15196297185498404435&i=71382%2C82249%2C2951&j=16%2C15%2C15&k=0&l=0&m=0&n=&p=&q=&o=suite_Netmix_Reach61_Tech&r=1706546382908&h=https%3A%2F%2Fas.ad4m.at%2Fdct%3Fed%3D1kqsw9cy4xgzckn0gjzs76be2c293cngmfs8r26sy2f0d9aq6ng3e5spwmj5783tm1tk9yqfvagmewdq9khd61bafjt9cqvrxxy2zdcyz9c99g47fy21g82xhjztbyzbxsrtcsng2s0x316p8hsa304r2xzcnf7xndn43z2c1xgd8489chq1hswswxqnpergxf1efx9ydtghyvjb2hps3y3tv25d9r2f8mr2z38htd4ctzcezb87vavm6r09j8qtk5kqzevpj48gj5a9fsw0%26h%3Dhttps%253A%252F%252Fadclick.g.doubleclick.net%252Faclk%253Fsa%253DL%2526ai%253DCLhjmzNS3ZefUNIOl_tMP2siSqAXi0rL2YcexjoqOCMCNtwEQASAAYPvhhYOcCoIBF2NhLXB1Yi01MzA5NDcyMDE2ODIwNjcyyAEJqQIslPxxvCiyPqgDAcgDAqoEyQFP0MVZSvSR_AEPS-iWJwPF8tT_seVxwHl-TvxtTtriJwJjeqUCi34rhT0dauxHiyssWr7Hd5NiPEaWS8nfJdHD95ri01EPEAeqCDGclYpjfmIxCWseedKj_lBfHvsaPCdoq44uyRXKPpEQXb5q6VM3wb7j9x_ZqDOJJxYwvNLzV1tvgB2R0xPRI1VUvx_aYmMIZwpXiGAsg7JfWw4c22fhsZ0BmLREqQywLjHElrhoJEPnnZhrYmajyHf8gtHt_M5WGfZUwhb320OABvjMiNHHpbHPI6AGIagHpr4bqAeW2BuoB6qbsQKoB4OtsQKoB_-esQKoB9-fsQLYBwDSCB0IgOGAEBABMgKqAjoCgEBIvf3BOljAnsfWhIOEA_oLAggBgAwB0BUBgBcB%2526num%253D1%2526sig%253DAOD64_31UGafS58E6dfBAsNis8fDdj5e_A%2526client%253Dca-pub-5309472016820672%2526adurl%253D&y=1&s=&z=0
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:bd1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: d7ab021b144e1615773b750779ffa1e38c2b27b478d5736fa6ea3e3f247d4946

Request headers

accept-language: fr-FR,fr;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Mon, 29 Jan 2024 16:39:43 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 5337725
cf-polished: status=not_needed
alt-svc: h3=":443"; ma=86400
content-length: 29352
cf-bgj: imgq:85,h2pri
last-modified: Thu, 09 Nov 2023 09:15:16 GMT
server: cloudflare
etag: "794a9c1b414ce9ff4e8610ff121c41eb"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=kgSEUh8eeaXPbJ%2Fk7Gob177js%2B1TCbAxONyh0COmFKBXzNf4xd1oX5%2BN4mm%2FYDpkukVG%2BR3zcCH7oiQa8aAbStFeR2YT0aNYScrvRh58ypPI5nWZUoZcRwkcXRoZfRdmlDJAY6LCNq1ETK56"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
cache-control: public, max-age=315360000, immutable
accept-ranges: bytes
cf-ray: 84d2e9ae4ade6f94-CDG

GET
H2

200

img_13_13_33.gif
img.metaffiliation.com/4/58179/ Frame 0DB0
Redirect Chain

https://action.metaffiliation.com/trk.php?maff=P4E34356C8631D13&argsite=oneidY8gUrfZxf1ezsVH9HetQtY6ACAT1T4pphroneid__suite_Netmix_Reach61_Tech&gdpr_consent=&gdpr=0&gdpr_pd=0
https://img.metaffiliation.com/4/58179/img_13_13_33.gif

133 KB
133 KB

144ms
24ms

Image
image/gif

192.229.220.129
EDGECAST

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://img.metaffiliation.com/4/58179/img_13_13_33.gif
Requested by: Host: as.ad4m.at
URL: https://as.ad4m.at/ad/rar?a=196790%2C197918%2C15737&b=ZkGTwfqrhzXdAHmHDHDt3t19zPSVTXTx33tJ%2CY8gUrfZxf54jDHVH9HetQt6WVpFAT1T4pphr%2CY8gUrfZxf1ezsVH9HetQtY6ACAT1T4pphr&f=9EqCMf7Aad4JKUKHBH2tzCPXQJHwTmTZYYsd%2Cq76smf3RuJQGKCZHgHDtRC45VZhPTgTA22C3%2Cq76smf3RuD9ZsZHgHDtRCK48sPTgTA22C3&c=728&d=90&e=&g=617ff30be3fdf0fb67ba411a53612b2e%2F15196297185498404435&i=71382%2C82249%2C2951&j=16%2C15%2C15&k=0&l=0&m=0&n=&p=&q=&o=suite_Netmix_Reach61_Tech&r=1706546382908&h=https%3A%2F%2Fas.ad4m.at%2Fdct%3Fed%3D1kqsw9cy4xgzckn0gjzs76be2c293cngmfs8r26sy2f0d9aq6ng3e5spwmj5783tm1tk9yqfvagmewdq9khd61bafjt9cqvrxxy2zdcyz9c99g47fy21g82xhjztbyzbxsrtcsng2s0x316p8hsa304r2xzcnf7xndn43z2c1xgd8489chq1hswswxqnpergxf1efx9ydtghyvjb2hps3y3tv25d9r2f8mr2z38htd4ctzcezb87vavm6r09j8qtk5kqzevpj48gj5a9fsw0%26h%3Dhttps%253A%252F%252Fadclick.g.doubleclick.net%252Faclk%253Fsa%253DL%2526ai%253DCLhjmzNS3ZefUNIOl_tMP2siSqAXi0rL2YcexjoqOCMCNtwEQASAAYPvhhYOcCoIBF2NhLXB1Yi01MzA5NDcyMDE2ODIwNjcyyAEJqQIslPxxvCiyPqgDAcgDAqoEyQFP0MVZSvSR_AEPS-iWJwPF8tT_seVxwHl-TvxtTtriJwJjeqUCi34rhT0dauxHiyssWr7Hd5NiPEaWS8nfJdHD95ri01EPEAeqCDGclYpjfmIxCWseedKj_lBfHvsaPCdoq44uyRXKPpEQXb5q6VM3wb7j9x_ZqDOJJxYwvNLzV1tvgB2R0xPRI1VUvx_aYmMIZwpXiGAsg7JfWw4c22fhsZ0BmLREqQywLjHElrhoJEPnnZhrYmajyHf8gtHt_M5WGfZUwhb320OABvjMiNHHpbHPI6AGIagHpr4bqAeW2BuoB6qbsQKoB4OtsQKoB_-esQKoB9-fsQLYBwDSCB0IgOGAEBABMgKqAjoCgEBIvf3BOljAnsfWhIOEA_oLAggBgAwB0BUBgBcB%2526num%253D1%2526sig%253DAOD64_31UGafS58E6dfBAsNis8fDdj5e_A%2526client%253Dca-pub-5309472016820672%2526adurl%253D&y=1&s=&z=0
Protocol: H2
Server: 192.229.220.129 , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software: ECAcc (paa/6F2E) /
Resource Hash: 66b24eb77aabe2b1fffe8ba0aaec05db13f8e7f5710a52785d99f3b1136a567c

Request headers

accept-language: fr-FR,fr;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

return_x_ocdn_ja3: 574996bf010f158fbebc7ce7b71abad4
date: Mon, 29 Jan 2024 16:39:43 GMT
content-encoding: gzip
age: 3243
x-cache: HIT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 135736
last-modified: Wed, 03 Jan 2024 13:40:04 GMT
server: ECAcc (paa/6F2E)
x-ocdn-rp: HTTP/2.0
x-ocdn-net: EUFR16276
etag: "659563b4-21403"
vary: Accept-Encoding
content-type: image/gif
access-control-allow-origin: *
cache-control: public, max-age=600, s-maxage=3600
accept-ranges: bytes

Redirect headers

Date: Mon, 29 Jan 2024 16:39:43 GMT
Strict-Transport-Security: max-age=63072000
Transfer-Encoding: chunked
P3P: CP="NOI DSP COR CUR ADMa PSAa OUR IND NAV COM",policyref="http://www.netaffiliation.com/w3c/p3p.xml"
X-TRK-D: 0.022310018539429
Connection: keep-alive
X-TRK-PROC: 58179
Pragma: no-cache
Referrer-Policy: origin-when-cross-origin
X-TRK-SRV: 3
Server: nginx
Last-Modified: Mon, 29 Jan 2024 16:39:43 GMT
X-TRK-DECISION: 3
Vary: Origin
Content-Type: text/html; charset=UTF-8
Access-Control-Allow-Origin: *
Location: https://img.metaffiliation.com/4/58179/img_13_13_33.gif
Cache-Control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
Access-Control-Allow-Credentials: true
X-Robots-Tag: noindex
Access-Control-Allow-Headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,X-Kwanko-Content-Type,X-Kwanko-Sdk-Version,X-KWKunijs-Debug,X-KWKunijs-Version
Expires: Mon, 26 Jul 1997 05:00:00 GMT

GET
H3 200 9c69f07deadda884c61396a404004929.svg
s0.2mdn.net/sadbundle/15205685216655332109/media/ Frame 45D8 1 KB
643 B 35ms
35ms Image
image/svg+xml 2a00:1450:4001:82f::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/sadbundle/15205685216655332109/media/9c69f07deadda884c61396a404004929.svg

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/15205685216655332109/8f0cec8041c165cafb6d32d04ed8f04b.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82f::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

fa3efcb1022504df85ff9f59acd76923266eb8a078b3e746457223967d82ba2e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://s0.2mdn.net/sadbundle/15205685216655332109/index.html?ev=01_250
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

expires: Fri, 24 Jan 2025 14:45:55 GMT
date: Thu, 25 Jan 2024 14:45:55 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 352429
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 613
x-xss-protection: 0
last-modified: Thu, 14 Dec 2023 11:10:04 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
allow-fenced-frame-automatic-beacons: true

GET
H3 200 6d7052ff6df13eae564657f4b45cc79a.svg
s0.2mdn.net/sadbundle/15205685216655332109/media/ Frame 45D8 5 KB
3 KB 36ms
36ms Image
image/svg+xml 2a00:1450:4001:82f::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/sadbundle/15205685216655332109/media/6d7052ff6df13eae564657f4b45cc79a.svg

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/15205685216655332109/8f0cec8041c165cafb6d32d04ed8f04b.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82f::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

caf195ab94cbfaf21aaae06763f8600b9801e4a8423311963e8e913cddc06150

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://s0.2mdn.net/sadbundle/15205685216655332109/index.html?ev=01_250
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

expires: Tue, 28 Jan 2025 15:46:50 GMT
date: Mon, 29 Jan 2024 15:46:50 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 3174
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 2640
x-xss-protection: 0
last-modified: Thu, 14 Dec 2023 11:10:04 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
allow-fenced-frame-automatic-beacons: true

GET
H3 200 9c69f07deadda884c61396a404004929.svg
s0.2mdn.net/sadbundle/7135979241717318397/media/ Frame D272 1 KB
643 B 39ms
38ms Image
image/svg+xml 2a00:1450:4001:82f::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/sadbundle/7135979241717318397/media/9c69f07deadda884c61396a404004929.svg

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/7135979241717318397/8f0cec8041c165cafb6d32d04ed8f04b.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82f::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

fa3efcb1022504df85ff9f59acd76923266eb8a078b3e746457223967d82ba2e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://s0.2mdn.net/sadbundle/7135979241717318397/index.html?ev=01_250
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

expires: Fri, 24 Jan 2025 14:59:52 GMT
date: Thu, 25 Jan 2024 14:59:52 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 351592
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 613
x-xss-protection: 0
last-modified: Thu, 14 Dec 2023 11:09:41 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
allow-fenced-frame-automatic-beacons: true

GET
H3 200 6d7052ff6df13eae564657f4b45cc79a.svg
s0.2mdn.net/sadbundle/7135979241717318397/media/ Frame D272 5 KB
3 KB 40ms
39ms Image
image/svg+xml 2a00:1450:4001:82f::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/sadbundle/7135979241717318397/media/6d7052ff6df13eae564657f4b45cc79a.svg

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/7135979241717318397/8f0cec8041c165cafb6d32d04ed8f04b.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82f::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

caf195ab94cbfaf21aaae06763f8600b9801e4a8423311963e8e913cddc06150

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://s0.2mdn.net/sadbundle/7135979241717318397/index.html?ev=01_250
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

expires: Thu, 23 Jan 2025 01:09:19 GMT
date: Wed, 24 Jan 2024 01:09:19 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 487825
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 2640
x-xss-protection: 0
last-modified: Thu, 14 Dec 2023 11:09:41 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
allow-fenced-frame-automatic-beacons: true

GET
H3 200 9c69f07deadda884c61396a404004929.svg
s0.2mdn.net/sadbundle/7135979241717318397/media/ Frame E39F 1 KB
643 B 39ms
39ms Image
image/svg+xml 2a00:1450:4001:82f::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/sadbundle/7135979241717318397/media/9c69f07deadda884c61396a404004929.svg

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/7135979241717318397/8f0cec8041c165cafb6d32d04ed8f04b.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82f::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

fa3efcb1022504df85ff9f59acd76923266eb8a078b3e746457223967d82ba2e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://s0.2mdn.net/sadbundle/7135979241717318397/index.html?ev=01_250
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

expires: Fri, 24 Jan 2025 14:59:52 GMT
date: Thu, 25 Jan 2024 14:59:52 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 351592
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 613
x-xss-protection: 0
last-modified: Thu, 14 Dec 2023 11:09:41 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
allow-fenced-frame-automatic-beacons: true

GET
H3 200 6d7052ff6df13eae564657f4b45cc79a.svg
s0.2mdn.net/sadbundle/7135979241717318397/media/ Frame E39F 5 KB
3 KB 40ms
40ms Image
image/svg+xml 2a00:1450:4001:82f::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/sadbundle/7135979241717318397/media/6d7052ff6df13eae564657f4b45cc79a.svg

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/7135979241717318397/8f0cec8041c165cafb6d32d04ed8f04b.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82f::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

caf195ab94cbfaf21aaae06763f8600b9801e4a8423311963e8e913cddc06150

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://s0.2mdn.net/sadbundle/7135979241717318397/index.html?ev=01_250
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

expires: Thu, 23 Jan 2025 01:09:19 GMT
date: Wed, 24 Jan 2024 01:09:19 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 487825
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 2640
x-xss-protection: 0
last-modified: Thu, 14 Dec 2023 11:09:41 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
allow-fenced-frame-automatic-beacons: true

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain: www.cpmaffiliation.com
URL: http://www.cpmaffiliation.com/103839-200x90.js?rnd=21266961334

Domain: fwd.fwdtrk.com
URL: https://fwd.fwdtrk.com/track?id=

Domain: googlecm.hit.gemius.pl
URL: https://googlecm.hit.gemius.pl/googleredir?rid=tknhntsqez&id=ndBK6L_fzwx7rssCbe8.iLes3yi8eMbF6r2JE6Xu.b7.N7&google_gid=CAESEEpnrwS4r5TO8LkpzOe5l-s&google_cver=1&google_push=AXcoOmT7pj6UXIRr7QWMCQI2kY2oOg_N2zJyncQLm82wUIKLDxQkbrGzJhCBFfcCbFibSVCGYo1_Mb9s2jiOEGUQK8-ZpkWQLenrKRc7i3rOj3FsOOFiLMejjgf2xq7xEXGv-aKW9SNiXbbeFTrnELTfR8X_K3w

Verdicts & Comments Add Verdict or Comment

41 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

47 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
.ad4m.at/cookie-frame.html	1970-01-20 18:45:38	Name: userId Value: tuExingbdF3KZfrnslZgIzrWXteVnlTh
www.merrell.com/US/en	1969-12-31 23:59:59	Name: CountryRedirect Value: https://www.merrell.com/FR/fr_FR/incoming
.turfologie.fr.gd/	1969-12-31 23:59:59	Name: PHPSESSID Value: 0ce649bda61a2c4c8e8ca4a9aea60d5e
t.adcell.com/	1970-01-20 18:05:19	Name: ADCELLvpid12016 Value: 365122-105746-%23%23%23%23https%3A%2F%2Fasrv205.com%2F%40%40%40%401706546380
.fr.gd/	1970-01-21 03:24:02	Name: __gads Value: ID=5c77b54999ceb2b1:T=1706546380:RT=1706546380:S=ALNI_MYeLpQK0uhzYuYELVLd-srdaT0LQA
.fr.gd/	1970-01-21 03:24:02	Name: __gpi Value: UID=00000d4c6046c6b4:T=1706546380:RT=1706546380:S=ALNI_MYP-yBOcPkbjfphNhtfKJdZ2HNzuA
.fr.gd/	1970-01-20 22:21:38	Name: __eoi Value: ID=1e223d99b38762cc:T=1706546380:RT=1706546380:S=AA-AfjYa0DQGCkJmrx9ofyiLmS7S
.adnxs.com/	1970-01-21 03:38:26	Name: receive-cookie-deprecation Value: 1
.casalemedia.com/	1970-01-20 20:12:02	Name: CMPS Value: 3179
.doubleclick.net/	1970-01-21 03:24:02	Name: IDE Value: AHWqTUkZ-JxNow-Oai3DsViHblWLkbJa0ucDoFANx_Juq5waAEdS8TIb93TsM-3JQ7c
.adnxs.com/	1970-01-20 20:12:02	Name: XANDR_PANID Value: 2ocT_3_eC9ADsf8y8q9uxDFIg0rLPT0rchSE0TPkisSUuR9pFF5RrCeqAdeOvBWJ6KZh9c7IZYoCviTzzKnIPf8Ns18gYCVEEys7DsIfECA.
.adnxs.com/	1970-01-20 20:12:02	Name: uuid2 Value: 5822337058234339020
.casalemedia.com/	1970-01-21 02:48:02	Name: CMID Value: ZbfUzbofVCmHprPBZAQudAAA
.casalemedia.com/	1970-01-20 20:12:02	Name: CMPRO Value: 3179
.adnxs.com/	1970-01-20 20:12:02	Name: anj Value: dTM7k!M41.D>6NRF']wIg2C'$t#RoD!]tbPl1M>e)ZlrFUfJ+tGXxoi>8-aQA0DU#CzF*tA`C8d>V$=z`dYVbu]hbF3If)y3KL9D3I?+U/Wu'U
.simpli.fi/	1970-01-21 02:49:28	Name: suid Value: D5096B85F26746338EE1CC398306A2CB
.quantserve.com/	1970-01-20 20:12:02	Name: d Value: EDEBCQGCK4EA
.quantserve.com/	1970-01-21 03:32:40	Name: mc Value: 65b7d4cd-6ab0e-2af5f-0aabb
api.yieldads.net/	1970-01-20 18:12:31	Name: AWSALBTGCORS Value: U0wJW9ZXj24fvCySwhPbMLFvdo6Amh1Pm8rt2ZQbQEkEQ0WhyiI28TwJMIhaoTQFT0PZB3c4bpI2bFEhXobKQ0y1+zK8LbYN5DRbzoUdhTitcW1PrX+0uLsiY7P06B25N8i1p6GyiW85QFfgJw3kFENZ2Qh/Lhh/jeizK6bkH9n7jSvZ0CA=
api.yieldads.net/	1970-01-20 18:12:31	Name: AWSALBCORS Value: V/YvvRnl7kvgsZYNmILywC6VeIpGTshDfq5Nf3/xtPC8qx6zoq3tz8hjKdovmA2MpYkLSC3GUxbe1+fD1ShQivuGii2V0UNm0GPmQjzMhhOL04HehSqT3EaR8TxH
.w55c.net/	1970-01-21 03:32:40	Name: wfivefivec Value: FZeKgOFc1RuuFD5
.w55c.net/	1970-01-20 18:45:38	Name: matchgoogle Value: 5
.e.dlx.addthis.com/	1970-01-21 03:32:40	Name: na_tc Value: Y
nakoona.com/	1970-01-20 18:12:31	Name: AWSALBCORS Value: GRrPbHC021bPhVutN1ONYs1FuGVgwkZoKFB72BEHQWfV4IdZr13PJ39HbhiCZW9W9uofVPVKeOvMh64Upvw4OXio8BiijPHRTefYHBAoUIpWJ1IG5Qv06K9Ltvz2
.addthis.com/	1970-01-21 03:32:40	Name: na_id Value: 2024012916394100015299907617
.addthis.com/	1970-01-21 03:32:40	Name: na_tc Value: Y
.addthis.com/	1970-01-21 03:32:40	Name: uid Value: 65b7d4cdf84cd601
.addthis.com/	1970-01-21 03:32:40	Name: ouid Value: 65b7d4cd00016ed16eaa164642efb125d75a56e59ec43162c361
.dlx.addthis.com/	1970-01-20 18:45:38	Name: na_rn Value: 0
.dlx.addthis.com/	1970-01-20 18:45:38	Name: na_sr Value: 20240129
.dlx.addthis.com/	1970-01-20 18:02:26	Name: na_srp Value: 3614
.dlx.addthis.com/	1970-01-20 18:45:38	Name: na_sc_e Value: 0
.prf.hn/	1970-01-21 02:48:02	Name: tPHG-PS Value: 1100l8747180746
.metaffiliation.com/	1970-01-20 19:28:50	Name: neta_ssc Value: db5bf4gkxzjru3ov38sbky6qri3n
.metaffiliation.com/	1969-12-31 23:59:59	Name: netases_ssc Value: db5bf4gkxzjru3ov38sbky6qri3n
.metaffiliation.com/	1970-01-20 19:28:50	Name: kwknc_ssc Value: dp4e34356c8631d13-b25laWRZOGdVcmZaeGYxZXpzVkg5SGV0UXRZNkFDQVQxVDRwcGhyb25laWRfX3N1aXRlX05ldG1peF9SZWFjaDYxX1RlY2g%3D
.metaffiliation.com/	1969-12-31 23:59:59	Name: kwkncses_ssc Value: dp4e34356c8631d13-b25laWRZOGdVcmZaeGYxZXpzVkg5SGV0UXRZNkFDQVQxVDRwcGhyb25laWRfX3N1aXRlX05ldG1peF9SZWFjaDYxX1RlY2g%3D
.awin1.com/	1970-01-20 18:03:52	Name: awpv25291 Value: 412871\|1706546383\|01228ba1-bec5-11ee-b3cc-2233d0695e79
.awin1.com/	1969-12-31 23:59:59	Name: AWSESS Value: 438546:3154253
www.merrell.com/	1969-12-31 23:59:59	Name: dwac_ceJUsiaagYTnIaaadg0cI4blyk Value: YRPivqG6zxFZSiq3g14VeCIyADrpNKlHCns%3D\|dw-only\|\|\|USD\|false\|US%2FEastern\|true
www.merrell.com/	1969-12-31 23:59:59	Name: cqcid Value: bcDS1pKJEiaITPEH5PL6XIB7rj
www.merrell.com/	1969-12-31 23:59:59	Name: cquid Value: \|\|
www.merrell.com/	1969-12-31 23:59:59	Name: sid Value: YRPivqG6zxFZSiq3g14VeCIyADrpNKlHCns
www.merrell.com/	1970-01-20 22:21:38	Name: dwanonymous_17d1e208d5431775c8efaf661e4a4be0 Value: bcDS1pKJEiaITPEH5PL6XIB7rj
www.merrell.com/	1969-12-31 23:59:59	Name: dwsid Value: xx-XDLiZaO8OYstBUtEOG4Q-dYjwFw65XVPqZOwhVyHqlmcqTG3ISDx0dzfW4_rnPSRagdmdBovdrJzK4YmhRw==
www.merrell.com/	1969-12-31 23:59:59	Name: __cq_dnt Value: 0
www.merrell.com/	1969-12-31 23:59:59	Name: dw_dnt Value: 0

10 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
security	warning	URL: https://turfologie.fr.gd/ Message: Mixed Content: The page at 'https://turfologie.fr.gd/' was loaded over HTTPS, but requested an insecure element 'http://t3.gstatic.com/images?q=tbn:ANd9GcRyN4ispYXXSX3TbPUDRKn1xrfWH4fDvkWcTqSI8QtjyjwK8Bskyg'. This request was automatically upgraded to HTTPS, For more information see https://blog.chromium.org/2019/10/no-more-mixed-messages-about-https.html
security	warning	URL: https://turfologie.fr.gd/ Message: Mixed Content: The page at 'https://turfologie.fr.gd/' was loaded over HTTPS, but requested an insecure element 'http://img.root-top.com/topsite/turfologie/banner.gif'. This request was automatically upgraded to HTTPS, For more information see https://blog.chromium.org/2019/10/no-more-mixed-messages-about-https.html
security	warning	URL: https://turfologie.fr.gd/(Line 434) Message: Mixed Content: The page at 'https://turfologie.fr.gd/' was loaded over HTTPS, but requested an insecure element 'http://t3.gstatic.com/images?q=tbn:ANd9GcRyN4ispYXXSX3TbPUDRKn1xrfWH4fDvkWcTqSI8QtjyjwK8Bskyg'. This request was automatically upgraded to HTTPS, For more information see https://blog.chromium.org/2019/10/no-more-mixed-messages-about-https.html
javascript	warning	URL: https://turfologie.fr.gd/(Line 433) Message: A parser-blocking, cross site (i.e. different eTLD+1) script, http://www.cpmaffiliation.com/103839-200x90.js?rnd=21266961334, is invoked via document.write. The network request for this script MAY be blocked by the browser in this or a future page load due to poor network connectivity. If blocked in this page load, it will be confirmed in a subsequent console message. See https://www.chromestatus.com/feature/5718547946799104 for more details.
security	error	URL: https://turfologie.fr.gd/(Line 433) Message: Mixed Content: The page at 'https://turfologie.fr.gd/' was loaded over HTTPS, but requested an insecure script 'http://www.cpmaffiliation.com/103839-200x90.js?rnd=21266961334'. This request has been blocked; the content must be served over HTTPS.
javascript	warning	URL: https://turfologie.fr.gd/(Line 433) Message: A parser-blocking, cross site (i.e. different eTLD+1) script, http://www.cpmaffiliation.com/103839-200x90.js?rnd=21266961334, is invoked via document.write. The network request for this script MAY be blocked by the browser in this or a future page load due to poor network connectivity. If blocked in this page load, it will be confirmed in a subsequent console message. See https://www.chromestatus.com/feature/5718547946799104 for more details.
security	warning	URL: https://turfologie.fr.gd/(Line 706) Message: Mixed Content: The page at 'https://turfologie.fr.gd/' was loaded over HTTPS, but requested an insecure element 'http://img.root-top.com/topsite/turfologie/banner.gif'. This request was automatically upgraded to HTTPS, For more information see https://blog.chromium.org/2019/10/no-more-mixed-messages-about-https.html
security	warning	Message: Error with Permissions-Policy header: Unrecognized feature: 'web-share'.
security	warning	Message: Error with Permissions-Policy header: Unrecognized feature: 'web-share'.
other	error	URL: chrome-error://chromewebdata/ Message: Refused to display 'https://www.merrell.com/' in a frame because it set 'X-Frame-Options' to 'sameorigin'.

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

1.bp.blogspot.com
2.bp.blogspot.com
3.bp.blogspot.com
4.bp.blogspot.com
action.metaffiliation.com
ad.doubleclick.net
ad4m.at
api.yieldads.net
as.ad4m.at
asrv205.com
assets.ad4m.at
blogger.googleusercontent.com
cdnjs.cloudflare.com
cm.g.doubleclick.net
cms.quantserve.com
dclk-match.dotomi.com
dsum-sec.casalemedia.com
e.dlx.addthis.com
feuerwehrstore.de
fwd.fwdtrk.com
fwdtrk.com
googleads.g.doubleclick.net
googlecm.hit.gemius.pl
ib.adnxs.com
img.metaffiliation.com
img.root-top.com
img.webme.com
merrell.com
nakoona.com
pagead2.googlesyndication.com
pixel-sync.sitescout.com
pm.w55c.net
prf.hn
prod-rtb.ad4mat.net
pubdirecte.com
r.linksprf.com
s0.2mdn.net
static-de.ad4mat.net
static.wixstatic.com
t.adcell.com
t3.gstatic.com
theme.webme.com
tpc.googlesyndication.com
turfologie.fr.gd
um.simpli.fi
visifeed.org
www.awin1.com
www.cpmaffiliation.com
www.google.com
www.googletagservices.com
www.linkbux.com
www.merrell.com
zcz.willemsefrance.fr
fwd.fwdtrk.com
googlecm.hit.gemius.pl
www.cpmaffiliation.com
104.17.142.22
104.18.36.155
142.250.185.102
163.181.92.233
176.9.183.55
178.162.223.113
178.162.223.114
18.193.12.180
18.239.50.103
185.89.210.46
192.229.220.129
193.238.27.28
216.58.212.130
23.192.250.178
2600:1901:0:76b9::
2600:9000:2057:9800:1e:5c56:d400:93a1
2606:4700:20::681a:ad1
2606:4700:20::681a:bd1
2606:4700:20::681a:dd7
2606:4700:20::ac43:444e
2606:4700:3038::6815:ea1a
2606:4700::6811:180e
2620:116:800d:21:e365:4988:e8a7:3270
2a00:1450:4001:80f::2004
2a00:1450:4001:827::2001
2a00:1450:4001:827::2002
2a00:1450:4001:828::2002
2a00:1450:4001:829::2002
2a00:1450:4001:82b::2004
2a00:1450:4001:82f::2006
2a00:1450:4001:831::2001
2a02:cb40:200::242
2a02:fa8:8806:20::2010
2a06:98c1:3120::3
3.75.56.58
34.91.62.186
5.150.170.6
52.28.39.71
52.57.64.28
72.246.169.24
88.99.189.169
95.131.136.1
95.142.100.82
98.98.134.243
01d8d3a192ae9fc60e6f857b9341d7aeec4d05fc2e2dc3317f65413f8cfb4992
0722ae40df7755ab819b4b15fc12e7368f0baa17b030a3a932ca8675fd72b730
098e6dc516d5b171a1bf126adf3b8e8510746bac17f477f73a6310587e4ab9e8
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
0db16c25165bfd35ea9114187f3e97d7084a33135cb56fe276f6cdd2ab675647
0ff70c3d9aedd4f0ca4024d40c709184fc5f3376ed65e14dd3bb6fb047d6b26a
109f6b3eb28407f4550623d2b245d13786479e7e9e731b78a3c063b25696d766
11ddde88c29ef7e51f5c03da7fde285085469879139d006f631a62dba9bbd069
159853db9ab81a3c75aacd096aa7ccd964c5fdff6a313cd281f1e15b37450d65
1642dd5dc126df4feff2255cba0988528507973d842d0a73331a5873f6b9d4e5
1666ec75f3cb121771756e411f628196bfd832b35d223d84f0fee320aaf05a45
17deedac533c71f5d9bd4afad0ff830415948ddd4f69ce42ccedada14639c605
190fc02d8e8f1dd5acc40f48d0d6203e6115eb31e3f47f55db0c3f07797d68f0
195a906292a7bd54a111043be568c05cb14ec644dc261936b4687a7f1678a21a
1aa27637aee56c842da446ec4872f4bfc976df5bb29f33351629d2daa3c4531e
1ab0b4fe8e006ad238509e6f8649d1eb27057e01b85be4f71d7e38494167a10c
1d1f6a84c35aab991d474a067d5f14e655fa8ea5c3519bb92d9a71d2988d9988
1fb0a580c99750c2747697cfee51e4ce88d2c2214cff33d1d88ad5fa7dffcf7c
1fcab795411fac2ef4fe726fc3ee3ad3192ff76a846fa3b28616b3b6e61fae83
1fd6969927a4a317c74fd5afac662d8cc4ed463a3bfa0e8451727b190e1b94c6
2074a344a2a3deaff53edddcdac1961e6502cbf070e67e7284a87d096c994b0e
23d7ce986c8d9b7e7a58cffb62d3592d91343e152fe4de7cffa87a2c1af591e1
2473cc965138dc8812b4d0c859cfc515520053140ee238d90bbf8cdf0c78aae5
2add0e4009bce96985012f6401fd770a91e3cf4e88baf75196e5cf82574aa3c1
2dfe28cbdb83f01c940de6a88ab86200154fd772d568035ac568664e52068363
30cb2bc81a65120d2d982b5c00d9172887eedc6ba3070b4595efc676c0188eee
3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5
33941c75a879067d2324af52ef19991b574886a55f29bd35d28414c5c41c5de9
36cae405b6b38f87e39096b6494288aed55727dbcd483a61eb56214039b3a26d
36d54e4a3480145a1431b15dbe05120a18da23bd5221b4f86324775f6a7dcdc7
38b2698052e7283850118e1bd672f49fc427549928478b6911dc2662a22f5c0b
3afaa830a3aa5d42db9b5201fff4a3345c6f64054f0930e4daf4831b85922137
406626e06cf4dabde0855eff0372f6e95443e076c5f1d8df190a55c085fce1fe
409e6b9470bdafbf358f021cbab5fce4da17433e56ae8db83ea6ce81ec4190f9
423c559de3422e758482c643fe8e464dc9aa3a4796de6aeac7b5eb7097aee345
435db380c9936c0970dcd3d9941eab6aec2fcf2a38c3e2b4e02d957e8e76bd1f
43a58bdef8d1816ea065c003217da26881fe93168ef4264ef31559c9126a591e
48438a48bfcec8017ece6d6b4d132be283fe7ff7d07190211ad3b3def726cce0
4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef
4d06e8fc97b79c64e8ee6f4b18ab1f8a87e5152e67626175fbdd8d1be134a29c
4dcbe1af30b1a82ce448bd78e809e00c077c0e5aaef6425308baffe1b2614114
54ad7cfdcc7748fb783d92d9d666f5759a29bda63e567910ce1cf8eff6967896
553b860f94773ca8e317533a2d099e9326f369792cd4cb21052c0cb5d5f80aa7
597b8d67ab1ae1248dc69b6ef66b49d95eedc1ab74ae74234d86e3668d72e58e
59e50d4289f223d9c475d992d8069c2b799704feefdd7e8eabebd2a49bb31df1
5deec59d8ecaebf084aeb4dfdd665b3b5ae8aefa8a7cc7f76707524772912bcd
5e37d2be701c29dad961e773416506081bb5bffc923fee65e0312fdc09b31128
5e4630cc29be04eeee80f60c225b8e0a671c9782ce6c2d96f5bc387124a7a38c
5f5a0db09b2c7d59fce00d749f6b857d80edafcca6897c038c5b77fb942f1393
5fe6d6f3586a8cd3eb4854532649dadd38d5c783ebc54e18f4ee53760cdea049
61ba226b25a31c48913588b705efa2e16a5b9c67ced4652a94178eaffe21eaa1
65138a48b724e8ab3a71783ad462dc20ebe73578473396fd8e67034014f98d34
66b24eb77aabe2b1fffe8ba0aaec05db13f8e7f5710a52785d99f3b1136a567c
66ca37fff82b4c704deedd773e690c7a0a3a0d28014376b00fe5222fda4ee688
689ce17bd42665bbeffed17eb99c4559a0cf46d6dac29a7f9fe52b2a11ebe9ed
6bbd36ef2ed3cfff7447866d022aa96df2b0c3d0c7cd00470e6e9605d5435038
7100c26e8fa2804ab080d1067a5ec547cff677b166123ecdb59333126ffb4e86
7154071be46519e980b3d21b9fa291847e6e837065181c38322f7e2484b6cc07
7394eeaf28b5df7e74fa81967eb75e52a9931abe1eaa34b30ed39f8f80a2c104
7ff761f2ba0d8641eed5cbd75d0d86f2c82e1171c6b85db25b9f0e56da21e4be
80b02292cc996dd87a5dfb45f54ccfb6399bb72e44715c6635a758dcfa831cea
841daeb38076ca3b8f1023b2ed02d28409b48ed9613eebf2f739dc7d2183f93b
856c41d7d47bba74b107e526ef8f49968fb2a3a129cdc3c5ef5899ba3c2dc181
86fd5ccc7546e95a3ec7b5e9cbced30741f3875dceb70afa739590b92f7e46c1
8b7addddf8ff620b9e0449bedae9a17f259c4356f1d046a9c4037b3a8dfb4090
8eb600d1bfa136d87da7690cd2032c1906a76dcc1df0dc43fd0eb219d5356e68
8f43a236fa4ace8a54fdae64ae08c47b986ce6011b3a7dda873fead7700590de
90b7abfd8a66f10d9014b74060b640132bd630d50240e6ae1988df7017ce77f9
94630d41fac805597c3df017110fe1627315e10e89d0f3f02a2023f00a7df25a
955452fad18000b14d0f60058e77e3cac46e3c026deeef79124b82b4c7fe6d65
9a9b7fb32e01fd70747f32efdbd0472fd681c85eebb0c42d10c7a514820a0062
9ad1049fcb759fc4f80bac0b8e7872eb695c31e52cc1740f3c3684976109691c
9ba2c2b2479cc7044e4af1a0123ec24531e8ad57aa91d4d5655405a148271589
9f4522a8a9342a068918269579be8514ae89cb49b1d385564d772c8c3beb1da3
9ff367082be1d94abc86ad1e75ff921cc5d53846e860267372fade66305f9120
a0d3a0aff7dc3bf32d2176fc3dcda6e7aba2867c4f4d1f7af6355d2cfc6c44f8
a2058c642eb55be05939a9b8b4eef20f4bce5b286e21f418e2d35a091d61c00b
a6499fa2053ae92d979b0ee3d129d94b1b42427cce83c3579da01e1df1e03333
aa420362f766c5ef90bd60b72610df9dcb600728866f887d8dd1ed76134e6ed3
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b
b15763502c97d1c6f0d6a4e51a2d99acb6349dd057ace57507c5cc3ab39f5fda
b2c78c910f5ea29e3a9d223dabc203c055c8708b1fe7d83788b490638126db4d
bdeda30940ee9170dfd5a71b7498a8c845f405487cb13af212dd079154ea1b7e
bf3ddbe97885759feb1242d801e94a2a43cbb5c66d90f7d0068bde3405281546
c93fecb64ed5d07ff64c5c4fc58e93c4db668ffc72bff3161685e1bd8f3a7a62
ca346dbc70307d4bb3ecf4e9fb38c3d24647d139cbb7a4bbef77c0097308aed3
caf195ab94cbfaf21aaae06763f8600b9801e4a8423311963e8e913cddc06150
d0172b3d0f42c368dd557f0da5eff0a43e2c82a072d88b9965753d7611e42ece
d08f8512754f8069096f945c803182b88bb8143b0de43e254627f498c766adf7
d25c183a7ea5847b7502fdec80211907a7dd9dbb824461c1592809e467a2c64c
d41dc07aed30cb54de661289691254b1288a52bcf4d121cec3acb89d4aa872a8
d58acf16b5e4521c9eb24fe9fd97308e5f8be1297e4b63a547e5b610611799ae
d5a8b97841a922e387c50ea7812a8a5fe25499bd8b9487d11dafbcd1eaf4f12e
d7ab021b144e1615773b750779ffa1e38c2b27b478d5736fa6ea3e3f247d4946
d85061f28af90e7768a69f6a1ee8c3ffea3ff98506ea8a26dc9b59a7c0227eef
dd694ce4f5c42e852c4fefe654d7e946e3febca32a9b225f0d2533c4c09a7af4
df1223d55de9b704eee83ada4110b2c72ac62150620b5b7ba9969fbdc5f0f670
e2a3eb1a03693266907509ffeb5ea09db2bc6a3243e334eb9c01dc4fbada4a8f
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e8c9a7ca1873705534b95263941c6f0844fe2b4f7c93af6bf5ca7edaafc5cb31
e8e59257cc797123383f4dea6d1a72f6fb729342e3b23b75f311b70f0dc1ef96
e9aa350606d3101ab591615bb585e9131027c7cebed1e190ff09be6f7ff048b4
e9ce2ffeea5b16b30a437724a8e2d62c3fb24c79946ee6b2b9dd04e5f925ee27
eb4fec10d8f4484b291b7c7d0de59d1b4375e000029fd1a128ad10c270d8d803
eb66c7c9d097d5ba414230f422484c17fa6f37157d30e1ded2cc5f65a9667987
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
ef34301455784e8a56ecc7a80985d6fd317ddd8328b6232dc0bc3223d79c91c2
f37f49ebadc359e8c6cc15bee36eafa51f6823c2cb397677a7b5c0f9b7aa84d0
f6735fd2f749ea557cad9b6f76f70223a7bb0f634416b048179b923025dcacee
fa3efcb1022504df85ff9f59acd76923266eb8a078b3e746457223967d82ba2e

turfologie.fr.gd Open in urlscan Pro 193.238.27.28 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Detected technologies

Page Statistics

200 Requests

90 %HTTPS

45 %IPv6

40 Domains

53 Subdomains

40 IPs

7 Countries

13862 kBTransfer

17539 kBSize

47 Cookies

22 Outgoing links

Redirected requests

200 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 5 data transactions

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

turfologie.fr.gd Open in urlscan Pro
193.238.27.28 Public Scan

Screenshot
Live screenshot

Full Image

200
Requests

90 %
HTTPS

45 %
IPv6

40
Domains

53
Subdomains

40
IPs

7
Countries

13862 kB
Transfer

17539 kB
Size

47
Cookies

200 HTTP transactions
5 data transactions