urlscan.io logo urlscan.io
SecurityTrails logo

www.eurogagnant.c4.fr Open in urlscan Pro
5.135.149.81  Public Scan

Go To Rescan Add Verdict Report
URL: http://www.eurogagnant.c4.fr/
Submission: On June 18 via manual from SN — Scanned from FR
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 23 IPs in 6 countries across 21 domains to perform 73 HTTP transactions. The main IP is 5.135.149.81, located in France and belongs to OVH, FR. The main domain is www.eurogagnant.c4.fr.
This is the only time www.eurogagnant.c4.fr was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

10    5.135.149.81 (France)

ASN16276 (OVH, FR)
PTR: web3.venez.net
www.eurogagnant.c4.fr
www.venez.fr
6    194.150.236.166 (France)

ASN44976 (HIWIT_AS, FR)
PTR: ns6.hiwit.net
www.expressturf.net
12    2a00:1450:4001:811::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
pagead2.googlesyndication.com
1    194.150.236.179 (France)

ASN44976 (HIWIT_AS, FR)
PTR: ns19.hiwit.net
www.flashcourse.net
5    194.150.236.236 (France)

ASN44976 (HIWIT_AS, FR)
PTR: ns76.hiwit.net
www.biltoturf.com
www.millionturf.com
3    2606:4700:3034::ac43:c8d8 (United States)

ASN13335 (CLOUDFLARENET, US)
www.pronostic-facile.fr
3    185.119.26.1 (France)

ASN203544 (WEBDEVIIN-AS, FR)
PTR: 1.26.119.185.in-addr.arpa
payment.allopass.com
4    2a00:1450:4001:812::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
googleads.g.doubleclick.net
2    2a00:1450:4001:811::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.googletagmanager.com
5    172.217.18.2 (United States)

ASN15169 (GOOGLE, US)
PTR: fra02s19-in-f2.1e100.net
partner.googleadservices.com
cm.g.doubleclick.net
1    2a00:1450:4001:801::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
adservice.google.fr
1    2a00:1450:400e:801::2002 (Ireland)

ASN15169 (GOOGLE, US)
adservice.google.com
2    2a00:1450:4001:831::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.google-analytics.com
7    2a00:1450:4001:812::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
tpc.googlesyndication.com
1    2a00:1450:4001:829::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.googletagservices.com
5    2.20.157.55 (Milan, Italy)

ASN16625 (AKAMAI-AS, US)
PTR: a2-20-157-55.deploy.static.akamaitechnologies.com
dsum-sec.casalemedia.com
3    185.33.220.243 (Amsterdam, Netherlands)

ASN29990 (ASN-APPNEX, US)
PTR: 722.bm-nginx-loadbalancer.mgmt.ams1.adnexus.net
ib.adnxs.com
5    2a00:1450:4001:80e::2006 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
s0.2mdn.net
2    142.250.184.194 (United States)

ASN15169 (GOOGLE, US)
PTR: fra24s11-in-f2.1e100.net
googleads4.g.doubleclick.net
1    2a00:1450:4001:828::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
fonts.googleapis.com
3    2a00:1450:400e:80c::2003 (Ireland)

ASN15169 (GOOGLE, US)
fonts.gstatic.com
1    2a00:1450:4001:830::2004 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.google.com
Apex Domain
Subdomains		 Transfer
19 googlesyndication.com
pagead2.googlesyndication.com — Cisco Umbrella Rank: 115
tpc.googlesyndication.com — Cisco Umbrella Rank: 150
270 KB
10 doubleclick.net
googleads.g.doubleclick.net — Cisco Umbrella Rank: 55
cm.g.doubleclick.net — Cisco Umbrella Rank: 217
googleads4.g.doubleclick.net — Cisco Umbrella Rank: 283
47 KB
7 venez.fr
www.venez.fr
9 KB
6 expressturf.net
www.expressturf.net
190 KB
5 2mdn.net
s0.2mdn.net — Cisco Umbrella Rank: 265
100 KB
5 casalemedia.com
dsum-sec.casalemedia.com — Cisco Umbrella Rank: 623
4 KB
4 biltoturf.com
www.biltoturf.com
168 KB
3 gstatic.com
fonts.gstatic.com
47 KB
3 adnxs.com
ib.adnxs.com — Cisco Umbrella Rank: 247
3 KB
3 allopass.com
payment.allopass.com
10 KB
3 pronostic-facile.fr
www.pronostic-facile.fr
7 KB
3 c4.fr
www.eurogagnant.c4.fr
3 KB
2 google-analytics.com
www.google-analytics.com — Cisco Umbrella Rank: 60
39 KB
2 google.com
adservice.google.com — Cisco Umbrella Rank: 92
www.google.com — Cisco Umbrella Rank: 9
2 KB
2 googletagmanager.com
www.googletagmanager.com — Cisco Umbrella Rank: 96
78 KB
1 googleapis.com
fonts.googleapis.com — Cisco Umbrella Rank: 67
1 KB
1 googletagservices.com
www.googletagservices.com — Cisco Umbrella Rank: 185
43 KB
1 google.fr
adservice.google.fr — Cisco Umbrella Rank: 24152
792 B
1 googleadservices.com
partner.googleadservices.com — Cisco Umbrella Rank: 861
641 B
1 millionturf.com
www.millionturf.com
24 KB
1 flashcourse.net
www.flashcourse.net
81 KB
73 21
Domain Requested by
12 pagead2.googlesyndication.com www.eurogagnant.c4.fr
pagead2.googlesyndication.com
googleads.g.doubleclick.net
tpc.googlesyndication.com
www.googletagservices.com
7 tpc.googlesyndication.com googleads.g.doubleclick.net
tpc.googlesyndication.com
pagead2.googlesyndication.com
7 www.venez.fr www.eurogagnant.c4.fr
www.venez.fr
6 www.expressturf.net 1 redirects www.eurogagnant.c4.fr
www.expressturf.net
5 s0.2mdn.net www.eurogagnant.c4.fr
s0.2mdn.net
5 dsum-sec.casalemedia.com 3 redirects googleads.g.doubleclick.net
4 cm.g.doubleclick.net 3 redirects googleads.g.doubleclick.net
4 googleads.g.doubleclick.net pagead2.googlesyndication.com
googleads.g.doubleclick.net
www.eurogagnant.c4.fr
4 www.biltoturf.com www.expressturf.net
3 fonts.gstatic.com fonts.googleapis.com
3 ib.adnxs.com 2 redirects googleads.g.doubleclick.net
3 payment.allopass.com www.expressturf.net
payment.allopass.com
3 www.pronostic-facile.fr 1 redirects www.expressturf.net
www.pronostic-facile.fr
3 www.eurogagnant.c4.fr www.eurogagnant.c4.fr
2 googleads4.g.doubleclick.net www.eurogagnant.c4.fr
2 www.google-analytics.com www.googletagmanager.com
2 www.googletagmanager.com www.pronostic-facile.fr
payment.allopass.com
1 www.google.com tpc.googlesyndication.com
1 fonts.googleapis.com s0.2mdn.net
1 www.googletagservices.com googleads.g.doubleclick.net
1 adservice.google.com pagead2.googlesyndication.com
1 adservice.google.fr pagead2.googlesyndication.com
1 partner.googleadservices.com pagead2.googlesyndication.com
1 www.millionturf.com www.expressturf.net
1 www.flashcourse.net www.expressturf.net
73 25

This site contains no links.

Subject Issuer Validity Valid
venez.fr
R3		 2022-03-25 -
2022-06-23		 3 months crt.sh
biltoturf.com
R3		 2022-04-19 -
2022-07-18		 3 months crt.sh
millionturf.com
R3		 2022-06-03 -
2022-09-01		 3 months crt.sh
*.allopass.com
Gandi Standard SSL CA 2		 2021-10-08 -
2022-10-08		 a year crt.sh
*.g.doubleclick.net
GTS CA 1C3		 2022-05-30 -
2022-08-22		 3 months crt.sh
sni.cloudflaressl.com
Cloudflare Inc ECC CA-3		 2022-05-11 -
2023-05-11		 a year crt.sh
*.google-analytics.com
GTS CA 1C3		 2022-05-30 -
2022-08-22		 3 months crt.sh
*.googleadservices.com
GTS CA 1C3		 2022-05-30 -
2022-08-22		 3 months crt.sh
*.google.fr
GTS CA 1C3		 2022-05-30 -
2022-08-22		 3 months crt.sh
*.google.com
GTS CA 1C3		 2022-05-30 -
2022-08-22		 3 months crt.sh
tpc.googlesyndication.com
GTS CA 1C3		 2022-05-30 -
2022-08-22		 3 months crt.sh
*.doubleclick.net
GTS CA 1C3		 2022-05-30 -
2022-08-22		 3 months crt.sh
upload.video.google.com
GTS CA 1C3		 2022-05-30 -
2022-08-22		 3 months crt.sh
*.gstatic.com
GTS CA 1C3		 2022-05-30 -
2022-08-22		 3 months crt.sh
www.google.com
GTS CA 1C3		 2022-05-30 -
2022-08-22		 3 months crt.sh

This page contains 14 frames:

Primary Page: http://www.eurogagnant.c4.fr/
Frame ID: 5F00D474C3B557FB53A25B8CCF6978DF
Requests: 1 HTTP requests in this frame

Frame: http://www.eurogagnant.c4.fr/barre-eurogagnant.c4.fr.html
Frame ID: D685154185BAE598C02E0EBBF83D6166
Requests: 12 HTTP requests in this frame

Frame: http://www.expressturf.net/pronos/eurogagnant/
Frame ID: 187ABE852E25D4F31C3672AA2D876D48
Requests: 17 HTTP requests in this frame

Frame: http://www.eurogagnant.c4.fr/stats-eurogagnant.c4.fr.html
Frame ID: 2D750A9EF43B638CD60FE8E9B3FEFD97
Requests: 1 HTTP requests in this frame

Frame: https://www.venez.fr/alternate-barre.htm
Frame ID: E243F52780CC2888818D5371BF2808A1
Requests: 4 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/html/r20220615/r20190131/zrt_lookup.html
Frame ID: 5E22BF3E3572A55E71055C38B9F5763B
Requests: 1 HTTP requests in this frame

Frame: https://www.pronostic-facile.fr/widget/partner/pf/all
Frame ID: 08E582D3C921D1C0E7C5CA1C09D935F1
Requests: 4 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5203714787387788&output=html&h=90&slotname=4563536207&adk=2647235303&adf=3604715433&pi=t.ma~as.4563536207&w=970&psa=0&format=970x90&url=http%3A%2F%2Fwww.eurogagnant.c4.fr%2F&ea=0&wgl=1&dt=1655568974348&bpp=3&bdt=355&idt=196&shv=r20220615&mjsv=m202206140101&ptt=9&saldr=aa&correlator=6355545147054&frm=23&ife=1&pv=2&ga_vid=114212745.1655568975&ga_sid=1655568975&ga_hid=1283683902&ga_fc=0&nhd=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&adx=20&ady=0&biw=1600&bih=1200&isw=1600&ish=90&ifk=3845729909&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759842%2C31067629%2C31068031&oid=2&pvsid=2189768126325910&tmod=316383327&uas=0&nvt=1&eae=2&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C90&vis=1&rsz=o%7Co%7CaeE%7C&abl=NA&pfx=0&fu=4&bc=23&ifi=1&uci=1.vghu9iigy26c&fsb=1&dtd=216
Frame ID: 9446E5EA21018EE6E638317DCEAACA89
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/xbbe/pixel?d=CPDkLxCZw2EY16frwgEwAQ&v=APEucNXUOKz5UeNvwKeDsHCIHTJ0g7lqcWus7TtCO3JRh0dHj8sq5oeFx6rWdJNT6zgsmkia-zobaW75SSiTrhHZzOXSbPY07mVAPB_akgad3fSt4UQrZBpYQSzN9qyy3h81WuqO6ZkezwU6hiHsHp_rRafqMiO_6S1rPGybqMliV5BJSintDOU
Frame ID: C10DE33E95A923C4B82DAF9784E0B631
Requests: 5 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-DhK85E14YLbXEE8ea-wYfv24yjhcrPMTH3XfVll6geeDOrcB14yvJ488CpTG5f2mH2aS-lSEasnskdEfgGSQ3w7W6eCQ&cry=1&dbm_d=AKAmf-C1h74DPSYvy36MUMuhQO6xqFkE6jkVWRJR3NTho0hKQXHgjDUS2S-YU88mKyChqL6amjCm4XY_Is_7ZFcDa6nfOrIME3qAWBNmzHzKi-JZOqEhBxZNfQGmQ6iPvFjcHFPIWkvNo9G-MKy8temxhyIqc_rQIzwGw5Zbj0e9YUKhnqYxNITI-GgdyDie3Gk9f1Y9NqvSoyl5doy8VYPwPH5kr32a-db1qOAf9rhGMEqjVRXcg-uAJGpV5XzbijM6TdMSWuSCVcW0fNkse0R3Pt4tz8_Eq4qBWefpDH6tgC_ZZjajVfAEa7Q5o0-qXUZfNz58iPvOjrkGFXiu4oJ8Cvt98GnuN037A_kSpaCPMG383Hwo36XkQtMIJ34cACRK3_FALmxyCL0UYUv5yFgr1_shYC4xqNfM3CKPeUqmFAEmIdtugm5939QHBLnxtXcPDCT-2HA0YWyVX0opo5-93Xx2ZcR8rggH93g--4EQHNyCEtQUD1xwApl9HxlQsgcy0xXLPdEbDNma8pp8g3zllUH1GyPUi3e1Fcqt_BEJPG4Dkdo8YOOP22f2h7P1KSNm4nCYbmYsEYqAT2D8hhZ47gbz3kL-dUeqS3p4_BHigMiK_aXtt5Dzp815Y512E0MPeg3OgtzqJpcg9_QYuJrgHZb18b5XSsaCbXX9s8cXbjEZ3b-pU8sL5B2w-s4l3TwDofyz4fqvH7qu3O5DF6EQwWkCU6hk5iveKlhJwuoL_mL4cQ3HPsDZ7hzzoMjvKePXUhH14SyShfhaF1iriWm-ekrOigvAA7g5Lgy5KmN7gp4s6aVMp7OLmN0T2XqF_0lFJfLMB4CyjMQR39xb2u1ZuGTRiqb4ZKY5dBgum9fZuwmaWZmLp1lPX1xlMfPSmL3S18h_lns9lc8yzEZjv6OHJ1o7eJxj4I9rT0S0LvxgSYhhjdYKn9gjrkYdvW-ufi-LV_x_zPWloAbO5JmxzNx961nPiUqmRT96Hf4NpzLcrQE-HykSat-Zw4mHaAMCB4GXG4Z7JWWJSJdiHLRwH_ToiA88lfDs_ASom0LngtSUnPkrnOr7GVUaakWLwK3JvKVgGrYGZ8-D68hLKHHWeXFdS7RRUAQZU5DdrNG_Ex-9tzVfRolcWt2JZD03fZNH5tBieWe_k9McDxHaXbd7l1D-UcCqkd1F6fEIfwBgiaG0ZB1STVDnceMdQ3bZCTPoZkUR1tkUJpcWLVo5eKxDcz0ZSrZxegJUmVvqZmEZrJUryQ0FCp0wLJc-pOpY2pmf6r0pZmj54NuSU_pejNsQeB3q-7rAoqhtXMHbmJVGrkwVxSBq0fGeRFCWn50A9dvkADSXHKZW9Pe2VK-goQGK9P9xF4bnWGl0CwkAfR7oOhlRZV1JPvVJwmuihZacsOxuO2UbCo4FK9AeBou4jsdlLuQouuK1Pq-ynrQf3xuWGuuJgnX_QAK2sGty1-LrJz2SnDEWULNN_hn0jIekULdRBF2cZ3HK6nZc_sGMqsHk9lhuB9xF-NPhwMQwwPGOUv4rxaRTZBNW2IQu7hzm8w9UfOgTccEju2ykSFCYOEQgo2ZCuzvjLd7OUTclrDYga4SSTGoKxDQbMLudvvVplHrxgmuRmWEc27QUbIOleVQBEyvDZ6AEgys6odAxNcX4ygiiYXJBLmRLOTDXudK_9c2Y9lDmnK8cKFwjf6-ESz2k-f6anJcsFtSkAgmjhHpO3_DK3Lc3KsBeuPiMNZNXohNUhezdRBdrk0BhIxcAPWq2vHDbwWiR2Zylye_ytE3fNTdHdyZqrhCQZfJlTcX6EX74IMutBP8i8nv52CMYgrFIhUkdi2yA3FFpdgBBgSWud_93exluu7y3jcysxvs2jTDFgyJZRNz2pw1L4zoWtVJG3KXPYQvnC8X5-gfObPvQR_51a3CkVqtpVQkE86EKKYt0OuV2if1rR4ArDD_YLNFNW3No7BC3QHuehH8fj-Icw6ddQYcRiataTw2Roey7TE1zsWQ7em_5ypenPCEQvFHG-B--CZeM_H8uql_4crGtutQ9j__ic7MEu5reHXnCp4YF1TakI4CmAHn23H_B4Wy_Iy__T4Re5uxFXYFjgjHBBxpiw0AgHiTDa-76sKCdPtJKiFvpE_zWCJRcI4WnGgNF3cJiWWywUH_QqLqIke-wnclRpKuE5aItAzvYB9f2BPjJAxgl4BNY4xGPIHeRFuH2ByTkhX0lhcKGNjEX-Qa4yxWzi6vQEVda4Lb61y3QWLh7qIFEQe1rWhm-exBJ_m3gHoiFxJ-83ThkMLNFt1La70BJNsY1tqkRwkVYz9tTdL6XSgX6i8QGUD6UvmVwC519hkMaZRxO3CWtNnrTFbFz0dRjcbQAy8TI0_wBgm4ce8V1amKTITDyBblDeoJ7tuaegsgfmV-UolLLjZXA64saWzK_o7dQJkCHdkdS1SCbnfgFCTw1MhPa9dMBhe1_TI4RenS__9T9cN_twYN_Tw2eJ4jZHpvyZZrqq5UPttXdgtrAWB6snXOWDasK8aXpmtPAl1lprJw-GW3AdzaMiZb_DK9S08-C-k9MLGrfxZvDvkDUv9vQRaPVKDeCbNj3a2a2QRoiwuvbLzfUHzUkltKbeKGcM-GYMoVjx9coV3HLeDaWvxorOpLtYrHzgwZYplf-QUDnjwXUg7z-0oAN5oMm_rfLk8f1_C1TWanpErqMuZHNWa8uiRrNtjAtuQTweVSDjFYiOb19EcrlPpDhzu5o3SQi_R4f8kgEjOGdexKiRVtmGwI-0XNuQ35wvTVoFILFXilvyT9saWu8t28ltOB4hyfQgEl8sLo4KIoXl14prcnzp426jDtCl1W98SZog92VB7RpV2m7iMjOYndrKnzBH5tQ8xRxBWp3yuC2XfQjca8EsiMEnpUHDcS-s_9RVYpylVYLo-c5UE0HK_oaxl-PyTCSawuqDPDMvNd_uP-kFhnFBBs9dBu_i8e8dzqeJStj4mEfD4QZ-uL86y-S1SzI74AjWchFKbRK6Y6Tc72l0FJKZDuq0AHEt1QowCEuM1uQ9hV-supBgre3krwC_vn05EOh-VS7idNa2FTGaESi-NAMDAdN-gLxsF-ToNVtn_KbtHS_IJ1c4_b5JrrtEclmwAMOpcSEm-OV-Bgi&cid=CAASBORov08&rfl=3%2Chttp%253A%252F%252Fwww.eurogagnant.c4.fr%242%2Chttp%253A%252F%252Fwww.eurogagnant.c4.fr%252F%240
Frame ID: 39D923CDBD6620A6F3B4EA3468226FDE
Requests: 13 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/Enqz_20U.html
Frame ID: E06CA24F11977812AB9872CEEB5C3CA1
Requests: 3 HTTP requests in this frame

Frame: https://s0.2mdn.net/sadbundle/10196239086468997911/index.html
Frame ID: 62A08A8837A5F98E2B24EB6A592F01E1
Requests: 8 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Frame ID: 7F8E7ADCC6729007C7174D79FEA1E70E
Requests: 3 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/aframe
Frame ID: F5F9B7D524793DEEDF4877A515759E0A
Requests: 2 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page Title

EURO GAGNANT

Detected technologies

Overall confidence: 100%
Detected patterns
  • adnxs\.(?:net|com)
Overall confidence: 100%
Detected patterns
  • 2mdn\.net
Overall confidence: 100%
Detected patterns
  • googlesyndication\.com/
  • 2mdn\.net
Overall confidence: 100%
Detected patterns
  • google-analytics\.com/(?:ga|urchin|analytics)\.js
Overall confidence: 100%
Detected patterns
  • googletagmanager\.com/gtm\.js
  • googletagmanager\.com/gtag/js

Page Statistics

73
Requests

78 %
HTTPS

59 %
IPv6

21
Domains

25
Subdomains

23
IPs

6
Countries

1124 kB
Transfer

2100 kB
Size

11
Cookies

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 13
  • http://www.pronostic-facile.fr/widget/partner/script/pf HTTP 301
  • https://www.pronostic-facile.fr/widget/partner/script/pf
Request Chain 17
  • http://www.expressturf.net/pronos/eurogagnant/h2.png HTTP 302
  • http://www.expressturf.net/
Request Chain 43
  • https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_dbm HTTP 302
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEGfLPBi1NLKYKZHlpkGVLEY&google_cver=1 HTTP 302
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEGfLPBi1NLKYKZHlpkGVLEY&google_cver=1&C=1
Request Chain 44
  • https://dsum-sec.casalemedia.com/rrum?ixi=0&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D HTTP 302
  • https://dsum-sec.casalemedia.com/rrum?cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D&cm_dsp_id=85&ixi=0&C=1 HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_hm=Yq36T.jZrDz5LvTgWcLkvAAA HTTP 302
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEC8je1bZKhVALBZ2JpYrF2E&google_cver=1&google_hm=2
Request Chain 45
  • https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_cm&google_dbm HTTP 302
  • https://ib.adnxs.com/setuid?entity=101&code=CAESEO6g61b-nmvyR5ViqSjCYgM&google_cver=1
Request Chain 46
  • https://ib.adnxs.com/getuid?https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=${BASE64_UID_ENC} HTTP 307
  • https://ib.adnxs.com/bounce?%2Fgetuid%3Fhttps%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dappnexus%26google_hm%3D%24%7BBASE64_UID_ENC%7D HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=MzA3NjU4MDM4NDI0OTY3Mzk4MA%3D%3D

73 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Primary Request /
www.eurogagnant.c4.fr/ 		3 KB
1 KB 		Document
General
Check archive.org
Download Go to
Full URL
http://www.eurogagnant.c4.fr/
Protocol
HTTP/1.1
Server
5.135.149.81 , France, ASN16276 (OVH, FR),
Reverse DNS
web3.venez.net
Software
Apache /
Resource Hash
1b62b6e206de7b6120f9accfeb4dbd37ff17897d0056836d07abc52fae5cf64d

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36
accept-language
fr-FR,fr;q=0.9

Response headers

Connection
Keep-Alive
Content-Encoding
gzip
Content-Length
1097
Content-Type
text/html; charset=iso-8859-1
Date
Sat, 18 Jun 2022 16:16:13 GMT
Keep-Alive
timeout=5, max=100
Server
Apache
Vary
Accept-Encoding
barre-eurogagnant.c4.fr.html
www.eurogagnant.c4.fr/ Frame D685 		3 KB
2 KB 		Document
General
Check archive.org
Download Go to
Full URL
http://www.eurogagnant.c4.fr/barre-eurogagnant.c4.fr.html
Requested by
Host: www.eurogagnant.c4.fr
URL: http://www.eurogagnant.c4.fr/
Protocol
HTTP/1.1
Server
5.135.149.81 , France, ASN16276 (OVH, FR),
Reverse DNS
web3.venez.net
Software
Apache /
Resource Hash
d8bbcdfb239e531f58b6db6d8ac4e4e11249ebd4002e9d99bf9d5c539dc638ea

Request headers

Referer
http://www.eurogagnant.c4.fr/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36
accept-language
fr-FR,fr;q=0.9

Response headers

Cache-Control
no-store, no-cache, must-revalidate post-check=0, pre-check=0
Connection
Keep-Alive
Content-Encoding
gzip
Content-Length
1488
Content-Type
text/html; charset=ISO-8859-1
Date
Sat, 18 Jun 2022 16:16:13 GMT
Expires
Sat, 18 Jun 2022 16:16:13 GMT
Keep-Alive
timeout=5, max=99
Last-Modified
Sat, 18 Jun 2022 16:16:13 GMT
Pragma
no-cache
Server
Apache
Vary
Accept-Encoding
/
www.expressturf.net/pronos/eurogagnant/ Frame 187A 		62 KB
64 KB 		Document
General
Check archive.org
Download Go to
Full URL
http://www.expressturf.net/pronos/eurogagnant/
Requested by
Host: www.eurogagnant.c4.fr
URL: http://www.eurogagnant.c4.fr/
Protocol
HTTP/1.1
Server
194.150.236.166 , France, ASN44976 (HIWIT_AS, FR),
Reverse DNS
ns6.hiwit.net
Software
Apache /
Resource Hash
0d2230912fe4da19a6babdbca1bb67d2e0e60255db30c0b9d8f2ba31a1ad33ca

Request headers

Referer
http://www.eurogagnant.c4.fr/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36
accept-language
fr-FR,fr;q=0.9

Response headers

Cache-Control
no-store, no-cache, must-revalidate, post-check=0, pre-check=0
Connection
Keep-Alive
Content-Type
text/html
Date
Sat, 18 Jun 2022 16:16:13 GMT
Expires
Thu, 19 Nov 1981 08:52:00 GMT
Keep-Alive
timeout=15, max=100
Pragma
no-cache
Server
Apache
Transfer-Encoding
chunked
Vary
Host
stats-eurogagnant.c4.fr.html
www.eurogagnant.c4.fr/ Frame 2D75 		0
192 B 		Document
General
Check archive.org
Download Go to
Full URL
http://www.eurogagnant.c4.fr/stats-eurogagnant.c4.fr.html
Requested by
Host: www.eurogagnant.c4.fr
URL: http://www.eurogagnant.c4.fr/
Protocol
HTTP/1.1
Server
5.135.149.81 , France, ASN16276 (OVH, FR),
Reverse DNS
web3.venez.net
Software
Apache /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
http://www.eurogagnant.c4.fr/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36
accept-language
fr-FR,fr;q=0.9

Response headers

Connection
Keep-Alive
Content-Length
0
Content-Type
text/html; charset=iso-8859-1
Date
Sat, 18 Jun 2022 16:16:13 GMT
Keep-Alive
timeout=5, max=100
Server
Apache
site.js
www.venez.fr/js/ Frame D685 		2 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.venez.fr/js/site.js?www.venez.fr
Requested by
Host: www.eurogagnant.c4.fr
URL: http://www.eurogagnant.c4.fr/barre-eurogagnant.c4.fr.html
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
5.135.149.81 , France, ASN16276 (OVH, FR),
Reverse DNS
web3.venez.net
Software
Apache /
Resource Hash
0c91a24c2deb753c963c48cd9c3e5d16ee96128b30bce193c4324e121728c306

Request headers

accept-language
fr-FR,fr;q=0.9
Referer
http://www.eurogagnant.c4.fr/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36

Response headers

Date
Sat, 18 Jun 2022 16:16:13 GMT
Content-Encoding
gzip
Last-Modified
Sat, 18 Jun 2022 16:16:13 GMT
Server
Apache
Vary
Accept-Encoding
Content-Type
application/javascript
Cache-Control
public, max-age=604800
Connection
Keep-Alive
Keep-Alive
timeout=5, max=100
Content-Length
1023
Expires
Sat, 25 Jun 2022 16:16:13 GMT
separateur90.gif
www.venez.fr/images/ Frame D685 		82 B
388 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.venez.fr/images/separateur90.gif
Requested by
Host: www.eurogagnant.c4.fr
URL: http://www.eurogagnant.c4.fr/barre-eurogagnant.c4.fr.html
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
5.135.149.81 , France, ASN16276 (OVH, FR),
Reverse DNS
web3.venez.net
Software
Apache /
Resource Hash
3289fc83b622ca0a13683fa81b006a05de135d1938744d6e30e5c9be2f2d782a

Request headers

accept-language
fr-FR,fr;q=0.9
Referer
http://www.eurogagnant.c4.fr/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36

Response headers

Date
Sat, 18 Jun 2022 16:16:13 GMT
Last-Modified
Thu, 15 Nov 2018 22:11:22 GMT
Server
Apache
ETag
"52-57abb54b25680"
Content-Type
image/gif
Cache-Control
max-age=604800, public
Connection
Keep-Alive
Accept-Ranges
bytes
Keep-Alive
timeout=5, max=100
Content-Length
82
adsbygoogle.js
pagead2.googlesyndication.com/pagead/js/ Frame D685 		164 KB
56 KB 		Script
General
Check archive.org
Download Go to
Full URL
http://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js
Requested by
Host: www.eurogagnant.c4.fr
URL: http://www.eurogagnant.c4.fr/barre-eurogagnant.c4.fr.html
Protocol
HTTP/1.1
Server
2a00:1450:4001:811::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
14748c2140ac6a11018e24f8e4c92217cdaf2ded3fb2165323aa54c69c7f6ad7
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
fr-FR,fr;q=0.9
Referer
http://www.eurogagnant.c4.fr/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36

Response headers

Timing-Allow-Origin
*
Date
Sat, 18 Jun 2022 16:16:14 GMT
Content-Encoding
gzip
X-Content-Type-Options
nosniff
Server
cafe
ETag
9889066674465275759
Vary
Accept-Encoding, Origin
P3P
policyref="http://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
Cache-Control
private, max-age=3600
Cross-Origin-Resource-Policy
cross-origin
Content-Disposition
attachment; filename="f.txt"
Content-Type
text/javascript; charset=UTF-8
Content-Length
56288
X-XSS-Protection
0
Expires
Sat, 18 Jun 2022 16:16:14 GMT
head.gif
www.expressturf.net/pronos/eurogagnant/ Frame 187A 		106 KB
106 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
http://www.expressturf.net/pronos/eurogagnant/head.gif
Requested by
Host: www.expressturf.net
URL: http://www.expressturf.net/pronos/eurogagnant/
Protocol
HTTP/1.1
Server
194.150.236.166 , France, ASN44976 (HIWIT_AS, FR),
Reverse DNS
ns6.hiwit.net
Software
Apache /
Resource Hash
4117985daaae3e0e0cdd215a102d1181fd9e5e890e03effc2b5b664a11cd54eb

Request headers

accept-language
fr-FR,fr;q=0.9
Referer
http://www.expressturf.net/pronos/eurogagnant/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36

Response headers

Date
Sat, 18 Jun 2022 16:16:14 GMT
Last-Modified
Tue, 03 Nov 2020 10:51:25 GMT
Server
Apache
ETag
"186a61b-1a676-5b331a4e82540"
Vary
Host
Content-Type
image/gif
Connection
Keep-Alive
Accept-Ranges
bytes
Keep-Alive
timeout=15, max=99
Content-Length
108150
logo.gif
www.flashcourse.net/img/ Frame 187A 		81 KB
81 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
http://www.flashcourse.net/img/logo.gif
Requested by
Host: www.expressturf.net
URL: http://www.expressturf.net/pronos/eurogagnant/
Protocol
HTTP/1.1
Server
194.150.236.179 , France, ASN44976 (HIWIT_AS, FR),
Reverse DNS
ns19.hiwit.net
Software
Apache /
Resource Hash
5929b7b020cb55e1f048721ce4745948bde58678f53155da4bac0b9183ec6393

Request headers

accept-language
fr-FR,fr;q=0.9
Referer
http://www.expressturf.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36

Response headers

Date
Sat, 18 Jun 2022 16:16:14 GMT
Last-Modified
Thu, 15 Dec 2016 07:03:40 GMT
Server
Apache
ETag
"15eac54-142c1-543ad0d97ab00"
Vary
Host
Content-Type
image/gif
Connection
Keep-Alive
Accept-Ranges
bytes
Keep-Alive
timeout=15, max=100
Content-Length
82625
logo.gif
www.biltoturf.com/ Frame 187A 		6 KB
6 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
http://www.biltoturf.com/logo.gif
Requested by
Host: www.expressturf.net
URL: http://www.expressturf.net/pronos/eurogagnant/
Protocol
HTTP/1.1
Server
194.150.236.236 , France, ASN44976 (HIWIT_AS, FR),
Reverse DNS
ns76.hiwit.net
Software
Apache /
Resource Hash
ead7dff95228a235e92f3cc50bcd67d3e448ccb40cee683514504e8a59aa8f30

Request headers

accept-language
fr-FR,fr;q=0.9
Referer
http://www.expressturf.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36

Response headers

Date
Sat, 18 Jun 2022 16:16:14 GMT
Last-Modified
Sat, 24 Apr 2021 03:49:26 GMT
Server
Apache
ETag
"2563ddd-165f-5c0afcc7b5d80"
Vary
Host
Content-Type
image/gif
Connection
Keep-Alive
Accept-Ranges
bytes
Keep-Alive
timeout=15, max=100
Content-Length
5727
basefiable.gif
www.biltoturf.com/logos/ Frame 187A 		10 KB
11 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.biltoturf.com/logos/basefiable.gif
Requested by
Host: www.expressturf.net
URL: http://www.expressturf.net/pronos/eurogagnant/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
194.150.236.236 , France, ASN44976 (HIWIT_AS, FR),
Reverse DNS
ns76.hiwit.net
Software
Apache /
Resource Hash
8976277884b95b36fb3d06945f7a06b0320964337eef13af4ac690827202845b
Security Headers
Name Value
Strict-Transport-Security max-age=15768000

Request headers

accept-language
fr-FR,fr;q=0.9
Referer
http://www.expressturf.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36

Response headers

Date
Sat, 18 Jun 2022 16:16:14 GMT
Last-Modified
Sat, 24 Apr 2021 03:50:23 GMT
Server
Apache
ETag
"2563e49-2959-5c0afcfe11dc0"
Vary
Host
Content-Type
image/gif
Connection
Keep-Alive
Strict-Transport-Security
max-age=15768000
Accept-Ranges
bytes
Keep-Alive
timeout=15, max=100
Content-Length
10585
quintemagic.gif
www.biltoturf.com/logos/ Frame 187A 		81 KB
81 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.biltoturf.com/logos/quintemagic.gif
Requested by
Host: www.expressturf.net
URL: http://www.expressturf.net/pronos/eurogagnant/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
194.150.236.236 , France, ASN44976 (HIWIT_AS, FR),
Reverse DNS
ns76.hiwit.net
Software
Apache /
Resource Hash
3f6530c2424161af4eda5ac19fb9f39de9e5ec8efccbcda0c383d33067bac088
Security Headers
Name Value
Strict-Transport-Security max-age=15768000

Request headers

accept-language
fr-FR,fr;q=0.9
Referer
http://www.expressturf.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36

Response headers

Date
Sat, 18 Jun 2022 16:16:14 GMT
Last-Modified
Thu, 01 Jul 2021 13:43:41 GMT
Server
Apache
ETag
"1abf861-1434f-5c61006e4fd40"
Vary
Host
Content-Type
image/gif
Connection
Keep-Alive
Strict-Transport-Security
max-age=15768000
Accept-Ranges
bytes
Keep-Alive
timeout=15, max=100
Content-Length
82767
turforiginal.gif
www.millionturf.com/logos/ Frame 187A 		24 KB
24 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.millionturf.com/logos/turforiginal.gif
Requested by
Host: www.expressturf.net
URL: http://www.expressturf.net/pronos/eurogagnant/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
194.150.236.236 , France, ASN44976 (HIWIT_AS, FR),
Reverse DNS
ns76.hiwit.net
Software
Apache /
Resource Hash
26f6a960d44093f8a56e95f2ed3ddd6d4526a86a3ce7dde31957b2cd21d887ff
Security Headers
Name Value
Strict-Transport-Security max-age=15768000

Request headers

accept-language
fr-FR,fr;q=0.9
Referer
http://www.expressturf.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36

Response headers

Date
Sat, 18 Jun 2022 16:16:14 GMT
Last-Modified
Tue, 08 Dec 2020 22:22:02 GMT
Server
Apache
ETag
"2503e01-60ad-5b5fb5f30b680"
Vary
Host
Content-Type
image/gif
Connection
Keep-Alive
Strict-Transport-Security
max-age=15768000
Accept-Ranges
bytes
Keep-Alive
timeout=15, max=100
Content-Length
24749
lespecialiste.gif
www.biltoturf.com/logos/ Frame 187A 		70 KB
70 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.biltoturf.com/logos/lespecialiste.gif
Requested by
Host: www.expressturf.net
URL: http://www.expressturf.net/pronos/eurogagnant/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
194.150.236.236 , France, ASN44976 (HIWIT_AS, FR),
Reverse DNS
ns76.hiwit.net
Software
Apache /
Resource Hash
d42772d73d435840de06182be93036fed65d7954d1e61c1b26590c779885b0fe
Security Headers
Name Value
Strict-Transport-Security max-age=15768000

Request headers

accept-language
fr-FR,fr;q=0.9
Referer
http://www.expressturf.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36

Response headers

Date
Sat, 18 Jun 2022 16:16:14 GMT
Last-Modified
Thu, 01 Jul 2021 13:43:41 GMT
Server
Apache
ETag
"1abf85e-1182d-5c61006e4fd40"
Vary
Host
Content-Type
image/gif
Connection
Keep-Alive
Strict-Transport-Security
max-age=15768000
Accept-Ranges
bytes
Keep-Alive
timeout=15, max=100
Content-Length
71725
pf
www.pronostic-facile.fr/widget/partner/script/ Frame 187A
Redirect Chain
  • http://www.pronostic-facile.fr/widget/partner/script/pf
  • https://www.pronostic-facile.fr/widget/partner/script/pf
239 B
903 B 		Script
General
Check archive.org
Download Go to
Full URL
https://www.pronostic-facile.fr/widget/partner/script/pf
Requested by
Host: www.expressturf.net
URL: http://www.expressturf.net/pronos/eurogagnant/
Protocol
H2
Server
2606:4700:3034::ac43:c8d8 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
88518a6eb401461a4de73806315ecb7292d347fcba058e8edd1470aa5349bbc1

Request headers

accept-language
fr-FR,fr;q=0.9
Referer
http://www.expressturf.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36

Response headers

x-runtime
1
date
Sat, 18 Jun 2022 16:16:14 GMT
content-encoding
br
cf-cache-status
DYNAMIC
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=jru1NA2aYFyaXKSVtw92gsKslJDclhnI%2FCWuLv9uY%2B0Li6KOVXW%2FrabgeAOI8d4dhe9VlP3b05jzV%2BjVVjm4QQCACu6LpQ3PhydzdXY%2B35BhYYzu4QL0GfI5GtE%2F%2BoALcB2NMqPEjBPvAaMl1qyY4AcdFkn3YA%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
text/html; charset=utf-8
cache-control
private, max-age=0, must-revalidate
cf-ray
71d554093fd3ee58-CDG
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400

Redirect headers

Date
Sat, 18 Jun 2022 16:16:14 GMT
CF-Cache-Status
DYNAMIC
NEL
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Server
cloudflare
Transfer-Encoding
chunked
Report-To
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=zjzSyVMLiFaFifXtBqS4mtejM91lQoB2%2FrCa92QXn%2F9qJ1n%2ByQSomusxeMufJnDxtmoXILcfXPrDlB%2FvLq%2BHoO6THoayV%2Bs9ggY3fbnxNnOIQ4XHx8JvgEXxFi1Jy3dGOZzGmYZLzlvnjlMlhGnNPqZI7ioqmw%3D%3D"}],"group":"cf-nel","max_age":604800}
Content-Type
text/html
Location
https://www.pronostic-facile.fr/widget/partner/script/pf
Connection
keep-alive
CF-RAY
71d55408784f40cf-CDG
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
jockey.jpg
www.expressturf.net/pronos/eurogagnant/ Frame 187A 		13 KB
14 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
http://www.expressturf.net/pronos/eurogagnant/jockey.jpg
Requested by
Host: www.expressturf.net
URL: http://www.expressturf.net/pronos/eurogagnant/
Protocol
HTTP/1.1
Server
194.150.236.166 , France, ASN44976 (HIWIT_AS, FR),
Reverse DNS
ns6.hiwit.net
Software
Apache /
Resource Hash
9aec3d0737f3100effed564263fc343871ab63ac47eed5a397012ebd706db5b4

Request headers

accept-language
fr-FR,fr;q=0.9
Referer
http://www.expressturf.net/pronos/eurogagnant/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36

Response headers

Date
Sat, 18 Jun 2022 16:16:14 GMT
Last-Modified
Tue, 03 Nov 2020 10:51:25 GMT
Server
Apache
ETag
"186a61e-351d-5b331a4e82540"
Vary
Host
Content-Type
image/jpeg
Connection
Keep-Alive
Accept-Ranges
bytes
Keep-Alive
timeout=15, max=100
Content-Length
13597
checkout.apu
payment.allopass.com/buy/ Frame 187A 		11 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://payment.allopass.com/buy/checkout.apu?ids=338577&idd=1553518&lang=fr
Requested by
Host: www.expressturf.net
URL: http://www.expressturf.net/pronos/eurogagnant/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
185.119.26.1 , France, ASN203544 (WEBDEVIIN-AS, FR),
Reverse DNS
1.26.119.185.in-addr.arpa
Software
Apache /
Resource Hash
ef7da9876e483febca37a9cbe5ad1424349958d127b151f365929e3dcab68c7e

Request headers

accept-language
fr-FR,fr;q=0.9
Referer
http://www.expressturf.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36

Response headers

Pragma
no-cache
Date
Sat, 18 Jun 2022 16:16:14 GMT
Content-Encoding
gzip
Server
Apache
Vary
Accept-Encoding
P3P
CP='NON NID OTPa OUR NOR' policy-ref='http://payment.allopass.com/info/p3p/policy-references.xml'
Cache-Control
no-store, no-cache, must-revalidate, post-check=0, pre-check=0
Connection
close
Content-Type
text/html
Content-Length
2961
Expires
Thu, 19 Nov 1981 08:52:00 GMT
/
www.expressturf.net/pronos/eurogagnant/ Frame 187A 		5 KB
5 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
http://www.expressturf.net/pronos/eurogagnant/
Requested by
Host: www.expressturf.net
URL: http://www.expressturf.net/pronos/eurogagnant/
Protocol
HTTP/1.1
Server
194.150.236.166 , France, ASN44976 (HIWIT_AS, FR),
Reverse DNS
ns6.hiwit.net
Software
Apache /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
fr-FR,fr;q=0.9
Referer
http://www.expressturf.net/pronos/eurogagnant/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36

Response headers

Pragma
no-cache
Date
Sat, 18 Jun 2022 16:16:14 GMT
Server
Apache
Vary
Host
Content-Type
text/html
Cache-Control
no-store, no-cache, must-revalidate, post-check=0, pre-check=0
Transfer-Encoding
chunked
Connection
Keep-Alive
Keep-Alive
timeout=15, max=100
Expires
Thu, 19 Nov 1981 08:52:00 GMT
/
www.expressturf.net/ Frame 187A
Redirect Chain
  • http://www.expressturf.net/pronos/eurogagnant/h2.png
  • http://www.expressturf.net/
2 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
http://www.expressturf.net/
Requested by
Host: www.expressturf.net
URL: http://www.expressturf.net/pronos/eurogagnant/
Protocol
HTTP/1.1
Server
194.150.236.166 , France, ASN44976 (HIWIT_AS, FR),
Reverse DNS
ns6.hiwit.net
Software
Apache /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
fr-FR,fr;q=0.9
Referer
http://www.expressturf.net/pronos/eurogagnant/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36

Response headers

Pragma
no-cache
Date
Sat, 18 Jun 2022 16:16:14 GMT
Server
Apache
Vary
Host
Content-Type
text/html
Cache-Control
no-store, no-cache, must-revalidate, post-check=0, pre-check=0
Transfer-Encoding
chunked
Connection
Keep-Alive
Keep-Alive
timeout=15, max=99
Expires
Thu, 19 Nov 1981 08:52:00 GMT

Redirect headers

Location
http://www.expressturf.net/
Date
Sat, 18 Jun 2022 16:16:14 GMT
Server
Apache
Connection
Keep-Alive
Keep-Alive
timeout=15, max=100
Content-Length
211
Content-Type
text/html; charset=iso-8859-1
alternate-barre.htm
www.venez.fr/ Frame E243 		2 KB
1 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://www.venez.fr/alternate-barre.htm
Requested by
Host: www.eurogagnant.c4.fr
URL: http://www.eurogagnant.c4.fr/barre-eurogagnant.c4.fr.html
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
5.135.149.81 , France, ASN16276 (OVH, FR),
Reverse DNS
web3.venez.net
Software
Apache /
Resource Hash
8605a8cb9d30199371ff58320f725533a3b2e3bd852ceb7d465fed0f4497d57c

Request headers

Referer
http://www.eurogagnant.c4.fr/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36
accept-language
fr-FR,fr;q=0.9

Response headers

Connection
Keep-Alive
Content-Encoding
gzip
Content-Length
874
Content-Type
text/html; charset=iso-8859-1
Date
Sat, 18 Jun 2022 16:16:13 GMT
Keep-Alive
timeout=5, max=99
Server
Apache
Vary
Accept-Encoding
barre90.gif
www.venez.fr/images/ Frame D685 		110 B
416 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.venez.fr/images/barre90.gif
Requested by
Host: www.eurogagnant.c4.fr
URL: http://www.eurogagnant.c4.fr/barre-eurogagnant.c4.fr.html
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
5.135.149.81 , France, ASN16276 (OVH, FR),
Reverse DNS
web3.venez.net
Software
Apache /
Resource Hash
49d4ba84e10d9d1f2a83956dde4f20625fd11efc01f60a3a4552a9e09a05a74f

Request headers

accept-language
fr-FR,fr;q=0.9
Referer
http://www.eurogagnant.c4.fr/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36

Response headers

Date
Sat, 18 Jun 2022 16:16:13 GMT
Last-Modified
Thu, 15 Nov 2018 22:06:23 GMT
Server
Apache
ETag
"6e-57abb42dff5c0"
Content-Type
image/gif
Cache-Control
max-age=604800, public
Connection
Keep-Alive
Accept-Ranges
bytes
Keep-Alive
timeout=5, max=99
Content-Length
110
120x60.gif
www.venez.fr/images/ Frame E243 		4 KB
4 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.venez.fr/images/120x60.gif
Requested by
Host: www.venez.fr
URL: https://www.venez.fr/alternate-barre.htm
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
5.135.149.81 , France, ASN16276 (OVH, FR),
Reverse DNS
web3.venez.net
Software
Apache /
Resource Hash
7dc792d48132ff15a9ad8c11a139bf26f8e13aa3df30a71582ae406ddffdab4f

Request headers

accept-language
fr-FR,fr;q=0.9
Referer
https://www.venez.fr/alternate-barre.htm
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36

Response headers

Date
Sat, 18 Jun 2022 16:16:13 GMT
Last-Modified
Wed, 02 Mar 2011 00:16:24 GMT
Server
Apache
ETag
"f4c-49d74d2b9c600"
Content-Type
image/gif
Cache-Control
max-age=604800, public
Connection
Keep-Alive
Accept-Ranges
bytes
Keep-Alive
timeout=5, max=98
Content-Length
3916
site.js
www.venez.fr/js/ Frame E243 		2 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.venez.fr/js/site.js?www.venez.fr
Requested by
Host: www.venez.fr
URL: https://www.venez.fr/alternate-barre.htm
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
5.135.149.81 , France, ASN16276 (OVH, FR),
Reverse DNS
web3.venez.net
Software
Apache /
Resource Hash
0c91a24c2deb753c963c48cd9c3e5d16ee96128b30bce193c4324e121728c306

Request headers

accept-language
fr-FR,fr;q=0.9
Referer
https://www.venez.fr/alternate-barre.htm
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36

Response headers

Date
Sat, 18 Jun 2022 16:16:13 GMT
Content-Encoding
gzip
Last-Modified
Sat, 18 Jun 2022 16:16:13 GMT
Server
Apache
Vary
Accept-Encoding
Content-Type
application/javascript
Cache-Control
public, max-age=604800
Connection
Keep-Alive
Keep-Alive
timeout=5, max=98
Content-Length
1023
Expires
Sat, 25 Jun 2022 16:16:13 GMT
barre90.gif
www.venez.fr/images/ Frame E243 		110 B
416 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.venez.fr/images/barre90.gif
Requested by
Host: www.venez.fr
URL: https://www.venez.fr/alternate-barre.htm
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
5.135.149.81 , France, ASN16276 (OVH, FR),
Reverse DNS
web3.venez.net
Software
Apache /
Resource Hash
49d4ba84e10d9d1f2a83956dde4f20625fd11efc01f60a3a4552a9e09a05a74f

Request headers

accept-language
fr-FR,fr;q=0.9
Referer
https://www.venez.fr/alternate-barre.htm
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36

Response headers

Date
Sat, 18 Jun 2022 16:16:13 GMT
Last-Modified
Thu, 15 Nov 2018 22:06:23 GMT
Server
Apache
ETag
"6e-57abb42dff5c0"
Content-Type
image/gif
Cache-Control
max-age=604800, public
Connection
Keep-Alive
Accept-Ranges
bytes
Keep-Alive
timeout=5, max=97
Content-Length
110
show_ads_impl_with_ama_fy2019.js
pagead2.googlesyndication.com/pagead/managed/js/adsense/m202206140101/ Frame D685 		340 KB
120 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202206140101/show_ads_impl_with_ama_fy2019.js?client=ca-pub-5203714787387788&plah=www.eurogagnant.c4.fr
Requested by
Host: pagead2.googlesyndication.com
URL: http://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:811::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
810a7c2d907ae61a666f07ae95cfefa761ff12e23b8c1600b910c183512452df
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
fr-FR,fr;q=0.9
Referer
http://www.eurogagnant.c4.fr/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36

Response headers

date
Sat, 18 Jun 2022 16:16:14 GMT
content-encoding
gzip
x-content-type-options
nosniff
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
122734
x-xss-protection
0
server
cafe
etag
14621270121510254121
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
cache-control
private, max-age=3600, stale-while-revalidate=3600
timing-allow-origin
*
expires
Sat, 18 Jun 2022 16:16:14 GMT
zrt_lookup.html
googleads.g.doubleclick.net/pagead/html/r20220615/r20190131/ Frame 5E22 		10 KB
5 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/html/r20220615/r20190131/zrt_lookup.html
Requested by
Host: pagead2.googlesyndication.com
URL: http://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
de317176fa6b64a8e89bbd45d20b6be2560bbfa96e7e53e63eb754e18bfe6c1f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
http://www.eurogagnant.c4.fr/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36
accept-language
fr-FR,fr;q=0.9

Response headers

age
72026
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
public, max-age=1209600
content-encoding
gzip
content-length
4412
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Fri, 17 Jun 2022 20:15:48 GMT
etag
8616628553774171045
expires
Fri, 01 Jul 2022 20:15:48 GMT
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server
cafe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
all
www.pronostic-facile.fr/widget/partner/pf/ Frame 08E5 		16 KB
6 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://www.pronostic-facile.fr/widget/partner/pf/all
Requested by
Host: www.pronostic-facile.fr
URL: http://www.pronostic-facile.fr/widget/partner/script/pf
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3034::ac43:c8d8 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e63601a07c7f4cbc35d413ee55c8a1abdfced23559701127e7208c48312ae876

Request headers

Referer
http://www.expressturf.net/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36
accept-language
fr-FR,fr;q=0.9

Response headers

alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
cache-control
private, max-age=0, must-revalidate
cf-cache-status
DYNAMIC
cf-ray
71d55409e870ee58-CDG
content-encoding
br
content-type
text/html; charset=utf-8
date
Sat, 18 Jun 2022 16:16:14 GMT
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=P4Li1iQum2aCKQEA2JkynC5k4geVmm4FW2ZkT3L7zcy1tH4QBD9ixbq8pHsZfVyqbwnLad3rlNR57oFJDHeIQGpJ13ddKDwF7Fz11a2oPnWiyy2FlIlDPmJzoV%2FAlFpU6LAbTHVbrZ8WYCIqGuHwhHSU%2FObTPQ%3D%3D"}],"group":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
x-runtime
2
js
www.googletagmanager.com/gtag/ Frame 08E5 		101 KB
39 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtag/js?id=UA-630351-12
Requested by
Host: www.pronostic-facile.fr
URL: https://www.pronostic-facile.fr/widget/partner/pf/all
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:811::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
e51b059b108ab049c579f38dd6bc3c08701ece63b17e0257e56959b6cd7dca39
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

accept-language
fr-FR,fr;q=0.9
Referer
https://www.pronostic-facile.fr/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36

Response headers

date
Sat, 18 Jun 2022 16:16:14 GMT
content-encoding
br
vary
Accept-Encoding
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
39799
x-xss-protection
0
last-modified
Sat, 18 Jun 2022 15:00:00 GMT
server
Google Tag Manager
strict-transport-security
max-age=31536000; includeSubDomains
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
access-control-allow-headers
Cache-Control
expires
Sat, 18 Jun 2022 16:16:14 GMT
truncated
/ Frame 08E5 		1 KB
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
cc1f17eb97dc9ae2e869982ff18c92729195281f5b6b685128e10778b24e73a3

Request headers

accept-language
fr-FR,fr;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36

Response headers

Content-Type
image/png
cookie.js
partner.googleadservices.com/gampad/ Frame D685 		209 B
641 B 		Script
General
Check archive.org
Download Go to
Full URL
https://partner.googleadservices.com/gampad/cookie.js?domain=www.eurogagnant.c4.fr&callback=_gfp_s_&client=ca-pub-5203714787387788
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202206140101/show_ads_impl_with_ama_fy2019.js?client=ca-pub-5203714787387788&plah=www.eurogagnant.c4.fr
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.217.18.2 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra02s19-in-f2.1e100.net
Software
cafe /
Resource Hash
f7d358e35deda6f6897ce76d181d72f6caf1f73f45e39835d7446b3693566f4f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
fr-FR,fr;q=0.9
Referer
http://www.eurogagnant.c4.fr/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36

Response headers

date
Sat, 18 Jun 2022 16:16:14 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-type
text/javascript; charset=UTF-8
cache-control
private
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
196
x-xss-protection
0
integrator.js
adservice.google.fr/adsid/ Frame D685 		107 B
792 B 		Script
General
Check archive.org
Download Go to
Full URL
https://adservice.google.fr/adsid/integrator.js?domain=www.eurogagnant.c4.fr
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202206140101/show_ads_impl_with_ama_fy2019.js?client=ca-pub-5203714787387788&plah=www.eurogagnant.c4.fr
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:801::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
fr-FR,fr;q=0.9
Referer
http://www.eurogagnant.c4.fr/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36

Response headers

timing-allow-origin
*
date
Sat, 18 Jun 2022 16:16:14 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control
private, no-cache, no-store
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
application/javascript; charset=UTF-8
alt-svc
h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length
100
x-xss-protection
0
integrator.js
adservice.google.com/adsid/ Frame D685 		107 B
549 B 		Script
General
Check archive.org
Download Go to
Full URL
https://adservice.google.com/adsid/integrator.js?domain=www.eurogagnant.c4.fr
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202206140101/show_ads_impl_with_ama_fy2019.js?client=ca-pub-5203714787387788&plah=www.eurogagnant.c4.fr
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:400e:801::2002 , Ireland, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
fr-FR,fr;q=0.9
Referer
http://www.eurogagnant.c4.fr/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36

Response headers

timing-allow-origin
*
date
Sat, 18 Jun 2022 16:16:14 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control
private, no-cache, no-store
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
application/javascript; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
100
x-xss-protection
0
ads
googleads.g.doubleclick.net/pagead/ Frame 9446 		17 KB
8 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5203714787387788&output=html&h=90&slotname=4563536207&adk=2647235303&adf=3604715433&pi=t.ma~as.4563536207&w=970&psa=0&format=970x90&url=http%3A%2F%2Fwww.eurogagnant.c4.fr%2F&ea=0&wgl=1&dt=1655568974348&bpp=3&bdt=355&idt=196&shv=r20220615&mjsv=m202206140101&ptt=9&saldr=aa&correlator=6355545147054&frm=23&ife=1&pv=2&ga_vid=114212745.1655568975&ga_sid=1655568975&ga_hid=1283683902&ga_fc=0&nhd=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&adx=20&ady=0&biw=1600&bih=1200&isw=1600&ish=90&ifk=3845729909&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759842%2C31067629%2C31068031&oid=2&pvsid=2189768126325910&tmod=316383327&uas=0&nvt=1&eae=2&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C90&vis=1&rsz=o%7Co%7CaeE%7C&abl=NA&pfx=0&fu=4&bc=23&ifi=1&uci=1.vghu9iigy26c&fsb=1&dtd=216
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202206140101/show_ads_impl_with_ama_fy2019.js?client=ca-pub-5203714787387788&plah=www.eurogagnant.c4.fr
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
12274a6d735b640c7801b589da0ea3111cc936f54f69356e89df0d5257dbf4aa
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
http://www.eurogagnant.c4.fr/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36
accept-language
fr-FR,fr;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
private
content-encoding
br
content-length
8146
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Sat, 18 Jun 2022 16:16:14 GMT
expires
Sat, 18 Jun 2022 16:16:14 GMT
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server
cafe
timing-allow-origin
*
x-content-type-options
nosniff
x-xss-protection
0
analytics.js
www.google-analytics.com/ Frame 08E5 		49 KB
20 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/analytics.js
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=UA-630351-12
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:831::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
a1925038db769477ab74b4df34350c35688a795bb718727b0f4292a4a78a6210
Security Headers
Name Value
Strict-Transport-Security max-age=10886400; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
fr-FR,fr;q=0.9
Referer
https://www.pronostic-facile.fr/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36

Response headers

strict-transport-security
max-age=10886400; includeSubDomains; preload
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Wed, 13 Apr 2022 21:02:38 GMT
server
Golfe2
age
4285
date
Sat, 18 Jun 2022 15:04:49 GMT
vary
Accept-Encoding
content-type
text/javascript
cache-control
public, max-age=7200
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
20006
expires
Sat, 18 Jun 2022 17:04:49 GMT
gtm.js
www.googletagmanager.com/ Frame 187A 		102 KB
39 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtm.js?id=GTM-NHFGDSD
Requested by
Host: payment.allopass.com
URL: https://payment.allopass.com/buy/checkout.apu?ids=338577&idd=1553518&lang=fr
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:811::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
49bbdba8f720f63092875841946af781c35db165f4fa69c69d766374fba15f38
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

accept-language
fr-FR,fr;q=0.9
Referer
http://www.expressturf.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36

Response headers

date
Sat, 18 Jun 2022 16:16:14 GMT
content-encoding
br
vary
Accept-Encoding
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
40067
x-xss-protection
0
last-modified
Sat, 18 Jun 2022 15:00:00 GMT
server
Google Tag Manager
strict-transport-security
max-age=31536000; includeSubDomains
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
access-control-allow-headers
Cache-Control
expires
Sat, 18 Jun 2022 16:16:14 GMT
buy-button.css
payment.allopass.com/static/css/ Frame 187A 		2 KB
830 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://payment.allopass.com/static/css/buy-button.css?1
Requested by
Host: payment.allopass.com
URL: https://payment.allopass.com/buy/checkout.apu?ids=338577&idd=1553518&lang=fr
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
185.119.26.1 , France, ASN203544 (WEBDEVIIN-AS, FR),
Reverse DNS
1.26.119.185.in-addr.arpa
Software
Apache /
Resource Hash
95eb15e76b752a9c78d6281cd3b7c43a8fbc2931783edf3bf3703af55eff06e2

Request headers

accept-language
fr-FR,fr;q=0.9
Referer
http://www.expressturf.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36

Response headers

Date
Sat, 18 Jun 2022 16:16:14 GMT
Content-Encoding
gzip
Last-Modified
Tue, 16 Nov 2021 13:36:55 GMT
Server
Apache
ETag
"24bbe-69a-5d0e804cbabc0"
Vary
Accept-Encoding
Content-Type
text/css
Connection
close
Accept-Ranges
bytes
Content-Length
546
162x56.png
payment.allopass.com/static/buy/button/fr/ Frame 187A 		6 KB
6 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://payment.allopass.com/static/buy/button/fr/162x56.png
Requested by
Host: www.expressturf.net
URL: http://www.expressturf.net/pronos/eurogagnant/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
185.119.26.1 , France, ASN203544 (WEBDEVIIN-AS, FR),
Reverse DNS
1.26.119.185.in-addr.arpa
Software
Apache /
Resource Hash
7dd9659e56e92abc376e04d427903b2cfca1d52d854d38e35fefa4cf9e7fd9db

Request headers

accept-language
fr-FR,fr;q=0.9
Referer
http://www.expressturf.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36

Response headers

Date
Sat, 18 Jun 2022 16:16:14 GMT
Last-Modified
Tue, 16 Nov 2021 13:36:55 GMT
Server
Apache
ETag
"218f3-1688-5d0e804cbabc0"
Content-Type
image/png
Connection
close
Accept-Ranges
bytes
Content-Length
5768
analytics.js
www.google-analytics.com/ Frame 187A 		49 KB
20 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/analytics.js
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-NHFGDSD
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:831::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
a1925038db769477ab74b4df34350c35688a795bb718727b0f4292a4a78a6210
Security Headers
Name Value
Strict-Transport-Security max-age=10886400; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
fr-FR,fr;q=0.9
Referer
http://www.expressturf.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36

Response headers

strict-transport-security
max-age=10886400; includeSubDomains; preload
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Wed, 13 Apr 2022 21:02:38 GMT
server
Golfe2
age
4285
date
Sat, 18 Jun 2022 15:04:49 GMT
vary
Accept-Encoding
content-type
text/javascript
cache-control
public, max-age=7200
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
20006
expires
Sat, 18 Jun 2022 17:04:49 GMT
pixel
googleads.g.doubleclick.net/xbbe/ Frame C10D 		624 B
300 B 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/xbbe/pixel?d=CPDkLxCZw2EY16frwgEwAQ&v=APEucNXUOKz5UeNvwKeDsHCIHTJ0g7lqcWus7TtCO3JRh0dHj8sq5oeFx6rWdJNT6zgsmkia-zobaW75SSiTrhHZzOXSbPY07mVAPB_akgad3fSt4UQrZBpYQSzN9qyy3h81WuqO6ZkezwU6hiHsHp_rRafqMiO_6S1rPGybqMliV5BJSintDOU
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5203714787387788&output=html&h=90&slotname=4563536207&adk=2647235303&adf=3604715433&pi=t.ma~as.4563536207&w=970&psa=0&format=970x90&url=http%3A%2F%2Fwww.eurogagnant.c4.fr%2F&ea=0&wgl=1&dt=1655568974348&bpp=3&bdt=355&idt=196&shv=r20220615&mjsv=m202206140101&ptt=9&saldr=aa&correlator=6355545147054&frm=23&ife=1&pv=2&ga_vid=114212745.1655568975&ga_sid=1655568975&ga_hid=1283683902&ga_fc=0&nhd=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&adx=20&ady=0&biw=1600&bih=1200&isw=1600&ish=90&ifk=3845729909&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759842%2C31067629%2C31068031&oid=2&pvsid=2189768126325910&tmod=316383327&uas=0&nvt=1&eae=2&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C90&vis=1&rsz=o%7Co%7CaeE%7C&abl=NA&pfx=0&fu=4&bc=23&ifi=1&uci=1.vghu9iigy26c&fsb=1&dtd=216
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
9ff367082be1d94abc86ad1e75ff921cc5d53846e860267372fade66305f9120
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5203714787387788&output=html&h=90&slotname=4563536207&adk=2647235303&adf=3604715433&pi=t.ma~as.4563536207&w=970&psa=0&format=970x90&url=http%3A%2F%2Fwww.eurogagnant.c4.fr%2F&ea=0&wgl=1&dt=1655568974348&bpp=3&bdt=355&idt=196&shv=r20220615&mjsv=m202206140101&ptt=9&saldr=aa&correlator=6355545147054&frm=23&ife=1&pv=2&ga_vid=114212745.1655568975&ga_sid=1655568975&ga_hid=1283683902&ga_fc=0&nhd=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&adx=20&ady=0&biw=1600&bih=1200&isw=1600&ish=90&ifk=3845729909&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759842%2C31067629%2C31068031&oid=2&pvsid=2189768126325910&tmod=316383327&uas=0&nvt=1&eae=2&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C90&vis=1&rsz=o%7Co%7CaeE%7C&abl=NA&pfx=0&fu=4&bc=23&ifi=1&uci=1.vghu9iigy26c&fsb=1&dtd=216
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36
accept-language
fr-FR,fr;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
private
content-encoding
gzip
content-length
276
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Sat, 18 Jun 2022 16:16:14 GMT
expires
Sat, 18 Jun 2022 16:16:14 GMT
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server
cafe
timing-allow-origin
*
x-content-type-options
nosniff
x-xss-protection
0
ad
googleads.g.doubleclick.net/dbm/ Frame 39D9 		76 KB
32 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-DhK85E14YLbXEE8ea-wYfv24yjhcrPMTH3XfVll6geeDOrcB14yvJ488CpTG5f2mH2aS-lSEasnskdEfgGSQ3w7W6eCQ&cry=1&dbm_d=AKAmf-C1h74DPSYvy36MUMuhQO6xqFkE6jkVWRJR3NTho0hKQXHgjDUS2S-YU88mKyChqL6amjCm4XY_Is_7ZFcDa6nfOrIME3qAWBNmzHzKi-JZOqEhBxZNfQGmQ6iPvFjcHFPIWkvNo9G-MKy8temxhyIqc_rQIzwGw5Zbj0e9YUKhnqYxNITI-GgdyDie3Gk9f1Y9NqvSoyl5doy8VYPwPH5kr32a-db1qOAf9rhGMEqjVRXcg-uAJGpV5XzbijM6TdMSWuSCVcW0fNkse0R3Pt4tz8_Eq4qBWefpDH6tgC_ZZjajVfAEa7Q5o0-qXUZfNz58iPvOjrkGFXiu4oJ8Cvt98GnuN037A_kSpaCPMG383Hwo36XkQtMIJ34cACRK3_FALmxyCL0UYUv5yFgr1_shYC4xqNfM3CKPeUqmFAEmIdtugm5939QHBLnxtXcPDCT-2HA0YWyVX0opo5-93Xx2ZcR8rggH93g--4EQHNyCEtQUD1xwApl9HxlQsgcy0xXLPdEbDNma8pp8g3zllUH1GyPUi3e1Fcqt_BEJPG4Dkdo8YOOP22f2h7P1KSNm4nCYbmYsEYqAT2D8hhZ47gbz3kL-dUeqS3p4_BHigMiK_aXtt5Dzp815Y512E0MPeg3OgtzqJpcg9_QYuJrgHZb18b5XSsaCbXX9s8cXbjEZ3b-pU8sL5B2w-s4l3TwDofyz4fqvH7qu3O5DF6EQwWkCU6hk5iveKlhJwuoL_mL4cQ3HPsDZ7hzzoMjvKePXUhH14SyShfhaF1iriWm-ekrOigvAA7g5Lgy5KmN7gp4s6aVMp7OLmN0T2XqF_0lFJfLMB4CyjMQR39xb2u1ZuGTRiqb4ZKY5dBgum9fZuwmaWZmLp1lPX1xlMfPSmL3S18h_lns9lc8yzEZjv6OHJ1o7eJxj4I9rT0S0LvxgSYhhjdYKn9gjrkYdvW-ufi-LV_x_zPWloAbO5JmxzNx961nPiUqmRT96Hf4NpzLcrQE-HykSat-Zw4mHaAMCB4GXG4Z7JWWJSJdiHLRwH_ToiA88lfDs_ASom0LngtSUnPkrnOr7GVUaakWLwK3JvKVgGrYGZ8-D68hLKHHWeXFdS7RRUAQZU5DdrNG_Ex-9tzVfRolcWt2JZD03fZNH5tBieWe_k9McDxHaXbd7l1D-UcCqkd1F6fEIfwBgiaG0ZB1STVDnceMdQ3bZCTPoZkUR1tkUJpcWLVo5eKxDcz0ZSrZxegJUmVvqZmEZrJUryQ0FCp0wLJc-pOpY2pmf6r0pZmj54NuSU_pejNsQeB3q-7rAoqhtXMHbmJVGrkwVxSBq0fGeRFCWn50A9dvkADSXHKZW9Pe2VK-goQGK9P9xF4bnWGl0CwkAfR7oOhlRZV1JPvVJwmuihZacsOxuO2UbCo4FK9AeBou4jsdlLuQouuK1Pq-ynrQf3xuWGuuJgnX_QAK2sGty1-LrJz2SnDEWULNN_hn0jIekULdRBF2cZ3HK6nZc_sGMqsHk9lhuB9xF-NPhwMQwwPGOUv4rxaRTZBNW2IQu7hzm8w9UfOgTccEju2ykSFCYOEQgo2ZCuzvjLd7OUTclrDYga4SSTGoKxDQbMLudvvVplHrxgmuRmWEc27QUbIOleVQBEyvDZ6AEgys6odAxNcX4ygiiYXJBLmRLOTDXudK_9c2Y9lDmnK8cKFwjf6-ESz2k-f6anJcsFtSkAgmjhHpO3_DK3Lc3KsBeuPiMNZNXohNUhezdRBdrk0BhIxcAPWq2vHDbwWiR2Zylye_ytE3fNTdHdyZqrhCQZfJlTcX6EX74IMutBP8i8nv52CMYgrFIhUkdi2yA3FFpdgBBgSWud_93exluu7y3jcysxvs2jTDFgyJZRNz2pw1L4zoWtVJG3KXPYQvnC8X5-gfObPvQR_51a3CkVqtpVQkE86EKKYt0OuV2if1rR4ArDD_YLNFNW3No7BC3QHuehH8fj-Icw6ddQYcRiataTw2Roey7TE1zsWQ7em_5ypenPCEQvFHG-B--CZeM_H8uql_4crGtutQ9j__ic7MEu5reHXnCp4YF1TakI4CmAHn23H_B4Wy_Iy__T4Re5uxFXYFjgjHBBxpiw0AgHiTDa-76sKCdPtJKiFvpE_zWCJRcI4WnGgNF3cJiWWywUH_QqLqIke-wnclRpKuE5aItAzvYB9f2BPjJAxgl4BNY4xGPIHeRFuH2ByTkhX0lhcKGNjEX-Qa4yxWzi6vQEVda4Lb61y3QWLh7qIFEQe1rWhm-exBJ_m3gHoiFxJ-83ThkMLNFt1La70BJNsY1tqkRwkVYz9tTdL6XSgX6i8QGUD6UvmVwC519hkMaZRxO3CWtNnrTFbFz0dRjcbQAy8TI0_wBgm4ce8V1amKTITDyBblDeoJ7tuaegsgfmV-UolLLjZXA64saWzK_o7dQJkCHdkdS1SCbnfgFCTw1MhPa9dMBhe1_TI4RenS__9T9cN_twYN_Tw2eJ4jZHpvyZZrqq5UPttXdgtrAWB6snXOWDasK8aXpmtPAl1lprJw-GW3AdzaMiZb_DK9S08-C-k9MLGrfxZvDvkDUv9vQRaPVKDeCbNj3a2a2QRoiwuvbLzfUHzUkltKbeKGcM-GYMoVjx9coV3HLeDaWvxorOpLtYrHzgwZYplf-QUDnjwXUg7z-0oAN5oMm_rfLk8f1_C1TWanpErqMuZHNWa8uiRrNtjAtuQTweVSDjFYiOb19EcrlPpDhzu5o3SQi_R4f8kgEjOGdexKiRVtmGwI-0XNuQ35wvTVoFILFXilvyT9saWu8t28ltOB4hyfQgEl8sLo4KIoXl14prcnzp426jDtCl1W98SZog92VB7RpV2m7iMjOYndrKnzBH5tQ8xRxBWp3yuC2XfQjca8EsiMEnpUHDcS-s_9RVYpylVYLo-c5UE0HK_oaxl-PyTCSawuqDPDMvNd_uP-kFhnFBBs9dBu_i8e8dzqeJStj4mEfD4QZ-uL86y-S1SzI74AjWchFKbRK6Y6Tc72l0FJKZDuq0AHEt1QowCEuM1uQ9hV-supBgre3krwC_vn05EOh-VS7idNa2FTGaESi-NAMDAdN-gLxsF-ToNVtn_KbtHS_IJ1c4_b5JrrtEclmwAMOpcSEm-OV-Bgi&cid=CAASBORov08&rfl=3%2Chttp%253A%252F%252Fwww.eurogagnant.c4.fr%242%2Chttp%253A%252F%252Fwww.eurogagnant.c4.fr%252F%240
Requested by
Host: www.eurogagnant.c4.fr
URL: http://www.eurogagnant.c4.fr/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
dc0ca01bd32bd667eb3847d0da1f130258377011013f33ed451056f64833b47c
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
fr-FR,fr;q=0.9
Referer
https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5203714787387788&output=html&h=90&slotname=4563536207&adk=2647235303&adf=3604715433&pi=t.ma~as.4563536207&w=970&psa=0&format=970x90&url=http%3A%2F%2Fwww.eurogagnant.c4.fr%2F&ea=0&wgl=1&dt=1655568974348&bpp=3&bdt=355&idt=196&shv=r20220615&mjsv=m202206140101&ptt=9&saldr=aa&correlator=6355545147054&frm=23&ife=1&pv=2&ga_vid=114212745.1655568975&ga_sid=1655568975&ga_hid=1283683902&ga_fc=0&nhd=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&adx=20&ady=0&biw=1600&bih=1200&isw=1600&ish=90&ifk=3845729909&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759842%2C31067629%2C31068031&oid=2&pvsid=2189768126325910&tmod=316383327&uas=0&nvt=1&eae=2&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C90&vis=1&rsz=o%7Co%7CaeE%7C&abl=NA&pfx=0&fu=4&bc=23&ifi=1&uci=1.vghu9iigy26c&fsb=1&dtd=216
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 18 Jun 2022 16:16:14 GMT
content-encoding
br
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
text/javascript; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
32924
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
window_focus_fy2021.js
tpc.googlesyndication.com/pagead/js/r20220615/r20110914/client/ Frame 39D9 		3 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20220615/r20110914/client/window_focus_fy2021.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5203714787387788&output=html&h=90&slotname=4563536207&adk=2647235303&adf=3604715433&pi=t.ma~as.4563536207&w=970&psa=0&format=970x90&url=http%3A%2F%2Fwww.eurogagnant.c4.fr%2F&ea=0&wgl=1&dt=1655568974348&bpp=3&bdt=355&idt=196&shv=r20220615&mjsv=m202206140101&ptt=9&saldr=aa&correlator=6355545147054&frm=23&ife=1&pv=2&ga_vid=114212745.1655568975&ga_sid=1655568975&ga_hid=1283683902&ga_fc=0&nhd=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&adx=20&ady=0&biw=1600&bih=1200&isw=1600&ish=90&ifk=3845729909&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759842%2C31067629%2C31068031&oid=2&pvsid=2189768126325910&tmod=316383327&uas=0&nvt=1&eae=2&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C90&vis=1&rsz=o%7Co%7CaeE%7C&abl=NA&pfx=0&fu=4&bc=23&ifi=1&uci=1.vghu9iigy26c&fsb=1&dtd=216
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:812::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
8aa048082094d36080fc028ab1584264596c64fb5b362038c4761ac9838d6b14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
fr-FR,fr;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36

Response headers

date
Sat, 18 Jun 2022 16:11:45 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
270
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
1359
x-xss-protection
0
server
cafe
etag
1484984001845508991
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Sat, 02 Jul 2022 16:11:45 GMT
rx_lidar.js
www.googletagservices.com/activeview/js/current/ Frame 39D9 		137 KB
43 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5203714787387788&output=html&h=90&slotname=4563536207&adk=2647235303&adf=3604715433&pi=t.ma~as.4563536207&w=970&psa=0&format=970x90&url=http%3A%2F%2Fwww.eurogagnant.c4.fr%2F&ea=0&wgl=1&dt=1655568974348&bpp=3&bdt=355&idt=196&shv=r20220615&mjsv=m202206140101&ptt=9&saldr=aa&correlator=6355545147054&frm=23&ife=1&pv=2&ga_vid=114212745.1655568975&ga_sid=1655568975&ga_hid=1283683902&ga_fc=0&nhd=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&adx=20&ady=0&biw=1600&bih=1200&isw=1600&ish=90&ifk=3845729909&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759842%2C31067629%2C31068031&oid=2&pvsid=2189768126325910&tmod=316383327&uas=0&nvt=1&eae=2&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C90&vis=1&rsz=o%7Co%7CaeE%7C&abl=NA&pfx=0&fu=4&bc=23&ifi=1&uci=1.vghu9iigy26c&fsb=1&dtd=216
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
d43af314f4a32ff8d1981c5319400f692c2cab96494705a9ec46cb1c45483ee5
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
fr-FR,fr;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36

Response headers

date
Sat, 18 Jun 2022 16:16:15 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
43182
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="active-view-scs-read-write-acl"
etag
"1655318790223595"
vary
Accept-Encoding
report-to
{"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
expires
Sat, 18 Jun 2022 16:16:15 GMT
qs_click_protection_fy2021.js
tpc.googlesyndication.com/pagead/js/r20220615/r20110914/client/ Frame 39D9 		17 KB
8 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20220615/r20110914/client/qs_click_protection_fy2021.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5203714787387788&output=html&h=90&slotname=4563536207&adk=2647235303&adf=3604715433&pi=t.ma~as.4563536207&w=970&psa=0&format=970x90&url=http%3A%2F%2Fwww.eurogagnant.c4.fr%2F&ea=0&wgl=1&dt=1655568974348&bpp=3&bdt=355&idt=196&shv=r20220615&mjsv=m202206140101&ptt=9&saldr=aa&correlator=6355545147054&frm=23&ife=1&pv=2&ga_vid=114212745.1655568975&ga_sid=1655568975&ga_hid=1283683902&ga_fc=0&nhd=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&adx=20&ady=0&biw=1600&bih=1200&isw=1600&ish=90&ifk=3845729909&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759842%2C31067629%2C31068031&oid=2&pvsid=2189768126325910&tmod=316383327&uas=0&nvt=1&eae=2&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C90&vis=1&rsz=o%7Co%7CaeE%7C&abl=NA&pfx=0&fu=4&bc=23&ifi=1&uci=1.vghu9iigy26c&fsb=1&dtd=216
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:812::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
4d5862b3daeff2a0c52d69267a1eae566463c68bea47a8071dd9655c4c7c1192
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
fr-FR,fr;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36

Response headers

date
Sat, 18 Jun 2022 16:13:45 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
150
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
7312
x-xss-protection
0
server
cafe
etag
10280116914265038571
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Sat, 02 Jul 2022 16:13:45 GMT
gen_204
pagead2.googlesyndication.com/pagead/ Frame 39D9 		42 B
63 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=xbid&dbm_b=AKAmf-DdPCDyKxG3vG8czgGBntCZicyeiT2P8Or_EiUbZ-GxZexmCsquIPPm1zJJ-zVia9U7ojPh5JmhP3Jwg7kdY82aYmq8j3LvThB304ze-RviPfGLECc
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5203714787387788&output=html&h=90&slotname=4563536207&adk=2647235303&adf=3604715433&pi=t.ma~as.4563536207&w=970&psa=0&format=970x90&url=http%3A%2F%2Fwww.eurogagnant.c4.fr%2F&ea=0&wgl=1&dt=1655568974348&bpp=3&bdt=355&idt=196&shv=r20220615&mjsv=m202206140101&ptt=9&saldr=aa&correlator=6355545147054&frm=23&ife=1&pv=2&ga_vid=114212745.1655568975&ga_sid=1655568975&ga_hid=1283683902&ga_fc=0&nhd=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&adx=20&ady=0&biw=1600&bih=1200&isw=1600&ish=90&ifk=3845729909&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759842%2C31067629%2C31068031&oid=2&pvsid=2189768126325910&tmod=316383327&uas=0&nvt=1&eae=2&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C90&vis=1&rsz=o%7Co%7CaeE%7C&abl=NA&pfx=0&fu=4&bc=23&ifi=1&uci=1.vghu9iigy26c&fsb=1&dtd=216
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:811::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
fr-FR,fr;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 18 Jun 2022 16:16:15 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
rum
dsum-sec.casalemedia.com/ Frame C10D
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_dbm
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEGfLPBi1NLKYKZHlpkGVLEY&google_cver=1
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEGfLPBi1NLKYKZHlpkGVLEY&google_cver=1&C=1
43 B
783 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEGfLPBi1NLKYKZHlpkGVLEY&google_cver=1&C=1
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CPDkLxCZw2EY16frwgEwAQ&v=APEucNXUOKz5UeNvwKeDsHCIHTJ0g7lqcWus7TtCO3JRh0dHj8sq5oeFx6rWdJNT6zgsmkia-zobaW75SSiTrhHZzOXSbPY07mVAPB_akgad3fSt4UQrZBpYQSzN9qyy3h81WuqO6ZkezwU6hiHsHp_rRafqMiO_6S1rPGybqMliV5BJSintDOU
Protocol
HTTP/1.1
Server
2.20.157.55 Milan, Italy, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a2-20-157-55.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
fr-FR,fr;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36

Response headers

Pragma
no-cache
Date
Sat, 18 Jun 2022 16:16:15 GMT
Server
Apache
P3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Cache-Control
max-age=0, no-cache, no-store
Connection
keep-alive
Content-Type
image/gif
Content-Length
43
Expires
Sat, 18 Jun 2022 16:16:15 GMT

Redirect headers

Pragma
no-cache
Date
Sat, 18 Jun 2022 16:16:15 GMT
Server
Apache
P3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Location
/rum?cm_dsp_id=45&external_user_id=CAESEGfLPBi1NLKYKZHlpkGVLEY&google_cver=1&C=1
Cache-Control
max-age=0, no-cache, no-store
Connection
keep-alive
Content-Length
0
Expires
Sat, 18 Jun 2022 16:16:15 GMT
rum
dsum-sec.casalemedia.com/ Frame C10D
Redirect Chain
  • https://dsum-sec.casalemedia.com/rrum?ixi=0&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D
  • https://dsum-sec.casalemedia.com/rrum?cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D&cm_dsp_id=85&ixi=0&C=1
  • https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_hm=Yq36T.jZrDz5LvTgWcLkvAAA
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEC8je1bZKhVALBZ2JpYrF2E&google_cver=1&google_hm=2
43 B
783 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEC8je1bZKhVALBZ2JpYrF2E&google_cver=1&google_hm=2
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CPDkLxCZw2EY16frwgEwAQ&v=APEucNXUOKz5UeNvwKeDsHCIHTJ0g7lqcWus7TtCO3JRh0dHj8sq5oeFx6rWdJNT6zgsmkia-zobaW75SSiTrhHZzOXSbPY07mVAPB_akgad3fSt4UQrZBpYQSzN9qyy3h81WuqO6ZkezwU6hiHsHp_rRafqMiO_6S1rPGybqMliV5BJSintDOU
Protocol
HTTP/1.1
Server
2.20.157.55 Milan, Italy, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a2-20-157-55.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
fr-FR,fr;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36

Response headers

Pragma
no-cache
Date
Sat, 18 Jun 2022 16:16:15 GMT
Server
Apache
P3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Cache-Control
max-age=0, no-cache, no-store
Connection
keep-alive
Content-Type
image/gif
Content-Length
43
Expires
Sat, 18 Jun 2022 16:16:15 GMT

Redirect headers

pragma
no-cache
date
Sat, 18 Jun 2022 16:16:15 GMT
server
HTTP server (unknown)
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEC8je1bZKhVALBZ2JpYrF2E&google_cver=1&google_hm=2
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
text/html; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
329
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
setuid
ib.adnxs.com/ Frame C10D
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_cm&google_dbm
  • https://ib.adnxs.com/setuid?entity=101&code=CAESEO6g61b-nmvyR5ViqSjCYgM&google_cver=1
43 B
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ib.adnxs.com/setuid?entity=101&code=CAESEO6g61b-nmvyR5ViqSjCYgM&google_cver=1
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CPDkLxCZw2EY16frwgEwAQ&v=APEucNXUOKz5UeNvwKeDsHCIHTJ0g7lqcWus7TtCO3JRh0dHj8sq5oeFx6rWdJNT6zgsmkia-zobaW75SSiTrhHZzOXSbPY07mVAPB_akgad3fSt4UQrZBpYQSzN9qyy3h81WuqO6ZkezwU6hiHsHp_rRafqMiO_6S1rPGybqMliV5BJSintDOU
Protocol
HTTP/1.1
Server
185.33.220.243 Amsterdam, Netherlands, ASN29990 (ASN-APPNEX, US),
Reverse DNS
722.bm-nginx-loadbalancer.mgmt.ams1.adnexus.net
Software
nginx/1.21.3 /
Resource Hash
4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
fr-FR,fr;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36

Response headers

Pragma
no-cache
Date
Sat, 18 Jun 2022 16:16:15 GMT
X-Proxy-Origin
92.222.212.17; 92.222.212.17; 722.bm-nginx-loadbalancer.mgmt.ams1.adnexus.net; adnxs.com
AN-X-Request-Uuid
cf9077f6-e6e0-4ff8-a09e-106a230d7a0e
Server
nginx/1.21.3
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Accept-CH
Sec-CH-UA-Full-Version-List, Sec-CH-UA-Arch, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version, Sec-CH-UA-Bitness
Cache-Control
no-store, no-cache, private
Connection
keep-alive
Content-Type
image/gif
Content-Length
43
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT

Redirect headers

pragma
no-cache
date
Sat, 18 Jun 2022 16:16:15 GMT
server
HTTP server (unknown)
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location
https://ib.adnxs.com/setuid?entity=101&code=CAESEO6g61b-nmvyR5ViqSjCYgM&google_cver=1
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
text/html; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
290
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
pixel
cm.g.doubleclick.net/ Frame C10D
Redirect Chain
  • https://ib.adnxs.com/getuid?https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=${BASE64_UID_ENC}
  • https://ib.adnxs.com/bounce?%2Fgetuid%3Fhttps%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dappnexus%26google_hm%3D%24%7BBASE64_UID_ENC%7D
  • https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=MzA3NjU4MDM4NDI0OTY3Mzk4MA%3D%3D
170 B
243 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=MzA3NjU4MDM4NDI0OTY3Mzk4MA%3D%3D
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CPDkLxCZw2EY16frwgEwAQ&v=APEucNXUOKz5UeNvwKeDsHCIHTJ0g7lqcWus7TtCO3JRh0dHj8sq5oeFx6rWdJNT6zgsmkia-zobaW75SSiTrhHZzOXSbPY07mVAPB_akgad3fSt4UQrZBpYQSzN9qyy3h81WuqO6ZkezwU6hiHsHp_rRafqMiO_6S1rPGybqMliV5BJSintDOU
Protocol
H2
Server
172.217.18.2 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra02s19-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
fr-FR,fr;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 18 Jun 2022 16:16:15 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Date
Sat, 18 Jun 2022 16:16:15 GMT
Access-Control-Allow-Origin
*
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Connection
keep-alive
X-Proxy-Origin
92.222.212.17; 92.222.212.17; 722.bm-nginx-loadbalancer.mgmt.ams1.adnexus.net; adnxs.com
Content-Length
0
X-XSS-Protection
0
Pragma
no-cache
AN-X-Request-Uuid
fb377e69-948c-418b-9a1b-d7276d30135a
Server
nginx/1.21.3
Content-Type
text/html; charset=utf-8
Location
https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=MzA3NjU4MDM4NDI0OTY3Mzk4MA%3D%3D
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Accept-CH
Sec-CH-UA-Full-Version-List, Sec-CH-UA-Arch, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version, Sec-CH-UA-Bitness
Expires
Sat, 15 Nov 2008 16:00:00 GMT
express_html_inpage_rendering_lib_200_276.js
s0.2mdn.net/879366/ Frame 39D9 		106 KB
38 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://s0.2mdn.net/879366/express_html_inpage_rendering_lib_200_276.js
Requested by
Host: www.eurogagnant.c4.fr
URL: http://www.eurogagnant.c4.fr/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80e::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
e41d1ae45acbf836b8dcc29544c7e41cced4211214df601d5284a7e9c7134c73
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://googleads.g.doubleclick.net/
Origin
https://googleads.g.doubleclick.net
accept-language
fr-FR,fr;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36

Response headers

date
Sat, 18 Jun 2022 07:25:10 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
31865
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
37872
x-xss-protection
0
last-modified
Wed, 02 Mar 2022 23:07:26 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
text/javascript
access-control-allow-origin
*
cache-control
public, max-age=86400
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Sun, 19 Jun 2022 07:25:10 GMT
omrhp.js
pagead2.googlesyndication.com/pagead/js/r20220615/r20110914/elements/html/ Frame 39D9 		8 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/js/r20220615/r20110914/elements/html/omrhp.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-DhK85E14YLbXEE8ea-wYfv24yjhcrPMTH3XfVll6geeDOrcB14yvJ488CpTG5f2mH2aS-lSEasnskdEfgGSQ3w7W6eCQ&cry=1&dbm_d=AKAmf-C1h74DPSYvy36MUMuhQO6xqFkE6jkVWRJR3NTho0hKQXHgjDUS2S-YU88mKyChqL6amjCm4XY_Is_7ZFcDa6nfOrIME3qAWBNmzHzKi-JZOqEhBxZNfQGmQ6iPvFjcHFPIWkvNo9G-MKy8temxhyIqc_rQIzwGw5Zbj0e9YUKhnqYxNITI-GgdyDie3Gk9f1Y9NqvSoyl5doy8VYPwPH5kr32a-db1qOAf9rhGMEqjVRXcg-uAJGpV5XzbijM6TdMSWuSCVcW0fNkse0R3Pt4tz8_Eq4qBWefpDH6tgC_ZZjajVfAEa7Q5o0-qXUZfNz58iPvOjrkGFXiu4oJ8Cvt98GnuN037A_kSpaCPMG383Hwo36XkQtMIJ34cACRK3_FALmxyCL0UYUv5yFgr1_shYC4xqNfM3CKPeUqmFAEmIdtugm5939QHBLnxtXcPDCT-2HA0YWyVX0opo5-93Xx2ZcR8rggH93g--4EQHNyCEtQUD1xwApl9HxlQsgcy0xXLPdEbDNma8pp8g3zllUH1GyPUi3e1Fcqt_BEJPG4Dkdo8YOOP22f2h7P1KSNm4nCYbmYsEYqAT2D8hhZ47gbz3kL-dUeqS3p4_BHigMiK_aXtt5Dzp815Y512E0MPeg3OgtzqJpcg9_QYuJrgHZb18b5XSsaCbXX9s8cXbjEZ3b-pU8sL5B2w-s4l3TwDofyz4fqvH7qu3O5DF6EQwWkCU6hk5iveKlhJwuoL_mL4cQ3HPsDZ7hzzoMjvKePXUhH14SyShfhaF1iriWm-ekrOigvAA7g5Lgy5KmN7gp4s6aVMp7OLmN0T2XqF_0lFJfLMB4CyjMQR39xb2u1ZuGTRiqb4ZKY5dBgum9fZuwmaWZmLp1lPX1xlMfPSmL3S18h_lns9lc8yzEZjv6OHJ1o7eJxj4I9rT0S0LvxgSYhhjdYKn9gjrkYdvW-ufi-LV_x_zPWloAbO5JmxzNx961nPiUqmRT96Hf4NpzLcrQE-HykSat-Zw4mHaAMCB4GXG4Z7JWWJSJdiHLRwH_ToiA88lfDs_ASom0LngtSUnPkrnOr7GVUaakWLwK3JvKVgGrYGZ8-D68hLKHHWeXFdS7RRUAQZU5DdrNG_Ex-9tzVfRolcWt2JZD03fZNH5tBieWe_k9McDxHaXbd7l1D-UcCqkd1F6fEIfwBgiaG0ZB1STVDnceMdQ3bZCTPoZkUR1tkUJpcWLVo5eKxDcz0ZSrZxegJUmVvqZmEZrJUryQ0FCp0wLJc-pOpY2pmf6r0pZmj54NuSU_pejNsQeB3q-7rAoqhtXMHbmJVGrkwVxSBq0fGeRFCWn50A9dvkADSXHKZW9Pe2VK-goQGK9P9xF4bnWGl0CwkAfR7oOhlRZV1JPvVJwmuihZacsOxuO2UbCo4FK9AeBou4jsdlLuQouuK1Pq-ynrQf3xuWGuuJgnX_QAK2sGty1-LrJz2SnDEWULNN_hn0jIekULdRBF2cZ3HK6nZc_sGMqsHk9lhuB9xF-NPhwMQwwPGOUv4rxaRTZBNW2IQu7hzm8w9UfOgTccEju2ykSFCYOEQgo2ZCuzvjLd7OUTclrDYga4SSTGoKxDQbMLudvvVplHrxgmuRmWEc27QUbIOleVQBEyvDZ6AEgys6odAxNcX4ygiiYXJBLmRLOTDXudK_9c2Y9lDmnK8cKFwjf6-ESz2k-f6anJcsFtSkAgmjhHpO3_DK3Lc3KsBeuPiMNZNXohNUhezdRBdrk0BhIxcAPWq2vHDbwWiR2Zylye_ytE3fNTdHdyZqrhCQZfJlTcX6EX74IMutBP8i8nv52CMYgrFIhUkdi2yA3FFpdgBBgSWud_93exluu7y3jcysxvs2jTDFgyJZRNz2pw1L4zoWtVJG3KXPYQvnC8X5-gfObPvQR_51a3CkVqtpVQkE86EKKYt0OuV2if1rR4ArDD_YLNFNW3No7BC3QHuehH8fj-Icw6ddQYcRiataTw2Roey7TE1zsWQ7em_5ypenPCEQvFHG-B--CZeM_H8uql_4crGtutQ9j__ic7MEu5reHXnCp4YF1TakI4CmAHn23H_B4Wy_Iy__T4Re5uxFXYFjgjHBBxpiw0AgHiTDa-76sKCdPtJKiFvpE_zWCJRcI4WnGgNF3cJiWWywUH_QqLqIke-wnclRpKuE5aItAzvYB9f2BPjJAxgl4BNY4xGPIHeRFuH2ByTkhX0lhcKGNjEX-Qa4yxWzi6vQEVda4Lb61y3QWLh7qIFEQe1rWhm-exBJ_m3gHoiFxJ-83ThkMLNFt1La70BJNsY1tqkRwkVYz9tTdL6XSgX6i8QGUD6UvmVwC519hkMaZRxO3CWtNnrTFbFz0dRjcbQAy8TI0_wBgm4ce8V1amKTITDyBblDeoJ7tuaegsgfmV-UolLLjZXA64saWzK_o7dQJkCHdkdS1SCbnfgFCTw1MhPa9dMBhe1_TI4RenS__9T9cN_twYN_Tw2eJ4jZHpvyZZrqq5UPttXdgtrAWB6snXOWDasK8aXpmtPAl1lprJw-GW3AdzaMiZb_DK9S08-C-k9MLGrfxZvDvkDUv9vQRaPVKDeCbNj3a2a2QRoiwuvbLzfUHzUkltKbeKGcM-GYMoVjx9coV3HLeDaWvxorOpLtYrHzgwZYplf-QUDnjwXUg7z-0oAN5oMm_rfLk8f1_C1TWanpErqMuZHNWa8uiRrNtjAtuQTweVSDjFYiOb19EcrlPpDhzu5o3SQi_R4f8kgEjOGdexKiRVtmGwI-0XNuQ35wvTVoFILFXilvyT9saWu8t28ltOB4hyfQgEl8sLo4KIoXl14prcnzp426jDtCl1W98SZog92VB7RpV2m7iMjOYndrKnzBH5tQ8xRxBWp3yuC2XfQjca8EsiMEnpUHDcS-s_9RVYpylVYLo-c5UE0HK_oaxl-PyTCSawuqDPDMvNd_uP-kFhnFBBs9dBu_i8e8dzqeJStj4mEfD4QZ-uL86y-S1SzI74AjWchFKbRK6Y6Tc72l0FJKZDuq0AHEt1QowCEuM1uQ9hV-supBgre3krwC_vn05EOh-VS7idNa2FTGaESi-NAMDAdN-gLxsF-ToNVtn_KbtHS_IJ1c4_b5JrrtEclmwAMOpcSEm-OV-Bgi&cid=CAASBORov08&rfl=3%2Chttp%253A%252F%252Fwww.eurogagnant.c4.fr%242%2Chttp%253A%252F%252Fwww.eurogagnant.c4.fr%252F%240
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:811::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
28f18d39406a4b70dfa6cd479fe03f7ed918ca5c05cee26b87d9e1626cea1ed9
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
fr-FR,fr;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36

Response headers

date
Sat, 18 Jun 2022 16:15:01 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
74
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
3159
x-xss-protection
0
server
cafe
etag
1394524276809619753
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Sat, 02 Jul 2022 16:15:01 GMT
abg_lite.js
pagead2.googlesyndication.com/pagead/js/r20220615/r20110914/ Frame 39D9 		27 KB
10 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/js/r20220615/r20110914/abg_lite.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-DhK85E14YLbXEE8ea-wYfv24yjhcrPMTH3XfVll6geeDOrcB14yvJ488CpTG5f2mH2aS-lSEasnskdEfgGSQ3w7W6eCQ&cry=1&dbm_d=AKAmf-C1h74DPSYvy36MUMuhQO6xqFkE6jkVWRJR3NTho0hKQXHgjDUS2S-YU88mKyChqL6amjCm4XY_Is_7ZFcDa6nfOrIME3qAWBNmzHzKi-JZOqEhBxZNfQGmQ6iPvFjcHFPIWkvNo9G-MKy8temxhyIqc_rQIzwGw5Zbj0e9YUKhnqYxNITI-GgdyDie3Gk9f1Y9NqvSoyl5doy8VYPwPH5kr32a-db1qOAf9rhGMEqjVRXcg-uAJGpV5XzbijM6TdMSWuSCVcW0fNkse0R3Pt4tz8_Eq4qBWefpDH6tgC_ZZjajVfAEa7Q5o0-qXUZfNz58iPvOjrkGFXiu4oJ8Cvt98GnuN037A_kSpaCPMG383Hwo36XkQtMIJ34cACRK3_FALmxyCL0UYUv5yFgr1_shYC4xqNfM3CKPeUqmFAEmIdtugm5939QHBLnxtXcPDCT-2HA0YWyVX0opo5-93Xx2ZcR8rggH93g--4EQHNyCEtQUD1xwApl9HxlQsgcy0xXLPdEbDNma8pp8g3zllUH1GyPUi3e1Fcqt_BEJPG4Dkdo8YOOP22f2h7P1KSNm4nCYbmYsEYqAT2D8hhZ47gbz3kL-dUeqS3p4_BHigMiK_aXtt5Dzp815Y512E0MPeg3OgtzqJpcg9_QYuJrgHZb18b5XSsaCbXX9s8cXbjEZ3b-pU8sL5B2w-s4l3TwDofyz4fqvH7qu3O5DF6EQwWkCU6hk5iveKlhJwuoL_mL4cQ3HPsDZ7hzzoMjvKePXUhH14SyShfhaF1iriWm-ekrOigvAA7g5Lgy5KmN7gp4s6aVMp7OLmN0T2XqF_0lFJfLMB4CyjMQR39xb2u1ZuGTRiqb4ZKY5dBgum9fZuwmaWZmLp1lPX1xlMfPSmL3S18h_lns9lc8yzEZjv6OHJ1o7eJxj4I9rT0S0LvxgSYhhjdYKn9gjrkYdvW-ufi-LV_x_zPWloAbO5JmxzNx961nPiUqmRT96Hf4NpzLcrQE-HykSat-Zw4mHaAMCB4GXG4Z7JWWJSJdiHLRwH_ToiA88lfDs_ASom0LngtSUnPkrnOr7GVUaakWLwK3JvKVgGrYGZ8-D68hLKHHWeXFdS7RRUAQZU5DdrNG_Ex-9tzVfRolcWt2JZD03fZNH5tBieWe_k9McDxHaXbd7l1D-UcCqkd1F6fEIfwBgiaG0ZB1STVDnceMdQ3bZCTPoZkUR1tkUJpcWLVo5eKxDcz0ZSrZxegJUmVvqZmEZrJUryQ0FCp0wLJc-pOpY2pmf6r0pZmj54NuSU_pejNsQeB3q-7rAoqhtXMHbmJVGrkwVxSBq0fGeRFCWn50A9dvkADSXHKZW9Pe2VK-goQGK9P9xF4bnWGl0CwkAfR7oOhlRZV1JPvVJwmuihZacsOxuO2UbCo4FK9AeBou4jsdlLuQouuK1Pq-ynrQf3xuWGuuJgnX_QAK2sGty1-LrJz2SnDEWULNN_hn0jIekULdRBF2cZ3HK6nZc_sGMqsHk9lhuB9xF-NPhwMQwwPGOUv4rxaRTZBNW2IQu7hzm8w9UfOgTccEju2ykSFCYOEQgo2ZCuzvjLd7OUTclrDYga4SSTGoKxDQbMLudvvVplHrxgmuRmWEc27QUbIOleVQBEyvDZ6AEgys6odAxNcX4ygiiYXJBLmRLOTDXudK_9c2Y9lDmnK8cKFwjf6-ESz2k-f6anJcsFtSkAgmjhHpO3_DK3Lc3KsBeuPiMNZNXohNUhezdRBdrk0BhIxcAPWq2vHDbwWiR2Zylye_ytE3fNTdHdyZqrhCQZfJlTcX6EX74IMutBP8i8nv52CMYgrFIhUkdi2yA3FFpdgBBgSWud_93exluu7y3jcysxvs2jTDFgyJZRNz2pw1L4zoWtVJG3KXPYQvnC8X5-gfObPvQR_51a3CkVqtpVQkE86EKKYt0OuV2if1rR4ArDD_YLNFNW3No7BC3QHuehH8fj-Icw6ddQYcRiataTw2Roey7TE1zsWQ7em_5ypenPCEQvFHG-B--CZeM_H8uql_4crGtutQ9j__ic7MEu5reHXnCp4YF1TakI4CmAHn23H_B4Wy_Iy__T4Re5uxFXYFjgjHBBxpiw0AgHiTDa-76sKCdPtJKiFvpE_zWCJRcI4WnGgNF3cJiWWywUH_QqLqIke-wnclRpKuE5aItAzvYB9f2BPjJAxgl4BNY4xGPIHeRFuH2ByTkhX0lhcKGNjEX-Qa4yxWzi6vQEVda4Lb61y3QWLh7qIFEQe1rWhm-exBJ_m3gHoiFxJ-83ThkMLNFt1La70BJNsY1tqkRwkVYz9tTdL6XSgX6i8QGUD6UvmVwC519hkMaZRxO3CWtNnrTFbFz0dRjcbQAy8TI0_wBgm4ce8V1amKTITDyBblDeoJ7tuaegsgfmV-UolLLjZXA64saWzK_o7dQJkCHdkdS1SCbnfgFCTw1MhPa9dMBhe1_TI4RenS__9T9cN_twYN_Tw2eJ4jZHpvyZZrqq5UPttXdgtrAWB6snXOWDasK8aXpmtPAl1lprJw-GW3AdzaMiZb_DK9S08-C-k9MLGrfxZvDvkDUv9vQRaPVKDeCbNj3a2a2QRoiwuvbLzfUHzUkltKbeKGcM-GYMoVjx9coV3HLeDaWvxorOpLtYrHzgwZYplf-QUDnjwXUg7z-0oAN5oMm_rfLk8f1_C1TWanpErqMuZHNWa8uiRrNtjAtuQTweVSDjFYiOb19EcrlPpDhzu5o3SQi_R4f8kgEjOGdexKiRVtmGwI-0XNuQ35wvTVoFILFXilvyT9saWu8t28ltOB4hyfQgEl8sLo4KIoXl14prcnzp426jDtCl1W98SZog92VB7RpV2m7iMjOYndrKnzBH5tQ8xRxBWp3yuC2XfQjca8EsiMEnpUHDcS-s_9RVYpylVYLo-c5UE0HK_oaxl-PyTCSawuqDPDMvNd_uP-kFhnFBBs9dBu_i8e8dzqeJStj4mEfD4QZ-uL86y-S1SzI74AjWchFKbRK6Y6Tc72l0FJKZDuq0AHEt1QowCEuM1uQ9hV-supBgre3krwC_vn05EOh-VS7idNa2FTGaESi-NAMDAdN-gLxsF-ToNVtn_KbtHS_IJ1c4_b5JrrtEclmwAMOpcSEm-OV-Bgi&cid=CAASBORov08&rfl=3%2Chttp%253A%252F%252Fwww.eurogagnant.c4.fr%242%2Chttp%253A%252F%252Fwww.eurogagnant.c4.fr%252F%240
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:811::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
502bf78db333356f428e459b0dccdd1974dcdf0a2211c52fe45cc10d6f4a6246
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
fr-FR,fr;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36

Response headers

date
Sat, 18 Jun 2022 16:15:39 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
36
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
10546
x-xss-protection
0
server
cafe
etag
1672864604874404814
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Sat, 02 Jul 2022 16:15:39 GMT
UFYwWwmt.js
tpc.googlesyndication.com/sodar/ Frame 39D9 		41 KB
15 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/UFYwWwmt.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5203714787387788&output=html&h=90&slotname=4563536207&adk=2647235303&adf=3604715433&pi=t.ma~as.4563536207&w=970&psa=0&format=970x90&url=http%3A%2F%2Fwww.eurogagnant.c4.fr%2F&ea=0&wgl=1&dt=1655568974348&bpp=3&bdt=355&idt=196&shv=r20220615&mjsv=m202206140101&ptt=9&saldr=aa&correlator=6355545147054&frm=23&ife=1&pv=2&ga_vid=114212745.1655568975&ga_sid=1655568975&ga_hid=1283683902&ga_fc=0&nhd=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&adx=20&ady=0&biw=1600&bih=1200&isw=1600&ish=90&ifk=3845729909&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759842%2C31067629%2C31068031&oid=2&pvsid=2189768126325910&tmod=316383327&uas=0&nvt=1&eae=2&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C90&vis=1&rsz=o%7Co%7CaeE%7C&abl=NA&pfx=0&fu=4&bc=23&ifi=1&uci=1.vghu9iigy26c&fsb=1&dtd=216
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:812::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
5056305b09ad6474ea540f796c79be51d6b8e96043cb3d7bc4ef774e56765f4f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
fr-FR,fr;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36

Response headers

date
Fri, 17 Jun 2022 07:25:10 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
118265
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
15207
x-xss-protection
0
last-modified
Tue, 03 Mar 2020 20:15:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
vary
Accept-Encoding
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Sat, 17 Jun 2023 07:25:10 GMT
truncated
/ Frame 39D9 		214 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
c8624612d5b50f7f8e62cb0e131ba6789304bda2498605a314e195e2c44d3d56

Request headers

accept-language
fr-FR,fr;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36

Response headers

Content-Type
image/png
Enqz_20U.html
tpc.googlesyndication.com/sodar/ Frame E06C 		22 KB
8 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/Enqz_20U.html
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/UFYwWwmt.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:812::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
127ab3ff6d14112ae6aa40b68d9d3144748eda08efbc60a48a5be0555cf8622b
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://googleads.g.doubleclick.net/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36
accept-language
fr-FR,fr;q=0.9

Response headers

accept-ranges
bytes
age
118264
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
public, max-age=31536000
content-encoding
gzip
content-length
8395
content-type
text/html
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy
cross-origin
date
Fri, 17 Jun 2022 07:25:11 GMT
expires
Sat, 17 Jun 2023 07:25:11 GMT
last-modified
Tue, 03 Mar 2020 20:15:00 GMT
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server
sffe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
index.html
s0.2mdn.net/sadbundle/10196239086468997911/ Frame 62A0 		89 KB
21 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://s0.2mdn.net/sadbundle/10196239086468997911/index.html
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/879366/express_html_inpage_rendering_lib_200_276.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80e::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
5d74d225ed3a1ba493176f184c57877252a54ed81fc6031d6908ef70a11d4670
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://googleads.g.doubleclick.net/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36
accept-language
fr-FR,fr;q=0.9

Response headers

accept-ranges
bytes
access-control-allow-origin
*
age
189440
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
public, max-age=31536000
content-encoding
gzip
content-length
21272
content-type
text/html
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
cross-origin-resource-policy
cross-origin
date
Thu, 16 Jun 2022 11:38:55 GMT
expires
Fri, 16 Jun 2023 11:38:55 GMT
last-modified
Fri, 18 Feb 2022 17:46:32 GMT
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
server
sffe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-dns-prefetch-control
off
x-xss-protection
0
view
googleads4.g.doubleclick.net/pcs/ Frame 39D9 		0
622 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://googleads4.g.doubleclick.net/pcs/view?xai=AKAOjsuae3q3tCeffI-aa_dZXgFTO_CTc6SryoSYRFk0ZXmXCuVCOAYa4fKEgc4Y-Etjirn-WCBHfNt2mtPq7k7X3eOlAprqLdf8ad1bjeuC9VvGcdm9XzME-g_TR0Zu0Ooe7VKDhQYvp9PyRYfsSkG-l8cytERPWwgK7UGYwMnj8ncN3Ksh-Lv76XGGri7ehpb-CdoX5xpdjeY5MvqW-2vmjcLIHQIgHdGSAgxLjuo8XFtKcol7DB5fIkFTFPPYKhuUPeeDHA1gEqhkvtIwZ7-K8gNRFVPPuizObjYnx7bl-7T2QPY-Zleg0gIJ4oYPEGIDqxXiIykLqGPg_kssl2EZ2OBf6KQJ91sQQYvxTXbnUj2gX-wrTWhXaETgUD8dDdNkNiipX87XkSp75cWpDQjA542flG-OLTjLTowCC6uX34SNQRHKZt0mvdLnbzroIlEq7hpTZ-2JuWqnwJk4Ibf1D92PU49eig5m0bE1k7a73bezSVZwc6N5YEeJIJWRpOjwQ7PTiOmzBjXafcIRaSZ4eqWxBi33xZwMAFUzxd9-A1Nun2SBD7DWQqThnINgzevQC4ho5zix_OMOQRlZdwvJpfEH-MF_mzbnYVFI7LtqoRwR6iNP13dJgEDPy-fX12SWEh2ENaJ2ecnV8idOv764lXfo6oFLAS982ukv7g-5NzZpnUz4j8WFqd9HTlDJTs2cXmQQOrQGsvaaBTNZX86f9QEyyic7yFBXStTVnzhGK6XGMEzhK0Jf1aDZL_xNXNTOUHh-DT2ONZBegMydr5juxkqUD94MBsO7dsyK4FHThtwfA2EChsDGjUBHj7XEr4EUeNaL1Gx1oRPph30jZPNXhGzhLXoLmkHSphnVUAZrxrKeaIDWWjP2ZIPp2GoF_O2ioVg4QGN4dX06zmPK0rRRDrv5jNVExmIrYKAdhh2yBJuDg_M4T_L0Vu9EqUVxtTpiAhomB8KatDYSJk5odNDeFtkg7EwNH8zU1RO2uNgMs8KNoMB45hFrQ9wwm_ToryMtmx3J90eREhUFeAaneZN7BvoGAPQ25TJ4-voNJBOLP_jFL3_gPdJu_cN6ybbEkweXAudiR_ERfywtQLHLSfkItpdQfMzyYZh3iueVRGW83TdEsxshsAKv4SxjXnUiwhCOnfA3TsKVPxNnWMRuSpMryuw9AxTH4QNfmgMadyiSIZRMF7VF8ykY3KpBCADNWtDWtP-D0IiXX6llURLoMEWpOlKRSifqD6rw0LCmjIwrJeythshasVOeig-x&sai=AMfl-YTSQ3eARDcRxZo4YnDJojo0ktWLE1t7AxzExr8m7SB-NerUf6ljBWzzbBdXZMpc8K0849RpwTuRMbbJxIbwsXPtRm54NFDZE4Q4xeD-v_MQsd5az4AjLLWH5yC9xP3NOEjSneJS_D61OoZMIWiNQYZDY04&sig=Cg0ArKJSzB0ycJcGzp7dEAE&uach_m=[UACH]&fbs_aeid=[gw_fbsaeid]&urlfix=1&omid=0&rm=1&ctpt=180&cbvp=1&cstd=176&cisv=r20220615.11469&adurl=
Requested by
Host: www.eurogagnant.c4.fr
URL: http://www.eurogagnant.c4.fr/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.184.194 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s11-in-f2.1e100.net
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Content-Security-Policy script-src 'none'; object-src 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
fr-FR,fr;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36

Response headers

timing-allow-origin
*
content-security-policy
script-src 'none'; object-src 'none'
x-content-type-options
nosniff
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
date
Sat, 18 Jun 2022 16:16:15 GMT
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin
*
cache-control
private
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
server
cafe
WNU-PBcfckz-ZJNp77gnGR6umJykUHtANN-D9hj8G6g.js
pagead2.googlesyndication.com/bg/ Frame E06C 		35 KB
13 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/bg/WNU-PBcfckz-ZJNp77gnGR6umJykUHtANN-D9hj8G6g.js
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/Enqz_20U.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:811::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
58d53e3c171f724cfe649369efb827191eae989ca4507b4034df83f618fc1ba8
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
fr-FR,fr;q=0.9
Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36

Response headers

date
Sat, 18 Jun 2022 16:07:09 GMT
content-encoding
br
x-content-type-options
nosniff
age
546
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
13746
x-xss-protection
0
last-modified
Fri, 10 Jun 2022 10:58:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="botguard-scs"
vary
Accept-Encoding
report-to
{"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Sun, 18 Jun 2023 16:07:09 GMT
css
fonts.googleapis.com/ Frame 62A0 		8 KB
1 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css?family=Roboto:500,700,regular,700italic
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/10196239086468997911/index.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:828::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
c233ce3b2c93066a4fe602720eaee31dba0c23d5b832e7aac994f71d04697325
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

accept-language
fr-FR,fr;q=0.9
Referer
https://s0.2mdn.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection
0
last-modified
Sat, 18 Jun 2022 16:16:15 GMT
server
ESF
cross-origin-opener-policy
same-origin-allow-popups
date
Sat, 18 Jun 2022 16:16:15 GMT
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Sat, 18 Jun 2022 16:16:15 GMT
DcmEnabler_01_247.js
s0.2mdn.net/879366/ Frame 62A0 		29 KB
10 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://s0.2mdn.net/879366/DcmEnabler_01_247.js
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/10196239086468997911/index.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80e::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
467a5b06cb117035f7882e8c71d80e093f04ce586c1ac2b84e7e4adf978edb30
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
fr-FR,fr;q=0.9
Referer
https://s0.2mdn.net/sadbundle/10196239086468997911/index.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36

Response headers

date
Sat, 18 Jun 2022 07:55:02 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
30073
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
10136
x-xss-protection
0
last-modified
Mon, 27 Sep 2021 18:45:03 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
text/javascript
access-control-allow-origin
*
cache-control
public, max-age=86400
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Sun, 19 Jun 2022 07:55:02 GMT
KFOlCnqEu92Fr1MmWUlfBBc4.woff2
fonts.gstatic.com/s/roboto/v30/ Frame 62A0 		15 KB
16 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/roboto/v30/KFOlCnqEu92Fr1MmWUlfBBc4.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto:500,700,regular,700italic
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:400e:80c::2003 , Ireland, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
f5aebdfea35d1e7656ef4acc5db1f243209755ae3300943ef8fc6280f363c860
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://s0.2mdn.net
accept-language
fr-FR,fr;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36

Response headers

date
Wed, 15 Jun 2022 19:43:56 GMT
x-content-type-options
nosniff
age
246739
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
15860
x-xss-protection
0
last-modified
Wed, 11 May 2022 19:24:42 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Thu, 15 Jun 2023 19:43:56 GMT
KFOmCnqEu92Fr1Mu4mxK.woff2
fonts.gstatic.com/s/roboto/v30/ Frame 62A0 		15 KB
15 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/roboto/v30/KFOmCnqEu92Fr1Mu4mxK.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto:500,700,regular,700italic
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:400e:80c::2003 , Ireland, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
f6734f8177112c0839b961f96d813fcb189d81b60e96c33278c1983b6f419615
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://s0.2mdn.net
accept-language
fr-FR,fr;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36

Response headers

date
Wed, 15 Jun 2022 19:39:19 GMT
x-content-type-options
nosniff
age
247016
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
15744
x-xss-protection
0
last-modified
Wed, 11 May 2022 19:24:48 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Thu, 15 Jun 2023 19:39:19 GMT
KFOlCnqEu92Fr1MmEU9fBBc4.woff2
fonts.gstatic.com/s/roboto/v30/ Frame 62A0 		16 KB
16 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/roboto/v30/KFOlCnqEu92Fr1MmEU9fBBc4.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto:500,700,regular,700italic
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:400e:80c::2003 , Ireland, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
b019538234514166ec7665359d097403358f8a4c991901983922fb4d56989f1e
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://s0.2mdn.net
accept-language
fr-FR,fr;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36

Response headers

date
Wed, 15 Jun 2022 19:53:23 GMT
x-content-type-options
nosniff
age
246172
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
15920
x-xss-protection
0
last-modified
Wed, 11 May 2022 19:24:45 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Thu, 15 Jun 2023 19:53:23 GMT
BitdefenderLogo_white-_2_.png
s0.2mdn.net/sadbundle/10196239086468997911/ Frame 62A0 		28 KB
28 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s0.2mdn.net/sadbundle/10196239086468997911/BitdefenderLogo_white-_2_.png
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/10196239086468997911/index.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80e::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
09390420931de1a5876504eb4ebc8af93bd0464e7837af05c971b8afd33f6dbf
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
fr-FR,fr;q=0.9
Referer
https://s0.2mdn.net/sadbundle/10196239086468997911/index.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36

Response headers

date
Thu, 16 Jun 2022 11:38:55 GMT
x-content-type-options
nosniff
age
189440
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
28426
x-xss-protection
0
last-modified
Fri, 18 Feb 2022 17:46:32 GMT
server
sffe
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Fri, 16 Jun 2023 11:38:55 GMT
DIP-728x90.jpg
s0.2mdn.net/sadbundle/10196239086468997911/ Frame 62A0 		4 KB
4 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s0.2mdn.net/sadbundle/10196239086468997911/DIP-728x90.jpg
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/10196239086468997911/index.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80e::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
1e2febd816ca74d843f100c2e7417cef8430cef84f5817d2ac1e5963d62eaff4
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
fr-FR,fr;q=0.9
Referer
https://s0.2mdn.net/sadbundle/10196239086468997911/index.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36

Response headers

date
Thu, 16 Jun 2022 11:38:55 GMT
x-content-type-options
nosniff
age
189440
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
3967
x-xss-protection
0
last-modified
Fri, 18 Feb 2022 17:46:32 GMT
server
sffe
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
image/jpeg
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Fri, 16 Jun 2023 11:38:55 GMT
gen_204
pagead2.googlesyndication.com/pagead/ Frame E06C 		0
20 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar&v=30&t=2&bgai=BHEmDTvqtYtzKO_HV7_UP_4irgAoAAAAAOAHgBAI&bg=!VFelVxPNAAbASn8N4Eo7ACkAdvg8WsBvA-MnuL07VlpJpLRnJzzlFQpJuAOmoCdi5DNK2Fzaf3XV-AIAAADGUgAAAAJoAQeZAw9NZVUWWSiCYdtMIS3mmd73XGtgl8j0LXKbxFopdQIfYuAmarVPLKPcnzC8O0HuvqTAiA2YTLIMJuRsRLyWyzYa5Y2EKtn2JS8j7dxHIz7n7o9jyGbzTzh5dzqWLWiQCEN4dZ1IMECjKjRSapsZxknQnEUv3d_LxUM0W0eiNTDWhXBgjczLF3kCiPuoFWXltaeulTpu29md72Ge0z4oyS7LaL_GCTJjfASui4znh09qxbR58eFpFq1KHfsmREIUKZ2itB3-bebzsvdiui9af20zcHVzY0zih1L-LdEav__ZLoEN7pcEyTunA46fqaHpWlToEO2ZB0cwXBrHlfwq79KyjAbpy3JKNZNGGd63zOPlpTnVG1UG683BJBJOmLOPC2YxhNDEQbnjrZx2l7KhRM1MLZhVqoG6Hh3iS4uD2Dx5O1tEHY7MPymZ8H_j7ocdZVGEPGDMAVOmB71JCrdsz0KUxgI70lFgZBDBqDCKAuv9FieTGRDH1hKbtZZp9nSRQ7exsZtEt2dew33boB631FVlzH4lL97OV7uh2qBuMAVR4PQbN2YR6-idiCLVugt7UDryfhtjm-U79h0z6s-ltF2nDdE1P2SlRZyF9gHesF84b5BqjKZinD3rXraj0hiypRrxaAamyjX8yiY0MIF3ag3Fe-1lyStwj4EMHSbHGVvWoP_5j4djSaPbo17mwEZpkzKbXDjJKwBmpRGjSyg738e4D1ovD7OpH0cOjy3eMfHgUEv0tjjc1E_1PbwDkl6otqlzMcJn73ufv4UvFyXPO6FASAYhZEODo2iZv8IYg1HivLV6GKQbAQdPAw2fLcHWcHFDbpoJxCnktv5MgJVFWe4-3zbpq70kMvKjzD1IhboX4xUgS25hQlROw3NnCPaMnLI2q60Kk7or89uWCYZ1xBj8M6dtmQkYnYIaFEGLTBGxQSIfspuUIesv8kpRFK_CUL2VxpLJg0B-WaAxsih5NeZafbB7fmnRPA6cYk6t79gFUYbW8DDwfokupyBZiSAV2lXqUY00wERACYSBOgaHLY8
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5203714787387788&output=html&h=90&slotname=4563536207&adk=2647235303&adf=3604715433&pi=t.ma~as.4563536207&w=970&psa=0&format=970x90&url=http%3A%2F%2Fwww.eurogagnant.c4.fr%2F&ea=0&wgl=1&dt=1655568974348&bpp=3&bdt=355&idt=196&shv=r20220615&mjsv=m202206140101&ptt=9&saldr=aa&correlator=6355545147054&frm=23&ife=1&pv=2&ga_vid=114212745.1655568975&ga_sid=1655568975&ga_hid=1283683902&ga_fc=0&nhd=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&adx=20&ady=0&biw=1600&bih=1200&isw=1600&ish=90&ifk=3845729909&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759842%2C31067629%2C31068031&oid=2&pvsid=2189768126325910&tmod=316383327&uas=0&nvt=1&eae=2&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C90&vis=1&rsz=o%7Co%7CaeE%7C&abl=NA&pfx=0&fu=4&bc=23&ifi=1&uci=1.vghu9iigy26c&fsb=1&dtd=216
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:811::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
fr-FR,fr;q=0.9
Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 18 Jun 2022 16:16:15 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
view
googleads4.g.doubleclick.net/pcs/ Frame 39D9 		0
26 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://googleads4.g.doubleclick.net/pcs/view?xai=AKAOjsuae3q3tCeffI-aa_dZXgFTO_CTc6SryoSYRFk0ZXmXCuVCOAYa4fKEgc4Y-Etjirn-WCBHfNt2mtPq7k7X3eOlAprqLdf8ad1bjeuC9VvGcdm9XzME-g_TR0Zu0Ooe7VKDhQYvp9PyRYfsSkG-l8cytERPWwgK7UGYwMnj8ncN3Ksh-Lv76XGGri7ehpb-CdoX5xpdjeY5MvqW-2vmjcLIHQIgHdGSAgxLjuo8XFtKcol7DB5fIkFTFPPYKhuUPeeDHA1gEqhkvtIwZ7-K8gNRFVPPuizObjYnx7bl-7T2QPY-Zleg0gIJ4oYPEGIDqxXiIykLqGPg_kssl2EZ2OBf6KQJ91sQQYvxTXbnUj2gX-wrTWhXaETgUD8dDdNkNiipX87XkSp75cWpDQjA542flG-OLTjLTowCC6uX34SNQRHKZt0mvdLnbzroIlEq7hpTZ-2JuWqnwJk4Ibf1D92PU49eig5m0bE1k7a73bezSVZwc6N5YEeJIJWRpOjwQ7PTiOmzBjXafcIRaSZ4eqWxBi33xZwMAFUzxd9-A1Nun2SBD7DWQqThnINgzevQC4ho5zix_OMOQRlZdwvJpfEH-MF_mzbnYVFI7LtqoRwR6iNP13dJgEDPy-fX12SWEh2ENaJ2ecnV8idOv764lXfo6oFLAS982ukv7g-5NzZpnUz4j8WFqd9HTlDJTs2cXmQQOrQGsvaaBTNZX86f9QEyyic7yFBXStTVnzhGK6XGMEzhK0Jf1aDZL_xNXNTOUHh-DT2ONZBegMydr5juxkqUD94MBsO7dsyK4FHThtwfA2EChsDGjUBHj7XEr4EUeNaL1Gx1oRPph30jZPNXhGzhLXoLmkHSphnVUAZrxrKeaIDWWjP2ZIPp2GoF_O2ioVg4QGN4dX06zmPK0rRRDrv5jNVExmIrYKAdhh2yBJuDg_M4T_L0Vu9EqUVxtTpiAhomB8KatDYSJk5odNDeFtkg7EwNH8zU1RO2uNgMs8KNoMB45hFrQ9wwm_ToryMtmx3J90eREhUFeAaneZN7BvoGAPQ25TJ4-voNJBOLP_jFL3_gPdJu_cN6ybbEkweXAudiR_ERfywtQLHLSfkItpdQfMzyYZh3iueVRGW83TdEsxshsAKv4SxjXnUiwhCOnfA3TsKVPxNnWMRuSpMryuw9AxTH4QNfmgMadyiSIZRMF7VF8ykY3KpBCADNWtDWtP-D0IiXX6llURLoMEWpOlKRSifqD6rw0LCmjIwrJeythshasVOeig-x&sai=AMfl-YTSQ3eARDcRxZo4YnDJojo0ktWLE1t7AxzExr8m7SB-NerUf6ljBWzzbBdXZMpc8K0849RpwTuRMbbJxIbwsXPtRm54NFDZE4Q4xeD-v_MQsd5az4AjLLWH5yC9xP3NOEjSneJS_D61OoZMIWiNQYZDY04&sig=Cg0ArKJSzB0ycJcGzp7dEAE&uach_m=[UACH]&fbs_aeid=[gw_fbsaeid]&urlfix=1&omid=0&rm=1&ctpt=537&vt=11&dtpt=357&dett=3&cstd=176&cisv=r20220615.11469&adurl=
Requested by
Host: www.eurogagnant.c4.fr
URL: http://www.eurogagnant.c4.fr/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.184.194 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s11-in-f2.1e100.net
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
fr-FR,fr;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36

Response headers

timing-allow-origin
*
date
Sat, 18 Jun 2022 16:16:15 GMT
x-content-type-options
nosniff
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin
*
cache-control
private
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
server
cafe
sodar
pagead2.googlesyndication.com/getconfig/ Frame D685 		14 KB
10 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gda&tv=r20220615&st=env
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202206140101/show_ads_impl_with_ama_fy2019.js?client=ca-pub-5203714787387788&plah=www.eurogagnant.c4.fr
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:811::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
277981dca24ece84637b2d46be1cc12809aa2f67176154471cf18002f403e1b6
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
fr-FR,fr;q=0.9
Referer
http://www.eurogagnant.c4.fr/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36

Response headers

timing-allow-origin
*
date
Sat, 18 Jun 2022 16:16:15 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin
*
cache-control
private
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
application/json; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
10540
x-xss-protection
0
sodar2.js
tpc.googlesyndication.com/sodar/ Frame D685 		17 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/sodar2.js
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202206140101/show_ads_impl_with_ama_fy2019.js?client=ca-pub-5203714787387788&plah=www.eurogagnant.c4.fr
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:812::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
fr-FR,fr;q=0.9
Referer
http://www.eurogagnant.c4.fr/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36

Response headers

date
Sat, 18 Jun 2022 16:16:15 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
6386
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
etag
"1637097310169751"
vary
Accept-Encoding
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
expires
Sat, 18 Jun 2022 16:16:15 GMT
runner.html
tpc.googlesyndication.com/sodar/sodar2/225/ Frame 7F8E 		13 KB
5 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:812::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
http://www.eurogagnant.c4.fr/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36
accept-language
fr-FR,fr;q=0.9

Response headers

accept-ranges
bytes
age
3799
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
public, max-age=31536000
content-encoding
gzip
content-length
5046
content-type
text/html
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy
cross-origin
date
Sat, 18 Jun 2022 15:12:56 GMT
expires
Sun, 18 Jun 2023 15:12:56 GMT
last-modified
Mon, 21 Jun 2021 20:47:05 GMT
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server
sffe
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
aframe
www.google.com/recaptcha/api2/ Frame F5F9 		783 B
1 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://www.google.com/recaptcha/api2/aframe
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:830::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
GSE /
Resource Hash
f481013610f5a29f75babc077cbd8a6955ec870b622116c3d7821d276b728ff4
Security Headers
Name Value
Content-Security-Policy script-src 'report-sample' 'nonce-YAwMxc1xUC_wA2eayZowUg' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
http://www.eurogagnant.c4.fr/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36
accept-language
fr-FR,fr;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
private, max-age=300
content-encoding
gzip
content-length
511
content-security-policy
script-src 'report-sample' 'nonce-YAwMxc1xUC_wA2eayZowUg' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-type
text/html; charset=utf-8
cross-origin-embedder-policy
require-corp
cross-origin-resource-policy
cross-origin
date
Sat, 18 Jun 2022 16:16:15 GMT
expires
Sat, 18 Jun 2022 16:16:15 GMT
report-to
{"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
server
GSE
x-content-type-options
nosniff
x-xss-protection
1; mode=block
WNU-PBcfckz-ZJNp77gnGR6umJykUHtANN-D9hj8G6g.js
pagead2.googlesyndication.com/bg/ Frame 7F8E 		35 KB
13 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/bg/WNU-PBcfckz-ZJNp77gnGR6umJykUHtANN-D9hj8G6g.js
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:811::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
58d53e3c171f724cfe649369efb827191eae989ca4507b4034df83f618fc1ba8
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
fr-FR,fr;q=0.9
Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36

Response headers

date
Sat, 18 Jun 2022 16:07:09 GMT
content-encoding
br
x-content-type-options
nosniff
age
546
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
13746
x-xss-protection
0
last-modified
Fri, 10 Jun 2022 10:58:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="botguard-scs"
vary
Accept-Encoding
report-to
{"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Sun, 18 Jun 2023 16:07:09 GMT
sodar
pagead2.googlesyndication.com/pagead/ Frame F5F9 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&li=gda_r20220615&jk=2189768126325910&rc=
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:811::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
fr-FR,fr;q=0.9
Referer
https://www.google.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36

Response headers
generate_204
tpc.googlesyndication.com/ Frame 7F8E 		0
9 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/generate_204?AjYasg
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:812::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
fr-FR,fr;q=0.9
Referer
https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36

Response headers

date
Sat, 18 Jun 2022 16:16:15 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
sodar
pagead2.googlesyndication.com/pagead/ Frame D685 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&t=2&li=gda_r20220615&jk=2189768126325910&bg=!z8ylzIjNAAbASn8N4Eo7ACkAdvg8WlxX1ezPNs4iEC9Q__z0corUp_ozatd8KOXHus_B7TDZUYGc6wIAAABWUgAAAANoAQeZAsMwsSUYg_nCqfWfoHxaY0HO1maX_EY1fg1bAAb-wHpncmcNcLwqvXShgCDEYHqe4GiuQ-gaaTZFPVuV2hPVFZh97ysLIkeJZYkYj0EV4K496rLNh7_qb2jau0gelKZRkbdWok2k9zDvpx5DJUUJbmqp7olzu5fw6dm7zIh-gxlS6OzOqkqgyN1U9daqkQ70XFL_mdFGBSBcUqke9BmeSKfj5mTh-6fJzytFVpdu34bUsUX9LnLF97YfZtTfxAY7R6fAhjrDhNQ7ZdxYpuRTudu7wTZQ7rqWR4Nb4hVfY7n6U-VC05qLc7LCsIcY_voWI6KSm0XXAA3zshq2iEht0yZpVnmdkqeIKFAoFsgMUHdmo47sJJGh5XYuwEyxZuYOqQOyz3Va2YzIpApu04Zaur9lV0EWVSDDMv5UI3ZKGjmC7gsDCJchHDpcax_a0_TUMEzM9G0iVcj4SmyZH8mV8gnzf_64-an8nnX2asO29dYNQ3wMx51eCBnvOQOY16fJNJNc3kBmmSsmBfRdTUiqyGpXnkzLcbGjOk4nYT1M9ZAivdBzJ4s8Xn8bFdCyMaRVWfMjjKBNTkMAdhdWs-LrFZqus885CytRGavTRekE17Tu87Ze5XFhtG0lJ1ktSp2rjAd__Rlt1Y2cayaZjscP56hXu3HPcada3HRiBSv5IM7N3IvIiOD9H4zPD5VfBGcXo--7zY2M1gw6syWB5gUwkBD03H5pIpxMEfqW3extBVO82miU_JnEnbYpRK0QbOLtn1hRDHuagW-Le46sK32pRU3dizyu4-0TElKc7v09fB21lHlfLKUdosIBFBZzanaNZzIS_BQdE5iBShxflJDVP51uB_4RiZHuZGKVFjB3py1JmNYBmRh3-fsESkz6Mefq4QUVeuGgVm4xTLxWUMCfW8flngO1d-ieOIh0B3rILwFzik3jfA
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:811::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
fr-FR,fr;q=0.9
Referer
http://www.eurogagnant.c4.fr/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36

Response headers
activeview
pagead2.googlesyndication.com/pcs/ Frame 39D9 		42 B
64 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjsvMY5y6AWH89K6FMr-MOaT-uDJk1wy1ON_zhIZBiu7Fgw4zHLyqVpzCwEE7g0Cj-J4XXN57LVhjvJ4m6jWP8lRMNgjmnf4MvoNsobw8iEmrgdPs1EAT4r4ATjIvIOs&sai=AMfl-YSfl6Hrwl0usz8UrilVpW4Z7U2sSPWVCgPlMvb_6Cm3we9xkEK1WeTIt4TpelOHoCZU_UkojN2teMtv&sig=Cg0ArKJSzOYH8K45oGzMEAE&cid=CAASBORov08&id=lidar2&mcvt=1000&p=0,0,90,728&mtos=1000,1000,1000,1000,1000&tos=1000,0,0,0,0&v=20220615&bin=7&avms=nio&bs=0,0&mc=1&if=1&vu=1&app=0&itpl=20&adk=2647235303&rs=2&la=0&cr=0&vs=4&r=v&rst=1655568974931&rpt=601&met=ie&wmsd=0
Requested by
Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:811::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
fr-FR,fr;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 18 Jun 2022 16:16:16 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin
*
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Verdicts & Comments Add Verdict or Comment

14 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| 0 object| 1 object| 2 object| oncontextlost object| oncontextrestored function| structuredClone object| launchQueue object| onbeforematch object| navigation object| google_reactive_ads_global_state object| google_ad_modifications number| google_global_correlator object| google_prev_clients object| googletag

11 Cookies

Domain/Path Name / Value
payment.allopass.com/ Name: ShopSessionId
Value: cae4d21e-fa47-46bc-a2f8-c99e7fcccbc7
.allopass.com/ Name: AP_CUSK
Value: 3573324101
.c4.fr/ Name: __gads
Value: ID=0173fb349052b8b6-22a2205cb7cd0001:T=1655568974:RT=1655568974:S=ALNI_Mb3QAdNViN3IPRzUU4hQsQTCFYOeQ
.doubleclick.net/ Name: IDE
Value: AHWqTUm0V4gKF5A-XpgSKj56PJcKQK_Dgu2gLWk6SWlwK8_COQQ4pLhVPofjezu3BzA
.adnxs.com/ Name: uuid2
Value: 3076580384249673980
.adnxs.com/ Name: anj
Value: dTM7k!M41.D>6NRF']wIg2C')osn'C!]tbPl1M>e)ZlrFUfJ+tGXxpWAm>$3T(AXHAd6a2AGyzaUC0XN^NFwjlWdBO3If)y3KL9D3I?+V]vtls
.casalemedia.com/ Name: CMPS
Value: 5153
.casalemedia.com/ Name: CMRUM3
Value: 2d62adfa4f2760
.casalemedia.com/ Name: CMST
Value: Yq36T2Kt+k8A
.casalemedia.com/ Name: CMID
Value: Yq36T7RYok0m54YHa0fSPgAA
.casalemedia.com/ Name: CMPRO
Value: 5153

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

adservice.google.com
adservice.google.fr
cm.g.doubleclick.net
dsum-sec.casalemedia.com
fonts.googleapis.com
fonts.gstatic.com
googleads.g.doubleclick.net
googleads4.g.doubleclick.net
ib.adnxs.com
pagead2.googlesyndication.com
partner.googleadservices.com
payment.allopass.com
s0.2mdn.net
tpc.googlesyndication.com
www.biltoturf.com
www.eurogagnant.c4.fr
www.expressturf.net
www.flashcourse.net
www.google-analytics.com
www.google.com
www.googletagmanager.com
www.googletagservices.com
www.millionturf.com
www.pronostic-facile.fr
www.venez.fr
142.250.184.194
172.217.18.2
185.119.26.1
185.33.220.243
194.150.236.166
194.150.236.179
194.150.236.236
2.20.157.55
2606:4700:3034::ac43:c8d8
2a00:1450:4001:801::2002
2a00:1450:4001:80e::2006
2a00:1450:4001:811::2002
2a00:1450:4001:811::2008
2a00:1450:4001:812::2001
2a00:1450:4001:812::2002
2a00:1450:4001:828::200a
2a00:1450:4001:829::2002
2a00:1450:4001:830::2004
2a00:1450:4001:831::200e
2a00:1450:400e:801::2002
2a00:1450:400e:80c::2003
5.135.149.81
09390420931de1a5876504eb4ebc8af93bd0464e7837af05c971b8afd33f6dbf
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
0c91a24c2deb753c963c48cd9c3e5d16ee96128b30bce193c4324e121728c306
0d2230912fe4da19a6babdbca1bb67d2e0e60255db30c0b9d8f2ba31a1ad33ca
12274a6d735b640c7801b589da0ea3111cc936f54f69356e89df0d5257dbf4aa
127ab3ff6d14112ae6aa40b68d9d3144748eda08efbc60a48a5be0555cf8622b
14748c2140ac6a11018e24f8e4c92217cdaf2ded3fb2165323aa54c69c7f6ad7
1b62b6e206de7b6120f9accfeb4dbd37ff17897d0056836d07abc52fae5cf64d
1e2febd816ca74d843f100c2e7417cef8430cef84f5817d2ac1e5963d62eaff4
26f6a960d44093f8a56e95f2ed3ddd6d4526a86a3ce7dde31957b2cd21d887ff
277981dca24ece84637b2d46be1cc12809aa2f67176154471cf18002f403e1b6
28f18d39406a4b70dfa6cd479fe03f7ed918ca5c05cee26b87d9e1626cea1ed9
3289fc83b622ca0a13683fa81b006a05de135d1938744d6e30e5c9be2f2d782a
3f6530c2424161af4eda5ac19fb9f39de9e5ec8efccbcda0c383d33067bac088
4117985daaae3e0e0cdd215a102d1181fd9e5e890e03effc2b5b664a11cd54eb
467a5b06cb117035f7882e8c71d80e093f04ce586c1ac2b84e7e4adf978edb30
49bbdba8f720f63092875841946af781c35db165f4fa69c69d766374fba15f38
49d4ba84e10d9d1f2a83956dde4f20625fd11efc01f60a3a4552a9e09a05a74f
4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef
4d5862b3daeff2a0c52d69267a1eae566463c68bea47a8071dd9655c4c7c1192
502bf78db333356f428e459b0dccdd1974dcdf0a2211c52fe45cc10d6f4a6246
5056305b09ad6474ea540f796c79be51d6b8e96043cb3d7bc4ef774e56765f4f
55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a
58d53e3c171f724cfe649369efb827191eae989ca4507b4034df83f618fc1ba8
5929b7b020cb55e1f048721ce4745948bde58678f53155da4bac0b9183ec6393
5d74d225ed3a1ba493176f184c57877252a54ed81fc6031d6908ef70a11d4670
61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb
7dc792d48132ff15a9ad8c11a139bf26f8e13aa3df30a71582ae406ddffdab4f
7dd9659e56e92abc376e04d427903b2cfca1d52d854d38e35fefa4cf9e7fd9db
810a7c2d907ae61a666f07ae95cfefa761ff12e23b8c1600b910c183512452df
8605a8cb9d30199371ff58320f725533a3b2e3bd852ceb7d465fed0f4497d57c
88518a6eb401461a4de73806315ecb7292d347fcba058e8edd1470aa5349bbc1
8976277884b95b36fb3d06945f7a06b0320964337eef13af4ac690827202845b
8aa048082094d36080fc028ab1584264596c64fb5b362038c4761ac9838d6b14
95eb15e76b752a9c78d6281cd3b7c43a8fbc2931783edf3bf3703af55eff06e2
9aec3d0737f3100effed564263fc343871ab63ac47eed5a397012ebd706db5b4
9ff367082be1d94abc86ad1e75ff921cc5d53846e860267372fade66305f9120
a1925038db769477ab74b4df34350c35688a795bb718727b0f4292a4a78a6210
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
b019538234514166ec7665359d097403358f8a4c991901983922fb4d56989f1e
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b
c233ce3b2c93066a4fe602720eaee31dba0c23d5b832e7aac994f71d04697325
c8624612d5b50f7f8e62cb0e131ba6789304bda2498605a314e195e2c44d3d56
cc1f17eb97dc9ae2e869982ff18c92729195281f5b6b685128e10778b24e73a3
d42772d73d435840de06182be93036fed65d7954d1e61c1b26590c779885b0fe
d43af314f4a32ff8d1981c5319400f692c2cab96494705a9ec46cb1c45483ee5
d8bbcdfb239e531f58b6db6d8ac4e4e11249ebd4002e9d99bf9d5c539dc638ea
dc0ca01bd32bd667eb3847d0da1f130258377011013f33ed451056f64833b47c
de317176fa6b64a8e89bbd45d20b6be2560bbfa96e7e53e63eb754e18bfe6c1f
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e41d1ae45acbf836b8dcc29544c7e41cced4211214df601d5284a7e9c7134c73
e51b059b108ab049c579f38dd6bc3c08701ece63b17e0257e56959b6cd7dca39
e63601a07c7f4cbc35d413ee55c8a1abdfced23559701127e7208c48312ae876
ead7dff95228a235e92f3cc50bcd67d3e448ccb40cee683514504e8a59aa8f30
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
ef7da9876e483febca37a9cbe5ad1424349958d127b151f365929e3dcab68c7e
f481013610f5a29f75babc077cbd8a6955ec870b622116c3d7821d276b728ff4
f5aebdfea35d1e7656ef4acc5db1f243209755ae3300943ef8fc6280f363c860
f6734f8177112c0839b961f96d813fcb189d81b60e96c33278c1983b6f419615
f7d358e35deda6f6897ce76d181d72f6caf1f73f45e39835d7446b3693566f4f