URL: http://cash-turf.com/index.php
Submission: On April 12 via manual from FR

Summary

This website contacted 24 IPs in 5 countries across 25 domains to perform 76 HTTP transactions. The main IP is 185.98.131.151, located in France and belongs to RMI-FITECH, FR. The main domain is cash-turf.com.
This is the only time cash-turf.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
20 185.98.131.151 16347 (RMI-FITECH)
8 2a00:1450:400... 15169 (GOOGLE)
3 7 194.150.236.203 44976 (HIWIT_AS)
1 185.98.131.150 16347 (RMI-FITECH)
2 185.98.131.138 16347 (RMI-FITECH)
1 2 62.210.16.62 12876 (Online SAS)
1 212.27.63.110 12322 (PROXAD)
1 2a00:1450:400... 15169 (GOOGLE)
1 178.20.65.241 29608 (WAN2MANY-AS)
1 216.58.212.162 15169 (GOOGLE)
1 2a00:1450:400... 15169 (GOOGLE)
1 2a00:1450:400... 15169 (GOOGLE)
11 2a00:1450:400... 15169 (GOOGLE)
2 2a00:1450:400... 15169 (GOOGLE)
1 2a00:1450:400... 15169 (GOOGLE)
2 2a00:1450:400... 15169 (GOOGLE)
6 2a00:1450:400... 15169 (GOOGLE)
1 2a00:1450:400... 15169 (GOOGLE)
1 2a00:1450:400... 15169 (GOOGLE)
1 2620:116:800d... 16509 (AMAZON-02)
1 1 63.33.127.66 16509 (AMAZON-02)
5 142.250.185.66 15169 (GOOGLE)
2 2 35.186.253.211 15169 (GOOGLE)
1 2 185.64.189.115 62713 (AS-PUBMATIC)
1 1 69.173.144.138 26667 (RUBICONPR...)
2 2 23.218.208.246 16625 (AKAMAI-AS)
1 2a05:d01c:1d8... 16509 (AMAZON-02)
1 1 2a00:1450:400... 15169 (GOOGLE)
76 24
Domain Requested by
17 cash-turf.com cash-turf.com
11 googleads.g.doubleclick.net pagead2.googlesyndication.com
googleads.g.doubleclick.net
7 www.icone-gif.com 3 redirects cash-turf.com
7 pagead2.googlesyndication.com cash-turf.com
pagead2.googlesyndication.com
googleads.g.doubleclick.net
tpc.googlesyndication.com
6 tpc.googlesyndication.com googleads.g.doubleclick.net
pagead2.googlesyndication.com
tpc.googlesyndication.com
5 cm.g.doubleclick.net cash-turf.com
googleads.g.doubleclick.net
2 ssum-sec.casalemedia.com 2 redirects
2 image6.pubmatic.com 1 redirects cash-turf.com
2 rtb.openx.net 2 redirects
2 fonts.googleapis.com googleads.g.doubleclick.net
2 www.googletagservices.com pagead2.googlesyndication.com
googleads.g.doubleclick.net
2 adservice.google.com pagead2.googlesyndication.com
2 adservice.google.de pagead2.googlesyndication.com
2 gif.toutimages.com 1 redirects cash-turf.com
1 www.google.com 1 redirects
1 ag.innovid.com googleads.g.doubleclick.net
1 pixel.rubiconproject.com 1 redirects
1 pixel.everesttech.net 1 redirects
1 cms.quantserve.com googleads.g.doubleclick.net
1 fonts.gstatic.com fonts.googleapis.com
1 lh4.googleusercontent.com googleads.g.doubleclick.net
1 partner.googleadservices.com pagead2.googlesyndication.com
1 www.prono-multi.com cash-turf.com
1 encrypted-tbn0.gstatic.com cash-turf.com
1 clippss.free.fr cash-turf.com
1 lafleurduturf.lynxux.com cash-turf.com
1 paris-media.lynxux.com cash-turf.com
1 hippoturf.cash-turf.com cash-turf.com
1 alphaturf.cash-turf.com cash-turf.com
1 pronotip.legendehippique.com cash-turf.com
1 joturf.cash-turf.com cash-turf.com
0 paris-media.dturfd.com Failed cash-turf.com
0 paris-hippique.fr Failed cash-turf.com
76 33
Subject Issuer Validity Valid
*.g.doubleclick.net
GTS CA 1O1
2021-03-16 -
2021-06-08
3 months crt.sh
icone-gif.com
R3
2021-02-27 -
2021-05-28
3 months crt.sh
toutimages.com
R3
2021-02-10 -
2021-05-11
3 months crt.sh
*.gstatic.com
GTS CA 1O1
2021-03-16 -
2021-06-08
3 months crt.sh
www.prono-multi.com
R3
2021-03-14 -
2021-06-12
3 months crt.sh
*.googleadservices.com
GTS CA 1O1
2021-03-16 -
2021-06-08
3 months crt.sh
*.google.de
GTS CA 1O1
2021-03-16 -
2021-06-08
3 months crt.sh
*.google.com
GTS CA 1O1
2021-03-16 -
2021-06-08
3 months crt.sh
upload.video.google.com
GTS CA 1O1
2021-03-16 -
2021-06-08
3 months crt.sh
tpc.googlesyndication.com
GTS CA 1O1
2021-03-16 -
2021-06-08
3 months crt.sh
*.googleusercontent.com
GTS CA 1O1
2021-03-16 -
2021-06-08
3 months crt.sh
*.quantserve.com
DigiCert SHA2 High Assurance Server CA
2020-10-02 -
2021-10-07
a year crt.sh
*.pubmatic.com
DigiCert Baltimore TLS RSA SHA256 2020 CA1
2020-12-07 -
2021-12-14
a year crt.sh
*.innovid.com
RapidSSL RSA CA 2018
2020-02-07 -
2022-04-07
2 years crt.sh

This page contains 10 frames:

Primary Page: http://cash-turf.com/index.php
Frame ID: BCA5112B81B263FFAFF1861ECE1599CD
Requests: 45 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/html/r20210406/r20190131/zrt_lookup.html
Frame ID: 1641D9FC9858B610A9BD9F0AED50595C
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5952046279847815&output=html&adk=1812271804&adf=3025194257&lmt=1618190015&plat=1%3A32776%2C2%3A32776%2C8%3A134217728%2C9%3A134250504%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32&format=0x0&url=http%3A%2F%2Fcash-turf.com%2Findex.php&ea=0&flash=0&pra=5&wgl=1&dt=1618190015359&bpp=14&bdt=95&idt=89&shv=r20210406&cbv=r20190131&ptt=9&saldr=aa&abxe=1&nras=1&correlator=1618453429991&frm=20&pv=2&ga_vid=1843500999.1618190015&ga_sid=1618190015&ga_hid=1913691941&ga_fc=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44735931%2C44740079%2C31060566%2C44739387%2C21066612&oid=3&pvsid=1205631365048499&eae=6&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=0&bc=23&ifi=1&uci=a!1&fsb=1&dtd=108
Frame ID: 2FB3FEF07FE11B99E668365CF0118334
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5952046279847815&output=html&h=90&slotname=4266416830&adk=2499527831&adf=1645111721&pi=t.ma~as.4266416830&w=728&lmt=1618190015&psa=0&format=728x90&url=http%3A%2F%2Fcash-turf.com%2Findex.php&ea=0&flash=0&wgl=1&dt=1618190015373&bpp=4&bdt=108&idt=108&shv=r20210406&cbv=r20190131&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=1&correlator=1618453429991&frm=20&pv=1&ga_vid=1843500999.1618190015&ga_sid=1618190015&ga_hid=1913691941&ga_fc=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=301&ady=798&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44735931%2C44740079%2C31060566%2C44739387%2C21066612&oid=3&pvsid=1205631365048499&eae=4&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=0&bc=23&ifi=2&uci=a!2&fsb=1&dtd=116
Frame ID: 8235B907088DC328B2B932BA69EA268A
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5952046279847815&output=html&h=60&slotname=0025954709&adk=736465367&adf=2596562503&pi=t.ma~as.0025954709&w=468&lmt=1618190015&psa=0&format=468x60&url=http%3A%2F%2Fcash-turf.com%2Findex.php&ea=0&flash=0&wgl=1&dt=1618190015377&bpp=1&bdt=112&idt=121&shv=r20210406&cbv=r20190131&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C728x90&nras=1&correlator=1618453429991&frm=20&pv=1&ga_vid=1843500999.1618190015&ga_sid=1618190015&ga_hid=1913691941&ga_fc=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=320&ady=2816&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44735931%2C44740079%2C31060566%2C44739387%2C21066612&oid=3&pvsid=1205631365048499&eae=4&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeEbr%7C&abl=CS&pfx=0&fu=0&bc=23&ifi=3&uci=a!3&btvi=1&fsb=1&dtd=124
Frame ID: BBE60356709A95774F924C00220C813F
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5952046279847815&output=html&h=134&adk=1345229423&adf=2741790649&pi=t.aa~a.229069798~rp.4&w=690&lmt=1618190015&nsk=adf09be1&rafmt=11&pwprc=1133335281&psa=0&ad_type=text_image&format=690x134&url=http%3A%2F%2Fcash-turf.com%2Findex.php&ea=0&flash=0&pra=3&wgl=1&fa=26&dt=1618190015602&bpp=1&bdt=337&idt=-M&shv=r20210406&cbv=r20190131&ptt=9&saldr=aa&abxe=1&cookie=ID%3D17add5fe4d11647a-22a6a1d57da7000f%3AT%3D1618190015%3ART%3D1618190015%3AS%3DALNI_MZy6_qpjDq87lfh8Z4TwLlnNwaepw&prev_fmts=0x0%2C728x90%2C468x60&nras=2&correlator=1618453429991&frm=20&pv=1&ga_vid=1843500999.1618190015&ga_sid=1618190015&ga_hid=1913691941&ga_fc=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=320&ady=1320&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44735931%2C44740079%2C31060566%2C44739387%2C21066612&oid=3&pvsid=1205631365048499&eae=4&fc=1792&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=23&ifi=4&uci=a!4&btvi=2&fsb=1&dtd=17
Frame ID: 0B2C6417035AE90C1283625108FFB637
Requests: 13 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5952046279847815&output=html&h=134&adk=1345229423&adf=3799280117&pi=t.aa~a.229078540~rp.4&w=690&lmt=1618190015&nsk=1625d686&rafmt=11&pwprc=1133335281&psa=0&ad_type=text_image&format=690x134&url=http%3A%2F%2Fcash-turf.com%2Findex.php&ea=0&flash=0&pra=3&wgl=1&fa=26&dt=1618190015602&bpp=1&bdt=338&idt=1&shv=r20210406&cbv=r20190131&ptt=9&saldr=aa&abxe=1&cookie=ID%3D17add5fe4d11647a-22a6a1d57da7000f%3AT%3D1618190015%3ART%3D1618190015%3AS%3DALNI_MZy6_qpjDq87lfh8Z4TwLlnNwaepw&prev_fmts=0x0%2C728x90%2C468x60%2C690x134&nras=3&correlator=1618453429991&frm=20&pv=1&ga_vid=1843500999.1618190015&ga_sid=1618190015&ga_hid=1913691941&ga_fc=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=320&ady=1862&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44735931%2C44740079%2C31060566%2C44739387%2C21066612&oid=3&pvsid=1205631365048499&eae=4&fc=1792&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=23&ifi=5&uci=a!5&btvi=3&fsb=1&dtd=21
Frame ID: 8A4D5F73EF8946AA8FA7793980F1C931
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/drt/si
Frame ID: F47788205B1CFBC0CE9BB517CA7008AA
Requests: 2 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html
Frame ID: 63AE91325416A3C5A102B1B9044CBA6D
Requests: 9 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/222/runner.html
Frame ID: 6595B3B9EBF6412DA29BA0266C3FA3AE
Requests: 2 HTTP requests in this frame

Screenshot


Detected technologies

Overall confidence: 100%
Detected patterns
  • url /\.php(?:$|\?)/i

Overall confidence: 100%
Detected patterns
  • headers server /nginx(?:\/([\d.]+))?/i

Page Statistics

76
Requests

64 %
HTTPS

50 %
IPv6

25
Domains

33
Subdomains

24
IPs

5
Countries

1869 kB
Transfer

2474 kB
Size

2
Cookies

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 6
  • http://www.icone-gif.com/gif/animaux/chevaux/chevaux-gif-020.gif HTTP 301
  • https://www.icone-gif.com/gif/animaux/chevaux/chevaux-gif-020.gif
Request Chain 7
  • http://www.icone-gif.com/gif/animaux/chevaux/cheval053.gif HTTP 301
  • https://www.icone-gif.com/gif/animaux/chevaux/cheval053.gif
Request Chain 13
  • http://www.icone-gif.com/gif/webmaster/email-planetes/email_planetes002.gif HTTP 301
  • https://www.icone-gif.com/gif/webmaster/email-planetes/email_planetes002.gif
Request Chain 15
  • http://gif.toutimages.com/images/ani_ferme/chevaux/cheval_074.gif HTTP 301
  • https://gif.toutimages.com/images/ani_ferme/chevaux/cheval_074.gif
Request Chain 62
  • https://pixel.everesttech.net/1/m?url=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Deverest%26google_hm%3D__EFGSURFER_USB64__%26google_push%3DAQvitUJt88W7PigYFeaowTvHxROSZnGeHfr5RYXGvTGGWyiVrxwfqOAJdnXbzox8c-ccYolIUBU2-witSX9DYsGCjK5W7dhlbfuS&google_gid=CAESEMEJP63CklQQZgkkyzKzIOg&google_cver=1 HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=everest&google_hm=WUhPZXZ3QUFCQ0dAbWxoMA&google_push=AQvitUJt88W7PigYFeaowTvHxROSZnGeHfr5RYXGvTGGWyiVrxwfqOAJdnXbzox8c-ccYolIUBU2-witSX9DYsGCjK5W7dhlbfuS
Request Chain 63
  • https://rtb.openx.net/sync/dds?google_gid=CAESEBLuZvKw5pGuw5sWvymcD0A&google_cver=1&google_push=AQvitUJ4EqwFppq44XRsY1qWkTX02YWLPHCln_boa86VnTdYE6IueK9Rh0NyAaWtCiFddunfnDEnQ9fuAcCuPVxcwrdYEJTsspM HTTP 302
  • https://rtb.openx.net/sync/dds?google_gid=CAESEBLuZvKw5pGuw5sWvymcD0A&google_cver=1&google_push=AQvitUJ4EqwFppq44XRsY1qWkTX02YWLPHCln_boa86VnTdYE6IueK9Rh0NyAaWtCiFddunfnDEnQ9fuAcCuPVxcwrdYEJTsspM&ox_sc=1 HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=open&google_push=AQvitUJ4EqwFppq44XRsY1qWkTX02YWLPHCln_boa86VnTdYE6IueK9Rh0NyAaWtCiFddunfnDEnQ9fuAcCuPVxcwrdYEJTsspM
Request Chain 64
  • https://image6.pubmatic.com/AdServer/UCookieSetPug?oid=1&rd=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dpmeb%26google_sc%3D1%26google_hm%3D%23%23B64_16B_PM_UID%26google_redir%3Dhttps%25253A%25252F%25252Fimage8.pubmatic.com%25252FAdServer%25252FImgSync%25253Fsec%25253D1%252526p%25253D156578%252526mpc%25253D4%252526fp%25253D1%252526pu%25253Dhttps%2525253A%2525252F%2525252Fimage4.pubmatic.com%2525252FAdServer%2525252FSPug%2525253Fp%2525253D156578%25252526sc%2525253D1&google_gid=CAESEM3YJ_YUiBHs34H0X7Rv64E&google_cver=1&google_push=AQvitUJ-gINwXW7j1Fkd8tpA-9TU_0xpJ99o0e5Huf0oWFzHlLwdfCuuma2DyMVXns2ZobAgzC1m9i0aZEgDQY_H8cBNhMCT_yY HTTP 302
  • https://image6.pubmatic.com/AdServer/UCookieSetPug?oid=1&rd=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dpmeb%26google_sc%3D1%26google_hm%3D%23%23B64_16B_PM_UID%26google_redir%3Dhttps%25253A%25252F%25252Fimage8.pubmatic.com%25252FAdServer%25252FImgSync%25253Fsec%25253D1%252526p%25253D156578%252526mpc%25253D4%252526fp%25253D1%252526pu%25253Dhttps%2525253A%2525252F%2525252Fimage4.pubmatic.com%2525252FAdServer%2525252FSPug%2525253Fp%2525253D156578%25252526sc%2525253D1&google_gid=CAESEM3YJ_YUiBHs34H0X7Rv64E&google_cver=1&google_push=AQvitUJ-gINwXW7j1Fkd8tpA-9TU_0xpJ99o0e5Huf0oWFzHlLwdfCuuma2DyMVXns2ZobAgzC1m9i0aZEgDQY_H8cBNhMCT_yY&rdf=1
Request Chain 65
  • https://pixel.rubiconproject.com/exchange/sync.php?p=dfp&google_gid=CAESEMEzRMWpWSzzh9rSWnJ_FM8&google_cver=1&google_push=AQvitULXQl6EK7ghprRIPQwWUJvhWpDRazxtDyn0OzvQw31AhcTMPjx7DtQxwttyXoWYB7JeQF3e3d1aVDvQqTpMLwLEu3AsqSiC HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=S05EV0paQ0MtMTEtQ0hFSA==&google_push=AQvitULXQl6EK7ghprRIPQwWUJvhWpDRazxtDyn0OzvQw31AhcTMPjx7DtQxwttyXoWYB7JeQF3e3d1aVDvQqTpMLwLEu3AsqSiC
Request Chain 66
  • https://ssum-sec.casalemedia.com/usermatchredir?s=184023&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dindex%26google_hm%3D&google_gid=CAESEFLd1CtvowDfr8LdawAY22g&google_cver=1&google_push=AQvitUJJE9s1BN8Ggl9DzbOAOf5E8Jnebw6IfqB8zLGqyXVVnP0LyDGSP0LFgB7nuX1Ou4n8SDDOcVkccpkm9LNIljGO6XR41ZzR HTTP 302
  • https://ssum-sec.casalemedia.com/usermatchredir?cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dindex%26google_hm%3D&google_cver=1&google_gid=CAESEFLd1CtvowDfr8LdawAY22g&google_push=AQvitUJJE9s1BN8Ggl9DzbOAOf5E8Jnebw6IfqB8zLGqyXVVnP0LyDGSP0LFgB7nuX1Ou4n8SDDOcVkccpkm9LNIljGO6XR41ZzR&s=184023&C=1 HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YHOev2B61c0JE8t9Xm7zTQAABK0AAAIB&google_gid=CAESEFLd1CtvowDfr8LdawAY22g&google_push=AQvitUJJE9s1BN8Ggl9DzbOAOf5E8Jnebw6IfqB8zLGqyXVVnP0LyDGSP0LFgB7nuX1Ou4n8SDDOcVkccpkm9LNIljGO6XR41ZzR&google_cver=1
Request Chain 69
  • https://www.google.com/pagead/drt/ui HTTP 302
  • https://googleads.g.doubleclick.net/pagead/drt/si

76 HTTP transactions

Resource
Path
Size
x-fer
Type
MIME-Type
Primary Request index.php
cash-turf.com/
18 KB
5 KB
Document
General
Full URL
http://cash-turf.com/index.php
Protocol
HTTP/1.1
Server
185.98.131.151 , France, ASN16347 (RMI-FITECH, FR),
Reverse DNS
Software
nginx / PHP/7.1.33
Resource Hash
fbb660c37ceb1738feed748f1e07ce5bbaffa192d8350063ba2f523d0b527631

Request headers

Host
cash-turf.com
Connection
keep-alive
Pragma
no-cache
Cache-Control
no-cache
Upgrade-Insecure-Requests
1
User-Agent
Mozilla / 5.0 (Windows NT 10.0; Win64; x64) AppleWebKit / 537.36 (KHTML, comme Gecko) Chrome / 89.0.4389.72 Safari / 537.36
Accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Accept-Encoding
gzip, deflate
Accept-Language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla / 5.0 (Windows NT 10.0; Win64; x64) AppleWebKit / 537.36 (KHTML, comme Gecko) Chrome / 89.0.4389.72 Safari / 537.36

Response headers

Server
nginx
Date
Mon, 12 Apr 2021 01:13:35 GMT
Content-Type
text/html; charset=UTF-8
Content-Length
4478
Connection
keep-alive
X-Powered-By
PHP/7.1.33
Vary
Host,Accept-Encoding
Content-Encoding
gzip
Access-Control-Allow-Origin
*
css.css
cash-turf.com/css/
6 KB
2 KB
Stylesheet
General
Full URL
http://cash-turf.com/css/css.css
Requested by
Host: cash-turf.com
URL: http://cash-turf.com/index.php
Protocol
HTTP/1.1
Server
185.98.131.151 , France, ASN16347 (RMI-FITECH, FR),
Reverse DNS
Software
nginx /
Resource Hash
fd6f5ab9c160e4ba72887ccf510cfa88d0cf0f60aa2b8b0dce46aae8a63b00e2

Request headers

Referer
http://cash-turf.com/index.php
User-Agent
Mozilla / 5.0 (Windows NT 10.0; Win64; x64) AppleWebKit / 537.36 (KHTML, comme Gecko) Chrome / 89.0.4389.72 Safari / 537.36

Response headers

Date
Mon, 12 Apr 2021 01:13:35 GMT
Content-Encoding
gzip
Last-Modified
Sat, 30 Dec 2017 13:04:22 GMT
Server
nginx
ETag
"1611-5618e63485fc4-gzip"
Vary
Host,Accept-Encoding
Content-Type
text/css
Access-Control-Allow-Origin
*
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
1448
adsbygoogle.js
pagead2.googlesyndication.com/pagead/js/
135 KB
48 KB
Script
General
Full URL
https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js
Requested by
Host: cash-turf.com
URL: http://cash-turf.com/index.php
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
fb11db612c490208456e9fd348d705a294caa23a5008da5c781ccff62b0a98b3
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
http://cash-turf.com/
User-Agent
Mozilla / 5.0 (Windows NT 10.0; Win64; x64) AppleWebKit / 537.36 (KHTML, comme Gecko) Chrome / 89.0.4389.72 Safari / 537.36

Response headers

date
Mon, 12 Apr 2021 01:13:35 GMT
content-encoding
gzip
x-content-type-options
nosniff
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
48426
x-xss-protection
0
server
cafe
etag
17970182387142195625
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
private, max-age=3600
timing-allow-origin
*
expires
Mon, 12 Apr 2021 01:13:35 GMT
logo.png
cash-turf.com/img/
24 KB
24 KB
Image
General
Full URL
http://cash-turf.com/img/logo.png
Requested by
Host: cash-turf.com
URL: http://cash-turf.com/index.php
Protocol
HTTP/1.1
Server
185.98.131.151 , France, ASN16347 (RMI-FITECH, FR),
Reverse DNS
Software
nginx /
Resource Hash
deba6eee76043f3f0a8949fd96e52b751248e6dad7c033c355962d4d7d886bf2

Request headers

Referer
http://cash-turf.com/index.php
User-Agent
Mozilla / 5.0 (Windows NT 10.0; Win64; x64) AppleWebKit / 537.36 (KHTML, comme Gecko) Chrome / 89.0.4389.72 Safari / 537.36

Response headers

Date
Mon, 12 Apr 2021 01:13:35 GMT
Last-Modified
Thu, 21 Dec 2017 12:35:28 GMT
Server
nginx
ETag
"5f74-560d8ef60cb23"
Vary
Host
Content-Type
image/png
Access-Control-Allow-Origin
*
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
24436
pon2.png
cash-turf.com/img/
458 B
738 B
Image
General
Full URL
http://cash-turf.com/img/pon2.png
Requested by
Host: cash-turf.com
URL: http://cash-turf.com/index.php
Protocol
HTTP/1.1
Server
185.98.131.151 , France, ASN16347 (RMI-FITECH, FR),
Reverse DNS
Software
nginx /
Resource Hash
65b60f6faeaec07af187d9bf2134a56ea387e19efc7c86e45c8602888fe53a5a

Request headers

Referer
http://cash-turf.com/index.php
User-Agent
Mozilla / 5.0 (Windows NT 10.0; Win64; x64) AppleWebKit / 537.36 (KHTML, comme Gecko) Chrome / 89.0.4389.72 Safari / 537.36

Response headers

Date
Mon, 12 Apr 2021 01:13:35 GMT
Last-Modified
Thu, 21 Dec 2017 12:35:18 GMT
Server
nginx
ETag
"1ca-560d8eec7a7de"
Vary
Host
Content-Type
image/png
Access-Control-Allow-Origin
*
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
458
pon.png
cash-turf.com/img/
599 B
879 B
Image
General
Full URL
http://cash-turf.com/img/pon.png
Requested by
Host: cash-turf.com
URL: http://cash-turf.com/index.php
Protocol
HTTP/1.1
Server
185.98.131.151 , France, ASN16347 (RMI-FITECH, FR),
Reverse DNS
Software
nginx /
Resource Hash
7ac9f2a08a65ed835018e5ba3723b2a992219bad353526c94b334f295ba14da9

Request headers

Referer
http://cash-turf.com/index.php
User-Agent
Mozilla / 5.0 (Windows NT 10.0; Win64; x64) AppleWebKit / 537.36 (KHTML, comme Gecko) Chrome / 89.0.4389.72 Safari / 537.36

Response headers

Date
Mon, 12 Apr 2021 01:13:35 GMT
Last-Modified
Thu, 21 Dec 2017 12:35:18 GMT
Server
nginx
ETag
"257-560d8eebeed7c"
Vary
Host
Content-Type
image/png
Access-Control-Allow-Origin
*
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
599
adsbygoogle.js
pagead2.googlesyndication.com/pagead/js/
135 KB
48 KB
Script
General
Full URL
http://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js
Requested by
Host: cash-turf.com
URL: http://cash-turf.com/index.php
Protocol
HTTP/1.1
Server
2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
fb11db612c490208456e9fd348d705a294caa23a5008da5c781ccff62b0a98b3
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
http://cash-turf.com/
User-Agent
Mozilla / 5.0 (Windows NT 10.0; Win64; x64) AppleWebKit / 537.36 (KHTML, comme Gecko) Chrome / 89.0.4389.72 Safari / 537.36

Response headers

Timing-Allow-Origin
*
Date
Mon, 12 Apr 2021 01:13:35 GMT
Content-Encoding
gzip
X-Content-Type-Options
nosniff
Server
cafe
ETag
17970182387142195625
Vary
Accept-Encoding, Origin
P3P
policyref="http://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
Cache-Control
private, max-age=3600
Cross-Origin-Resource-Policy
cross-origin
Content-Disposition
attachment; filename="f.txt"
Content-Type
text/javascript; charset=UTF-8
Content-Length
48426
X-XSS-Protection
0
Expires
Mon, 12 Apr 2021 01:13:35 GMT
chevaux-gif-020.gif
www.icone-gif.com/gif/animaux/chevaux/
Redirect Chain
  • http://www.icone-gif.com/gif/animaux/chevaux/chevaux-gif-020.gif
  • https://www.icone-gif.com/gif/animaux/chevaux/chevaux-gif-020.gif
11 KB
10 KB
Image
General
Full URL
https://www.icone-gif.com/gif/animaux/chevaux/chevaux-gif-020.gif
Requested by
Host: cash-turf.com
URL: http://cash-turf.com/index.php
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
194.150.236.203 , France, ASN44976 (HIWIT_AS, FR),
Reverse DNS
ns43.hiwit.net
Software
Apache /
Resource Hash
07b4550b62e11753f53e1337fddb3dedaa0c1109410a2b787dc1dbbf59fd4061
Security Headers
Name Value
Strict-Transport-Security max-age=15768000

Request headers

Referer
http://cash-turf.com/
User-Agent
Mozilla / 5.0 (Windows NT 10.0; Win64; x64) AppleWebKit / 537.36 (KHTML, comme Gecko) Chrome / 89.0.4389.72 Safari / 537.36

Response headers

Date
Mon, 12 Apr 2021 01:13:35 GMT
Content-Encoding
gzip
Last-Modified
Tue, 25 Nov 2003 01:22:59 GMT
Server
Apache
ETag
"102b5c-2a26-3cce8620362c0"
Vary
Accept-Encoding
Strict-Transport-Security
max-age=15768000
Content-Type
image/gif
Connection
Keep-Alive
Accept-Ranges
bytes
Keep-Alive
timeout=15, max=99
Content-Length
10348

Redirect headers

Date
Mon, 12 Apr 2021 01:13:35 GMT
Content-Encoding
gzip
Server
Apache
Vary
Accept-Encoding
Content-Type
text/html; charset=iso-8859-1
Location
https://www.icone-gif.com/gif/animaux/chevaux/chevaux-gif-020.gif
Connection
Keep-Alive
Keep-Alive
timeout=15, max=100
Content-Length
218
cheval053.gif
www.icone-gif.com/gif/animaux/chevaux/
Redirect Chain
  • http://www.icone-gif.com/gif/animaux/chevaux/cheval053.gif
  • https://www.icone-gif.com/gif/animaux/chevaux/cheval053.gif
12 KB
12 KB
Image
General
Full URL
https://www.icone-gif.com/gif/animaux/chevaux/cheval053.gif
Requested by
Host: cash-turf.com
URL: http://cash-turf.com/index.php
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
194.150.236.203 , France, ASN44976 (HIWIT_AS, FR),
Reverse DNS
ns43.hiwit.net
Software
Apache /
Resource Hash
df3ed75c538b78a3fa132f87d28bb41a60700609184b358c54190a811af29e37
Security Headers
Name Value
Strict-Transport-Security max-age=15768000

Request headers

Referer
http://cash-turf.com/
User-Agent
Mozilla / 5.0 (Windows NT 10.0; Win64; x64) AppleWebKit / 537.36 (KHTML, comme Gecko) Chrome / 89.0.4389.72 Safari / 537.36

Response headers

Date
Mon, 12 Apr 2021 01:13:35 GMT
Content-Encoding
gzip
Last-Modified
Thu, 08 Dec 2005 14:02:17 GMT
Server
Apache
ETag
"102b2c-3126-40769b76a4c40"
Vary
Accept-Encoding
Strict-Transport-Security
max-age=15768000
Content-Type
image/gif
Connection
Keep-Alive
Accept-Ranges
bytes
Keep-Alive
timeout=15, max=100
Content-Length
12403

Redirect headers

Date
Mon, 12 Apr 2021 01:13:35 GMT
Content-Encoding
gzip
Server
Apache
Vary
Accept-Encoding
Content-Type
text/html; charset=iso-8859-1
Location
https://www.icone-gif.com/gif/animaux/chevaux/cheval053.gif
Connection
Keep-Alive
Keep-Alive
timeout=15, max=100
Content-Length
217
joturf.gif
joturf.cash-turf.com/
48 KB
49 KB
Image
General
Full URL
http://joturf.cash-turf.com/joturf.gif
Requested by
Host: cash-turf.com
URL: http://cash-turf.com/index.php
Protocol
HTTP/1.1
Server
185.98.131.151 , France, ASN16347 (RMI-FITECH, FR),
Reverse DNS
Software
nginx /
Resource Hash
0c2b8deb48608ab564d3745730214e24e960bf99687ef434a9ff617dae4b640a

Request headers

Referer
http://cash-turf.com/
User-Agent
Mozilla / 5.0 (Windows NT 10.0; Win64; x64) AppleWebKit / 537.36 (KHTML, comme Gecko) Chrome / 89.0.4389.72 Safari / 537.36

Response headers

Date
Mon, 12 Apr 2021 01:13:35 GMT
Last-Modified
Fri, 29 Dec 2017 15:17:59 GMT
Server
nginx
ETag
"c11a-5617c2343befe"
Vary
Host
Content-Type
image/gif
Access-Control-Allow-Origin
*
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
49434
logo.gif
pronotip.legendehippique.com/
84 KB
85 KB
Image
General
Full URL
http://pronotip.legendehippique.com/logo.gif
Requested by
Host: cash-turf.com
URL: http://cash-turf.com/index.php
Protocol
HTTP/1.1
Server
185.98.131.150 , France, ASN16347 (RMI-FITECH, FR),
Reverse DNS
Software
nginx /
Resource Hash
dc06752c513eadd87eda989ac9a02b2beafd4750446dae94a15d126c47004e42

Request headers

Referer
http://cash-turf.com/
User-Agent
Mozilla / 5.0 (Windows NT 10.0; Win64; x64) AppleWebKit / 537.36 (KHTML, comme Gecko) Chrome / 89.0.4389.72 Safari / 537.36

Response headers

Date
Mon, 12 Apr 2021 01:13:35 GMT
Last-Modified
Fri, 24 Nov 2017 16:07:31 GMT
Server
nginx
ETag
"15124-55ebcbfff0e3b"
Vary
Host
Content-Type
image/gif
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
86308
alphaturf.gif
alphaturf.cash-turf.com/
24 KB
24 KB
Image
General
Full URL
http://alphaturf.cash-turf.com/alphaturf.gif
Requested by
Host: cash-turf.com
URL: http://cash-turf.com/index.php
Protocol
HTTP/1.1
Server
185.98.131.151 , France, ASN16347 (RMI-FITECH, FR),
Reverse DNS
Software
nginx /
Resource Hash
cc5ea9180f4560cff5d241f00d892a346d4cbe5ceb5d34497f08bd0343f6d858

Request headers

Referer
http://cash-turf.com/
User-Agent
Mozilla / 5.0 (Windows NT 10.0; Win64; x64) AppleWebKit / 537.36 (KHTML, comme Gecko) Chrome / 89.0.4389.72 Safari / 537.36

Response headers

Date
Mon, 12 Apr 2021 01:13:35 GMT
Last-Modified
Tue, 02 Jan 2018 10:44:50 GMT
Server
nginx
ETag
"5ecf-561c8c9cc1714"
Vary
Host
Content-Type
image/gif
Access-Control-Allow-Origin
*
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
24271
hippoturf.gif
hippoturf.cash-turf.com/
36 KB
37 KB
Image
General
Full URL
http://hippoturf.cash-turf.com/hippoturf.gif
Requested by
Host: cash-turf.com
URL: http://cash-turf.com/index.php
Protocol
HTTP/1.1
Server
185.98.131.151 , France, ASN16347 (RMI-FITECH, FR),
Reverse DNS
Software
nginx /
Resource Hash
b4c49f695c5f31177b6a859137bc08aef1dbb72b6df47592d6de1087c033a439

Request headers

Referer
http://cash-turf.com/
User-Agent
Mozilla / 5.0 (Windows NT 10.0; Win64; x64) AppleWebKit / 537.36 (KHTML, comme Gecko) Chrome / 89.0.4389.72 Safari / 537.36

Response headers

Date
Mon, 12 Apr 2021 01:13:35 GMT
Last-Modified
Thu, 04 Jan 2018 08:28:03 GMT
Server
nginx
ETag
"91d4-561ef1c521fef"
Vary
Host
Content-Type
image/gif
Access-Control-Allow-Origin
*
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
37332
logo1.gif
paris-media.lynxux.com/
58 KB
59 KB
Image
General
Full URL
http://paris-media.lynxux.com/logo1.gif
Requested by
Host: cash-turf.com
URL: http://cash-turf.com/index.php
Protocol
HTTP/1.1
Server
185.98.131.138 , France, ASN16347 (RMI-FITECH, FR),
Reverse DNS
Software
nginx /
Resource Hash
312118b040f5507c025a081de4ebdc40c42be2addc08c8e93dd75cb25469ee28

Request headers

Referer
http://cash-turf.com/
User-Agent
Mozilla / 5.0 (Windows NT 10.0; Win64; x64) AppleWebKit / 537.36 (KHTML, comme Gecko) Chrome / 89.0.4389.72 Safari / 537.36

Response headers

Date
Mon, 12 Apr 2021 01:13:35 GMT
Last-Modified
Wed, 29 Jan 2020 16:14:08 GMT
Server
nginx
ETag
"e9e0-59d49a15418fb"
Vary
Host
Content-Type
image/gif
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
59872
email_planetes002.gif
www.icone-gif.com/gif/webmaster/email-planetes/
Redirect Chain
  • http://www.icone-gif.com/gif/webmaster/email-planetes/email_planetes002.gif
  • https://www.icone-gif.com/gif/webmaster/email-planetes/email_planetes002.gif
37 KB
36 KB
Image
General
Full URL
https://www.icone-gif.com/gif/webmaster/email-planetes/email_planetes002.gif
Requested by
Host: cash-turf.com
URL: http://cash-turf.com/index.php
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
194.150.236.203 , France, ASN44976 (HIWIT_AS, FR),
Reverse DNS
ns43.hiwit.net
Software
Apache /
Resource Hash
6ebc2a3ed60b866e1f1f9be7ead6ae78fa8bcbe175dcdc6b356e7c4df4637b9a
Security Headers
Name Value
Strict-Transport-Security max-age=15768000

Request headers

Referer
http://cash-turf.com/
User-Agent
Mozilla / 5.0 (Windows NT 10.0; Win64; x64) AppleWebKit / 537.36 (KHTML, comme Gecko) Chrome / 89.0.4389.72 Safari / 537.36

Response headers

Date
Mon, 12 Apr 2021 01:13:35 GMT
Content-Encoding
gzip
Last-Modified
Sun, 05 Feb 2006 15:42:39 GMT
Server
Apache
ETag
"303e9f-9222-40c0dfefdd9c0"
Vary
Accept-Encoding
Strict-Transport-Security
max-age=15768000
Content-Type
image/gif
Connection
Keep-Alive
Accept-Ranges
bytes
Keep-Alive
timeout=15, max=100
Content-Length
36655

Redirect headers

Date
Mon, 12 Apr 2021 01:13:35 GMT
Content-Encoding
gzip
Server
Apache
Vary
Accept-Encoding
Content-Type
text/html; charset=iso-8859-1
Location
https://www.icone-gif.com/gif/webmaster/email-planetes/email_planetes002.gif
Connection
Keep-Alive
Keep-Alive
timeout=15, max=100
Content-Length
226
logo1.gif
lafleurduturf.lynxux.com/
93 KB
94 KB
Image
General
Full URL
http://lafleurduturf.lynxux.com/logo1.gif
Requested by
Host: cash-turf.com
URL: http://cash-turf.com/index.php
Protocol
HTTP/1.1
Server
185.98.131.138 , France, ASN16347 (RMI-FITECH, FR),
Reverse DNS
Software
nginx /
Resource Hash
47ca3399a0374e0000dc8faa6061fc9e1a12dec801feb98866b74f8204cc7478

Request headers

Referer
http://cash-turf.com/
User-Agent
Mozilla / 5.0 (Windows NT 10.0; Win64; x64) AppleWebKit / 537.36 (KHTML, comme Gecko) Chrome / 89.0.4389.72 Safari / 537.36

Response headers

Date
Mon, 12 Apr 2021 01:13:35 GMT
Last-Modified
Wed, 29 Jan 2020 15:39:57 GMT
Server
nginx
ETag
"175e2-59d4927152cf1"
Vary
Host
Content-Type
image/gif
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
95714
cheval_074.gif
gif.toutimages.com/images/ani_ferme/chevaux/
Redirect Chain
  • http://gif.toutimages.com/images/ani_ferme/chevaux/cheval_074.gif
  • https://gif.toutimages.com/images/ani_ferme/chevaux/cheval_074.gif
10 KB
10 KB
Image
General
Full URL
https://gif.toutimages.com/images/ani_ferme/chevaux/cheval_074.gif
Requested by
Host: cash-turf.com
URL: http://cash-turf.com/index.php
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
62.210.16.62 , France, ASN12876 (Online SAS, FR),
Reverse DNS
pf-lb-2.online.net
Software
nginx /
Resource Hash
2697fc2d90a0beffad557c8abbef728bfbedc419565ea2f11b6a4a2d85d23b55

Request headers

Referer
http://cash-turf.com/
User-Agent
Mozilla / 5.0 (Windows NT 10.0; Win64; x64) AppleWebKit / 537.36 (KHTML, comme Gecko) Chrome / 89.0.4389.72 Safari / 537.36

Response headers

Date
Mon, 12 Apr 2021 01:13:35 GMT
Last-Modified
Mon, 04 Aug 2014 11:04:34 GMT
server
nginx
ETag
"2835-4ffcbb43a3480"
Content-Type
image/gif
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
10293

Redirect headers

Location
https://gif.toutimages.com/images/ani_ferme/chevaux/cheval_074.gif
Date
Mon, 12 Apr 2021 01:13:35 GMT
Server
nginx
Connection
keep-alive
Content-Length
358
Content-Type
text/html; charset=iso-8859-1
2%20(18).gif
clippss.free.fr/cheval/
18 KB
18 KB
Image
General
Full URL
http://clippss.free.fr/cheval/2%20(18).gif
Requested by
Host: cash-turf.com
URL: http://cash-turf.com/index.php
Protocol
HTTP/1.1
Server
212.27.63.110 Bois-Colombes, France, ASN12322 (PROXAD, FR),
Reverse DNS
perso110-g5.free.fr
Software
Apache/ProXad [Jan 23 2019 20:05:46] /
Resource Hash
3ea30e9f88ab936b453c70c14067cb8c7288ae6fa8d64f03d47940f647627587

Request headers

Referer
http://cash-turf.com/
User-Agent
Mozilla / 5.0 (Windows NT 10.0; Win64; x64) AppleWebKit / 537.36 (KHTML, comme Gecko) Chrome / 89.0.4389.72 Safari / 537.36

Response headers

Date
Mon, 12 Apr 2021 01:13:37 GMT
Last-Modified
Tue, 04 Jul 2017 20:58:02 GMT
Server
Apache/ProXad [Jan 23 2019 20:05:46]
ETag
"6272ef1-46cf-595c015a"
Content-Type
image/gif
Connection
close
Accept-Ranges
bytes
Content-Length
18127
images
encrypted-tbn0.gstatic.com/
10 KB
10 KB
Image
General
Full URL
https://encrypted-tbn0.gstatic.com/images?q=tbn:ANd9GcRitBL2b-URTyvffpazG-yaFBbjk9GYQhV_ddqV1drByQNPmwLd
Requested by
Host: cash-turf.com
URL: http://cash-turf.com/index.php
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82b::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
6f9cb22213a67a303f4c5d62205883141d914502e64bc14ede0548dc36abde56
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
http://cash-turf.com/
User-Agent
Mozilla / 5.0 (Windows NT 10.0; Win64; x64) AppleWebKit / 537.36 (KHTML, comme Gecko) Chrome / 89.0.4389.72 Safari / 537.36

Response headers

date
Mon, 12 Apr 2021 01:13:35 GMT
x-content-type-options
nosniff
last-modified
Thu, 22 Jun 2017 09:19:00 GMT
server
sffe
content-type
image/jpeg
access-control-allow-origin
*
cache-control
public, max-age=31536000
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
10070
x-xss-protection
0
expires
Tue, 12 Apr 2022 01:13:35 GMT
cheval062.gif
www.icone-gif.com/gif/animaux/chevaux/
10 KB
9 KB
Image
General
Full URL
https://www.icone-gif.com/gif/animaux/chevaux/cheval062.gif
Requested by
Host: cash-turf.com
URL: http://cash-turf.com/index.php
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
194.150.236.203 , France, ASN44976 (HIWIT_AS, FR),
Reverse DNS
ns43.hiwit.net
Software
Apache /
Resource Hash
89e589ba16700f2d177267d1bc77d1a5ee163b6a7accf3f98b91f9431ddb24be
Security Headers
Name Value
Strict-Transport-Security max-age=15768000

Request headers

Referer
http://cash-turf.com/
User-Agent
Mozilla / 5.0 (Windows NT 10.0; Win64; x64) AppleWebKit / 537.36 (KHTML, comme Gecko) Chrome / 89.0.4389.72 Safari / 537.36

Response headers

Date
Mon, 12 Apr 2021 01:13:35 GMT
Content-Encoding
gzip
Last-Modified
Thu, 08 Dec 2005 14:02:22 GMT
Server
Apache
ETag
"102b35-26f4-40769b7b69780"
Vary
Accept-Encoding
Strict-Transport-Security
max-age=15768000
Content-Type
image/gif
Connection
Keep-Alive
Accept-Ranges
bytes
Keep-Alive
timeout=15, max=100
Content-Length
9344
banniere_boturfers_250x250.gif
www.prono-multi.com//themes/prono_multi/img/
42 KB
43 KB
Image
General
Full URL
https://www.prono-multi.com//themes/prono_multi/img/banniere_boturfers_250x250.gif
Requested by
Host: cash-turf.com
URL: http://cash-turf.com/index.php
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
178.20.65.241 Montpellier, France, ASN29608 (WAN2MANY-AS, FR),
Reverse DNS
i3a-ha-7.ovea.com
Software
nginx/1.14.2 /
Resource Hash
54464c5ad5e7ec0da5c8cb07df56974e6453c0c4dfdd814676a16c2970d0b8fd

Request headers

Referer
http://cash-turf.com/
User-Agent
Mozilla / 5.0 (Windows NT 10.0; Win64; x64) AppleWebKit / 537.36 (KHTML, comme Gecko) Chrome / 89.0.4389.72 Safari / 537.36

Response headers

Pragma
public
Date
Mon, 12 Apr 2021 01:13:35 GMT
Last-Modified
Wed, 22 May 2019 07:41:25 GMT
Server
nginx/1.14.2
ETag
"5ce4fd25-a95f"
Content-Type
image/gif
Cache-Control
max-age=315360000, public, must-revalidate, proxy-revalidate, private
Accept-Ranges
bytes
Content-Length
43359
Expires
Thu, 31 Dec 2037 23:55:55 GMT
pon3.png
cash-turf.com/img/
564 B
844 B
Image
General
Full URL
http://cash-turf.com/img/pon3.png
Requested by
Host: cash-turf.com
URL: http://cash-turf.com/index.php
Protocol
HTTP/1.1
Server
185.98.131.151 , France, ASN16347 (RMI-FITECH, FR),
Reverse DNS
Software
nginx /
Resource Hash
b488fabdbfc159af4453e264714805991d302b4db2eb3e84b17fd4a86894515b

Request headers

Referer
http://cash-turf.com/index.php
User-Agent
Mozilla / 5.0 (Windows NT 10.0; Win64; x64) AppleWebKit / 537.36 (KHTML, comme Gecko) Chrome / 89.0.4389.72 Safari / 537.36

Response headers

Date
Mon, 12 Apr 2021 01:13:35 GMT
Last-Modified
Sat, 30 Dec 2017 13:01:18 GMT
Server
nginx
ETag
"234-5618e58497be6"
Vary
Host
Content-Type
image/png
Access-Control-Allow-Origin
*
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
564
cash.gif
cash-turf.com/
67 KB
67 KB
Image
General
Full URL
http://cash-turf.com/cash.gif
Requested by
Host: cash-turf.com
URL: http://cash-turf.com/index.php
Protocol
HTTP/1.1
Server
185.98.131.151 , France, ASN16347 (RMI-FITECH, FR),
Reverse DNS
Software
nginx /
Resource Hash
6cb50d4d9169e4d8010efbd0d1d24fcaf9d00a0a2e8678a03071789220101692

Request headers

Referer
http://cash-turf.com/index.php
User-Agent
Mozilla / 5.0 (Windows NT 10.0; Win64; x64) AppleWebKit / 537.36 (KHTML, comme Gecko) Chrome / 89.0.4389.72 Safari / 537.36

Response headers

Date
Mon, 12 Apr 2021 01:13:35 GMT
Last-Modified
Thu, 21 Dec 2017 12:34:45 GMT
Server
nginx
ETag
"10b2b-560d8ecd13664"
Vary
Host
Content-Type
image/gif
Access-Control-Allow-Origin
*
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
68395
logo.gif
paris-hippique.fr/img/
0
0

logo1.gif
paris-media.dturfd.com/
0
0

dot.png
cash-turf.com/img/
154 B
433 B
Image
General
Full URL
http://cash-turf.com/img/dot.png
Requested by
Host: cash-turf.com
URL: http://cash-turf.com/css/css.css
Protocol
HTTP/1.1
Server
185.98.131.151 , France, ASN16347 (RMI-FITECH, FR),
Reverse DNS
Software
nginx /
Resource Hash
1d8d624f73091758dc07c455a57a0d6cdcb27f91dc93d9e568b9e708c6a7500f

Request headers

Referer
http://cash-turf.com/css/css.css
User-Agent
Mozilla / 5.0 (Windows NT 10.0; Win64; x64) AppleWebKit / 537.36 (KHTML, comme Gecko) Chrome / 89.0.4389.72 Safari / 537.36

Response headers

Date
Mon, 12 Apr 2021 01:13:35 GMT
Last-Modified
Thu, 21 Dec 2017 12:35:01 GMT
Server
nginx
ETag
"9a-560d8edbe655d"
Vary
Host
Content-Type
image/png
Access-Control-Allow-Origin
*
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
154
chevo.png
cash-turf.com/img/
113 KB
113 KB
Image
General
Full URL
http://cash-turf.com/img/chevo.png
Requested by
Host: cash-turf.com
URL: http://cash-turf.com/css/css.css
Protocol
HTTP/1.1
Server
185.98.131.151 , France, ASN16347 (RMI-FITECH, FR),
Reverse DNS
Software
nginx /
Resource Hash
3f1881b9d3e8b5fbbf396915e875bd99f6b4a81f291a01291d1b805d6d82583d

Request headers

Referer
http://cash-turf.com/css/css.css
User-Agent
Mozilla / 5.0 (Windows NT 10.0; Win64; x64) AppleWebKit / 537.36 (KHTML, comme Gecko) Chrome / 89.0.4389.72 Safari / 537.36

Response headers

Date
Mon, 12 Apr 2021 01:13:35 GMT
Last-Modified
Thu, 21 Dec 2017 12:35:00 GMT
Server
nginx
ETag
"1c22a-560d8edb6761c"
Vary
Host
Content-Type
image/png
Access-Control-Allow-Origin
*
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
115242
dot2.png
cash-turf.com/img/
151 B
430 B
Image
General
Full URL
http://cash-turf.com/img/dot2.png
Requested by
Host: cash-turf.com
URL: http://cash-turf.com/css/css.css
Protocol
HTTP/1.1
Server
185.98.131.151 , France, ASN16347 (RMI-FITECH, FR),
Reverse DNS
Software
nginx /
Resource Hash
e54f932cdfaf3ccfb9ae7524b67c230a19beeb54e9bdaed266a74e0e668843c8

Request headers

Referer
http://cash-turf.com/css/css.css
User-Agent
Mozilla / 5.0 (Windows NT 10.0; Win64; x64) AppleWebKit / 537.36 (KHTML, comme Gecko) Chrome / 89.0.4389.72 Safari / 537.36

Response headers

Date
Mon, 12 Apr 2021 01:13:35 GMT
Last-Modified
Thu, 21 Dec 2017 12:35:02 GMT
Server
nginx
ETag
"97-560d8edce0561"
Vary
Host
Content-Type
image/png
Access-Control-Allow-Origin
*
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
151
menu2.png
cash-turf.com/img/
667 B
947 B
Image
General
Full URL
http://cash-turf.com/img/menu2.png
Requested by
Host: cash-turf.com
URL: http://cash-turf.com/index.php
Protocol
HTTP/1.1
Server
185.98.131.151 , France, ASN16347 (RMI-FITECH, FR),
Reverse DNS
Software
nginx /
Resource Hash
84ac38d1c32933cecdc6f3c08050f009cfd324962201162c7ddb60c7478d411d

Request headers

Referer
http://cash-turf.com/index.php
User-Agent
Mozilla / 5.0 (Windows NT 10.0; Win64; x64) AppleWebKit / 537.36 (KHTML, comme Gecko) Chrome / 89.0.4389.72 Safari / 537.36

Response headers

Date
Mon, 12 Apr 2021 01:13:35 GMT
Last-Modified
Thu, 21 Dec 2017 12:35:05 GMT
Server
nginx
ETag
"29b-560d8edf8036b"
Vary
Host
Content-Type
image/png
Access-Control-Allow-Origin
*
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
667
menu.png
cash-turf.com/img/
667 B
947 B
Image
General
Full URL
http://cash-turf.com/img/menu.png
Requested by
Host: cash-turf.com
URL: http://cash-turf.com/css/css.css
Protocol
HTTP/1.1
Server
185.98.131.151 , France, ASN16347 (RMI-FITECH, FR),
Reverse DNS
Software
nginx /
Resource Hash
b0a6085280a321d88acf998db304a7a63d3328d241ca17e97ae5861caef31172

Request headers

Referer
http://cash-turf.com/css/css.css
User-Agent
Mozilla / 5.0 (Windows NT 10.0; Win64; x64) AppleWebKit / 537.36 (KHTML, comme Gecko) Chrome / 89.0.4389.72 Safari / 537.36

Response headers

Date
Mon, 12 Apr 2021 01:13:35 GMT
Last-Modified
Thu, 21 Dec 2017 12:35:04 GMT
Server
nginx
ETag
"29b-560d8edef77e9"
Vary
Host
Content-Type
image/png
Access-Control-Allow-Origin
*
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
667
pan.png
cash-turf.com/img/
718 KB
719 KB
Image
General
Full URL
http://cash-turf.com/img/pan.png
Requested by
Host: cash-turf.com
URL: http://cash-turf.com/css/css.css
Protocol
HTTP/1.1
Server
185.98.131.151 , France, ASN16347 (RMI-FITECH, FR),
Reverse DNS
Software
nginx /
Resource Hash
52f76f5e4767a2708614add46689a2eb23cb5a1414610e7c920a83e5dde5a1a4

Request headers

Referer
http://cash-turf.com/css/css.css
User-Agent
Mozilla / 5.0 (Windows NT 10.0; Win64; x64) AppleWebKit / 537.36 (KHTML, comme Gecko) Chrome / 89.0.4389.72 Safari / 537.36

Response headers

Date
Mon, 12 Apr 2021 01:13:35 GMT
Last-Modified
Thu, 21 Dec 2017 12:35:17 GMT
Server
nginx
ETag
"b398a-560d8eeb5391a"
Vary
Host
Content-Type
image/png
Access-Control-Allow-Origin
*
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
735626
menu3.png
cash-turf.com/img/
657 B
937 B
Image
General
Full URL
http://cash-turf.com/img/menu3.png
Requested by
Host: cash-turf.com
URL: http://cash-turf.com/css/css.css
Protocol
HTTP/1.1
Server
185.98.131.151 , France, ASN16347 (RMI-FITECH, FR),
Reverse DNS
Software
nginx /
Resource Hash
76d6a7cf6cd0d672a21b38a3a4c10e020eb0ba6adb81ef01d9119a0a967771a5

Request headers

Referer
http://cash-turf.com/css/css.css
User-Agent
Mozilla / 5.0 (Windows NT 10.0; Win64; x64) AppleWebKit / 537.36 (KHTML, comme Gecko) Chrome / 89.0.4389.72 Safari / 537.36

Response headers

Date
Mon, 12 Apr 2021 01:13:35 GMT
Last-Modified
Thu, 21 Dec 2017 12:35:05 GMT
Server
nginx
ETag
"291-560d8ee00506e"
Vary
Host
Content-Type
image/png
Access-Control-Allow-Origin
*
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
657
dota.png
cash-turf.com/img/
874 B
1 KB
Image
General
Full URL
http://cash-turf.com/img/dota.png
Requested by
Host: cash-turf.com
URL: http://cash-turf.com/css/css.css
Protocol
HTTP/1.1
Server
185.98.131.151 , France, ASN16347 (RMI-FITECH, FR),
Reverse DNS
Software
nginx /
Resource Hash
ce1a048fb4048f736f5e05ed5f1fd0c26efe4a674bade79c2bfe25d4867b54fa

Request headers

Referer
http://cash-turf.com/css/css.css
User-Agent
Mozilla / 5.0 (Windows NT 10.0; Win64; x64) AppleWebKit / 537.36 (KHTML, comme Gecko) Chrome / 89.0.4389.72 Safari / 537.36

Response headers

Date
Mon, 12 Apr 2021 01:13:35 GMT
Last-Modified
Thu, 21 Dec 2017 12:35:03 GMT
Server
nginx
ETag
"36a-560d8ede0d1e6"
Vary
Host
Content-Type
image/png
Access-Control-Allow-Origin
*
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
874
buta.png
cash-turf.com/img/
255 B
534 B
Image
General
Full URL
http://cash-turf.com/img/buta.png
Requested by
Host: cash-turf.com
URL: http://cash-turf.com/css/css.css
Protocol
HTTP/1.1
Server
185.98.131.151 , France, ASN16347 (RMI-FITECH, FR),
Reverse DNS
Software
nginx /
Resource Hash
1674672918fb834c381cecef1d3ff69d497bccfd9d5837ba8b1bfd0b09eca03f

Request headers

Referer
http://cash-turf.com/css/css.css
User-Agent
Mozilla / 5.0 (Windows NT 10.0; Win64; x64) AppleWebKit / 537.36 (KHTML, comme Gecko) Chrome / 89.0.4389.72 Safari / 537.36

Response headers

Date
Mon, 12 Apr 2021 01:13:35 GMT
Last-Modified
Thu, 21 Dec 2017 12:34:52 GMT
Server
nginx
ETag
"ff-560d8ed30001b"
Vary
Host
Content-Type
image/png
Access-Control-Allow-Origin
*
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
255
menu4.png
cash-turf.com/img/
661 B
941 B
Image
General
Full URL
http://cash-turf.com/img/menu4.png
Requested by
Host: cash-turf.com
URL: http://cash-turf.com/index.php
Protocol
HTTP/1.1
Server
185.98.131.151 , France, ASN16347 (RMI-FITECH, FR),
Reverse DNS
Software
nginx /
Resource Hash
749a719a90d34b9fcf52aa353aa5d9ff179cf3c2e8870bd963c83d93ddba8e70

Request headers

Referer
http://cash-turf.com/index.php
User-Agent
Mozilla / 5.0 (Windows NT 10.0; Win64; x64) AppleWebKit / 537.36 (KHTML, comme Gecko) Chrome / 89.0.4389.72 Safari / 537.36

Response headers

Date
Mon, 12 Apr 2021 01:13:35 GMT
Last-Modified
Sat, 30 Dec 2017 13:01:17 GMT
Server
nginx
ETag
"295-5618e583ba103"
Vary
Host
Content-Type
image/png
Access-Control-Allow-Origin
*
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
661
show_ads_impl_with_ama.js
pagead2.googlesyndication.com/pagead/js/r20210406/r20190131/
244 KB
88 KB
Script
General
Full URL
https://pagead2.googlesyndication.com/pagead/js/r20210406/r20190131/show_ads_impl_with_ama.js?client=ca-pub-5952046279847815&plah=cash-turf.com&amaexp=1
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
4b54b19ccfd56ae78c1c78df3333f08e6c0e7d57d0de82a23380de62ebe4a1cc
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
http://cash-turf.com/
User-Agent
Mozilla / 5.0 (Windows NT 10.0; Win64; x64) AppleWebKit / 537.36 (KHTML, comme Gecko) Chrome / 89.0.4389.72 Safari / 537.36

Response headers

date
Mon, 12 Apr 2021 01:13:35 GMT
content-encoding
gzip
x-content-type-options
nosniff
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
90052
x-xss-protection
0
server
cafe
etag
13655859728178893768
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
cache-control
private, max-age=3600, stale-while-revalidate=3600
timing-allow-origin
*
expires
Mon, 12 Apr 2021 01:13:35 GMT
zrt_lookup.html
googleads.g.doubleclick.net/pagead/html/r20210406/r20190131/ Frame 1641
10 KB
5 KB
Document
General
Full URL
https://googleads.g.doubleclick.net/pagead/html/r20210406/r20190131/zrt_lookup.html
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
a5cb642ef22434a24612329870579fbb272cb9fa7475360035596ea56fb0431a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

:method
GET
:authority
googleads.g.doubleclick.net
:scheme
https
:path
/pagead/html/r20210406/r20190131/zrt_lookup.html
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla / 5.0 (Windows NT 10.0; Win64; x64) AppleWebKit / 537.36 (KHTML, comme Gecko) Chrome / 89.0.4389.72 Safari / 537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
http://cash-turf.com/
accept-encoding
gzip, deflate, br
accept-language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla / 5.0 (Windows NT 10.0; Win64; x64) AppleWebKit / 537.36 (KHTML, comme Gecko) Chrome / 89.0.4389.72 Safari / 537.36
Referer
http://cash-turf.com/

Response headers

p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin
*
cross-origin-resource-policy
cross-origin
vary
Accept-Encoding
date
Sun, 11 Apr 2021 14:15:42 GMT
expires
Sun, 25 Apr 2021 14:15:42 GMT
content-type
text/html; charset=UTF-8
etag
10446291943670460780
x-content-type-options
nosniff
content-encoding
gzip
server
cafe
content-length
4644
x-xss-protection
0
age
39473
cache-control
public, max-age=1209600
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cookie.js
partner.googleadservices.com/gampad/
203 B
639 B
Script
General
Full URL
https://partner.googleadservices.com/gampad/cookie.js?domain=cash-turf.com&callback=_gfp_s_&client=ca-pub-5952046279847815
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/r20210406/r20190131/show_ads_impl_with_ama.js?client=ca-pub-5952046279847815&plah=cash-turf.com&amaexp=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
216.58.212.162 Mountain View, United States, ASN15169 (GOOGLE, US),
Reverse DNS
ams15s22-in-f162.1e100.net
Software
cafe /
Resource Hash
3204e875e6af9f19ac6db6e4d19eced980f537f354291d822028638fdf6f18a6
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
http://cash-turf.com/
User-Agent
Mozilla / 5.0 (Windows NT 10.0; Win64; x64) AppleWebKit / 537.36 (KHTML, comme Gecko) Chrome / 89.0.4389.72 Safari / 537.36

Response headers

date
Mon, 12 Apr 2021 01:13:35 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-type
text/javascript; charset=UTF-8
cache-control
private
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
191
x-xss-protection
0
integrator.js
adservice.google.de/adsid/
107 B
313 B
Script
General
Full URL
https://adservice.google.de/adsid/integrator.js?domain=cash-turf.com
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/r20210406/r20190131/show_ads_impl_with_ama.js?client=ca-pub-5952046279847815&plah=cash-turf.com&amaexp=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
http://cash-turf.com/
User-Agent
Mozilla / 5.0 (Windows NT 10.0; Win64; x64) AppleWebKit / 537.36 (KHTML, comme Gecko) Chrome / 89.0.4389.72 Safari / 537.36

Response headers

timing-allow-origin
*
date
Mon, 12 Apr 2021 01:13:35 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control
private, no-cache, no-store
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
application/javascript; charset=UTF-8
alt-svc
h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length
100
x-xss-protection
0
integrator.js
adservice.google.com/adsid/
107 B
313 B
Script
General
Full URL
https://adservice.google.com/adsid/integrator.js?domain=cash-turf.com
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/r20210406/r20190131/show_ads_impl_with_ama.js?client=ca-pub-5952046279847815&plah=cash-turf.com&amaexp=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
http://cash-turf.com/
User-Agent
Mozilla / 5.0 (Windows NT 10.0; Win64; x64) AppleWebKit / 537.36 (KHTML, comme Gecko) Chrome / 89.0.4389.72 Safari / 537.36

Response headers

timing-allow-origin
*
date
Mon, 12 Apr 2021 01:13:35 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control
private, no-cache, no-store
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
application/javascript; charset=UTF-8
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
100
x-xss-protection
0
ads
googleads.g.doubleclick.net/pagead/ Frame 2FB3
7 KB
1 KB
Document
General
Full URL
https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5952046279847815&output=html&adk=1812271804&adf=3025194257&lmt=1618190015&plat=1%3A32776%2C2%3A32776%2C8%3A134217728%2C9%3A134250504%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32&format=0x0&url=http%3A%2F%2Fcash-turf.com%2Findex.php&ea=0&flash=0&pra=5&wgl=1&dt=1618190015359&bpp=14&bdt=95&idt=89&shv=r20210406&cbv=r20190131&ptt=9&saldr=aa&abxe=1&nras=1&correlator=1618453429991&frm=20&pv=2&ga_vid=1843500999.1618190015&ga_sid=1618190015&ga_hid=1913691941&ga_fc=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44735931%2C44740079%2C31060566%2C44739387%2C21066612&oid=3&pvsid=1205631365048499&eae=6&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=0&bc=23&ifi=1&uci=a!1&fsb=1&dtd=108
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/r20210406/r20190131/show_ads_impl_with_ama.js?client=ca-pub-5952046279847815&plah=cash-turf.com&amaexp=1
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
4669362dc60cbfb4e261a73e6e56a215f77259002105dec557616a5c1355db38
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

:method
GET
:authority
googleads.g.doubleclick.net
:scheme
https
:path
/pagead/ads?client=ca-pub-5952046279847815&output=html&adk=1812271804&adf=3025194257&lmt=1618190015&plat=1%3A32776%2C2%3A32776%2C8%3A134217728%2C9%3A134250504%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32&format=0x0&url=http%3A%2F%2Fcash-turf.com%2Findex.php&ea=0&flash=0&pra=5&wgl=1&dt=1618190015359&bpp=14&bdt=95&idt=89&shv=r20210406&cbv=r20190131&ptt=9&saldr=aa&abxe=1&nras=1&correlator=1618453429991&frm=20&pv=2&ga_vid=1843500999.1618190015&ga_sid=1618190015&ga_hid=1913691941&ga_fc=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44735931%2C44740079%2C31060566%2C44739387%2C21066612&oid=3&pvsid=1205631365048499&eae=6&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=0&bc=23&ifi=1&uci=a!1&fsb=1&dtd=108
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla / 5.0 (Windows NT 10.0; Win64; x64) AppleWebKit / 537.36 (KHTML, comme Gecko) Chrome / 89.0.4389.72 Safari / 537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
http://cash-turf.com/
accept-encoding
gzip, deflate, br
accept-language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla / 5.0 (Windows NT 10.0; Win64; x64) AppleWebKit / 537.36 (KHTML, comme Gecko) Chrome / 89.0.4389.72 Safari / 537.36
Referer
http://cash-turf.com/

Response headers

p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin
*
cross-origin-resource-policy
cross-origin
content-type
text/html; charset=UTF-8
x-content-type-options
nosniff
content-encoding
br
date
Mon, 12 Apr 2021 01:13:35 GMT
server
cafe
content-length
681
x-xss-protection
0
set-cookie
test_cookie=CheckForPermission; expires=Mon, 12-Apr-2021 01:28:35 GMT; path=/; domain=.doubleclick.net; Secure; HttpOnly; SameSite=none
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
expires
Mon, 12 Apr 2021 01:13:35 GMT
cache-control
private
osd.js
www.googletagservices.com/activeview/js/current/
73 KB
28 KB
Script
General
Full URL
https://www.googletagservices.com/activeview/js/current/osd.js?cb=%2Fr20100101
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/r20210406/r20190131/show_ads_impl_with_ama.js?client=ca-pub-5952046279847815&plah=cash-turf.com&amaexp=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:811::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
12a84d53232f26ad8feb3dab55e480195520c092b9a8dc87baca96c7390d919b
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
http://cash-turf.com/
User-Agent
Mozilla / 5.0 (Windows NT 10.0; Win64; x64) AppleWebKit / 537.36 (KHTML, comme Gecko) Chrome / 89.0.4389.72 Safari / 537.36

Response headers

date
Mon, 12 Apr 2021 01:13:35 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
sffe
etag
"1617988871915048"
vary
Accept-Encoding
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
28262
x-xss-protection
0
expires
Mon, 12 Apr 2021 01:13:35 GMT
ads
googleads.g.doubleclick.net/pagead/ Frame 8235
405 B
232 B
Document
General
Full URL
https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5952046279847815&output=html&h=90&slotname=4266416830&adk=2499527831&adf=1645111721&pi=t.ma~as.4266416830&w=728&lmt=1618190015&psa=0&format=728x90&url=http%3A%2F%2Fcash-turf.com%2Findex.php&ea=0&flash=0&wgl=1&dt=1618190015373&bpp=4&bdt=108&idt=108&shv=r20210406&cbv=r20190131&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=1&correlator=1618453429991&frm=20&pv=1&ga_vid=1843500999.1618190015&ga_sid=1618190015&ga_hid=1913691941&ga_fc=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=301&ady=798&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44735931%2C44740079%2C31060566%2C44739387%2C21066612&oid=3&pvsid=1205631365048499&eae=4&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=0&bc=23&ifi=2&uci=a!2&fsb=1&dtd=116
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/r20210406/r20190131/show_ads_impl_with_ama.js?client=ca-pub-5952046279847815&plah=cash-turf.com&amaexp=1
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
9d4385ce3067fb0d01ce98d3040ca4c7e064274d8ae240235b872e6ceef660b3
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

:method
GET
:authority
googleads.g.doubleclick.net
:scheme
https
:path
/pagead/ads?client=ca-pub-5952046279847815&output=html&h=90&slotname=4266416830&adk=2499527831&adf=1645111721&pi=t.ma~as.4266416830&w=728&lmt=1618190015&psa=0&format=728x90&url=http%3A%2F%2Fcash-turf.com%2Findex.php&ea=0&flash=0&wgl=1&dt=1618190015373&bpp=4&bdt=108&idt=108&shv=r20210406&cbv=r20190131&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=1&correlator=1618453429991&frm=20&pv=1&ga_vid=1843500999.1618190015&ga_sid=1618190015&ga_hid=1913691941&ga_fc=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=301&ady=798&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44735931%2C44740079%2C31060566%2C44739387%2C21066612&oid=3&pvsid=1205631365048499&eae=4&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=0&bc=23&ifi=2&uci=a!2&fsb=1&dtd=116
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla / 5.0 (Windows NT 10.0; Win64; x64) AppleWebKit / 537.36 (KHTML, comme Gecko) Chrome / 89.0.4389.72 Safari / 537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
http://cash-turf.com/
accept-encoding
gzip, deflate, br
accept-language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla / 5.0 (Windows NT 10.0; Win64; x64) AppleWebKit / 537.36 (KHTML, comme Gecko) Chrome / 89.0.4389.72 Safari / 537.36
Referer
http://cash-turf.com/

Response headers

p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin
*
cross-origin-resource-policy
cross-origin
content-type
text/html; charset=UTF-8
x-content-type-options
nosniff
content-encoding
br
date
Mon, 12 Apr 2021 01:13:35 GMT
server
cafe
content-length
205
x-xss-protection
0
set-cookie
test_cookie=CheckForPermission; expires=Mon, 12-Apr-2021 01:28:35 GMT; path=/; domain=.doubleclick.net; Secure; HttpOnly; SameSite=none
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
expires
Mon, 12 Apr 2021 01:13:35 GMT
cache-control
private
ads
googleads.g.doubleclick.net/pagead/ Frame BBE6
405 B
230 B
Document
General
Full URL
https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5952046279847815&output=html&h=60&slotname=0025954709&adk=736465367&adf=2596562503&pi=t.ma~as.0025954709&w=468&lmt=1618190015&psa=0&format=468x60&url=http%3A%2F%2Fcash-turf.com%2Findex.php&ea=0&flash=0&wgl=1&dt=1618190015377&bpp=1&bdt=112&idt=121&shv=r20210406&cbv=r20190131&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C728x90&nras=1&correlator=1618453429991&frm=20&pv=1&ga_vid=1843500999.1618190015&ga_sid=1618190015&ga_hid=1913691941&ga_fc=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=320&ady=2816&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44735931%2C44740079%2C31060566%2C44739387%2C21066612&oid=3&pvsid=1205631365048499&eae=4&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeEbr%7C&abl=CS&pfx=0&fu=0&bc=23&ifi=3&uci=a!3&btvi=1&fsb=1&dtd=124
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/r20210406/r20190131/show_ads_impl_with_ama.js?client=ca-pub-5952046279847815&plah=cash-turf.com&amaexp=1
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e4bb6a715d5d02fa2ba688b01ebd6e72821b736f0e2eae5d4dd9225657edb144
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

:method
GET
:authority
googleads.g.doubleclick.net
:scheme
https
:path
/pagead/ads?client=ca-pub-5952046279847815&output=html&h=60&slotname=0025954709&adk=736465367&adf=2596562503&pi=t.ma~as.0025954709&w=468&lmt=1618190015&psa=0&format=468x60&url=http%3A%2F%2Fcash-turf.com%2Findex.php&ea=0&flash=0&wgl=1&dt=1618190015377&bpp=1&bdt=112&idt=121&shv=r20210406&cbv=r20190131&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C728x90&nras=1&correlator=1618453429991&frm=20&pv=1&ga_vid=1843500999.1618190015&ga_sid=1618190015&ga_hid=1913691941&ga_fc=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=320&ady=2816&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44735931%2C44740079%2C31060566%2C44739387%2C21066612&oid=3&pvsid=1205631365048499&eae=4&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeEbr%7C&abl=CS&pfx=0&fu=0&bc=23&ifi=3&uci=a!3&btvi=1&fsb=1&dtd=124
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla / 5.0 (Windows NT 10.0; Win64; x64) AppleWebKit / 537.36 (KHTML, comme Gecko) Chrome / 89.0.4389.72 Safari / 537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
http://cash-turf.com/
accept-encoding
gzip, deflate, br
accept-language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla / 5.0 (Windows NT 10.0; Win64; x64) AppleWebKit / 537.36 (KHTML, comme Gecko) Chrome / 89.0.4389.72 Safari / 537.36
Referer
http://cash-turf.com/

Response headers

p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin
*
cross-origin-resource-policy
cross-origin
content-type
text/html; charset=UTF-8
x-content-type-options
nosniff
content-encoding
br
date
Mon, 12 Apr 2021 01:13:35 GMT
server
cafe
content-length
203
x-xss-protection
0
set-cookie
test_cookie=CheckForPermission; expires=Mon, 12-Apr-2021 01:28:35 GMT; path=/; domain=.doubleclick.net; Secure; HttpOnly; SameSite=none
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
expires
Mon, 12 Apr 2021 01:13:35 GMT
cache-control
private
integrator.js
adservice.google.de/adsid/
107 B
777 B
Script
General
Full URL
https://adservice.google.de/adsid/integrator.js?domain=cash-turf.com
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/r20210406/r20190131/show_ads_impl_with_ama.js?client=ca-pub-5952046279847815&plah=cash-turf.com&amaexp=1
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
http://cash-turf.com/
User-Agent
Mozilla / 5.0 (Windows NT 10.0; Win64; x64) AppleWebKit / 537.36 (KHTML, comme Gecko) Chrome / 89.0.4389.72 Safari / 537.36

Response headers

timing-allow-origin
*
date
Mon, 12 Apr 2021 01:13:35 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control
private, no-cache, no-store
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
application/javascript; charset=UTF-8
alt-svc
h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length
100
x-xss-protection
0
integrator.js
adservice.google.com/adsid/
107 B
531 B
Script
General
Full URL
https://adservice.google.com/adsid/integrator.js?domain=cash-turf.com
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/r20210406/r20190131/show_ads_impl_with_ama.js?client=ca-pub-5952046279847815&plah=cash-turf.com&amaexp=1
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
http://cash-turf.com/
User-Agent
Mozilla / 5.0 (Windows NT 10.0; Win64; x64) AppleWebKit / 537.36 (KHTML, comme Gecko) Chrome / 89.0.4389.72 Safari / 537.36

Response headers

timing-allow-origin
*
date
Mon, 12 Apr 2021 01:13:35 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control
private, no-cache, no-store
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
application/javascript; charset=UTF-8
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
100
x-xss-protection
0
ads
googleads.g.doubleclick.net/pagead/ Frame 0B2C
79 KB
28 KB
Document
General
Full URL
https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5952046279847815&output=html&h=134&adk=1345229423&adf=2741790649&pi=t.aa~a.229069798~rp.4&w=690&lmt=1618190015&nsk=adf09be1&rafmt=11&pwprc=1133335281&psa=0&ad_type=text_image&format=690x134&url=http%3A%2F%2Fcash-turf.com%2Findex.php&ea=0&flash=0&pra=3&wgl=1&fa=26&dt=1618190015602&bpp=1&bdt=337&idt=-M&shv=r20210406&cbv=r20190131&ptt=9&saldr=aa&abxe=1&cookie=ID%3D17add5fe4d11647a-22a6a1d57da7000f%3AT%3D1618190015%3ART%3D1618190015%3AS%3DALNI_MZy6_qpjDq87lfh8Z4TwLlnNwaepw&prev_fmts=0x0%2C728x90%2C468x60&nras=2&correlator=1618453429991&frm=20&pv=1&ga_vid=1843500999.1618190015&ga_sid=1618190015&ga_hid=1913691941&ga_fc=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=320&ady=1320&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44735931%2C44740079%2C31060566%2C44739387%2C21066612&oid=3&pvsid=1205631365048499&eae=4&fc=1792&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=23&ifi=4&uci=a!4&btvi=2&fsb=1&dtd=17
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/r20210406/r20190131/show_ads_impl_with_ama.js?client=ca-pub-5952046279847815&plah=cash-turf.com&amaexp=1
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
fc12a1f1fb43018508513723cc58fd924f1f20c9e9300f3e4ae06bb8145a38c5
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

:method
GET
:authority
googleads.g.doubleclick.net
:scheme
https
:path
/pagead/ads?client=ca-pub-5952046279847815&output=html&h=134&adk=1345229423&adf=2741790649&pi=t.aa~a.229069798~rp.4&w=690&lmt=1618190015&nsk=adf09be1&rafmt=11&pwprc=1133335281&psa=0&ad_type=text_image&format=690x134&url=http%3A%2F%2Fcash-turf.com%2Findex.php&ea=0&flash=0&pra=3&wgl=1&fa=26&dt=1618190015602&bpp=1&bdt=337&idt=-M&shv=r20210406&cbv=r20190131&ptt=9&saldr=aa&abxe=1&cookie=ID%3D17add5fe4d11647a-22a6a1d57da7000f%3AT%3D1618190015%3ART%3D1618190015%3AS%3DALNI_MZy6_qpjDq87lfh8Z4TwLlnNwaepw&prev_fmts=0x0%2C728x90%2C468x60&nras=2&correlator=1618453429991&frm=20&pv=1&ga_vid=1843500999.1618190015&ga_sid=1618190015&ga_hid=1913691941&ga_fc=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=320&ady=1320&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44735931%2C44740079%2C31060566%2C44739387%2C21066612&oid=3&pvsid=1205631365048499&eae=4&fc=1792&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=23&ifi=4&uci=a!4&btvi=2&fsb=1&dtd=17
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla / 5.0 (Windows NT 10.0; Win64; x64) AppleWebKit / 537.36 (KHTML, comme Gecko) Chrome / 89.0.4389.72 Safari / 537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
http://cash-turf.com/
accept-encoding
gzip, deflate, br
accept-language
en-US
cookie
test_cookie=CheckForPermission
Upgrade-Insecure-Requests
1
User-Agent
Mozilla / 5.0 (Windows NT 10.0; Win64; x64) AppleWebKit / 537.36 (KHTML, comme Gecko) Chrome / 89.0.4389.72 Safari / 537.36
Referer
http://cash-turf.com/

Response headers

p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin
*
cross-origin-resource-policy
cross-origin
content-type
text/html; charset=UTF-8
x-content-type-options
nosniff
content-encoding
br
date
Mon, 12 Apr 2021 01:13:35 GMT
server
cafe
content-length
28641
x-xss-protection
0
set-cookie
IDE=AHWqTUlGVejLKpw3bcnvQJMYnmneFTZ_fxjYTXs7xRzST531suF9DMY-azhvHUIlqWI; expires=Sat, 07-May-2022 01:13:35 GMT; path=/; domain=.doubleclick.net; Secure; HttpOnly; SameSite=none test_cookie=; expires=Fri, 01-Aug-2008 22:45:55 GMT; path=/; domain=.doubleclick.net; Secure; HttpOnly; SameSite=none
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
expires
Mon, 12 Apr 2021 01:13:35 GMT
cache-control
private
ads
googleads.g.doubleclick.net/pagead/ Frame 8A4D
405 B
454 B
Document
General
Full URL
https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5952046279847815&output=html&h=134&adk=1345229423&adf=3799280117&pi=t.aa~a.229078540~rp.4&w=690&lmt=1618190015&nsk=1625d686&rafmt=11&pwprc=1133335281&psa=0&ad_type=text_image&format=690x134&url=http%3A%2F%2Fcash-turf.com%2Findex.php&ea=0&flash=0&pra=3&wgl=1&fa=26&dt=1618190015602&bpp=1&bdt=338&idt=1&shv=r20210406&cbv=r20190131&ptt=9&saldr=aa&abxe=1&cookie=ID%3D17add5fe4d11647a-22a6a1d57da7000f%3AT%3D1618190015%3ART%3D1618190015%3AS%3DALNI_MZy6_qpjDq87lfh8Z4TwLlnNwaepw&prev_fmts=0x0%2C728x90%2C468x60%2C690x134&nras=3&correlator=1618453429991&frm=20&pv=1&ga_vid=1843500999.1618190015&ga_sid=1618190015&ga_hid=1913691941&ga_fc=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=320&ady=1862&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44735931%2C44740079%2C31060566%2C44739387%2C21066612&oid=3&pvsid=1205631365048499&eae=4&fc=1792&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=23&ifi=5&uci=a!5&btvi=3&fsb=1&dtd=21
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/r20210406/r20190131/show_ads_impl_with_ama.js?client=ca-pub-5952046279847815&plah=cash-turf.com&amaexp=1
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
62d7f2753e206e218bc728166795bd012e2fa4bda913dd7d5d071bb51abe3303
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

:method
GET
:authority
googleads.g.doubleclick.net
:scheme
https
:path
/pagead/ads?client=ca-pub-5952046279847815&output=html&h=134&adk=1345229423&adf=3799280117&pi=t.aa~a.229078540~rp.4&w=690&lmt=1618190015&nsk=1625d686&rafmt=11&pwprc=1133335281&psa=0&ad_type=text_image&format=690x134&url=http%3A%2F%2Fcash-turf.com%2Findex.php&ea=0&flash=0&pra=3&wgl=1&fa=26&dt=1618190015602&bpp=1&bdt=338&idt=1&shv=r20210406&cbv=r20190131&ptt=9&saldr=aa&abxe=1&cookie=ID%3D17add5fe4d11647a-22a6a1d57da7000f%3AT%3D1618190015%3ART%3D1618190015%3AS%3DALNI_MZy6_qpjDq87lfh8Z4TwLlnNwaepw&prev_fmts=0x0%2C728x90%2C468x60%2C690x134&nras=3&correlator=1618453429991&frm=20&pv=1&ga_vid=1843500999.1618190015&ga_sid=1618190015&ga_hid=1913691941&ga_fc=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=320&ady=1862&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44735931%2C44740079%2C31060566%2C44739387%2C21066612&oid=3&pvsid=1205631365048499&eae=4&fc=1792&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=23&ifi=5&uci=a!5&btvi=3&fsb=1&dtd=21
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla / 5.0 (Windows NT 10.0; Win64; x64) AppleWebKit / 537.36 (KHTML, comme Gecko) Chrome / 89.0.4389.72 Safari / 537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
http://cash-turf.com/
accept-encoding
gzip, deflate, br
accept-language
en-US
cookie
test_cookie=CheckForPermission
Upgrade-Insecure-Requests
1
User-Agent
Mozilla / 5.0 (Windows NT 10.0; Win64; x64) AppleWebKit / 537.36 (KHTML, comme Gecko) Chrome / 89.0.4389.72 Safari / 537.36
Referer
http://cash-turf.com/

Response headers

p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin
*
cross-origin-resource-policy
cross-origin
content-type
text/html; charset=UTF-8
x-content-type-options
nosniff
content-encoding
br
date
Mon, 12 Apr 2021 01:13:35 GMT
server
cafe
content-length
205
x-xss-protection
0
set-cookie
IDE=AHWqTUkYd9LFRqLtFLYo-Zz8J5DBGciuNfwgtBfGumOK_B43WoJbmaVTo-pUrdKCNIo; expires=Sat, 07-May-2022 01:13:35 GMT; path=/; domain=.doubleclick.net; Secure; HttpOnly; SameSite=none test_cookie=; expires=Fri, 01-Aug-2008 22:45:55 GMT; path=/; domain=.doubleclick.net; Secure; HttpOnly; SameSite=none
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
expires
Mon, 12 Apr 2021 01:13:35 GMT
cache-control
private
css
fonts.googleapis.com/ Frame 0B2C
712 B
310 B
Stylesheet
General
Full URL
https://fonts.googleapis.com/css?family=Roboto:300,400,500,700&lang=fr
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5952046279847815&output=html&h=134&adk=1345229423&adf=2741790649&pi=t.aa~a.229069798~rp.4&w=690&lmt=1618190015&nsk=adf09be1&rafmt=11&pwprc=1133335281&psa=0&ad_type=text_image&format=690x134&url=http%3A%2F%2Fcash-turf.com%2Findex.php&ea=0&flash=0&pra=3&wgl=1&fa=26&dt=1618190015602&bpp=1&bdt=337&idt=-M&shv=r20210406&cbv=r20190131&ptt=9&saldr=aa&abxe=1&cookie=ID%3D17add5fe4d11647a-22a6a1d57da7000f%3AT%3D1618190015%3ART%3D1618190015%3AS%3DALNI_MZy6_qpjDq87lfh8Z4TwLlnNwaepw&prev_fmts=0x0%2C728x90%2C468x60&nras=2&correlator=1618453429991&frm=20&pv=1&ga_vid=1843500999.1618190015&ga_sid=1618190015&ga_hid=1913691941&ga_fc=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=320&ady=1320&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44735931%2C44740079%2C31060566%2C44739387%2C21066612&oid=3&pvsid=1205631365048499&eae=4&fc=1792&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=23&ifi=4&uci=a!4&btvi=2&fsb=1&dtd=17
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:800::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
2e717074cc5b23a4ec8c5d446bc20b1bc6b2eb325b791e08b6b3fd8be1b64da6
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla / 5.0 (Windows NT 10.0; Win64; x64) AppleWebKit / 537.36 (KHTML, comme Gecko) Chrome / 89.0.4389.72 Safari / 537.36

Response headers

date
Mon, 12 Apr 2021 01:13:35 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
ESF
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection
0
expires
Mon, 12 Apr 2021 01:13:35 GMT
css
fonts.googleapis.com/ Frame 0B2C
712 B
287 B
Stylesheet
General
Full URL
https://fonts.googleapis.com/css?family=Roboto:300,400,500,700&text=
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5952046279847815&output=html&h=134&adk=1345229423&adf=2741790649&pi=t.aa~a.229069798~rp.4&w=690&lmt=1618190015&nsk=adf09be1&rafmt=11&pwprc=1133335281&psa=0&ad_type=text_image&format=690x134&url=http%3A%2F%2Fcash-turf.com%2Findex.php&ea=0&flash=0&pra=3&wgl=1&fa=26&dt=1618190015602&bpp=1&bdt=337&idt=-M&shv=r20210406&cbv=r20190131&ptt=9&saldr=aa&abxe=1&cookie=ID%3D17add5fe4d11647a-22a6a1d57da7000f%3AT%3D1618190015%3ART%3D1618190015%3AS%3DALNI_MZy6_qpjDq87lfh8Z4TwLlnNwaepw&prev_fmts=0x0%2C728x90%2C468x60&nras=2&correlator=1618453429991&frm=20&pv=1&ga_vid=1843500999.1618190015&ga_sid=1618190015&ga_hid=1913691941&ga_fc=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=320&ady=1320&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44735931%2C44740079%2C31060566%2C44739387%2C21066612&oid=3&pvsid=1205631365048499&eae=4&fc=1792&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=23&ifi=4&uci=a!4&btvi=2&fsb=1&dtd=17
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:800::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
2e717074cc5b23a4ec8c5d446bc20b1bc6b2eb325b791e08b6b3fd8be1b64da6
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla / 5.0 (Windows NT 10.0; Win64; x64) AppleWebKit / 537.36 (KHTML, comme Gecko) Chrome / 89.0.4389.72 Safari / 537.36

Response headers

date
Mon, 12 Apr 2021 01:13:35 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
ESF
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection
0
expires
Mon, 12 Apr 2021 01:13:35 GMT
m_js_controller.js
tpc.googlesyndication.com/pagead/js/r20210406/r20110914/client/ Frame 0B2C
37 KB
14 KB
Script
General
Full URL
https://tpc.googlesyndication.com/pagead/js/r20210406/r20110914/client/m_js_controller.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5952046279847815&output=html&h=134&adk=1345229423&adf=2741790649&pi=t.aa~a.229069798~rp.4&w=690&lmt=1618190015&nsk=adf09be1&rafmt=11&pwprc=1133335281&psa=0&ad_type=text_image&format=690x134&url=http%3A%2F%2Fcash-turf.com%2Findex.php&ea=0&flash=0&pra=3&wgl=1&fa=26&dt=1618190015602&bpp=1&bdt=337&idt=-M&shv=r20210406&cbv=r20190131&ptt=9&saldr=aa&abxe=1&cookie=ID%3D17add5fe4d11647a-22a6a1d57da7000f%3AT%3D1618190015%3ART%3D1618190015%3AS%3DALNI_MZy6_qpjDq87lfh8Z4TwLlnNwaepw&prev_fmts=0x0%2C728x90%2C468x60&nras=2&correlator=1618453429991&frm=20&pv=1&ga_vid=1843500999.1618190015&ga_sid=1618190015&ga_hid=1913691941&ga_fc=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=320&ady=1320&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44735931%2C44740079%2C31060566%2C44739387%2C21066612&oid=3&pvsid=1205631365048499&eae=4&fc=1792&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=23&ifi=4&uci=a!4&btvi=2&fsb=1&dtd=17
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:800::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
2eb9c1a2e1927a4a870db4ed50fa7f1b239413f7c9bd47c94482307be208bfa2
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla / 5.0 (Windows NT 10.0; Win64; x64) AppleWebKit / 537.36 (KHTML, comme Gecko) Chrome / 89.0.4389.72 Safari / 537.36

Response headers

date
Sun, 11 Apr 2021 23:20:08 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
6807
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
14246
x-xss-protection
0
server
cafe
etag
2076874959904158270
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Sun, 25 Apr 2021 23:20:08 GMT
icon.png
googleads.g.doubleclick.net/pagead/images/adchoices/ Frame 0B2C
295 B
426 B
Image
General
Full URL
https://googleads.g.doubleclick.net/pagead/images/adchoices/icon.png
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5952046279847815&output=html&h=134&adk=1345229423&adf=2741790649&pi=t.aa~a.229069798~rp.4&w=690&lmt=1618190015&nsk=adf09be1&rafmt=11&pwprc=1133335281&psa=0&ad_type=text_image&format=690x134&url=http%3A%2F%2Fcash-turf.com%2Findex.php&ea=0&flash=0&pra=3&wgl=1&fa=26&dt=1618190015602&bpp=1&bdt=337&idt=-M&shv=r20210406&cbv=r20190131&ptt=9&saldr=aa&abxe=1&cookie=ID%3D17add5fe4d11647a-22a6a1d57da7000f%3AT%3D1618190015%3ART%3D1618190015%3AS%3DALNI_MZy6_qpjDq87lfh8Z4TwLlnNwaepw&prev_fmts=0x0%2C728x90%2C468x60&nras=2&correlator=1618453429991&frm=20&pv=1&ga_vid=1843500999.1618190015&ga_sid=1618190015&ga_hid=1913691941&ga_fc=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=320&ady=1320&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44735931%2C44740079%2C31060566%2C44739387%2C21066612&oid=3&pvsid=1205631365048499&eae=4&fc=1792&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=23&ifi=4&uci=a!4&btvi=2&fsb=1&dtd=17
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
7fd59024b6ca83f11f7a3448ec148309a13b705725716df134f699e60a96eb1b
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5952046279847815&output=html&h=134&adk=1345229423&adf=2741790649&pi=t.aa~a.229069798~rp.4&w=690&lmt=1618190015&nsk=adf09be1&rafmt=11&pwprc=1133335281&psa=0&ad_type=text_image&format=690x134&url=http%3A%2F%2Fcash-turf.com%2Findex.php&ea=0&flash=0&pra=3&wgl=1&fa=26&dt=1618190015602&bpp=1&bdt=337&idt=-M&shv=r20210406&cbv=r20190131&ptt=9&saldr=aa&abxe=1&cookie=ID%3D17add5fe4d11647a-22a6a1d57da7000f%3AT%3D1618190015%3ART%3D1618190015%3AS%3DALNI_MZy6_qpjDq87lfh8Z4TwLlnNwaepw&prev_fmts=0x0%2C728x90%2C468x60&nras=2&correlator=1618453429991&frm=20&pv=1&ga_vid=1843500999.1618190015&ga_sid=1618190015&ga_hid=1913691941&ga_fc=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=320&ady=1320&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44735931%2C44740079%2C31060566%2C44739387%2C21066612&oid=3&pvsid=1205631365048499&eae=4&fc=1792&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=23&ifi=4&uci=a!4&btvi=2&fsb=1&dtd=17
User-Agent
Mozilla / 5.0 (Windows NT 10.0; Win64; x64) AppleWebKit / 537.36 (KHTML, comme Gecko) Chrome / 89.0.4389.72 Safari / 537.36

Response headers

timing-allow-origin
*
date
Sun, 11 Apr 2021 14:36:57 GMT
x-content-type-options
nosniff
server
cafe
age
38198
etag
426692510519060060
vary
Accept-Encoding
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
public, max-age=86400
cross-origin-resource-policy
cross-origin
content-type
image/png
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
295
x-xss-protection
0
expires
Mon, 12 Apr 2021 14:36:57 GMT
abg_lite.js
tpc.googlesyndication.com/pagead/js/r20210406/r20110914/ Frame 0B2C
21 KB
8 KB
Script
General
Full URL
https://tpc.googlesyndication.com/pagead/js/r20210406/r20110914/abg_lite.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5952046279847815&output=html&h=134&adk=1345229423&adf=2741790649&pi=t.aa~a.229069798~rp.4&w=690&lmt=1618190015&nsk=adf09be1&rafmt=11&pwprc=1133335281&psa=0&ad_type=text_image&format=690x134&url=http%3A%2F%2Fcash-turf.com%2Findex.php&ea=0&flash=0&pra=3&wgl=1&fa=26&dt=1618190015602&bpp=1&bdt=337&idt=-M&shv=r20210406&cbv=r20190131&ptt=9&saldr=aa&abxe=1&cookie=ID%3D17add5fe4d11647a-22a6a1d57da7000f%3AT%3D1618190015%3ART%3D1618190015%3AS%3DALNI_MZy6_qpjDq87lfh8Z4TwLlnNwaepw&prev_fmts=0x0%2C728x90%2C468x60&nras=2&correlator=1618453429991&frm=20&pv=1&ga_vid=1843500999.1618190015&ga_sid=1618190015&ga_hid=1913691941&ga_fc=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=320&ady=1320&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44735931%2C44740079%2C31060566%2C44739387%2C21066612&oid=3&pvsid=1205631365048499&eae=4&fc=1792&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=23&ifi=4&uci=a!4&btvi=2&fsb=1&dtd=17
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:800::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
b64050576e612443e7dbecf837711e846c12c029f41d3de3a6e8cac16ca09037
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla / 5.0 (Windows NT 10.0; Win64; x64) AppleWebKit / 537.36 (KHTML, comme Gecko) Chrome / 89.0.4389.72 Safari / 537.36

Response headers

date
Mon, 12 Apr 2021 01:03:33 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
602
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
8469
x-xss-protection
0
server
cafe
etag
10238838524035937739
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Mon, 26 Apr 2021 01:03:33 GMT
window_focus.js
tpc.googlesyndication.com/pagead/js/r20210406/r20110914/client/ Frame 0B2C
2 KB
2 KB
Script
General
Full URL
https://tpc.googlesyndication.com/pagead/js/r20210406/r20110914/client/window_focus.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5952046279847815&output=html&h=134&adk=1345229423&adf=2741790649&pi=t.aa~a.229069798~rp.4&w=690&lmt=1618190015&nsk=adf09be1&rafmt=11&pwprc=1133335281&psa=0&ad_type=text_image&format=690x134&url=http%3A%2F%2Fcash-turf.com%2Findex.php&ea=0&flash=0&pra=3&wgl=1&fa=26&dt=1618190015602&bpp=1&bdt=337&idt=-M&shv=r20210406&cbv=r20190131&ptt=9&saldr=aa&abxe=1&cookie=ID%3D17add5fe4d11647a-22a6a1d57da7000f%3AT%3D1618190015%3ART%3D1618190015%3AS%3DALNI_MZy6_qpjDq87lfh8Z4TwLlnNwaepw&prev_fmts=0x0%2C728x90%2C468x60&nras=2&correlator=1618453429991&frm=20&pv=1&ga_vid=1843500999.1618190015&ga_sid=1618190015&ga_hid=1913691941&ga_fc=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=320&ady=1320&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44735931%2C44740079%2C31060566%2C44739387%2C21066612&oid=3&pvsid=1205631365048499&eae=4&fc=1792&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=23&ifi=4&uci=a!4&btvi=2&fsb=1&dtd=17
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:800::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
23c061e7d440b7804c374dae567e47162a04cacc44e35b5c35065629d8f2b3ce
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla / 5.0 (Windows NT 10.0; Win64; x64) AppleWebKit / 537.36 (KHTML, comme Gecko) Chrome / 89.0.4389.72 Safari / 537.36

Response headers

date
Mon, 12 Apr 2021 00:11:44 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
3711
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
1186
x-xss-protection
0
server
cafe
etag
6564122956844895608
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Mon, 26 Apr 2021 00:11:44 GMT
rx_lidar.js
www.googletagservices.com/activeview/js/current/ Frame 0B2C
118 KB
36 KB
Script
General
Full URL
https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5952046279847815&output=html&h=134&adk=1345229423&adf=2741790649&pi=t.aa~a.229069798~rp.4&w=690&lmt=1618190015&nsk=adf09be1&rafmt=11&pwprc=1133335281&psa=0&ad_type=text_image&format=690x134&url=http%3A%2F%2Fcash-turf.com%2Findex.php&ea=0&flash=0&pra=3&wgl=1&fa=26&dt=1618190015602&bpp=1&bdt=337&idt=-M&shv=r20210406&cbv=r20190131&ptt=9&saldr=aa&abxe=1&cookie=ID%3D17add5fe4d11647a-22a6a1d57da7000f%3AT%3D1618190015%3ART%3D1618190015%3AS%3DALNI_MZy6_qpjDq87lfh8Z4TwLlnNwaepw&prev_fmts=0x0%2C728x90%2C468x60&nras=2&correlator=1618453429991&frm=20&pv=1&ga_vid=1843500999.1618190015&ga_sid=1618190015&ga_hid=1913691941&ga_fc=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=320&ady=1320&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44735931%2C44740079%2C31060566%2C44739387%2C21066612&oid=3&pvsid=1205631365048499&eae=4&fc=1792&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=23&ifi=4&uci=a!4&btvi=2&fsb=1&dtd=17
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:811::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
6e18ba4f01dc7dd94a5ca4d40da8cc0732221be22cd3ac2b79560e1a67ca61d1
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla / 5.0 (Windows NT 10.0; Win64; x64) AppleWebKit / 537.36 (KHTML, comme Gecko) Chrome / 89.0.4389.72 Safari / 537.36

Response headers

date
Mon, 12 Apr 2021 01:13:35 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
sffe
etag
"1617988883687958"
vary
Accept-Encoding
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
36710
x-xss-protection
0
expires
Mon, 12 Apr 2021 01:13:35 GMT
qs_click_protection.js
tpc.googlesyndication.com/pagead/js/r20210406/r20110914/client/ Frame 0B2C
15 KB
6 KB
Script
General
Full URL
https://tpc.googlesyndication.com/pagead/js/r20210406/r20110914/client/qs_click_protection.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5952046279847815&output=html&h=134&adk=1345229423&adf=2741790649&pi=t.aa~a.229069798~rp.4&w=690&lmt=1618190015&nsk=adf09be1&rafmt=11&pwprc=1133335281&psa=0&ad_type=text_image&format=690x134&url=http%3A%2F%2Fcash-turf.com%2Findex.php&ea=0&flash=0&pra=3&wgl=1&fa=26&dt=1618190015602&bpp=1&bdt=337&idt=-M&shv=r20210406&cbv=r20190131&ptt=9&saldr=aa&abxe=1&cookie=ID%3D17add5fe4d11647a-22a6a1d57da7000f%3AT%3D1618190015%3ART%3D1618190015%3AS%3DALNI_MZy6_qpjDq87lfh8Z4TwLlnNwaepw&prev_fmts=0x0%2C728x90%2C468x60&nras=2&correlator=1618453429991&frm=20&pv=1&ga_vid=1843500999.1618190015&ga_sid=1618190015&ga_hid=1913691941&ga_fc=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=320&ady=1320&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44735931%2C44740079%2C31060566%2C44739387%2C21066612&oid=3&pvsid=1205631365048499&eae=4&fc=1792&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=23&ifi=4&uci=a!4&btvi=2&fsb=1&dtd=17
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:800::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
526b0957ff033824346d7f93cb6b650a4f460f16a925df73132e33b504945eef
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla / 5.0 (Windows NT 10.0; Win64; x64) AppleWebKit / 537.36 (KHTML, comme Gecko) Chrome / 89.0.4389.72 Safari / 537.36

Response headers

date
Sun, 11 Apr 2021 23:48:46 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
5089
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
6476
x-xss-protection
0
server
cafe
etag
17347988568170094389
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Sun, 25 Apr 2021 23:48:46 GMT
dWyZZ95NTkx3bCoLsI9QdyybBDRaO-AWO4b94GBS7vcPMrU096awTmUs5JU_TD5N655XUG2wK42jMGEnmI-1aiv-2u2xaD3d=w720-h377-rj-pd-pc0x00e9e9e9
lh4.googleusercontent.com/proxy/ Frame 0B2C
69 KB
70 KB
Image
General
Full URL
https://lh4.googleusercontent.com/proxy/dWyZZ95NTkx3bCoLsI9QdyybBDRaO-AWO4b94GBS7vcPMrU096awTmUs5JU_TD5N655XUG2wK42jMGEnmI-1aiv-2u2xaD3d=w720-h377-rj-pd-pc0x00e9e9e9
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5952046279847815&output=html&h=134&adk=1345229423&adf=2741790649&pi=t.aa~a.229069798~rp.4&w=690&lmt=1618190015&nsk=adf09be1&rafmt=11&pwprc=1133335281&psa=0&ad_type=text_image&format=690x134&url=http%3A%2F%2Fcash-turf.com%2Findex.php&ea=0&flash=0&pra=3&wgl=1&fa=26&dt=1618190015602&bpp=1&bdt=337&idt=-M&shv=r20210406&cbv=r20190131&ptt=9&saldr=aa&abxe=1&cookie=ID%3D17add5fe4d11647a-22a6a1d57da7000f%3AT%3D1618190015%3ART%3D1618190015%3AS%3DALNI_MZy6_qpjDq87lfh8Z4TwLlnNwaepw&prev_fmts=0x0%2C728x90%2C468x60&nras=2&correlator=1618453429991&frm=20&pv=1&ga_vid=1843500999.1618190015&ga_sid=1618190015&ga_hid=1913691941&ga_fc=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=320&ady=1320&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44735931%2C44740079%2C31060566%2C44739387%2C21066612&oid=3&pvsid=1205631365048499&eae=4&fc=1792&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=23&ifi=4&uci=a!4&btvi=2&fsb=1&dtd=17
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:829::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
fife /
Resource Hash
01c40515877e5ef52a9f4599fe346fac8cb0983940d5d92c3077eff884c2db94
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla / 5.0 (Windows NT 10.0; Win64; x64) AppleWebKit / 537.36 (KHTML, comme Gecko) Chrome / 89.0.4389.72 Safari / 537.36

Response headers

date
Mon, 12 Apr 2021 01:13:35 GMT
x-content-type-options
nosniff
server
fife
vary
Origin
content-type
image/jpeg
access-control-allow-origin
*
access-control-expose-headers
Content-Length
cache-control
public, max-age=86400, no-transform
content-disposition
inline;filename="unnamed.jpg"
timing-allow-origin
*
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
70813
x-xss-protection
0
expires
Tue, 13 Apr 2021 01:13:35 GMT
ad
googleads.g.doubleclick.net/dbm/ Frame 0B2C
42 B
131 B
Fetch
General
Full URL
https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-DmTk5m3GVtyw6jLKy0RYHtTD1BWjojM13nrxTF11YaeoV4E6Gl33nN_HIdc1pX3vILmAc8h1XPGdKPa3NW-0khnoQZytcqbySvaiKSpM5JBv4L90NLRQWRfS3XLlcdSVzLVsYUVcmJUcUMoOgrAwsRvViJ7g&dbm_d=AKAmf-AIEc_O9KJ-TiOBvWl_lz71jJ6lP8Bb56n48NFjvmLW9cROEBuIOVl8FNan6ExdR3R-rJklqxvQ_ygNpX96n_jg5kAsPU5fl7w5R8UEX_7KJLuKYm23vfr0uyoSm_1WfHkNg0MW957zNsAgXPOKV1Nwg4bzn8ZTBnsm9VWPylMaBYBOaOvPnORDIutrLd9lgAhbfAxKLr3jjRArvpgPg0zufm8fE5sIk-2YOOjNC-PoWabA0aVhvaKsUBCpS7sj865NPAVjJAuIcnz8OH0CL8AGHJHPNgNJvmdbgm7sxRpI4_1xjlpG57RBYTqD7ksiCwhplUM1N-Dx6bi92Mca1hy6_bCz7myDGWqeMQUiDgxghCD_JggNjj53l6chB0S0_8Wi5D1ixkWqjMZnGXcSYjL-IrtYfA5JyT9GraKJ-6m8VScqa17Umni_3PMASohB2Oc6cxasyZWL8hIrkpgwX6PvnU-hXv2S1AF_lmGhw8ZmR5yLbb7gB26L6qQgjIz7b7ZFMWQ-iK-acNLWrLA3nx6bCJwU2jHmndihuzy__aTyaLLIxqGBJT5ZyVyCxV3zm_d0amUhsF6j6-rLYsMIMtz6_Hdl48plVjl9U4uPOb8IZiWBVxufPpGkNXx0zoLC1Wqdqboa7p84DOz2ZxRrTGa92vNHVKLkSVSjbKvdZEoc5Fz_MgzNbRDvpBjORvL7xa1n3Mx5zHUo3DGNVDjDikSHKQCtUee6o19TKhsLrAjF3iTkRJ51kxxOTDCAISjZGzFwwdtbpq7Bs9m3wekxYQighkd_ujsTIln3yHyC3WzC_Xxky0c_OC5JMSuGP5d9xOVq8JqmVQRWdziTfEb76S6j6wmRB1fYeGaoCjxerk4EBfbZ3UTmrBNrH_9wtJCA6j-MBbH-9XLbAEA1n4lcrbX5JtdQlsRP2Y6j_aJyCwn4Nop5zaMJ7Qoac3qzGNcA6GGZCLvoqsQyk3zPYIpOPMk4idD2Hae9DXma74KD2-nzUi2IokmUJY58M3qBZ9pxT4lv7KKojDK1valL2DNSs0hFt0VNngKMIAoUN7MSc1jWVKOc6HXCtes-B8EwFsei33l2qK7ws2TSd8fEob39mylmbZzpHYM-02jDwLsd4sUKze5Mkx9YAriL4pGNbv8xJ0eYwfsQvCi0StV6W2t53ZWreeXLn1_ngP4HbJe77Nl0IvdKNCEoO5wX3YKNqSY6DX1kWK41csHrANrhvvD6pPyt4_TrDfejMHjeC0gFMgffH4K12PyHKqKNbj3aby1n5PNbysXVm17JVNS7gUnz0NSkEDj_NpNKj8uER7xDldMooptQGS7ex5J4sCYyn_viOlhjmA1F0MSlbByQtCrl5Ex-275CBRotHvbZAobPkhuVIChSZCqDn8Jbe4ex5HPhQqG8puTI1p7jvl1LSj7tOf36_Bk2fuJOHM12Y4_XdDx_bhLAadj4epRjH-FIWI_dM-Pl_F4fZmqmrPOTIylRciZFBhkgnz_o0nGRo--6hknRBkS9YG2hVSGpnubiIj_jGolphOuWiyKxKpz6MNYXgNSBmOJOpDVx4XBZzIyYT4g1E0ByZ_U_yxMVXTzVDjCDMvTRpUFalBwDvh5YCtG_8bSzXZMraiondTrtmYC1pRFg8ZVAZJb4hiUJ99AlwQ-qe2JlTHvMzgtVrk9XOXDBk44n0oJYEybrGpjxNO9N0agBtGIBXcHWCVlyKZDPqUSCaiV34gKeobxRlua-_iqnLBZFmjZPQW5Ha6QB_R8flOTZtxaNkYCIeyUA5BfCC0DU67Y3D3AMYqONGIJJd_HjGqn5jYzVyG14MKhwwdkUpov4kt-jCBjMYUT7yg4hp6jObT9Jx6Hpp2AUFQ98mfpsnGSrnwdSjRqK3GxUBfChNDYBXYFCZzA3O6ThmoXe5IC3iR-4zMSbIQABrAWbvffvnCwre7D674ph5kPd6PRv5FlJ-jLeo0Ci0XwIIC9wdIsqj3dcRte_X475E-wXSo9yNowhAOpqMROP9VfKHvTSNV0h9TFdos6ENhDooSc0sqMi-TVlPqt2KEBSjLYCTO1tGAHjAGX8ipz-F5Xk-jlj5NqQfrqTNSdEpte0yiE4lQD_esv6K0tXcNBvpd9VVjbsQmK1vuEAqMVs6NqBByYouVXWvyLpnZDsEinYQ_mBQgMsTIQPCaDvna7QvDAkqdXAlgU_pLHFoAVI8Eg0QbKnvY9a6sqMQigAoI7B3drv35_NcxCTNxsVXzKGHgxQ_vASRcUhvq7wquonL4wj81gWvXqlWwhGVnc1UQzKxW3M1Cdl0ujKagybU_KFDSd7umcvy75RbLOXtnpAy2eaj-udzX2g8b4gFNGtKj03OsM_zXDwgStsSv2rIi7vsIeFbUuj_PCpmsZmGsaaES_yXdY14Grzz8NFWkCgnHaMT2hE_EqUJdoIN38OIdKMfp3JVHVzXCmdu3reCgGSv9GFzoiJi7jefLv1VXpd5ydlHwu5CvUUWAtMVKv_SU8tPRuYerUWOwmz9jsD8S-nRJWX6LtJwBdhdsqz32WaknxepmEJjzmAxQ7YItFSz7Qn1FB1rEtFfI2PYqKoPYd9jvhqkSpG-IOZImgVL8sQ4WlT18-VwnMN7K0jJ3BBsxWuPVUIL7mB-xbVdyW1Y5Yd7qG2mUTEdSkzbhD2P5OPcjXpKnbEYXB2CZ85rEBs1ySkf0oIFYUe2ObYWmpLbnAdBtSFq95oqALj1XRZsXHUJI59yheMaFGPUiicgA9D9s3hWd_Wldio1pXtUsdgHi-B5F7o0wQvVcF9YOZTSp_9uw7y9GsNnC6TVtisODq7-HGjYW3c6mDgAvkx-pqig5ytzOY4UlMf4mLlo8W7fllmzGMT6Ylx9qmC2NnDRoO9fOr2hEdCBU4HzkU0wXAouFgGnaSlFNpoUGQBL0gzyU_-2xO44BQeLMyS_vy1EoMcPUFKzRwY_agfLL3D3c98xfWBxFgPMCSgnEDxX9YQDvxDZHFFoIkIg8z1MKOjjZkkat4Ih0wcEUVjxV0XvR1nheE_8_4i7OdyiSZHa0Rbosg&cid=CAASEuRoSmul6n1McQ4D3aA7gEed6A
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5952046279847815&output=html&h=134&adk=1345229423&adf=2741790649&pi=t.aa~a.229069798~rp.4&w=690&lmt=1618190015&nsk=adf09be1&rafmt=11&pwprc=1133335281&psa=0&ad_type=text_image&format=690x134&url=http%3A%2F%2Fcash-turf.com%2Findex.php&ea=0&flash=0&pra=3&wgl=1&fa=26&dt=1618190015602&bpp=1&bdt=337&idt=-M&shv=r20210406&cbv=r20190131&ptt=9&saldr=aa&abxe=1&cookie=ID%3D17add5fe4d11647a-22a6a1d57da7000f%3AT%3D1618190015%3ART%3D1618190015%3AS%3DALNI_MZy6_qpjDq87lfh8Z4TwLlnNwaepw&prev_fmts=0x0%2C728x90%2C468x60&nras=2&correlator=1618453429991&frm=20&pv=1&ga_vid=1843500999.1618190015&ga_sid=1618190015&ga_hid=1913691941&ga_fc=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=320&ady=1320&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44735931%2C44740079%2C31060566%2C44739387%2C21066612&oid=3&pvsid=1205631365048499&eae=4&fc=1792&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=23&ifi=4&uci=a!4&btvi=2&fsb=1&dtd=17
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5952046279847815&output=html&h=134&adk=1345229423&adf=2741790649&pi=t.aa~a.229069798~rp.4&w=690&lmt=1618190015&nsk=adf09be1&rafmt=11&pwprc=1133335281&psa=0&ad_type=text_image&format=690x134&url=http%3A%2F%2Fcash-turf.com%2Findex.php&ea=0&flash=0&pra=3&wgl=1&fa=26&dt=1618190015602&bpp=1&bdt=337&idt=-M&shv=r20210406&cbv=r20190131&ptt=9&saldr=aa&abxe=1&cookie=ID%3D17add5fe4d11647a-22a6a1d57da7000f%3AT%3D1618190015%3ART%3D1618190015%3AS%3DALNI_MZy6_qpjDq87lfh8Z4TwLlnNwaepw&prev_fmts=0x0%2C728x90%2C468x60&nras=2&correlator=1618453429991&frm=20&pv=1&ga_vid=1843500999.1618190015&ga_sid=1618190015&ga_hid=1913691941&ga_fc=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=320&ady=1320&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44735931%2C44740079%2C31060566%2C44739387%2C21066612&oid=3&pvsid=1205631365048499&eae=4&fc=1792&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=23&ifi=4&uci=a!4&btvi=2&fsb=1&dtd=17
User-Agent
Mozilla / 5.0 (Windows NT 10.0; Win64; x64) AppleWebKit / 537.36 (KHTML, comme Gecko) Chrome / 89.0.4389.72 Safari / 537.36

Response headers

pragma
no-cache
date
Mon, 12 Apr 2021 01:13:35 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
adview
googleads.g.doubleclick.net/pagead/ Frame 0B2C
0
0
Fetch
General
Full URL
https://googleads.g.doubleclick.net/pagead/adview?ai=CUmnjv55zYNTrJsivgQeBvZPgCuyNgvVhrPOgtMoN8C4QASDl47cdYJUCyAEGqAMByAObBKoEvgFP0AFEeC23mhl4IZhSur5JF-mS1dY-uR7t89hQ0t9-Dnw3BVaaGp5RqZqnvIBTEOuGkZ7G-f01dTiee2fD4cPce3Eo51gIot7bXPgUl1bQ3XI6nHJ0GbGfXTjqQqVIIsu3E5IDDJHMGkdQGrt6-MycdZF1DMKXyi5l5SyVHfV0H4IjIYEqPMqmJC786tellOX0wOuJ8-s5e9X8oHfg08vgjAwNOCsEr5NUpklyDKYzFcl_Bk4QxuGLUpbtm87rwASCp-7DqwPgBAOIBZ-Wje0ukgUECAMYAZIFBggbEAEYAZIFBggdEAQYAZIFBggdEAEYAZIFBggeEAEYAZAGAaAGN4AH1IDCyQGoB9XJG6gH8NkbqAfy2RuoB47OG6gHk9gbqAe6BqgH7NUbqAfulrECqAemvhuoB-zVG9gHAfIHCRDLcxiUybKgAdIICQiA4YAQEAEYH4AKAcgLAbAT_JWHC8gT6L3NCdATANgTEIgUAdgUAbIXGgoYCAASFHB1Yi01OTUyMDQ2Mjc5ODQ3ODE1&sigh=Mtp5x17yB0o&cid=CAQSOwCNIrLMcvQ4O3yjby27m-pcJkdF0ztQFYfPIdANL9ICdd8Xecl9NhKtDhOgRO7Lr0pXMr2oFU8ImCsc&template_id=509&vt=10
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5952046279847815&output=html&h=134&adk=1345229423&adf=2741790649&pi=t.aa~a.229069798~rp.4&w=690&lmt=1618190015&nsk=adf09be1&rafmt=11&pwprc=1133335281&psa=0&ad_type=text_image&format=690x134&url=http%3A%2F%2Fcash-turf.com%2Findex.php&ea=0&flash=0&pra=3&wgl=1&fa=26&dt=1618190015602&bpp=1&bdt=337&idt=-M&shv=r20210406&cbv=r20190131&ptt=9&saldr=aa&abxe=1&cookie=ID%3D17add5fe4d11647a-22a6a1d57da7000f%3AT%3D1618190015%3ART%3D1618190015%3AS%3DALNI_MZy6_qpjDq87lfh8Z4TwLlnNwaepw&prev_fmts=0x0%2C728x90%2C468x60&nras=2&correlator=1618453429991&frm=20&pv=1&ga_vid=1843500999.1618190015&ga_sid=1618190015&ga_hid=1913691941&ga_fc=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=320&ady=1320&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44735931%2C44740079%2C31060566%2C44739387%2C21066612&oid=3&pvsid=1205631365048499&eae=4&fc=1792&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=23&ifi=4&uci=a!4&btvi=2&fsb=1&dtd=17
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
Security Headers
Name Value
Content-Security-Policy script-src 'none'; object-src 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5952046279847815&output=html&h=134&adk=1345229423&adf=2741790649&pi=t.aa~a.229069798~rp.4&w=690&lmt=1618190015&nsk=adf09be1&rafmt=11&pwprc=1133335281&psa=0&ad_type=text_image&format=690x134&url=http%3A%2F%2Fcash-turf.com%2Findex.php&ea=0&flash=0&pra=3&wgl=1&fa=26&dt=1618190015602&bpp=1&bdt=337&idt=-M&shv=r20210406&cbv=r20190131&ptt=9&saldr=aa&abxe=1&cookie=ID%3D17add5fe4d11647a-22a6a1d57da7000f%3AT%3D1618190015%3ART%3D1618190015%3AS%3DALNI_MZy6_qpjDq87lfh8Z4TwLlnNwaepw&prev_fmts=0x0%2C728x90%2C468x60&nras=2&correlator=1618453429991&frm=20&pv=1&ga_vid=1843500999.1618190015&ga_sid=1618190015&ga_hid=1913691941&ga_fc=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=320&ady=1320&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44735931%2C44740079%2C31060566%2C44739387%2C21066612&oid=3&pvsid=1205631365048499&eae=4&fc=1792&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=23&ifi=4&uci=a!4&btvi=2&fsb=1&dtd=17
User-Agent
Mozilla / 5.0 (Windows NT 10.0; Win64; x64) AppleWebKit / 537.36 (KHTML, comme Gecko) Chrome / 89.0.4389.72 Safari / 537.36

Response headers

timing-allow-origin
*
content-security-policy
script-src 'none'; object-src 'none'
x-content-type-options
nosniff
server
cafe
date
Mon, 12 Apr 2021 01:13:35 GMT
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
content-type
text/html; charset=UTF-8
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
s
googleads.g.doubleclick.net/pagead/drt/ Frame F477
143 B
220 B
Document
General
Full URL
https://googleads.g.doubleclick.net/pagead/drt/s?v=r20120211
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5952046279847815&output=html&h=134&adk=1345229423&adf=2741790649&pi=t.aa~a.229069798~rp.4&w=690&lmt=1618190015&nsk=adf09be1&rafmt=11&pwprc=1133335281&psa=0&ad_type=text_image&format=690x134&url=http%3A%2F%2Fcash-turf.com%2Findex.php&ea=0&flash=0&pra=3&wgl=1&fa=26&dt=1618190015602&bpp=1&bdt=337&idt=-M&shv=r20210406&cbv=r20190131&ptt=9&saldr=aa&abxe=1&cookie=ID%3D17add5fe4d11647a-22a6a1d57da7000f%3AT%3D1618190015%3ART%3D1618190015%3AS%3DALNI_MZy6_qpjDq87lfh8Z4TwLlnNwaepw&prev_fmts=0x0%2C728x90%2C468x60&nras=2&correlator=1618453429991&frm=20&pv=1&ga_vid=1843500999.1618190015&ga_sid=1618190015&ga_hid=1913691941&ga_fc=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=320&ady=1320&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44735931%2C44740079%2C31060566%2C44739387%2C21066612&oid=3&pvsid=1205631365048499&eae=4&fc=1792&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=23&ifi=4&uci=a!4&btvi=2&fsb=1&dtd=17
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
safe /
Resource Hash
18088c10e79c926292732af98a0ce470e90f3fbcba4bb4896ab3310c2d94e421
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

:method
GET
:authority
googleads.g.doubleclick.net
:scheme
https
:path
/pagead/drt/s?v=r20120211
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla / 5.0 (Windows NT 10.0; Win64; x64) AppleWebKit / 537.36 (KHTML, comme Gecko) Chrome / 89.0.4389.72 Safari / 537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
same-origin
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5952046279847815&output=html&h=134&adk=1345229423&adf=2741790649&pi=t.aa~a.229069798~rp.4&w=690&lmt=1618190015&nsk=adf09be1&rafmt=11&pwprc=1133335281&psa=0&ad_type=text_image&format=690x134&url=http%3A%2F%2Fcash-turf.com%2Findex.php&ea=0&flash=0&pra=3&wgl=1&fa=26&dt=1618190015602&bpp=1&bdt=337&idt=-M&shv=r20210406&cbv=r20190131&ptt=9&saldr=aa&abxe=1&cookie=ID%3D17add5fe4d11647a-22a6a1d57da7000f%3AT%3D1618190015%3ART%3D1618190015%3AS%3DALNI_MZy6_qpjDq87lfh8Z4TwLlnNwaepw&prev_fmts=0x0%2C728x90%2C468x60&nras=2&correlator=1618453429991&frm=20&pv=1&ga_vid=1843500999.1618190015&ga_sid=1618190015&ga_hid=1913691941&ga_fc=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=320&ady=1320&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44735931%2C44740079%2C31060566%2C44739387%2C21066612&oid=3&pvsid=1205631365048499&eae=4&fc=1792&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=23&ifi=4&uci=a!4&btvi=2&fsb=1&dtd=17
accept-encoding
gzip, deflate, br
accept-language
en-US
cookie
IDE=AHWqTUlGVejLKpw3bcnvQJMYnmneFTZ_fxjYTXs7xRzST531suF9DMY-azhvHUIlqWI
Upgrade-Insecure-Requests
1
User-Agent
Mozilla / 5.0 (Windows NT 10.0; Win64; x64) AppleWebKit / 537.36 (KHTML, comme Gecko) Chrome / 89.0.4389.72 Safari / 537.36
Referer
https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5952046279847815&output=html&h=134&adk=1345229423&adf=2741790649&pi=t.aa~a.229069798~rp.4&w=690&lmt=1618190015&nsk=adf09be1&rafmt=11&pwprc=1133335281&psa=0&ad_type=text_image&format=690x134&url=http%3A%2F%2Fcash-turf.com%2Findex.php&ea=0&flash=0&pra=3&wgl=1&fa=26&dt=1618190015602&bpp=1&bdt=337&idt=-M&shv=r20210406&cbv=r20190131&ptt=9&saldr=aa&abxe=1&cookie=ID%3D17add5fe4d11647a-22a6a1d57da7000f%3AT%3D1618190015%3ART%3D1618190015%3AS%3DALNI_MZy6_qpjDq87lfh8Z4TwLlnNwaepw&prev_fmts=0x0%2C728x90%2C468x60&nras=2&correlator=1618453429991&frm=20&pv=1&ga_vid=1843500999.1618190015&ga_sid=1618190015&ga_hid=1913691941&ga_fc=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=320&ady=1320&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44735931%2C44740079%2C31060566%2C44739387%2C21066612&oid=3&pvsid=1205631365048499&eae=4&fc=1792&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=23&ifi=4&uci=a!4&btvi=2&fsb=1&dtd=17

Response headers

content-type
text/html; charset=UTF-8
x-content-type-options
nosniff
content-encoding
gzip
date
Mon, 12 Apr 2021 00:41:26 GMT
server
safe
content-length
145
x-xss-protection
0
cache-control
public, max-age=3600
age
1929
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cookie_push_onload.html
pagead2.googlesyndication.com/pagead/s/ Frame 63AE
1 KB
854 B
Document
General
Full URL
https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5952046279847815&output=html&h=134&adk=1345229423&adf=2741790649&pi=t.aa~a.229069798~rp.4&w=690&lmt=1618190015&nsk=adf09be1&rafmt=11&pwprc=1133335281&psa=0&ad_type=text_image&format=690x134&url=http%3A%2F%2Fcash-turf.com%2Findex.php&ea=0&flash=0&pra=3&wgl=1&fa=26&dt=1618190015602&bpp=1&bdt=337&idt=-M&shv=r20210406&cbv=r20190131&ptt=9&saldr=aa&abxe=1&cookie=ID%3D17add5fe4d11647a-22a6a1d57da7000f%3AT%3D1618190015%3ART%3D1618190015%3AS%3DALNI_MZy6_qpjDq87lfh8Z4TwLlnNwaepw&prev_fmts=0x0%2C728x90%2C468x60&nras=2&correlator=1618453429991&frm=20&pv=1&ga_vid=1843500999.1618190015&ga_sid=1618190015&ga_hid=1913691941&ga_fc=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=320&ady=1320&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44735931%2C44740079%2C31060566%2C44739387%2C21066612&oid=3&pvsid=1205631365048499&eae=4&fc=1792&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=23&ifi=4&uci=a!4&btvi=2&fsb=1&dtd=17
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
9a9b7fb32e01fd70747f32efdbd0472fd681c85eebb0c42d10c7a514820a0062
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

:method
GET
:authority
pagead2.googlesyndication.com
:scheme
https
:path
/pagead/s/cookie_push_onload.html
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla / 5.0 (Windows NT 10.0; Win64; x64) AppleWebKit / 537.36 (KHTML, comme Gecko) Chrome / 89.0.4389.72 Safari / 537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://googleads.g.doubleclick.net/
accept-encoding
gzip, deflate, br
accept-language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla / 5.0 (Windows NT 10.0; Win64; x64) AppleWebKit / 537.36 (KHTML, comme Gecko) Chrome / 89.0.4389.72 Safari / 537.36
Referer
https://googleads.g.doubleclick.net/

Response headers

p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
timing-allow-origin
*
cross-origin-resource-policy
cross-origin
vary
Accept-Encoding
date
Sun, 11 Apr 2021 03:14:09 GMT
expires
Mon, 12 Apr 2021 03:14:09 GMT
content-type
text/html; charset=UTF-8
etag
48472445140208031
x-content-type-options
nosniff
content-encoding
gzip
server
cafe
content-length
724
x-xss-protection
0
age
79166
cache-control
public, max-age=86400
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
KFOlCnqEu92Fr1MmEU9fBBc-.woff
fonts.gstatic.com/s/roboto/v27/ Frame 0B2C
20 KB
20 KB
Font
General
Full URL
https://fonts.gstatic.com/s/roboto/v27/KFOlCnqEu92Fr1MmEU9fBBc-.woff
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto:300,400,500,700&lang=fr
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80f::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
bd811625271acca47f7dac48b460f13e08ee947b2a8e17e278c4d5ccb5d9323c
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Origin
https://googleads.g.doubleclick.net
Referer
https://fonts.googleapis.com/
User-Agent
Mozilla / 5.0 (Windows NT 10.0; Win64; x64) AppleWebKit / 537.36 (KHTML, comme Gecko) Chrome / 89.0.4389.72 Safari / 537.36

Response headers

date
Mon, 05 Apr 2021 21:24:13 GMT
x-content-type-options
nosniff
last-modified
Mon, 05 Apr 2021 21:10:39 GMT
server
sffe
age
532162
content-type
font/woff
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
20532
x-xss-protection
0
expires
Tue, 05 Apr 2022 21:24:13 GMT
dpixel
cms.quantserve.com/ Frame 63AE
35 B
399 B
Image
General
Full URL
https://cms.quantserve.com/dpixel?a=p-n5vvLvRdjg0ek&eid=0&qc_google_push=&google_gid=CAESEABYdw_u5qf2JJL2T2hn1lk&google_cver=1&google_push=AQvitUJLqpDowaq5OVwVGXnP9LKl2b_jQSGeftBNt5i1CXTeKFXQGZnzX1yya8RxNYv5PWQyHmFvBXsYzsUulYNTiar3yCpUu-KF
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5952046279847815&output=html&h=134&adk=1345229423&adf=2741790649&pi=t.aa~a.229069798~rp.4&w=690&lmt=1618190015&nsk=adf09be1&rafmt=11&pwprc=1133335281&psa=0&ad_type=text_image&format=690x134&url=http%3A%2F%2Fcash-turf.com%2Findex.php&ea=0&flash=0&pra=3&wgl=1&fa=26&dt=1618190015602&bpp=1&bdt=337&idt=-M&shv=r20210406&cbv=r20190131&ptt=9&saldr=aa&abxe=1&cookie=ID%3D17add5fe4d11647a-22a6a1d57da7000f%3AT%3D1618190015%3ART%3D1618190015%3AS%3DALNI_MZy6_qpjDq87lfh8Z4TwLlnNwaepw&prev_fmts=0x0%2C728x90%2C468x60&nras=2&correlator=1618453429991&frm=20&pv=1&ga_vid=1843500999.1618190015&ga_sid=1618190015&ga_hid=1913691941&ga_fc=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=320&ady=1320&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44735931%2C44740079%2C31060566%2C44739387%2C21066612&oid=3&pvsid=1205631365048499&eae=4&fc=1792&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=23&ifi=4&uci=a!4&btvi=2&fsb=1&dtd=17
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2620:116:800d:21:51e4:db4b:4436:b305 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
/
Resource Hash
a0d3a0aff7dc3bf32d2176fc3dcda6e7aba2867c4f4d1f7af6355d2cfc6c44f8

Request headers

Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla / 5.0 (Windows NT 10.0; Win64; x64) AppleWebKit / 537.36 (KHTML, comme Gecko) Chrome / 89.0.4389.72 Safari / 537.36

Response headers

pragma
no-cache
date
Mon, 12 Apr 2021 01:13:35 GMT
cache-control
private, no-cache, no-store, proxy-revalidate
content-type
image/gif
p3p
CP="NOI DSP COR NID CURa ADMa DEVa PSAo PSDo OUR SAMa IND COM NAV"
content-length
35
expires
Fri, 04 Aug 1978 12:00:00 GMT
pixel
cm.g.doubleclick.net/ Frame 63AE
Redirect Chain
  • https://pixel.everesttech.net/1/m?url=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Deverest%26google_hm%3D__EFGSURFER_USB64__%26google_push%3DAQvitUJt88W7PigYFeaowTvHxROSZnGeHfr5RYXGvTG...
  • https://cm.g.doubleclick.net/pixel?google_nid=everest&google_hm=WUhPZXZ3QUFCQ0dAbWxoMA&google_push=AQvitUJt88W7PigYFeaowTvHxROSZnGeHfr5RYXGvTGGWyiVrxwfqOAJdnXbzox8c-ccYolIUBU2-witSX9DYsGCjK5W7dhlbfuS
170 B
232 B
Image
General
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=everest&google_hm=WUhPZXZ3QUFCQ0dAbWxoMA&google_push=AQvitUJt88W7PigYFeaowTvHxROSZnGeHfr5RYXGvTGGWyiVrxwfqOAJdnXbzox8c-ccYolIUBU2-witSX9DYsGCjK5W7dhlbfuS
Requested by
Host: cash-turf.com
URL: http://cash-turf.com/index.php
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.185.66 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s48-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla / 5.0 (Windows NT 10.0; Win64; x64) AppleWebKit / 537.36 (KHTML, comme Gecko) Chrome / 89.0.4389.72 Safari / 537.36

Response headers

pragma
no-cache
date
Mon, 12 Apr 2021 01:13:35 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Location
https://cm.g.doubleclick.net/pixel?google_nid=everest&google_hm=WUhPZXZ3QUFCQ0dAbWxoMA&google_push=AQvitUJt88W7PigYFeaowTvHxROSZnGeHfr5RYXGvTGGWyiVrxwfqOAJdnXbzox8c-ccYolIUBU2-witSX9DYsGCjK5W7dhlbfuS
Date
Mon, 12 Apr 2021 01:13:35 GMT
Server
Apache
Connection
keep-alive
Content-Length
391
Content-Type
text/html; charset=iso-8859-1
pixel
cm.g.doubleclick.net/ Frame 63AE
Redirect Chain
  • https://rtb.openx.net/sync/dds?google_gid=CAESEBLuZvKw5pGuw5sWvymcD0A&google_cver=1&google_push=AQvitUJ4EqwFppq44XRsY1qWkTX02YWLPHCln_boa86VnTdYE6IueK9Rh0NyAaWtCiFddunfnDEnQ9fuAcCuPVxcwrdYEJTsspM
  • https://rtb.openx.net/sync/dds?google_gid=CAESEBLuZvKw5pGuw5sWvymcD0A&google_cver=1&google_push=AQvitUJ4EqwFppq44XRsY1qWkTX02YWLPHCln_boa86VnTdYE6IueK9Rh0NyAaWtCiFddunfnDEnQ9fuAcCuPVxcwrdYEJTsspM&o...
  • https://cm.g.doubleclick.net/pixel?google_nid=open&google_push=AQvitUJ4EqwFppq44XRsY1qWkTX02YWLPHCln_boa86VnTdYE6IueK9Rh0NyAaWtCiFddunfnDEnQ9fuAcCuPVxcwrdYEJTsspM
170 B
232 B
Image
General
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=open&google_push=AQvitUJ4EqwFppq44XRsY1qWkTX02YWLPHCln_boa86VnTdYE6IueK9Rh0NyAaWtCiFddunfnDEnQ9fuAcCuPVxcwrdYEJTsspM
Requested by
Host: cash-turf.com
URL: http://cash-turf.com/index.php
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.185.66 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s48-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla / 5.0 (Windows NT 10.0; Win64; x64) AppleWebKit / 537.36 (KHTML, comme Gecko) Chrome / 89.0.4389.72 Safari / 537.36

Response headers

pragma
no-cache
date
Mon, 12 Apr 2021 01:13:35 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma
no-cache
date
Mon, 12 Apr 2021 01:13:35 GMT
via
1.1 google
server
Cowboy
access-control-allow-origin
null
vary
Origin
p3p
CP="CUR ADM OUR NOR STA NID"
location
https://cm.g.doubleclick.net/pixel?google_nid=open&google_push=AQvitUJ4EqwFppq44XRsY1qWkTX02YWLPHCln_boa86VnTdYE6IueK9Rh0NyAaWtCiFddunfnDEnQ9fuAcCuPVxcwrdYEJTsspM
access-control-expose-headers
cache-control
private, max-age=0, no-cache, must-revalidate
access-control-allow-credentials
true
alt-svc
clear
content-length
0
x-request-id
19j8afipo3fjjumb5redlr1vei6g5arh
UCookieSetPug
image6.pubmatic.com/AdServer/ Frame 63AE
Redirect Chain
  • https://image6.pubmatic.com/AdServer/UCookieSetPug?oid=1&rd=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dpmeb%26google_sc%3D1%26google_hm%3D%23%23B64_16B_PM_UID%26google_redir%3Dhttps%...
  • https://image6.pubmatic.com/AdServer/UCookieSetPug?oid=1&rd=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dpmeb%26google_sc%3D1%26google_hm%3D%23%23B64_16B_PM_UID%26google_redir%3Dhttps%...
0
240 B
Image
General
Full URL
https://image6.pubmatic.com/AdServer/UCookieSetPug?oid=1&rd=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dpmeb%26google_sc%3D1%26google_hm%3D%23%23B64_16B_PM_UID%26google_redir%3Dhttps%25253A%25252F%25252Fimage8.pubmatic.com%25252FAdServer%25252FImgSync%25253Fsec%25253D1%252526p%25253D156578%252526mpc%25253D4%252526fp%25253D1%252526pu%25253Dhttps%2525253A%2525252F%2525252Fimage4.pubmatic.com%2525252FAdServer%2525252FSPug%2525253Fp%2525253D156578%25252526sc%2525253D1&google_gid=CAESEM3YJ_YUiBHs34H0X7Rv64E&google_cver=1&google_push=AQvitUJ-gINwXW7j1Fkd8tpA-9TU_0xpJ99o0e5Huf0oWFzHlLwdfCuuma2DyMVXns2ZobAgzC1m9i0aZEgDQY_H8cBNhMCT_yY&rdf=1
Requested by
Host: cash-turf.com
URL: http://cash-turf.com/index.php
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.64.189.115 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla / 5.0 (Windows NT 10.0; Win64; x64) AppleWebKit / 537.36 (KHTML, comme Gecko) Chrome / 89.0.4389.72 Safari / 537.36

Response headers

Date
Mon, 12 Apr 2021 01:13:35 GMT
P3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
Content-Length
0
Content-Type
text/html; charset=UTF-8

Redirect headers

Location
/AdServer/UCookieSetPug?oid=1&rd=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dpmeb%26google_sc%3D1%26google_hm%3D%23%23B64_16B_PM_UID%26google_redir%3Dhttps%25253A%25252F%25252Fimage8.pubmatic.com%25252FAdServer%25252FImgSync%25253Fsec%25253D1%252526p%25253D156578%252526mpc%25253D4%252526fp%25253D1%252526pu%25253Dhttps%2525253A%2525252F%2525252Fimage4.pubmatic.com%2525252FAdServer%2525252FSPug%2525253Fp%2525253D156578%25252526sc%2525253D1&google_gid=CAESEM3YJ_YUiBHs34H0X7Rv64E&google_cver=1&google_push=AQvitUJ-gINwXW7j1Fkd8tpA-9TU_0xpJ99o0e5Huf0oWFzHlLwdfCuuma2DyMVXns2ZobAgzC1m9i0aZEgDQY_H8cBNhMCT_yY&rdf=1
Date
Mon, 12 Apr 2021 01:13:34 GMT
P3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
Content-Length
0
Content-Type
text/html; charset=UTF-8
pixel
cm.g.doubleclick.net/ Frame 63AE
Redirect Chain
  • https://pixel.rubiconproject.com/exchange/sync.php?p=dfp&google_gid=CAESEMEzRMWpWSzzh9rSWnJ_FM8&google_cver=1&google_push=AQvitULXQl6EK7ghprRIPQwWUJvhWpDRazxtDyn0OzvQw31AhcTMPjx7DtQxwttyXoWYB7JeQF3...
  • https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=S05EV0paQ0MtMTEtQ0hFSA==&google_push=AQvitULXQl6EK7ghprRIPQwWUJvhWpDRazxtDyn0OzvQw31AhcTMPjx7DtQxwttyXoWYB7JeQF3e3d1aVDvQqTpMLwLEu3AsqSiC
170 B
329 B
Image
General
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=S05EV0paQ0MtMTEtQ0hFSA==&google_push=AQvitULXQl6EK7ghprRIPQwWUJvhWpDRazxtDyn0OzvQw31AhcTMPjx7DtQxwttyXoWYB7JeQF3e3d1aVDvQqTpMLwLEu3AsqSiC
Requested by
Host: cash-turf.com
URL: http://cash-turf.com/index.php
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.185.66 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s48-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla / 5.0 (Windows NT 10.0; Win64; x64) AppleWebKit / 537.36 (KHTML, comme Gecko) Chrome / 89.0.4389.72 Safari / 537.36

Response headers

pragma
no-cache
date
Mon, 12 Apr 2021 01:13:35 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Pragma
no-cache
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Location
https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=S05EV0paQ0MtMTEtQ0hFSA==&google_push=AQvitULXQl6EK7ghprRIPQwWUJvhWpDRazxtDyn0OzvQw31AhcTMPjx7DtQxwttyXoWYB7JeQF3e3d1aVDvQqTpMLwLEu3AsqSiC
Cache-Control
no-cache,no-store,must-revalidate
Content-Type
text/html
content-length
0
X-RPHost
a66cbf3142c6ef39e3614b84a34262cf
Expires
0
pixel
cm.g.doubleclick.net/ Frame 63AE
Redirect Chain
  • https://ssum-sec.casalemedia.com/usermatchredir?s=184023&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dindex%26google_hm%3D&google_gid=CAESEFLd1CtvowDfr8LdawAY22g&google_cver=1&googl...
  • https://ssum-sec.casalemedia.com/usermatchredir?cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dindex%26google_hm%3D&google_cver=1&google_gid=CAESEFLd1CtvowDfr8LdawAY22g&google_push=AQ...
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YHOev2B61c0JE8t9Xm7zTQAABK0AAAIB&google_gid=CAESEFLd1CtvowDfr8LdawAY22g&google_push=AQvitUJJE9s1BN8Ggl9DzbOAOf5E8Jnebw6IfqB8zLGqyXVVnP0...
170 B
484 B
Image
General
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YHOev2B61c0JE8t9Xm7zTQAABK0AAAIB&google_gid=CAESEFLd1CtvowDfr8LdawAY22g&google_push=AQvitUJJE9s1BN8Ggl9DzbOAOf5E8Jnebw6IfqB8zLGqyXVVnP0LyDGSP0LFgB7nuX1Ou4n8SDDOcVkccpkm9LNIljGO6XR41ZzR&google_cver=1
Requested by
Host: cash-turf.com
URL: http://cash-turf.com/index.php
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
142.250.185.66 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s48-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla / 5.0 (Windows NT 10.0; Win64; x64) AppleWebKit / 537.36 (KHTML, comme Gecko) Chrome / 89.0.4389.72 Safari / 537.36

Response headers

pragma
no-cache
date
Mon, 12 Apr 2021 01:13:36 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Pragma
no-cache
Date
Mon, 12 Apr 2021 01:13:35 GMT
Server
Apache
P3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Location
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YHOev2B61c0JE8t9Xm7zTQAABK0AAAIB&google_gid=CAESEFLd1CtvowDfr8LdawAY22g&google_push=AQvitUJJE9s1BN8Ggl9DzbOAOf5E8Jnebw6IfqB8zLGqyXVVnP0LyDGSP0LFgB7nuX1Ou4n8SDDOcVkccpkm9LNIljGO6XR41ZzR&google_cver=1
Cache-Control
max-age=0, no-cache, no-store
Connection
keep-alive
Content-Type
text/html; charset=iso-8859-1
Content-Length
460
Expires
Mon, 12 Apr 2021 01:13:35 GMT
trk
ag.innovid.com/ Frame 63AE
43 B
295 B
Image
General
Full URL
https://ag.innovid.com/trk?tid=11711&google_gid=CAESEAglK9JkiObZBr4fmigd698&google_cver=1&google_push=AQvitUJcqz3M21I3KP98zQ9yXq8Lygz5ZT9LRnMWyfTDinen_w61ViNWsAGQ1lx_a65l2allMKJEagaB3wtI0OSrPmT9fzZFXYaD
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5952046279847815&output=html&h=134&adk=1345229423&adf=2741790649&pi=t.aa~a.229069798~rp.4&w=690&lmt=1618190015&nsk=adf09be1&rafmt=11&pwprc=1133335281&psa=0&ad_type=text_image&format=690x134&url=http%3A%2F%2Fcash-turf.com%2Findex.php&ea=0&flash=0&pra=3&wgl=1&fa=26&dt=1618190015602&bpp=1&bdt=337&idt=-M&shv=r20210406&cbv=r20190131&ptt=9&saldr=aa&abxe=1&cookie=ID%3D17add5fe4d11647a-22a6a1d57da7000f%3AT%3D1618190015%3ART%3D1618190015%3AS%3DALNI_MZy6_qpjDq87lfh8Z4TwLlnNwaepw&prev_fmts=0x0%2C728x90%2C468x60&nras=2&correlator=1618453429991&frm=20&pv=1&ga_vid=1843500999.1618190015&ga_sid=1618190015&ga_hid=1913691941&ga_fc=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=320&ady=1320&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44735931%2C44740079%2C31060566%2C44739387%2C21066612&oid=3&pvsid=1205631365048499&eae=4&fc=1792&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=23&ifi=4&uci=a!4&btvi=2&fsb=1&dtd=17
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2a05:d01c:1d8:8101:ac20:41f1:bf24:9b3 London, United Kingdom, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
/
Resource Hash
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla / 5.0 (Windows NT 10.0; Win64; x64) AppleWebKit / 537.36 (KHTML, comme Gecko) Chrome / 89.0.4389.72 Safari / 537.36

Response headers

pragma
no-cache
date
Mon, 12 Apr 2021 01:13:35 GMT
cache-control
no-cache
content-type
image/gif
content-length
43
request-time
1
expires
-1
attr
cm.g.doubleclick.net/pixel/ Frame 63AE
0
236 B
Image
General
Full URL
https://cm.g.doubleclick.net/pixel/attr?d=AHNF13KvS4oWfZIqIIFDa3FViSaT-hnOk_-xxSkvvc0Xq5kY5MrsIgdYUK3-zbGruRW2VTea6T5Y
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5952046279847815&output=html&h=134&adk=1345229423&adf=2741790649&pi=t.aa~a.229069798~rp.4&w=690&lmt=1618190015&nsk=adf09be1&rafmt=11&pwprc=1133335281&psa=0&ad_type=text_image&format=690x134&url=http%3A%2F%2Fcash-turf.com%2Findex.php&ea=0&flash=0&pra=3&wgl=1&fa=26&dt=1618190015602&bpp=1&bdt=337&idt=-M&shv=r20210406&cbv=r20190131&ptt=9&saldr=aa&abxe=1&cookie=ID%3D17add5fe4d11647a-22a6a1d57da7000f%3AT%3D1618190015%3ART%3D1618190015%3AS%3DALNI_MZy6_qpjDq87lfh8Z4TwLlnNwaepw&prev_fmts=0x0%2C728x90%2C468x60&nras=2&correlator=1618453429991&frm=20&pv=1&ga_vid=1843500999.1618190015&ga_sid=1618190015&ga_hid=1913691941&ga_fc=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=320&ady=1320&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44735931%2C44740079%2C31060566%2C44739387%2C21066612&oid=3&pvsid=1205631365048499&eae=4&fc=1792&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=23&ifi=4&uci=a!4&btvi=2&fsb=1&dtd=17
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.185.66 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s48-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla / 5.0 (Windows NT 10.0; Win64; x64) AppleWebKit / 537.36 (KHTML, comme Gecko) Chrome / 89.0.4389.72 Safari / 537.36

Response headers

date
Mon, 12 Apr 2021 01:13:35 GMT
server
HTTP server (unknown)
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
content-type
text/html
si
googleads.g.doubleclick.net/pagead/drt/ Frame F477
Redirect Chain
  • https://www.google.com/pagead/drt/ui
  • https://googleads.g.doubleclick.net/pagead/drt/si
0
99 B
Document
General
Full URL
https://googleads.g.doubleclick.net/pagead/drt/si
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5952046279847815&output=html&h=134&adk=1345229423&adf=2741790649&pi=t.aa~a.229069798~rp.4&w=690&lmt=1618190015&nsk=adf09be1&rafmt=11&pwprc=1133335281&psa=0&ad_type=text_image&format=690x134&url=http%3A%2F%2Fcash-turf.com%2Findex.php&ea=0&flash=0&pra=3&wgl=1&fa=26&dt=1618190015602&bpp=1&bdt=337&idt=-M&shv=r20210406&cbv=r20190131&ptt=9&saldr=aa&abxe=1&cookie=ID%3D17add5fe4d11647a-22a6a1d57da7000f%3AT%3D1618190015%3ART%3D1618190015%3AS%3DALNI_MZy6_qpjDq87lfh8Z4TwLlnNwaepw&prev_fmts=0x0%2C728x90%2C468x60&nras=2&correlator=1618453429991&frm=20&pv=1&ga_vid=1843500999.1618190015&ga_sid=1618190015&ga_hid=1913691941&ga_fc=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=320&ady=1320&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44735931%2C44740079%2C31060566%2C44739387%2C21066612&oid=3&pvsid=1205631365048499&eae=4&fc=1792&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=23&ifi=4&uci=a!4&btvi=2&fsb=1&dtd=17
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
safe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

:method
GET
:authority
googleads.g.doubleclick.net
:scheme
https
:path
/pagead/drt/si
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla / 5.0 (Windows NT 10.0; Win64; x64) AppleWebKit / 537.36 (KHTML, comme Gecko) Chrome / 89.0.4389.72 Safari / 537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://googleads.g.doubleclick.net/
accept-encoding
gzip, deflate, br
accept-language
en-US
cookie
IDE=AHWqTUlGVejLKpw3bcnvQJMYnmneFTZ_fxjYTXs7xRzST531suF9DMY-azhvHUIlqWI
Upgrade-Insecure-Requests
1
User-Agent
Mozilla / 5.0 (Windows NT 10.0; Win64; x64) AppleWebKit / 537.36 (KHTML, comme Gecko) Chrome / 89.0.4389.72 Safari / 537.36
Referer
https://googleads.g.doubleclick.net/pagead/drt/s?v=r20120211

Response headers

p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
content-type
text/html; charset=UTF-8
x-content-type-options
nosniff
date
Mon, 12 Apr 2021 01:13:35 GMT
server
safe
content-length
0
x-xss-protection
0
set-cookie
DSID=NO_DATA; expires=Mon, 12-Apr-2021 02:13:35 GMT; path=/; domain=.doubleclick.net; Secure; HttpOnly
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
expires
Mon, 12 Apr 2021 01:13:35 GMT
cache-control
private

Redirect headers

location
https://googleads.g.doubleclick.net/pagead/drt/si
cache-control
private
content-type
text/html; charset=UTF-8
x-content-type-options
nosniff
date
Mon, 12 Apr 2021 01:13:35 GMT
server
safe
content-length
246
x-xss-protection
0
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
sodar
pagead2.googlesyndication.com/getconfig/
7 KB
6 KB
XHR
General
Full URL
https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gda&tv=r20210406&st=env
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/r20210406/r20190131/show_ads_impl_with_ama.js?client=ca-pub-5952046279847815&plah=cash-turf.com&amaexp=1
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
dcadcdd94908e9ba0c17010306da0fc8b98dfd4334deb0d3e0f737b5bc983756
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
http://cash-turf.com/
User-Agent
Mozilla / 5.0 (Windows NT 10.0; Win64; x64) AppleWebKit / 537.36 (KHTML, comme Gecko) Chrome / 89.0.4389.72 Safari / 537.36

Response headers

timing-allow-origin
*
date
Mon, 12 Apr 2021 01:13:36 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin
*
cache-control
private
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
application/json; charset=UTF-8
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
5413
x-xss-protection
0
sodar2.js
tpc.googlesyndication.com/sodar/
17 KB
6 KB
Script
General
Full URL
https://tpc.googlesyndication.com/sodar/sodar2.js
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/r20210406/r20190131/show_ads_impl_with_ama.js?client=ca-pub-5952046279847815&plah=cash-turf.com&amaexp=1
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:800::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
c61a719b48533a1fa932729f4927ba1377a96c441b0d6a427096b867742b4645
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
http://cash-turf.com/
User-Agent
Mozilla / 5.0 (Windows NT 10.0; Win64; x64) AppleWebKit / 537.36 (KHTML, comme Gecko) Chrome / 89.0.4389.72 Safari / 537.36

Response headers

date
Mon, 12 Apr 2021 01:13:36 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
sffe
etag
"1616005470650935"
vary
Accept-Encoding
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
6437
x-xss-protection
0
expires
Mon, 12 Apr 2021 01:13:36 GMT
runner.html
tpc.googlesyndication.com/sodar/sodar2/222/ Frame 6595
12 KB
5 KB
Document
General
Full URL
https://tpc.googlesyndication.com/sodar/sodar2/222/runner.html
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:800::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
6836719899bda27cd22c1551cb7fbfc33fb0bbbedaa89e4baa8715fef8202cbc
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

:method
GET
:authority
tpc.googlesyndication.com
:scheme
https
:path
/sodar/sodar2/222/runner.html
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla / 5.0 (Windows NT 10.0; Win64; x64) AppleWebKit / 537.36 (KHTML, comme Gecko) Chrome / 89.0.4389.72 Safari / 537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
http://cash-turf.com/
accept-encoding
gzip, deflate, br
accept-language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla / 5.0 (Windows NT 10.0; Win64; x64) AppleWebKit / 537.36 (KHTML, comme Gecko) Chrome / 89.0.4389.72 Safari / 537.36
Referer
http://cash-turf.com/

Response headers

accept-ranges
bytes
vary
Accept-Encoding
content-encoding
gzip
content-type
text/html
cross-origin-resource-policy
cross-origin
content-length
5022
date
Sun, 11 Apr 2021 21:28:46 GMT
expires
Mon, 11 Apr 2022 21:28:46 GMT
last-modified
Wed, 20 Jan 2021 19:23:06 GMT
x-content-type-options
nosniff
server
sffe
x-xss-protection
0
cache-control
public, max-age=31536000
age
13490
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
a74bF7Ic5CBW1aosBuj8eoKhYrAWlol44TA9bSLv35M.js
pagead2.googlesyndication.com/bg/ Frame 6595
21 KB
8 KB
Script
General
Full URL
https://pagead2.googlesyndication.com/bg/a74bF7Ic5CBW1aosBuj8eoKhYrAWlol44TA9bSLv35M.js
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2/222/runner.html
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
6bbe1b17b21ce42056d5aa2c06e8fc7a82a162b016968978e1303d6d22efdf93
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla / 5.0 (Windows NT 10.0; Win64; x64) AppleWebKit / 537.36 (KHTML, comme Gecko) Chrome / 89.0.4389.72 Safari / 537.36

Response headers

date
Wed, 07 Apr 2021 18:01:59 GMT
content-encoding
br
x-content-type-options
nosniff
last-modified
Wed, 24 Mar 2021 17:18:00 GMT
server
sffe
age
371497
vary
Accept-Encoding
content-type
text/javascript
cache-control
public, max-age=31536000
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
7894
x-xss-protection
0
expires
Thu, 07 Apr 2022 18:01:59 GMT
gen_204
pagead2.googlesyndication.com/pagead/
0
111 B
Image
General
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar2&v=222&t=2&li=gda_r20210406&jk=1205631365048499&bg=!gYKlgsbNAAbpMg-a6TI7ACkAdvg8Wv3s29Y7WmzNrEXNQ7npQhT2InjryzyRNuB99DaluXOMGWyPwwIAAABLUgAAAA1oAQcKAbiFpVuRXmEzozlqwQ64VI2G8xF0b7NK0w9nPZsqIMV-a4Dbz6I9jai-cA5ePLA9QJlAU7A6bfD0NbEZBqnO6i1D7UMfff6sZjblem6vRdnKcCnwmml5FUobcvHxP3WvgwMi7PIRJ97n-dBheYaMacXA4dNMo2QqKNghGFA2NKIb-Bgv4L-FehbpIXKK-rNOCqnMPOIC6kl5-Cu-YHRHgb2X1HShi8WQG8-7ui2TKMhdNi3M3ihhfBpFH33To3f6XsEMHQAbSX4oE6xd8O6QX8I1ujsx6Wujw7WLnGLZdVswErzkAQDL69PMENl4yVWDWu7uTcMgvpz5vKePOcbwTdyAG45bnaM5uYiajo_sP-nJlQh3gtW7tXcG2gKltPVHiEWXQ4pXYyk4oP7WtllHkpf-tFWzMfCQx56Q6cTd5q9uy4EhrW76MNt5HQg19vALLr_4k055_Cy6M6MpJcUeK-V4ErEfy5lYnNUuaL-BNVxhpUJpK3fSuCt5rT-jHXzn2tgmfYFyRH2sMCV5ImuN4IO9ORa9nqLEEDR3ZGkum4GZCJ_cpkA6Dg_IrRoBw4z9_FLR66z-EUPP5pkBbNSbcyxbaOjDpiWulS32yzfvjkMFhWNXspST6B_yJMWR-kBiG_I3iztkcFX4EQimyGalyuGePLpGyYw26euv0sK-PlDYEd_n86scDM3wiMx9kWiLKkHMBjyz30eEMPEB-fyLsM960DoZ_pSI5wJphJPUu7B8TAJqm_8uIDGqXG3oLyZOP3jwQyNOKHF2b8OBFhdBrNu9ILCJtFzAtYCREys09JMvjEahy-MzXJotTZpvJ8shPsfjRs6Ua9kD7qvi6KC4IA9zv1sR3i1vwBPlq1JF1bErhpzqdEWpftHnf_tpTQNz4KziWg3Db-u9hdBbMmBjyeK-Fba1noEA0HaIBBFeLgziXXa-VPuxdKqkuVLCJiniZ3UQM_a56xNGFdgB3agPceM4Ek0oRNYuvuRCd-8Fpk_9J_8QBOmgaWaoah4EzOqLx867UrbaaoEphF018R_9QytmTL2dZ0DKbGnhSIRVgosWQ-cdgd3PRKE
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
http://cash-turf.com/
User-Agent
Mozilla / 5.0 (Windows NT 10.0; Win64; x64) AppleWebKit / 537.36 (KHTML, comme Gecko) Chrome / 89.0.4389.72 Safari / 537.36

Response headers

pragma
no-cache
date
Mon, 12 Apr 2021 01:13:36 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain
paris-hippique.fr
URL
http://paris-hippique.fr/img/logo.gif
Domain
paris-media.dturfd.com
URL
http://paris-media.dturfd.com/logo1.gif

Verdicts & Comments Add Verdict or Comment

51 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| 0 object| 1 object| 2 object| 3 object| 4 object| 5 object| 6 object| ontransitionrun object| ontransitionstart object| ontransitioncancel object| trustedTypes boolean| crossOriginIsolated object| adsbygoogle object| google_js_reporting_queue number| google_srt object| google_ad_modifications object| google_logging_queue object| ggeac boolean| google_measure_js_timing object| google_reactive_ads_global_state boolean| _gfp_a_ object| google_sa_queue object| google_sl_win function| google_process_slots function| google_spfd number| google_unique_id object| google_sv_map number| google_lpabyc function| Goog_AdSense_getAdAdapterInstance function| Goog_AdSense_OsdAdapter function| google_sa_impl object| google_persistent_state_async object| __google_ad_urls number| google_global_correlator number| __google_ad_urls_id object| googleToken object| googleIMState boolean| _gfp_p_ function| processGoogleToken object| google_prev_clients object| gaGlobal object| google_jobrunner object| ampInaboxIframes object| ampInaboxPendingMessages boolean| google_osd_loaded boolean| google_onload_fired function| Goog_Osd_UnloadAdBlock function| Goog_Osd_UpdateElementToMeasure function| google_osd_amcb object| GoogleGcLKhOms object| google_image_requests

2 Cookies

Domain/Path Name / Value
.doubleclick.net/ Name: IDE
Value: AHWqTUlGVejLKpw3bcnvQJMYnmneFTZ_fxjYTXs7xRzST531suF9DMY-azhvHUIlqWI
.cash-turf.com/ Name: __gads
Value: ID=17add5fe4d11647a-22a6a1d57da7000f:T=1618190015:RT=1618190015:S=ALNI_MZy6_qpjDq87lfh8Z4TwLlnNwaepw

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

adservice.google.com
adservice.google.de
ag.innovid.com
alphaturf.cash-turf.com
cash-turf.com
clippss.free.fr
cm.g.doubleclick.net
cms.quantserve.com
encrypted-tbn0.gstatic.com
fonts.googleapis.com
fonts.gstatic.com
gif.toutimages.com
googleads.g.doubleclick.net
hippoturf.cash-turf.com
image6.pubmatic.com
joturf.cash-turf.com
lafleurduturf.lynxux.com
lh4.googleusercontent.com
pagead2.googlesyndication.com
paris-hippique.fr
paris-media.dturfd.com
paris-media.lynxux.com
partner.googleadservices.com
pixel.everesttech.net
pixel.rubiconproject.com
pronotip.legendehippique.com
rtb.openx.net
ssum-sec.casalemedia.com
tpc.googlesyndication.com
www.google.com
www.googletagservices.com
www.icone-gif.com
www.prono-multi.com
paris-hippique.fr
paris-media.dturfd.com
142.250.185.66
178.20.65.241
185.64.189.115
185.98.131.138
185.98.131.150
185.98.131.151
194.150.236.203
212.27.63.110
216.58.212.162
23.218.208.246
2620:116:800d:21:51e4:db4b:4436:b305
2a00:1450:4001:800::2001
2a00:1450:4001:800::200a
2a00:1450:4001:80f::2002
2a00:1450:4001:80f::2003
2a00:1450:4001:810::2002
2a00:1450:4001:811::2002
2a00:1450:4001:813::2002
2a00:1450:4001:813::2004
2a00:1450:4001:828::2002
2a00:1450:4001:829::2001
2a00:1450:4001:82b::2002
2a00:1450:4001:82b::200e
2a05:d01c:1d8:8101:ac20:41f1:bf24:9b3
35.186.253.211
62.210.16.62
63.33.127.66
69.173.144.138
01c40515877e5ef52a9f4599fe346fac8cb0983940d5d92c3077eff884c2db94
07b4550b62e11753f53e1337fddb3dedaa0c1109410a2b787dc1dbbf59fd4061
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
0c2b8deb48608ab564d3745730214e24e960bf99687ef434a9ff617dae4b640a
12a84d53232f26ad8feb3dab55e480195520c092b9a8dc87baca96c7390d919b
1674672918fb834c381cecef1d3ff69d497bccfd9d5837ba8b1bfd0b09eca03f
18088c10e79c926292732af98a0ce470e90f3fbcba4bb4896ab3310c2d94e421
1d8d624f73091758dc07c455a57a0d6cdcb27f91dc93d9e568b9e708c6a7500f
23c061e7d440b7804c374dae567e47162a04cacc44e35b5c35065629d8f2b3ce
2697fc2d90a0beffad557c8abbef728bfbedc419565ea2f11b6a4a2d85d23b55
2e717074cc5b23a4ec8c5d446bc20b1bc6b2eb325b791e08b6b3fd8be1b64da6
2eb9c1a2e1927a4a870db4ed50fa7f1b239413f7c9bd47c94482307be208bfa2
312118b040f5507c025a081de4ebdc40c42be2addc08c8e93dd75cb25469ee28
3204e875e6af9f19ac6db6e4d19eced980f537f354291d822028638fdf6f18a6
3ea30e9f88ab936b453c70c14067cb8c7288ae6fa8d64f03d47940f647627587
3f1881b9d3e8b5fbbf396915e875bd99f6b4a81f291a01291d1b805d6d82583d
4669362dc60cbfb4e261a73e6e56a215f77259002105dec557616a5c1355db38
47ca3399a0374e0000dc8faa6061fc9e1a12dec801feb98866b74f8204cc7478
4b54b19ccfd56ae78c1c78df3333f08e6c0e7d57d0de82a23380de62ebe4a1cc
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49
526b0957ff033824346d7f93cb6b650a4f460f16a925df73132e33b504945eef
52f76f5e4767a2708614add46689a2eb23cb5a1414610e7c920a83e5dde5a1a4
54464c5ad5e7ec0da5c8cb07df56974e6453c0c4dfdd814676a16c2970d0b8fd
62d7f2753e206e218bc728166795bd012e2fa4bda913dd7d5d071bb51abe3303
65b60f6faeaec07af187d9bf2134a56ea387e19efc7c86e45c8602888fe53a5a
6836719899bda27cd22c1551cb7fbfc33fb0bbbedaa89e4baa8715fef8202cbc
6bbe1b17b21ce42056d5aa2c06e8fc7a82a162b016968978e1303d6d22efdf93
6cb50d4d9169e4d8010efbd0d1d24fcaf9d00a0a2e8678a03071789220101692
6e18ba4f01dc7dd94a5ca4d40da8cc0732221be22cd3ac2b79560e1a67ca61d1
6ebc2a3ed60b866e1f1f9be7ead6ae78fa8bcbe175dcdc6b356e7c4df4637b9a
6f9cb22213a67a303f4c5d62205883141d914502e64bc14ede0548dc36abde56
749a719a90d34b9fcf52aa353aa5d9ff179cf3c2e8870bd963c83d93ddba8e70
76d6a7cf6cd0d672a21b38a3a4c10e020eb0ba6adb81ef01d9119a0a967771a5
7ac9f2a08a65ed835018e5ba3723b2a992219bad353526c94b334f295ba14da9
7fd59024b6ca83f11f7a3448ec148309a13b705725716df134f699e60a96eb1b
84ac38d1c32933cecdc6f3c08050f009cfd324962201162c7ddb60c7478d411d
89e589ba16700f2d177267d1bc77d1a5ee163b6a7accf3f98b91f9431ddb24be
9a9b7fb32e01fd70747f32efdbd0472fd681c85eebb0c42d10c7a514820a0062
9d4385ce3067fb0d01ce98d3040ca4c7e064274d8ae240235b872e6ceef660b3
a0d3a0aff7dc3bf32d2176fc3dcda6e7aba2867c4f4d1f7af6355d2cfc6c44f8
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
a5cb642ef22434a24612329870579fbb272cb9fa7475360035596ea56fb0431a
b0a6085280a321d88acf998db304a7a63d3328d241ca17e97ae5861caef31172
b488fabdbfc159af4453e264714805991d302b4db2eb3e84b17fd4a86894515b
b4c49f695c5f31177b6a859137bc08aef1dbb72b6df47592d6de1087c033a439
b64050576e612443e7dbecf837711e846c12c029f41d3de3a6e8cac16ca09037
bd811625271acca47f7dac48b460f13e08ee947b2a8e17e278c4d5ccb5d9323c
c61a719b48533a1fa932729f4927ba1377a96c441b0d6a427096b867742b4645
cc5ea9180f4560cff5d241f00d892a346d4cbe5ceb5d34497f08bd0343f6d858
ce1a048fb4048f736f5e05ed5f1fd0c26efe4a674bade79c2bfe25d4867b54fa
dc06752c513eadd87eda989ac9a02b2beafd4750446dae94a15d126c47004e42
dcadcdd94908e9ba0c17010306da0fc8b98dfd4334deb0d3e0f737b5bc983756
deba6eee76043f3f0a8949fd96e52b751248e6dad7c033c355962d4d7d886bf2
df3ed75c538b78a3fa132f87d28bb41a60700609184b358c54190a811af29e37
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e4bb6a715d5d02fa2ba688b01ebd6e72821b736f0e2eae5d4dd9225657edb144
e54f932cdfaf3ccfb9ae7524b67c230a19beeb54e9bdaed266a74e0e668843c8
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
fb11db612c490208456e9fd348d705a294caa23a5008da5c781ccff62b0a98b3
fbb660c37ceb1738feed748f1e07ce5bbaffa192d8350063ba2f523d0b527631
fc12a1f1fb43018508513723cc58fd924f1f20c9e9300f3e4ae06bb8145a38c5
fd6f5ab9c160e4ba72887ccf510cfa88d0cf0f60aa2b8b0dce46aae8a63b00e2