www.topronostics.0rg.fr Open in urlscan Pro
5.135.149.81 Public Scan

Go To Rescan
Add Verdict Report

URL:
http://www.topronostics.0rg.fr/pronostics
Submission: On July 29 via manual (July 29th 2021, 7:30:16 am UTC) from BF

Summary HTTP 34 Redirects Behaviour Indicators

Summary

This website contacted 11 IPs in 3 countries across 10 domains to perform 34 HTTP transactions. The main IP is 5.135.149.81, located in France and belongs to OVH, FR. The main domain is www.topronostics.0rg.fr.

This is the only time www.topronostics.0rg.fr was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
10	5.135.149.81 5.135.149.81	16276 (OVH) (OVH)
9	194.150.236.190 194.150.236.190	44976 (HIWIT_AS) (HIWIT_AS)
5	2a00:1450:400... 2a00:1450:4001:811::2002	15169 (GOOGLE) (GOOGLE)
1	185.119.26.1 185.119.26.1	203544 (WEBDEVIIN-AS) (WEBDEVIIN-AS)
2	2a00:1450:400... 2a00:1450:4001:812::2002	15169 (GOOGLE) (GOOGLE)
1	142.250.184.226 142.250.184.226	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:827::2002	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:828::2002	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:801::2002	15169 (GOOGLE) (GOOGLE)
2	2a00:1450:400... 2a00:1450:4001:831::2001	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:82f::2004	15169 (GOOGLE) (GOOGLE)
34	11

10 5.135.149.81 (France)

ASN16276 (OVH, FR)
PTR: web3.venez.net

www.topronostics.0rg.fr	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
www.venez.fr	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

9 194.150.236.190 (France)

ASN44976 (HIWIT_AS, FR)
PTR: ns30.hiwit.net

www.top-pmu.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 2a00:1450:4001:811::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

pagead2.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 185.119.26.1 (France)

ASN203544 (WEBDEVIIN-AS, FR)
PTR: 1.26.119.185.in-addr.arpa

payment.allopass.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:812::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

googleads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 142.250.184.226 (United States)

ASN15169 (GOOGLE, US)
PTR: fra24s12-in-f2.1e100.net

partner.googleadservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:827::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

adservice.google.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:828::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

adservice.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:801::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.googletagservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:831::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

tpc.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:82f::2004 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
9	top-pmu.com www.top-pmu.com	376 KB
7	googlesyndication.com pagead2.googlesyndication.com tpc.googlesyndication.com	175 KB
7	venez.fr www.venez.fr	9 KB
3	0rg.fr www.topronostics.0rg.fr	3 KB
2	google.com adservice.google.com www.google.com	2 KB
2	doubleclick.net googleads.g.doubleclick.net	5 KB
1	googletagservices.com www.googletagservices.com	28 KB
1	google.de adservice.google.de	853 B
1	googleadservices.com partner.googleadservices.com	653 B
1	allopass.com payment.allopass.com	2 KB
34	10

	Domain	Requested by
9	www.top-pmu.com	www.topronostics.0rg.fr www.top-pmu.com
7	www.venez.fr	www.topronostics.0rg.fr www.venez.fr
5	pagead2.googlesyndication.com	www.topronostics.0rg.fr pagead2.googlesyndication.com tpc.googlesyndication.com
3	www.topronostics.0rg.fr	www.topronostics.0rg.fr
2	tpc.googlesyndication.com	pagead2.googlesyndication.com tpc.googlesyndication.com
2	googleads.g.doubleclick.net	pagead2.googlesyndication.com
1	www.google.com	tpc.googlesyndication.com
1	www.googletagservices.com	pagead2.googlesyndication.com
1	adservice.google.com	pagead2.googlesyndication.com
1	adservice.google.de	pagead2.googlesyndication.com
1	partner.googleadservices.com	pagead2.googlesyndication.com
1	payment.allopass.com	www.top-pmu.com
34	12

This site contains no links.

Subject Issuer	Validity	Valid
venez.fr R3	`2021-07-05` - `2021-10-03`	3 months	crt.sh
*.allopass.com R3	`2021-07-04` - `2021-10-02`	3 months	crt.sh
*.g.doubleclick.net GTS CA 1C3	`2021-06-28` - `2021-09-20`	3 months	crt.sh
*.googleadservices.com GTS CA 1C3	`2021-07-05` - `2021-09-27`	3 months	crt.sh
*.google.de GTS CA 1C3	`2021-07-05` - `2021-09-27`	3 months	crt.sh
*.google.com GTS CA 1C3	`2021-06-28` - `2021-09-20`	3 months	crt.sh
tpc.googlesyndication.com GTS CA 1C3	`2021-07-05` - `2021-09-27`	3 months	crt.sh
www.google.com GTS CA 1C3	`2021-06-28` - `2021-09-20`	3 months	crt.sh

This page contains 9 frames:

Primary Page: http://www.topronostics.0rg.fr/pronostics
Frame ID: 73185B3EBB9875C026CBA9C0AD9CB563
Requests: 1 HTTP requests in this frame

Frame: http://www.topronostics.0rg.fr/barre-topronostics.0rg.fr.html
Frame ID: 7E8682FC0526C29D0CE72124E4390DA9
Requests: 13 HTTP requests in this frame

Frame: http://www.top-pmu.com/topronostics/pronostics
Frame ID: CB7430D0F9B79796BFB6BF307E6AC9BF
Requests: 10 HTTP requests in this frame

Frame: http://www.topronostics.0rg.fr/stats-topronostics.0rg.fr.html
Frame ID: DB2CBF5E8B5D061E6A87E9BA5063266D
Requests: 1 HTTP requests in this frame

Frame: https://www.venez.fr/alternate-barre.htm
Frame ID: 6AEF6139985AFB789A676FF972430F06
Requests: 4 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/html/r20210727/r20190131/zrt_lookup.html
Frame ID: FE3CE62112D612FAB2196D08B525CC38
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5203714787387788&output=html&h=90&slotname=4563536207&adk=2647235303&adf=3604715433&pi=t.ma~as.4563536207&w=970&psa=0&format=970x90&url=http%3A%2F%2Fwww.topronostics.0rg.fr%2Fpronostics&ea=0&flash=0&wgl=1&dt=1627543796341&bpp=4&bdt=209&idt=73&shv=r20210727&mjsv=m202107280101&ptt=9&saldr=aa&correlator=7431258232035&frm=23&ife=1&pv=2&ga_vid=172341854.1627543796&ga_sid=1627543796&ga_hid=255068591&ga_fc=0&nhd=1&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=20&ady=0&biw=1600&bih=1200&isw=1600&ish=90&ifk=214146640&scr_x=0&scr_y=0&eid=42530672%2C20211866&oid=3&pvsid=1511866771343423&eae=2&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C90&vis=1&rsz=o%7Co%7CaeE%7C&abl=NA&pfx=0&fu=4&bc=23&ifi=1&uci=1.cxap7k3lr1oh&fsb=1&dtd=91
Frame ID: 360A86D50D0012D12ABEEC58A6F46860
Requests: 1 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/224/runner.html
Frame ID: 4430A9300A0E0D171CC49B207396D4D0
Requests: 2 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/aframe
Frame ID: CBFF282E3E49AB9F0FC4A6A412FD44D5
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Detected technologies

Apache (Web Servers) Expand

Overall confidence: 100%
Detected patterns

headers server /(?:Apache(?:$|\/([\d.]+)|[^/-])|(?:^|\b)HTTPD)/i

Page Statistics

34
Requests

62 %
HTTPS

64 %
IPv6

10
Domains

12
Subdomains

11
IPs

3
Countries

602 kB
Transfer

937 kB
Size

2
Cookies

0 Outgoing links

These are links going to different origins than the main page.

Redirected requests

There were HTTP redirect chains for the following requests:

34 HTTP transactions
0 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H/1.1 200
OK Primary Request pronostics Show response
www.topronostics.0rg.fr/ 3 KB
1 KB 83ms
35ms Document
text/html 5.135.149.81
OVH

General

Check archive.org

Show headers Download Go to

Full URL: http://www.topronostics.0rg.fr/pronostics
Protocol: HTTP/1.1
Server: 5.135.149.81 , France, ASN16276 (OVH, FR),
Reverse DNS: web3.venez.net
Software: Apache /
Resource Hash: da02301ab3e24f45b20ab4ab16204ef0d6ae6ce40c8ad047e9b7d980e89e43c7

Request headers

Host: www.topronostics.0rg.fr
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Accept-Encoding: gzip, deflate
Accept-Language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Thu, 29 Jul 2021 07:29:55 GMT
Server: Apache
Vary: Accept-Encoding
Content-Encoding: gzip
Content-Length: 1077
Keep-Alive: timeout=5, max=100
Connection: Keep-Alive
Content-Type: text/html; charset=iso-8859-1

GET
H/1.1 200
OK barre-topronostics.0rg.fr.html Show response
www.topronostics.0rg.fr/ Frame 7E86 3 KB
2 KB 115ms
114ms Document
text/html 5.135.149.81
OVH

General

Check archive.org

Show headers Download Go to

Full URL: http://www.topronostics.0rg.fr/barre-topronostics.0rg.fr.html
Requested by: Host: www.topronostics.0rg.fr
URL: http://www.topronostics.0rg.fr/pronostics
Protocol: HTTP/1.1
Server: 5.135.149.81 , France, ASN16276 (OVH, FR),
Reverse DNS: web3.venez.net
Software: Apache /
Resource Hash: 767650b0540f4f2086b3fc462b96d9036f9785fdebc6ff9a902e058df8eb6d1c

Request headers

Host: www.topronostics.0rg.fr
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Referer: http://www.topronostics.0rg.fr/pronostics
Accept-Encoding: gzip, deflate
Accept-Language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: http://www.topronostics.0rg.fr/pronostics

Response headers

Date: Thu, 29 Jul 2021 07:29:55 GMT
Server: Apache
Expires: Thu, 29 Jul 2021 07:29:55 GMT
Last-Modified: Thu, 29 Jul 2021 07:29:55 GMT
Cache-Control: no-store, no-cache, must-revalidate post-check=0, pre-check=0
Pragma: no-cache
Vary: Accept-Encoding
Content-Encoding: gzip
Content-Length: 1485
Keep-Alive: timeout=5, max=99
Connection: Keep-Alive
Content-Type: text/html; charset=ISO-8859-1

GET
H/1.1 200
OK pronostics Show response
www.top-pmu.com/topronostics/ Frame CB74 4 KB
4 KB 208ms
156ms Document
text/html 194.150.236.190
HIWIT_AS

General

Check archive.org

Show headers Download Go to

Full URL: http://www.top-pmu.com/topronostics/pronostics
Requested by: Host: www.topronostics.0rg.fr
URL: http://www.topronostics.0rg.fr/pronostics
Protocol: HTTP/1.1
Server: 194.150.236.190 , France, ASN44976 (HIWIT_AS, FR),
Reverse DNS: ns30.hiwit.net
Software: Apache /
Resource Hash: e08a43f5c18545e29c210c800acd141788e7882676590e7b0640535ec4094f91

Request headers

Host: www.top-pmu.com
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Referer: http://www.topronostics.0rg.fr/
Accept-Encoding: gzip, deflate
Accept-Language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: http://www.topronostics.0rg.fr/

Response headers

Date: Thu, 29 Jul 2021 07:29:56 GMT
Server: Apache
Content-Location: pronostics.php
Vary: negotiate,Host
TCN: choice
Keep-Alive: timeout=10, max=100
Connection: Keep-Alive
Transfer-Encoding: chunked
Content-Type: text/html

GET
H/1.1 200
OK stats-topronostics.0rg.fr.html Show response
www.topronostics.0rg.fr/ Frame DB2C 0
192 B 123ms
108ms Document
text/html 5.135.149.81
OVH

General

Check archive.org

Show headers Download Go to

Full URL: http://www.topronostics.0rg.fr/stats-topronostics.0rg.fr.html
Requested by: Host: www.topronostics.0rg.fr
URL: http://www.topronostics.0rg.fr/pronostics
Protocol: HTTP/1.1
Server: 5.135.149.81 , France, ASN16276 (OVH, FR),
Reverse DNS: web3.venez.net
Software: Apache /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Host: www.topronostics.0rg.fr
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Referer: http://www.topronostics.0rg.fr/pronostics
Accept-Encoding: gzip, deflate
Accept-Language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: http://www.topronostics.0rg.fr/pronostics

Response headers

Date: Thu, 29 Jul 2021 07:29:55 GMT
Server: Apache
Content-Length: 0
Keep-Alive: timeout=5, max=100
Connection: Keep-Alive
Content-Type: text/html; charset=iso-8859-1

GET
H/1.1 200
OK site.js Show response
www.venez.fr/js/ Frame 7E86 2 KB
1 KB 142ms
25ms Script
application/javascript 5.135.149.81
OVH

General

Check archive.org

Show headers Download Go to

Full URL: https://www.venez.fr/js/site.js?www.venez.fr
Requested by: Host: www.topronostics.0rg.fr
URL: http://www.topronostics.0rg.fr/barre-topronostics.0rg.fr.html
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 5.135.149.81 , France, ASN16276 (OVH, FR),
Reverse DNS: web3.venez.net
Software: Apache /
Resource Hash: 0c91a24c2deb753c963c48cd9c3e5d16ee96128b30bce193c4324e121728c306

Request headers

Referer: http://www.topronostics.0rg.fr/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Thu, 29 Jul 2021 07:29:55 GMT
Content-Encoding: gzip
Last-Modified: Thu, 29 Jul 2021 07:29:55 GMT
Server: Apache
Vary: Accept-Encoding
Content-Type: application/javascript
Cache-Control: public, max-age=604800
Connection: Keep-Alive
Keep-Alive: timeout=5, max=100
Content-Length: 1023
Expires: Thu, 05 Aug 2021 07:29:55 GMT

GET
H/1.1 200
OK separateur90.gif
www.venez.fr/images/ Frame 7E86 82 B
388 B 143ms
25ms Image
image/gif 5.135.149.81
OVH

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.venez.fr/images/separateur90.gif
Requested by: Host: www.topronostics.0rg.fr
URL: http://www.topronostics.0rg.fr/barre-topronostics.0rg.fr.html
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 5.135.149.81 , France, ASN16276 (OVH, FR),
Reverse DNS: web3.venez.net
Software: Apache /
Resource Hash: 3289fc83b622ca0a13683fa81b006a05de135d1938744d6e30e5c9be2f2d782a

Request headers

Referer: http://www.topronostics.0rg.fr/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Thu, 29 Jul 2021 07:29:55 GMT
Last-Modified: Thu, 15 Nov 2018 22:11:22 GMT
Server: Apache
ETag: "52-57abb54b25680"
Content-Type: image/gif
Cache-Control: max-age=604800, public
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=100
Content-Length: 82

GET
H/1.1 200
OK adsbygoogle.js Show response
pagead2.googlesyndication.com/pagead/js/ Frame 7E86 136 KB
49 KB 39ms
32ms Script
text/javascript 2a00:1450:4001:811::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

http://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js

Requested by

Host: www.topronostics.0rg.fr
URL: http://www.topronostics.0rg.fr/barre-topronostics.0rg.fr.html

Protocol

HTTP/1.1

Server

2a00:1450:4001:811::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

83343529aac74abdbf4ebdefd6eb15cf706f46eedb3f3347f57dbb647c296f5c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: http://www.topronostics.0rg.fr/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Timing-Allow-Origin: *
Date: Thu, 29 Jul 2021 07:29:56 GMT
Content-Encoding: gzip
X-Content-Type-Options: nosniff
Server: cafe
ETag: 10822840083594062077
Vary: Accept-Encoding, Origin
P3P: policyref="http://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
Cache-Control: private, max-age=3600
Cross-Origin-Resource-Policy: cross-origin
Content-Disposition: attachment; filename="f.txt"
Content-Type: text/javascript; charset=UTF-8
Content-Length: 49338
X-XSS-Protection: 0
Expires: Thu, 29 Jul 2021 07:29:56 GMT

GET
H/1.1 200
OK style1.css
www.top-pmu.com/topronostics/ Frame CB74 6 KB
6 KB 28ms
25ms Stylesheet
text/css 194.150.236.190
HIWIT_AS

General

Check archive.org

Show headers Download Go to

Full URL: http://www.top-pmu.com/topronostics/style1.css
Requested by: Host: www.top-pmu.com
URL: http://www.top-pmu.com/topronostics/pronostics
Protocol: HTTP/1.1
Server: 194.150.236.190 , France, ASN44976 (HIWIT_AS, FR),
Reverse DNS: ns30.hiwit.net
Software: Apache /
Resource Hash: 48798af78a16a9c069e2e899423f7c05c2803e798044031adc261336311f49ad

Request headers

Referer: http://www.top-pmu.com/topronostics/pronostics
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Thu, 29 Jul 2021 07:29:56 GMT
Last-Modified: Mon, 28 Sep 2020 16:37:34 GMT
Server: Apache
ETag: "90697e-1718-5b062488c6f80"
Vary: Host
Content-Type: text/css
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=10, max=99
Content-Length: 5912

GET
H/1.1 200
OK secure.apu Show response
payment.allopass.com/api/ Frame CB74 1 KB
2 KB 352ms
37ms Script
text/javascript 185.119.26.1
WEBDEVIIN-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://payment.allopass.com/api/secure.apu?ids=354953&idd=1548958
Requested by: Host: www.top-pmu.com
URL: http://www.top-pmu.com/topronostics/pronostics
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 185.119.26.1 , France, ASN203544 (WEBDEVIIN-AS, FR),
Reverse DNS: 1.26.119.185.in-addr.arpa
Software: Apache /
Resource Hash: 1e58ba15f65cc698893ef7a09e5832460e3a8282839a1d282aca51378d03296c

Request headers

Referer: http://www.top-pmu.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Thu, 29 Jul 2021 07:29:56 GMT
Server: Apache
Connection: close
Content-Length: 1524
X-Allopass-Token: 610258f488301
Content-Type: text/javascript; charset=utf-8

GET
H/1.1 200
OK cp4.png
www.top-pmu.com/topronostics/img/ Frame CB74 39 KB
39 KB 264ms
249ms Image
image/png 194.150.236.190
HIWIT_AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://www.top-pmu.com/topronostics/img/cp4.png
Requested by: Host: www.top-pmu.com
URL: http://www.top-pmu.com/topronostics/pronostics
Protocol: HTTP/1.1
Server: 194.150.236.190 , France, ASN44976 (HIWIT_AS, FR),
Reverse DNS: ns30.hiwit.net
Software: Apache /
Resource Hash: 4620d0b4287e3c05e1b420263220711c102f42b650026df0f8cb9dd84cf15962

Request headers

Referer: http://www.top-pmu.com/topronostics/pronostics
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Thu, 29 Jul 2021 07:29:56 GMT
Last-Modified: Mon, 28 Sep 2020 16:37:50 GMT
Server: Apache
ETag: "906990-9be9-5b06249809380"
Vary: Host
Content-Type: image/png
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=10, max=100
Content-Length: 39913

GET
H/1.1 200
OK cp3.png
www.top-pmu.com/topronostics/img/ Frame CB74 49 KB
49 KB 48ms
33ms Image
image/png 194.150.236.190
HIWIT_AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://www.top-pmu.com/topronostics/img/cp3.png
Requested by: Host: www.top-pmu.com
URL: http://www.top-pmu.com/topronostics/pronostics
Protocol: HTTP/1.1
Server: 194.150.236.190 , France, ASN44976 (HIWIT_AS, FR),
Reverse DNS: ns30.hiwit.net
Software: Apache /
Resource Hash: a0ee71147d69251b24fa57522591524b0340a1827f39a61e86895fae4c600850

Request headers

Referer: http://www.top-pmu.com/topronostics/pronostics
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Thu, 29 Jul 2021 07:29:56 GMT
Last-Modified: Mon, 28 Sep 2020 16:37:49 GMT
Server: Apache
ETag: "90698f-c28f-5b06249715140"
Vary: Host
Content-Type: image/png
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=10, max=100
Content-Length: 49807

GET
H/1.1 200
OK cp2.png
www.top-pmu.com/topronostics/img/ Frame CB74 44 KB
45 KB 50ms
35ms Image
image/png 194.150.236.190
HIWIT_AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://www.top-pmu.com/topronostics/img/cp2.png
Requested by: Host: www.top-pmu.com
URL: http://www.top-pmu.com/topronostics/pronostics
Protocol: HTTP/1.1
Server: 194.150.236.190 , France, ASN44976 (HIWIT_AS, FR),
Reverse DNS: ns30.hiwit.net
Software: Apache /
Resource Hash: 2ac1aab162671f18c0f3b3fbb2c64cecd5383d661e491741ed052fec24172bda

Request headers

Referer: http://www.top-pmu.com/topronostics/pronostics
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Thu, 29 Jul 2021 07:29:56 GMT
Last-Modified: Mon, 28 Sep 2020 16:37:48 GMT
Server: Apache
ETag: "90698e-b1a0-5b06249620f00"
Vary: Host
Content-Type: image/png
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=10, max=100
Content-Length: 45472

GET
H/1.1 200
OK cp1.png
www.top-pmu.com/topronostics/img/ Frame CB74 49 KB
49 KB 49ms
34ms Image
image/png 194.150.236.190
HIWIT_AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://www.top-pmu.com/topronostics/img/cp1.png
Requested by: Host: www.top-pmu.com
URL: http://www.top-pmu.com/topronostics/pronostics
Protocol: HTTP/1.1
Server: 194.150.236.190 , France, ASN44976 (HIWIT_AS, FR),
Reverse DNS: ns30.hiwit.net
Software: Apache /
Resource Hash: 59096574546105267892287f52b4fe1e4ad4be53f069c98f1f5f6624fb17924a

Request headers

Referer: http://www.top-pmu.com/topronostics/pronostics
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Thu, 29 Jul 2021 07:29:56 GMT
Last-Modified: Mon, 28 Sep 2020 16:37:47 GMT
Server: Apache
ETag: "90698d-c48b-5b0624952ccc0"
Vary: Host
Content-Type: image/png
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=10, max=100
Content-Length: 50315

GET
H/1.1 200
OK pronostics
www.top-pmu.com/topronostics/ Frame CB74 4 KB
4 KB 85ms
71ms Image
text/html 194.150.236.190
HIWIT_AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://www.top-pmu.com/topronostics/pronostics
Requested by: Host: www.top-pmu.com
URL: http://www.top-pmu.com/topronostics/pronostics
Protocol: HTTP/1.1
Server: 194.150.236.190 , France, ASN44976 (HIWIT_AS, FR),
Reverse DNS: ns30.hiwit.net
Software: Apache /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: http://www.top-pmu.com/topronostics/pronostics
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Thu, 29 Jul 2021 07:29:56 GMT
Server: Apache
Vary: negotiate,Host
Content-Type: text/html
Transfer-Encoding: chunked
TCN: choice
Connection: Keep-Alive
Content-Location: pronostics.php
Keep-Alive: timeout=10, max=100

GET
H/1.1 200
OK cp6.png
www.top-pmu.com/topronostics/img/ Frame CB74 28 KB
28 KB 25ms
25ms Image
image/png 194.150.236.190
HIWIT_AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://www.top-pmu.com/topronostics/img/cp6.png
Requested by: Host: www.top-pmu.com
URL: http://www.top-pmu.com/topronostics/style1.css
Protocol: HTTP/1.1
Server: 194.150.236.190 , France, ASN44976 (HIWIT_AS, FR),
Reverse DNS: ns30.hiwit.net
Software: Apache /
Resource Hash: 1d8de95e530b1adcd9d22ae74b6ef58fcfee38a3bedf0d77d9f613f911f34a95

Request headers

Referer: http://www.top-pmu.com/topronostics/style1.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Thu, 29 Jul 2021 07:29:56 GMT
Last-Modified: Mon, 28 Sep 2020 16:37:52 GMT
Server: Apache
ETag: "906992-6f54-5b062499f1800"
Vary: Host
Content-Type: image/png
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=10, max=98
Content-Length: 28500

GET
H/1.1 200
OK toprono.png
www.top-pmu.com/topronostics/img/ Frame CB74 152 KB
152 KB 51ms
24ms Image
image/png 194.150.236.190
HIWIT_AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://www.top-pmu.com/topronostics/img/toprono.png
Requested by: Host: www.top-pmu.com
URL: http://www.top-pmu.com/topronostics/style1.css
Protocol: HTTP/1.1
Server: 194.150.236.190 , France, ASN44976 (HIWIT_AS, FR),
Reverse DNS: ns30.hiwit.net
Software: Apache /
Resource Hash: 550f61c40b9fb66e0161ed926a9054b16865e2aa2f4e98a23932bff971ce5fca

Request headers

Referer: http://www.top-pmu.com/topronostics/style1.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Thu, 29 Jul 2021 07:29:56 GMT
Last-Modified: Mon, 28 Sep 2020 16:38:12 GMT
Server: Apache
ETag: "b6e8a4-25ecd-5b0624ad04500"
Vary: Host
Content-Type: image/png
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=10, max=97
Content-Length: 155341

GET
H/1.1 200
OK alternate-barre.htm Show response
www.venez.fr/ Frame 6AEF 2 KB
1 KB 25ms
25ms Document
text/html 5.135.149.81
OVH

General

Check archive.org

Show headers Download Go to

Full URL: https://www.venez.fr/alternate-barre.htm
Requested by: Host: www.topronostics.0rg.fr
URL: http://www.topronostics.0rg.fr/barre-topronostics.0rg.fr.html
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 5.135.149.81 , France, ASN16276 (OVH, FR),
Reverse DNS: web3.venez.net
Software: Apache /
Resource Hash: 61f736f0e05b6efac68a15b3c876e358e17e5a7655edc5439527141f5e978901

Request headers

Host: www.venez.fr
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site: cross-site
Sec-Fetch-Mode: navigate
Sec-Fetch-Dest: iframe
Referer: http://www.topronostics.0rg.fr/
Accept-Encoding: gzip, deflate, br
Accept-Language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: http://www.topronostics.0rg.fr/

Response headers

Date: Thu, 29 Jul 2021 07:29:55 GMT
Server: Apache
Vary: Accept-Encoding
Content-Encoding: gzip
Content-Length: 848
Keep-Alive: timeout=5, max=99
Connection: Keep-Alive
Content-Type: text/html; charset=iso-8859-1

GET
H/1.1 200
OK barre90.gif
www.venez.fr/images/ Frame 7E86 110 B
416 B 26ms
25ms Image
image/gif 5.135.149.81
OVH

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.venez.fr/images/barre90.gif
Requested by: Host: www.topronostics.0rg.fr
URL: http://www.topronostics.0rg.fr/barre-topronostics.0rg.fr.html
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 5.135.149.81 , France, ASN16276 (OVH, FR),
Reverse DNS: web3.venez.net
Software: Apache /
Resource Hash: 49d4ba84e10d9d1f2a83956dde4f20625fd11efc01f60a3a4552a9e09a05a74f

Request headers

Referer: http://www.topronostics.0rg.fr/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Thu, 29 Jul 2021 07:29:55 GMT
Last-Modified: Thu, 15 Nov 2018 22:06:23 GMT
Server: Apache
ETag: "6e-57abb42dff5c0"
Content-Type: image/gif
Cache-Control: max-age=604800, public
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=99
Content-Length: 110

GET
H/1.1 200
OK 120x60.gif
www.venez.fr/images/ Frame 6AEF 4 KB
4 KB 25ms
25ms Image
image/gif 5.135.149.81
OVH

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.venez.fr/images/120x60.gif
Requested by: Host: www.venez.fr
URL: https://www.venez.fr/alternate-barre.htm
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 5.135.149.81 , France, ASN16276 (OVH, FR),
Reverse DNS: web3.venez.net
Software: Apache /
Resource Hash: 7dc792d48132ff15a9ad8c11a139bf26f8e13aa3df30a71582ae406ddffdab4f

Request headers

Referer: https://www.venez.fr/alternate-barre.htm
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Thu, 29 Jul 2021 07:29:56 GMT
Last-Modified: Wed, 02 Mar 2011 00:16:24 GMT
Server: Apache
ETag: "f4c-49d74d2b9c600"
Content-Type: image/gif
Cache-Control: max-age=604800, public
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=98
Content-Length: 3916

GET
H/1.1 200
OK site.js Show response
www.venez.fr/js/ Frame 6AEF 2 KB
1 KB 25ms
25ms Script
application/javascript 5.135.149.81
OVH

General

Check archive.org

Show headers Download Go to

Full URL: https://www.venez.fr/js/site.js?www.venez.fr
Requested by: Host: www.venez.fr
URL: https://www.venez.fr/alternate-barre.htm
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 5.135.149.81 , France, ASN16276 (OVH, FR),
Reverse DNS: web3.venez.net
Software: Apache /
Resource Hash: 0c91a24c2deb753c963c48cd9c3e5d16ee96128b30bce193c4324e121728c306

Request headers

Referer: https://www.venez.fr/alternate-barre.htm
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Thu, 29 Jul 2021 07:29:56 GMT
Content-Encoding: gzip
Last-Modified: Thu, 29 Jul 2021 07:29:56 GMT
Server: Apache
Vary: Accept-Encoding
Content-Type: application/javascript
Cache-Control: public, max-age=604800
Connection: Keep-Alive
Keep-Alive: timeout=5, max=98
Content-Length: 1023
Expires: Thu, 05 Aug 2021 07:29:56 GMT

GET
H/1.1 200
OK barre90.gif
www.venez.fr/images/ Frame 6AEF 110 B
416 B 42ms
25ms Image
image/gif 5.135.149.81
OVH

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.venez.fr/images/barre90.gif
Requested by: Host: www.venez.fr
URL: https://www.venez.fr/alternate-barre.htm
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 5.135.149.81 , France, ASN16276 (OVH, FR),
Reverse DNS: web3.venez.net
Software: Apache /
Resource Hash: 49d4ba84e10d9d1f2a83956dde4f20625fd11efc01f60a3a4552a9e09a05a74f

Request headers

Referer: https://www.venez.fr/alternate-barre.htm
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Thu, 29 Jul 2021 07:29:56 GMT
Last-Modified: Thu, 15 Nov 2018 22:06:23 GMT
Server: Apache
ETag: "6e-57abb42dff5c0"
Content-Type: image/gif
Cache-Control: max-age=604800, public
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=97
Content-Length: 110

GET
H2 200 show_ads_impl_with_ama_fy2019.js Show response
pagead2.googlesyndication.com/pagead/managed/js/adsense/m202107280101/ Frame 7E86 250 KB
94 KB 47ms
29ms Script
text/javascript 2a00:1450:4001:811::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202107280101/show_ads_impl_with_ama_fy2019.js?client=ca-pub-5203714787387788&plah=www.topronostics.0rg.fr&amaexp=1

Requested by

Host: pagead2.googlesyndication.com
URL: http://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:811::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

4874d00f8999743ad740176788e25f25fb60ce668ce7e410975092ee271ea904

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: http://www.topronostics.0rg.fr/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 29 Jul 2021 07:29:56 GMT
content-encoding: gzip
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 95279
x-xss-protection: 0
server: cafe
etag: 5035717091892317449
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=3600, stale-while-revalidate=3600
timing-allow-origin: *
expires: Thu, 29 Jul 2021 07:29:56 GMT

GET
H2 200 zrt_lookup.html Show response
googleads.g.doubleclick.net/pagead/html/r20210727/r20190131/ Frame FE3C 10 KB
5 KB 25ms
5ms Document
text/html 2a00:1450:4001:812::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/html/r20210727/r20190131/zrt_lookup.html

Requested by

Host: pagead2.googlesyndication.com
URL: http://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

5d1310353e02e0a006b79b7d607131cb6d9411543a8957b772f565816fdf3ce4

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: googleads.g.doubleclick.net
:scheme: https
:path: /pagead/html/r20210727/r20190131/zrt_lookup.html
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: http://www.topronostics.0rg.fr/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: http://www.topronostics.0rg.fr/

Response headers

p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
vary: Accept-Encoding
date: Wed, 28 Jul 2021 19:28:14 GMT
expires: Wed, 11 Aug 2021 19:28:14 GMT
content-type: text/html; charset=UTF-8
etag: 4389807852502320046
x-content-type-options: nosniff
content-encoding: gzip
server: cafe
content-length: 4579
x-xss-protection: 0
age: 43302
cache-control: public, max-age=1209600
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H2 200 cookie.js Show response
partner.googleadservices.com/gampad/ Frame 7E86 196 B
653 B 88ms
32ms Script
text/javascript 142.250.184.226
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://partner.googleadservices.com/gampad/cookie.js?domain=www.topronostics.0rg.fr&callback=_gfp_s_&client=ca-pub-5203714787387788

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202107280101/show_ads_impl_with_ama_fy2019.js?client=ca-pub-5203714787387788&plah=www.topronostics.0rg.fr&amaexp=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.184.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s12-in-f2.1e100.net

Software

cafe /

Resource Hash

f44e8ea4fe96358c91b0764c0e3b3e2d9c7a24018407d91f9fa7dc28dd8dd5f8

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: http://www.topronostics.0rg.fr/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 29 Jul 2021 07:29:56 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-type: text/javascript; charset=UTF-8
cache-control: private
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 187
x-xss-protection: 0

GET
H2 200 integrator.js Show response
adservice.google.de/adsid/ Frame 7E86 107 B
853 B 41ms
22ms Script
application/javascript 2a00:1450:4001:827::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.de/adsid/integrator.js?domain=www.topronostics.0rg.fr

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: http://www.topronostics.0rg.fr/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin: *
date: Thu, 29 Jul 2021 07:29:56 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/javascript; charset=UTF-8
alt-svc: h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H2 200 integrator.js Show response
adservice.google.com/adsid/ Frame 7E86 107 B
570 B 37ms
15ms Script
application/javascript 2a00:1450:4001:828::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.com/adsid/integrator.js?domain=www.topronostics.0rg.fr

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: http://www.topronostics.0rg.fr/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin: *
date: Thu, 29 Jul 2021 07:29:56 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/javascript; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H3-29 200 ads Show response
googleads.g.doubleclick.net/pagead/ Frame 360A 436 B
234 B 86ms
86ms Document
text/html 2a00:1450:4001:812::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5203714787387788&output=html&h=90&slotname=4563536207&adk=2647235303&adf=3604715433&pi=t.ma~as.4563536207&w=970&psa=0&format=970x90&url=http%3A%2F%2Fwww.topronostics.0rg.fr%2Fpronostics&ea=0&flash=0&wgl=1&dt=1627543796341&bpp=4&bdt=209&idt=73&shv=r20210727&mjsv=m202107280101&ptt=9&saldr=aa&correlator=7431258232035&frm=23&ife=1&pv=2&ga_vid=172341854.1627543796&ga_sid=1627543796&ga_hid=255068591&ga_fc=0&nhd=1&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=20&ady=0&biw=1600&bih=1200&isw=1600&ish=90&ifk=214146640&scr_x=0&scr_y=0&eid=42530672%2C20211866&oid=3&pvsid=1511866771343423&eae=2&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C90&vis=1&rsz=o%7Co%7CaeE%7C&abl=NA&pfx=0&fu=4&bc=23&ifi=1&uci=1.cxap7k3lr1oh&fsb=1&dtd=91

Requested by

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

c551ff539f2b70690364aa1dfbfcb240d982139f65d94ad302fca24d70abaf51

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: googleads.g.doubleclick.net
:scheme: https
:path: /pagead/ads?client=ca-pub-5203714787387788&output=html&h=90&slotname=4563536207&adk=2647235303&adf=3604715433&pi=t.ma~as.4563536207&w=970&psa=0&format=970x90&url=http%3A%2F%2Fwww.topronostics.0rg.fr%2Fpronostics&ea=0&flash=0&wgl=1&dt=1627543796341&bpp=4&bdt=209&idt=73&shv=r20210727&mjsv=m202107280101&ptt=9&saldr=aa&correlator=7431258232035&frm=23&ife=1&pv=2&ga_vid=172341854.1627543796&ga_sid=1627543796&ga_hid=255068591&ga_fc=0&nhd=1&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=20&ady=0&biw=1600&bih=1200&isw=1600&ish=90&ifk=214146640&scr_x=0&scr_y=0&eid=42530672%2C20211866&oid=3&pvsid=1511866771343423&eae=2&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C90&vis=1&rsz=o%7Co%7CaeE%7C&abl=NA&pfx=0&fu=4&bc=23&ifi=1&uci=1.cxap7k3lr1oh&fsb=1&dtd=91
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: http://www.topronostics.0rg.fr/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: http://www.topronostics.0rg.fr/

Response headers

p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
x-content-type-options: nosniff
content-encoding: br
date: Thu, 29 Jul 2021 07:29:56 GMT
server: cafe
content-length: 211
x-xss-protection: 0
set-cookie: test_cookie=CheckForPermission; expires=Thu, 29-Jul-2021 07:44:56 GMT; path=/; domain=.doubleclick.net; Secure; HttpOnly; SameSite=none
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
expires: Thu, 29 Jul 2021 07:29:56 GMT
cache-control: private

GET
H2 200 osd.js Show response
www.googletagservices.com/activeview/js/current/ Frame 7E86 73 KB
28 KB 34ms
15ms Script
text/javascript 2a00:1450:4001:801::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/osd.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:801::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

727d06f38b813004baa0b6a9c96c24e2bce04b7be4c05f9486499f4250f9a772

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: http://www.topronostics.0rg.fr/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 29 Jul 2021 07:29:56 GMT
content-encoding: gzip
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
server: sffe
etag: "1627298829912756"
vary: Accept-Encoding
content-type: text/javascript
cache-control: private, max-age=3000
x-content-type-options: nosniff
accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 27995
x-xss-protection: 0
expires: Thu, 29 Jul 2021 07:29:56 GMT

GET
H3-29 200 sodar Show response
pagead2.googlesyndication.com/getconfig/ Frame 7E86 11 KB
8 KB 40ms
26ms XHR
application/json 2a00:1450:4001:811::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gda&tv=r20210727&st=env

Requested by

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:811::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

66c0e6eda8e1508f825fbcef91c108d6b4e0aa3880984369cff71756053ba563

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: http://www.topronostics.0rg.fr/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin: *
date: Thu, 29 Jul 2021 07:29:56 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin: *
cache-control: private
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/json; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 8503
x-xss-protection: 0

GET
H2 200 sodar2.js Show response
tpc.googlesyndication.com/sodar/ Frame 7E86 17 KB
7 KB 34ms
14ms Script
text/javascript 2a00:1450:4001:831::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:831::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

a5ead9037af4a0e749e217f63b25a25493a7705e17d98f04b336ab1370a353db

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: http://www.topronostics.0rg.fr/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 29 Jul 2021 07:29:56 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: sffe
etag: "1624308425655142"
vary: Accept-Encoding
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 6467
x-xss-protection: 0
expires: Thu, 29 Jul 2021 07:29:56 GMT

GET
H3-29 200 runner.html Show response
tpc.googlesyndication.com/sodar/sodar2/224/ Frame 4430 12 KB
5 KB 20ms
6ms Document
text/html 2a00:1450:4001:831::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2/224/runner.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

4fa0156d693856f79289525c8e4db988a188d55ce0283351c96d811c7ce3e2c3

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: tpc.googlesyndication.com
:scheme: https
:path: /sodar/sodar2/224/runner.html
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: http://www.topronostics.0rg.fr/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: http://www.topronostics.0rg.fr/

Response headers

accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-type: text/html
cross-origin-resource-policy: cross-origin
content-length: 5029
date: Thu, 29 Jul 2021 06:37:29 GMT
expires: Fri, 29 Jul 2022 06:37:29 GMT
last-modified: Wed, 02 Jun 2021 17:09:45 GMT
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
cache-control: public, max-age=31536000
age: 3147
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H2 200 aframe Show response
www.google.com/recaptcha/api2/ Frame CBFF 783 B
1 KB 33ms
15ms Document
text/html 2a00:1450:4001:82f::2004
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/recaptcha/api2/aframe

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82f::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

GSE /

Resource Hash

7ab889ff9ad071df89448474b3c2ee79c4c84c88904bb20599fe46e121541aff

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-4lVgZe+t+Fq9K26Nc7G8pw' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

:method: GET
:authority: www.google.com
:scheme: https
:path: /recaptcha/api2/aframe
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: http://www.topronostics.0rg.fr/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: http://www.topronostics.0rg.fr/

Response headers

expires: Thu, 29 Jul 2021 07:29:56 GMT
date: Thu, 29 Jul 2021 07:29:56 GMT
cache-control: private, max-age=300
content-type: text/html; charset=utf-8
content-security-policy: script-src 'report-sample' 'nonce-4lVgZe+t+Fq9K26Nc7G8pw' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-encoding: gzip
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
content-length: 514
server: GSE
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H3-29 200 z7hxA_QHVtJoFMtElcP81jTEK2mU4ZuLJ84ICjnnObI.js Show response
pagead2.googlesyndication.com/bg/ Frame 4430 35 KB
13 KB 19ms
6ms Script
text/javascript 2a00:1450:4001:811::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/z7hxA_QHVtJoFMtElcP81jTEK2mU4ZuLJ84ICjnnObI.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2/224/runner.html

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:811::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

cfb87103f40756d26814cb4495c3fcd634c42b6994e19b8b27ce080a39e739b2

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 28 Jul 2021 21:33:44 GMT
content-encoding: br
x-content-type-options: nosniff
age: 35772
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 13261
x-xss-protection: 0
last-modified: Mon, 26 Jul 2021 08:58:00 GMT
server: sffe
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Thu, 28 Jul 2022 21:33:44 GMT

GET
H3-29 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame 7E86 0
20 B 29ms
29ms Image
image/gif 2a00:1450:4001:811::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar2&v=224&t=2&li=gda_r20210727&jk=1511866771343423&bg=!EhGlEVXNAAals0SOpbM7ACkAdvg8WltzAPggO_M4nVBDM83686AqY1KNhkq6dP9LfPQvD06lgFX_zAIAAABXUgAAAAloAQcKACH95LAniMTiYaeitu7cdxG4eGUJUqVPyCWWPJEWLCw03dOZAqLLBbloNTYX2c8h0jbfCIKLXr24VpfQiKg259tkETwTfarL6NQTQjcCka0MLfpiyP8a32lM6jYmh9tseZbTk58R7AFoHWEDetAcYe2WwNRo_N7ireIbCZP93SS_smvIP7BFVLU2cxlv70lwRQBWqvTgBVv9CljokM8_sX47HEAg2kHFRlGJKOhRzRumeFsTXa2ISljci4WkZBuiSU8gL51uL5VVejS7phkRJbljCkLIvNfeNlY7JFmYZBpnD3IOuKmYmyGwEsic-j8wV_mbRupxaR1cWNhLmL6QQFqPBEeQoyni6etn88mE4aN5DLfGqMvXVzAEqEau6nH1RlpoAskaw1xiibpu_jnMX1p5geKjhBIxEyQlhsG9qVXCxeGnQRHEo-tKtXTwuy6-D3Ehb_De30n56kWCTdgrcb4Fm6bAodjJjoiOTcB2vYFf-yPJKh4AeuT_dtb1F-_adZepdEArE2grE48X9qiDZzgZDi1jnPtF-XyZH8Q60yiK3CnCKwKTTFISWo0aAGwCwTP8zD55RfBDR6HvKZthCCYe_m1VC6pgkORAHd4qt5Dbinet5hZR7va8QEDswS0uvKmzp64muzi7rxTXooD4yIXS3Jmqpsa1C2iHZCGkGlMYmodtpdN6jIDndq9S8h7krRmcXxbiOeSD2VdKopnl85_2yMqKANLgqJb0Zj52ftUbqP9Fhs7U4X6UWxKZkS7KQSSb23gzwQvwbElAi9OQKxBQbo460EDIq4yL69dB7qAVKpaulVlJIjc2nuySKb80qfj5_0pIzpcgowQq-1VAJNRXXRIxZuS2v4ZgB05Qu5yfjezGwSdeoGhDTr8v-9G-Td3wzDWYr54q9V45NQJ3AahRcgGEayHAubG0QxaLwLTcdsbZ0hRXLQ

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:811::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: http://www.topronostics.0rg.fr/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 29 Jul 2021 07:29:56 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Verdicts & Comments Add Verdict or Comment

15 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

2 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

			Domain/Path	Expires	Name / Value
			.doubleclick.net/	1970-01-19 20:05:44	Name: test_cookie Value: CheckForPermission
			.0rg.fr/	1970-01-20 05:27:19	Name: __gads Value: ID=0cebd23e3fa6068e-2234f3fa7bc90082:T=1627543796:RT=1627543796:S=ALNI_MaC-3MjlBeQaEe8TEmv_rsUEZfbBw

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

adservice.google.com
adservice.google.de
googleads.g.doubleclick.net
pagead2.googlesyndication.com
partner.googleadservices.com
payment.allopass.com
tpc.googlesyndication.com
www.google.com
www.googletagservices.com
www.top-pmu.com
www.topronostics.0rg.fr
www.venez.fr
142.250.184.226
185.119.26.1
194.150.236.190
2a00:1450:4001:801::2002
2a00:1450:4001:811::2002
2a00:1450:4001:812::2002
2a00:1450:4001:827::2002
2a00:1450:4001:828::2002
2a00:1450:4001:82f::2004
2a00:1450:4001:831::2001
5.135.149.81
0c91a24c2deb753c963c48cd9c3e5d16ee96128b30bce193c4324e121728c306
1d8de95e530b1adcd9d22ae74b6ef58fcfee38a3bedf0d77d9f613f911f34a95
1e58ba15f65cc698893ef7a09e5832460e3a8282839a1d282aca51378d03296c
2ac1aab162671f18c0f3b3fbb2c64cecd5383d661e491741ed052fec24172bda
3289fc83b622ca0a13683fa81b006a05de135d1938744d6e30e5c9be2f2d782a
4620d0b4287e3c05e1b420263220711c102f42b650026df0f8cb9dd84cf15962
4874d00f8999743ad740176788e25f25fb60ce668ce7e410975092ee271ea904
48798af78a16a9c069e2e899423f7c05c2803e798044031adc261336311f49ad
49d4ba84e10d9d1f2a83956dde4f20625fd11efc01f60a3a4552a9e09a05a74f
4fa0156d693856f79289525c8e4db988a188d55ce0283351c96d811c7ce3e2c3
550f61c40b9fb66e0161ed926a9054b16865e2aa2f4e98a23932bff971ce5fca
59096574546105267892287f52b4fe1e4ad4be53f069c98f1f5f6624fb17924a
5d1310353e02e0a006b79b7d607131cb6d9411543a8957b772f565816fdf3ce4
61f736f0e05b6efac68a15b3c876e358e17e5a7655edc5439527141f5e978901
66c0e6eda8e1508f825fbcef91c108d6b4e0aa3880984369cff71756053ba563
727d06f38b813004baa0b6a9c96c24e2bce04b7be4c05f9486499f4250f9a772
767650b0540f4f2086b3fc462b96d9036f9785fdebc6ff9a902e058df8eb6d1c
7ab889ff9ad071df89448474b3c2ee79c4c84c88904bb20599fe46e121541aff
7dc792d48132ff15a9ad8c11a139bf26f8e13aa3df30a71582ae406ddffdab4f
83343529aac74abdbf4ebdefd6eb15cf706f46eedb3f3347f57dbb647c296f5c
a0ee71147d69251b24fa57522591524b0340a1827f39a61e86895fae4c600850
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
a5ead9037af4a0e749e217f63b25a25493a7705e17d98f04b336ab1370a353db
c551ff539f2b70690364aa1dfbfcb240d982139f65d94ad302fca24d70abaf51
cfb87103f40756d26814cb4495c3fcd634c42b6994e19b8b27ce080a39e739b2
da02301ab3e24f45b20ab4ab16204ef0d6ae6ce40c8ad047e9b7d980e89e43c7
e08a43f5c18545e29c210c800acd141788e7882676590e7b0640535ec4094f91
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
f44e8ea4fe96358c91b0764c0e3b3e2d9c7a24018407d91f9fa7dc28dd8dd5f8

www.topronostics.0rg.fr Open in urlscan Pro 5.135.149.81 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Detected technologies

Page Statistics

34 Requests

62 %HTTPS

64 %IPv6

10 Domains

12 Subdomains

11 IPs

3 Countries

602 kBTransfer

937 kBSize

2 Cookies

0 Outgoing links

Redirected requests

34 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 0 data transactions

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

www.topronostics.0rg.fr Open in urlscan Pro
5.135.149.81 Public Scan

Screenshot
Live screenshot

Full Image

34
Requests

62 %
HTTPS

64 %
IPv6

10
Domains

12
Subdomains

11
IPs

3
Countries

602 kB
Transfer

937 kB
Size

2
Cookies

34 HTTP transactions
0 data transactions