www.victoireturf.ht.cx Open in urlscan Pro
5.135.149.81 Public Scan

Go To Rescan
Add Verdict Report

URL:
http://www.victoireturf.ht.cx/
Submission: On February 13 via manual (February 13th 2024, 1:38:08 am UTC) from GA — Scanned from FR

Summary HTTP 91 Redirects Behaviour Indicators

Summary

This website contacted 21 IPs in 5 countries across 18 domains to perform 91 HTTP transactions. The main IP is 5.135.149.81, located in Le Chesnay, France and belongs to OVH, FR. The main domain is www.victoireturf.ht.cx.

This is the only time www.victoireturf.ht.cx was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
10	5.135.149.81 5.135.149.81	16276 (OVH) (OVH)
8	194.150.236.179 194.150.236.179	() ()
16	2a00:1450:400... 2a00:1450:4001:82b::2002	15169 (GOOGLE) (GOOGLE)
1	194.150.236.236 194.150.236.236	44976 (HIWIT_AS) (HIWIT_AS)
4	185.119.26.1 185.119.26.1	203544 (WEBDEVIIN-AS) (WEBDEVIIN-AS)
1 3	91.198.105.122 91.198.105.122	35393 (EURO-WEB-AS) (EURO-WEB-AS)
4	2a00:1450:400... 2a00:1450:4001:82a::2002	15169 (GOOGLE) (GOOGLE)
2	2a00:1450:400... 2a00:1450:4001:810::2008	15169 (GOOGLE) (GOOGLE)
1 2	52.48.174.31 52.48.174.31	16509 (AMAZON-02) (AMAZON-02)
7	2a00:1450:400... 2a00:1450:4001:828::2001	15169 (GOOGLE) (GOOGLE)
1	142.250.185.70 142.250.185.70	15169 (GOOGLE) (GOOGLE)
4	37.157.5.84 37.157.5.84	198622 (ADFORM) (ADFORM)
1	2600:9000:204... 2600:9000:2046:8200:8:48e:53c0:93a1	16509 (AMAZON-02) (AMAZON-02)
9	2600:1f13:800... 2600:1f13:800:7780:6827:f78a:7ed8:a42	16509 (AMAZON-02) (AMAZON-02)
13	37.157.2.250 37.157.2.250	198622 (ADFORM) (ADFORM)
1 2	91.216.195.7 91.216.195.7	12516 (WEBORAMA ...) (WEBORAMA Weborama provides Internet Services)
1	2a00:1450:400... 2a00:1450:4001:811::200a	15169 (GOOGLE) (GOOGLE)
1	2606:4700::68... 2606:4700::6811:180e	13335 (CLOUDFLAR...) (CLOUDFLARENET)
2	2a00:1450:400... 2a00:1450:4001:831::2003	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:812::2004	15169 (GOOGLE) (GOOGLE)
91	21

10 5.135.149.81 (Le Chesnay, France)

ASN16276 (OVH, FR)
PTR: web3.venez.net

www.victoireturf.ht.cx	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
www.venez.fr	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

8 194.150.236.179 (France)

ASN- ()
PTR: ns19.hiwit.net

www.bazireturf.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

16 2a00:1450:4001:82b::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

pagead2.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 194.150.236.236 (France)

ASN44976 (HIWIT_AS, FR)
PTR: ns76.hiwit.net

www.tresorturf.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 185.119.26.1 (France)

ASN203544 (WEBDEVIIN-AS, FR)
PTR: 1.26.119.185.in-addr.arpa

payment.allopass.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 91.198.105.122 (France) 1 redirects

ASN35393 (EURO-WEB-AS, FR)

www.gambling-affiliation.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
static.gambling-affiliation.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2a00:1450:4001:82a::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

googleads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:810::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.googletagmanager.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 52.48.174.31 (Dublin, Ireland) 1 redirects

ASN16509 (AMAZON-02, US)
PTR: ec2-52-48-174-31.eu-west-1.compute.amazonaws.com

fw.adsafeprotected.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

7 2a00:1450:4001:828::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

tpc.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 142.250.185.70 (United States)

ASN15169 (GOOGLE, US)
PTR: fra16s48-in-f6.1e100.net

ad.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 37.157.5.84 (Denmark)

ASN198622 (ADFORM, DK)

track.adform.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2600:9000:2046:8200:8:48e:53c0:93a1 (United States)

ASN16509 (AMAZON-02, US)

static.adsafeprotected.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

9 2600:1f13:800:7780:6827:f78a:7ed8:a42 (Boardman, United States)

ASN16509 (AMAZON-02, US)

dt.adsafeprotected.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

13 37.157.2.250 (Denmark)

ASN198622 (ADFORM, DK)

s1.adform.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 91.216.195.7 (France) 1 redirects

ASN12516 (WEBORAMA Weborama provides Internet Services, FR)
PTR: std-collect-lb-c03-02-vip.weborama.fr

edf.solution.weborama.fr	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:811::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700::6811:180e (United States)

ASN13335 (CLOUDFLARENET, US)

cdnjs.cloudflare.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:831::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:812::2004 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
23	googlesyndication.com pagead2.googlesyndication.com — Cisco Umbrella Rank: 114 tpc.googlesyndication.com — Cisco Umbrella Rank: 160	392 KB
17	adform.net track.adform.net — Cisco Umbrella Rank: 5283 s1.adform.net — Cisco Umbrella Rank: 11041	83 KB
12	adsafeprotected.com 1 redirects fw.adsafeprotected.com — Cisco Umbrella Rank: 829 static.adsafeprotected.com — Cisco Umbrella Rank: 625 dt.adsafeprotected.com — Cisco Umbrella Rank: 630	107 KB
8	bazireturf.com www.bazireturf.com	237 KB
7	venez.fr www.venez.fr	9 KB
5	doubleclick.net googleads.g.doubleclick.net — Cisco Umbrella Rank: 35 ad.doubleclick.net — Cisco Umbrella Rank: 157	36 KB
4	allopass.com payment.allopass.com	11 KB
3	gambling-affiliation.com 1 redirects www.gambling-affiliation.com static.gambling-affiliation.com	213 KB
3	ht.cx www.victoireturf.ht.cx	3 KB
2	gstatic.com fonts.gstatic.com	44 KB
2	weborama.fr 1 redirects edf.solution.weborama.fr — Cisco Umbrella Rank: 464684	1 KB
2	googletagmanager.com www.googletagmanager.com — Cisco Umbrella Rank: 37	158 KB
1	google.com www.google.com — Cisco Umbrella Rank: 2	1 KB
1	cloudflare.com cdnjs.cloudflare.com — Cisco Umbrella Rank: 223	35 KB
1	googleapis.com fonts.googleapis.com — Cisco Umbrella Rank: 31	898 B
1	tresorturf.com www.tresorturf.com	7 KB
0	genhit.com Failed jmbazire.genhit.com Failed
0	duvaldestin.com Failed www.duvaldestin.com Failed
91	18

	Domain	Requested by
16	pagead2.googlesyndication.com	www.victoireturf.ht.cx pagead2.googlesyndication.com googleads.g.doubleclick.net tpc.googlesyndication.com
13	s1.adform.net	fw.adsafeprotected.com s1.adform.net www.victoireturf.ht.cx
9	dt.adsafeprotected.com	googleads.g.doubleclick.net
8	www.bazireturf.com	www.victoireturf.ht.cx www.bazireturf.com
7	tpc.googlesyndication.com	googleads.g.doubleclick.net tpc.googlesyndication.com pagead2.googlesyndication.com
7	www.venez.fr	www.victoireturf.ht.cx www.venez.fr
4	track.adform.net	googleads.g.doubleclick.net s1.adform.net
4	googleads.g.doubleclick.net	pagead2.googlesyndication.com googleads.g.doubleclick.net
4	payment.allopass.com	www.bazireturf.com payment.allopass.com
3	www.victoireturf.ht.cx	www.victoireturf.ht.cx
2	fonts.gstatic.com	fonts.googleapis.com
2	edf.solution.weborama.fr	1 redirects googleads.g.doubleclick.net
2	fw.adsafeprotected.com	1 redirects googleads.g.doubleclick.net
2	www.googletagmanager.com	payment.allopass.com www.googletagmanager.com
2	www.gambling-affiliation.com	1 redirects www.bazireturf.com
1	www.google.com	tpc.googlesyndication.com
1	cdnjs.cloudflare.com	s1.adform.net
1	fonts.googleapis.com	s1.adform.net
1	static.adsafeprotected.com	googleads.g.doubleclick.net
1	ad.doubleclick.net	googleads.g.doubleclick.net
1	static.gambling-affiliation.com	www.bazireturf.com
1	www.tresorturf.com	www.bazireturf.com
0	jmbazire.genhit.com Failed	www.bazireturf.com
0	www.duvaldestin.com Failed	www.bazireturf.com
91	24

This site contains no links.

Subject Issuer	Validity	Valid
venez.fr R3	`2023-12-04` - `2024-03-03`	3 months	crt.sh
*.allopass.com Sectigo RSA Domain Validation Secure Server CA	`2023-10-06` - `2024-10-07`	a year	crt.sh
*.g.doubleclick.net GTS CA 1C3	`2024-01-09` - `2024-04-02`	3 months	crt.sh
*.google-analytics.com GTS CA 1C3	`2024-01-09` - `2024-04-02`	3 months	crt.sh
static.gambling-affiliation.com Gandi RSA Domain Validation Secure Server CA 3	`2023-08-31` - `2024-08-31`	a year	crt.sh
fw.adsafeprotected.com Amazon RSA 2048 M02	`2023-03-29` - `2024-04-27`	a year	crt.sh
tpc.googlesyndication.com GTS CA 1C3	`2024-01-09` - `2024-04-02`	3 months	crt.sh
*.doubleclick.net GTS CA 1C3	`2024-01-09` - `2024-04-02`	3 months	crt.sh
static.adsafeprotected.com Amazon RSA 2048 M02	`2023-07-07` - `2024-08-04`	a year	crt.sh
dt.adsafeprotected.com Amazon RSA 2048 M01	`2023-05-09` - `2024-06-06`	a year	crt.sh
track.adform.net DigiCert Global G2 TLS RSA SHA256 2020 CA1	`2023-09-06` - `2024-09-19`	a year	crt.sh
upload.video.google.com GTS CA 1C3	`2024-01-09` - `2024-04-02`	3 months	crt.sh
sni.cloudflaressl.com Cloudflare Inc ECC CA-3	`2023-07-03` - `2024-07-02`	a year	crt.sh
*.gstatic.com GTS CA 1C3	`2024-01-09` - `2024-04-02`	3 months	crt.sh
www.google.com GTS CA 1C3	`2024-01-09` - `2024-04-02`	3 months	crt.sh

This page contains 14 frames:

Primary Page: http://www.victoireturf.ht.cx/
Frame ID: F70AD7ED3ACDB73636C3540B4693C622
Requests: 1 HTTP requests in this frame

Frame: http://www.victoireturf.ht.cx/barre-victoireturf.ht.cx.html
Frame ID: 99181CE709D57C705376F611ADDFABDF
Requests: 9 HTTP requests in this frame

Frame: http://www.bazireturf.com/turf/victoireturf/
Frame ID: ED2E86205B9F141737782C7282EFC821
Requests: 19 HTTP requests in this frame

Frame: http://www.victoireturf.ht.cx/stats-victoireturf.ht.cx.html
Frame ID: 96C8CD324B2062DFE6324178320F14BA
Requests: 1 HTTP requests in this frame

Frame: https://www.venez.fr/alternate-barre.htm
Frame ID: C9E06DF5EB29A3C18927E4987984A375
Requests: 4 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/html/r20240208/r20190131/zrt_lookup_fy2021.html
Frame ID: E29EFC624B279BC6AC5652B5D6210A3D
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5203714787387788&output=html&h=90&slotname=4563536207&adk=2647235303&adf=3604715433&pi=t.ma~as.4563536207&w=970&format=970x90&url=http%3A%2F%2Fwww.victoireturf.ht.cx%2F&wgl=1&dt=1707788284550&bpp=2&bdt=338&idt=209&shv=r20240208&mjsv=m202402010101&ptt=9&saldr=aa&correlator=8097472923101&frm=23&ife=1&pv=2&ga_vid=1992698968.1707788285&ga_sid=1707788285&ga_hid=1878795983&ga_fc=0&nhd=1&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&adx=20&ady=0&biw=1600&bih=1200&isw=1600&ish=90&ifk=628767178&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44808397%2C42531705%2C95324581%2C95320870%2C95324155%2C95324160%2C95324266&oid=2&pvsid=3396814919795606&tmod=2106271464&uas=0&nvt=1&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C90&vis=1&rsz=o%7Co%7CaeE%7C&abl=NA&pfx=0&fu=4&bc=23&bz=1&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=1&uci=1.arz5rae2q91f&fsb=1&dtd=217
Frame ID: E759C2FBEDCE9F281E733992553D026D
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/xbbe/pixel?d=CNyuyAIQlYPNrwMY77b4ggIwAQ&v=APEucNVaJ_3sg1UOvGaN5ArjMPCYccP6IDLjpjF0zNzXxpNU4Pr67sKSmdVZovJkWqJzmlVjX_bw7hLZwVZpoBma0e2Q36TxcCYssBGPa_OEl7D_5IDjzv3xvX_k6_N10jk8GMkKrLB4SIjg5zvP4YWdXhyRQKP9ahi_ISpt10At0jg_7zw7Asg
Frame ID: 2A0A00DADD2A4DB59E5C7F619C9DA03C
Requests: 1 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/pagead/js/dv3.js
Frame ID: 0B7F305BEC86526348B677085E5E6E63
Requests: 31 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/62bHydCX.html
Frame ID: B69F744899704D4AEEFC4EDE2E1D7A2F
Requests: 3 HTTP requests in this frame

Frame: https://static.adsafeprotected.com/sca.17.6.2.js
Frame ID: C253B8D57FEBBB36407893A07FC6AA5D
Requests: 1 HTTP requests in this frame

Frame: https://s1.adform.net/Banners/Elements/Files/2009362/14143317/14143317.js?ADFassetID=14143317&bv=257
Frame ID: 38469C1BE079490246B7A4AD375E8474
Requests: 15 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Frame ID: 6E279AF78C28C716489539F417B77E4A
Requests: 3 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/aframe
Frame ID: 216CAAE7A4DD9FD728986A0F5A5D1112
Requests: 2 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

VICTOIRE TURF

Detected technologies

Bootstrap (Web Frameworks) Expand

Overall confidence: 100%
Detected patterns

bootstrap(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)[^>]*?(?:\.min)?\.js

GSAP (JavaScript frameworks) Expand

Overall confidence: 100%
Detected patterns

TweenMax(?:\.min)?\.js

Google AdSense (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

googlesyndication\.com/

Google Tag Manager (Tag Managers) Expand

Overall confidence: 100%
Detected patterns

googletagmanager\.com/gtm\.js

Page Statistics

91
Requests

80 %
HTTPS

50 %
IPv6

18
Domains

24
Subdomains

21
IPs

5
Countries

1337 kB
Transfer

2847 kB
Size

15
Cookies

0 Outgoing links

These are links going to different origins than the main page.

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 16

http://www.gambling-affiliation.com/cpm/v=2XpOgQhHyD2kUb3iTi6.4ZuSowGhDeeywC6TRWnXlH-yGy88.tSXpu-7IufP2hxImxLWo8Ujm4EP.-9CPIbtBw__&s= HTTP 301
https://www.gambling-affiliation.com/cpm/v=2XpOgQhHyD2kUb3iTi6.4ZuSowGhDeeywC6TRWnXlH-yGy88.tSXpu-7IufP2hxImxLWo8Ujm4EP.-9CPIbtBw__&s=

Request Chain 47

https://fw.adsafeprotected.com/rfw/track.adform.net/1914784/77641194/adfscript/?bn=70610326;click=https://googleads.g.doubleclick.net/dbm/clk?sa=L&ai=CdZNM_MfKZYrrMI-rnsEPspCbiAu_lYLUddCM9LTBEvAuEAEgorr-AmD74YWDnAqgAfyTgMooyAEJqQLSwtrldg-yPqgDAcgDmwSqBO0BT9DohN-yzg8682ki6_96nSgk2zQ3VKsM7xZet1O_GqPkdhqFX37zuPVGHKsKxsou-asOWaA4GOcY_H4_2FTESf55XfPM94PUVJ_hyzO98bFNyvmWwqzRXMpqSJVM3-ANsf7V83W68ORQnky16c80vn-wu7D0kL5qEXgRIQ1-P1TCvZMuqufGPGi7Y93PDExOy7Fmaq_mX089ULM0t0XlKA4g6aa6Fy03qlMIcd_iPejITqufqTUv7SQtEgXrz5DosqurUBRWFBnknJAI2zb8vmQcMZAbhE-pjG8U34FNo2MEDLXK6zw8L6YI8flqwATI5L_WmQTgBAOIBY7Rov9BkAYBoAZNgAf8y9CpA6gH2baxAqgHjs4bqAeT2BuoB-6WsQKoB_6esQKoB9XJG6gHpr4bqAeaBqgH89EbqAeW2BuoB6qbsQKoB4OtsQKoB_-esQKoB9-fsQLYBwDSCCYIgOGAEBABGB8yAqoCOgmAQICAhICAhAhIvf3BOljmosSQl6eEA4AKAZgLAcgLAYAMAaoNAkZSsBO9lNIW2BMD2BQB0BUB-BYBgBcB&ae=1&num=1&cid=CAQSTwAvHhf_1R37mnPN0njtHP9Q9GePUmH3ckm-6OOdLY5xHUoRGfQ3PshE-Nf-xUUmc5JzxH0ZEagoLu252gSKiu2_7i2gW9r_Y-snSaMCHtEYAQ&sig=AOD64_3PTapqDhTSGZTmao5CYzFpXifRgQ&client=ca-pub-5203714787387788&dbm_c=AKAmf-DyaAdvdw9uJx6u79c5cgiJxDVmQs93qP-Dir-RTZn_bZhmprxH3vezW-k-YPwlJoJBPpMXnQ0enviKQbuWcfKlfEwobU2OVvHFLRPLtPQmHvrMsDY9vz2-1Zwjgt4l66qmYJ1GwYiTHuVY-6b9LIJ9igX4LLtzQ1hJf2ZFNDmstGXAA4M&cry=1&dbm_d=AKAmf-DpgNoR5GTqxND3IsdXcsZqBaLNpv8KwCXId6k0sONLcH3ew46M1UDXM0gJ31M79wkT3sh96ulaTNnfGQ5v7MFeeJV7L-dM1T9A2R8scvWbRsXqlv1diUakR8p85tz_Do6Cxz01LBLDtHqltWA6cgVYD866AMJ0xw7njtLQJHpz-VouJ0kojg52jcK_RA4R7iwfXCqY60q5kJS5d1NloBZHm81ACa3pDeIPPAUWe4PQ3hdYmG2VkGsFueA7eQl-Pw_fq1LjzDoZ_5tke50pxlGEGc70W81Wh0XDmU_7HYIDmMHTWvbbMWzcd_xRUJI8DLQ-8-MvH8fuGIEJLe1dpQNKwM_HlADOzqEV-YQwebgAe2dhS80JmhSsE6THW9NDfqsERuSSl3cj9wAxbRB38R49CFw_ppZC_N4fZ4J1UZFaY9cafXp7_59NsKrh-IHbBnUnfwZliNZE2sgjMgLwqqtI3VjagUn1SoUPuFVWoHf6WmQSmJMvqyBN9-jG8gTFO65mL4XOUn6004xhOyOXcEYJh8QLDM25j9s0ekYdscYDWCfxK4ZFEeacY6XCQlRJdt11mS__&adurl=&adsafe_url=http%3A%2F%2Fwww.victoireturf.ht.cx&adsafe_type=g&adsafe_url=http%3A%2F%2Fwww.victoireturf.ht.cx%2F&adsafe_type=c&adsafe_url=https%3A%2F%2Fgoogleads.g.doubleclick.net%2F&adsafe_type=f&adsafe_url=https%3A%2F%2Fgoogleads.g.doubleclick.net%2Fpagead%2Fads%3Fclient%3Dca-pub-5203714787387788%26output%3Dhtml%26h%3D90%26slotname%3D4563536207%26adk%3D2647235303%26adf%3D3604715433%26pi%3Dt.ma~as.4563536207%26w%3D970%26format%3D970x90%26url%3Dhttp%253A%252F%252Fwww.victoireturf.ht.cx%252F%26wgl%3D1%26dt%3D1707788284550%26bpp%3D2%26bdt%3D338%26idt%3D209%26shv%3Dr20240208%26mjsv%3Dm202402010101%26ptt%3D9%26saldr%3Daa%26correlator%3D8097472923101%26frm%3D23%26ife%3D1%26pv%3D2%26ga_vid%3D1992698968.1707788285%26ga_sid%3D1707788285%26ga_hid%3D1878795983%26ga_fc%3D0%26nhd%3D1%26u_tz%3D60%26u_his%3D2%26u_h%3D1200%26u_w%3D1600%26u_ah%3D1200%26u_aw%3D1600%26u_cd%3D24%26u_sd%3D1%26adx%3D20%26ady%3D0%26biw%3D1600%26bih%3D1200%26isw%3D1600%26ish%3D90%26ifk%3D628767178%26scr_x%3D0%26scr_y%3D0%26eid%3D44759876%252C44759927%252C44808397%252C42531705%252C95324581%252C95320870%252C95324155%252C95324160%252C95324266%26oid%3D2%26pvsid%3D3396814919795606%26tmod%3D2106271464%26uas%3D0%26nvt%3D1%26fc%3D640%26brdim%3D0%252C0%252C0%252C0%252C1600%252C0%252C1600%252C1200%252C1600%252C90%26vis%3D1%26rsz%3Do%257Co%257CaeE%257C%26abl%3DNA%26pfx%3D0%26fu%3D4%26bc%3D23%26bz%3D1%26psd%3DW251bGwsbnVsbCxudWxsLDNd%26ifi%3D1%26uci%3D1.arz5rae2q91f%26fsb%3D1%26dtd%3D217&adsafe_type=bed&adsafe_jsinfo=,id:e6f293a7-86ea-1d01-a64c-9cc6c9d7ffe9,c:444oP7,sl:outOfView,em:true,fr:false,thd:1,mn:jsserver-primary-574dd564c-87z8j,rg:ie,pt:1-5-15,wc:0.0.1600.1200,ac:NaN.NaN.728.90,am:i,cc:NaN.NaN.728.90,piv:0,obst:0,th:0,reas:r,mu:10000,br:c,bru:c,an:n,oam:0,scm:qktrf1.rHRbA1.kfMms1,mtim:2,mot:0,app:0,maw:0,tdt:s,fm:u47TBv7+111%7C112%7C1131*.1914784-77641194%7C11311%7C11312%7C12%7C13,idMap:1131*,ex:e2,pl:CV8L.VEBo.0YtC,rmeas:1,rend:0,renddet:svg.us,es:0,sc:1,ha:1,fgad:1,fif:0,gmnp:0,for:0,b11:0,cnod:1,gm:0,tt:rjss,et:13,oid:8876ab8a-ca10-11ee-bc70-e6a5cd574989,v:19.8.483,sp:0,st:0,fwm:0,wr:1600.1200,sr:1600.1200,ov:0 HTTP 302
https://track.adform.net/adfscript/?bn=70610326;click=https://googleads.g.doubleclick.net/dbm/clk?sa=L&ai=CdZNM_MfKZYrrMI-rnsEPspCbiAu_lYLUddCM9LTBEvAuEAEgorr-AmD74YWDnAqgAfyTgMooyAEJqQLSwtrldg-yPqgDAcgDmwSqBO0BT9DohN-yzg8682ki6_96nSgk2zQ3VKsM7xZet1O_GqPkdhqFX37zuPVGHKsKxsou-asOWaA4GOcY_H4_2FTESf55XfPM94PUVJ_hyzO98bFNyvmWwqzRXMpqSJVM3-ANsf7V83W68ORQnky16c80vn-wu7D0kL5qEXgRIQ1-P1TCvZMuqufGPGi7Y93PDExOy7Fmaq_mX089ULM0t0XlKA4g6aa6Fy03qlMIcd_iPejITqufqTUv7SQtEgXrz5DosqurUBRWFBnknJAI2zb8vmQcMZAbhE-pjG8U34FNo2MEDLXK6zw8L6YI8flqwATI5L_WmQTgBAOIBY7Rov9BkAYBoAZNgAf8y9CpA6gH2baxAqgHjs4bqAeT2BuoB-6WsQKoB_6esQKoB9XJG6gHpr4bqAeaBqgH89EbqAeW2BuoB6qbsQKoB4OtsQKoB_-esQKoB9-fsQLYBwDSCCYIgOGAEBABGB8yAqoCOgmAQICAhICAhAhIvf3BOljmosSQl6eEA4AKAZgLAcgLAYAMAaoNAkZSsBO9lNIW2BMD2BQB0BUB-BYBgBcB&ae=1&num=1&cid=CAQSTwAvHhf_1R37mnPN0njtHP9Q9GePUmH3ckm-6OOdLY5xHUoRGfQ3PshE-Nf-xUUmc5JzxH0ZEagoLu252gSKiu2_7i2gW9r_Y-snSaMCHtEYAQ&sig=AOD64_3PTapqDhTSGZTmao5CYzFpXifRgQ&client=ca-pub-5203714787387788&dbm_c=AKAmf-DyaAdvdw9uJx6u79c5cgiJxDVmQs93qP-Dir-RTZn_bZhmprxH3vezW-k-YPwlJoJBPpMXnQ0enviKQbuWcfKlfEwobU2OVvHFLRPLtPQmHvrMsDY9vz2-1Zwjgt4l66qmYJ1GwYiTHuVY-6b9LIJ9igX4LLtzQ1hJf2ZFNDmstGXAA4M&cry=1&dbm_d=AKAmf-DpgNoR5GTqxND3IsdXcsZqBaLNpv8KwCXId6k0sONLcH3ew46M1UDXM0gJ31M79wkT3sh96ulaTNnfGQ5v7MFeeJV7L-dM1T9A2R8scvWbRsXqlv1diUakR8p85tz_Do6Cxz01LBLDtHqltWA6cgVYD866AMJ0xw7njtLQJHpz-VouJ0kojg52jcK_RA4R7iwfXCqY60q5kJS5d1NloBZHm81ACa3pDeIPPAUWe4PQ3hdYmG2VkGsFueA7eQl-Pw_fq1LjzDoZ_5tke50pxlGEGc70W81Wh0XDmU_7HYIDmMHTWvbbMWzcd_xRUJI8DLQ-8-MvH8fuGIEJLe1dpQNKwM_HlADOzqEV-YQwebgAe2dhS80JmhSsE6THW9NDfqsERuSSl3cj9wAxbRB38R49CFw_ppZC_N4fZ4J1UZFaY9cafXp7_59NsKrh-IHbBnUnfwZliNZE2sgjMgLwqqtI3VjagUn1SoUPuFVWoHf6WmQSmJMvqyBN9-jG8gTFO65mL4XOUn6004xhOyOXcEYJh8QLDM25j9s0ekYdscYDWCfxK4ZFEeacY6XCQlRJdt11mS__&adurl=

Request Chain 57

https://edf.solution.weborama.fr/fcgi-bin/dispatch.fcgi?a.A=im&a.si=4343&a.te=1442&a.he=1&a.wi=1&a.hr=p&gdpr=&gdpr_consent=&a.ycp=2871878630498478796&a.ra=84463 HTTP 302
https://edf.solution.weborama.fr/fcgi-bin/dispatch.fcgi?g.bo=OK&g.rn=197289&a.A=im&a.si=4343&a.te=1442&a.he=1&a.wi=1&a.hr=p&gdpr=&gdpr_consent=&a.ycp=2871878630498478796&a.ra=84463

91 HTTP transactions
1 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H/1.1 200
OK Primary Request / Show response
www.victoireturf.ht.cx/ 3 KB
1 KB 103ms
26ms Document
text/html 5.135.149.81
OVH

General

Check archive.org

Show headers Download Go to

Full URL: http://www.victoireturf.ht.cx/
Protocol: HTTP/1.1
Server: 5.135.149.81 Le Chesnay, France, ASN16276 (OVH, FR),
Reverse DNS: web3.venez.net
Software: Apache /
Resource Hash: 5cb72016b6c5a745d9243bea38f54450864f41db68d454c0cd8589c1a597f773

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36
accept-language: fr-FR,fr;q=0.9

Response headers

Connection: Keep-Alive
Content-Encoding: gzip
Content-Length: 1094
Content-Type: text/html; charset=iso-8859-1
Date: Tue, 13 Feb 2024 01:38:03 GMT
Keep-Alive: timeout=5, max=100
Server: Apache
Vary: Accept-Encoding

GET
H/1.1 200
OK barre-victoireturf.ht.cx.html Show response
www.victoireturf.ht.cx/ Frame 9918 3 KB
2 KB 116ms
116ms Document
text/html 5.135.149.81
OVH

General

Check archive.org

Show headers Download Go to

Full URL: http://www.victoireturf.ht.cx/barre-victoireturf.ht.cx.html
Requested by: Host: www.victoireturf.ht.cx
URL: http://www.victoireturf.ht.cx/
Protocol: HTTP/1.1
Server: 5.135.149.81 Le Chesnay, France, ASN16276 (OVH, FR),
Reverse DNS: web3.venez.net
Software: Apache /
Resource Hash: 03270b32942d980ebd040c07bd47e525d9fa8f1e73ebd92d0b6f4222788ebd1b

Request headers

Referer: http://www.victoireturf.ht.cx/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36
accept-language: fr-FR,fr;q=0.9

Response headers

Cache-Control: no-store, no-cache, must-revalidate post-check=0, pre-check=0
Connection: Keep-Alive
Content-Encoding: gzip
Content-Length: 1499
Content-Type: text/html; charset=ISO-8859-1
Date: Tue, 13 Feb 2024 01:38:03 GMT
Expires: Tue, 13 Feb 2024 01:38:04 GMT
Keep-Alive: timeout=5, max=99
Last-Modified: Tue, 13 Feb 2024 01:38:04 GMT
Pragma: no-cache
Server: Apache
Vary: Accept-Encoding

GET
H/1.1 200
OK / Show response
www.bazireturf.com/turf/victoireturf/ Frame ED2E 13 KB
14 KB 273ms
195ms Document
text/html 194.150.236.179

General

Check archive.org

Show headers Download Go to

Full URL: http://www.bazireturf.com/turf/victoireturf/
Requested by: Host: www.victoireturf.ht.cx
URL: http://www.victoireturf.ht.cx/
Protocol: HTTP/1.1
Server: 194.150.236.179 , France, ASN (),
Reverse DNS: ns19.hiwit.net
Software: Apache /
Resource Hash: 3508073c7c692b753d7e53ea1b605fb5f905d83445f31ace0c68eaabab782122

Request headers

Referer: http://www.victoireturf.ht.cx/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36
accept-language: fr-FR,fr;q=0.9

Response headers

Cache-Control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
Connection: Keep-Alive
Content-Type: text/html
Date: Tue, 13 Feb 2024 01:38:04 GMT
Expires: Thu, 19 Nov 1981 08:52:00 GMT
Keep-Alive: timeout=15, max=100
Pragma: no-cache
Server: Apache
Transfer-Encoding: chunked
Vary: Host

GET
H/1.1 200
OK stats-victoireturf.ht.cx.html Show response
www.victoireturf.ht.cx/ Frame 96C8 0
192 B 128ms
104ms Document
text/html 5.135.149.81
OVH

General

Check archive.org

Show headers Download Go to

Full URL: http://www.victoireturf.ht.cx/stats-victoireturf.ht.cx.html
Requested by: Host: www.victoireturf.ht.cx
URL: http://www.victoireturf.ht.cx/
Protocol: HTTP/1.1
Server: 5.135.149.81 Le Chesnay, France, ASN16276 (OVH, FR),
Reverse DNS: web3.venez.net
Software: Apache /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: http://www.victoireturf.ht.cx/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36
accept-language: fr-FR,fr;q=0.9

Response headers

Connection: Keep-Alive
Content-Length: 0
Content-Type: text/html; charset=iso-8859-1
Date: Tue, 13 Feb 2024 01:38:04 GMT
Keep-Alive: timeout=5, max=100
Server: Apache

GET
H/1.1 200
OK site.js Show response
www.venez.fr/js/ Frame 9918 2 KB
1 KB 178ms
27ms Script
application/javascript 5.135.149.81
OVH

General

Check archive.org

Show headers Download Go to

Full URL: https://www.venez.fr/js/site.js?www.venez.fr
Requested by: Host: www.victoireturf.ht.cx
URL: http://www.victoireturf.ht.cx/barre-victoireturf.ht.cx.html
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 5.135.149.81 Le Chesnay, France, ASN16276 (OVH, FR),
Reverse DNS: web3.venez.net
Software: Apache /
Resource Hash: 0c91a24c2deb753c963c48cd9c3e5d16ee96128b30bce193c4324e121728c306

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: http://www.victoireturf.ht.cx/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36

Response headers

Date: Tue, 13 Feb 2024 01:38:04 GMT
Content-Encoding: gzip
Last-Modified: Tue, 13 Feb 2024 01:38:04 GMT
Server: Apache
Vary: Accept-Encoding
Content-Type: application/javascript
Cache-Control: public, max-age=604800
Connection: Keep-Alive
Keep-Alive: timeout=5, max=100
Content-Length: 1023
Expires: Tue, 20 Feb 2024 01:38:04 GMT

GET
H/1.1 200
OK separateur90.gif
www.venez.fr/images/ Frame 9918 82 B
388 B 177ms
25ms Image
image/gif 5.135.149.81
OVH

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.venez.fr/images/separateur90.gif
Requested by: Host: www.victoireturf.ht.cx
URL: http://www.victoireturf.ht.cx/barre-victoireturf.ht.cx.html
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 5.135.149.81 Le Chesnay, France, ASN16276 (OVH, FR),
Reverse DNS: web3.venez.net
Software: Apache /
Resource Hash: 3289fc83b622ca0a13683fa81b006a05de135d1938744d6e30e5c9be2f2d782a

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: http://www.victoireturf.ht.cx/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36

Response headers

Date: Tue, 13 Feb 2024 01:38:04 GMT
Last-Modified: Thu, 15 Nov 2018 22:11:22 GMT
Server: Apache
ETag: "52-57abb54b25680"
Content-Type: image/gif
Cache-Control: max-age=604800, public
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=100
Content-Length: 82

GET
H/1.1 200
OK adsbygoogle.js Show response
pagead2.googlesyndication.com/pagead/js/ Frame 9918 147 KB
54 KB 75ms
47ms Script
text/javascript 2a00:1450:4001:82b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

http://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js

Requested by

Host: www.victoireturf.ht.cx
URL: http://www.victoireturf.ht.cx/barre-victoireturf.ht.cx.html

Protocol

HTTP/1.1

Server

2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

836a724bcf3b0dc34e3c8e33deb5382d24bbac8b61d187c89b67240a43d59bd1

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: http://www.victoireturf.ht.cx/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36

Response headers

Date: Tue, 13 Feb 2024 01:38:04 GMT
Content-Encoding: gzip
X-Content-Type-Options: nosniff
P3P: policyref="http://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
Cross-Origin-Resource-Policy: cross-origin
Content-Disposition: attachment; filename="f.txt"
Content-Length: 54464
X-XSS-Protection: 0
Server: cafe
ETag: 14678324168497401340
Vary: Accept-Encoding
Content-Type: text/javascript; charset=UTF-8
Access-Control-Allow-Origin: *
Cache-Control: private, max-age=3600, stale-while-revalidate=3600
Timing-Allow-Origin: *
Link: <https://googleads.g.doubleclick.net>; rel="preconnect"; crossorigin
Expires: Tue, 13 Feb 2024 01:38:04 GMT

GET
H/1.1 200
OK h1.png
www.bazireturf.com/turf/victoireturf/ Frame ED2E 27 KB
28 KB 36ms
20ms Image
image/png 194.150.236.179

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://www.bazireturf.com/turf/victoireturf/h1.png
Requested by: Host: www.bazireturf.com
URL: http://www.bazireturf.com/turf/victoireturf/
Protocol: HTTP/1.1
Server: 194.150.236.179 , France, ASN (),
Reverse DNS: ns19.hiwit.net
Software: Apache /
Resource Hash: 31ebf9aeaedcdaec75a827066eb352390f6d78b489a47153dd53705595d484ca

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: http://www.bazireturf.com/turf/victoireturf/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36

Response headers

Date: Tue, 13 Feb 2024 01:38:04 GMT
Last-Modified: Wed, 01 Sep 2021 11:02:12 GMT
Server: Apache
ETag: "169e2ae-6d55-5caecff8bd500"
Vary: Host
Content-Type: image/png
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=15, max=99
Content-Length: 27989

GET
H/1.1 200
OK head.jpg
www.bazireturf.com/turf/victoireturf/ Frame ED2E 54 KB
55 KB 43ms
23ms Image
image/jpeg 194.150.236.179

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://www.bazireturf.com/turf/victoireturf/head.jpg
Requested by: Host: www.bazireturf.com
URL: http://www.bazireturf.com/turf/victoireturf/
Protocol: HTTP/1.1
Server: 194.150.236.179 , France, ASN (),
Reverse DNS: ns19.hiwit.net
Software: Apache /
Resource Hash: 49cae39b5b91b05391a99c346640060dc6db5448865ce1077e696689f3396792

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: http://www.bazireturf.com/turf/victoireturf/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36

Response headers

Date: Tue, 13 Feb 2024 01:38:04 GMT
Last-Modified: Wed, 01 Sep 2021 11:02:13 GMT
Server: Apache
ETag: "169e2b1-d98c-5caecff9b1740"
Vary: Host
Content-Type: image/jpeg
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=15, max=100
Content-Length: 55692

GET logo.gif
www.duvaldestin.com/ Frame ED2E 0
0

GET
H/1.1 200
OK logo.gif
www.bazireturf.com/img/ Frame ED2E 19 KB
19 KB 44ms
24ms Image
image/gif 194.150.236.179

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://www.bazireturf.com/img/logo.gif
Requested by: Host: www.bazireturf.com
URL: http://www.bazireturf.com/turf/victoireturf/
Protocol: HTTP/1.1
Server: 194.150.236.179 , France, ASN (),
Reverse DNS: ns19.hiwit.net
Software: Apache /
Resource Hash: e3a0169c93ee99ee209e212f1f9b711712aa8546cd9bc4a8f4bc431df18dabde

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: http://www.bazireturf.com/turf/victoireturf/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36

Response headers

Date: Tue, 13 Feb 2024 01:38:04 GMT
Last-Modified: Wed, 30 Nov 2016 07:10:42 GMT
Server: Apache
ETag: "169be12-4c74-5427f67204080"
Vary: Host
Content-Type: image/gif
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=15, max=100
Content-Length: 19572

GET
H/1.1 200
OK logo.gif
www.tresorturf.com/img/ Frame ED2E 7 KB
7 KB 71ms
20ms Image
image/gif 194.150.236.236
HIWIT_AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://www.tresorturf.com/img/logo.gif
Requested by: Host: www.bazireturf.com
URL: http://www.bazireturf.com/turf/victoireturf/
Protocol: HTTP/1.1
Server: 194.150.236.236 , France, ASN44976 (HIWIT_AS, FR),
Reverse DNS: ns76.hiwit.net
Software: Apache /
Resource Hash: 6708a8ec82fad521076f2579c9873b1335aad3bd231cdb2972ea0bfb38689d97

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: http://www.bazireturf.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36

Response headers

Date: Tue, 13 Feb 2024 01:38:04 GMT
Last-Modified: Mon, 26 Jun 2023 01:03:21 GMT
Server: Apache
ETag: "2b6f1b3-1cc2-5fefdeaade840"
Vary: Host
Content-Type: image/gif
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=15, max=100
Content-Length: 7362

GET logo
jmbazire.genhit.com/ Frame ED2E 0
0

GET
H/1.1 200
OK h2.png
www.bazireturf.com/turf/victoireturf/ Frame ED2E 27 KB
27 KB 40ms
25ms Image
image/png 194.150.236.179

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://www.bazireturf.com/turf/victoireturf/h2.png
Requested by: Host: www.bazireturf.com
URL: http://www.bazireturf.com/turf/victoireturf/
Protocol: HTTP/1.1
Server: 194.150.236.179 , France, ASN (),
Reverse DNS: ns19.hiwit.net
Software: Apache /
Resource Hash: b00c094adf05e6690e7c9c4a5c5a0c194a2b73cd18e8fd3800acbff1d58d87f8

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: http://www.bazireturf.com/turf/victoireturf/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36

Response headers

Date: Tue, 13 Feb 2024 01:38:04 GMT
Last-Modified: Wed, 01 Sep 2021 11:02:12 GMT
Server: Apache
ETag: "169e2af-6acd-5caecff8bd500"
Vary: Host
Content-Type: image/png
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=15, max=100
Content-Length: 27341

GET
H/1.1 200
OK puce.png
www.bazireturf.com/turf/victoireturf/ Frame ED2E 33 KB
33 KB 41ms
22ms Image
image/png 194.150.236.179

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://www.bazireturf.com/turf/victoireturf/puce.png
Requested by: Host: www.bazireturf.com
URL: http://www.bazireturf.com/turf/victoireturf/
Protocol: HTTP/1.1
Server: 194.150.236.179 , France, ASN (),
Reverse DNS: ns19.hiwit.net
Software: Apache /
Resource Hash: 864c8de2401de5d4179c83883d86996453df5bbfe3cc7263043a77e15efd7109

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: http://www.bazireturf.com/turf/victoireturf/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36

Response headers

Date: Tue, 13 Feb 2024 01:38:04 GMT
Last-Modified: Wed, 01 Sep 2021 11:02:14 GMT
Server: Apache
ETag: "169e2b5-84d6-5caecffaa5980"
Vary: Host
Content-Type: image/png
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=15, max=100
Content-Length: 34006

GET
H/1.1 200
OK date.png
www.bazireturf.com/turf/victoireturf/ Frame ED2E 33 KB
34 KB 40ms
23ms Image
image/png 194.150.236.179

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://www.bazireturf.com/turf/victoireturf/date.png
Requested by: Host: www.bazireturf.com
URL: http://www.bazireturf.com/turf/victoireturf/
Protocol: HTTP/1.1
Server: 194.150.236.179 , France, ASN (),
Reverse DNS: ns19.hiwit.net
Software: Apache /
Resource Hash: fc01ed57d1edc90d3c90024746ce98d16362529291a8f93ef551ae53d59bb06c

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: http://www.bazireturf.com/turf/victoireturf/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36

Response headers

Date: Tue, 13 Feb 2024 01:38:04 GMT
Last-Modified: Wed, 01 Sep 2021 11:02:12 GMT
Server: Apache
ETag: "169e2ad-85ff-5caecff8bd500"
Vary: Host
Content-Type: image/png
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=15, max=100
Content-Length: 34303

GET
H/1.1 200
OK checkout.apu Show response
payment.allopass.com/buy/ Frame ED2E 11 KB
4 KB 252ms
73ms Script
text/html 185.119.26.1
WEBDEVIIN-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://payment.allopass.com/buy/checkout.apu?ids=321952&idd=1407649&lang=fr
Requested by: Host: www.bazireturf.com
URL: http://www.bazireturf.com/turf/victoireturf/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 185.119.26.1 , France, ASN203544 (WEBDEVIIN-AS, FR),
Reverse DNS: 1.26.119.185.in-addr.arpa
Software: Apache /
Resource Hash: 5725ec903bd9784dda20be8167690234b4d49129ff3f6e31d90e827b36ae49bb

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: http://www.bazireturf.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36

Response headers

Pragma: no-cache
Date: Tue, 13 Feb 2024 01:38:04 GMT
Content-Encoding: gzip
Server: Apache
Vary: Accept-Encoding
P3P: CP='NON NID OTPa OUR NOR' policy-ref='http://payment.allopass.com/info/p3p/policy-references.xml'
Content-Type: text/html
Cache-Control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
Connection: close
Content-Length: 2963
Expires: Thu, 19 Nov 1981 08:52:00 GMT

GET
H2

200

v=2XpOgQhHyD2kUb3iTi6.4ZuSowGhDeeywC6TRWnXlH-yGy88.tSXpu-7IufP2hxImxLWo8Ujm4EP.-9CPIbtBw__&s= Show response
www.gambling-affiliation.com/cpm/ Frame ED2E
Redirect Chain

http://www.gambling-affiliation.com/cpm/v=2XpOgQhHyD2kUb3iTi6.4ZuSowGhDeeywC6TRWnXlH-yGy88.tSXpu-7IufP2hxImxLWo8Ujm4EP.-9CPIbtBw__&s=
https://www.gambling-affiliation.com/cpm/v=2XpOgQhHyD2kUb3iTi6.4ZuSowGhDeeywC6TRWnXlH-yGy88.tSXpu-7IufP2hxImxLWo8Ujm4EP.-9CPIbtBw__&s=

339 B
427 B

275ms
153ms

Script
application/javascript

91.198.105.122
EURO-WEB-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://www.gambling-affiliation.com/cpm/v=2XpOgQhHyD2kUb3iTi6.4ZuSowGhDeeywC6TRWnXlH-yGy88.tSXpu-7IufP2hxImxLWo8Ujm4EP.-9CPIbtBw__&s=
Requested by: Host: www.bazireturf.com
URL: http://www.bazireturf.com/turf/victoireturf/
Protocol: H2
Server: 91.198.105.122 , France, ASN35393 (EURO-WEB-AS, FR),
Reverse DNS
Software: Apache /
Resource Hash: d6c6e81746a729aaae8c402916022c88cf81b62d9f57edf7d783861b57734305

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: http://www.bazireturf.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36

Response headers

date: Tue, 13 Feb 2024 01:38:03 GMT
server: Apache
content-length: 339
content-type: application/javascript

Redirect headers

location: https://www.gambling-affiliation.com/cpm/v=2XpOgQhHyD2kUb3iTi6.4ZuSowGhDeeywC6TRWnXlH-yGy88.tSXpu-7IufP2hxImxLWo8Ujm4EP.-9CPIbtBw__&s=
content-length: 0

GET
H/1.1 200
OK h3.png
www.bazireturf.com/turf/victoireturf/ Frame ED2E 27 KB
28 KB 20ms
20ms Image
image/png 194.150.236.179

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://www.bazireturf.com/turf/victoireturf/h3.png
Requested by: Host: www.bazireturf.com
URL: http://www.bazireturf.com/turf/victoireturf/
Protocol: HTTP/1.1
Server: 194.150.236.179 , France, ASN (),
Reverse DNS: ns19.hiwit.net
Software: Apache /
Resource Hash: 49c9f7121ee9c8b1b6e598b86ad821c2a431dec20ea2a26a51a0099e1ea7d403

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: http://www.bazireturf.com/turf/victoireturf/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36

Response headers

Date: Tue, 13 Feb 2024 01:38:04 GMT
Last-Modified: Wed, 01 Sep 2021 11:02:13 GMT
Server: Apache
ETag: "169e2b0-6dc3-5caecff9b1740"
Vary: Host
Content-Type: image/png
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=15, max=98
Content-Length: 28099

GET
H/1.1 200
OK alternate-barre.htm Show response
www.venez.fr/ Frame C9E0 2 KB
1 KB 25ms
25ms Document
text/html 5.135.149.81
OVH

General

Check archive.org

Show headers Download Go to

Full URL: https://www.venez.fr/alternate-barre.htm
Requested by: Host: www.victoireturf.ht.cx
URL: http://www.victoireturf.ht.cx/barre-victoireturf.ht.cx.html
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 5.135.149.81 Le Chesnay, France, ASN16276 (OVH, FR),
Reverse DNS: web3.venez.net
Software: Apache /
Resource Hash: 35248f88c0ee208f73e61be7b8d786ad63c3f46a104bc03c320185ee70400f75

Request headers

Referer: http://www.victoireturf.ht.cx/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36
accept-language: fr-FR,fr;q=0.9

Response headers

Connection: Keep-Alive
Content-Encoding: gzip
Content-Length: 874
Content-Type: text/html; charset=iso-8859-1
Date: Tue, 13 Feb 2024 01:38:04 GMT
Keep-Alive: timeout=5, max=99
Server: Apache
Vary: Accept-Encoding

GET
H/1.1 200
OK barre90.gif
www.venez.fr/images/ Frame 9918 110 B
416 B 28ms
27ms Image
image/gif 5.135.149.81
OVH

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.venez.fr/images/barre90.gif
Requested by: Host: www.victoireturf.ht.cx
URL: http://www.victoireturf.ht.cx/barre-victoireturf.ht.cx.html
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 5.135.149.81 Le Chesnay, France, ASN16276 (OVH, FR),
Reverse DNS: web3.venez.net
Software: Apache /
Resource Hash: 49d4ba84e10d9d1f2a83956dde4f20625fd11efc01f60a3a4552a9e09a05a74f

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: http://www.victoireturf.ht.cx/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36

Response headers

Date: Tue, 13 Feb 2024 01:38:04 GMT
Last-Modified: Thu, 15 Nov 2018 22:06:23 GMT
Server: Apache
ETag: "6e-57abb42dff5c0"
Content-Type: image/gif
Cache-Control: max-age=604800, public
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=99
Content-Length: 110

GET
H/1.1 200
OK 120x60.gif
www.venez.fr/images/ Frame C9E0 4 KB
4 KB 28ms
27ms Image
image/gif 5.135.149.81
OVH

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.venez.fr/images/120x60.gif
Requested by: Host: www.venez.fr
URL: https://www.venez.fr/alternate-barre.htm
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 5.135.149.81 Le Chesnay, France, ASN16276 (OVH, FR),
Reverse DNS: web3.venez.net
Software: Apache /
Resource Hash: 7dc792d48132ff15a9ad8c11a139bf26f8e13aa3df30a71582ae406ddffdab4f

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://www.venez.fr/alternate-barre.htm
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36

Response headers

Date: Tue, 13 Feb 2024 01:38:04 GMT
Last-Modified: Wed, 02 Mar 2011 00:16:24 GMT
Server: Apache
ETag: "f4c-49d74d2b9c600"
Content-Type: image/gif
Cache-Control: max-age=604800, public
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=98
Content-Length: 3916

GET
H/1.1 200
OK site.js Show response
www.venez.fr/js/ Frame C9E0 2 KB
1 KB 26ms
25ms Script
application/javascript 5.135.149.81
OVH

General

Check archive.org

Show headers Download Go to

Full URL: https://www.venez.fr/js/site.js?www.venez.fr
Requested by: Host: www.venez.fr
URL: https://www.venez.fr/alternate-barre.htm
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 5.135.149.81 Le Chesnay, France, ASN16276 (OVH, FR),
Reverse DNS: web3.venez.net
Software: Apache /
Resource Hash: 0c91a24c2deb753c963c48cd9c3e5d16ee96128b30bce193c4324e121728c306

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://www.venez.fr/alternate-barre.htm
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36

Response headers

Date: Tue, 13 Feb 2024 01:38:04 GMT
Content-Encoding: gzip
Last-Modified: Tue, 13 Feb 2024 01:38:04 GMT
Server: Apache
Vary: Accept-Encoding
Content-Type: application/javascript
Cache-Control: public, max-age=604800
Connection: Keep-Alive
Keep-Alive: timeout=5, max=98
Content-Length: 1023
Expires: Tue, 20 Feb 2024 01:38:04 GMT

GET
H/1.1 200
OK barre90.gif
www.venez.fr/images/ Frame C9E0 110 B
416 B 36ms
26ms Image
image/gif 5.135.149.81
OVH

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.venez.fr/images/barre90.gif
Requested by: Host: www.venez.fr
URL: https://www.venez.fr/alternate-barre.htm
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 5.135.149.81 Le Chesnay, France, ASN16276 (OVH, FR),
Reverse DNS: web3.venez.net
Software: Apache /
Resource Hash: 49d4ba84e10d9d1f2a83956dde4f20625fd11efc01f60a3a4552a9e09a05a74f

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://www.venez.fr/alternate-barre.htm
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36

Response headers

Date: Tue, 13 Feb 2024 01:38:04 GMT
Last-Modified: Thu, 15 Nov 2018 22:06:23 GMT
Server: Apache
ETag: "6e-57abb42dff5c0"
Content-Type: image/gif
Cache-Control: max-age=604800, public
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=97
Content-Length: 110

GET
H2 200 show_ads_impl_with_ama_fy2021.js Show response
pagead2.googlesyndication.com/pagead/managed/js/adsense/m202402010101/ Frame 9918 406 KB
138 KB 127ms
66ms Script
text/javascript 2a00:1450:4001:82b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202402010101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-5203714787387788&plah=www.victoireturf.ht.cx&aplac=true

Requested by

Host: pagead2.googlesyndication.com
URL: http://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

8eedb54e51cf6068d2eb85fafcd57918142e775b23150a36c489af87f80383ae

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: http://www.victoireturf.ht.cx/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36

Response headers

date: Tue, 13 Feb 2024 01:38:04 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 140921
x-xss-protection: 0
server: cafe
etag: 230545035142137076
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=3600, stale-while-revalidate=3600
timing-allow-origin: *
expires: Tue, 13 Feb 2024 01:38:04 GMT

GET
H2 200 zrt_lookup_fy2021.html Show response
googleads.g.doubleclick.net/pagead/html/r20240208/r20190131/ Frame E29E 9 KB
5 KB 100ms
25ms Document
text/html 2a00:1450:4001:82a::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/html/r20240208/r20190131/zrt_lookup_fy2021.html

Requested by

Host: pagead2.googlesyndication.com
URL: http://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

9ba2c2b2479cc7044e4af1a0123ec24531e8ad57aa91d4d5655405a148271589

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: http://www.victoireturf.ht.cx/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36
accept-language: fr-FR,fr;q=0.9

Response headers

age: 13154
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=1209600
content-encoding: br
content-length: 4209
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Mon, 12 Feb 2024 21:58:50 GMT
etag: 3890843268177463596
expires: Mon, 26 Feb 2024 21:58:50 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 gtm.js Show response
www.googletagmanager.com/ Frame ED2E 170 KB
62 KB 100ms
37ms Script
application/javascript 2a00:1450:4001:810::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtm.js?id=GTM-NVK252XV

Requested by

Host: payment.allopass.com
URL: https://payment.allopass.com/buy/checkout.apu?ids=321952&idd=1407649&lang=fr

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:810::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

009ff081ff536832beef2afa5d6db4d3b645ca0d9188a8c62e43f113b48b2334

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: http://www.bazireturf.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36

Response headers

date: Tue, 13 Feb 2024 01:38:04 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 63012
x-xss-protection: 0
last-modified: Tue, 13 Feb 2024 00:44:20 GMT
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Tue, 13 Feb 2024 01:38:04 GMT

GET
H/1.1 200
OK buy-button.css
payment.allopass.com/static/css/ Frame ED2E 2 KB
830 B 59ms
20ms Stylesheet
text/css 185.119.26.1
WEBDEVIIN-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://payment.allopass.com/static/css/buy-button.css?1
Requested by: Host: payment.allopass.com
URL: https://payment.allopass.com/buy/checkout.apu?ids=321952&idd=1407649&lang=fr
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 185.119.26.1 , France, ASN203544 (WEBDEVIIN-AS, FR),
Reverse DNS: 1.26.119.185.in-addr.arpa
Software: Apache /
Resource Hash: 95eb15e76b752a9c78d6281cd3b7c43a8fbc2931783edf3bf3703af55eff06e2

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: http://www.bazireturf.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36

Response headers

Date: Tue, 13 Feb 2024 01:38:04 GMT
Content-Encoding: gzip
Last-Modified: Mon, 21 Aug 2023 10:50:27 GMT
Server: Apache
ETag: "42312-69a-6036ca56d02c0"
Vary: Accept-Encoding
Content-Type: text/css
Connection: close
Accept-Ranges: bytes
Content-Length: 546

GET
H/1.1 200
OK 162x56.png
payment.allopass.com/static/buy/button/fr/ Frame ED2E 6 KB
6 KB 60ms
22ms Image
image/png 185.119.26.1
WEBDEVIIN-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://payment.allopass.com/static/buy/button/fr/162x56.png
Requested by: Host: www.bazireturf.com
URL: http://www.bazireturf.com/turf/victoireturf/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 185.119.26.1 , France, ASN203544 (WEBDEVIIN-AS, FR),
Reverse DNS: 1.26.119.185.in-addr.arpa
Software: Apache /
Resource Hash: 7dd9659e56e92abc376e04d427903b2cfca1d52d854d38e35fefa4cf9e7fd9db

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: http://www.bazireturf.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36

Response headers

Date: Tue, 13 Feb 2024 01:38:03 GMT
Last-Modified: Mon, 21 Aug 2023 10:50:27 GMT
Server: Apache
ETag: "218f2-1688-6036ca56d02c0"
Content-Type: image/png
Connection: close
Accept-Ranges: bytes
Content-Length: 5768

GET
H/1.1 200
OK bt_ok.gif
payment.allopass.com/imgweb/common/ Frame ED2E 753 B
991 B 58ms
20ms Image
image/gif 185.119.26.1
WEBDEVIIN-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://payment.allopass.com/imgweb/common/bt_ok.gif
Requested by: Host: www.bazireturf.com
URL: http://www.bazireturf.com/turf/victoireturf/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 185.119.26.1 , France, ASN203544 (WEBDEVIIN-AS, FR),
Reverse DNS: 1.26.119.185.in-addr.arpa
Software: Apache /
Resource Hash: d1d6b5efe0d6c2540778435a8f7873cbec1eb76a2b107370388a8806cb5dda6a

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: http://www.bazireturf.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36

Response headers

Date: Tue, 13 Feb 2024 01:38:04 GMT
Last-Modified: Tue, 26 Nov 2019 14:39:46 GMT
Server: Apache
ETag: "235c8-2f1-59840d9fb3080"
Content-Type: image/gif
Connection: close
Accept-Ranges: bytes
Content-Length: 753

GET
H2 200 54289.gif
static.gambling-affiliation.com/uploads/ads/ Frame ED2E 212 KB
213 KB 118ms
38ms Image
image/gif 91.198.105.122
EURO-WEB-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://static.gambling-affiliation.com/uploads/ads/54289.gif
Requested by: Host: www.bazireturf.com
URL: http://www.bazireturf.com/turf/victoireturf/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 91.198.105.122 , France, ASN35393 (EURO-WEB-AS, FR),
Reverse DNS
Software: nginx/1.15.5 /
Resource Hash: 338c8b352f04bd1850d9b85d39fcea1f11e3ff81c33c051fd33090099f6473ac

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: http://www.bazireturf.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36

Response headers

date: Tue, 13 Feb 2024 01:38:04 GMT
last-modified: Wed, 19 May 2021 07:05:11 GMT
server: nginx/1.15.5
accept-ranges: bytes
etag: "60a4b8a7-35124"
content-length: 217380
content-type: image/gif

GET
H2 200 ads Show response
googleads.g.doubleclick.net/pagead/ Frame E759 27 KB
11 KB 369ms
368ms Document
text/html 2a00:1450:4001:82a::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5203714787387788&output=html&h=90&slotname=4563536207&adk=2647235303&adf=3604715433&pi=t.ma~as.4563536207&w=970&format=970x90&url=http%3A%2F%2Fwww.victoireturf.ht.cx%2F&wgl=1&dt=1707788284550&bpp=2&bdt=338&idt=209&shv=r20240208&mjsv=m202402010101&ptt=9&saldr=aa&correlator=8097472923101&frm=23&ife=1&pv=2&ga_vid=1992698968.1707788285&ga_sid=1707788285&ga_hid=1878795983&ga_fc=0&nhd=1&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&adx=20&ady=0&biw=1600&bih=1200&isw=1600&ish=90&ifk=628767178&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44808397%2C42531705%2C95324581%2C95320870%2C95324155%2C95324160%2C95324266&oid=2&pvsid=3396814919795606&tmod=2106271464&uas=0&nvt=1&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C90&vis=1&rsz=o%7Co%7CaeE%7C&abl=NA&pfx=0&fu=4&bc=23&bz=1&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=1&uci=1.arz5rae2q91f&fsb=1&dtd=217

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202402010101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-5203714787387788&plah=www.victoireturf.ht.cx&aplac=true

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

668f12866120ce987c24de1142813b0b32c4e5dde51974dc73fdd5425ecd7ab0

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: http://www.victoireturf.ht.cx/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36
accept-language: fr-FR,fr;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private
content-encoding: br
content-length: 11148
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Tue, 13 Feb 2024 01:38:04 GMT
expires: Tue, 13 Feb 2024 01:38:04 GMT
observe-browsing-topics: ?1
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 destination Show response
www.googletagmanager.com/gtag/ Frame ED2E 295 KB
96 KB 39ms
38ms Script
application/javascript 2a00:1450:4001:810::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/destination?id=G-QG320G96PZ&l=dataLayer&cx=c

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-NVK252XV

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:810::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

d2dcb1d97201dd1dd9d255a76ab21ba83ad0f6255534622b4b30c0d31ca54646

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: http://www.bazireturf.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36

Response headers

date: Tue, 13 Feb 2024 01:38:04 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
access-control-allow-headers: Cache-Control
content-length: 98588
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires: Tue, 13 Feb 2024 01:38:04 GMT

GET
H3 200 pixel Show response
googleads.g.doubleclick.net/xbbe/ Frame 2A0A 0
20 B 44ms
42ms Document
text/html 2a00:1450:4001:82a::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/xbbe/pixel?d=CNyuyAIQlYPNrwMY77b4ggIwAQ&v=APEucNVaJ_3sg1UOvGaN5ArjMPCYccP6IDLjpjF0zNzXxpNU4Pr67sKSmdVZovJkWqJzmlVjX_bw7hLZwVZpoBma0e2Q36TxcCYssBGPa_OEl7D_5IDjzv3xvX_k6_N10jk8GMkKrLB4SIjg5zvP4YWdXhyRQKP9ahi_ISpt10At0jg_7zw7Asg

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5203714787387788&output=html&h=90&slotname=4563536207&adk=2647235303&adf=3604715433&pi=t.ma~as.4563536207&w=970&format=970x90&url=http%3A%2F%2Fwww.victoireturf.ht.cx%2F&wgl=1&dt=1707788284550&bpp=2&bdt=338&idt=209&shv=r20240208&mjsv=m202402010101&ptt=9&saldr=aa&correlator=8097472923101&frm=23&ife=1&pv=2&ga_vid=1992698968.1707788285&ga_sid=1707788285&ga_hid=1878795983&ga_fc=0&nhd=1&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&adx=20&ady=0&biw=1600&bih=1200&isw=1600&ish=90&ifk=628767178&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44808397%2C42531705%2C95324581%2C95320870%2C95324155%2C95324160%2C95324266&oid=2&pvsid=3396814919795606&tmod=2106271464&uas=0&nvt=1&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C90&vis=1&rsz=o%7Co%7CaeE%7C&abl=NA&pfx=0&fu=4&bc=23&bz=1&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=1&uci=1.arz5rae2q91f&fsb=1&dtd=217

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5203714787387788&output=html&h=90&slotname=4563536207&adk=2647235303&adf=3604715433&pi=t.ma~as.4563536207&w=970&format=970x90&url=http%3A%2F%2Fwww.victoireturf.ht.cx%2F&wgl=1&dt=1707788284550&bpp=2&bdt=338&idt=209&shv=r20240208&mjsv=m202402010101&ptt=9&saldr=aa&correlator=8097472923101&frm=23&ife=1&pv=2&ga_vid=1992698968.1707788285&ga_sid=1707788285&ga_hid=1878795983&ga_fc=0&nhd=1&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&adx=20&ady=0&biw=1600&bih=1200&isw=1600&ish=90&ifk=628767178&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44808397%2C42531705%2C95324581%2C95320870%2C95324155%2C95324160%2C95324266&oid=2&pvsid=3396814919795606&tmod=2106271464&uas=0&nvt=1&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C90&vis=1&rsz=o%7Co%7CaeE%7C&abl=NA&pfx=0&fu=4&bc=23&bz=1&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=1&uci=1.arz5rae2q91f&fsb=1&dtd=217
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36
accept-language: fr-FR,fr;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private
content-length: 0
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Tue, 13 Feb 2024 01:38:05 GMT
expires: Tue, 13 Feb 2024 01:38:05 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 dv3.js Show response
pagead2.googlesyndication.com/pagead/js/ Frame 0B7F 93 KB
33 KB 42ms
39ms Script
text/javascript 2a00:1450:4001:82b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/dv3.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ed0e7e64215a9663152e2d5c1c9a5ba0fe76c9f5de3dfe71bf45f0a64e977c69

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36

Response headers

date: Tue, 13 Feb 2024 01:38:05 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 33320
x-xss-protection: 0
server: cafe
etag: 12501049806231860069
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=600
timing-allow-origin: *
expires: Tue, 13 Feb 2024 01:38:05 GMT

GET
H2 200 / Show response
fw.adsafeprotected.com/rjss/track.adform.net/1914784/77641194/adfscript/ Frame 0B7F 275 KB
81 KB 151ms
32ms Script
application/javascript 52.48.174.31
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://fw.adsafeprotected.com/rjss/track.adform.net/1914784/77641194/adfscript/?bn=70610326;click=https://googleads.g.doubleclick.net/dbm/clk?sa=L&ai=CdZNM_MfKZYrrMI-rnsEPspCbiAu_lYLUddCM9LTBEvAuEAEgorr-AmD74YWDnAqgAfyTgMooyAEJqQLSwtrldg-yPqgDAcgDmwSqBO0BT9DohN-yzg8682ki6_96nSgk2zQ3VKsM7xZet1O_GqPkdhqFX37zuPVGHKsKxsou-asOWaA4GOcY_H4_2FTESf55XfPM94PUVJ_hyzO98bFNyvmWwqzRXMpqSJVM3-ANsf7V83W68ORQnky16c80vn-wu7D0kL5qEXgRIQ1-P1TCvZMuqufGPGi7Y93PDExOy7Fmaq_mX089ULM0t0XlKA4g6aa6Fy03qlMIcd_iPejITqufqTUv7SQtEgXrz5DosqurUBRWFBnknJAI2zb8vmQcMZAbhE-pjG8U34FNo2MEDLXK6zw8L6YI8flqwATI5L_WmQTgBAOIBY7Rov9BkAYBoAZNgAf8y9CpA6gH2baxAqgHjs4bqAeT2BuoB-6WsQKoB_6esQKoB9XJG6gHpr4bqAeaBqgH89EbqAeW2BuoB6qbsQKoB4OtsQKoB_-esQKoB9-fsQLYBwDSCCYIgOGAEBABGB8yAqoCOgmAQICAhICAhAhIvf3BOljmosSQl6eEA4AKAZgLAcgLAYAMAaoNAkZSsBO9lNIW2BMD2BQB0BUB-BYBgBcB&ae=1&num=1&cid=CAQSTwAvHhf_1R37mnPN0njtHP9Q9GePUmH3ckm-6OOdLY5xHUoRGfQ3PshE-Nf-xUUmc5JzxH0ZEagoLu252gSKiu2_7i2gW9r_Y-snSaMCHtEYAQ&sig=AOD64_3PTapqDhTSGZTmao5CYzFpXifRgQ&client=ca-pub-5203714787387788&dbm_c=AKAmf-DyaAdvdw9uJx6u79c5cgiJxDVmQs93qP-Dir-RTZn_bZhmprxH3vezW-k-YPwlJoJBPpMXnQ0enviKQbuWcfKlfEwobU2OVvHFLRPLtPQmHvrMsDY9vz2-1Zwjgt4l66qmYJ1GwYiTHuVY-6b9LIJ9igX4LLtzQ1hJf2ZFNDmstGXAA4M&cry=1&dbm_d=AKAmf-DpgNoR5GTqxND3IsdXcsZqBaLNpv8KwCXId6k0sONLcH3ew46M1UDXM0gJ31M79wkT3sh96ulaTNnfGQ5v7MFeeJV7L-dM1T9A2R8scvWbRsXqlv1diUakR8p85tz_Do6Cxz01LBLDtHqltWA6cgVYD866AMJ0xw7njtLQJHpz-VouJ0kojg52jcK_RA4R7iwfXCqY60q5kJS5d1NloBZHm81ACa3pDeIPPAUWe4PQ3hdYmG2VkGsFueA7eQl-Pw_fq1LjzDoZ_5tke50pxlGEGc70W81Wh0XDmU_7HYIDmMHTWvbbMWzcd_xRUJI8DLQ-8-MvH8fuGIEJLe1dpQNKwM_HlADOzqEV-YQwebgAe2dhS80JmhSsE6THW9NDfqsERuSSl3cj9wAxbRB38R49CFw_ppZC_N4fZ4J1UZFaY9cafXp7_59NsKrh-IHbBnUnfwZliNZE2sgjMgLwqqtI3VjagUn1SoUPuFVWoHf6WmQSmJMvqyBN9-jG8gTFO65mL4XOUn6004xhOyOXcEYJh8QLDM25j9s0ekYdscYDWCfxK4ZFEeacY6XCQlRJdt11mS__&adurl=
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5203714787387788&output=html&h=90&slotname=4563536207&adk=2647235303&adf=3604715433&pi=t.ma~as.4563536207&w=970&format=970x90&url=http%3A%2F%2Fwww.victoireturf.ht.cx%2F&wgl=1&dt=1707788284550&bpp=2&bdt=338&idt=209&shv=r20240208&mjsv=m202402010101&ptt=9&saldr=aa&correlator=8097472923101&frm=23&ife=1&pv=2&ga_vid=1992698968.1707788285&ga_sid=1707788285&ga_hid=1878795983&ga_fc=0&nhd=1&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&adx=20&ady=0&biw=1600&bih=1200&isw=1600&ish=90&ifk=628767178&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44808397%2C42531705%2C95324581%2C95320870%2C95324155%2C95324160%2C95324266&oid=2&pvsid=3396814919795606&tmod=2106271464&uas=0&nvt=1&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C90&vis=1&rsz=o%7Co%7CaeE%7C&abl=NA&pfx=0&fu=4&bc=23&bz=1&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=1&uci=1.arz5rae2q91f&fsb=1&dtd=217
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.48.174.31 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-48-174-31.eu-west-1.compute.amazonaws.com
Software: /
Resource Hash: 0c037c983fb5077f949e6f817e2b38db965eb7776fa7f6049d71d28bae1143fc

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 13 Feb 2024 01:38:05 GMT
content-encoding: gzip
vary: accept-encoding
content-type: application/javascript;charset=utf-8
access-control-allow-origin: fw.adsafeprotected.com
cache-control: no-cache
access-control-allow-credentials: true
expires: Wed, 31 Dec 1969 23:59:59 GMT

GET
H2 200 window_focus_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20240208/r20110914/client/ Frame 0B7F 3 KB
1 KB 118ms
42ms Script
text/javascript 2a00:1450:4001:828::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20240208/r20110914/client/window_focus_fy2021.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:828::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36

Response headers

date: Mon, 12 Feb 2024 16:48:46 GMT
content-encoding: br
x-content-type-options: nosniff
age: 31759
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1236
x-xss-protection: 0
server: cafe
etag: 15004572836499977866
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Mon, 26 Feb 2024 16:48:46 GMT

GET
H2 200 qs_click_protection_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20240208/r20110914/client/ Frame 0B7F 20 KB
8 KB 114ms
38ms Script
text/javascript 2a00:1450:4001:828::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20240208/r20110914/client/qs_click_protection_fy2021.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:828::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

245cec0922828c15b3709eb696bb5a565f2f911f71e242024570698701c9540c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36

Response headers

date: Mon, 12 Feb 2024 20:53:55 GMT
content-encoding: br
x-content-type-options: nosniff
age: 17050
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 8220
x-xss-protection: 0
server: cafe
etag: 16176141338659805634
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Mon, 26 Feb 2024 20:53:55 GMT

GET
H2 200 ufs_web_display.js Show response
pagead2.googlesyndication.com/pagead/managed/js/activeview/current/ Frame 0B7F 203 KB
61 KB 29ms
27ms Script
text/javascript 2a00:1450:4001:82b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/managed/js/activeview/current/ufs_web_display.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

23d11567502488b4905a85c8ce6a03d6ce539620fa559b8f24a2a95b292a2c6a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36

Response headers

date: Tue, 13 Feb 2024 00:48:46 GMT
content-encoding: br
x-content-type-options: nosniff
age: 2959
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 62553
x-xss-protection: 0
server: cafe
etag
vary: Accept-Encoding
content-type: text/javascript; charset=ISO-8859-1
cache-control: public, max-age=3600, stale-while-revalidate=3600
timing-allow-origin: *
expires: Tue, 13 Feb 2024 01:48:46 GMT

GET
H2 200 gen_204
pagead2.googlesyndication.com/pagead/ Frame 0B7F 42 B
173 B 72ms
70ms Image
image/gif 2a00:1450:4001:82b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=xbid&dbm_b=AKAmf-ASXryil6ONBpoQt1FdzHtMR2x0bXzemp_EuzoJ8JrASN9GL6obWime6LBiAeL4olp9sz-r0_kjKPxH5KDM3H7qHVbYQ7-sdafnbrtrjcHJFKLR1RM

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 13 Feb 2024 01:38:05 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H2 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame 0B7F 0
58 B 57ms
57ms Ping
image/gif 2a00:1450:4001:82b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=dv3-render&msg=running&ord=4930894355862&version=m202401290101

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/dv3.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 13 Feb 2024 01:38:05 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame 0B7F 0
20 B 60ms
57ms Ping
image/gif 2a00:1450:4001:82b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=dv3-render&msg=tlbr&ord=4930894355862&version=m202401290101&ct=77&x=1&cor=10014554480432314000

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/dv3.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 13 Feb 2024 01:38:05 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 ad Show response
googleads.g.doubleclick.net/dbm/ Frame 0B7F 34 KB
20 KB 65ms
63ms Script
text/javascript 2a00:1450:4001:82a::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-A5TQtlY_jcyvz2aO4-8hBdst5iF3t0Lo47oT0EsvS6E-dU4mvN4373IAai0bbakZp_GsiSotzahUjuwQ1LRriY77Q_gMXvwc7UY2QzzjkqKaoH6CkDcg280ttK6YYAcSAszxfcNDzBmnEikoVv326BXQEhVbkFndLs7SiMn0BAUVNEt64&cry=1&dbm_d=AKAmf-AtSDfhWu3EvEbn4P1vyyJ6mwDopbilkcD3Hk7p-_pkDgnF1nx8bZ-17OzqZqN2T-p3tImwAR9skxykt3NguTRGdwqF2O3gs9SV9QedQqaInv6rC8GGGL4U8FDdTRjxjudmvX55mIhxoWcRMRJtlnqvjt0rCNwcpHZ7BwIN1kLL6LhT9yiHSEp0EAHcCwUzPtXUEl0Q5NSzWs8uy-cIjFYjS0HJb33kk7Cp8TTJhnd_hJrF27O-LJVwsSuWIR5YUqDDeKpjaAqHsRxgssPq7TlghLQA80IJ7EgNRSlRXBKtRSYqr64jMUtq-rZ7Ke82um_xjt_w42iob2aZF5vHsyxs8IJZvC55FBEfl0NbzZ-auDBi7HPMIwVUCBtgdEYMHcdpSugYE5V65RmxmBfnsb3Jp7HzA12-bCINIer86gZ_XBO1iLWggN1iaiRO5KJkcZwuXmy9NFrCAjR9XUQmBomK1-dtRRlvLXV2AIyWRuluZWW2lv8I6VCXybW0TcehY_URGNFTNVGbBJGFhZOTgtSe2W3APLG3MpyATtYyvr3vG3bYiHFbHyK3iotjb-uafOaFbJXx_ZQr5mbREr-GGVlSIwfy4gTZXbLu1w4A4noDy4ogkTZ7hsiZEkl4EtLEH4QylIFN69XnlaeaoXkvOFsI3bl7X6Ya-4qOhAHAv0DsOCqwX9_siaTBtnRW80yOOBNb-uy9amqUvRWGBovPZ0heOZr6kt-K3GfkVaAXaEWbvdLgqiF3fmMJhw_jXy3KD8QF58GxoQElCwFi89SQdctnzb8vJlQlI9w-H4zh5yhcScwCB9ffE6uAw2rcFaT5BDQy8YdIkteuuSio661dntm_3Rco6remJMImdHYQpZ7dVSDkv_6KICyiLMrFP8y61H9Y_6pr5BRvUxgfXOSg2e-sBEGB1WC-pm9TTXNhIzMvzzldLtvXep13lJkQF8-qUly5pB0scXID0vfDEKCpDTerGOJdEQqZ3Rk9m-og4X4Uf1NMqnMenjDq6Pwl2f2Exu_1JcVIX94wqIGx1OCUkr87IUbGOb6COE5obvEoe5p8Z5Cduh_tjii-36WJwK1lxrFCdnroLHynbver0cCAggxL9a3JYYTpuUB_QWXOZIiAEhzj1E9bWxGl_u3ZP-jKDEDPNzqyajyAnTzOtBSjfhz4kNcJyJovkDDRjYIjZr1-2njUfWii_QBtm37xwR8clX4CQQAng0G8Qkpf549A3nj8R89xI-tIav_NxTgUiAJM8t4y_YVObDQaOAd2TeZkCYwwdE2bgIThQQyan8v89FvM8G81IQJbPZY3UmYfLyS5wvuQyHLMBaaHFZVKylPLYn2skNZCGShT6bW_WsHHCjlF_reA0BhMdMzUnbzUHpUri5uyNyahuzsNyWyhzhLZSbjQgC5ruy5h_jLSL9MBftczwgXO919jYnmfBbualVLRLLuVXxqUr_8gr2WO18Wfgp402KyCylaovfWd1m2q1Uv4nYWqv-FHBQoLNybnkOtZsUaBVoitvN1izVVkdYXouJCzsjiCRkg3SMNYhTwupqMIufcGAgoxm_Z60ofDt9w4I7PtdCa75f4XKqxxEZu3FWS4Xe3QAlMze4EXTLr6HhCsYOh81YLQwOGxiAVAXi0dcaS9pASZKPjbqaLgePx5-6KE_ay-u6zWkYNl2NLItqzC3obHDl5Eh34cXQHNMVKWZYAUF8gpwsqMNw3SqxbotZ-GlfuybNneX3g310c2KSSgsOD9fTN1uBX2l_y95jw87SAgQ3SofJCB9CQlV-qLma1eSmryU1fte3ZTm57gNLjCRg3HaWy9tHWGJ4mo2YnxIr0cb14HymHzoRAlXzdBMm80gtmgcCnt7JV15XF0BipqxMjzD3QzHWS1Tn9K_WRgTKaNS7rdXB_lF5-ssPL7F-yjTg6J_nGtcjdTVsIwfwyO4WHLpAjBUHFl8GGJc4iwsddM0bdDVMfVuQQ08vUjjZNFdJLZsgNyA_339jshw6cGxrwjH_jbKplgrhy0Rm1oWZ5qJJO5GkwjrkZxqhx3puSaPNFfj59WtLdwZ2xakjAcioXahr-_gWLW41WtQO5SV8UsQCUQbcPbymwuI7aCBFEMzy6rXxJfciRmYxBe_BhohH5BNeY4wmlS2Gf8MB6f8zxcWZQTWFhgUhl0saPx373pUWHcb_ymvTiHD2zZfmEUIGkTo9NNzewOiUrccEUH4cJPH_l2P6isv_O1CigsOxOFjQTvWjn2Z1n8-E1ijm6Zu23COIZCMb9wE8VPbfa4h2RyW4yjLhmYM--K_-ZMD3gh3LMj6LlYh_fz6T1c_4CrRd1ail3xUq8fM2BExvDFv7m7l74uNLQNFAvvln_Rf4HnmSIdX31d1jHP1PH9PHxJ3SnQeFlQICvZpUA-GxwUSNO_yTQJkvLLA_dw4ucS3uNRIJXz05qRCfdfehUXr9uftU_lW2IdQK8_VPYLxaB4WcVAC6cgXLDiSUo7Nf-xz7DbNGBvJcDOUJ1pX77NNqubiFElABCD3xywsWKeq_GG4L27toTtcOwzV07kUDDwuDQt4MdFRtFad75jYeNNfsnDUUunWtazgCNeDG1eBODrNG97R9WIO58i0hl1WW7_kBdCoItE4aT8xqNLF6roJNRpANNF5kV3f2DXXb8hIuQTo-MJZ2IWnkfqccGTrL-T9ZzhsvjZ-s_RxwV4HLPpOUdzHx9mP-TB6aRZvZ8PczY6mJevVZ-BcFI1HYgRQheSMBySE-bi_Hmh9Yckf9PkqWo6yhRKotlo6G1LKjj1M2EWXTumqKwqJ3u1c2Gv9h1hw30ctjcvvhYgQPit0-X3pVQWfoqfFVxrtu5bjwM8KpRdE00PopdMcGyMZSdS41fht607UWe6iuiNwHMob2qBD5h9GKpQ_hdP080sDIKt5VjTvw7aYBniWJ5wJeqgj_hPpPhVpXwznA6GfqNiHWhLQpIGTpGLn3rCxyZKnJmYzxNqBhqjOLs33ptfoqmuIzTHtzlxYhlmkrE3qJVY3r5pFtvUnIWhKxKxaViP3gOgU6QJQUI7qPCUbTqohVhe4nbrBI8_f7dKeDV0LNZK1IQ3Pl0e4YJ0QCv43Xm5vOHhK6IOgxpUL4PYgmep7FbviXKI-CQVZxID9f79glYSA7TT0gWDl395lvF0O3A7Uj6PTJ90prRwIy-5Hnp41pR9NCMTPjkCN08rpshIlY4NcctJE-RSCta34LZPJXzGtf60go7a6d4JMLX1qWCBrytKIzhd4IqJ0fNN-fxZeUsaz_cEGNaM66jOSFPyn61HR_hHryCi0eK9WL3W5W5EAfebVDeBfnXn8qsAv2P7gw8lm22koasKBZI5mXWrp1557VXNXIk-98ERPCV8z3ygrd6IgNinirbkJrA2bPQC3nlt_PtRXpYiY9sVnnIMtGCi_SKIpea6nCYDOFjIpS7hn1mXhGnRWd4hhQVaMbyI_xthGUN6hLzg3BFMIUUF5s7aTpv3RtHEsFY1Apl4Vxs9Ua4qdYC23H_UJSYxe43WQ17zF7cc5bwzi_MPBFSB7Dj4GzXNzphcbr6qoEmG94kYH-VLLS2NItDlwmdI-xvwFvMxzcfbjfPQLGZuSg&cid=CAQSTwAvHhf_1R37mnPN0njtHP9Q9GePUmH3ckm-6OOdLY5xHUoRGfQ3PshE-Nf-xUUmc5JzxH0ZEagoLu252gSKiu2_7i2gW9r_Y-snSaMCHtEYAQ&dv3_ver=m202401290101&rfl=http%3A%2F%2Fwww.victoireturf.ht.cx&ds=l&xdt=1&iif=1&cor=10014554480432314000&adk=4069717677&idt=50&cac=0&dtd=8

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/dv3.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

bf3bfb57d76447862f2de7bbf6d1efde991b9df6a43a1e2b6ac698190d2ef6b0

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5203714787387788&output=html&h=90&slotname=4563536207&adk=2647235303&adf=3604715433&pi=t.ma~as.4563536207&w=970&format=970x90&url=http%3A%2F%2Fwww.victoireturf.ht.cx%2F&wgl=1&dt=1707788284550&bpp=2&bdt=338&idt=209&shv=r20240208&mjsv=m202402010101&ptt=9&saldr=aa&correlator=8097472923101&frm=23&ife=1&pv=2&ga_vid=1992698968.1707788285&ga_sid=1707788285&ga_hid=1878795983&ga_fc=0&nhd=1&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&adx=20&ady=0&biw=1600&bih=1200&isw=1600&ish=90&ifk=628767178&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44808397%2C42531705%2C95324581%2C95320870%2C95324155%2C95324160%2C95324266&oid=2&pvsid=3396814919795606&tmod=2106271464&uas=0&nvt=1&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C90&vis=1&rsz=o%7Co%7CaeE%7C&abl=NA&pfx=0&fu=4&bc=23&bz=1&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=1&uci=1.arz5rae2q91f&fsb=1&dtd=217
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 13 Feb 2024 01:38:05 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
content-type: text/javascript; charset=UTF-8
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 20098
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 abg_lite.js Show response
pagead2.googlesyndication.com/pagead/js/r20240208/r20110914/ Frame 0B7F 30 KB
11 KB 25ms
25ms Script
text/javascript 2a00:1450:4001:82b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/r20240208/r20110914/abg_lite.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-A5TQtlY_jcyvz2aO4-8hBdst5iF3t0Lo47oT0EsvS6E-dU4mvN4373IAai0bbakZp_GsiSotzahUjuwQ1LRriY77Q_gMXvwc7UY2QzzjkqKaoH6CkDcg280ttK6YYAcSAszxfcNDzBmnEikoVv326BXQEhVbkFndLs7SiMn0BAUVNEt64&cry=1&dbm_d=AKAmf-AtSDfhWu3EvEbn4P1vyyJ6mwDopbilkcD3Hk7p-_pkDgnF1nx8bZ-17OzqZqN2T-p3tImwAR9skxykt3NguTRGdwqF2O3gs9SV9QedQqaInv6rC8GGGL4U8FDdTRjxjudmvX55mIhxoWcRMRJtlnqvjt0rCNwcpHZ7BwIN1kLL6LhT9yiHSEp0EAHcCwUzPtXUEl0Q5NSzWs8uy-cIjFYjS0HJb33kk7Cp8TTJhnd_hJrF27O-LJVwsSuWIR5YUqDDeKpjaAqHsRxgssPq7TlghLQA80IJ7EgNRSlRXBKtRSYqr64jMUtq-rZ7Ke82um_xjt_w42iob2aZF5vHsyxs8IJZvC55FBEfl0NbzZ-auDBi7HPMIwVUCBtgdEYMHcdpSugYE5V65RmxmBfnsb3Jp7HzA12-bCINIer86gZ_XBO1iLWggN1iaiRO5KJkcZwuXmy9NFrCAjR9XUQmBomK1-dtRRlvLXV2AIyWRuluZWW2lv8I6VCXybW0TcehY_URGNFTNVGbBJGFhZOTgtSe2W3APLG3MpyATtYyvr3vG3bYiHFbHyK3iotjb-uafOaFbJXx_ZQr5mbREr-GGVlSIwfy4gTZXbLu1w4A4noDy4ogkTZ7hsiZEkl4EtLEH4QylIFN69XnlaeaoXkvOFsI3bl7X6Ya-4qOhAHAv0DsOCqwX9_siaTBtnRW80yOOBNb-uy9amqUvRWGBovPZ0heOZr6kt-K3GfkVaAXaEWbvdLgqiF3fmMJhw_jXy3KD8QF58GxoQElCwFi89SQdctnzb8vJlQlI9w-H4zh5yhcScwCB9ffE6uAw2rcFaT5BDQy8YdIkteuuSio661dntm_3Rco6remJMImdHYQpZ7dVSDkv_6KICyiLMrFP8y61H9Y_6pr5BRvUxgfXOSg2e-sBEGB1WC-pm9TTXNhIzMvzzldLtvXep13lJkQF8-qUly5pB0scXID0vfDEKCpDTerGOJdEQqZ3Rk9m-og4X4Uf1NMqnMenjDq6Pwl2f2Exu_1JcVIX94wqIGx1OCUkr87IUbGOb6COE5obvEoe5p8Z5Cduh_tjii-36WJwK1lxrFCdnroLHynbver0cCAggxL9a3JYYTpuUB_QWXOZIiAEhzj1E9bWxGl_u3ZP-jKDEDPNzqyajyAnTzOtBSjfhz4kNcJyJovkDDRjYIjZr1-2njUfWii_QBtm37xwR8clX4CQQAng0G8Qkpf549A3nj8R89xI-tIav_NxTgUiAJM8t4y_YVObDQaOAd2TeZkCYwwdE2bgIThQQyan8v89FvM8G81IQJbPZY3UmYfLyS5wvuQyHLMBaaHFZVKylPLYn2skNZCGShT6bW_WsHHCjlF_reA0BhMdMzUnbzUHpUri5uyNyahuzsNyWyhzhLZSbjQgC5ruy5h_jLSL9MBftczwgXO919jYnmfBbualVLRLLuVXxqUr_8gr2WO18Wfgp402KyCylaovfWd1m2q1Uv4nYWqv-FHBQoLNybnkOtZsUaBVoitvN1izVVkdYXouJCzsjiCRkg3SMNYhTwupqMIufcGAgoxm_Z60ofDt9w4I7PtdCa75f4XKqxxEZu3FWS4Xe3QAlMze4EXTLr6HhCsYOh81YLQwOGxiAVAXi0dcaS9pASZKPjbqaLgePx5-6KE_ay-u6zWkYNl2NLItqzC3obHDl5Eh34cXQHNMVKWZYAUF8gpwsqMNw3SqxbotZ-GlfuybNneX3g310c2KSSgsOD9fTN1uBX2l_y95jw87SAgQ3SofJCB9CQlV-qLma1eSmryU1fte3ZTm57gNLjCRg3HaWy9tHWGJ4mo2YnxIr0cb14HymHzoRAlXzdBMm80gtmgcCnt7JV15XF0BipqxMjzD3QzHWS1Tn9K_WRgTKaNS7rdXB_lF5-ssPL7F-yjTg6J_nGtcjdTVsIwfwyO4WHLpAjBUHFl8GGJc4iwsddM0bdDVMfVuQQ08vUjjZNFdJLZsgNyA_339jshw6cGxrwjH_jbKplgrhy0Rm1oWZ5qJJO5GkwjrkZxqhx3puSaPNFfj59WtLdwZ2xakjAcioXahr-_gWLW41WtQO5SV8UsQCUQbcPbymwuI7aCBFEMzy6rXxJfciRmYxBe_BhohH5BNeY4wmlS2Gf8MB6f8zxcWZQTWFhgUhl0saPx373pUWHcb_ymvTiHD2zZfmEUIGkTo9NNzewOiUrccEUH4cJPH_l2P6isv_O1CigsOxOFjQTvWjn2Z1n8-E1ijm6Zu23COIZCMb9wE8VPbfa4h2RyW4yjLhmYM--K_-ZMD3gh3LMj6LlYh_fz6T1c_4CrRd1ail3xUq8fM2BExvDFv7m7l74uNLQNFAvvln_Rf4HnmSIdX31d1jHP1PH9PHxJ3SnQeFlQICvZpUA-GxwUSNO_yTQJkvLLA_dw4ucS3uNRIJXz05qRCfdfehUXr9uftU_lW2IdQK8_VPYLxaB4WcVAC6cgXLDiSUo7Nf-xz7DbNGBvJcDOUJ1pX77NNqubiFElABCD3xywsWKeq_GG4L27toTtcOwzV07kUDDwuDQt4MdFRtFad75jYeNNfsnDUUunWtazgCNeDG1eBODrNG97R9WIO58i0hl1WW7_kBdCoItE4aT8xqNLF6roJNRpANNF5kV3f2DXXb8hIuQTo-MJZ2IWnkfqccGTrL-T9ZzhsvjZ-s_RxwV4HLPpOUdzHx9mP-TB6aRZvZ8PczY6mJevVZ-BcFI1HYgRQheSMBySE-bi_Hmh9Yckf9PkqWo6yhRKotlo6G1LKjj1M2EWXTumqKwqJ3u1c2Gv9h1hw30ctjcvvhYgQPit0-X3pVQWfoqfFVxrtu5bjwM8KpRdE00PopdMcGyMZSdS41fht607UWe6iuiNwHMob2qBD5h9GKpQ_hdP080sDIKt5VjTvw7aYBniWJ5wJeqgj_hPpPhVpXwznA6GfqNiHWhLQpIGTpGLn3rCxyZKnJmYzxNqBhqjOLs33ptfoqmuIzTHtzlxYhlmkrE3qJVY3r5pFtvUnIWhKxKxaViP3gOgU6QJQUI7qPCUbTqohVhe4nbrBI8_f7dKeDV0LNZK1IQ3Pl0e4YJ0QCv43Xm5vOHhK6IOgxpUL4PYgmep7FbviXKI-CQVZxID9f79glYSA7TT0gWDl395lvF0O3A7Uj6PTJ90prRwIy-5Hnp41pR9NCMTPjkCN08rpshIlY4NcctJE-RSCta34LZPJXzGtf60go7a6d4JMLX1qWCBrytKIzhd4IqJ0fNN-fxZeUsaz_cEGNaM66jOSFPyn61HR_hHryCi0eK9WL3W5W5EAfebVDeBfnXn8qsAv2P7gw8lm22koasKBZI5mXWrp1557VXNXIk-98ERPCV8z3ygrd6IgNinirbkJrA2bPQC3nlt_PtRXpYiY9sVnnIMtGCi_SKIpea6nCYDOFjIpS7hn1mXhGnRWd4hhQVaMbyI_xthGUN6hLzg3BFMIUUF5s7aTpv3RtHEsFY1Apl4Vxs9Ua4qdYC23H_UJSYxe43WQ17zF7cc5bwzi_MPBFSB7Dj4GzXNzphcbr6qoEmG94kYH-VLLS2NItDlwmdI-xvwFvMxzcfbjfPQLGZuSg&cid=CAQSTwAvHhf_1R37mnPN0njtHP9Q9GePUmH3ckm-6OOdLY5xHUoRGfQ3PshE-Nf-xUUmc5JzxH0ZEagoLu252gSKiu2_7i2gW9r_Y-snSaMCHtEYAQ&dv3_ver=m202401290101&rfl=http%3A%2F%2Fwww.victoireturf.ht.cx&ds=l&xdt=1&iif=1&cor=10014554480432314000&adk=4069717677&idt=50&cac=0&dtd=8

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

719314f680a79defc6c02a7dbaff63da48911cbf418614226bde044fb02e065d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36

Response headers

date: Mon, 12 Feb 2024 21:56:02 GMT
content-encoding: br
x-content-type-options: nosniff
age: 13323
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 11551
x-xss-protection: 0
server: cafe
etag: 12710720872123804752
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Mon, 26 Feb 2024 21:56:02 GMT

GET
H2 200 Q12zgMmT.js Show response
tpc.googlesyndication.com/sodar/ Frame 0B7F 41 KB
14 KB 26ms
26ms Script
text/javascript 2a00:1450:4001:828::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/Q12zgMmT.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:828::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

435db380c9936c0970dcd3d9941eab6aec2fcf2a38c3e2b4e02d957e8e76bd1f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36

Response headers

date: Fri, 09 Feb 2024 19:36:51 GMT
content-encoding: br
x-content-type-options: nosniff
age: 280874
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 13937
x-xss-protection: 0
last-modified: Fri, 25 Aug 2023 23:48:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
vary: Accept-Encoding
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Sat, 08 Feb 2025 19:36:51 GMT

GET
H2 200 attribution_src_register;crd=cXVlcnlfZXZlbnRfaWQgewogIHRpbWVfdXNlYzogMTcwNzc4ODI4NTI1MTEzMAogIHNlcnZlcl9pcDogMTM1Mzg3OTg4CiAgcHJvY2Vzc19pZDogMTY0NDU0MTY3Nwp9CmZsb29kbGlnaHRfY29uZmlnX2lkOiAxMTk2MzQ2...
ad.doubleclick.net/ddm/activity/ Frame 0B7F 0
861 B 137ms
60ms Image
image/png 142.250.185.70
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ad.doubleclick.net/ddm/activity/attribution_src_register;crd=cXVlcnlfZXZlbnRfaWQgewogIHRpbWVfdXNlYzogMTcwNzc4ODI4NTI1MTEzMAogIHNlcnZlcl9pcDogMTM1Mzg3OTg4CiAgcHJvY2Vzc19pZDogMTY0NDU0MTY3Nwp9CmZsb29kbGlnaHRfY29uZmlnX2lkOiAxMTk2MzQ2OAphZHZlcnRpc2VyX2RvbWFpbjogImh0dHBzOi8vYWRmb3JtLm5ldCIKeGZhX2F0dHJpYnV0aW9uX2ludGVyYWN0aW9uX3R5cGU6IFZJRVcKaW1wcmVzc2lvbl9wcmlvcml0eTogMAppbXByZXNzaW9uX2V4cGlyeV9pbl9kYXlzOiAzMApldmVudF9pbXByZXNzaW9uX2lkOiAzNTIyMzQwMDQ3NjUyMjEzMDc5CmRlYnVnX2tleTogMzk3Nzk2ODI4MTk0MDYwNjI5NAppbXByZXNzaW9uX21lYXN1cmVtZW50X2RpbWVuc2lvbnNfZGF0YSB7CiAgbWVhc3VyZW1lbnRfZGltZW5zaW9uOiBJTVBSRVNTSU9OX0RJTUVOU0lPTl9QUk9EVUNUX1RZUEUKICBtZWFzdXJlbWVudF9kaW1lbnNpb25fdmFsdWUgewogICAgaW50NjRfdmFsdWU6IDIKICB9Cn0KaW1wcmVzc2lvbl9tZWFzdXJlbWVudF9kaW1lbnNpb25zX2RhdGEgewogIG1lYXN1cmVtZW50X2RpbWVuc2lvbjogSU1QUkVTU0lPTl9ESU1FTlNJT05fSU5URVJBQ1RJT05fVFlQRQogIG1lYXN1cmVtZW50X2RpbWVuc2lvbl92YWx1ZSB7CiAgICBpbnQ2NF92YWx1ZTogMwogIH0KfQppbXByZXNzaW9uX21lYXN1cmVtZW50X2RpbWVuc2lvbnNfZGF0YSB7CiAgbWVhc3VyZW1lbnRfZGltZW5zaW9uOiBJTVBSRVNTSU9OX0RJTUVOU0lPTl9JTlRFUkFDVElPTl9EQVRFCiAgbWVhc3VyZW1lbnRfZGltZW5zaW9uX3ZhbHVlIHsKICAgIHN0cmluZ192YWx1ZTogIjIwMjQtMDItMTMiCiAgfQp9CmltcHJlc3Npb25fbWVhc3VyZW1lbnRfZGltZW5zaW9uc19kYXRhIHsKICBtZWFzdXJlbWVudF9kaW1lbnNpb246IElNUFJFU1NJT05fRElNRU5TSU9OX0ZMT09ETElHSFRfQ09ORklHX0lECiAgbWVhc3VyZW1lbnRfZGltZW5zaW9uX3ZhbHVlIHsKICAgIGludDY0X3ZhbHVlOiAxMTk2MzQ2OAogIH0KfQppbXByZXNzaW9uX21lYXN1cmVtZW50X2RpbWVuc2lvbnNfZGF0YSB7CiAgbWVhc3VyZW1lbnRfZGltZW5zaW9uOiBJTVBSRVNTSU9OX0RJTUVOU0lPTl9DT1JFX1BMQVRGT1JNX1NFUlZJQ0UKICBtZWFzdXJlbWVudF9kaW1lbnNpb25fdmFsdWUgewogICAgaW50NjRfdmFsdWU6IDAKICB9Cn0KaW1wcmVzc2lvbl9tZWFzdXJlbWVudF9kaW1lbnNpb25zX2RhdGEgewogIG1lYXN1cmVtZW50X2RpbWVuc2lvbjogSU1QUkVTU0lPTl9ESU1FTlNJT05fUExBVEZPUk1fVFlQRQogIG1lYXN1cmVtZW50X2RpbWVuc2lvbl92YWx1ZSB7CiAgICBpbnQ2NF92YWx1ZTogMAogIH0KfQppbXByZXNzaW9uX21lYXN1cmVtZW50X2RpbWVuc2lvbnNfZGF0YSB7CiAgbWVhc3VyZW1lbnRfZGltZW5zaW9uOiBJTVBSRVNTSU9OX0RJTUVOU0lPTl9RVUVSWV9DT1VOVFJZCiAgbWVhc3VyZW1lbnRfZGltZW5zaW9uX3ZhbHVlIHsKICAgIHN0cmluZ192YWx1ZTogIlVTIgogIH0KfQppbXByZXNzaW9uX21lYXN1cmVtZW50X2RpbWVuc2lvbnNfZGF0YSB7CiAgbWVhc3VyZW1lbnRfZGltZW5zaW9uOiBJTVBSRVNTSU9OX0RJTUVOU0lPTl9QTEFDRU1FTlRfSUQKICBtZWFzdXJlbWVudF9kaW1lbnNpb25fdmFsdWUgewogICAgaW50NjRfdmFsdWU6IDM4NTUwMTg5MAogIH0KfQppbXByZXNzaW9uX21lYXN1cmVtZW50X2RpbWVuc2lvbnNfZGF0YSB7CiAgbWVhc3VyZW1lbnRfZGltZW5zaW9uOiBJTVBSRVNTSU9OX0RJTUVOU0lPTl9EVjNfQURWRVJUSVNFUl9JRAogIG1lYXN1cmVtZW50X2RpbWVuc2lvbl92YWx1ZSB7CiAgICBpbnQ2NF92YWx1ZTogOTA1MTM0NDg1CiAgfQp9CmltcHJlc3Npb25fbWVhc3VyZW1lbnRfZGltZW5zaW9uc19kYXRhIHsKICBtZWFzdXJlbWVudF9kaW1lbnNpb246IElNUFJFU1NJT05fRElNRU5TSU9OX0RWM19MSU5FX0lURU1fSUQKICBtZWFzdXJlbWVudF9kaW1lbnNpb25fdmFsdWUgewogICAgaW50NjRfdmFsdWU6IDE3NzE1MjEwMzgyCiAgfQp9CmltcHJlc3Npb25fbWVhc3VyZW1lbnRfZGltZW5zaW9uc19kYXRhIHsKICBtZWFzdXJlbWVudF9kaW1lbnNpb246IElNUFJFU1NJT05fRElNRU5TSU9OX0RWM19DUkVBVElWRV9JRAogIG1lYXN1cmVtZW50X2RpbWVuc2lvbl92YWx1ZSB7CiAgICBpbnQ2NF92YWx1ZTogNTQzMDM4MzE5CiAgfQp9CmFyY2hldHlwZV9pZDogMTIKYXJjaGV0eXBlX2lkOiAxMwphcmNoZXR5cGVfaWQ6IDE0CmFyY2hldHlwZV9pZDogMTUKYWR2ZXJ0aXNlcl9jb252ZXJzaW9uX2RvbWFpbnM6ICJodHRwczovL2FkZm9ybS5uZXQiCmFkdmVydGlzZXJfY29udmVyc2lvbl9kb21haW5zOiAiaHR0cHM6Ly9kZWJ1Z2NvbnZlcnNpb25kb21haW4xLmNvbSIKYWR2ZXJ0aXNlcl9jb252ZXJzaW9uX2RvbWFpbnM6ICJodHRwczovL2RlYnVnY29udmVyc2lvbmRvbWFpbjIuY29tIgppbXByZXNzaW9uX2V2ZW50X3JlcG9ydGluZ193aW5kb3dfZGF5czogNApicm93c2VyX2F0dHJpYnV0aW9uX2FwaV9yZXF1ZXN0X3Byb2Nlc3NpbmdfYml0czogNzM4MTk3NTA0Cg

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.185.70 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s48-in-f6.1e100.net

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 13 Feb 2024 01:38:05 GMT
x-content-type-options: nosniff
attribution-reporting-register-source: {"aggregation_keys":{"12":"0x1779611b360340e10000000000000000","13":"0xc308784978ad8bf90000000000000000","14":"0xd02a5bcb7a14623a0000000000000000","15":"0x5880b0bd84549a910000000000000000"},"debug_key":"3977968281940606294","debug_reporting":true,"destination":"https://adform.net","event_report_window":"345600","expiry":"2592000","filter_data":{"14":[],"21":[],"8":["11963468"]},"priority":"0","source_event_id":"3522340047652213079"}
server: cafe
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
content-type: image/png
access-control-allow-origin: *
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 62bHydCX.html Show response
tpc.googlesyndication.com/sodar/ Frame B69F 38 KB
13 KB 26ms
25ms Document
text/html 2a00:1450:4001:828::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/62bHydCX.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/Q12zgMmT.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:828::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

eb66c7c9d097d5ba414230f422484c17fa6f37157d30e1ded2cc5f65a9667987

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36
accept-language: fr-FR,fr;q=0.9

Response headers

accept-ranges: bytes
age: 263235
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=31536000
content-encoding: br
content-length: 13045
content-type: text/html
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy: cross-origin
date: Sat, 10 Feb 2024 00:30:50 GMT
expires: Sun, 09 Feb 2025 00:30:50 GMT
last-modified: Fri, 25 Aug 2023 23:48:00 GMT
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 s2FIp7qIh4Ll-h1SuqPbkEUlb76jWjaUEpOM7BUf_00.js Show response
pagead2.googlesyndication.com/bg/ Frame B69F 51 KB
19 KB 26ms
26ms Script
text/javascript 2a00:1450:4001:82b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/s2FIp7qIh4Ll-h1SuqPbkEUlb76jWjaUEpOM7BUf_00.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/62bHydCX.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

b36148a7ba888782e5fa1d52baa3db9045256fbea35a369412938cec151fff4d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36

Response headers

date: Mon, 12 Feb 2024 22:13:07 GMT
content-encoding: br
x-content-type-options: nosniff
age: 12298
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 19835
x-xss-protection: 0
last-modified: Mon, 05 Feb 2024 17:48:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Tue, 11 Feb 2025 22:13:07 GMT

GET
H2

200

/ Show response
track.adform.net/adfscript/ Frame 0B7F
Redirect Chain

https://fw.adsafeprotected.com/rfw/track.adform.net/1914784/77641194/adfscript/?bn=70610326;click=https://googleads.g.doubleclick.net/dbm/clk?sa=L&ai=CdZNM_MfKZYrrMI-rnsEPspCbiAu_lYLUddCM9LTBEvAuEA...
https://track.adform.net/adfscript/?bn=70610326;click=https://googleads.g.doubleclick.net/dbm/clk?sa=L&ai=CdZNM_MfKZYrrMI-rnsEPspCbiAu_lYLUddCM9LTBEvAuEAEgorr-AmD74YWDnAqgAfyTgMooyAEJqQLSwtrldg-yPq...

3 KB
3 KB

144ms
36ms

Script
text/javascript

37.157.5.84
ADFORM

General

Check archive.org

Show headers Download Go to

Full URL

https://track.adform.net/adfscript/?bn=70610326;click=https://googleads.g.doubleclick.net/dbm/clk?sa=L&ai=CdZNM_MfKZYrrMI-rnsEPspCbiAu_lYLUddCM9LTBEvAuEAEgorr-AmD74YWDnAqgAfyTgMooyAEJqQLSwtrldg-yPqgDAcgDmwSqBO0BT9DohN-yzg8682ki6_96nSgk2zQ3VKsM7xZet1O_GqPkdhqFX37zuPVGHKsKxsou-asOWaA4GOcY_H4_2FTESf55XfPM94PUVJ_hyzO98bFNyvmWwqzRXMpqSJVM3-ANsf7V83W68ORQnky16c80vn-wu7D0kL5qEXgRIQ1-P1TCvZMuqufGPGi7Y93PDExOy7Fmaq_mX089ULM0t0XlKA4g6aa6Fy03qlMIcd_iPejITqufqTUv7SQtEgXrz5DosqurUBRWFBnknJAI2zb8vmQcMZAbhE-pjG8U34FNo2MEDLXK6zw8L6YI8flqwATI5L_WmQTgBAOIBY7Rov9BkAYBoAZNgAf8y9CpA6gH2baxAqgHjs4bqAeT2BuoB-6WsQKoB_6esQKoB9XJG6gHpr4bqAeaBqgH89EbqAeW2BuoB6qbsQKoB4OtsQKoB_-esQKoB9-fsQLYBwDSCCYIgOGAEBABGB8yAqoCOgmAQICAhICAhAhIvf3BOljmosSQl6eEA4AKAZgLAcgLAYAMAaoNAkZSsBO9lNIW2BMD2BQB0BUB-BYBgBcB&ae=1&num=1&cid=CAQSTwAvHhf_1R37mnPN0njtHP9Q9GePUmH3ckm-6OOdLY5xHUoRGfQ3PshE-Nf-xUUmc5JzxH0ZEagoLu252gSKiu2_7i2gW9r_Y-snSaMCHtEYAQ&sig=AOD64_3PTapqDhTSGZTmao5CYzFpXifRgQ&client=ca-pub-5203714787387788&dbm_c=AKAmf-DyaAdvdw9uJx6u79c5cgiJxDVmQs93qP-Dir-RTZn_bZhmprxH3vezW-k-YPwlJoJBPpMXnQ0enviKQbuWcfKlfEwobU2OVvHFLRPLtPQmHvrMsDY9vz2-1Zwjgt4l66qmYJ1GwYiTHuVY-6b9LIJ9igX4LLtzQ1hJf2ZFNDmstGXAA4M&cry=1&dbm_d=AKAmf-DpgNoR5GTqxND3IsdXcsZqBaLNpv8KwCXId6k0sONLcH3ew46M1UDXM0gJ31M79wkT3sh96ulaTNnfGQ5v7MFeeJV7L-dM1T9A2R8scvWbRsXqlv1diUakR8p85tz_Do6Cxz01LBLDtHqltWA6cgVYD866AMJ0xw7njtLQJHpz-VouJ0kojg52jcK_RA4R7iwfXCqY60q5kJS5d1NloBZHm81ACa3pDeIPPAUWe4PQ3hdYmG2VkGsFueA7eQl-Pw_fq1LjzDoZ_5tke50pxlGEGc70W81Wh0XDmU_7HYIDmMHTWvbbMWzcd_xRUJI8DLQ-8-MvH8fuGIEJLe1dpQNKwM_HlADOzqEV-YQwebgAe2dhS80JmhSsE6THW9NDfqsERuSSl3cj9wAxbRB38R49CFw_ppZC_N4fZ4J1UZFaY9cafXp7_59NsKrh-IHbBnUnfwZliNZE2sgjMgLwqqtI3VjagUn1SoUPuFVWoHf6WmQSmJMvqyBN9-jG8gTFO65mL4XOUn6004xhOyOXcEYJh8QLDM25j9s0ekYdscYDWCfxK4ZFEeacY6XCQlRJdt11mS__&adurl=

Requested by

Protocol

Server

37.157.5.84 , Denmark, ASN198622 (ADFORM, DK),

Reverse DNS

Software

nginx /

Resource Hash

89391a110a6d09418ed926d589d796f867c3bdcaf125a91659b7c8fd76f00018

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5203714787387788&output=html&h=90&slotname=4563536207&adk=2647235303&adf=3604715433&pi=t.ma~as.4563536207&w=970&format=970x90&url=http%3A%2F%2Fwww.victoireturf.ht.cx%2F&wgl=1&dt=1707788284550&bpp=2&bdt=338&idt=209&shv=r20240208&mjsv=m202402010101&ptt=9&saldr=aa&correlator=8097472923101&frm=23&ife=1&pv=2&ga_vid=1992698968.1707788285&ga_sid=1707788285&ga_hid=1878795983&ga_fc=0&nhd=1&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&adx=20&ady=0&biw=1600&bih=1200&isw=1600&ish=90&ifk=628767178&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44808397%2C42531705%2C95324581%2C95320870%2C95324155%2C95324160%2C95324266&oid=2&pvsid=3396814919795606&tmod=2106271464&uas=0&nvt=1&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C90&vis=1&rsz=o%7Co%7CaeE%7C&abl=NA&pfx=0&fu=4&bc=23&bz=1&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=1&uci=1.arz5rae2q91f&fsb=1&dtd=217
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 13 Feb 2024 01:38:05 GMT
content-encoding: gzip
strict-transport-security: max-age=31536000; includeSubDomains
server: nginx
accept-ch: Sec-CH-UA,Sec-CH-UA-Arch,Sec-CH-UA-Bitness,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version
vary: Accept-Encoding
content-type: text/javascript; charset=utf-8
access-control-allow-origin: *
p3p: CP="NOI DSP COR NID CURa ADMa DEVa TAIa PSAa PSDa OUR LEG NAV INT"
cache-control: no-cache, no-store, must-revalidate, no-transform
content-length: 2558
expires: -1

Redirect headers

pragma: no-cache
date: Tue, 13 Feb 2024 01:38:05 GMT
server: nginx
x-server-name: app17.ie.303net.net
p3p: CP="COM NAV INT STA NID OUR IND NOI"
location: https://track.adform.net/adfscript/?bn=70610326;click=https://googleads.g.doubleclick.net/dbm/clk?sa=L&ai=CdZNM_MfKZYrrMI-rnsEPspCbiAu_lYLUddCM9LTBEvAuEAEgorr-AmD74YWDnAqgAfyTgMooyAEJqQLSwtrldg-yPqgDAcgDmwSqBO0BT9DohN-yzg8682ki6_96nSgk2zQ3VKsM7xZet1O_GqPkdhqFX37zuPVGHKsKxsou-asOWaA4GOcY_H4_2FTESf55XfPM94PUVJ_hyzO98bFNyvmWwqzRXMpqSJVM3-ANsf7V83W68ORQnky16c80vn-wu7D0kL5qEXgRIQ1-P1TCvZMuqufGPGi7Y93PDExOy7Fmaq_mX089ULM0t0XlKA4g6aa6Fy03qlMIcd_iPejITqufqTUv7SQtEgXrz5DosqurUBRWFBnknJAI2zb8vmQcMZAbhE-pjG8U34FNo2MEDLXK6zw8L6YI8flqwATI5L_WmQTgBAOIBY7Rov9BkAYBoAZNgAf8y9CpA6gH2baxAqgHjs4bqAeT2BuoB-6WsQKoB_6esQKoB9XJG6gHpr4bqAeaBqgH89EbqAeW2BuoB6qbsQKoB4OtsQKoB_-esQKoB9-fsQLYBwDSCCYIgOGAEBABGB8yAqoCOgmAQICAhICAhAhIvf3BOljmosSQl6eEA4AKAZgLAcgLAYAMAaoNAkZSsBO9lNIW2BMD2BQB0BUB-BYBgBcB&ae=1&num=1&cid=CAQSTwAvHhf_1R37mnPN0njtHP9Q9GePUmH3ckm-6OOdLY5xHUoRGfQ3PshE-Nf-xUUmc5JzxH0ZEagoLu252gSKiu2_7i2gW9r_Y-snSaMCHtEYAQ&sig=AOD64_3PTapqDhTSGZTmao5CYzFpXifRgQ&client=ca-pub-5203714787387788&dbm_c=AKAmf-DyaAdvdw9uJx6u79c5cgiJxDVmQs93qP-Dir-RTZn_bZhmprxH3vezW-k-YPwlJoJBPpMXnQ0enviKQbuWcfKlfEwobU2OVvHFLRPLtPQmHvrMsDY9vz2-1Zwjgt4l66qmYJ1GwYiTHuVY-6b9LIJ9igX4LLtzQ1hJf2ZFNDmstGXAA4M&cry=1&dbm_d=AKAmf-DpgNoR5GTqxND3IsdXcsZqBaLNpv8KwCXId6k0sONLcH3ew46M1UDXM0gJ31M79wkT3sh96ulaTNnfGQ5v7MFeeJV7L-dM1T9A2R8scvWbRsXqlv1diUakR8p85tz_Do6Cxz01LBLDtHqltWA6cgVYD866AMJ0xw7njtLQJHpz-VouJ0kojg52jcK_RA4R7iwfXCqY60q5kJS5d1NloBZHm81ACa3pDeIPPAUWe4PQ3hdYmG2VkGsFueA7eQl-Pw_fq1LjzDoZ_5tke50pxlGEGc70W81Wh0XDmU_7HYIDmMHTWvbbMWzcd_xRUJI8DLQ-8-MvH8fuGIEJLe1dpQNKwM_HlADOzqEV-YQwebgAe2dhS80JmhSsE6THW9NDfqsERuSSl3cj9wAxbRB38R49CFw_ppZC_N4fZ4J1UZFaY9cafXp7_59NsKrh-IHbBnUnfwZliNZE2sgjMgLwqqtI3VjagUn1SoUPuFVWoHf6WmQSmJMvqyBN9-jG8gTFO65mL4XOUn6004xhOyOXcEYJh8QLDM25j9s0ekYdscYDWCfxK4ZFEeacY6XCQlRJdt11mS__&adurl=
cache-control: no-cache
content-length: 0

GET
H2 200 sca.17.6.2.js Show response
static.adsafeprotected.com/ Frame C253 91 KB
23 KB 81ms
21ms Script
application/javascript 2600:9000:2046:8200:8:48e:53c0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://static.adsafeprotected.com/sca.17.6.2.js
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5203714787387788&output=html&h=90&slotname=4563536207&adk=2647235303&adf=3604715433&pi=t.ma~as.4563536207&w=970&format=970x90&url=http%3A%2F%2Fwww.victoireturf.ht.cx%2F&wgl=1&dt=1707788284550&bpp=2&bdt=338&idt=209&shv=r20240208&mjsv=m202402010101&ptt=9&saldr=aa&correlator=8097472923101&frm=23&ife=1&pv=2&ga_vid=1992698968.1707788285&ga_sid=1707788285&ga_hid=1878795983&ga_fc=0&nhd=1&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&adx=20&ady=0&biw=1600&bih=1200&isw=1600&ish=90&ifk=628767178&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44808397%2C42531705%2C95324581%2C95320870%2C95324155%2C95324160%2C95324266&oid=2&pvsid=3396814919795606&tmod=2106271464&uas=0&nvt=1&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C90&vis=1&rsz=o%7Co%7CaeE%7C&abl=NA&pfx=0&fu=4&bc=23&bz=1&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=1&uci=1.arz5rae2q91f&fsb=1&dtd=217
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2046:8200:8:48e:53c0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 01cee6a7a3f1444680b188ab84052e2b6c85966f53a718d3926135ebcc832ffd

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36

Response headers

date: Sat, 27 May 2023 03:39:49 GMT
x-amz-version-id: go8nfBUviNCPCwnrYX1LpMW5hEx3ASGy
content-encoding: gzip
via: 1.1 006e53d1925d4d044125ff497c18b3b4.cloudfront.net (CloudFront)
x-amz-cf-pop: LHR62-C4
age: 22629497
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
x-amz-replication-status: COMPLETED
last-modified: Tue, 20 Sep 2022 19:21:34 GMT
server: AmazonS3
etag: W/"1f3488247c90bb5de253d3d0cb3b7458"
vary: Accept-Encoding
content-type: application/javascript
cache-control: max-age=315360000
x-amz-cf-id: MTml2y_tkTz70JipV4vBgy0B_R9XIZ_Df-dg6w9VzvMVEj3ZpT97Fg==

GET
H2 200 dt
dt.adsafeprotected.com/ Frame 0B7F 43 B
215 B 505ms
168ms Image
image/gif 2600:1f13:800:7780:6827:f78a:7ed8:a42
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dt.adsafeprotected.com/dt?advEntityId=1914784&asId=e6f293a7-86ea-1d01-a64c-9cc6c9d7ffe9&tv=%7Bc:444oPp,pingTime:0,time:30,type:c,env:%7Bnr_rHRbA1:0%7D,clog:%5B%7Bpiv:0,vs:o,r:r,w:728,h:90,t:12%7D%5D,es:0,sc:1,ha:1,fgad:1,fif:0,gmnp:0,for:0,b11:0,cnod:1,gm:0,slTimes:%7Bi:0,o:30,n:0,pp:0,pm:0%7D,slEvents:%5B%7Bsl:o,t:12,wc:0.0.1600.1200,ac:NaN.NaN.728.90,am:i,cc:NaN.NaN.728.90,piv:0,obst:0,th:0,reas:r,bkn:%7Bpiv:%5B25~0%5D,as:%5B25~728.90%5D%7D%7D%5D,slEventCount:1,em:true,fr:false,e:,tt:rjss,dtt:0,fm:u47TBv7+111%7C112%7C1131*.1914784-77641194%7C11311%7C11312%7C12%7C13,idMap:1131*,rmeas:1,rend:0,renddet:svg.us,siq:13,metricId:rHRbA1,cmr:t%7D&br=c
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5203714787387788&output=html&h=90&slotname=4563536207&adk=2647235303&adf=3604715433&pi=t.ma~as.4563536207&w=970&format=970x90&url=http%3A%2F%2Fwww.victoireturf.ht.cx%2F&wgl=1&dt=1707788284550&bpp=2&bdt=338&idt=209&shv=r20240208&mjsv=m202402010101&ptt=9&saldr=aa&correlator=8097472923101&frm=23&ife=1&pv=2&ga_vid=1992698968.1707788285&ga_sid=1707788285&ga_hid=1878795983&ga_fc=0&nhd=1&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&adx=20&ady=0&biw=1600&bih=1200&isw=1600&ish=90&ifk=628767178&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44808397%2C42531705%2C95324581%2C95320870%2C95324155%2C95324160%2C95324266&oid=2&pvsid=3396814919795606&tmod=2106271464&uas=0&nvt=1&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C90&vis=1&rsz=o%7Co%7CaeE%7C&abl=NA&pfx=0&fu=4&bc=23&bz=1&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=1&uci=1.arz5rae2q91f&fsb=1&dtd=217
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2600:1f13:800:7780:6827:f78a:7ed8:a42 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: nginx /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 13 Feb 2024 01:38:05 GMT
server: nginx
x-server-name: dt16.or.303net.net
p3p: CP="COM NAV INT STA NID OUR IND NOI"
content-type: image/gif
cache-control: no-cache
content-length: 43

GET
H2 200 dt
dt.adsafeprotected.com/ Frame 0B7F 43 B
216 B 503ms
167ms Image
image/gif 2600:1f13:800:7780:6827:f78a:7ed8:a42
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dt.adsafeprotected.com/dt?advEntityId=1914784&asId=e6f293a7-86ea-1d01-a64c-9cc6c9d7ffe9&tv=%7Bc:444oPp,pingTime:-3,time:30,type:v,clog:%5B%7Bpiv:0,vs:o,r:r,w:728,h:90,t:12%7D%5D,es:0,sc:1,ha:1,fgad:1,fif:0,gmnp:0,for:0,b11:0,cnod:1,gm:0,slTimes:%7Bi:0,o:30,n:0,pp:0,pm:0%7D,slEvents:%5B%7Bsl:o,t:12,wc:0.0.1600.1200,ac:NaN.NaN.728.90,am:i,cc:NaN.NaN.728.90,piv:0,obst:0,th:0,reas:r,bkn:%7Bpiv:%5B25~0%5D,as:%5B25~728.90%5D%7D%7D%5D,slEventCount:1,em:true,fr:false,e:,tt:rjss,dtt:0,fm:u47TBv7+111%7C112%7C1131*.1914784-77641194%7C11311%7C11312%7C12%7C13,idMap:1131*,rmeas:1,rend:0,renddet:svg.us,siq:13%7D&br=c
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5203714787387788&output=html&h=90&slotname=4563536207&adk=2647235303&adf=3604715433&pi=t.ma~as.4563536207&w=970&format=970x90&url=http%3A%2F%2Fwww.victoireturf.ht.cx%2F&wgl=1&dt=1707788284550&bpp=2&bdt=338&idt=209&shv=r20240208&mjsv=m202402010101&ptt=9&saldr=aa&correlator=8097472923101&frm=23&ife=1&pv=2&ga_vid=1992698968.1707788285&ga_sid=1707788285&ga_hid=1878795983&ga_fc=0&nhd=1&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&adx=20&ady=0&biw=1600&bih=1200&isw=1600&ish=90&ifk=628767178&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44808397%2C42531705%2C95324581%2C95320870%2C95324155%2C95324160%2C95324266&oid=2&pvsid=3396814919795606&tmod=2106271464&uas=0&nvt=1&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C90&vis=1&rsz=o%7Co%7CaeE%7C&abl=NA&pfx=0&fu=4&bc=23&bz=1&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=1&uci=1.arz5rae2q91f&fsb=1&dtd=217
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2600:1f13:800:7780:6827:f78a:7ed8:a42 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: nginx /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 13 Feb 2024 01:38:05 GMT
server: nginx
x-server-name: dt23.or.303net.net
p3p: CP="COM NAV INT STA NID OUR IND NOI"
content-type: image/gif
cache-control: no-cache
content-length: 43

GET
H2 200 dt
dt.adsafeprotected.com/ Frame 0B7F 43 B
215 B 503ms
169ms Image
image/gif 2600:1f13:800:7780:6827:f78a:7ed8:a42
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dt.adsafeprotected.com/dt?advEntityId=1914784&asId=e6f293a7-86ea-1d01-a64c-9cc6c9d7ffe9&tv=%7Bc:444oPq,pingTime:-6,time:31,type:i,es:0,sc:1,ha:1,fgad:1,fif:0,gmnp:0,for:0,b11:0,cnod:1,gm:0,slTimes:%7Bi:0,o:31,n:0,pp:0,pm:0%7D,slEvents:%5B%7Bsl:o,t:12,wc:0.0.1600.1200,ac:NaN.NaN.728.90,am:i,cc:NaN.NaN.728.90,piv:0,obst:0,th:0,reas:r,bkn:%7Bpiv:%5B26~0%5D,as:%5B26~728.90%5D%7D%7D%5D,slEventCount:1,em:true,fr:false,e:,tt:rjss,dtt:0,fm:u47TBv7+111%7C112%7C1131*.1914784-77641194%7C11311%7C11312%7C12%7C13,idMap:1131*,rmeas:1,rend:0,renddet:svg.us,siq:13%7D&tpiLookup=ao:www.victoireturf.ht.cx%2Cwww.victoireturf.ht.cx%2Cgoogleads.g.doubleclick.net*&br=c
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5203714787387788&output=html&h=90&slotname=4563536207&adk=2647235303&adf=3604715433&pi=t.ma~as.4563536207&w=970&format=970x90&url=http%3A%2F%2Fwww.victoireturf.ht.cx%2F&wgl=1&dt=1707788284550&bpp=2&bdt=338&idt=209&shv=r20240208&mjsv=m202402010101&ptt=9&saldr=aa&correlator=8097472923101&frm=23&ife=1&pv=2&ga_vid=1992698968.1707788285&ga_sid=1707788285&ga_hid=1878795983&ga_fc=0&nhd=1&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&adx=20&ady=0&biw=1600&bih=1200&isw=1600&ish=90&ifk=628767178&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44808397%2C42531705%2C95324581%2C95320870%2C95324155%2C95324160%2C95324266&oid=2&pvsid=3396814919795606&tmod=2106271464&uas=0&nvt=1&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C90&vis=1&rsz=o%7Co%7CaeE%7C&abl=NA&pfx=0&fu=4&bc=23&bz=1&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=1&uci=1.arz5rae2q91f&fsb=1&dtd=217
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2600:1f13:800:7780:6827:f78a:7ed8:a42 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: nginx /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 13 Feb 2024 01:38:05 GMT
server: nginx
x-server-name: dt24.or.303net.net
p3p: CP="COM NAV INT STA NID OUR IND NOI"
content-type: image/gif
cache-control: no-cache
content-length: 43

GET
H2 200 dt
dt.adsafeprotected.com/ Frame 0B7F 43 B
215 B 504ms
172ms Image
image/gif 2600:1f13:800:7780:6827:f78a:7ed8:a42
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dt.adsafeprotected.com/dt?advEntityId=1914784&asId=e6f293a7-86ea-1d01-a64c-9cc6c9d7ffe9&tv=%7Bc:444oPt,pingTime:-2,time:34,type:a,im:%7Bsf:0,pom:1,prf:%7BbeA:250,beZ:251,mfA:253,cmA:254,inA:254,inZ:257,prA:257,prZ:259,si:263,poA:264,poZ:277,cmZ:277,mfZ:277,loA:282,loZ:283,ltA:285,ltZ:285%7D%7D,sca:%7Bdfp:%7Bdf:4,sz:100.100,dom:div%7D%7D,env:%7Bgca:false,cca:false,gca2:false%7D,clog:%5B%7Bpiv:0,vs:o,r:r,w:728,h:90,t:12%7D%5D,es:0,sc:1,ha:1,fgad:1,fif:0,gmnp:0,for:0,b11:0,cnod:1,gm:0,slTimes:%7Bi:0,o:34,n:0,pp:0,pm:0%7D,slEvents:%5B%7Bsl:o,t:12,wc:0.0.1600.1200,ac:NaN.NaN.728.90,am:i,cc:NaN.NaN.728.90,piv:0,obst:0,th:0,reas:r,bkn:%7Bpiv:%5B29~0%5D,as:%5B29~728.90%5D%7D%7D%5D,slEventCount:1,em:true,fr:false,e:,tt:rjss,dtt:0,fm:u47TBv7+111%7C112%7C1131*.1914784-77641194%7C11311%7C11312%7C12%7C13,idMap:1131*,pd:0YtC.internal-nacl-plugin,rmeas:1,rend:0,renddet:svg.us,siq:13,sinceFw:21,readyFired:false%7D&br=c
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5203714787387788&output=html&h=90&slotname=4563536207&adk=2647235303&adf=3604715433&pi=t.ma~as.4563536207&w=970&format=970x90&url=http%3A%2F%2Fwww.victoireturf.ht.cx%2F&wgl=1&dt=1707788284550&bpp=2&bdt=338&idt=209&shv=r20240208&mjsv=m202402010101&ptt=9&saldr=aa&correlator=8097472923101&frm=23&ife=1&pv=2&ga_vid=1992698968.1707788285&ga_sid=1707788285&ga_hid=1878795983&ga_fc=0&nhd=1&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&adx=20&ady=0&biw=1600&bih=1200&isw=1600&ish=90&ifk=628767178&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44808397%2C42531705%2C95324581%2C95320870%2C95324155%2C95324160%2C95324266&oid=2&pvsid=3396814919795606&tmod=2106271464&uas=0&nvt=1&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C90&vis=1&rsz=o%7Co%7CaeE%7C&abl=NA&pfx=0&fu=4&bc=23&bz=1&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=1&uci=1.arz5rae2q91f&fsb=1&dtd=217
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2600:1f13:800:7780:6827:f78a:7ed8:a42 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: nginx /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 13 Feb 2024 01:38:05 GMT
server: nginx
x-server-name: dt22.or.303net.net
p3p: CP="COM NAV INT STA NID OUR IND NOI"
content-type: image/gif
cache-control: no-cache
content-length: 43

GET
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame B69F 0
20 B 60ms
59ms Image
image/gif 2a00:1450:4001:82b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar&v=44&t=2&bgai=BowDg_cfKZfqpD9S2x_AP7e2WkAYAAAAAOAHgBAI&bg=!FBelF1jNAAY9UbWqHVE7ADQBe5WfOMv2CK47WN5soB3joApgDYgpVMeK6yNvXq_98ToJOvJESupiX1UdWBekExid-YqWAgAAADpSAAAAAmgBB5kDPsR_6x4FeRMY9KryMzvWVQ8bcyn88QHFD4GCGF7JAQ63hrkZgpmDdOiAZn14uU7JjkAkpWlWjiZgrjNaHq5-crpP2KIM5E-2TrvmDpRxfELhi_Tzw73IZ5NLVuMKSepitYocbKhP8fay-uu0tjACZlG-9FRyc42DElLe6JZ4gN4T8e0m4V90T6O8t3h2IgjFeGw6JZgbwUBojPYERkVdnuSyFkXJzh83x6VPTZ12-ExaAwG2sg8wv0TSdHQ2ZRXQ7XjmI1XgAthMVJLZYCDKtCRaGn1zSO9iRY5tQVQSg55xUKyjq-rHXGdubbwVmxkQcRSDMAVsgvewkSK1eSM8vd_OTTahNlsSthUICM9685tVT8d4BnrCCuzQJN0LPNaRxn0G7n9zHCgscjXBjbhQUBIpO1t1-gJpGOzPPKLntvULo9c8oe3sWTvAIh04_60pVtGjMEUs_GCWOdDacLHeu14xI89fyXoK0HDzbiKeGVKaOEcUw507aHnQIvsg2PMpeqBk3pmdZJfgpaGYlbh7k-U1OfTiFtLPM8h-R3jziKRw4R9tW1PKGpJYcm1tIdkkng_wyaJKBmid7aqKcL1kdDX39voMzTs9QNzf6mLm5noD13U0CAQBI0DjsX2DyGu5XmSj8Ggl2oyErXeBZ67YE7ja5NGc93Jx8HhdgzZ8kQbv5oo80VFF0mm4SkkNNZm6ygtYEK3kfH9JpU9vTbwSLtZJyb5Gu4rb-MJOsJBzoE0ifQ46-LLfdECB3-cePhOTl6dUyRfjs8Qd2FnrKAt49DnTliGRlgnchlmZFEefpy7KssRde8il2D3AvASrwJ9of0d2BzFpPIJE3eRbYvByP0SEcmJHG3dKrqIb245AwhY_dm6sPRav3znekBKUE871QchQSWPdd0XOgl7wuwiAqvEWbzB_vUqpJ9jIbqhJEuo44oQ-RgMSFJ0aVauZa5nnmsfV3W1sVefW4xliaxtcbIBWQ25S5S4gon12Hum93LoJ-zvbZMEfnBB-P1v3Bd0chalECY3KwbNV4nkRuRV_CjWFgsyBBW_WLk73nlzr1BOhth7_RXDShcUYJ0sMicIdqfGEL9XHLISJf5N81qS_

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 13 Feb 2024 01:38:05 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 bootstrap.js Show response
s1.adform.net/stoat/631/s1.adform.net/ Frame 0B7F 37 KB
17 KB 193ms
33ms Script
text/javascript 37.157.2.250
ADFORM

General

Check archive.org

Show headers Download Go to

Full URL: https://s1.adform.net/stoat/631/s1.adform.net/bootstrap.js
Requested by: Host: fw.adsafeprotected.com
URL: https://fw.adsafeprotected.com/rfw/track.adform.net/1914784/77641194/adfscript/?bn=70610326;click=https://googleads.g.doubleclick.net/dbm/clk?sa=L&ai=CdZNM_MfKZYrrMI-rnsEPspCbiAu_lYLUddCM9LTBEvAuEAEgorr-AmD74YWDnAqgAfyTgMooyAEJqQLSwtrldg-yPqgDAcgDmwSqBO0BT9DohN-yzg8682ki6_96nSgk2zQ3VKsM7xZet1O_GqPkdhqFX37zuPVGHKsKxsou-asOWaA4GOcY_H4_2FTESf55XfPM94PUVJ_hyzO98bFNyvmWwqzRXMpqSJVM3-ANsf7V83W68ORQnky16c80vn-wu7D0kL5qEXgRIQ1-P1TCvZMuqufGPGi7Y93PDExOy7Fmaq_mX089ULM0t0XlKA4g6aa6Fy03qlMIcd_iPejITqufqTUv7SQtEgXrz5DosqurUBRWFBnknJAI2zb8vmQcMZAbhE-pjG8U34FNo2MEDLXK6zw8L6YI8flqwATI5L_WmQTgBAOIBY7Rov9BkAYBoAZNgAf8y9CpA6gH2baxAqgHjs4bqAeT2BuoB-6WsQKoB_6esQKoB9XJG6gHpr4bqAeaBqgH89EbqAeW2BuoB6qbsQKoB4OtsQKoB_-esQKoB9-fsQLYBwDSCCYIgOGAEBABGB8yAqoCOgmAQICAhICAhAhIvf3BOljmosSQl6eEA4AKAZgLAcgLAYAMAaoNAkZSsBO9lNIW2BMD2BQB0BUB-BYBgBcB&ae=1&num=1&cid=CAQSTwAvHhf_1R37mnPN0njtHP9Q9GePUmH3ckm-6OOdLY5xHUoRGfQ3PshE-Nf-xUUmc5JzxH0ZEagoLu252gSKiu2_7i2gW9r_Y-snSaMCHtEYAQ&sig=AOD64_3PTapqDhTSGZTmao5CYzFpXifRgQ&client=ca-pub-5203714787387788&dbm_c=AKAmf-DyaAdvdw9uJx6u79c5cgiJxDVmQs93qP-Dir-RTZn_bZhmprxH3vezW-k-YPwlJoJBPpMXnQ0enviKQbuWcfKlfEwobU2OVvHFLRPLtPQmHvrMsDY9vz2-1Zwjgt4l66qmYJ1GwYiTHuVY-6b9LIJ9igX4LLtzQ1hJf2ZFNDmstGXAA4M&cry=1&dbm_d=AKAmf-DpgNoR5GTqxND3IsdXcsZqBaLNpv8KwCXId6k0sONLcH3ew46M1UDXM0gJ31M79wkT3sh96ulaTNnfGQ5v7MFeeJV7L-dM1T9A2R8scvWbRsXqlv1diUakR8p85tz_Do6Cxz01LBLDtHqltWA6cgVYD866AMJ0xw7njtLQJHpz-VouJ0kojg52jcK_RA4R7iwfXCqY60q5kJS5d1NloBZHm81ACa3pDeIPPAUWe4PQ3hdYmG2VkGsFueA7eQl-Pw_fq1LjzDoZ_5tke50pxlGEGc70W81Wh0XDmU_7HYIDmMHTWvbbMWzcd_xRUJI8DLQ-8-MvH8fuGIEJLe1dpQNKwM_HlADOzqEV-YQwebgAe2dhS80JmhSsE6THW9NDfqsERuSSl3cj9wAxbRB38R49CFw_ppZC_N4fZ4J1UZFaY9cafXp7_59NsKrh-IHbBnUnfwZliNZE2sgjMgLwqqtI3VjagUn1SoUPuFVWoHf6WmQSmJMvqyBN9-jG8gTFO65mL4XOUn6004xhOyOXcEYJh8QLDM25j9s0ekYdscYDWCfxK4ZFEeacY6XCQlRJdt11mS__&adurl=&adsafe_url=http%3A%2F%2Fwww.victoireturf.ht.cx&adsafe_type=g&adsafe_url=http%3A%2F%2Fwww.victoireturf.ht.cx%2F&adsafe_type=c&adsafe_url=https%3A%2F%2Fgoogleads.g.doubleclick.net%2F&adsafe_type=f&adsafe_url=https%3A%2F%2Fgoogleads.g.doubleclick.net%2Fpagead%2Fads%3Fclient%3Dca-pub-5203714787387788%26output%3Dhtml%26h%3D90%26slotname%3D4563536207%26adk%3D2647235303%26adf%3D3604715433%26pi%3Dt.ma~as.4563536207%26w%3D970%26format%3D970x90%26url%3Dhttp%253A%252F%252Fwww.victoireturf.ht.cx%252F%26wgl%3D1%26dt%3D1707788284550%26bpp%3D2%26bdt%3D338%26idt%3D209%26shv%3Dr20240208%26mjsv%3Dm202402010101%26ptt%3D9%26saldr%3Daa%26correlator%3D8097472923101%26frm%3D23%26ife%3D1%26pv%3D2%26ga_vid%3D1992698968.1707788285%26ga_sid%3D1707788285%26ga_hid%3D1878795983%26ga_fc%3D0%26nhd%3D1%26u_tz%3D60%26u_his%3D2%26u_h%3D1200%26u_w%3D1600%26u_ah%3D1200%26u_aw%3D1600%26u_cd%3D24%26u_sd%3D1%26adx%3D20%26ady%3D0%26biw%3D1600%26bih%3D1200%26isw%3D1600%26ish%3D90%26ifk%3D628767178%26scr_x%3D0%26scr_y%3D0%26eid%3D44759876%252C44759927%252C44808397%252C42531705%252C95324581%252C95320870%252C95324155%252C95324160%252C95324266%26oid%3D2%26pvsid%3D3396814919795606%26tmod%3D2106271464%26uas%3D0%26nvt%3D1%26fc%3D640%26brdim%3D0%252C0%252C0%252C0%252C1600%252C0%252C1600%252C1200%252C1600%252C90%26vis%3D1%26rsz%3Do%257Co%257CaeE%257C%26abl%3DNA%26pfx%3D0%26fu%3D4%26bc%3D23%26bz%3D1%26psd%3DW251bGwsbnVsbCxudWxsLDNd%26ifi%3D1%26uci%3D1.arz5rae2q91f%26fsb%3D1%26dtd%3D217&adsafe_type=bed&adsafe_jsinfo=,id:e6f293a7-86ea-1d01-a64c-9cc6c9d7ffe9,c:444oP7,sl:outOfView,em:true,fr:false,thd:1,mn:jsserver-primary-574dd564c-87z8j,rg:ie,pt:1-5-15,wc:0.0.1600.1200,ac:NaN.NaN.728.90,am:i,cc:NaN.NaN.728.90,piv:0,obst:0,th:0,reas:r,mu:10000,br:c,bru:c,an:n,oam:0,scm:qktrf1.rHRbA1.kfMms1,mtim:2,mot:0,app:0,maw:0,tdt:s,fm:u47TBv7+111%7C112%7C1131*.1914784-77641194%7C11311%7C11312%7C12%7C13,idMap:1131*,ex:e2,pl:CV8L.VEBo.0YtC,rmeas:1,rend:0,renddet:svg.us,es:0,sc:1,ha:1,fgad:1,fif:0,gmnp:0,for:0,b11:0,cnod:1,gm:0,tt:rjss,et:13,oid:8876ab8a-ca10-11ee-bc70-e6a5cd574989,v:19.8.483,sp:0,st:0,fwm:0,wr:1600.1200,sr:1600.1200,ov:0
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 37.157.2.250 , Denmark, ASN198622 (ADFORM, DK),
Reverse DNS
Software: nginx /
Resource Hash: 3e172351681175a64b1e409719b4e5275cce06c8620547ce26fe08f6a669198e

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36

Response headers

date: Tue, 13 Feb 2024 01:38:05 GMT
content-encoding: gzip
last-modified: Tue, 19 Dec 2023 10:28:27 GMT
server: nginx
x-cache-status: STALE
vary: Accept-Encoding
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=100000
expires: Thu, 01 Feb 2024 14:25:05 GMT

GET
H2 200 dt
dt.adsafeprotected.com/ Frame 0B7F 43 B
215 B 309ms
308ms Image
image/gif 2600:1f13:800:7780:6827:f78a:7ed8:a42
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dt.adsafeprotected.com/dt?advEntityId=1914784&asId=e6f293a7-86ea-1d01-a64c-9cc6c9d7ffe9&tv=%7Bc:444oV7,pingTime:-10,time:384,type:s,mvn:ZnNjPTEzLHNkPTMsbm89OCxhc3A9MQ--,sd:MTcuNi4ydjEyMDB8fDE2MDB8fDF8fDF8fDI0fHwxMjAwfHwwfHwwfHwxfHxsYW5kc2NhcGUtcHJpbWFyeXx8MjR8fDQvM3x8NC8zfHwwfHwxNjAw,no:MTcuNi4ydk1vemlsbGF8fE5ldHNjYXBlfHxufHxufHwwfHxufHxXaW4zMnx8R2Vja298fDIwMDMwMTA3fHwtNjB8fE1vemlsbGEvNS4wIChXaW5kb3dzIE5UIDEwLjA7IFdpbjY0OyB4NjQpIEFwcGxlV2ViS2l0LzUzNy4zNiAoS0hUTUwsIGxpa2UgR2Vja28pIENocm9tZS8xMjEuMC42MTY3LjE2MCBTYWZhcmkvNTM3LjM2fHwxfHwxfHxHb29nbGUgSW5jLnx8bg--,ch:n,fsc:17.6.2v222222220002022202222222000020222222202022222220222202000022000220222220000000202202002222202222222220222222220000020022022200022222220200000222200022020002022022022222202002220222022222022220000000200000022220222220222222222222202222222222222222222222222222222222222200000022022020020000002022202022022022222222000000000020222202022022020000000020000000000000000000020220202220000022200202202220022000200222022200200022220222200202222020002200002222022222202222000002002002222222202220022202200022002220202202,asp:1707788285781%7C%7Cc9b55a25632288c229e628add84969f7%7C%7Ccb83d64b66ce79c8180112a4f5eea90d%7C%7Cab17e1c99d67efd877166b64d49e021c%7C%7Ccd750a62b5fa247e53426607aed86bb8%7C%7C6c6c31f024352dedc3065bbe71adc37c%7C%7Cd4f98dbabcbe05f3a7afc461acae6663%7C%7Cbcf812b62489c475484df2d8f749ecd4%7C%7C1663701684%7D
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5203714787387788&output=html&h=90&slotname=4563536207&adk=2647235303&adf=3604715433&pi=t.ma~as.4563536207&w=970&format=970x90&url=http%3A%2F%2Fwww.victoireturf.ht.cx%2F&wgl=1&dt=1707788284550&bpp=2&bdt=338&idt=209&shv=r20240208&mjsv=m202402010101&ptt=9&saldr=aa&correlator=8097472923101&frm=23&ife=1&pv=2&ga_vid=1992698968.1707788285&ga_sid=1707788285&ga_hid=1878795983&ga_fc=0&nhd=1&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&adx=20&ady=0&biw=1600&bih=1200&isw=1600&ish=90&ifk=628767178&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44808397%2C42531705%2C95324581%2C95320870%2C95324155%2C95324160%2C95324266&oid=2&pvsid=3396814919795606&tmod=2106271464&uas=0&nvt=1&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C90&vis=1&rsz=o%7Co%7CaeE%7C&abl=NA&pfx=0&fu=4&bc=23&bz=1&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=1&uci=1.arz5rae2q91f&fsb=1&dtd=217
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2600:1f13:800:7780:6827:f78a:7ed8:a42 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: nginx /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 13 Feb 2024 01:38:05 GMT
server: nginx
x-server-name: dt17.or.303net.net
p3p: CP="COM NAV INT STA NID OUR IND NOI"
content-type: image/gif
cache-control: no-cache
content-length: 43

GET
H2 200 / Show response
track.adform.net/adfserve/ Frame 0B7F 9 KB
4 KB 37ms
37ms Script
text/javascript 37.157.5.84
ADFORM

General

Check archive.org

Show headers Download Go to

Full URL

https://track.adform.net/adfserve/?CC=1&bn=70610326;click=https://googleads.g.doubleclick.net/dbm/clk?sa=L&ai=CdZNM_MfKZYrrMI-rnsEPspCbiAu_lYLUddCM9LTBEvAuEAEgorr-AmD74YWDnAqgAfyTgMooyAEJqQLSwtrldg-yPqgDAcgDmwSqBO0BT9DohN-yzg8682ki6_96nSgk2zQ3VKsM7xZet1O_GqPkdhqFX37zuPVGHKsKxsou-asOWaA4GOcY_H4_2FTESf55XfPM94PUVJ_hyzO98bFNyvmWwqzRXMpqSJVM3-ANsf7V83W68ORQnky16c80vn-wu7D0kL5qEXgRIQ1-P1TCvZMuqufGPGi7Y93PDExOy7Fmaq_mX089ULM0t0XlKA4g6aa6Fy03qlMIcd_iPejITqufqTUv7SQtEgXrz5DosqurUBRWFBnknJAI2zb8vmQcMZAbhE-pjG8U34FNo2MEDLXK6zw8L6YI8flqwATI5L_WmQTgBAOIBY7Rov9BkAYBoAZNgAf8y9CpA6gH2baxAqgHjs4bqAeT2BuoB-6WsQKoB_6esQKoB9XJG6gHpr4bqAeaBqgH89EbqAeW2BuoB6qbsQKoB4OtsQKoB_-esQKoB9-fsQLYBwDSCCYIgOGAEBABGB8yAqoCOgmAQICAhICAhAhIvf3BOljmosSQl6eEA4AKAZgLAcgLAYAMAaoNAkZSsBO9lNIW2BMD2BQB0BUB-BYBgBcB&ae=1&num=1&cid=CAQSTwAvHhf_1R37mnPN0njtHP9Q9GePUmH3ckm-6OOdLY5xHUoRGfQ3PshE-Nf-xUUmc5JzxH0ZEagoLu252gSKiu2_7i2gW9r_Y-snSaMCHtEYAQ&sig=AOD64_3PTapqDhTSGZTmao5CYzFpXifRgQ&client=ca-pub-5203714787387788&dbm_c=AKAmf-DyaAdvdw9uJx6u79c5cgiJxDVmQs93qP-Dir-RTZn_bZhmprxH3vezW-k-YPwlJoJBPpMXnQ0enviKQbuWcfKlfEwobU2OVvHFLRPLtPQmHvrMsDY9vz2-1Zwjgt4l66qmYJ1GwYiTHuVY-6b9LIJ9igX4LLtzQ1hJf2ZFNDmstGXAA4M&cry=1&dbm_d=AKAmf-DpgNoR5GTqxND3IsdXcsZqBaLNpv8KwCXId6k0sONLcH3ew46M1UDXM0gJ31M79wkT3sh96ulaTNnfGQ5v7MFeeJV7L-dM1T9A2R8scvWbRsXqlv1diUakR8p85tz_Do6Cxz01LBLDtHqltWA6cgVYD866AMJ0xw7njtLQJHpz-VouJ0kojg52jcK_RA4R7iwfXCqY60q5kJS5d1NloBZHm81ACa3pDeIPPAUWe4PQ3hdYmG2VkGsFueA7eQl-Pw_fq1LjzDoZ_5tke50pxlGEGc70W81Wh0XDmU_7HYIDmMHTWvbbMWzcd_xRUJI8DLQ-8-MvH8fuGIEJLe1dpQNKwM_HlADOzqEV-YQwebgAe2dhS80JmhSsE6THW9NDfqsERuSSl3cj9wAxbRB38R49CFw_ppZC_N4fZ4J1UZFaY9cafXp7_59NsKrh-IHbBnUnfwZliNZE2sgjMgLwqqtI3VjagUn1SoUPuFVWoHf6WmQSmJMvqyBN9-jG8gTFO65mL4XOUn6004xhOyOXcEYJh8QLDM25j9s0ekYdscYDWCfxK4ZFEeacY6XCQlRJdt11mS__&adurl=;js=1;adfxid=1x;6850;set=en-US|en-US|1600X1200|0|750|100|24|8|3|7|1|;cmpgdpr=;cmpgdprconsent=;cmpgpp=;cmpgpp_sid=;fd=0|0&CREFURL=http%3A%2F%2Fwww.victoireturf.ht.cx

Requested by

Host: s1.adform.net
URL: https://s1.adform.net/stoat/631/s1.adform.net/bootstrap.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

37.157.5.84 , Denmark, ASN198622 (ADFORM, DK),

Reverse DNS

Software

nginx /

Resource Hash

187259aeb9d5b04cfed863a8d2859464b445e0d2c9ff9aada38e697390f8b5d0

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 13 Feb 2024 01:38:05 GMT
content-encoding: gzip
strict-transport-security: max-age=31536000; includeSubDomains
server: nginx
accept-ch: Sec-CH-UA,Sec-CH-UA-Arch,Sec-CH-UA-Bitness,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version
vary: Accept-Encoding
content-type: text/javascript; charset=utf-8
access-control-allow-origin: *
p3p: CP="NOI DSP COR NID CURa ADMa DEVa TAIa PSAa PSDa OUR LEG NAV INT"
cache-control: no-cache, no-store, must-revalidate, no-transform
content-length: 3960
expires: -1

GET
H/1.1

200
OK

dispatch.fcgi
edf.solution.weborama.fr/fcgi-bin/ Frame 0B7F
Redirect Chain

https://edf.solution.weborama.fr/fcgi-bin/dispatch.fcgi?a.A=im&a.si=4343&a.te=1442&a.he=1&a.wi=1&a.hr=p&gdpr=&gdpr_consent=&a.ycp=2871878630498478796&a.ra=84463
https://edf.solution.weborama.fr/fcgi-bin/dispatch.fcgi?g.bo=OK&g.rn=197289&a.A=im&a.si=4343&a.te=1442&a.he=1&a.wi=1&a.hr=p&gdpr=&gdpr_consent=&a.ycp=2871878630498478796&a.ra=84463

67 B
817 B

28ms
28ms

Image
image/gif

91.216.195.7
WEBORAMA Weborama...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://edf.solution.weborama.fr/fcgi-bin/dispatch.fcgi?g.bo=OK&g.rn=197289&a.A=im&a.si=4343&a.te=1442&a.he=1&a.wi=1&a.hr=p&gdpr=&gdpr_consent=&a.ycp=2871878630498478796&a.ra=84463
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5203714787387788&output=html&h=90&slotname=4563536207&adk=2647235303&adf=3604715433&pi=t.ma~as.4563536207&w=970&format=970x90&url=http%3A%2F%2Fwww.victoireturf.ht.cx%2F&wgl=1&dt=1707788284550&bpp=2&bdt=338&idt=209&shv=r20240208&mjsv=m202402010101&ptt=9&saldr=aa&correlator=8097472923101&frm=23&ife=1&pv=2&ga_vid=1992698968.1707788285&ga_sid=1707788285&ga_hid=1878795983&ga_fc=0&nhd=1&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&adx=20&ady=0&biw=1600&bih=1200&isw=1600&ish=90&ifk=628767178&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44808397%2C42531705%2C95324581%2C95320870%2C95324155%2C95324160%2C95324266&oid=2&pvsid=3396814919795606&tmod=2106271464&uas=0&nvt=1&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C90&vis=1&rsz=o%7Co%7CaeE%7C&abl=NA&pfx=0&fu=4&bc=23&bz=1&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=1&uci=1.arz5rae2q91f&fsb=1&dtd=217
Protocol: HTTP/1.1
Server: 91.216.195.7 , France, ASN12516 (WEBORAMA Weborama provides Internet Services, FR),
Reverse DNS: std-collect-lb-c03-02-vip.weborama.fr
Software: Apache /
Resource Hash: e1ef44bacf5da572d77131f447646f8c3da2fc7765e90c73a664c69121c71e87

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 13 Feb 2024 01:38:05 GMT
attribution-reporting-register-source: {"aggregation_keys":{"a":"0x8efe28925e1823f10000000000000000","a_c":"0x9097e4ba32dd966a0000000000000000"},"debug_reporting":true,"destination":"https://particulier.edf.fr","debug_key":"1707788285","source_event_id":"1707787285"}
server: Apache
last-modified: Tue, 13 Feb 2024 01:38:05 GMT
transfer-encoding: chunked
p3p: CP="NOI DSP COR CURa DEVa PSAa OUR STP UNI DEM"
access-control-allow-origin: *
content-type: image/gif
cache-control: no-store, no-cache, must-revalidate, max-age=0, post-check=0, pre-check=0
expires: Tue, 03 Jul 2001 06:00:00 GMT

Redirect headers

pragma: no-cache
date: Tue, 13 Feb 2024 01:38:05 GMT
last-modified: Tue, 13 Feb 2024 01:38:05 GMT
server: Apache
transfer-encoding: chunked
p3p: CP="NOI DSP COR CURa DEVa PSAa OUR STP UNI DEM"
access-control-allow-origin: *
location: https://edf.solution.weborama.fr/fcgi-bin/dispatch.fcgi?g.bo=OK&g.rn=197289&a.A=im&a.si=4343&a.te=1442&a.he=1&a.wi=1&a.hr=p&gdpr=&gdpr_consent=&a.ycp=2871878630498478796&a.ra=84463
cache-control: no-store, no-cache, must-revalidate, max-age=0, post-check=0, pre-check=0
expires: Tue, 03 Jul 2001 06:00:00 GMT

GET
DATA 200
OK truncated
/ Frame 0B7F 216 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: f82b23f5cdff192557b6209b0b0dfd051f680ce67d0c8be84911f90771f73e74

Request headers

accept-language: fr-FR,fr;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36

Response headers

Content-Type: image/png

GET
H2 200 Standard Show response
s1.adform.net/stoat/631/s1.adform.net/load/v/0.0.238/e/2gSBggDQ/i/vCAv.IAAAAAUAA/r:AdConstructor:contents/HTML:types/ Frame 0B7F 91 KB
39 KB 47ms
46ms Script
text/javascript 37.157.2.250
ADFORM

General

Check archive.org

Show headers Download Go to

Full URL: https://s1.adform.net/stoat/631/s1.adform.net/load/v/0.0.238/e/2gSBggDQ/i/vCAv.IAAAAAUAA/r:AdConstructor:contents/HTML:types/Standard
Requested by: Host: s1.adform.net
URL: https://s1.adform.net/stoat/631/s1.adform.net/bootstrap.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 37.157.2.250 , Denmark, ASN198622 (ADFORM, DK),
Reverse DNS
Software: nginx /
Resource Hash: ed8343699e054a0900f23319e31cba32ad43bf77136313508ea25d86073366bb

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36

Response headers

date: Tue, 13 Feb 2024 01:38:05 GMT
content-encoding: gzip
last-modified: Tue, 19 Dec 2023 10:28:27 GMT
server: nginx
x-cache-status: STALE
vary: Accept-Encoding
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=100000
expires: Thu, 01 Feb 2024 14:25:09 GMT

GET
H2 200 dt
dt.adsafeprotected.com/ Frame 0B7F 43 B
215 B 167ms
167ms Image
image/gif 2600:1f13:800:7780:6827:f78a:7ed8:a42
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dt.adsafeprotected.com/dt?advEntityId=1914784&asId=e6f293a7-86ea-1d01-a64c-9cc6c9d7ffe9&tv=%7Bc:444oXQ,time:553,type:e,im:%7Bpci:%7Btdr:514%7D%7D,es:0,sc:1,ha:1,fgad:1,fif:0,gmnp:0,for:0,b11:0,cnod:1,gm:0,slTimes:%7Bi:0,o:553,n:0,pp:0,pm:0%7D,slEvents:%5B%7Bsl:o,t:12,wc:0.0.1600.1200,ac:NaN.NaN.728.90,am:i,cc:NaN.NaN.728.90,piv:0,obst:0,th:0,reas:r,bkn:%7Bpiv:%5B548~0%5D,as:%5B548~728.90%5D%7D%7D%5D,slEventCount:1,em:true,fr:false,e:,tt:rjss,dtt:505,fm:u47TBv7+111%7C112%7C1131*.1914784-77641194%7C11311%7C11312%7C12%7C13,idMap:1131*,rmeas:1,rend:1,renddet:DIV.qs.sn,siq:13,sis:216%7D&br=c
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5203714787387788&output=html&h=90&slotname=4563536207&adk=2647235303&adf=3604715433&pi=t.ma~as.4563536207&w=970&format=970x90&url=http%3A%2F%2Fwww.victoireturf.ht.cx%2F&wgl=1&dt=1707788284550&bpp=2&bdt=338&idt=209&shv=r20240208&mjsv=m202402010101&ptt=9&saldr=aa&correlator=8097472923101&frm=23&ife=1&pv=2&ga_vid=1992698968.1707788285&ga_sid=1707788285&ga_hid=1878795983&ga_fc=0&nhd=1&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&adx=20&ady=0&biw=1600&bih=1200&isw=1600&ish=90&ifk=628767178&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44808397%2C42531705%2C95324581%2C95320870%2C95324155%2C95324160%2C95324266&oid=2&pvsid=3396814919795606&tmod=2106271464&uas=0&nvt=1&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C90&vis=1&rsz=o%7Co%7CaeE%7C&abl=NA&pfx=0&fu=4&bc=23&bz=1&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=1&uci=1.arz5rae2q91f&fsb=1&dtd=217
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2600:1f13:800:7780:6827:f78a:7ed8:a42 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: nginx /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 13 Feb 2024 01:38:06 GMT
server: nginx
x-server-name: dt17.or.303net.net
p3p: CP="COM NAV INT STA NID OUR IND NOI"
content-type: image/gif
cache-control: no-cache
content-length: 43

POST
H2 200 /
track.adform.net/csimpr/ Frame 0B7F 35 B
600 B 36ms
36ms Ping
image/gif 37.157.5.84
ADFORM

General

Check archive.org

Show headers Download Go to

Full URL

https://track.adform.net/csimpr/?bn=70610326&csi=Dpqzaz4dN6F6SQLVv5fCm9Weu12FqqLtcO6RsvwIFlLrygPkIxxfk8lD-ezCiqrc45KdGR9F2y4HB7AhiYnGSd6vWmW1dlSa0

Requested by

Host: s1.adform.net
URL: https://s1.adform.net/stoat/631/s1.adform.net/bootstrap.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

37.157.5.84 , Denmark, ASN198622 (ADFORM, DK),

Reverse DNS

Software

nginx /

Resource Hash

8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Referer: https://googleads.g.doubleclick.net/
accept-language: fr-FR,fr;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

pragma: no-cache
date: Tue, 13 Feb 2024 01:38:06 GMT
strict-transport-security: max-age=31536000; includeSubDomains
server: nginx
accept-ch: Sec-CH-UA,Sec-CH-UA-Arch,Sec-CH-UA-Bitness,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version
access-control-max-age: 86400
access-control-allow-methods: GET, POST
content-type: image/gif
access-control-allow-origin: https://googleads.g.doubleclick.net
p3p: CP="NOI DSP COR NID CURa ADMa DEVa TAIa PSAa PSDa OUR LEG NAV INT"
cache-control: no-cache, no-store, must-revalidate, no-transform
access-control-allow-credentials: true
access-control-allow-headers: Content-Type, Cache-Control, Accept-Encoding, X-Requested-With
expires: -1

GET
H2 200 14143317.js Show response
s1.adform.net/Banners/Elements/Files/2009362/14143317/ Frame 3846 3 KB
2 KB 34ms
34ms Script
application/x-javascript 37.157.2.250
ADFORM

General

Check archive.org

Show headers Download Go to

Full URL: https://s1.adform.net/Banners/Elements/Files/2009362/14143317/14143317.js?ADFassetID=14143317&bv=257
Requested by: Host: www.victoireturf.ht.cx
URL: http://www.victoireturf.ht.cx/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 37.157.2.250 , Denmark, ASN198622 (ADFORM, DK),
Reverse DNS
Software: nginx /
Resource Hash: a9361f6301cf0057382fa5f7509b4e94555713bdd79d72d62e3402a7fa3ac701

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36

Response headers

date: Tue, 13 Feb 2024 01:38:06 GMT
content-encoding: gzip
last-modified: Tue, 02 Jan 2024 16:28:17 GMT
server: nginx
x-amz-request-id: tx0000047143ab165e31b50-0065caa38f-32974d05-default
etag: W/"9d46ecfe87ebbd1beafe4b5c96ec29f7"
x-cache-status: STALE
vary: Accept-Encoding
content-type: application/x-javascript
access-control-allow-origin: *
access-control-expose-headers: Content-Range,Content-Length
x-rgw-object-type: Normal
cache-control: public, max-age=604800

GET
H2 200 css
fonts.googleapis.com/ Frame 3846 2 KB
898 B 99ms
38ms Stylesheet
text/css 2a00:1450:4001:811::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Jaldi:400,700

Requested by

Host: s1.adform.net
URL: https://s1.adform.net/stoat/631/s1.adform.net/load/v/0.0.238/e/2gSBggDQ/i/vCAv.IAAAAAUAA/r:AdConstructor:contents/HTML:types/Standard

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:811::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

ce1c7424d8cd1451da993be1adca87caf6047a1fd749719f3b242b864a922d79

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Tue, 13 Feb 2024 01:38:06 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
last-modified: Tue, 13 Feb 2024 00:03:41 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Tue, 13 Feb 2024 01:38:06 GMT

GET
H2 200 style.css
s1.adform.net/Banners/Elements/Files/2009362/14143317/bvpath_257/ Frame 3846 5 KB
1 KB 37ms
35ms Stylesheet
text/css 37.157.2.250
ADFORM

General

Check archive.org

Show headers Download Go to

Full URL: https://s1.adform.net/Banners/Elements/Files/2009362/14143317/bvpath_257/style.css
Requested by: Host: s1.adform.net
URL: https://s1.adform.net/stoat/631/s1.adform.net/load/v/0.0.238/e/2gSBggDQ/i/vCAv.IAAAAAUAA/r:AdConstructor:contents/HTML:types/Standard
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 37.157.2.250 , Denmark, ASN198622 (ADFORM, DK),
Reverse DNS
Software: nginx /
Resource Hash: 38387d110f7e91c271ffe13997e4cfe654c65fc2068bff109404582e37a94040

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36

Response headers

date: Tue, 13 Feb 2024 01:38:06 GMT
content-encoding: gzip
last-modified: Tue, 02 Jan 2024 16:28:17 GMT
server: nginx
x-amz-request-id: tx000009e05ddd02e363d67-0065caa38f-3296fce9-default
etag: W/"76bdc2bd6ab24b7b0ca3e08a623010cc"
x-cache-status: STALE
vary: Accept-Encoding
content-type: text/css
access-control-allow-origin: *
access-control-expose-headers: Content-Range,Content-Length
x-rgw-object-type: Normal
cache-control: public, max-age=604800

GET
H2 200 Adform.DHTML.js Show response
s1.adform.net/banners/scripts/rmb/ Frame 3846 30 KB
14 KB 45ms
43ms Script
application/javascript 37.157.2.250
ADFORM

General

Check archive.org

Show headers Download Go to

Full URL: https://s1.adform.net/banners/scripts/rmb/Adform.DHTML.js?bv=631
Requested by: Host: s1.adform.net
URL: https://s1.adform.net/stoat/631/s1.adform.net/load/v/0.0.238/e/2gSBggDQ/i/vCAv.IAAAAAUAA/r:AdConstructor:contents/HTML:types/Standard
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 37.157.2.250 , Denmark, ASN198622 (ADFORM, DK),
Reverse DNS
Software: nginx /
Resource Hash: 7a785e8b2ad30e6279397d656a61f70ad6341ee944c310df19593d8fabd79d9f

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36

Response headers

date: Tue, 13 Feb 2024 01:38:06 GMT
content-encoding: gzip
last-modified: Tue, 21 Nov 2023 08:14:37 GMT
server: nginx
x-amz-request-id: tx0000058444525f31fd01e-0065ba2322-32959ea8-default
etag: W/"d66b8df08256b7e89279e9f83d1d7c5e"
x-cache-status: HIT
vary: Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
x-rgw-object-type: Normal
cache-control: public, max-age=604800

GET
H2 404 logo.png
s1.adform.net/Banners/Elements/Files/2009362/14143317/bvpath_257/images/ Frame 3846 18 B
18 B 47ms
46ms Image
text/html 37.157.2.250
ADFORM

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://s1.adform.net/Banners/Elements/Files/2009362/14143317/bvpath_257/images/logo.png
Requested by: Host: s1.adform.net
URL: https://s1.adform.net/stoat/631/s1.adform.net/load/v/0.0.238/e/2gSBggDQ/i/vCAv.IAAAAAUAA/r:AdConstructor:contents/HTML:types/Standard
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 37.157.2.250 , Denmark, ASN198622 (ADFORM, DK),
Reverse DNS
Software: nginx /
Resource Hash: 99eb12f2ab3c4866a353e098ffa3cb7a967e617c49b98480394ec5d8ea92b094

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36

Response headers

date: Tue, 13 Feb 2024 01:38:06 GMT
server: nginx
etag: "65b8e1ab-12"
content-length: 18
x-cache-status: HIT
content-type: text/html

GET
H2 404 logobig.png
s1.adform.net/Banners/Elements/Files/2009362/14143317/bvpath_257/images/ Frame 3846 18 B
18 B 48ms
47ms Image
text/html 37.157.2.250
ADFORM

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://s1.adform.net/Banners/Elements/Files/2009362/14143317/bvpath_257/images/logobig.png
Requested by: Host: s1.adform.net
URL: https://s1.adform.net/stoat/631/s1.adform.net/load/v/0.0.238/e/2gSBggDQ/i/vCAv.IAAAAAUAA/r:AdConstructor:contents/HTML:types/Standard
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 37.157.2.250 , Denmark, ASN198622 (ADFORM, DK),
Reverse DNS
Software: nginx /
Resource Hash: 99eb12f2ab3c4866a353e098ffa3cb7a967e617c49b98480394ec5d8ea92b094

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36

Response headers

date: Tue, 13 Feb 2024 01:38:06 GMT
server: nginx
etag: "65b8e1ab-12"
content-length: 18
x-cache-status: HIT
content-type: text/html

GET
H2 404 picto.png
s1.adform.net/Banners/Elements/Files/2009362/14143317/bvpath_257/images/ Frame 3846 18 B
18 B 50ms
48ms Image
text/html 37.157.2.250
ADFORM

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://s1.adform.net/Banners/Elements/Files/2009362/14143317/bvpath_257/images/picto.png
Requested by: Host: s1.adform.net
URL: https://s1.adform.net/stoat/631/s1.adform.net/load/v/0.0.238/e/2gSBggDQ/i/vCAv.IAAAAAUAA/r:AdConstructor:contents/HTML:types/Standard
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 37.157.2.250 , Denmark, ASN198622 (ADFORM, DK),
Reverse DNS
Software: nginx /
Resource Hash: 99eb12f2ab3c4866a353e098ffa3cb7a967e617c49b98480394ec5d8ea92b094

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36

Response headers

date: Tue, 13 Feb 2024 01:38:06 GMT
server: nginx
etag: "65b8e1ab-12"
content-length: 18
x-cache-status: HIT
content-type: text/html

GET
H2 404 pictobis.png
s1.adform.net/Banners/Elements/Files/2009362/14143317/bvpath_257/images/ Frame 3846 18 B
18 B 50ms
49ms Image
text/html 37.157.2.250
ADFORM

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://s1.adform.net/Banners/Elements/Files/2009362/14143317/bvpath_257/images/pictobis.png
Requested by: Host: s1.adform.net
URL: https://s1.adform.net/stoat/631/s1.adform.net/load/v/0.0.238/e/2gSBggDQ/i/vCAv.IAAAAAUAA/r:AdConstructor:contents/HTML:types/Standard
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 37.157.2.250 , Denmark, ASN198622 (ADFORM, DK),
Reverse DNS
Software: nginx /
Resource Hash: 99eb12f2ab3c4866a353e098ffa3cb7a967e617c49b98480394ec5d8ea92b094

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36

Response headers

date: Tue, 13 Feb 2024 01:38:06 GMT
server: nginx
etag: "65b8e1ab-12"
content-length: 18
x-cache-status: HIT
content-type: text/html

GET
H2 404 picto2.png
s1.adform.net/Banners/Elements/Files/2009362/14143317/bvpath_257/images/ Frame 3846 18 B
18 B 51ms
50ms Image
text/html 37.157.2.250
ADFORM

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://s1.adform.net/Banners/Elements/Files/2009362/14143317/bvpath_257/images/picto2.png
Requested by: Host: s1.adform.net
URL: https://s1.adform.net/stoat/631/s1.adform.net/load/v/0.0.238/e/2gSBggDQ/i/vCAv.IAAAAAUAA/r:AdConstructor:contents/HTML:types/Standard
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 37.157.2.250 , Denmark, ASN198622 (ADFORM, DK),
Reverse DNS
Software: nginx /
Resource Hash: 99eb12f2ab3c4866a353e098ffa3cb7a967e617c49b98480394ec5d8ea92b094

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36

Response headers

date: Tue, 13 Feb 2024 01:38:06 GMT
server: nginx
etag: "65b8e1ab-12"
content-length: 18
x-cache-status: HIT
content-type: text/html

GET
H2 404 back.jpg
s1.adform.net/Banners/Elements/Files/2009362/14143317/bvpath_257/images/ Frame 3846 18 B
18 B 52ms
51ms Image
text/html 37.157.2.250
ADFORM

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://s1.adform.net/Banners/Elements/Files/2009362/14143317/bvpath_257/images/back.jpg
Requested by: Host: s1.adform.net
URL: https://s1.adform.net/stoat/631/s1.adform.net/load/v/0.0.238/e/2gSBggDQ/i/vCAv.IAAAAAUAA/r:AdConstructor:contents/HTML:types/Standard
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 37.157.2.250 , Denmark, ASN198622 (ADFORM, DK),
Reverse DNS
Software: nginx /
Resource Hash: 99eb12f2ab3c4866a353e098ffa3cb7a967e617c49b98480394ec5d8ea92b094

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36

Response headers

date: Tue, 13 Feb 2024 01:38:06 GMT
server: nginx
etag: "65b8e1ab-12"
content-length: 18
x-cache-status: HIT
content-type: text/html

GET
H2 404 cta.png
s1.adform.net/Banners/Elements/Files/2009362/14143317/bvpath_257/images/ Frame 3846 18 B
18 B 52ms
52ms Image
text/html 37.157.2.250
ADFORM

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://s1.adform.net/Banners/Elements/Files/2009362/14143317/bvpath_257/images/cta.png
Requested by: Host: s1.adform.net
URL: https://s1.adform.net/stoat/631/s1.adform.net/load/v/0.0.238/e/2gSBggDQ/i/vCAv.IAAAAAUAA/r:AdConstructor:contents/HTML:types/Standard
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 37.157.2.250 , Denmark, ASN198622 (ADFORM, DK),
Reverse DNS
Software: nginx /
Resource Hash: 99eb12f2ab3c4866a353e098ffa3cb7a967e617c49b98480394ec5d8ea92b094

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36

Response headers

date: Tue, 13 Feb 2024 01:38:06 GMT
server: nginx
etag: "65b8e1ab-12"
content-length: 18
x-cache-status: HIT
content-type: text/html

GET
H2 200 TweenMax.min.js Show response
cdnjs.cloudflare.com/ajax/libs/gsap/2.1.2/ Frame 3846 113 KB
35 KB 81ms
26ms Script
application/javascript 2606:4700::6811:180e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdnjs.cloudflare.com/ajax/libs/gsap/2.1.2/TweenMax.min.js

Requested by

Host: s1.adform.net
URL: https://s1.adform.net/stoat/631/s1.adform.net/load/v/0.0.238/e/2gSBggDQ/i/vCAv.IAAAAAUAA/r:AdConstructor:contents/HTML:types/Standard

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6811:180e , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

a863a77e9ee263a0ec9c1e792bb33ed0f663582b7369f472261df7b6040990c4

Security Headers

Name	Value
Strict-Transport-Security	max-age=15780000
X-Content-Type-Options	nosniff

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36

Response headers

date: Tue, 13 Feb 2024 01:38:06 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=15780000
age: 6478658
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 34771
last-modified: Mon, 04 May 2020 16:10:25 GMT
server: cloudflare
cf-cdnjs-via: cfworker/kv
etag: "5eb03e71-1c4b9"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=%2B2VyDAvMFZL2DGwWl9E1lHwK84nNBWAMLgajIl32a9b6I0WPIYpFFSnNXRtdZaw3wfwGX5pX%2FPZFYOQQI2hVcesAiNLVMNQi02dkHU5G0%2BIu4jMfTx2kwPtL6%2FOZu15GXA5toSddAkfM1RsRcKOGdVwS"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: public, max-age=30672000
accept-ranges: bytes
timing-allow-origin: *
cf-ray: 854959949bd13cbf-CDG
expires: Sun, 02 Feb 2025 01:38:06 GMT

GET
H2 200 main.js Show response
s1.adform.net/Banners/Elements/Files/2009362/14143317/bvpath_257/ Frame 3846 2 KB
837 B 45ms
45ms Script
application/x-javascript 37.157.2.250
ADFORM

General

Check archive.org

Show headers Download Go to

Full URL: https://s1.adform.net/Banners/Elements/Files/2009362/14143317/bvpath_257/main.js
Requested by: Host: s1.adform.net
URL: https://s1.adform.net/stoat/631/s1.adform.net/load/v/0.0.238/e/2gSBggDQ/i/vCAv.IAAAAAUAA/r:AdConstructor:contents/HTML:types/Standard
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 37.157.2.250 , Denmark, ASN198622 (ADFORM, DK),
Reverse DNS
Software: nginx /
Resource Hash: 82add2897741b4a2aaf5b57c1b488284a25f9b7e72b854fefd8ae069d7a4c9ac

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36

Response headers

date: Tue, 13 Feb 2024 01:38:06 GMT
content-encoding: gzip
last-modified: Tue, 02 Jan 2024 16:28:17 GMT
server: nginx
x-amz-request-id: tx00000adf6a0d57d9a7dd8-0065caa38f-3296fce9-default
etag: W/"0fa0613e82fdb022c2dca1c92ff124e1"
x-cache-status: STALE
vary: Accept-Encoding
content-type: application/x-javascript
access-control-allow-origin: *
access-control-expose-headers: Content-Range,Content-Length
x-rgw-object-type: Normal
cache-control: public, max-age=604800

GET
H2 200 or3hQ67z0_CI33voSYTwJrU.woff2
fonts.gstatic.com/s/jaldi/v12/ Frame 3846 22 KB
23 KB 94ms
33ms Font
font/woff2 2a00:1450:4001:831::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/jaldi/v12/or3hQ67z0_CI33voSYTwJrU.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Jaldi:400,700

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:831::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

369f8ab83001212600a060e3eeb96d745a236dae4d6cb76d999bf4febec3b1ee

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://googleads.g.doubleclick.net
accept-language: fr-FR,fr;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36

Response headers

date: Thu, 08 Feb 2024 00:04:04 GMT
x-content-type-options: nosniff
age: 437642
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 22672
x-xss-protection: 0
last-modified: Tue, 26 Apr 2022 15:48:44 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Fri, 07 Feb 2025 00:04:04 GMT

GET
H2 200 or3sQ67z0_CI33NTbJE.woff2
fonts.gstatic.com/s/jaldi/v12/ Frame 3846 21 KB
21 KB 120ms
60ms Font
font/woff2 2a00:1450:4001:831::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/jaldi/v12/or3sQ67z0_CI33NTbJE.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Jaldi:400,700

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:831::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

6d64504311b45faa0689f772c00f48884df02da356add532e76d2ba0f4a42bd8

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://googleads.g.doubleclick.net
accept-language: fr-FR,fr;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36

Response headers

date: Thu, 08 Feb 2024 00:04:22 GMT
x-content-type-options: nosniff
age: 437624
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 21844
x-xss-protection: 0
last-modified: Tue, 26 Apr 2022 15:39:40 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Fri, 07 Feb 2025 00:04:22 GMT

GET
H3 200 sodar Show response
pagead2.googlesyndication.com/getconfig/ Frame 9918 16 KB
12 KB 97ms
41ms XHR
application/json 2a00:1450:4001:82b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gda&tv=r20240208&st=env

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

5eba576c1ed0abcefeb1316440940e7bc3717eb0b497329cdbab628e122ed854

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: http://www.victoireturf.ht.cx/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36

Response headers

date: Tue, 13 Feb 2024 01:38:06 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
content-type: application/json; charset=UTF-8
access-control-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 12500
x-xss-protection: 0

GET
H3 200 sodar2.js Show response
tpc.googlesyndication.com/sodar/ Frame 9918 17 KB
6 KB 67ms
66ms Script
text/javascript 2a00:1450:4001:828::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: http://www.victoireturf.ht.cx/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36

Response headers

date: Tue, 13 Feb 2024 01:38:06 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 6386
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
etag: "1637097310169751"
vary: Accept-Encoding
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Tue, 13 Feb 2024 01:38:06 GMT

GET
H3 200 runner.html Show response
tpc.googlesyndication.com/sodar/sodar2/225/ Frame 6E27 13 KB
5 KB 29ms
28ms Document
text/html 2a00:1450:4001:828::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: http://www.victoireturf.ht.cx/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36
accept-language: fr-FR,fr;q=0.9

Response headers

accept-ranges: bytes
age: 1402
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=31536000
content-encoding: gzip
content-length: 5046
content-type: text/html
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy: cross-origin
date: Tue, 13 Feb 2024 01:14:44 GMT
expires: Wed, 12 Feb 2025 01:14:44 GMT
last-modified: Mon, 21 Jun 2021 20:47:05 GMT
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server: sffe
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 aframe Show response
www.google.com/recaptcha/api2/ Frame 216C 829 B
1 KB 96ms
36ms Document
text/html 2a00:1450:4001:812::2004
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/recaptcha/api2/aframe

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:812::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

GSE /

Resource Hash

ba251c096132e27fab80c2f27b11444d24a5f08e0ae65e72398c35bdf19fc185

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-Xm2q9xg_IC-qXLT9Lk-Mlw' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: http://www.victoireturf.ht.cx/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36
accept-language: fr-FR,fr;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private, max-age=300
content-encoding: gzip
content-security-policy: script-src 'report-sample' 'nonce-Xm2q9xg_IC-qXLT9Lk-Mlw' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-type: text/html; charset=utf-8
cross-origin-embedder-policy: require-corp
cross-origin-resource-policy: cross-origin
date: Tue, 13 Feb 2024 01:38:06 GMT
expires: Tue, 13 Feb 2024 01:38:06 GMT
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
server: GSE
x-content-type-options: nosniff
x-xss-protection: 1; mode=block

GET
H3 200 s6Lo-ySsTFszeicWuLCsm9BIHYA2isJaSryvoQutTtY.js Show response
pagead2.googlesyndication.com/bg/ Frame 6E27 39 KB
15 KB 26ms
26ms Script
text/javascript 2a00:1450:4001:82b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/s6Lo-ySsTFszeicWuLCsm9BIHYA2isJaSryvoQutTtY.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

b3a2e8fb24ac4c5b337a2716b8b0ac9bd0481d80368ac25a4abcafa10bad4ed6

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36

Response headers

date: Tue, 13 Feb 2024 01:14:45 GMT
content-encoding: br
x-content-type-options: nosniff
age: 1401
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 15173
x-xss-protection: 0
last-modified: Mon, 05 Feb 2024 17:48:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Wed, 12 Feb 2025 01:14:45 GMT

GET
H3 204 sodar
pagead2.googlesyndication.com/pagead/ Frame 216C 0
0 58ms
57ms Image
text/html 2a00:1450:4001:82b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&li=gda_r20240208&jk=3396814919795606&rc=
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://www.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36

Response headers

GET
H3 204 generate_204
tpc.googlesyndication.com/ Frame 6E27 0
10 B 26ms
25ms Image
text/plain 2a00:1450:4001:828::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://tpc.googlesyndication.com/generate_204?g1wdJg
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:828::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36

Response headers

date: Tue, 13 Feb 2024 01:38:06 GMT
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0

GET
H3 200 activeview Show response
pagead2.googlesyndication.com/pcs/ Frame 0B7F 42 B
64 B 60ms
60ms Fetch
image/gif 2a00:1450:4001:82b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjssah2er7r5kuwhHmJ_FJuKmRe-LmdMnxLKkA4iaLU3y15Fm57IC2EbyDXnbZ-8UKshnynwhQLox8tO94apIcUbpr2jI7WzYWbfkoRa9u4qULU3PGSp0Eu_uEkXQP_mlrKr3YVDqKsGGsHz5p8XFbwPsXxIhE23lWKwRSQ&sai=AMfl-YSpQXoPtXz4jcc8jhrG_7qIzAYeWqXIkXfscDN_2lZnZPYhCFg2Wgy6BxvqtOvKHxeDINM4duWqNXDlKwrq_BZd_jL7am3_oZRQrUMw4AkZugkZVmYGfQO85hEH2tmCaRyCpjlMCpQ8UygUZ1sFAw&sig=Cg0ArKJSzKNjkorXyqTaEAE&cid=CAQSTwAvHhf_1R37mnPN0njtHP9Q9GePUmH3ckm-6OOdLY5xHUoRGfQ3PshE-Nf-xUUmc5JzxH0ZEagoLu252gSKiu2_7i2gW9r_Y-snSaMCHtEYAQ&id=lidar2&mcvt=1000&p=0,0,94,728&mtos=116,1000,1000,1000,1000&tos=116,884,0,0,0&v=20240208&bin=7&avms=nio&bs=0,0&mc=1&if=1&app=0&itpl=20&adk=2647235303&rs=2&la=0&cr=0&vs=4&r=v&co=372108500&rst=1707788285147&rpt=763&met=ie&wmsd=0&pbe=0&vae=0&spb=0&ffslot=0&reach=8&io2=0

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/activeview/current/ufs_web_display.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 13 Feb 2024 01:38:06 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 dt
dt.adsafeprotected.com/ Frame 0B7F 43 B
215 B 167ms
166ms Image
image/gif 2600:1f13:800:7780:6827:f78a:7ed8:a42
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dt.adsafeprotected.com/dt?advEntityId=1914784&asId=e6f293a7-86ea-1d01-a64c-9cc6c9d7ffe9&tv=%7Bc:444pf1,pingTime:1,time:1618,type:p,clog:%5B%7Bpiv:0,vs:o,r:r,w:728,h:90,t:12%7D,%7Bpiv:100,vs:i,r:,t:618%7D%5D,es:0,sc:1,ha:1,fgad:1,fif:0,gmnp:0,for:0,b11:0,cnod:1,gm:0,slTimes:%7Bi:1000,o:618,n:0,pp:0,pm:0%7D,slEvents:%5B%7Bsl:o,t:12,wc:0.0.1600.1200,ac:NaN.NaN.728.90,am:i,cc:NaN.NaN.728.90,piv:0,obst:0,th:0,reas:r,bkn:%7Bpiv:%5B613~0%5D,as:%5B613~728.90%5D%7D%7D,%7Bsl:i,t:618,wc:0.0.1600.1200,ac:NaN.NaN.728.90,am:i,cc:NaN.NaN.728.90,piv:100,obst:0,th:0,reas:,bkn:%7Bpiv:%5B1000~100%5D,as:%5B1000~728.90%5D%7D%7D%5D,slEventCount:2,em:true,fr:false,e:,tt:rjss,dtt:169,fm:u47TBv7+111%7C112%7C1131*.1914784-77641194%7C11311%7C11312%7C12%7C13,idMap:1131*,rmeas:1,rend:1,renddet:DIV.qs.sn,siq:13,sis:216%7D&br=c
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2600:1f13:800:7780:6827:f78a:7ed8:a42 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: nginx /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 13 Feb 2024 01:38:07 GMT
server: nginx
x-server-name: dt19.or.303net.net
p3p: CP="COM NAV INT STA NID OUR IND NOI"
content-type: image/gif
cache-control: no-cache
content-length: 43

GET
H2 200 dt
dt.adsafeprotected.com/ Frame 0B7F 43 B
215 B 168ms
167ms Image
image/gif 2600:1f13:800:7780:6827:f78a:7ed8:a42
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dt.adsafeprotected.com/dt?advEntityId=1914784&asId=e6f293a7-86ea-1d01-a64c-9cc6c9d7ffe9&tv=%7Bc:444pf1,pingTime:1,time:1618,type:pf,clog:%5B%7Bpiv:0,vs:o,r:r,w:728,h:90,t:12%7D,%7Bpiv:100,vs:i,r:,t:618%7D%5D,es:0,sc:1,ha:1,fgad:1,fif:0,gmnp:0,for:0,b11:0,cnod:1,gm:0,slTimes:%7Bi:1000,o:618,n:0,pp:0,pm:0%7D,slEvents:%5B%7Bsl:o,t:12,wc:0.0.1600.1200,ac:NaN.NaN.728.90,am:i,cc:NaN.NaN.728.90,piv:0,obst:0,th:0,reas:r,bkn:%7Bpiv:%5B613~0%5D,as:%5B613~728.90%5D%7D%7D,%7Bsl:i,t:618,wc:0.0.1600.1200,ac:NaN.NaN.728.90,am:i,cc:NaN.NaN.728.90,piv:100,obst:0,th:0,reas:,bkn:%7Bpiv:%5B1000~100%5D,as:%5B1000~728.90%5D%7D%7D%5D,slEventCount:2,em:true,fr:false,e:,tt:rjss,dtt:169,fm:u47TBv7+111%7C112%7C1131*.1914784-77641194%7C11311%7C11312%7C12%7C13,idMap:1131*,rmeas:1,rend:1,renddet:DIV.qs.sn,siq:13,sis:216%7D&br=c
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2600:1f13:800:7780:6827:f78a:7ed8:a42 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: nginx /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 13 Feb 2024 01:38:07 GMT
server: nginx
x-server-name: dt20.or.303net.net
p3p: CP="COM NAV INT STA NID OUR IND NOI"
content-type: image/gif
cache-control: no-cache
content-length: 43

GET
H3 204 sodar
pagead2.googlesyndication.com/pagead/ Frame 9918 0
0 61ms
60ms Image
text/html 2a00:1450:4001:82b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&t=2&li=gda_r20240208&jk=3396814919795606&bg=!oKOlo-zNAAaxkZ3akZE7ADQBe5WfOBsD2C8J9TDrPUqIXvF-RBF5cTx3leiE4BabeFbYc8nkOj3zsfAHA1G4V-3IiTxuAgAAAGxSAAAAAmgBB5kC7kmSOwsPpPRuzlcJVCMlNQ6vPnmYOcUHdT_Yh2tq30SkTpTXRMI3F2jnkasbATlzNoeZlFfDaVN72bbonj0R1-tx5u1QNfnzoCVebpKzJ5vt7KoTBliBc1JI--rG9aaCpEiCk_iGm6Y8LbJqdhtCXNp1V8dmQescTbpzFsSAmC77XTun59Deak6o_QSAFUB_HLEwwLiC524J0WO2Kw34QLzEigO70Yr13mL0CRKh_vL_kAHlnag_935oDgDjAldHJ429BVqDInEpPDHkPrgQqwXkA0czjKGFbjBabRUOEsdBfcq6BdXcnqDkvfV7OjJ_sKthky9Y2A40_Qphz6MPuV9HEBoOM4B1JDambFdNvEuD2kOckfMrIXm3j2wkphnG34op12mCcnfO5kEDcZHpkIhLML1r1G_gE1v5jI6uFhzhcz3XDRAhqdOwLcNXiXfj9598cfeywN8ktS6kGxt5AsLikEyQHftrqHX4w2KZxFolMTj_eTxbvP26P5NSUehYfkuvb-kOFhjZO5CyreEhAYsX3HwNGOX-htFJHmMQhp1Q9cdKp88X_z3RK7VtxGZSR3iDX1aC6qLv6pmWphE6wUb4VtPc3x3Hh6tVk985fpzs0FKuANVCap3Za94nAinKIuoh-4jPbMtNVvBlB19LV0e07LKzLmy8avqSXrBo5gkY3iE_FrRSz6__U-CutdqLJzan0EsxCy-38L23lqX8OvpgtQHJmt_f9CO4B6zwXPtRtMxb_iYqWVJl-VhZBSS8kIzC3FlLvJxQlT1zlpnqxJqxFRnH3NNfqt47QqWDIgbx29Yj1MG-KcjQoA-KOpqymT1kbatj6bXyWm_zByETtTnHGCKUytY2MbrR9JWdScKANyWKbGjJchkI983HPgDHWPvc9Sv2SJmKHfFF5ctKQK8YdBgnVbArzwq8jWZFJR0DdHKIvtXsrxNSHgGauN0-HNStNgxO1v33buMMjs_6I4AvNpUzxjxWMAlBpAH9_Q
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: http://www.victoireturf.ht.cx/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36

Response headers

POST
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame 0B7F 0
20 B 57ms
57ms Ping
image/gif 2a00:1450:4001:82b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=dv3-render&msg=tler&ord=4930894355862&version=m202401290101&ct=77&x=1&cor=10014554480432314000

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/dv3.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 13 Feb 2024 01:38:07 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H2 200 /
track.adform.net/serving/unload/ Frame 0B7F 35 B
600 B 37ms
36ms Ping
image/gif 37.157.5.84
ADFORM

General

Check archive.org

Show headers Download Go to

Full URL

https://track.adform.net/serving/unload/?version=15&unload=2871878630498478796@@70610326,4775557134146536734,100|1164|0|0|0|0|0|0|0||40|1|||||1|0|0|WXDXJCn1wcVcPlakbYq96TfzwCGRkyBhznjrV2deYeQjdcC4UIUeXa55XJEIBmke0|||11||0|0|

Requested by

Host: s1.adform.net
URL: https://s1.adform.net/stoat/631/s1.adform.net/bootstrap.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

37.157.5.84 , Denmark, ASN198622 (ADFORM, DK),

Reverse DNS

Software

nginx /

Resource Hash

8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Referer: https://googleads.g.doubleclick.net/
accept-language: fr-FR,fr;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

pragma: no-cache
date: Tue, 13 Feb 2024 01:38:07 GMT
strict-transport-security: max-age=31536000; includeSubDomains
server: nginx
accept-ch: Sec-CH-UA,Sec-CH-UA-Arch,Sec-CH-UA-Bitness,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version
access-control-max-age: 86400
access-control-allow-methods: GET, POST
content-type: image/gif
access-control-allow-origin: https://googleads.g.doubleclick.net
p3p: CP="NOI DSP COR NID CURa ADMa DEVa TAIa PSAa PSDa OUR LEG NAV INT"
cache-control: no-cache, no-store, must-revalidate, no-transform
access-control-allow-credentials: true
access-control-allow-headers: Content-Type, Cache-Control, Accept-Encoding, X-Requested-With
expires: -1

GET
H2 200 dt
dt.adsafeprotected.com/ Frame 0B7F 43 B
215 B 168ms
168ms Image
image/gif 2600:1f13:800:7780:6827:f78a:7ed8:a42
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dt.adsafeprotected.com/dt?advEntityId=1914784&asId=e6f293a7-86ea-1d01-a64c-9cc6c9d7ffe9&tv=%7Bc:444pwL,pingTime:2,time:2718,type:c,clog:%5B%7Bpiv:0,vs:o,r:r,w:728,h:90,t:12%7D,%7Bpiv:100,vs:i,r:,t:618%7D%5D,es:0,sc:1,ha:1,fgad:1,fif:0,gmnp:0,for:0,b11:0,cnod:1,gm:0,slTimes:%7Bi:2100,o:618,n:0,pp:0,pm:0%7D,slEvents:%5B%7Bsl:o,t:12,wc:0.0.1600.1200,ac:NaN.NaN.728.90,am:i,cc:NaN.NaN.728.90,piv:0,obst:0,th:0,reas:r,bkn:%7Bpiv:%5B613~0%5D,as:%5B613~728.90%5D%7D%7D,%7Bsl:i,t:618,wc:0.0.1600.1200,ac:NaN.NaN.728.90,am:i,cc:NaN.NaN.728.90,piv:100,obst:0,th:0,reas:,bkn:%7Bpiv:%5B2100~100%5D,as:%5B2100~728.90%5D%7D%7D%5D,slEventCount:2,em:true,fr:false,e:,tt:rjss,dtt:170,fm:u47TBv7+111%7C112%7C1131*.1914784-77641194%7C11311%7C11312%7C12%7C13,idMap:1131*,rmeas:1,rend:1,renddet:DIV.qs.sn,siq:13,metricId:qktrf1,cmr:t,sis:216%7D&br=c
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2600:1f13:800:7780:6827:f78a:7ed8:a42 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: nginx /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 13 Feb 2024 01:38:08 GMT
server: nginx
x-server-name: dt03.or.303net.net
p3p: CP="COM NAV INT STA NID OUR IND NOI"
content-type: image/gif
cache-control: no-cache
content-length: 43

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain: www.duvaldestin.com
URL: http://www.duvaldestin.com/logo.gif

Domain: jmbazire.genhit.com
URL: http://jmbazire.genhit.com/logo

Verdicts & Comments Add Verdict or Comment

8 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

15 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
payment.allopass.com/	1969-12-31 23:59:59	Name: ShopSessionId Value: dc747557-4451-4cb2-b1db-d1f9409364b8
.allopass.com/	1970-01-21 03:08:44	Name: AP_CUSK Value: 3643300910
.doubleclick.net/	1970-01-21 03:44:44	Name: IDE Value: AHWqTUnVkGrZuaCrxD0XHHsmUNPAsC_GouK_zNIYVeTDFfyDr5b8EZcGsqozDBy7
.doubleclick.net/	1970-01-20 22:42:20	Name: APC Value: AfxxVi4h7jRLhrbDBrBVuspIUnlrSdhweyBaOsLoxrnM1NCg0d-x2w
.doubleclick.net/	1970-01-20 22:42:20	Name: receive-cookie-deprecation Value: 1
.doubleclick.net/	1970-01-20 19:06:20	Name: ar_debug Value: 1
.adform.net/	1970-01-20 19:04:53	Name: C Value: 1
.adform.net/	1970-01-20 19:49:28	Name: receive-cookie-deprecation Value: 1
.adform.net/	1970-01-20 19:49:28	Name: uid Value: 2871878630498478796
.adform.net/	1970-01-20 18:33:13	Name: TPC Value: 1707788285864
.ht.cx/	1970-01-21 03:44:44	Name: __gads Value: ID=8b2499e451a5b48b:T=1707788284:RT=1707788284:S=ALNI_MaHOqu3PRZQWz_OsqYKwUjyQ5ofOQ
.ht.cx/	1970-01-21 03:44:44	Name: __gpi Value: UID=00000d57921c9e36:T=1707788284:RT=1707788284:S=ALNI_MZ_8H9nSlwW7Uib7UnH7Pt5ktdi3w
.ht.cx/	1970-01-20 22:42:20	Name: __eoi Value: ID=d13d4841ed356a64:T=1707788284:RT=1707788284:S=AA-AfjZjuc_x9jFs3Zg2080JG3Kf
.weborama.fr/	1970-01-21 03:49:03	Name: AFFICHE_W Value: SQw6YySWJs9J28
edf.solution.weborama.fr/	1969-12-31 23:59:59	Name: ar_debug Value: 1

74 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
network	error	URL: http://jmbazire.genhit.com/logo Message: Failed to load resource: net::ERR_NAME_NOT_RESOLVED
network	error	URL: http://www.duvaldestin.com/logo.gif Message: Failed to load resource: net::ERR_NAME_NOT_RESOLVED
other	warning	URL: http://www.victoireturf.ht.cx/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: http://www.victoireturf.ht.cx/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: http://www.victoireturf.ht.cx/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: http://www.victoireturf.ht.cx/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: http://www.victoireturf.ht.cx/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: http://www.victoireturf.ht.cx/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: http://www.victoireturf.ht.cx/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: http://www.victoireturf.ht.cx/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: http://www.victoireturf.ht.cx/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: http://www.victoireturf.ht.cx/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: http://www.victoireturf.ht.cx/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: http://www.victoireturf.ht.cx/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: http://www.victoireturf.ht.cx/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: http://www.victoireturf.ht.cx/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: http://www.victoireturf.ht.cx/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: http://www.victoireturf.ht.cx/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: http://www.victoireturf.ht.cx/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: http://www.victoireturf.ht.cx/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: http://www.victoireturf.ht.cx/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: http://www.victoireturf.ht.cx/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: http://www.victoireturf.ht.cx/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: http://www.victoireturf.ht.cx/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: http://www.victoireturf.ht.cx/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: http://www.victoireturf.ht.cx/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: http://www.victoireturf.ht.cx/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: http://www.victoireturf.ht.cx/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: http://www.victoireturf.ht.cx/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: http://www.victoireturf.ht.cx/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: http://www.victoireturf.ht.cx/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: http://www.victoireturf.ht.cx/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: http://www.victoireturf.ht.cx/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: http://www.victoireturf.ht.cx/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: http://www.victoireturf.ht.cx/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: http://www.victoireturf.ht.cx/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: http://www.victoireturf.ht.cx/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: http://www.victoireturf.ht.cx/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: http://www.victoireturf.ht.cx/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: http://www.victoireturf.ht.cx/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: http://www.victoireturf.ht.cx/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: http://www.victoireturf.ht.cx/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: http://www.victoireturf.ht.cx/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
network	error	URL: https://s1.adform.net/Banners/Elements/Files/2009362/14143317/bvpath_257/images/logo.png Message: Failed to load resource: the server responded with a status of 404 ()
other	warning	URL: http://www.victoireturf.ht.cx/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: http://www.victoireturf.ht.cx/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: http://www.victoireturf.ht.cx/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
network	error	URL: https://s1.adform.net/Banners/Elements/Files/2009362/14143317/bvpath_257/images/logobig.png Message: Failed to load resource: the server responded with a status of 404 ()
other	warning	URL: http://www.victoireturf.ht.cx/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: http://www.victoireturf.ht.cx/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: http://www.victoireturf.ht.cx/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
network	error	URL: https://s1.adform.net/Banners/Elements/Files/2009362/14143317/bvpath_257/images/picto.png Message: Failed to load resource: the server responded with a status of 404 ()
other	warning	URL: http://www.victoireturf.ht.cx/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: http://www.victoireturf.ht.cx/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: http://www.victoireturf.ht.cx/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
network	error	URL: https://s1.adform.net/Banners/Elements/Files/2009362/14143317/bvpath_257/images/pictobis.png Message: Failed to load resource: the server responded with a status of 404 ()
other	warning	URL: http://www.victoireturf.ht.cx/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: http://www.victoireturf.ht.cx/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: http://www.victoireturf.ht.cx/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
network	error	URL: https://s1.adform.net/Banners/Elements/Files/2009362/14143317/bvpath_257/images/picto2.png Message: Failed to load resource: the server responded with a status of 404 ()
other	warning	URL: http://www.victoireturf.ht.cx/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: http://www.victoireturf.ht.cx/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: http://www.victoireturf.ht.cx/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
network	error	URL: https://s1.adform.net/Banners/Elements/Files/2009362/14143317/bvpath_257/images/back.jpg Message: Failed to load resource: the server responded with a status of 404 ()
other	warning	URL: http://www.victoireturf.ht.cx/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: http://www.victoireturf.ht.cx/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: http://www.victoireturf.ht.cx/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
network	error	URL: https://s1.adform.net/Banners/Elements/Files/2009362/14143317/bvpath_257/images/cta.png Message: Failed to load resource: the server responded with a status of 404 ()
other	warning	URL: http://www.victoireturf.ht.cx/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: http://www.victoireturf.ht.cx/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: http://www.victoireturf.ht.cx/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: http://www.victoireturf.ht.cx/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: http://www.victoireturf.ht.cx/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: http://www.victoireturf.ht.cx/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

ad.doubleclick.net
cdnjs.cloudflare.com
dt.adsafeprotected.com
edf.solution.weborama.fr
fonts.googleapis.com
fonts.gstatic.com
fw.adsafeprotected.com
googleads.g.doubleclick.net
jmbazire.genhit.com
pagead2.googlesyndication.com
payment.allopass.com
s1.adform.net
static.adsafeprotected.com
static.gambling-affiliation.com
tpc.googlesyndication.com
track.adform.net
www.bazireturf.com
www.duvaldestin.com
www.gambling-affiliation.com
www.google.com
www.googletagmanager.com
www.tresorturf.com
www.venez.fr
www.victoireturf.ht.cx
jmbazire.genhit.com
www.duvaldestin.com
142.250.185.70
185.119.26.1
194.150.236.179
194.150.236.236
2600:1f13:800:7780:6827:f78a:7ed8:a42
2600:9000:2046:8200:8:48e:53c0:93a1
2606:4700::6811:180e
2a00:1450:4001:810::2008
2a00:1450:4001:811::200a
2a00:1450:4001:812::2004
2a00:1450:4001:828::2001
2a00:1450:4001:82a::2002
2a00:1450:4001:82b::2002
2a00:1450:4001:831::2003
37.157.2.250
37.157.5.84
5.135.149.81
52.48.174.31
91.198.105.122
91.216.195.7
009ff081ff536832beef2afa5d6db4d3b645ca0d9188a8c62e43f113b48b2334
01cee6a7a3f1444680b188ab84052e2b6c85966f53a718d3926135ebcc832ffd
03270b32942d980ebd040c07bd47e525d9fa8f1e73ebd92d0b6f4222788ebd1b
0c037c983fb5077f949e6f817e2b38db965eb7776fa7f6049d71d28bae1143fc
0c91a24c2deb753c963c48cd9c3e5d16ee96128b30bce193c4324e121728c306
187259aeb9d5b04cfed863a8d2859464b445e0d2c9ff9aada38e697390f8b5d0
23d11567502488b4905a85c8ce6a03d6ce539620fa559b8f24a2a95b292a2c6a
245cec0922828c15b3709eb696bb5a565f2f911f71e242024570698701c9540c
3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5
31ebf9aeaedcdaec75a827066eb352390f6d78b489a47153dd53705595d484ca
3289fc83b622ca0a13683fa81b006a05de135d1938744d6e30e5c9be2f2d782a
338c8b352f04bd1850d9b85d39fcea1f11e3ff81c33c051fd33090099f6473ac
3508073c7c692b753d7e53ea1b605fb5f905d83445f31ace0c68eaabab782122
35248f88c0ee208f73e61be7b8d786ad63c3f46a104bc03c320185ee70400f75
369f8ab83001212600a060e3eeb96d745a236dae4d6cb76d999bf4febec3b1ee
38387d110f7e91c271ffe13997e4cfe654c65fc2068bff109404582e37a94040
3e172351681175a64b1e409719b4e5275cce06c8620547ce26fe08f6a669198e
435db380c9936c0970dcd3d9941eab6aec2fcf2a38c3e2b4e02d957e8e76bd1f
49c9f7121ee9c8b1b6e598b86ad821c2a431dec20ea2a26a51a0099e1ea7d403
49cae39b5b91b05391a99c346640060dc6db5448865ce1077e696689f3396792
49d4ba84e10d9d1f2a83956dde4f20625fd11efc01f60a3a4552a9e09a05a74f
55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a
5725ec903bd9784dda20be8167690234b4d49129ff3f6e31d90e827b36ae49bb
5cb72016b6c5a745d9243bea38f54450864f41db68d454c0cd8589c1a597f773
5eba576c1ed0abcefeb1316440940e7bc3717eb0b497329cdbab628e122ed854
61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb
668f12866120ce987c24de1142813b0b32c4e5dde51974dc73fdd5425ecd7ab0
6708a8ec82fad521076f2579c9873b1335aad3bd231cdb2972ea0bfb38689d97
6d64504311b45faa0689f772c00f48884df02da356add532e76d2ba0f4a42bd8
719314f680a79defc6c02a7dbaff63da48911cbf418614226bde044fb02e065d
7a785e8b2ad30e6279397d656a61f70ad6341ee944c310df19593d8fabd79d9f
7dc792d48132ff15a9ad8c11a139bf26f8e13aa3df30a71582ae406ddffdab4f
7dd9659e56e92abc376e04d427903b2cfca1d52d854d38e35fefa4cf9e7fd9db
82add2897741b4a2aaf5b57c1b488284a25f9b7e72b854fefd8ae069d7a4c9ac
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
836a724bcf3b0dc34e3c8e33deb5382d24bbac8b61d187c89b67240a43d59bd1
864c8de2401de5d4179c83883d86996453df5bbfe3cc7263043a77e15efd7109
89391a110a6d09418ed926d589d796f867c3bdcaf125a91659b7c8fd76f00018
8eedb54e51cf6068d2eb85fafcd57918142e775b23150a36c489af87f80383ae
95eb15e76b752a9c78d6281cd3b7c43a8fbc2931783edf3bf3703af55eff06e2
99eb12f2ab3c4866a353e098ffa3cb7a967e617c49b98480394ec5d8ea92b094
9ba2c2b2479cc7044e4af1a0123ec24531e8ad57aa91d4d5655405a148271589
a863a77e9ee263a0ec9c1e792bb33ed0f663582b7369f472261df7b6040990c4
a9361f6301cf0057382fa5f7509b4e94555713bdd79d72d62e3402a7fa3ac701
b00c094adf05e6690e7c9c4a5c5a0c194a2b73cd18e8fd3800acbff1d58d87f8
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b
b36148a7ba888782e5fa1d52baa3db9045256fbea35a369412938cec151fff4d
b3a2e8fb24ac4c5b337a2716b8b0ac9bd0481d80368ac25a4abcafa10bad4ed6
ba251c096132e27fab80c2f27b11444d24a5f08e0ae65e72398c35bdf19fc185
bf3bfb57d76447862f2de7bbf6d1efde991b9df6a43a1e2b6ac698190d2ef6b0
ce1c7424d8cd1451da993be1adca87caf6047a1fd749719f3b242b864a922d79
d1d6b5efe0d6c2540778435a8f7873cbec1eb76a2b107370388a8806cb5dda6a
d2dcb1d97201dd1dd9d255a76ab21ba83ad0f6255534622b4b30c0d31ca54646
d6c6e81746a729aaae8c402916022c88cf81b62d9f57edf7d783861b57734305
e1ef44bacf5da572d77131f447646f8c3da2fc7765e90c73a664c69121c71e87
e3a0169c93ee99ee209e212f1f9b711712aa8546cd9bc4a8f4bc431df18dabde
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
eb66c7c9d097d5ba414230f422484c17fa6f37157d30e1ded2cc5f65a9667987
ed0e7e64215a9663152e2d5c1c9a5ba0fe76c9f5de3dfe71bf45f0a64e977c69
ed8343699e054a0900f23319e31cba32ad43bf77136313508ea25d86073366bb
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
f82b23f5cdff192557b6209b0b0dfd051f680ce67d0c8be84911f90771f73e74
fc01ed57d1edc90d3c90024746ce98d16362529291a8f93ef551ae53d59bb06c

www.victoireturf.ht.cx Open in urlscan Pro 5.135.149.81 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Detected technologies

Page Statistics

91 Requests

80 %HTTPS

50 %IPv6

18 Domains

24 Subdomains

21 IPs

5 Countries

1337 kBTransfer

2847 kBSize

15 Cookies

0 Outgoing links

Redirected requests

91 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 1 data transactions

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

www.victoireturf.ht.cx Open in urlscan Pro
5.135.149.81 Public Scan

Screenshot
Live screenshot

Full Image

91
Requests

80 %
HTTPS

50 %
IPv6

18
Domains

24
Subdomains

21
IPs

5
Countries

1337 kB
Transfer

2847 kB
Size

15
Cookies

91 HTTP transactions
1 data transactions