topcouple.vu.cx Open in urlscan Pro
5.135.149.81 Public Scan

Go To Rescan
Add Verdict Report

URL:
http://topcouple.vu.cx/
Submission: On June 14 via manual (June 14th 2023, 2:14:24 pm UTC) from ML — Scanned from FR

Summary HTTP 61 Redirects Behaviour Indicators

Summary

This website contacted 17 IPs in 4 countries across 15 domains to perform 61 HTTP transactions. The main IP is 5.135.149.81, located in Le Chesnay, France and belongs to OVH, FR. The main domain is topcouple.vu.cx.

This is the only time topcouple.vu.cx was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
10	5.135.149.81 5.135.149.81	16276 (OVH) (OVH)
11	193.37.145.66 193.37.145.66	210403 (LWS) (LWS)
4	185.119.26.1 185.119.26.1	203544 (WEBDEVIIN-AS) (WEBDEVIIN-AS)
1	194.0.255.28 194.0.255.28	8218 (NEO-ASN l...) (NEO-ASN legacy Neotelecoms)
15	2a00:1450:400... 2a00:1450:4001:810::2002	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:80b::2008	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:82b::2002	15169 (GOOGLE) (GOOGLE)
2	2a00:1450:400... 2a00:1450:4001:811::2002	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:829::200e	15169 (GOOGLE) (GOOGLE)
2	142.250.186.162 142.250.186.162	15169 (GOOGLE) (GOOGLE)
7	2a00:1450:400... 2a00:1450:4001:829::2001	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:813::2006	15169 (GOOGLE) (GOOGLE)
3 4	142.250.186.34 142.250.186.34	15169 (GOOGLE) (GOOGLE)
3 5	185.80.39.216 185.80.39.216	27381 (CASALE-MEDIA) (CASALE-MEDIA)
2 3	37.252.171.84 37.252.171.84	29990 (ASN-APPNEX) (ASN-APPNEX)
1	2a00:1450:400... 2a00:1450:4001:831::2004	15169 (GOOGLE) (GOOGLE)
61	17

10 5.135.149.81 (Le Chesnay, France)

ASN16276 (OVH, FR)
PTR: web3.venez.net

topcouple.vu.cx	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
www.venez.fr	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

11 193.37.145.66 (France)

ASN210403 (LWS, FR)

www.lesleaders.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 185.119.26.1 (France)

ASN203544 (WEBDEVIIN-AS, FR)
PTR: 1.26.119.185.in-addr.arpa

payment.allopass.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 194.0.255.28 (France)

ASN8218 (NEO-ASN legacy Neotelecoms, FR)
PTR: srv28.bdmultimedia.fr

script.starpass.fr	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

15 2a00:1450:4001:810::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

pagead2.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
googleads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:80b::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.googletagmanager.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:82b::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

partner.googleadservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:811::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

adservice.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
www.googletagservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:829::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 142.250.186.162 (United States)

ASN15169 (GOOGLE, US)
PTR: fra24s08-in-f2.1e100.net

googleads4.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

7 2a00:1450:4001:829::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

tpc.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:813::2006 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

s0.2mdn.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 142.250.186.34 (United States) 3 redirects

ASN15169 (GOOGLE, US)
PTR: fra24s04-in-f2.1e100.net

cm.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 185.80.39.216 (Canada) 3 redirects

ASN27381 (CASALE-MEDIA, CA)

dsum-sec.casalemedia.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 37.252.171.84 (Frankfurt am Main, Germany) 2 redirects

ASN29990 (ASN-APPNEX, US)
PTR: 1002.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net

ib.adnxs.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:831::2004 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
19	googlesyndication.com pagead2.googlesyndication.com — Cisco Umbrella Rank: 133 tpc.googlesyndication.com — Cisco Umbrella Rank: 155	264 KB
11	lesleaders.com www.lesleaders.com	334 KB
9	doubleclick.net 3 redirects googleads.g.doubleclick.net — Cisco Umbrella Rank: 57 googleads4.g.doubleclick.net — Cisco Umbrella Rank: 359 cm.g.doubleclick.net — Cisco Umbrella Rank: 244	44 KB
7	venez.fr www.venez.fr	9 KB
5	casalemedia.com 3 redirects dsum-sec.casalemedia.com — Cisco Umbrella Rank: 621	4 KB
4	allopass.com payment.allopass.com	11 KB
3	adnxs.com 2 redirects ib.adnxs.com — Cisco Umbrella Rank: 249	3 KB
3	vu.cx topcouple.vu.cx	3 KB
2	google.com adservice.google.com — Cisco Umbrella Rank: 107 www.google.com — Cisco Umbrella Rank: 3	2 KB
1	googletagservices.com www.googletagservices.com — Cisco Umbrella Rank: 207	55 KB
1	2mdn.net s0.2mdn.net — Cisco Umbrella Rank: 338	16 KB
1	google-analytics.com www.google-analytics.com — Cisco Umbrella Rank: 60	21 KB
1	googleadservices.com partner.googleadservices.com — Cisco Umbrella Rank: 1107	599 B
1	googletagmanager.com www.googletagmanager.com — Cisco Umbrella Rank: 82	50 KB
1	starpass.fr script.starpass.fr	289 B
61	15

	Domain	Requested by
12	pagead2.googlesyndication.com	topcouple.vu.cx pagead2.googlesyndication.com googleads.g.doubleclick.net tpc.googlesyndication.com www.googletagservices.com
11	www.lesleaders.com	topcouple.vu.cx www.lesleaders.com
7	tpc.googlesyndication.com	googleads.g.doubleclick.net tpc.googlesyndication.com pagead2.googlesyndication.com
7	www.venez.fr	topcouple.vu.cx www.venez.fr
5	dsum-sec.casalemedia.com	3 redirects googleads.g.doubleclick.net
4	cm.g.doubleclick.net	3 redirects googleads.g.doubleclick.net
4	payment.allopass.com	www.lesleaders.com payment.allopass.com
3	ib.adnxs.com	2 redirects googleads.g.doubleclick.net
3	googleads.g.doubleclick.net	pagead2.googlesyndication.com googleads.g.doubleclick.net
3	topcouple.vu.cx	topcouple.vu.cx
2	googleads4.g.doubleclick.net	googleads.g.doubleclick.net
1	www.google.com	tpc.googlesyndication.com
1	www.googletagservices.com	googleads.g.doubleclick.net
1	s0.2mdn.net	googleads.g.doubleclick.net
1	www.google-analytics.com	www.googletagmanager.com
1	adservice.google.com	pagead2.googlesyndication.com
1	partner.googleadservices.com	pagead2.googlesyndication.com
1	www.googletagmanager.com	payment.allopass.com
1	script.starpass.fr	www.lesleaders.com
61	19

This site contains no links.

Subject Issuer	Validity	Valid
*.allopass.com Sectigo RSA Domain Validation Secure Server CA	`2022-10-07` - `2023-10-07`	a year	crt.sh
script.starpass.fr ZeroSSL RSA Domain Secure Site CA	`2023-05-17` - `2023-08-15`	3 months	crt.sh
venez.fr R3	`2023-06-12` - `2023-09-10`	3 months	crt.sh
*.g.doubleclick.net GTS CA 1C3	`2023-05-22` - `2023-08-14`	3 months	crt.sh
*.google-analytics.com GTS CA 1C3	`2023-05-22` - `2023-08-14`	3 months	crt.sh
*.googleadservices.com GTS CA 1C3	`2023-05-22` - `2023-08-14`	3 months	crt.sh
*.google.com GTS CA 1C3	`2023-05-22` - `2023-08-14`	3 months	crt.sh
tpc.googlesyndication.com GTS CA 1C3	`2023-05-22` - `2023-08-14`	3 months	crt.sh
*.doubleclick.net GTS CA 1C3	`2023-05-22` - `2023-08-14`	3 months	crt.sh
www.google.com GTS CA 1C3	`2023-05-22` - `2023-08-14`	3 months	crt.sh

This page contains 11 frames:

Primary Page: http://topcouple.vu.cx/
Frame ID: 2DD10B1888612E3E8537818D310FA08C
Requests: 1 HTTP requests in this frame

Frame: http://topcouple.vu.cx/barre-topcouple.vu.cx.html
Frame ID: 7A0FE4E739D73B5732518036B2DC8912
Requests: 11 HTTP requests in this frame

Frame: http://www.lesleaders.com/turf/topcouple/
Frame ID: 48EF411457FCC3F9215DB35A5EFBE82A
Requests: 18 HTTP requests in this frame

Frame: http://topcouple.vu.cx/stats-topcouple.vu.cx.html
Frame ID: B3467C1B7A4D6D4648B3ACED7816A47E
Requests: 1 HTTP requests in this frame

Frame: https://www.venez.fr/alternate-barre.htm
Frame ID: 23B713D91873C6368E9F83A8C3CDB278
Requests: 4 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/html/r20230613/r20190131/zrt_lookup.html
Frame ID: E8A4C978F9EC05EE0CBE20A40E1D25E0
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5203714787387788&output=html&h=90&slotname=4563536207&adk=2647235303&adf=3604715433&pi=t.ma~as.4563536207&w=970&format=970x90&url=http%3A%2F%2Ftopcouple.vu.cx%2F&ea=0&wgl=1&dt=1686752060210&bpp=4&bdt=361&idt=263&shv=r20230613&mjsv=m202306080101&ptt=9&saldr=aa&correlator=3747147395331&frm=23&ife=1&pv=2&ga_vid=586785074.1686752060&ga_sid=1686752060&ga_hid=1894332112&ga_fc=0&nhd=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&adx=20&ady=0&biw=1600&bih=1200&isw=1600&ish=90&ifk=1976710827&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759842%2C31071755%2C44788441&oid=2&pvsid=103952074307801&tmod=704952778&uas=0&nvt=1&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C90&vis=1&rsz=o%7Co%7CaeE%7C&abl=NA&pfx=0&fu=4&bc=23&ifi=1&uci=1.jk5ntlx10fsa&fsb=1&dtd=282
Frame ID: 5C8DBC844AE7B5D8E9D6F4D24ABA037C
Requests: 13 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/xbbe/pixel?d=CMCe2QEQ1rr1Ahjbp9nhATAB&v=APEucNW43wbECgmr1k40a5UiNvkneMVnuyINR74CJYv2ieUOPvEntv-wmG6E6et1lX1ZNstDf01DnYvRCYmK5NaEsMWk9SzCSuUsLgW6GN_Ah36eKGg_8O0mCMxkmYGs3ltzH7yFXpCb67KSl00IvJokv7DtA7VT0yqMSWAvDwvO4SJYwCWbu38
Frame ID: 39CB883DE8D2AF226AB229D150184F67
Requests: 5 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/Enqz_20U.html
Frame ID: 22A0A0856A82EF03B88BDD974D3EFFDF
Requests: 3 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Frame ID: 6B7189DDE02E82BA6C831C0D547B4823
Requests: 3 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/aframe
Frame ID: 8444418D144EB005579179EB90FEF255
Requests: 2 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

TOP COUPLE

Detected technologies

AppNexus (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

adnxs\.(?:net|com)

DoubleClick Campaign Manager (DCM) (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

2mdn\.net

Google AdSense (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

googlesyndication\.com/
2mdn\.net

Google Analytics (Analytics) Expand

Overall confidence: 100%
Detected patterns

google-analytics\.com/(?:ga|urchin|analytics)\.js

Google Tag Manager (Tag Managers) Expand

Overall confidence: 100%
Detected patterns

googletagmanager\.com/gtm\.js

Page Statistics

61
Requests

69 %
HTTPS

50 %
IPv6

15
Domains

19
Subdomains

17
IPs

4
Countries

812 kB
Transfer

1563 kB
Size

10
Cookies

0 Outgoing links

These are links going to different origins than the main page.

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 43

https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_dbm HTTP 302
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEM-5dDXAx7SUyhY_aJhIfKo&google_cver=1 HTTP 302
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEM-5dDXAx7SUyhY_aJhIfKo&google_cver=1&C=1

Request Chain 44

https://dsum-sec.casalemedia.com/rrum?ixi=0&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D HTTP 302
https://dsum-sec.casalemedia.com/rrum?cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D&cm_dsp_id=85&ixi=0&C=1 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_hm=ZInLPa0skbhS0FG13B5wsgAA HTTP 302
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEM-5dDXAx7SUyhY_aJhIfKo&google_cver=1

Request Chain 45

https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_cm&google_dbm HTTP 302
https://ib.adnxs.com/setuid?entity=101&code=CAESECfEuBGx_UDW5UiHFWpMBlc&google_cver=1

Request Chain 46

https://ib.adnxs.com/getuid?https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=${BASE64_UID_ENC} HTTP 307
https://ib.adnxs.com/bounce?%2Fgetuid%3Fhttps%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dappnexus%26google_hm%3D%24%7BBASE64_UID_ENC%7D HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=MTkyNDUyNjA5NTI0ODAwNzcxNw%3D%3D

61 HTTP transactions
1 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H/1.1 200
OK Primary Request / Show response
topcouple.vu.cx/ 3 KB
1 KB 137ms
25ms Document
text/html 5.135.149.81
OVH

General

Check archive.org

Show headers Download Go to

Full URL: http://topcouple.vu.cx/
Protocol: HTTP/1.1
Server: 5.135.149.81 Le Chesnay, France, ASN16276 (OVH, FR),
Reverse DNS: web3.venez.net
Software: Apache /
Resource Hash: b45d738e84fa5fe8d7f1a09347a1ada4a948c6b5e05fef0663819a5156afe519

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36
accept-language: fr-FR,fr;q=0.9

Response headers

Connection: Keep-Alive
Content-Encoding: gzip
Content-Length: 1092
Content-Type: text/html; charset=iso-8859-1
Date: Wed, 14 Jun 2023 14:14:19 GMT
Keep-Alive: timeout=5, max=100
Server: Apache
Vary: Accept-Encoding

GET
H/1.1 200
OK barre-topcouple.vu.cx.html Show response
topcouple.vu.cx/ Frame 7A0F 3 KB
2 KB 114ms
114ms Document
text/html 5.135.149.81
OVH

General

Check archive.org

Show headers Download Go to

Full URL: http://topcouple.vu.cx/barre-topcouple.vu.cx.html
Requested by: Host: topcouple.vu.cx
URL: http://topcouple.vu.cx/
Protocol: HTTP/1.1
Server: 5.135.149.81 Le Chesnay, France, ASN16276 (OVH, FR),
Reverse DNS: web3.venez.net
Software: Apache /
Resource Hash: 454ddae1c04cd1b948f30759b0852dafe0920d85de3bc2b2ecce8ca387528e05

Request headers

Referer: http://topcouple.vu.cx/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36
accept-language: fr-FR,fr;q=0.9

Response headers

Cache-Control: no-store, no-cache, must-revalidate post-check=0, pre-check=0
Connection: Keep-Alive
Content-Encoding: gzip
Content-Length: 1497
Content-Type: text/html; charset=ISO-8859-1
Date: Wed, 14 Jun 2023 14:14:19 GMT
Expires: Wed, 14 Jun 2023 14:14:19 GMT
Keep-Alive: timeout=5, max=99
Last-Modified: Wed, 14 Jun 2023 14:14:19 GMT
Pragma: no-cache
Server: Apache
Vary: Accept-Encoding

GET
H/1.1 200
OK / Show response
www.lesleaders.com/turf/topcouple/ Frame 48EF 11 KB
3 KB 101ms
35ms Document
text/html 193.37.145.66
LWS

General

Check archive.org

Show headers Download Go to

Full URL: http://www.lesleaders.com/turf/topcouple/
Requested by: Host: topcouple.vu.cx
URL: http://topcouple.vu.cx/
Protocol: HTTP/1.1
Server: 193.37.145.66 , France, ASN210403 (LWS, FR),
Reverse DNS
Software: /
Resource Hash: 191dff5c53c9dd06b8c911f34a875d6c873bb332c1a10b84072ac42155ce62bb

Request headers

Referer: http://topcouple.vu.cx/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36
accept-language: fr-FR,fr;q=0.9

Response headers

Cache-Control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
Connection: keep-alive
Content-Encoding: gzip
Content-Length: 2834
Content-Type: text/html; charset=UTF-8
Date: Wed, 14 Jun 2023 14:14:19 GMT
Expires: Thu, 19 Nov 1981 08:52:00 GMT
Pragma: no-cache
Vary: Accept-Encoding
X-Cache-Key: http://www.lesleaders.com/turf/topcouple/
X-Cache-Status: BYPASS

GET
H/1.1 200
OK stats-topcouple.vu.cx.html Show response
topcouple.vu.cx/ Frame B346 0
192 B 145ms
121ms Document
text/html 5.135.149.81
OVH

General

Check archive.org

Show headers Download Go to

Full URL: http://topcouple.vu.cx/stats-topcouple.vu.cx.html
Requested by: Host: topcouple.vu.cx
URL: http://topcouple.vu.cx/
Protocol: HTTP/1.1
Server: 5.135.149.81 Le Chesnay, France, ASN16276 (OVH, FR),
Reverse DNS: web3.venez.net
Software: Apache /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: http://topcouple.vu.cx/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36
accept-language: fr-FR,fr;q=0.9

Response headers

Connection: Keep-Alive
Content-Length: 0
Content-Type: text/html; charset=iso-8859-1
Date: Wed, 14 Jun 2023 14:14:19 GMT
Keep-Alive: timeout=5, max=100
Server: Apache

GET
H/1.1 200
OK a1.jpg
www.lesleaders.com/turf/topcouple/images/ Frame 48EF 54 KB
54 KB 56ms
56ms Image
image/jpeg 193.37.145.66
LWS

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://www.lesleaders.com/turf/topcouple/images/a1.jpg
Requested by: Host: www.lesleaders.com
URL: http://www.lesleaders.com/turf/topcouple/
Protocol: HTTP/1.1
Server: 193.37.145.66 , France, ASN210403 (LWS, FR),
Reverse DNS
Software: /
Resource Hash: 5f612f22ad1e20f8991548e8b3027865fb994dc74d8f254d5a4379cd397777bd

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: http://www.lesleaders.com/turf/topcouple/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

Date: Wed, 14 Jun 2023 14:14:19 GMT
Last-Modified: Tue, 17 Aug 2021 14:00:40 GMT
X-Cache-Key: http://www.lesleaders.com/turf/topcouple/images/a1.jpg
ETag: "d742-5c9c1be33eadf"
X-Cache-Status: BYPASS
Content-Type: image/jpeg
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 55106

GET
H/1.1 200
OK logo.gif
www.lesleaders.com/img/ Frame 48EF 30 KB
30 KB 54ms
28ms Image
image/gif 193.37.145.66
LWS

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://www.lesleaders.com/img/logo.gif
Requested by: Host: www.lesleaders.com
URL: http://www.lesleaders.com/turf/topcouple/
Protocol: HTTP/1.1
Server: 193.37.145.66 , France, ASN210403 (LWS, FR),
Reverse DNS
Software: /
Resource Hash: 8c9ff7c5b615fba96821177236b13d95ac0b7b2c67da14f8f3846be6d1b7eb6e

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: http://www.lesleaders.com/turf/topcouple/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

Date: Wed, 14 Jun 2023 14:14:19 GMT
Last-Modified: Thu, 29 Aug 2019 11:44:42 GMT
X-Cache-Key: http://www.lesleaders.com/img/logo.gif
ETag: "7775-5914008050804"
X-Cache-Status: BYPASS
Content-Type: image/gif
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 30581

GET
H/1.1 200
OK zeturf.gif
www.lesleaders.com/turf/topcouple/ Frame 48EF 21 KB
21 KB 50ms
26ms Image
image/gif 193.37.145.66
LWS

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://www.lesleaders.com/turf/topcouple/zeturf.gif
Requested by: Host: www.lesleaders.com
URL: http://www.lesleaders.com/turf/topcouple/
Protocol: HTTP/1.1
Server: 193.37.145.66 , France, ASN210403 (LWS, FR),
Reverse DNS
Software: /
Resource Hash: 801b6007b856e6b14a9772fa15a3e3ac80ee68a6005131685701f9020bbc04b5

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: http://www.lesleaders.com/turf/topcouple/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

Date: Wed, 14 Jun 2023 14:14:19 GMT
Last-Modified: Tue, 17 Aug 2021 14:00:37 GMT
X-Cache-Key: http://www.lesleaders.com/turf/topcouple/zeturf.gif
ETag: "53ab-5c9c1be0420a8"
X-Cache-Status: BYPASS
Content-Type: image/gif
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 21419

GET
H/1.1 200
OK img2.jpg
www.lesleaders.com/turf/topcouple/images/ Frame 48EF 68 KB
68 KB 51ms
27ms Image
image/jpeg 193.37.145.66
LWS

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://www.lesleaders.com/turf/topcouple/images/img2.jpg
Requested by: Host: www.lesleaders.com
URL: http://www.lesleaders.com/turf/topcouple/
Protocol: HTTP/1.1
Server: 193.37.145.66 , France, ASN210403 (LWS, FR),
Reverse DNS
Software: /
Resource Hash: 5c5ab61051be558678cb833560ea4e6b014eef6f09e6df38ddfca91c8c927261

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: http://www.lesleaders.com/turf/topcouple/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

Date: Wed, 14 Jun 2023 14:14:19 GMT
Last-Modified: Tue, 17 Aug 2021 14:00:43 GMT
X-Cache-Key: http://www.lesleaders.com/turf/topcouple/images/img2.jpg
ETag: "10fa4-5c9c1be5ffbf8"
X-Cache-Status: BYPASS
Content-Type: image/jpeg
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 69540

GET
H/1.1 200
OK checkout.apu Show response
payment.allopass.com/buy/ Frame 48EF 11 KB
4 KB 532ms
408ms Script
text/html 185.119.26.1
WEBDEVIIN-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://payment.allopass.com/buy/checkout.apu?ids=357179&idd=1558072&lang=fr
Requested by: Host: www.lesleaders.com
URL: http://www.lesleaders.com/turf/topcouple/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 185.119.26.1 , France, ASN203544 (WEBDEVIIN-AS, FR),
Reverse DNS: 1.26.119.185.in-addr.arpa
Software: Apache /
Resource Hash: a24e3346a6e2b965727afe9773b9284dbae82a99a329930ed4d22e8492460b0e

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: http://www.lesleaders.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

Pragma: no-cache
Date: Wed, 14 Jun 2023 14:14:19 GMT
Content-Encoding: gzip
Server: Apache
Vary: Accept-Encoding
P3P: CP='NON NID OTPa OUR NOR' policy-ref='http://payment.allopass.com/info/p3p/policy-references.xml'
Content-Type: text/html
Cache-Control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
Connection: close
Content-Length: 2960
Expires: Thu, 19 Nov 1981 08:52:00 GMT

GET
H/1.1 200
OK script.php Show response
script.starpass.fr/ Frame 48EF 25 B
289 B 175ms
44ms Script
text/html 194.0.255.28
NEO-ASN legacy Ne...

General

Check archive.org

Show headers Download Go to

Full URL: https://script.starpass.fr/script.php?idd=443716&datas=
Requested by: Host: www.lesleaders.com
URL: http://www.lesleaders.com/turf/topcouple/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 194.0.255.28 , France, ASN8218 (NEO-ASN legacy Neotelecoms, FR),
Reverse DNS: srv28.bdmultimedia.fr
Software: Apache /
Resource Hash: a0710d7ae8f4a0ab076452dc7c3882b1c553ee11603bc5f9cf9dce10400ae1ce

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: http://www.lesleaders.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

Date: Wed, 14 Jun 2023 14:13:32 GMT
Content-Encoding: gzip
Server: Apache
Vary: Accept-Encoding,User-Agent
Content-Type: text/html; charset=UTF-8
Connection: Keep-Alive
Keep-Alive: timeout=2, max=100
Content-Length: 43

GET
H/1.1 200
OK img1a.jpg
www.lesleaders.com/turf/topcouple/images/ Frame 48EF 90 KB
90 KB 52ms
28ms Image
image/jpeg 193.37.145.66
LWS

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://www.lesleaders.com/turf/topcouple/images/img1a.jpg
Requested by: Host: www.lesleaders.com
URL: http://www.lesleaders.com/turf/topcouple/
Protocol: HTTP/1.1
Server: 193.37.145.66 , France, ASN210403 (LWS, FR),
Reverse DNS
Software: /
Resource Hash: 0b78fa0ce366b66b8932c56c3af7ec7edbf58a72c5e55c01a1713bb20c7d1ddb

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: http://www.lesleaders.com/turf/topcouple/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

Date: Wed, 14 Jun 2023 14:14:19 GMT
Last-Modified: Tue, 17 Aug 2021 14:00:42 GMT
X-Cache-Key: http://www.lesleaders.com/turf/topcouple/images/img1a.jpg
ETag: "16619-5c9c1be5925fe"
X-Cache-Status: BYPASS
Content-Type: image/jpeg
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 91673

GET
H/1.1 200
OK a2.jpg
www.lesleaders.com/turf/topcouple/images/ Frame 48EF 17 KB
17 KB 385ms
64ms Image
image/jpeg 193.37.145.66
LWS

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://www.lesleaders.com/turf/topcouple/images/a2.jpg
Requested by: Host: www.lesleaders.com
URL: http://www.lesleaders.com/turf/topcouple/
Protocol: HTTP/1.1
Server: 193.37.145.66 , France, ASN210403 (LWS, FR),
Reverse DNS
Software: /
Resource Hash: c112d031665794a10448816efdb20fd55aa258af58adc14cbca9b01d82495b3e

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: http://www.lesleaders.com/turf/topcouple/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

Date: Wed, 14 Jun 2023 14:14:20 GMT
Last-Modified: Tue, 17 Aug 2021 14:00:40 GMT
X-Cache-Key: http://www.lesleaders.com/turf/topcouple/images/a2.jpg
ETag: "43b2-5c9c1be31b860"
X-Cache-Status: BYPASS
Content-Type: image/jpeg
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 17330

GET
H/1.1 200
OK /
www.lesleaders.com/turf/topcouple/ Frame 48EF 11 KB
11 KB 38ms
36ms Image
text/html 193.37.145.66
LWS

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://www.lesleaders.com/turf/topcouple/
Requested by: Host: www.lesleaders.com
URL: http://www.lesleaders.com/turf/topcouple/
Protocol: HTTP/1.1
Server: 193.37.145.66 , France, ASN210403 (LWS, FR),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: http://www.lesleaders.com/turf/topcouple/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

Pragma: no-cache
Date: Wed, 14 Jun 2023 14:14:19 GMT
Content-Encoding: gzip
X-Cache-Key: http://www.lesleaders.com/turf/topcouple/
X-Cache-Status: BYPASS
Vary: Accept-Encoding
Content-Type: text/html; charset=UTF-8
Cache-Control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
Connection: keep-alive
Content-Length: 2834
Expires: Thu, 19 Nov 1981 08:52:00 GMT

GET
H/1.1 200
OK site.js Show response
www.venez.fr/js/ Frame 7A0F 2 KB
1 KB 140ms
25ms Script
application/javascript 5.135.149.81
OVH

General

Check archive.org

Show headers Download Go to

Full URL: https://www.venez.fr/js/site.js?www.venez.fr
Requested by: Host: topcouple.vu.cx
URL: http://topcouple.vu.cx/barre-topcouple.vu.cx.html
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 5.135.149.81 Le Chesnay, France, ASN16276 (OVH, FR),
Reverse DNS: web3.venez.net
Software: Apache /
Resource Hash: 0c91a24c2deb753c963c48cd9c3e5d16ee96128b30bce193c4324e121728c306

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: http://topcouple.vu.cx/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

Date: Wed, 14 Jun 2023 14:14:19 GMT
Content-Encoding: gzip
Last-Modified: Wed, 14 Jun 2023 14:14:19 GMT
Server: Apache
Vary: Accept-Encoding
Content-Type: application/javascript
Cache-Control: public, max-age=604800
Connection: Keep-Alive
Keep-Alive: timeout=5, max=100
Content-Length: 1023
Expires: Wed, 21 Jun 2023 14:14:19 GMT

GET
H/1.1 200
OK separateur90.gif
www.venez.fr/images/ Frame 7A0F 82 B
388 B 140ms
25ms Image
image/gif 5.135.149.81
OVH

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.venez.fr/images/separateur90.gif
Requested by: Host: topcouple.vu.cx
URL: http://topcouple.vu.cx/barre-topcouple.vu.cx.html
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 5.135.149.81 Le Chesnay, France, ASN16276 (OVH, FR),
Reverse DNS: web3.venez.net
Software: Apache /
Resource Hash: 3289fc83b622ca0a13683fa81b006a05de135d1938744d6e30e5c9be2f2d782a

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: http://topcouple.vu.cx/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

Date: Wed, 14 Jun 2023 14:14:19 GMT
Last-Modified: Thu, 15 Nov 2018 22:11:22 GMT
Server: Apache
ETag: "52-57abb54b25680"
Content-Type: image/gif
Cache-Control: max-age=604800, public
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=100
Content-Length: 82

GET
H/1.1 200
OK adsbygoogle.js Show response
pagead2.googlesyndication.com/pagead/js/ Frame 7A0F 137 KB
50 KB 146ms
118ms Script
text/javascript 2a00:1450:4001:810::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

http://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js

Requested by

Host: topcouple.vu.cx
URL: http://topcouple.vu.cx/barre-topcouple.vu.cx.html

Protocol

HTTP/1.1

Server

2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

4b2af90c0f04c8808e6806cb82a5803b6e7f0994cf2cd84b733c9c8e1015d337

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: http://topcouple.vu.cx/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

Date: Wed, 14 Jun 2023 14:14:20 GMT
Content-Encoding: gzip
X-Content-Type-Options: nosniff
P3P: policyref="http://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
Cross-Origin-Resource-Policy: cross-origin
Content-Disposition: attachment; filename="f.txt"
Content-Length: 50314
X-XSS-Protection: 0
Server: cafe
ETag: 14057933753823015583
Vary: Accept-Encoding
Content-Type: text/javascript; charset=UTF-8
Access-Control-Allow-Origin: *
Cache-Control: private, max-age=3600
Timing-Allow-Origin: *
Expires: Wed, 14 Jun 2023 14:14:20 GMT

GET
H/1.1 200
OK arm.jpg
www.lesleaders.com/turf/topcouple/images/ Frame 48EF 4 KB
4 KB 101ms
25ms Image
image/jpeg 193.37.145.66
LWS

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://www.lesleaders.com/turf/topcouple/images/arm.jpg
Requested by: Host: www.lesleaders.com
URL: http://www.lesleaders.com/turf/topcouple/
Protocol: HTTP/1.1
Server: 193.37.145.66 , France, ASN210403 (LWS, FR),
Reverse DNS
Software: /
Resource Hash: 18afbb827530ab5aa1c4a9ae99726259a20db6cea3c92fe70521cf3051956ef8

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: http://www.lesleaders.com/turf/topcouple/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

Date: Wed, 14 Jun 2023 14:14:19 GMT
Last-Modified: Tue, 17 Aug 2021 14:00:40 GMT
X-Cache-Key: http://www.lesleaders.com/turf/topcouple/images/arm.jpg
ETag: "10bb-5c9c1be3a14f9"
X-Cache-Status: BYPASS
Content-Type: image/jpeg
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 4283

GET
H/1.1 404
Not Found course.jpg
www.lesleaders.com/turf/topcouple/medias/ Frame 48EF 1 KB
1 KB 76ms
55ms Image
text/html 193.37.145.66
LWS

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://www.lesleaders.com/turf/topcouple/medias/course.jpg
Requested by: Host: www.lesleaders.com
URL: http://www.lesleaders.com/turf/topcouple/
Protocol: HTTP/1.1
Server: 193.37.145.66 , France, ASN210403 (LWS, FR),
Reverse DNS
Software: /
Resource Hash: 7beddacd8e604a82f931e120557fd4e25fbe9c0b4d9aead927e1b588d3e59663

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: http://www.lesleaders.com/turf/topcouple/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

Date: Wed, 14 Jun 2023 14:14:19 GMT
Content-Encoding: gzip
Connection: keep-alive
Transfer-Encoding: chunked
Content-Type: text/html

GET
H/1.1 200
OK arnum.png
www.lesleaders.com/turf/topcouple/images/ Frame 48EF 32 KB
32 KB 200ms
26ms Image
image/png 193.37.145.66
LWS

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://www.lesleaders.com/turf/topcouple/images/arnum.png
Requested by: Host: www.lesleaders.com
URL: http://www.lesleaders.com/turf/topcouple/
Protocol: HTTP/1.1
Server: 193.37.145.66 , France, ASN210403 (LWS, FR),
Reverse DNS
Software: /
Resource Hash: 6e4bdaf71020d0a543a882af40794dde5192da22ca839c7cf46f608a21e680e6

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: http://www.lesleaders.com/turf/topcouple/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

Date: Wed, 14 Jun 2023 14:14:20 GMT
Last-Modified: Tue, 17 Aug 2021 14:00:41 GMT
X-Cache-Key: http://www.lesleaders.com/turf/topcouple/images/arnum.png
ETag: "805e-5c9c1be3f0695"
X-Cache-Status: BYPASS
Content-Type: image/png
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 32862

GET
H/1.1 200
OK alternate-barre.htm Show response
www.venez.fr/ Frame 23B7 2 KB
1 KB 33ms
33ms Document
text/html 5.135.149.81
OVH

General

Check archive.org

Show headers Download Go to

Full URL: https://www.venez.fr/alternate-barre.htm
Requested by: Host: topcouple.vu.cx
URL: http://topcouple.vu.cx/barre-topcouple.vu.cx.html
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 5.135.149.81 Le Chesnay, France, ASN16276 (OVH, FR),
Reverse DNS: web3.venez.net
Software: Apache /
Resource Hash: 20eec737487790343020c4f1890e2d671ce133472e5b65a4a82a752c6f402444

Request headers

Referer: http://topcouple.vu.cx/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36
accept-language: fr-FR,fr;q=0.9

Response headers

Connection: Keep-Alive
Content-Encoding: gzip
Content-Length: 875
Content-Type: text/html; charset=iso-8859-1
Date: Wed, 14 Jun 2023 14:14:19 GMT
Keep-Alive: timeout=5, max=99
Server: Apache
Vary: Accept-Encoding

GET
H/1.1 200
OK barre90.gif
www.venez.fr/images/ Frame 7A0F 110 B
416 B 37ms
37ms Image
image/gif 5.135.149.81
OVH

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.venez.fr/images/barre90.gif
Requested by: Host: topcouple.vu.cx
URL: http://topcouple.vu.cx/barre-topcouple.vu.cx.html
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 5.135.149.81 Le Chesnay, France, ASN16276 (OVH, FR),
Reverse DNS: web3.venez.net
Software: Apache /
Resource Hash: 49d4ba84e10d9d1f2a83956dde4f20625fd11efc01f60a3a4552a9e09a05a74f

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: http://topcouple.vu.cx/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

Date: Wed, 14 Jun 2023 14:14:19 GMT
Last-Modified: Thu, 15 Nov 2018 22:06:23 GMT
Server: Apache
ETag: "6e-57abb42dff5c0"
Content-Type: image/gif
Cache-Control: max-age=604800, public
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=99
Content-Length: 110

GET
H/1.1 200
OK 120x60.gif
www.venez.fr/images/ Frame 23B7 4 KB
4 KB 27ms
26ms Image
image/gif 5.135.149.81
OVH

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.venez.fr/images/120x60.gif
Requested by: Host: www.venez.fr
URL: https://www.venez.fr/alternate-barre.htm
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 5.135.149.81 Le Chesnay, France, ASN16276 (OVH, FR),
Reverse DNS: web3.venez.net
Software: Apache /
Resource Hash: 7dc792d48132ff15a9ad8c11a139bf26f8e13aa3df30a71582ae406ddffdab4f

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://www.venez.fr/alternate-barre.htm
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

Date: Wed, 14 Jun 2023 14:14:19 GMT
Last-Modified: Wed, 02 Mar 2011 00:16:24 GMT
Server: Apache
ETag: "f4c-49d74d2b9c600"
Content-Type: image/gif
Cache-Control: max-age=604800, public
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=98
Content-Length: 3916

GET
H/1.1 200
OK site.js Show response
www.venez.fr/js/ Frame 23B7 2 KB
1 KB 28ms
27ms Script
application/javascript 5.135.149.81
OVH

General

Check archive.org

Show headers Download Go to

Full URL: https://www.venez.fr/js/site.js?www.venez.fr
Requested by: Host: www.venez.fr
URL: https://www.venez.fr/alternate-barre.htm
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 5.135.149.81 Le Chesnay, France, ASN16276 (OVH, FR),
Reverse DNS: web3.venez.net
Software: Apache /
Resource Hash: 0c91a24c2deb753c963c48cd9c3e5d16ee96128b30bce193c4324e121728c306

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://www.venez.fr/alternate-barre.htm
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

Date: Wed, 14 Jun 2023 14:14:19 GMT
Content-Encoding: gzip
Last-Modified: Wed, 14 Jun 2023 14:14:19 GMT
Server: Apache
Vary: Accept-Encoding
Content-Type: application/javascript
Cache-Control: public, max-age=604800
Connection: Keep-Alive
Keep-Alive: timeout=5, max=98
Content-Length: 1023
Expires: Wed, 21 Jun 2023 14:14:19 GMT

GET
H/1.1 200
OK barre90.gif
www.venez.fr/images/ Frame 23B7 110 B
416 B 44ms
25ms Image
image/gif 5.135.149.81
OVH

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.venez.fr/images/barre90.gif
Requested by: Host: www.venez.fr
URL: https://www.venez.fr/alternate-barre.htm
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 5.135.149.81 Le Chesnay, France, ASN16276 (OVH, FR),
Reverse DNS: web3.venez.net
Software: Apache /
Resource Hash: 49d4ba84e10d9d1f2a83956dde4f20625fd11efc01f60a3a4552a9e09a05a74f

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://www.venez.fr/alternate-barre.htm
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

Date: Wed, 14 Jun 2023 14:14:19 GMT
Last-Modified: Thu, 15 Nov 2018 22:06:23 GMT
Server: Apache
ETag: "6e-57abb42dff5c0"
Content-Type: image/gif
Cache-Control: max-age=604800, public
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=97
Content-Length: 110

GET
H2 200 show_ads_impl_with_ama_fy2021.js Show response
pagead2.googlesyndication.com/pagead/managed/js/adsense/m202306080101/ Frame 7A0F 352 KB
118 KB 156ms
98ms Script
text/javascript 2a00:1450:4001:810::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202306080101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-5203714787387788&plah=topcouple.vu.cx

Requested by

Host: pagead2.googlesyndication.com
URL: http://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

c647fb4d9eabd4165b4a9bfe7c83cee9bc5037a40c8578834c37090997e4bf9f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: http://topcouple.vu.cx/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date: Wed, 14 Jun 2023 14:14:20 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 120778
x-xss-protection: 0
server: cafe
etag: 4071592939994971377
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=3600, stale-while-revalidate=3600
timing-allow-origin: *
expires: Wed, 14 Jun 2023 14:14:20 GMT

GET
H2 200 zrt_lookup.html Show response
googleads.g.doubleclick.net/pagead/html/r20230613/r20190131/ Frame E8A4 10 KB
5 KB 81ms
24ms Document
text/html 2a00:1450:4001:810::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/html/r20230613/r20190131/zrt_lookup.html

Requested by

Host: pagead2.googlesyndication.com
URL: http://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

eb7a209e3af2f5e7045a326f81414b39f02551eb158e859c190a7a84db7c4d5d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: http://topcouple.vu.cx/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36
accept-language: fr-FR,fr;q=0.9

Response headers

age: 79545
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=1209600
content-encoding: br
content-length: 4540
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Tue, 13 Jun 2023 16:08:35 GMT
etag: 15057649708203361565
expires: Tue, 27 Jun 2023 16:08:35 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 gtm.js Show response
www.googletagmanager.com/ Frame 48EF 129 KB
50 KB 96ms
38ms Script
application/javascript 2a00:1450:4001:80b::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtm.js?id=GTM-NHFGDSD

Requested by

Host: payment.allopass.com
URL: https://payment.allopass.com/buy/checkout.apu?ids=357179&idd=1558072&lang=fr

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80b::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

3051fa7acfcd44ec9e50f9cb205f763df18ae4d17694329951808d2b026bd067

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: http://www.lesleaders.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date: Wed, 14 Jun 2023 14:14:20 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 50944
x-xss-protection: 0
last-modified: Wed, 14 Jun 2023 12:00:00 GMT
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Wed, 14 Jun 2023 14:14:20 GMT

GET
H/1.1 200
OK buy-button.css
payment.allopass.com/static/css/ Frame 48EF 2 KB
830 B 55ms
19ms Stylesheet
text/css 185.119.26.1
WEBDEVIIN-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://payment.allopass.com/static/css/buy-button.css?1
Requested by: Host: payment.allopass.com
URL: https://payment.allopass.com/buy/checkout.apu?ids=357179&idd=1558072&lang=fr
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 185.119.26.1 , France, ASN203544 (WEBDEVIIN-AS, FR),
Reverse DNS: 1.26.119.185.in-addr.arpa
Software: Apache /
Resource Hash: 95eb15e76b752a9c78d6281cd3b7c43a8fbc2931783edf3bf3703af55eff06e2

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: http://www.lesleaders.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

Date: Wed, 14 Jun 2023 14:14:20 GMT
Content-Encoding: gzip
Last-Modified: Tue, 16 Nov 2021 13:36:55 GMT
Server: Apache
ETag: "215fd-69a-5d0e804cbabc0"
Vary: Accept-Encoding
Content-Type: text/css
Connection: close
Accept-Ranges: bytes
Content-Length: 546

GET
H/1.1 200
OK 162x56.png
payment.allopass.com/static/buy/button/fr/ Frame 48EF 6 KB
6 KB 55ms
20ms Image
image/png 185.119.26.1
WEBDEVIIN-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://payment.allopass.com/static/buy/button/fr/162x56.png
Requested by: Host: www.lesleaders.com
URL: http://www.lesleaders.com/turf/topcouple/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 185.119.26.1 , France, ASN203544 (WEBDEVIIN-AS, FR),
Reverse DNS: 1.26.119.185.in-addr.arpa
Software: Apache /
Resource Hash: 7dd9659e56e92abc376e04d427903b2cfca1d52d854d38e35fefa4cf9e7fd9db

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: http://www.lesleaders.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

Date: Wed, 14 Jun 2023 14:14:20 GMT
Last-Modified: Tue, 16 Nov 2021 13:36:55 GMT
Server: Apache
ETag: "218f3-1688-5d0e804cbabc0"
Content-Type: image/png
Connection: close
Accept-Ranges: bytes
Content-Length: 5768

GET
H/1.1 200
OK bt_ok.gif
payment.allopass.com/imgweb/common/ Frame 48EF 753 B
991 B 56ms
19ms Image
image/gif 185.119.26.1
WEBDEVIIN-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://payment.allopass.com/imgweb/common/bt_ok.gif
Requested by: Host: www.lesleaders.com
URL: http://www.lesleaders.com/turf/topcouple/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 185.119.26.1 , France, ASN203544 (WEBDEVIIN-AS, FR),
Reverse DNS: 1.26.119.185.in-addr.arpa
Software: Apache /
Resource Hash: d1d6b5efe0d6c2540778435a8f7873cbec1eb76a2b107370388a8806cb5dda6a

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: http://www.lesleaders.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

Date: Wed, 14 Jun 2023 14:14:20 GMT
Last-Modified: Tue, 26 Nov 2019 14:39:46 GMT
Server: Apache
ETag: "23384-2f1-59840d9fb3080"
Content-Type: image/gif
Connection: close
Accept-Ranges: bytes
Content-Length: 753

GET
H2 200 cookie.js Show response
partner.googleadservices.com/gampad/ Frame 7A0F 377 B
599 B 90ms
33ms Script
text/javascript 2a00:1450:4001:82b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://partner.googleadservices.com/gampad/cookie.js?domain=topcouple.vu.cx&callback=_gfp_s_&client=ca-pub-5203714787387788

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202306080101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-5203714787387788&plah=topcouple.vu.cx

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

143228a20c996305219117620512d34b652a516adcd555dc778ab83302bf81e6

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: http://topcouple.vu.cx/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date: Wed, 14 Jun 2023 14:14:20 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-type: text/javascript; charset=UTF-8
cache-control: private
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 247
x-xss-protection: 0

GET
H2 200 integrator.js Show response
adservice.google.com/adsid/ Frame 7A0F 107 B
456 B 96ms
33ms Script
application/javascript 2a00:1450:4001:811::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.com/adsid/integrator.js?domain=topcouple.vu.cx

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:811::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: http://topcouple.vu.cx/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date: Wed, 14 Jun 2023 14:14:20 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
content-type: application/javascript; charset=UTF-8
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 100
x-xss-protection: 0

GET
H2 200 ads Show response
googleads.g.doubleclick.net/pagead/ Frame 5C8D 82 KB
38 KB 447ms
446ms Document
text/html 2a00:1450:4001:810::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5203714787387788&output=html&h=90&slotname=4563536207&adk=2647235303&adf=3604715433&pi=t.ma~as.4563536207&w=970&format=970x90&url=http%3A%2F%2Ftopcouple.vu.cx%2F&ea=0&wgl=1&dt=1686752060210&bpp=4&bdt=361&idt=263&shv=r20230613&mjsv=m202306080101&ptt=9&saldr=aa&correlator=3747147395331&frm=23&ife=1&pv=2&ga_vid=586785074.1686752060&ga_sid=1686752060&ga_hid=1894332112&ga_fc=0&nhd=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&adx=20&ady=0&biw=1600&bih=1200&isw=1600&ish=90&ifk=1976710827&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759842%2C31071755%2C44788441&oid=2&pvsid=103952074307801&tmod=704952778&uas=0&nvt=1&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C90&vis=1&rsz=o%7Co%7CaeE%7C&abl=NA&pfx=0&fu=4&bc=23&ifi=1&uci=1.jk5ntlx10fsa&fsb=1&dtd=282

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

6da2be8bb0274c59db51f59ceacdfbaa20d9489240711f856d9e1734349eb675

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: http://topcouple.vu.cx/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36
accept-language: fr-FR,fr;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private
content-encoding: br
content-length: 38496
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Wed, 14 Jun 2023 14:14:20 GMT
expires: Wed, 14 Jun 2023 14:14:20 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 analytics.js Show response
www.google-analytics.com/ Frame 48EF 51 KB
21 KB 84ms
26ms Script
text/javascript 2a00:1450:4001:829::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/analytics.js

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-NHFGDSD

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:829::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

e7b90d32907f89c49e9e2a2ccca95133277f756f13a14187936d9b948ff67b44

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: http://www.lesleaders.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

strict-transport-security: max-age=10886400; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
date: Wed, 14 Jun 2023 13:04:48 GMT
last-modified: Mon, 17 Apr 2023 22:36:01 GMT
server: Golfe2
age: 4172
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=7200
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 20737
expires: Wed, 14 Jun 2023 15:04:48 GMT

GET
H3 200 gen_204
pagead2.googlesyndication.com/pagead/ Frame 5C8D 42 B
63 B 61ms
60ms Image
image/gif 2a00:1450:4001:810::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=xbid&dbm_b=AKAmf-ARSL4ZI5m6iRYg4hgMWHanE-9oJ1P6Bn37c5FWxxcTrtKjCf3C8FvHv4CSEOd0h7UPOhqC_2lX34ZHYgH0LHJqkqrO10vPgWfeJ3pX4bF9QdGM9DA

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5203714787387788&output=html&h=90&slotname=4563536207&adk=2647235303&adf=3604715433&pi=t.ma~as.4563536207&w=970&format=970x90&url=http%3A%2F%2Ftopcouple.vu.cx%2F&ea=0&wgl=1&dt=1686752060210&bpp=4&bdt=361&idt=263&shv=r20230613&mjsv=m202306080101&ptt=9&saldr=aa&correlator=3747147395331&frm=23&ife=1&pv=2&ga_vid=586785074.1686752060&ga_sid=1686752060&ga_hid=1894332112&ga_fc=0&nhd=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&adx=20&ady=0&biw=1600&bih=1200&isw=1600&ish=90&ifk=1976710827&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759842%2C31071755%2C44788441&oid=2&pvsid=103952074307801&tmod=704952778&uas=0&nvt=1&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C90&vis=1&rsz=o%7Co%7CaeE%7C&abl=NA&pfx=0&fu=4&bc=23&ifi=1&uci=1.jk5ntlx10fsa&fsb=1&dtd=282

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 14 Jun 2023 14:14:20 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 pixel Show response
googleads.g.doubleclick.net/xbbe/ Frame 39CB 624 B
246 B 71ms
70ms Document
text/html 2a00:1450:4001:810::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/xbbe/pixel?d=CMCe2QEQ1rr1Ahjbp9nhATAB&v=APEucNW43wbECgmr1k40a5UiNvkneMVnuyINR74CJYv2ieUOPvEntv-wmG6E6et1lX1ZNstDf01DnYvRCYmK5NaEsMWk9SzCSuUsLgW6GN_Ah36eKGg_8O0mCMxkmYGs3ltzH7yFXpCb67KSl00IvJokv7DtA7VT0yqMSWAvDwvO4SJYwCWbu38

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

9ff367082be1d94abc86ad1e75ff921cc5d53846e860267372fade66305f9120

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5203714787387788&output=html&h=90&slotname=4563536207&adk=2647235303&adf=3604715433&pi=t.ma~as.4563536207&w=970&format=970x90&url=http%3A%2F%2Ftopcouple.vu.cx%2F&ea=0&wgl=1&dt=1686752060210&bpp=4&bdt=361&idt=263&shv=r20230613&mjsv=m202306080101&ptt=9&saldr=aa&correlator=3747147395331&frm=23&ife=1&pv=2&ga_vid=586785074.1686752060&ga_sid=1686752060&ga_hid=1894332112&ga_fc=0&nhd=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&adx=20&ady=0&biw=1600&bih=1200&isw=1600&ish=90&ifk=1976710827&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759842%2C31071755%2C44788441&oid=2&pvsid=103952074307801&tmod=704952778&uas=0&nvt=1&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C90&vis=1&rsz=o%7Co%7CaeE%7C&abl=NA&pfx=0&fu=4&bc=23&ifi=1&uci=1.jk5ntlx10fsa&fsb=1&dtd=282
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36
accept-language: fr-FR,fr;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private
content-encoding: br
content-length: 222
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Wed, 14 Jun 2023 14:14:21 GMT
expires: Wed, 14 Jun 2023 14:14:21 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 abg_lite_fy2021.js Show response
pagead2.googlesyndication.com/pagead/js/r20230613/r20110914/ Frame 5C8D 22 KB
9 KB 28ms
27ms Script
text/javascript 2a00:1450:4001:810::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/r20230613/r20110914/abg_lite_fy2021.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

854f47fda466ed9d7e0d438a80c3f7049575d373d5887aca71313da2b795c739

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date: Tue, 13 Jun 2023 15:45:32 GMT
content-encoding: br
x-content-type-options: nosniff
age: 80928
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 8931
x-xss-protection: 0
server: cafe
etag: 12022837384336330993
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Tue, 27 Jun 2023 15:45:32 GMT

GET
H3 200 omrhp_fy2021.js Show response
pagead2.googlesyndication.com/pagead/js/r20230613/r20110914/elements/html/ Frame 5C8D 7 KB
3 KB 26ms
26ms Script
text/javascript 2a00:1450:4001:810::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/r20230613/r20110914/elements/html/omrhp_fy2021.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

eb97ae42500ac290cc6b1e1c63b0784a790777a63883f57ee7f418b09f448657

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date: Tue, 13 Jun 2023 15:46:37 GMT
content-encoding: br
x-content-type-options: nosniff
age: 80863
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 3046
x-xss-protection: 0
server: cafe
etag: 8710410791850112160
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Tue, 27 Jun 2023 15:46:37 GMT

GET
H2 200 view
googleads4.g.doubleclick.net/pcs/ Frame 5C8D 0
0 137ms
65ms Fetch
image/gif 142.250.186.162
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads4.g.doubleclick.net/pcs/view?xai=AKAOjssAA77SYsgXZdxm1v2Tk5dC1MkwdllykVIXKWESHylyo4P1oUipgo1NCMSBgZ8MRH9_0yo5XswgqE2LCYN68XcYSprFJszauyoubfbPpzCKaiY7KFpAL_N5e-WdIqBHSCWd9huhVfDglFNLQKPDxdL9iTiV7y_BBn9MFQgA1QUm3R4hmnTMgNTXa2e35069ftkAzteHF7YCwDmld0rXeTEl_TgS85KM1caEOxutVIx0U_pbhfJgRPzM-0qvJq3AqU0iy1txk9PRbYq32CtoeKGwe8EEzrFu8nPSoM6L4nYT_Lk9ao_0YqsSYwYkZJ_ZzbK8uDpogWkSZ7gDUBxbsrXNBKQbt-DUShAG746w8xrStf9JE6F7xbnVAYer7OSCYmOEaCRqXnjjxV5DanAYBCayOnlSCw3u6-2b48zFpnZVd6hS6E8YK7AywIO2_6e_-xiF5wc7o1Jxf6vE8l_a83tpVPDsz3G_sDg37s6q_abWCJc9Jrivh2_BMm2uQYj5c3JYgbt7SknEIWoegkVGRbSVS5TgCNql_d3xEpLqmAMQ_X1RTO-oE4K7f5txDs4bpf3fVw3sQszMTsdu_Vx9lRxZi0HxWo6cBgzt2-PKKYkbBrtyPktmafAP0ca4VuyOQA0O0bP5xq6dW_QlZ_w1rzDl93XeDk3TEFbECcKLbpE-Qx3j_Yu_5r-OcPRn5KSY9EM3Hns2LliXGTAd9OQEI53Pp272dcicLlyn6k0TMImTHxwRsmidgN-RlLLcbshyfhFdfKhy5_Fe-ObAPhwbLDQRPWLEsKZeTT7C0c_Xb92jUgvk1_4N2n90rsywgJYaKb8sq7IM_6gFL4T7I75IdiwrEiSlxqsNaOAiYUGbncvAQda-E0-Z4WFXeGga_xwRHj-MM1sKPEKVYgWT7GfOhTpbvgPAQF9ALLGNOrYv1l2DOsv_J7RFItQ4n3iAYS7EPjQDxFjsQZxQlrpYKMvxHJovoKLWMXNPzH6ea5VUE2K6-Gk9szkJ_d5F4RWog4U0DjDgiol7XgzWu94Rs1B1lnjnxBvVUIgFzg20xCgZzZFSbkoDJMjTasuCRAL9D9ovAgTw1Rj36qOGFt6j7YQiBbqQxcEhG93-1ywhQW6w9gZP2w8iGWM2fCA_eEGCkUPHtVfOQpWt9ZhnFzwHjxQ4gWdjBGRvGMuVL2un3CZNEFooSnMHzvrr1PoDqDTAyIEUKTvYW5mcWQhOhV17b7bHshsqO3K1YSyGU4D5xmiE4I9ixHzpQVjwwm5YlMXBccUlLZuau0_a1TG6-GbS7kb1yDlQAAq2aBPvLNcI&sai=AMfl-YTULm-dQHnC-2HO45_Kg7Romm45aYyXOipSDvrqFFj8LkP5tiHWjagOTqQfO2sbjpVOwceN3Y9iYgWpESokJZYiTopxGLhzKFSSOrgu4YCaGz1e8aLRCWYiPAI95mG36uZgk_OUIgNMb_jA61r-eGKZYyaC-DLXShRboO20xJAIaz6fyRfzwOYEc7B_1Xb4NC_P1X2CWvA5eL64Oj-E9etao1eT_k4peDF41mYAeDI&sig=Cg0ArKJSzO5r9NrpMFS8EAE&uach_m=[UACH]&pr=missingexchangepricemacro&fbs_aeid=[gw_fbsaeid]&urlfix=1&omid=0&rm=1&ctpt=2&cbvp=1&cstd=1&cisv=r20230613.03565&arae=0&ftch=1&adurl=

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.186.162 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s08-in-f2.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

content-security-policy: script-src 'none'; object-src 'none'
date: Wed, 14 Jun 2023 14:14:21 GMT
x-content-type-options: nosniff
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server: cafe
content-type: image/gif
access-control-allow-origin: *
cache-control: private
access-control-allow-credentials: true
timing-allow-origin: *
expires: Wed, 14 Jun 2023 14:14:21 GMT

GET
H2 200 UFYwWwmt.js Show response
tpc.googlesyndication.com/sodar/ Frame 5C8D 41 KB
15 KB 86ms
27ms Script
text/javascript 2a00:1450:4001:829::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/UFYwWwmt.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:829::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

5056305b09ad6474ea540f796c79be51d6b8e96043cb3d7bc4ef774e56765f4f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date: Tue, 13 Jun 2023 07:39:33 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 110088
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 15207
x-xss-protection: 0
last-modified: Tue, 03 Mar 2020 20:15:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
vary: Accept-Encoding
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 12 Jun 2024 07:39:33 GMT

GET
H2 200 7544495127382546012
s0.2mdn.net/simgad/ Frame 5C8D 16 KB
16 KB 113ms
28ms Image
image/png 2a00:1450:4001:813::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/simgad/7544495127382546012

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:813::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

5ba6062d32c4ac3aa0494c3ef3eb23d6b4dfd71f3a4d69f4245943c36db4c9f8

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date: Tue, 13 Jun 2023 13:41:29 GMT
x-content-type-options: nosniff
age: 88372
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 16172
x-xss-protection: 0
last-modified: Mon, 20 Feb 2023 11:15:52 GMT
server: sffe
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Wed, 12 Jun 2024 13:41:29 GMT

GET
H2 200 window_focus_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230613/r20110914/client/ Frame 5C8D 3 KB
1 KB 104ms
47ms Script
text/javascript 2a00:1450:4001:829::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230613/r20110914/client/window_focus_fy2021.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:829::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date: Tue, 13 Jun 2023 15:45:04 GMT
content-encoding: br
x-content-type-options: nosniff
age: 80957
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1236
x-xss-protection: 0
server: cafe
etag: 15004572836499977866
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Tue, 27 Jun 2023 15:45:04 GMT

GET
H2 200 qs_click_protection_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230613/r20110914/client/ Frame 5C8D 19 KB
8 KB 80ms
24ms Script
text/javascript 2a00:1450:4001:829::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230613/r20110914/client/qs_click_protection_fy2021.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:829::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3521f5e84dbf85e9b7a304002330fbccf347abc9d0a43765a1838336b8a98c0c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date: Tue, 13 Jun 2023 15:45:04 GMT
content-encoding: br
x-content-type-options: nosniff
age: 80957
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 8120
x-xss-protection: 0
server: cafe
etag: 8171891181101138299
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Tue, 27 Jun 2023 15:45:04 GMT

GET
H2 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame 5C8D 176 KB
55 KB 137ms
66ms Script
text/javascript 2a00:1450:4001:811::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:811::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

4b1e1bef92ba957c4648c2118de4eece20ffb8e58eedbb33bce5c2227b46e9ee

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date: Wed, 14 Jun 2023 14:14:21 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 56133
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1686570138914868"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 14 Jun 2023 14:14:21 GMT

GET
H/1.1

200
OK

rum
dsum-sec.casalemedia.com/ Frame 39CB
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_dbm
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEM-5dDXAx7SUyhY_aJhIfKo&google_cver=1
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEM-5dDXAx7SUyhY_aJhIfKo&google_cver=1&C=1

43 B
766 B

23ms
23ms

Image
image/gif

185.80.39.216
CASALE-MEDIA

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEM-5dDXAx7SUyhY_aJhIfKo&google_cver=1&C=1
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CMCe2QEQ1rr1Ahjbp9nhATAB&v=APEucNW43wbECgmr1k40a5UiNvkneMVnuyINR74CJYv2ieUOPvEntv-wmG6E6et1lX1ZNstDf01DnYvRCYmK5NaEsMWk9SzCSuUsLgW6GN_Ah36eKGg_8O0mCMxkmYGs3ltzH7yFXpCb67KSl00IvJokv7DtA7VT0yqMSWAvDwvO4SJYwCWbu38
Protocol: HTTP/1.1
Server: 185.80.39.216 , Canada, ASN27381 (CASALE-MEDIA, CA),
Reverse DNS
Software: Apache /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

Pragma: no-cache
Date: Wed, 14 Jun 2023 14:14:21 GMT
Server: Apache
P3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Content-Type: image/gif
Cache-Control: no-cache
Connection: Keep-Alive
Keep-Alive: timeout=1, max=497
Content-Length: 43
Expires: 0

Redirect headers

Pragma: no-cache
Date: Wed, 14 Jun 2023 14:14:21 GMT
Server: Apache
P3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Location: /rum?cm_dsp_id=45&external_user_id=CAESEM-5dDXAx7SUyhY_aJhIfKo&google_cver=1&C=1
Cache-Control: no-cache
Connection: Keep-Alive
Keep-Alive: timeout=1, max=499
Content-Length: 0
Expires: 0

GET
H/1.1

200
OK

rum
dsum-sec.casalemedia.com/ Frame 39CB
Redirect Chain

https://dsum-sec.casalemedia.com/rrum?ixi=0&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D
https://dsum-sec.casalemedia.com/rrum?cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D&cm_dsp_id=85&ixi=0&C=1
https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_hm=ZInLPa0skbhS0FG13B5wsgAA
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEM-5dDXAx7SUyhY_aJhIfKo&google_cver=1

43 B
766 B

23ms
23ms

Image
image/gif

185.80.39.216
CASALE-MEDIA

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEM-5dDXAx7SUyhY_aJhIfKo&google_cver=1
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CMCe2QEQ1rr1Ahjbp9nhATAB&v=APEucNW43wbECgmr1k40a5UiNvkneMVnuyINR74CJYv2ieUOPvEntv-wmG6E6et1lX1ZNstDf01DnYvRCYmK5NaEsMWk9SzCSuUsLgW6GN_Ah36eKGg_8O0mCMxkmYGs3ltzH7yFXpCb67KSl00IvJokv7DtA7VT0yqMSWAvDwvO4SJYwCWbu38
Protocol: HTTP/1.1
Server: 185.80.39.216 , Canada, ASN27381 (CASALE-MEDIA, CA),
Reverse DNS
Software: Apache /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

Pragma: no-cache
Date: Wed, 14 Jun 2023 14:14:21 GMT
Server: Apache
P3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Content-Type: image/gif
Cache-Control: no-cache
Connection: Keep-Alive
Keep-Alive: timeout=1, max=496
Content-Length: 43
Expires: 0

Redirect headers

pragma: no-cache
date: Wed, 14 Jun 2023 14:14:21 GMT
server: HTTP server (unknown)
content-type: text/html; charset=UTF-8
location: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEM-5dDXAx7SUyhY_aJhIfKo&google_cver=1
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 313
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H/1.1

200
OK

setuid
ib.adnxs.com/ Frame 39CB
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_cm&google_dbm
https://ib.adnxs.com/setuid?entity=101&code=CAESECfEuBGx_UDW5UiHFWpMBlc&google_cver=1

43 B
1 KB

70ms
70ms

Image
image/gif

37.252.171.84
ASN-APPNEX

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ib.adnxs.com/setuid?entity=101&code=CAESECfEuBGx_UDW5UiHFWpMBlc&google_cver=1

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CMCe2QEQ1rr1Ahjbp9nhATAB&v=APEucNW43wbECgmr1k40a5UiNvkneMVnuyINR74CJYv2ieUOPvEntv-wmG6E6et1lX1ZNstDf01DnYvRCYmK5NaEsMWk9SzCSuUsLgW6GN_Ah36eKGg_8O0mCMxkmYGs3ltzH7yFXpCb67KSl00IvJokv7DtA7VT0yqMSWAvDwvO4SJYwCWbu38

Protocol

HTTP/1.1

Server

37.252.171.84 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),

Reverse DNS

1002.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net

Software

nginx/1.23.2 /

Resource Hash

4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

Pragma: no-cache
Date: Wed, 14 Jun 2023 14:14:21 GMT
AN-X-Request-Uuid: 4df0b0ba-93cb-48c8-8e85-71410cdb5872
Server: nginx/1.23.2
Accept-CH: Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
Content-Type: image/gif
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Cache-Control: no-store, no-cache, private
Connection: keep-alive
X-Proxy-Origin: 37.59.164.100; 37.59.164.100; 1002.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net; adnxs.com
Content-Length: 43
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

Redirect headers

pragma: no-cache
date: Wed, 14 Jun 2023 14:14:21 GMT
server: HTTP server (unknown)
content-type: text/html; charset=UTF-8
location: https://ib.adnxs.com/setuid?entity=101&code=CAESECfEuBGx_UDW5UiHFWpMBlc&google_cver=1
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 290
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2

200

pixel
cm.g.doubleclick.net/ Frame 39CB
Redirect Chain

https://ib.adnxs.com/getuid?https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=${BASE64_UID_ENC}
https://ib.adnxs.com/bounce?%2Fgetuid%3Fhttps%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dappnexus%26google_hm%3D%24%7BBASE64_UID_ENC%7D
https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=MTkyNDUyNjA5NTI0ODAwNzcxNw%3D%3D

170 B
243 B

37ms
37ms

Image
image/png

142.250.186.34
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=MTkyNDUyNjA5NTI0ODAwNzcxNw%3D%3D

Requested by

Protocol

Server

142.250.186.34 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s04-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 14 Jun 2023 14:14:21 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Date: Wed, 14 Jun 2023 14:14:21 GMT
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Connection: keep-alive
X-Proxy-Origin: 37.59.164.100; 37.59.164.100; 1002.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net; adnxs.com
Content-Length: 0
X-XSS-Protection: 0
Pragma: no-cache
AN-X-Request-Uuid: 52427326-6272-4504-965c-61054002146a
Server: nginx/1.23.2
Accept-CH: Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
Content-Type: text/html; charset=utf-8
Access-Control-Allow-Origin: *
Location: https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=MTkyNDUyNjA5NTI0ODAwNzcxNw%3D%3D
Cache-Control: no-store, no-cache, private
Access-Control-Allow-Credentials: true
Expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
DATA 200
OK truncated
/ Frame 5C8D 213 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: f9c50aa5f089add064db89b654e0c0e6845d0cde02435b01082463a90b6c280a

Request headers

accept-language: fr-FR,fr;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

Content-Type: image/png

GET
H2 200 Enqz_20U.html Show response
tpc.googlesyndication.com/sodar/ Frame 22A0 22 KB
8 KB 27ms
24ms Document
text/html 2a00:1450:4001:829::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/Enqz_20U.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/UFYwWwmt.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:829::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

127ab3ff6d14112ae6aa40b68d9d3144748eda08efbc60a48a5be0555cf8622b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36
accept-language: fr-FR,fr;q=0.9

Response headers

accept-ranges: bytes
age: 373814
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=31536000
content-encoding: gzip
content-length: 8395
content-type: text/html
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy: cross-origin
date: Sat, 10 Jun 2023 06:24:07 GMT
expires: Sun, 09 Jun 2024 06:24:07 GMT
last-modified: Tue, 03 Mar 2020 20:15:00 GMT
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 view
googleads4.g.doubleclick.net/pcs/ Frame 5C8D 0
0 65ms
65ms Fetch
image/gif 142.250.186.162
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads4.g.doubleclick.net/pcs/view?xai=AKAOjssAA77SYsgXZdxm1v2Tk5dC1MkwdllykVIXKWESHylyo4P1oUipgo1NCMSBgZ8MRH9_0yo5XswgqE2LCYN68XcYSprFJszauyoubfbPpzCKaiY7KFpAL_N5e-WdIqBHSCWd9huhVfDglFNLQKPDxdL9iTiV7y_BBn9MFQgA1QUm3R4hmnTMgNTXa2e35069ftkAzteHF7YCwDmld0rXeTEl_TgS85KM1caEOxutVIx0U_pbhfJgRPzM-0qvJq3AqU0iy1txk9PRbYq32CtoeKGwe8EEzrFu8nPSoM6L4nYT_Lk9ao_0YqsSYwYkZJ_ZzbK8uDpogWkSZ7gDUBxbsrXNBKQbt-DUShAG746w8xrStf9JE6F7xbnVAYer7OSCYmOEaCRqXnjjxV5DanAYBCayOnlSCw3u6-2b48zFpnZVd6hS6E8YK7AywIO2_6e_-xiF5wc7o1Jxf6vE8l_a83tpVPDsz3G_sDg37s6q_abWCJc9Jrivh2_BMm2uQYj5c3JYgbt7SknEIWoegkVGRbSVS5TgCNql_d3xEpLqmAMQ_X1RTO-oE4K7f5txDs4bpf3fVw3sQszMTsdu_Vx9lRxZi0HxWo6cBgzt2-PKKYkbBrtyPktmafAP0ca4VuyOQA0O0bP5xq6dW_QlZ_w1rzDl93XeDk3TEFbECcKLbpE-Qx3j_Yu_5r-OcPRn5KSY9EM3Hns2LliXGTAd9OQEI53Pp272dcicLlyn6k0TMImTHxwRsmidgN-RlLLcbshyfhFdfKhy5_Fe-ObAPhwbLDQRPWLEsKZeTT7C0c_Xb92jUgvk1_4N2n90rsywgJYaKb8sq7IM_6gFL4T7I75IdiwrEiSlxqsNaOAiYUGbncvAQda-E0-Z4WFXeGga_xwRHj-MM1sKPEKVYgWT7GfOhTpbvgPAQF9ALLGNOrYv1l2DOsv_J7RFItQ4n3iAYS7EPjQDxFjsQZxQlrpYKMvxHJovoKLWMXNPzH6ea5VUE2K6-Gk9szkJ_d5F4RWog4U0DjDgiol7XgzWu94Rs1B1lnjnxBvVUIgFzg20xCgZzZFSbkoDJMjTasuCRAL9D9ovAgTw1Rj36qOGFt6j7YQiBbqQxcEhG93-1ywhQW6w9gZP2w8iGWM2fCA_eEGCkUPHtVfOQpWt9ZhnFzwHjxQ4gWdjBGRvGMuVL2un3CZNEFooSnMHzvrr1PoDqDTAyIEUKTvYW5mcWQhOhV17b7bHshsqO3K1YSyGU4D5xmiE4I9ixHzpQVjwwm5YlMXBccUlLZuau0_a1TG6-GbS7kb1yDlQAAq2aBPvLNcI&sai=AMfl-YTULm-dQHnC-2HO45_Kg7Romm45aYyXOipSDvrqFFj8LkP5tiHWjagOTqQfO2sbjpVOwceN3Y9iYgWpESokJZYiTopxGLhzKFSSOrgu4YCaGz1e8aLRCWYiPAI95mG36uZgk_OUIgNMb_jA61r-eGKZYyaC-DLXShRboO20xJAIaz6fyRfzwOYEc7B_1Xb4NC_P1X2CWvA5eL64Oj-E9etao1eT_k4peDF41mYAeDI&sig=Cg0ArKJSzO5r9NrpMFS8EAE&uach_m=[UACH]&pr=missingexchangepricemacro&fbs_aeid=[gw_fbsaeid]&urlfix=1&omid=0&rm=1&ctpt=123&vt=11&dtpt=121&dett=2&cstd=1&cisv=r20230613.03565&arae=0&ftch=1&adurl=

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.186.162 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s08-in-f2.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date: Wed, 14 Jun 2023 14:14:21 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: private
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Wed, 14 Jun 2023 14:14:21 GMT

GET
H3 200 _gLG9aN8cjF7vXKbMeOxmtCOjM8PIsJVPzQXNT2dY7E.js Show response
pagead2.googlesyndication.com/bg/ Frame 22A0 37 KB
14 KB 25ms
25ms Script
text/javascript 2a00:1450:4001:810::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/_gLG9aN8cjF7vXKbMeOxmtCOjM8PIsJVPzQXNT2dY7E.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/Enqz_20U.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

fe02c6f5a37c72317bbd729b31e3b19ad08e8ccf0f22c2553f3417353d9d63b1

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date: Tue, 13 Jun 2023 16:45:43 GMT
content-encoding: br
x-content-type-options: nosniff
age: 77318
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 14773
x-xss-protection: 0
last-modified: Mon, 05 Jun 2023 09:28:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Wed, 12 Jun 2024 16:45:43 GMT

GET
H3 200 sodar Show response
pagead2.googlesyndication.com/getconfig/ Frame 7A0F 14 KB
11 KB 128ms
78ms XHR
application/json 2a00:1450:4001:810::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gda&tv=r20230613&st=env

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

d508fb3ad9903ef433eaff9b6d85858dee428c1c8e93b5f97883ec3d3a15242b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: http://topcouple.vu.cx/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date: Wed, 14 Jun 2023 14:14:21 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
content-type: application/json; charset=UTF-8
access-control-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 11150
x-xss-protection: 0

GET
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame 22A0 0
20 B 65ms
64ms Image
image/gif 2a00:1450:4001:810::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar&v=30&t=2&bgai=BSzK4PMuJZKHWI4ewhQa-_4GYBQAAAAA4AeAEAg&bg=!srGlseXNAAaGYqkwpmI7ADkAdvg8WgUfpvbEM8NP2nwbgVikyzNPoUt9KboHJslByhEwjhGKELwPicnVMK3N0O5RJe6tBY9mRjMCAAAAX1IAAAACaAEHCgAxWWM6L7RwYbDGlb7Nxwz0C94QnJ-IxNSHq2KRhQpFxFs_X1hvwaPOUq8qZSWgVamiwZkDCutzmg04kgqCeiNwQGp5rKPvxtXvgqO9ytetgNS9e53Ano9mqctXysXQk_wfV5r6SmbQHXnbrtsVX6tam4WtkgruBsxqLJFWv5O9X14P0KQUf7DPKyH9geMw4a5QtGW_9KenI5kDFeyUjpgymMwyo7XDj5xfQf9BsVlNcvn_FMUfLD8kd1JwVcgYtXu2jmScySfOt9mId3rV_p-Jv9UpTh3X2C_H2QVv2pK99YggFeKQ09xAEm1DWlARbdHsBY-J5aIfey5tb27RdulSzXAHD4HKKoQACRAVJO_X6xfrW4aelOpIwd1T3qI9CwsCAV_yjK9MrNyt-qlletjjcLt-ZMqqjhkB6HGvBGeRPg-UAJ_SGgjJPWKwPLrko4PLkzwD-0h4fGJgpEDycTNwM1y9Nrpp2ph3N6A9l5E9qLlUZ4Fw0z4uGwVsvjRLWubM-_Hz73QA_z7mMPqjutGBM6bd-cGyDf4SMSb7JhmK1v34c0udvSFb_s0Hghu8SYbUY1cvicVCp646_Fqe0ZjUyLV0P0_uA_ZuLOQZN8YAm_XiRqxNmaaEVPvMp-CPCdtTx6rRBIyxF3-3AXiv6MxFEgIz-GJkj3vtyRwyxxQNYD41cif_cZEWArdm-wKSwTDWOdDRHBzsCvQ83P7nr9qb727a79t1Rqf5zSMugSPKOjThjAC5A9LIZ0DSsufdoA7GqzCWFJ2TWK7digcLQfQQKo5rw7Mfn5TFSH3aiwkqtAveJF743BOPgcwdq37qd5BwBx9do2Fq0oO2n8Q2IXlYOaPTzRusNn6MUxdSmCuiJ--xznq4CEUCy-rv5DntpBSTzDwaeU8EaVLh2fkg6hiF83iC9cb88P94ccGTkC1kBIs2Om4i8BCZXJIf5RcrhCHUi6CcmicMbc0xkbDbdNfukDqAdODzK0qxRAGVA0QMaHEv0kc_DO9-YuhW6x7xzsG3gJFfcmgIVvepdatSYoValQqZqhS6ooDtl36GRjhLdTNL0cRsGKyJlQWh-ekWDO1YQQKLalnxokok2oMOdgk

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 14 Jun 2023 14:14:21 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 sodar2.js Show response
tpc.googlesyndication.com/sodar/ Frame 7A0F 17 KB
6 KB 441ms
441ms Script
text/javascript 2a00:1450:4001:829::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: http://topcouple.vu.cx/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date: Wed, 14 Jun 2023 14:14:21 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 6386
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
etag: "1637097310169751"
vary: Accept-Encoding
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Wed, 14 Jun 2023 14:14:21 GMT

GET
H3 200 runner.html Show response
tpc.googlesyndication.com/sodar/sodar2/225/ Frame 6B71 13 KB
5 KB 25ms
24ms Document
text/html 2a00:1450:4001:829::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: http://topcouple.vu.cx/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36
accept-language: fr-FR,fr;q=0.9

Response headers

accept-ranges: bytes
age: 13717
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=31536000
content-encoding: gzip
content-length: 5046
content-type: text/html
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy: cross-origin
date: Wed, 14 Jun 2023 10:25:44 GMT
expires: Thu, 13 Jun 2024 10:25:44 GMT
last-modified: Mon, 21 Jun 2021 20:47:05 GMT
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server: sffe
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 aframe Show response
www.google.com/recaptcha/api2/ Frame 8444 783 B
1 KB 93ms
35ms Document
text/html 2a00:1450:4001:831::2004
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/recaptcha/api2/aframe

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:831::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

GSE /

Resource Hash

b628f504f701620c57f10783e689a4bc416abf7741eedfeda17b66899bd57bcb

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-JN-6APZUiGMzM1GRIhViSQ' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: http://topcouple.vu.cx/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36
accept-language: fr-FR,fr;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private, max-age=300
content-encoding: gzip
content-length: 515
content-security-policy: script-src 'report-sample' 'nonce-JN-6APZUiGMzM1GRIhViSQ' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-type: text/html; charset=utf-8
cross-origin-embedder-policy: require-corp
cross-origin-resource-policy: cross-origin
date: Wed, 14 Jun 2023 14:14:21 GMT
expires: Wed, 14 Jun 2023 14:14:21 GMT
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
server: GSE
x-content-type-options: nosniff
x-xss-protection: 1; mode=block

GET
H3 200 _gLG9aN8cjF7vXKbMeOxmtCOjM8PIsJVPzQXNT2dY7E.js Show response
pagead2.googlesyndication.com/bg/ Frame 6B71 37 KB
14 KB 25ms
25ms Script
text/javascript 2a00:1450:4001:810::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/_gLG9aN8cjF7vXKbMeOxmtCOjM8PIsJVPzQXNT2dY7E.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

fe02c6f5a37c72317bbd729b31e3b19ad08e8ccf0f22c2553f3417353d9d63b1

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date: Tue, 13 Jun 2023 16:45:43 GMT
content-encoding: br
x-content-type-options: nosniff
age: 77318
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 14773
x-xss-protection: 0
last-modified: Mon, 05 Jun 2023 09:28:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Wed, 12 Jun 2024 16:45:43 GMT

GET
H3 204 sodar
pagead2.googlesyndication.com/pagead/ Frame 8444 0
0 58ms
57ms Image
text/html 2a00:1450:4001:810::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&li=gda_r20230613&jk=103952074307801&rc=
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://www.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

GET
H3 204 generate_204
tpc.googlesyndication.com/ Frame 6B71 0
10 B 25ms
24ms Image
text/plain 2a00:1450:4001:829::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://tpc.googlesyndication.com/generate_204?K8Cvow
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:829::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date: Wed, 14 Jun 2023 14:14:22 GMT
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0

GET
H3 200 activeview Show response
pagead2.googlesyndication.com/pcs/ Frame 5C8D 42 B
64 B 62ms
62ms Fetch
image/gif 2a00:1450:4001:810::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjstVNcsbqZM0RNfeMJF9IXxzO8bqKtzAwcKevVjrybuITPy3F6_o8uTGYn93HWw4nKfMrzgYovEICPpQcLzbuHmbarExXexuKr1_-cXRUSrzxSukj7EGfeZKX8CJBM0VHKqGA373Dez7sG1h&sai=AMfl-YTuJJPaa1TdGoDPISjnbBPfzKhja01eQ2CJDy31vOoJg3XR7rfa_RipwHD7WH71ennloE9yod3MxMjB&sig=Cg0ArKJSzOL3raYbXR-JEAE&cid=CAQSGwBygQiDSYwAbIAJJHIsvOhA6RnUYH06T_xnhhgB&id=lidar2&mcvt=1000&p=0,0,90,970&mtos=1000,1000,1000,1000,1000&tos=1000,0,0,0,0&v=20230612&bin=7&avms=nio&bs=0,0&mc=1&if=1&vu=1&app=0&itpl=20&adk=2647235303&rs=2&la=0&cr=0&vs=4&r=v&rst=1686752060494&rpt=780&met=ie&wmsd=0&pbe=0&vae=0&spb=0&ffslot=0&reach=0&io2=14

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 14 Jun 2023 14:14:22 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 204 sodar
pagead2.googlesyndication.com/pagead/ Frame 7A0F 0
0 64ms
64ms Image
text/html 2a00:1450:4001:810::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&t=2&li=gda_r20230613&jk=103952074307801&bg=!7u2l7bnNAAaGYqkwpmI7ADkAdvg8WgqAD0PFDCi0ToCbLUi_TEKAkFwTYaIYUU462MUXVvFx_z-UBmy-ESZb41HJ7_b5LoVEq3MCAAAAcVIAAAAEaAEHmQMRONGo-RJfuXuC154s00cPKNw0k8AkBYK3D0nIxiF5Pbq_jPRNsCa_wpHEXttkiM6nu1BfYwejR2Mf5q-00eVzRi2-3hGCaINSD9-h7jkH6jyRqaZQSaA1cTw6c4zl1c9NgcCdDcovA-hjBGV36Txf42-Z69tp9VG1Xmx8AsXJMspobJjcWawCT31KX0QbokCnxrxFpllE_13D58iqOU9cgaZWu-158tSAY7168i9-mfZKhmn1uHVTxI5wyoE3CrntqJmbPDZuJa_QYvSdWCUhJk3KQCyjjMLyrt3X-ZHPi1hHJw8jJWkvsmiRlutobc5qvTYWQOgV_UjYG786qe-CNWCVQaxq05PEAauebWXiW5TdfFlXbt81gJj0xdHx4YPsCKZPrqp7d5MjjLxJu51XXCcZh3keS8slICDGf4XifhWrzG9CxkXUQb3BLTGrmQhRZ6iMVarkSL137jHwRrlFQutCFslXgv0eay8jtQdgrI75DimMBJooqpnzxqILm7Xy4L9sEHy2cHhMnMqMU_iANri6D2OJQ8E08GY7qIgUU96CN5DWh7kEY9U72KmnCoc4IvJ0eOPvHNQ4o_227vK41TxRyYuvcVlCLCwfusU5Q0DPdafwaF917n_TIiO1SaWqB0HnwUNlLtK634KRugdIwaEA_DCHPYd2Ngfj0r0H24s2pe1ri0TW1DZgjPmUG1I_pHq8Z-c1O2VdrzKSJdLv9CtpLPnGJP5zbGPw0mztG77GoWo2L53USOnChukaDwBdl4RoY08qRnthr1bEZtKMPWnv-lKfIbG2Buu-bZqMhQD87TlffVHZJOlmpJ3XdWt6pvcl2W7ENpBosH6FfSzbAqF7kTiE8ZdDqI0cxe-W0E3tUHPLXDSY9fLwlZCKDYuKRXnNI9uLcrhDDGM0XzSvRAcRUk1wW1bcwIQWC0nRjKPftuTbYa6SCXyLy1xRxNLOm1p82K9fCuwe4fN89HD1_JnkzDqqbfttCju_OJqSjac77t1rHjpI_jqDqBt-6o4O-gG_xV9xzxqk1QOg78f3U5Q
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: http://topcouple.vu.cx/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

Verdicts & Comments Add Verdict or Comment

11 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

10 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
payment.allopass.com/	1969-12-31 23:59:59	Name: ShopSessionId Value: b48b7089-b446-4e76-9468-e80651a7c64e
.allopass.com/	1970-01-20 21:18:08	Name: AP_CUSK Value: 3618645151
.vu.cx/	1970-01-20 21:54:08	Name: __gads Value: ID=18fa363800a8507f-22a8e221a7b40030:T=1686752060:RT=1686752060:S=ALNI_MYBhAFo_JXEvVO6ZY9y2yT4wDL7Ng
.vu.cx/	1970-01-20 21:54:08	Name: __gpi Value: UID=00000c4ee3af4df8:T=1686752060:RT=1686752060:S=ALNI_MYHxnoNafFK4bzTUDDr3pOyS-NXtg
.doubleclick.net/	1970-01-20 21:54:08	Name: IDE Value: AHWqTUlZYL8b7HPbtstUjom4-SAyN81jRHEKz1L0oRiZBc_kPJ13TYaKWNUTSib1
.adnxs.com/	1970-01-20 14:42:08	Name: uuid2 Value: 1924526095248007717
.casalemedia.com/	1970-01-20 14:42:08	Name: CMPS Value: 2214
.casalemedia.com/	1970-01-20 14:42:08	Name: CMPRO Value: 2214
.casalemedia.com/	1970-01-20 21:18:08	Name: CMID Value: ZInLPa0skbhS0FG13B5wsgAA
.adnxs.com/	1970-01-20 14:42:08	Name: anj Value: dTM7k!M41.D>6NRF']wIg2Ilhh..OQ!]tbPl1M>e)ZlrFUfJ+tGXxoaVZWriLY[Aa=AWaPZQEF$N_n!M_KBA5gItK+3If)y3KL9D3I?+^t.r?h

1 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
network	error	URL: http://www.lesleaders.com/turf/topcouple/medias/course.jpg Message: Failed to load resource: the server responded with a status of 404 (Not Found)

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

adservice.google.com
cm.g.doubleclick.net
dsum-sec.casalemedia.com
googleads.g.doubleclick.net
googleads4.g.doubleclick.net
ib.adnxs.com
pagead2.googlesyndication.com
partner.googleadservices.com
payment.allopass.com
s0.2mdn.net
script.starpass.fr
topcouple.vu.cx
tpc.googlesyndication.com
www.google-analytics.com
www.google.com
www.googletagmanager.com
www.googletagservices.com
www.lesleaders.com
www.venez.fr
142.250.186.162
142.250.186.34
185.119.26.1
185.80.39.216
193.37.145.66
194.0.255.28
2a00:1450:4001:80b::2008
2a00:1450:4001:810::2002
2a00:1450:4001:811::2002
2a00:1450:4001:813::2006
2a00:1450:4001:829::2001
2a00:1450:4001:829::200e
2a00:1450:4001:82b::2002
2a00:1450:4001:831::2004
37.252.171.84
5.135.149.81
0b78fa0ce366b66b8932c56c3af7ec7edbf58a72c5e55c01a1713bb20c7d1ddb
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
0c91a24c2deb753c963c48cd9c3e5d16ee96128b30bce193c4324e121728c306
127ab3ff6d14112ae6aa40b68d9d3144748eda08efbc60a48a5be0555cf8622b
143228a20c996305219117620512d34b652a516adcd555dc778ab83302bf81e6
18afbb827530ab5aa1c4a9ae99726259a20db6cea3c92fe70521cf3051956ef8
191dff5c53c9dd06b8c911f34a875d6c873bb332c1a10b84072ac42155ce62bb
20eec737487790343020c4f1890e2d671ce133472e5b65a4a82a752c6f402444
3051fa7acfcd44ec9e50f9cb205f763df18ae4d17694329951808d2b026bd067
3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5
3289fc83b622ca0a13683fa81b006a05de135d1938744d6e30e5c9be2f2d782a
3521f5e84dbf85e9b7a304002330fbccf347abc9d0a43765a1838336b8a98c0c
454ddae1c04cd1b948f30759b0852dafe0920d85de3bc2b2ecce8ca387528e05
49d4ba84e10d9d1f2a83956dde4f20625fd11efc01f60a3a4552a9e09a05a74f
4b1e1bef92ba957c4648c2118de4eece20ffb8e58eedbb33bce5c2227b46e9ee
4b2af90c0f04c8808e6806cb82a5803b6e7f0994cf2cd84b733c9c8e1015d337
4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef
5056305b09ad6474ea540f796c79be51d6b8e96043cb3d7bc4ef774e56765f4f
55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a
5ba6062d32c4ac3aa0494c3ef3eb23d6b4dfd71f3a4d69f4245943c36db4c9f8
5c5ab61051be558678cb833560ea4e6b014eef6f09e6df38ddfca91c8c927261
5f612f22ad1e20f8991548e8b3027865fb994dc74d8f254d5a4379cd397777bd
61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb
6da2be8bb0274c59db51f59ceacdfbaa20d9489240711f856d9e1734349eb675
6e4bdaf71020d0a543a882af40794dde5192da22ca839c7cf46f608a21e680e6
7beddacd8e604a82f931e120557fd4e25fbe9c0b4d9aead927e1b588d3e59663
7dc792d48132ff15a9ad8c11a139bf26f8e13aa3df30a71582ae406ddffdab4f
7dd9659e56e92abc376e04d427903b2cfca1d52d854d38e35fefa4cf9e7fd9db
801b6007b856e6b14a9772fa15a3e3ac80ee68a6005131685701f9020bbc04b5
854f47fda466ed9d7e0d438a80c3f7049575d373d5887aca71313da2b795c739
8c9ff7c5b615fba96821177236b13d95ac0b7b2c67da14f8f3846be6d1b7eb6e
95eb15e76b752a9c78d6281cd3b7c43a8fbc2931783edf3bf3703af55eff06e2
9ff367082be1d94abc86ad1e75ff921cc5d53846e860267372fade66305f9120
a0710d7ae8f4a0ab076452dc7c3882b1c553ee11603bc5f9cf9dce10400ae1ce
a24e3346a6e2b965727afe9773b9284dbae82a99a329930ed4d22e8492460b0e
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b
b45d738e84fa5fe8d7f1a09347a1ada4a948c6b5e05fef0663819a5156afe519
b628f504f701620c57f10783e689a4bc416abf7741eedfeda17b66899bd57bcb
c112d031665794a10448816efdb20fd55aa258af58adc14cbca9b01d82495b3e
c647fb4d9eabd4165b4a9bfe7c83cee9bc5037a40c8578834c37090997e4bf9f
d1d6b5efe0d6c2540778435a8f7873cbec1eb76a2b107370388a8806cb5dda6a
d508fb3ad9903ef433eaff9b6d85858dee428c1c8e93b5f97883ec3d3a15242b
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e7b90d32907f89c49e9e2a2ccca95133277f756f13a14187936d9b948ff67b44
eb7a209e3af2f5e7045a326f81414b39f02551eb158e859c190a7a84db7c4d5d
eb97ae42500ac290cc6b1e1c63b0784a790777a63883f57ee7f418b09f448657
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
f9c50aa5f089add064db89b654e0c0e6845d0cde02435b01082463a90b6c280a
fe02c6f5a37c72317bbd729b31e3b19ad08e8ccf0f22c2553f3417353d9d63b1

topcouple.vu.cx Open in urlscan Pro 5.135.149.81 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Detected technologies

Page Statistics

61 Requests

69 %HTTPS

50 %IPv6

15 Domains

19 Subdomains

17 IPs

4 Countries

812 kBTransfer

1563 kBSize

10 Cookies

0 Outgoing links

Redirected requests

61 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 1 data transactions

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

topcouple.vu.cx Open in urlscan Pro
5.135.149.81 Public Scan

Screenshot
Live screenshot

Full Image

61
Requests

69 %
HTTPS

50 %
IPv6

15
Domains

19
Subdomains

17
IPs

4
Countries

812 kB
Transfer

1563 kB
Size

10
Cookies

61 HTTP transactions
1 data transactions