www.codeturf.1s.fr Open in urlscan Pro
5.135.149.81 Public Scan

Go To Rescan
Add Verdict Report

URL:
http://www.codeturf.1s.fr/
Submission: On March 18 via manual (March 18th 2024, 5:31:18 am UTC) from BF — Scanned from FR

Summary HTTP 50 Redirects Behaviour Indicators

Summary

This website contacted 13 IPs in 3 countries across 11 domains to perform 50 HTTP transactions. The main IP is 5.135.149.81, located in France and belongs to OVH, FR. The main domain is www.codeturf.1s.fr.

This is the only time www.codeturf.1s.fr was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
10	5.135.149.81 5.135.149.81	16276 (OVH) (OVH)
7	193.37.145.64 193.37.145.64	210403 (LWS) (LWS)
14	2a00:1450:400... 2a00:1450:4001:806::2002	15169 (GOOGLE) (GOOGLE)
1	194.150.236.236 194.150.236.236	44976 (HIWIT_AS) (HIWIT_AS)
1	69.197.166.36 69.197.166.36	32097 (WII) (WII)
4	185.119.26.1 185.119.26.1	203544 (WEBDEVIIN-AS) (WEBDEVIIN-AS)
2	91.198.105.122 91.198.105.122	35393 (EURO-WEB-AS) (EURO-WEB-AS)
2	2a00:1450:400... 2a00:1450:4001:812::2008	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:82f::200a	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:829::2003	15169 (GOOGLE) (GOOGLE)
5	2a00:1450:400... 2a00:1450:4001:80e::2001	15169 (GOOGLE) (GOOGLE)
2	2a00:1450:400... 2a00:1450:4001:800::2003	15169 (GOOGLE) (GOOGLE)
50	13

10 5.135.149.81 (France)

ASN16276 (OVH, FR)
PTR: web3.venez.net

www.codeturf.1s.fr	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
www.venez.fr	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

7 193.37.145.64 (France)

ASN210403 (LWS, FR)

www.pmufacile.fr	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

14 2a00:1450:4001:806::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

pagead2.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 194.150.236.236 (France)

ASN44976 (HIWIT_AS, FR)
PTR: ns76.hiwit.net

www.turfsur.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 69.197.166.36 (United States)

ASN32097 (WII, US)
PTR: hosted-by.freewha.com

www.cissonturf.fr	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 185.119.26.1 (France)

ASN203544 (WEBDEVIIN-AS, FR)
PTR: 1.26.119.185.in-addr.arpa

payment.allopass.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 91.198.105.122 (France)

ASN35393 (EURO-WEB-AS, FR)

www.gambling-affiliation.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
static.gambling-affiliation.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:812::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.googletagmanager.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:82f::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:829::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 2a00:1450:4001:80e::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

tpc.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:800::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
19	googlesyndication.com pagead2.googlesyndication.com — Cisco Umbrella Rank: 115 tpc.googlesyndication.com — Cisco Umbrella Rank: 167	405 KB
7	venez.fr www.venez.fr	9 KB
7	pmufacile.fr www.pmufacile.fr	268 KB
4	allopass.com payment.allopass.com	11 KB
3	gstatic.com www.gstatic.com fonts.gstatic.com	47 KB
3	1s.fr www.codeturf.1s.fr	4 KB
2	googletagmanager.com www.googletagmanager.com — Cisco Umbrella Rank: 43	161 KB
2	gambling-affiliation.com www.gambling-affiliation.com static.gambling-affiliation.com	470 B
1	googleapis.com fonts.googleapis.com — Cisco Umbrella Rank: 38	1 KB
1	cissonturf.fr www.cissonturf.fr	22 KB
1	turfsur.com www.turfsur.com	12 KB
50	11

	Domain	Requested by
14	pagead2.googlesyndication.com	www.codeturf.1s.fr pagead2.googlesyndication.com tpc.googlesyndication.com
7	www.venez.fr	www.codeturf.1s.fr www.venez.fr
7	www.pmufacile.fr	www.codeturf.1s.fr www.pmufacile.fr
5	tpc.googlesyndication.com	pagead2.googlesyndication.com tpc.googlesyndication.com www.codeturf.1s.fr
4	payment.allopass.com	www.pmufacile.fr payment.allopass.com
3	www.codeturf.1s.fr	www.codeturf.1s.fr
2	fonts.gstatic.com	fonts.googleapis.com
2	www.googletagmanager.com	payment.allopass.com www.googletagmanager.com
1	www.gstatic.com	pagead2.googlesyndication.com
1	fonts.googleapis.com	pagead2.googlesyndication.com
1	static.gambling-affiliation.com	www.pmufacile.fr
1	www.gambling-affiliation.com	www.pmufacile.fr
1	www.cissonturf.fr	www.pmufacile.fr
1	www.turfsur.com	www.pmufacile.fr
50	14

This site contains no links.

Subject Issuer	Validity	Valid
quartesur.com R3	`2024-01-25` - `2024-04-24`	3 months	crt.sh
venez.fr R3	`2024-02-26` - `2024-05-26`	3 months	crt.sh
turfsur.com R3	`2024-01-27` - `2024-04-26`	3 months	crt.sh
www.cissonturf.fr R3	`2024-03-11` - `2024-06-09`	3 months	crt.sh
*.allopass.com Sectigo RSA Domain Validation Secure Server CA	`2023-10-06` - `2024-10-07`	a year	crt.sh
www.gambling-affiliation.com Gandi RSA Domain Validation Secure Server CA 3	`2023-10-24` - `2024-10-24`	a year	crt.sh
*.g.doubleclick.net GTS CA 1C3	`2024-02-19` - `2024-05-13`	3 months	crt.sh
*.google-analytics.com GTS CA 1C3	`2024-02-19` - `2024-05-13`	3 months	crt.sh
static.gambling-affiliation.com Gandi RSA Domain Validation Secure Server CA 3	`2023-08-31` - `2024-08-31`	a year	crt.sh
upload.video.google.com GTS CA 1C3	`2024-02-19` - `2024-05-13`	3 months	crt.sh
*.gstatic.com GTS CA 1C3	`2024-02-19` - `2024-05-13`	3 months	crt.sh
tpc.googlesyndication.com GTS CA 1C3	`2024-02-19` - `2024-05-13`	3 months	crt.sh

This page contains 8 frames:

Primary Page: http://www.codeturf.1s.fr/
Frame ID: 54E593184638EFF9F5A501B1F1BAE96B
Requests: 1 HTTP requests in this frame

Frame: http://www.codeturf.1s.fr/barre-codeturf.1s.fr.html
Frame ID: C094563F33FF3FA2A0F1A9882C7095B8
Requests: 9 HTTP requests in this frame

Frame: https://www.pmufacile.fr/pronos/codeturf/
Frame ID: 0ECCAA4DFD41CB443C9C327C40A5E6ED
Requests: 17 HTTP requests in this frame

Frame: http://www.codeturf.1s.fr/stats-codeturf.1s.fr.html
Frame ID: F10C6A33772949ABD03797D9EEC1BAC1
Requests: 1 HTTP requests in this frame

Frame: https://www.venez.fr/alternate-barre.htm
Frame ID: 0DC608E101049ED4937E728AF2715381
Requests: 4 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/pagead/ads?ltd_cs=1&client=ca-pub-5203714787387788&output=html&h=90&slotname=4563536207&adk=2647235303&adf=3604715433&pi=t.ma~as.4563536207&w=970&format=970x90&url=http%3A%2F%2Fwww.codeturf.1s.fr%2F&wgl=1&dt=1710739874238&bpp=2&bdt=300&idt=202&shv=r20240313&mjsv=m202403130201&ptt=9&saldr=aa&correlator=7102738535244&frm=23&ife=1&pv=2&ga_vid=1719349003.1710739874&ga_sid=1710739874&ga_hid=1732679893&ga_fc=0&nhd=1&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&adx=20&ady=0&biw=1600&bih=1200&isw=1600&ish=90&ifk=3526821491&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C44798934%2C95327951%2C95327954%2C31081901%2C95320378%2C95321868%2C95325784%2C95326922%2C21065725&oid=2&pvsid=1072952987920628&tmod=1751596101&uas=0&nvt=1&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C90&vis=1&rsz=o%7Co%7CaeE%7C&abl=NA&pfx=0&fu=4&bc=23&bz=1&ifi=1&uci=1.5xn1k93fwbpr&fsb=1&dtd=210
Frame ID: 30B05EB8992BDCDB7EE19FFCA2F8FD30
Requests: 15 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/bg/weUkfnhPfsAYDGwFPOg527s0mN-IfUjQ6Qxl1TanWMA.js
Frame ID: 6B491ED2B25A2069D965C32BD8999643
Requests: 1 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Frame ID: 93AE07C797599E045306711D1F3990ED
Requests: 3 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

CODETURF

Detected technologies

Google AdSense (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

googlesyndication\.com/

Google Tag Manager (Tag Managers) Expand

Overall confidence: 100%
Detected patterns

googletagmanager\.com/gtm\.js

Page Statistics

50
Requests

92 %
HTTPS

50 %
IPv6

11
Domains

14
Subdomains

13
IPs

3
Countries

939 kB
Transfer

2290 kB
Size

3
Cookies

0 Outgoing links

These are links going to different origins than the main page.

Redirected requests

There were HTTP redirect chains for the following requests:

50 HTTP transactions
1 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H/1.1 200
OK Primary Request / Show response
www.codeturf.1s.fr/ 3 KB
1 KB 103ms
28ms Document
text/html 5.135.149.81
OVH

General

Check archive.org

Show headers Download Go to

Full URL: http://www.codeturf.1s.fr/
Protocol: HTTP/1.1
Server: 5.135.149.81 , France, ASN16276 (OVH, FR),
Reverse DNS: web3.venez.net
Software: Apache /
Resource Hash: 123ad3afab16415eada5e7ab5960d6818597871562e0f0f6ebcf055f895a4ceb

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36
accept-language: fr-FR,fr;q=0.9

Response headers

Connection: Keep-Alive
Content-Encoding: gzip
Content-Length: 1167
Content-Type: text/html; charset=iso-8859-1
Date: Mon, 18 Mar 2024 05:31:13 GMT
Keep-Alive: timeout=5, max=100
Server: Apache
Vary: Accept-Encoding

GET
H/1.1 200
OK barre-codeturf.1s.fr.html Show response
www.codeturf.1s.fr/ Frame C094 3 KB
2 KB 125ms
125ms Document
text/html 5.135.149.81
OVH

General

Check archive.org

Show headers Download Go to

Full URL: http://www.codeturf.1s.fr/barre-codeturf.1s.fr.html
Requested by: Host: www.codeturf.1s.fr
URL: http://www.codeturf.1s.fr/
Protocol: HTTP/1.1
Server: 5.135.149.81 , France, ASN16276 (OVH, FR),
Reverse DNS: web3.venez.net
Software: Apache /
Resource Hash: ddfee87fd6bfa352e787d2cb27ff47104abf438b574eaea877fa65145a36ff9c

Request headers

Referer: http://www.codeturf.1s.fr/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36
accept-language: fr-FR,fr;q=0.9

Response headers

Cache-Control: no-store, no-cache, must-revalidate post-check=0, pre-check=0
Connection: Keep-Alive
Content-Encoding: gzip
Content-Length: 1580
Content-Type: text/html; charset=ISO-8859-1
Date: Mon, 18 Mar 2024 05:31:13 GMT
Expires: Mon, 18 Mar 2024 05:31:13 GMT
Keep-Alive: timeout=5, max=99
Last-Modified: Mon, 18 Mar 2024 05:31:13 GMT
Pragma: no-cache
Server: Apache
Vary: Accept-Encoding

GET
H2 200 / Show response
www.pmufacile.fr/pronos/codeturf/ Frame 0ECC 7 KB
2 KB 169ms
33ms Document
text/html 193.37.145.64
LWS

General

Check archive.org

Show headers Download Go to

Full URL: https://www.pmufacile.fr/pronos/codeturf/
Requested by: Host: www.codeturf.1s.fr
URL: http://www.codeturf.1s.fr/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 193.37.145.64 , France, ASN210403 (LWS, FR),
Reverse DNS
Software: /
Resource Hash: e4bc5f2f9c3401b31790e8dc98cc085f9941466b57a43f5db3dfad1105b13165

Request headers

Referer: http://www.codeturf.1s.fr/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36
accept-language: fr-FR,fr;q=0.9

Response headers

accept-ranges: bytes
content-encoding: br
content-length: 2005
content-type: text/html; charset=UTF-8
date: Mon, 18 Mar 2024 05:31:13 GMT
vary: Accept-Encoding
x-cache-key: https://www.pmufacile.fr/pronos/codeturf/bytes=0-2097151
x-cache-status: BYPASS
x-request-id: b147427a39037d1493f2993552a64b69

GET
H/1.1 200
OK stats-codeturf.1s.fr.html Show response
www.codeturf.1s.fr/ Frame F10C 0
192 B 127ms
103ms Document
text/html 5.135.149.81
OVH

General

Check archive.org

Show headers Download Go to

Full URL: http://www.codeturf.1s.fr/stats-codeturf.1s.fr.html
Requested by: Host: www.codeturf.1s.fr
URL: http://www.codeturf.1s.fr/
Protocol: HTTP/1.1
Server: 5.135.149.81 , France, ASN16276 (OVH, FR),
Reverse DNS: web3.venez.net
Software: Apache /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: http://www.codeturf.1s.fr/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36
accept-language: fr-FR,fr;q=0.9

Response headers

Connection: Keep-Alive
Content-Length: 0
Content-Type: text/html; charset=iso-8859-1
Date: Mon, 18 Mar 2024 05:31:13 GMT
Keep-Alive: timeout=5, max=100
Server: Apache

GET
H/1.1 200
OK site.js Show response
www.venez.fr/js/ Frame C094 2 KB
1 KB 161ms
25ms Script
application/javascript 5.135.149.81
OVH

General

Check archive.org

Show headers Download Go to

Full URL: https://www.venez.fr/js/site.js?www.venez.fr
Requested by: Host: www.codeturf.1s.fr
URL: http://www.codeturf.1s.fr/barre-codeturf.1s.fr.html
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 5.135.149.81 , France, ASN16276 (OVH, FR),
Reverse DNS: web3.venez.net
Software: Apache /
Resource Hash: 0c91a24c2deb753c963c48cd9c3e5d16ee96128b30bce193c4324e121728c306

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: http://www.codeturf.1s.fr/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

Date: Mon, 18 Mar 2024 05:31:13 GMT
Content-Encoding: gzip
Last-Modified: Mon, 18 Mar 2024 05:31:13 GMT
Server: Apache
Vary: Accept-Encoding
Content-Type: application/javascript
Cache-Control: public, max-age=604800
Connection: Keep-Alive
Keep-Alive: timeout=5, max=100
Content-Length: 1023
Expires: Mon, 25 Mar 2024 05:31:13 GMT

GET
H/1.1 200
OK separateur90.gif
www.venez.fr/images/ Frame C094 82 B
388 B 169ms
27ms Image
image/gif 5.135.149.81
OVH

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.venez.fr/images/separateur90.gif
Requested by: Host: www.codeturf.1s.fr
URL: http://www.codeturf.1s.fr/barre-codeturf.1s.fr.html
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 5.135.149.81 , France, ASN16276 (OVH, FR),
Reverse DNS: web3.venez.net
Software: Apache /
Resource Hash: 3289fc83b622ca0a13683fa81b006a05de135d1938744d6e30e5c9be2f2d782a

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: http://www.codeturf.1s.fr/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

Date: Mon, 18 Mar 2024 05:31:13 GMT
Last-Modified: Thu, 15 Nov 2018 22:11:22 GMT
Server: Apache
ETag: "52-57abb54b25680"
Content-Type: image/gif
Cache-Control: max-age=604800, public
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=100
Content-Length: 82

GET
H/1.1 200
OK adsbygoogle.js Show response
pagead2.googlesyndication.com/pagead/js/ Frame C094 145 KB
53 KB 67ms
42ms Script
text/javascript 2a00:1450:4001:806::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

http://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js

Requested by

Host: www.codeturf.1s.fr
URL: http://www.codeturf.1s.fr/barre-codeturf.1s.fr.html

Protocol

HTTP/1.1

Server

2a00:1450:4001:806::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

2256ad5a6e2137c0cf0891a2a107dbd5307f129c1fb54a54201ad0b255983ce9

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: http://www.codeturf.1s.fr/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

Date: Mon, 18 Mar 2024 05:31:14 GMT
Content-Encoding: gzip
X-Content-Type-Options: nosniff
P3P: policyref="http://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
Cross-Origin-Resource-Policy: cross-origin
Content-Disposition: attachment; filename="f.txt"
Content-Length: 53885
X-XSS-Protection: 0
Server: cafe
ETag: 3152967001796803382
Vary: Accept-Encoding
Content-Type: text/javascript; charset=UTF-8
Access-Control-Allow-Origin: *
Cache-Control: private, max-age=3600, stale-while-revalidate=3600
Timing-Allow-Origin: *
Link: <https://googleads.g.doubleclick.net>; rel="preconnect"; crossorigin
Expires: Mon, 18 Mar 2024 05:31:14 GMT

GET
H2 200 logo.png
www.pmufacile.fr/pronos/codeturf/ Frame 0ECC 125 KB
126 KB 55ms
55ms Image
image/png 193.37.145.64
LWS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.pmufacile.fr/pronos/codeturf/logo.png
Requested by: Host: www.pmufacile.fr
URL: https://www.pmufacile.fr/pronos/codeturf/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 193.37.145.64 , France, ASN210403 (LWS, FR),
Reverse DNS
Software: /
Resource Hash: 6983035af9df3d5c0cf99182617d55b26c74833bd02b3aed63128821ff957be3

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://www.pmufacile.fr/pronos/codeturf/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

date: Mon, 18 Mar 2024 05:31:14 GMT
last-modified: Tue, 05 Mar 2024 06:16:31 GMT
x-cache-key: https://www.pmufacile.fr/pronos/codeturf/logo.pngbytes=0-2097151
etag: "1f54e-612e3c8861991"
x-cache-status: BYPASS
content-type: image/png
accept-ranges: bytes
content-length: 128334
x-request-id: 1cbca896e96352efb9c3a75f16f071e3

GET
H2 200 head.jpg
www.pmufacile.fr/pronos/codeturf/ Frame 0ECC 66 KB
66 KB 55ms
54ms Image
image/jpeg 193.37.145.64
LWS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.pmufacile.fr/pronos/codeturf/head.jpg
Requested by: Host: www.pmufacile.fr
URL: https://www.pmufacile.fr/pronos/codeturf/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 193.37.145.64 , France, ASN210403 (LWS, FR),
Reverse DNS
Software: /
Resource Hash: 4917d19d61c5fd4026e6a1e7c88db334ef56c60e6fbdee162de28faaae18781b

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://www.pmufacile.fr/pronos/codeturf/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

date: Mon, 18 Mar 2024 05:31:14 GMT
last-modified: Tue, 05 Mar 2024 06:16:26 GMT
x-cache-key: https://www.pmufacile.fr/pronos/codeturf/head.jpgbytes=0-2097151
etag: "10689-612e3c839de07"
x-cache-status: BYPASS
content-type: image/jpeg
accept-ranges: bytes
content-length: 67209
x-request-id: c302502edeee3e0acfd142791bebe296

GET
H/1.1 200
OK logo.gif
www.turfsur.com/img/ Frame 0ECC 11 KB
12 KB 134ms
20ms Image
image/gif 194.150.236.236
HIWIT_AS

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.turfsur.com/img/logo.gif

Requested by

Host: www.pmufacile.fr
URL: https://www.pmufacile.fr/pronos/codeturf/

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

194.150.236.236 , France, ASN44976 (HIWIT_AS, FR),

Reverse DNS

ns76.hiwit.net

Software

Apache /

Resource Hash

9bd0c1e96f9d3b63b53ba8c355ada916479d8815034cab0aad1540c3c602d896

Security Headers

Name	Value
Strict-Transport-Security	max-age=15768000

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://www.pmufacile.fr/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

Date: Mon, 18 Mar 2024 05:31:14 GMT
Strict-Transport-Security: max-age=15768000
Last-Modified: Mon, 08 Jan 2024 06:39:28 GMT
Server: Apache
ETag: "2e88d10-2cb9-60e69759f6800"
Vary: Host
Content-Type: image/gif
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=15, max=100
Content-Length: 11449

GET
H2 200 logo.gif
www.pmufacile.fr/img/ Frame 0ECC 10 KB
10 KB 35ms
34ms Image
image/gif 193.37.145.64
LWS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.pmufacile.fr/img/logo.gif
Requested by: Host: www.pmufacile.fr
URL: https://www.pmufacile.fr/pronos/codeturf/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 193.37.145.64 , France, ASN210403 (LWS, FR),
Reverse DNS
Software: /
Resource Hash: 119b529edc513290ac8b73e209c46750a556e6417ddb17f82ce4116c9bfb9693

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://www.pmufacile.fr/pronos/codeturf/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

date: Mon, 18 Mar 2024 05:31:14 GMT
last-modified: Fri, 26 May 2023 04:38:13 GMT
x-cache-key: https://www.pmufacile.fr/img/logo.gifbytes=0-2097151
etag: "27c9-5fc914e123e81"
x-cache-status: BYPASS
content-type: image/gif
accept-ranges: bytes
content-length: 10185
x-request-id: b6c3058446743241cadaa2e541287602

GET
H2 200 logo.gif
www.cissonturf.fr/images/ Frame 0ECC 21 KB
22 KB 2634ms
123ms Image
image/gif 69.197.166.36
WII

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.cissonturf.fr/images/logo.gif
Requested by: Host: www.pmufacile.fr
URL: https://www.pmufacile.fr/pronos/codeturf/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 69.197.166.36 , United States, ASN32097 (WII, US),
Reverse DNS: hosted-by.freewha.com
Software: Apache/2.4.51 /
Resource Hash: 9d9142d75fbc635e2f6dec08271f4f077a660f9b5f39789dfe2adb72aa1843d3

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://www.pmufacile.fr/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 18 Mar 2024 05:31:16 GMT
last-modified: Tue, 09 May 2023 18:23:46 GMT
server: Apache/2.4.51
etag: "558d-5fb46db1e54df"
content-type: image/gif
cache-control: no-cache
accept-ranges: bytes
content-length: 21901
expires: Mon, 18 Mar 2024 05:31:16 GMT

GET
H/1.1 200
OK checkout.apu Show response
payment.allopass.com/buy/ Frame 0ECC 11 KB
4 KB 435ms
65ms Script
text/html 185.119.26.1
WEBDEVIIN-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://payment.allopass.com/buy/checkout.apu?ids=357821&idd=1561471&lang=fr
Requested by: Host: www.pmufacile.fr
URL: https://www.pmufacile.fr/pronos/codeturf/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 185.119.26.1 , France, ASN203544 (WEBDEVIIN-AS, FR),
Reverse DNS: 1.26.119.185.in-addr.arpa
Software: Apache /
Resource Hash: 3faae8176ae050c8ba34dc1021dd172389e2441b44625b2eb9cf7bb991c7f463

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://www.pmufacile.fr/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

Pragma: no-cache
Date: Mon, 18 Mar 2024 05:31:14 GMT
Content-Encoding: gzip
Server: Apache
Vary: Accept-Encoding
P3P: CP='NON NID OTPa OUR NOR' policy-ref='http://payment.allopass.com/info/p3p/policy-references.xml'
Content-Type: text/html
Cache-Control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
Connection: close
Content-Length: 2963
Expires: Thu, 19 Nov 1981 08:52:00 GMT

GET
H2 200 abie.jpg
www.pmufacile.fr/pronos/codeturf/ Frame 0ECC 28 KB
28 KB 55ms
54ms Image
image/jpeg 193.37.145.64
LWS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.pmufacile.fr/pronos/codeturf/abie.jpg
Requested by: Host: www.pmufacile.fr
URL: https://www.pmufacile.fr/pronos/codeturf/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 193.37.145.64 , France, ASN210403 (LWS, FR),
Reverse DNS
Software: /
Resource Hash: 726bde8b55ba6f3743ad0aa22a11efff7788a44fb4dbed59d54aa901d644bd4b

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://www.pmufacile.fr/pronos/codeturf/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

date: Mon, 18 Mar 2024 05:31:14 GMT
last-modified: Tue, 05 Mar 2024 06:16:23 GMT
x-cache-key: https://www.pmufacile.fr/pronos/codeturf/abie.jpgbytes=0-2097151
etag: "7055-612e3c80e78b3"
x-cache-status: BYPASS
content-type: image/jpeg
accept-ranges: bytes
content-length: 28757
x-request-id: 010542f968a50204e70263c5874d7e7f

GET
H2 200 v=K7ygB7zyluriyocMEb1q8qFFwSaHUfbhnvZmf2wz-18_ Show response
www.gambling-affiliation.com/cpm/ Frame 0ECC 202 B
290 B 421ms
161ms Script
application/javascript 91.198.105.122
EURO-WEB-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://www.gambling-affiliation.com/cpm/v=K7ygB7zyluriyocMEb1q8qFFwSaHUfbhnvZmf2wz-18_
Requested by: Host: www.pmufacile.fr
URL: https://www.pmufacile.fr/pronos/codeturf/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 91.198.105.122 , France, ASN35393 (EURO-WEB-AS, FR),
Reverse DNS
Software: Apache /
Resource Hash: 3294ad0ed0f2de182e1ae274afbed2f5f2942f04d8352410633cbd78309f9815

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://www.pmufacile.fr/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

date: Mon, 18 Mar 2024 05:31:14 GMT
server: Apache
content-length: 202
content-type: application/javascript

GET
H2 200 clark-under-rail.jpg
www.pmufacile.fr/pronos/codeturf/ Frame 0ECC 319 KB
0 80ms
79ms Image
image/jpeg 193.37.145.64
LWS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.pmufacile.fr/pronos/codeturf/clark-under-rail.jpg
Requested by: Host: www.pmufacile.fr
URL: https://www.pmufacile.fr/pronos/codeturf/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 193.37.145.64 , France, ASN210403 (LWS, FR),
Reverse DNS
Software: /
Resource Hash

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://www.pmufacile.fr/pronos/codeturf/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

date: Mon, 18 Mar 2024 05:31:14 GMT
last-modified: Tue, 05 Mar 2024 06:16:28 GMT
x-cache-key: https://www.pmufacile.fr/pronos/codeturf/clark-under-rail.jpgbytes=0-2097151
etag: "59cb7-612e3c8563f9f"
x-cache-status: BYPASS
content-type: image/jpeg
accept-ranges: bytes
content-length: 367799
x-request-id: e073081fb13e84fc0a5e75036a7932a3

GET
H2 200 puce.png
www.pmufacile.fr/pronos/codeturf/ Frame 0ECC 36 KB
36 KB 80ms
80ms Image
image/png 193.37.145.64
LWS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.pmufacile.fr/pronos/codeturf/puce.png
Requested by: Host: www.pmufacile.fr
URL: https://www.pmufacile.fr/pronos/codeturf/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 193.37.145.64 , France, ASN210403 (LWS, FR),
Reverse DNS
Software: /
Resource Hash: 73e994d4b1fe59fe3b7d5e3ef17e23c56cdcfc1b20db05af4523f46e1dc797de

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://www.pmufacile.fr/pronos/codeturf/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

date: Mon, 18 Mar 2024 05:31:14 GMT
last-modified: Tue, 05 Mar 2024 06:16:32 GMT
x-cache-key: https://www.pmufacile.fr/pronos/codeturf/puce.pngbytes=0-2097151
etag: "8eeb-612e3c894810d"
x-cache-status: BYPASS
content-type: image/png
accept-ranges: bytes
content-length: 36587
x-request-id: 5bfeeff73e9cee3ff795ecc166681763

GET
H/1.1 200
OK alternate-barre.htm Show response
www.venez.fr/ Frame 0DC6 2 KB
1 KB 26ms
25ms Document
text/html 5.135.149.81
OVH

General

Check archive.org

Show headers Download Go to

Full URL: https://www.venez.fr/alternate-barre.htm
Requested by: Host: www.codeturf.1s.fr
URL: http://www.codeturf.1s.fr/barre-codeturf.1s.fr.html
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 5.135.149.81 , France, ASN16276 (OVH, FR),
Reverse DNS: web3.venez.net
Software: Apache /
Resource Hash: d0b56198683b9db9e627c518fa16cf03970698d66c34c3bb86dc1e2128ddb5fe

Request headers

Referer: http://www.codeturf.1s.fr/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36
accept-language: fr-FR,fr;q=0.9

Response headers

Connection: Keep-Alive
Content-Encoding: gzip
Content-Length: 873
Content-Type: text/html; charset=iso-8859-1
Date: Mon, 18 Mar 2024 05:31:13 GMT
Keep-Alive: timeout=5, max=99
Server: Apache
Vary: Accept-Encoding

GET
H/1.1 200
OK barre90.gif
www.venez.fr/images/ Frame C094 110 B
416 B 34ms
27ms Image
image/gif 5.135.149.81
OVH

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.venez.fr/images/barre90.gif
Requested by: Host: www.codeturf.1s.fr
URL: http://www.codeturf.1s.fr/barre-codeturf.1s.fr.html
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 5.135.149.81 , France, ASN16276 (OVH, FR),
Reverse DNS: web3.venez.net
Software: Apache /
Resource Hash: 49d4ba84e10d9d1f2a83956dde4f20625fd11efc01f60a3a4552a9e09a05a74f

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: http://www.codeturf.1s.fr/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

Date: Mon, 18 Mar 2024 05:31:13 GMT
Last-Modified: Thu, 15 Nov 2018 22:06:23 GMT
Server: Apache
ETag: "6e-57abb42dff5c0"
Content-Type: image/gif
Cache-Control: max-age=604800, public
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=99
Content-Length: 110

GET
H/1.1 200
OK 120x60.gif
www.venez.fr/images/ Frame 0DC6 4 KB
4 KB 26ms
26ms Image
image/gif 5.135.149.81
OVH

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.venez.fr/images/120x60.gif
Requested by: Host: www.venez.fr
URL: https://www.venez.fr/alternate-barre.htm
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 5.135.149.81 , France, ASN16276 (OVH, FR),
Reverse DNS: web3.venez.net
Software: Apache /
Resource Hash: 7dc792d48132ff15a9ad8c11a139bf26f8e13aa3df30a71582ae406ddffdab4f

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://www.venez.fr/alternate-barre.htm
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

Date: Mon, 18 Mar 2024 05:31:13 GMT
Last-Modified: Wed, 02 Mar 2011 00:16:24 GMT
Server: Apache
ETag: "f4c-49d74d2b9c600"
Content-Type: image/gif
Cache-Control: max-age=604800, public
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=98
Content-Length: 3916

GET
H/1.1 200
OK site.js Show response
www.venez.fr/js/ Frame 0DC6 2 KB
1 KB 35ms
27ms Script
application/javascript 5.135.149.81
OVH

General

Check archive.org

Show headers Download Go to

Full URL: https://www.venez.fr/js/site.js?www.venez.fr
Requested by: Host: www.venez.fr
URL: https://www.venez.fr/alternate-barre.htm
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 5.135.149.81 , France, ASN16276 (OVH, FR),
Reverse DNS: web3.venez.net
Software: Apache /
Resource Hash: 0c91a24c2deb753c963c48cd9c3e5d16ee96128b30bce193c4324e121728c306

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://www.venez.fr/alternate-barre.htm
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

Date: Mon, 18 Mar 2024 05:31:13 GMT
Content-Encoding: gzip
Last-Modified: Mon, 18 Mar 2024 05:31:13 GMT
Server: Apache
Vary: Accept-Encoding
Content-Type: application/javascript
Cache-Control: public, max-age=604800
Connection: Keep-Alive
Keep-Alive: timeout=5, max=98
Content-Length: 1023
Expires: Mon, 25 Mar 2024 05:31:13 GMT

GET
H/1.1 200
OK barre90.gif
www.venez.fr/images/ Frame 0DC6 110 B
416 B 43ms
25ms Image
image/gif 5.135.149.81
OVH

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.venez.fr/images/barre90.gif
Requested by: Host: www.venez.fr
URL: https://www.venez.fr/alternate-barre.htm
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 5.135.149.81 , France, ASN16276 (OVH, FR),
Reverse DNS: web3.venez.net
Software: Apache /
Resource Hash: 49d4ba84e10d9d1f2a83956dde4f20625fd11efc01f60a3a4552a9e09a05a74f

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://www.venez.fr/alternate-barre.htm
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

Date: Mon, 18 Mar 2024 05:31:13 GMT
Last-Modified: Thu, 15 Nov 2018 22:06:23 GMT
Server: Apache
ETag: "6e-57abb42dff5c0"
Content-Type: image/gif
Cache-Control: max-age=604800, public
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=97
Content-Length: 110

GET
H2 200 show_ads_impl_with_ama_fy2021.js Show response
pagead2.googlesyndication.com/pagead/managed/js/adsense/m202403130201/ Frame C094 406 KB
138 KB 118ms
60ms Script
text/javascript 2a00:1450:4001:806::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202403130201/show_ads_impl_with_ama_fy2021.js?client=ca-pub-5203714787387788&plah=www.codeturf.1s.fr&aplac=true&bust=31081901

Requested by

Host: pagead2.googlesyndication.com
URL: http://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:806::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

06ecbd3deb3dde6872fa7d6dd646690cb292b49cc15dc300cc425899d4b0a751

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: http://www.codeturf.1s.fr/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

date: Mon, 18 Mar 2024 05:31:14 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 140997
x-xss-protection: 0
server: cafe
etag: 11460015905440176877
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=3600, stale-while-revalidate=3600
timing-allow-origin: *
expires: Mon, 18 Mar 2024 05:31:14 GMT

GET
H2 200 gtm.js Show response
www.googletagmanager.com/ Frame 0ECC 172 KB
63 KB 104ms
43ms Script
application/javascript 2a00:1450:4001:812::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtm.js?id=GTM-NVK252XV

Requested by

Host: payment.allopass.com
URL: https://payment.allopass.com/buy/checkout.apu?ids=357821&idd=1561471&lang=fr

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:812::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

33e8cd739d896738c12b3d56e8481ef7e5cbed64d3070c9997924009283438e9

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://www.pmufacile.fr/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

date: Mon, 18 Mar 2024 05:31:14 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 64108
x-xss-protection: 0
last-modified: Mon, 18 Mar 2024 03:00:00 GMT
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Mon, 18 Mar 2024 05:31:14 GMT

GET
H/1.1 200
OK buy-button.css
payment.allopass.com/static/css/ Frame 0ECC 2 KB
830 B 68ms
27ms Stylesheet
text/css 185.119.26.1
WEBDEVIIN-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://payment.allopass.com/static/css/buy-button.css?1
Requested by: Host: payment.allopass.com
URL: https://payment.allopass.com/buy/checkout.apu?ids=357821&idd=1561471&lang=fr
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 185.119.26.1 , France, ASN203544 (WEBDEVIIN-AS, FR),
Reverse DNS: 1.26.119.185.in-addr.arpa
Software: Apache /
Resource Hash: 95eb15e76b752a9c78d6281cd3b7c43a8fbc2931783edf3bf3703af55eff06e2

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://www.pmufacile.fr/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

Date: Mon, 18 Mar 2024 05:31:14 GMT
Content-Encoding: gzip
Last-Modified: Mon, 21 Aug 2023 10:50:27 GMT
Server: Apache
ETag: "24c36-69a-6036ca56d02c0"
Vary: Accept-Encoding
Content-Type: text/css
Connection: close
Accept-Ranges: bytes
Content-Length: 546

GET
H/1.1 200
OK 162x56.png
payment.allopass.com/static/buy/button/fr/ Frame 0ECC 6 KB
6 KB 67ms
26ms Image
image/png 185.119.26.1
WEBDEVIIN-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://payment.allopass.com/static/buy/button/fr/162x56.png
Requested by: Host: www.pmufacile.fr
URL: https://www.pmufacile.fr/pronos/codeturf/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 185.119.26.1 , France, ASN203544 (WEBDEVIIN-AS, FR),
Reverse DNS: 1.26.119.185.in-addr.arpa
Software: Apache /
Resource Hash: 7dd9659e56e92abc376e04d427903b2cfca1d52d854d38e35fefa4cf9e7fd9db

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://www.pmufacile.fr/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

Date: Mon, 18 Mar 2024 05:31:14 GMT
Last-Modified: Mon, 21 Aug 2023 10:50:27 GMT
Server: Apache
ETag: "215ee-1688-6036ca56d02c0"
Content-Type: image/png
Connection: close
Accept-Ranges: bytes
Content-Length: 5768

GET
H2 200 ad_error5.gif
static.gambling-affiliation.com/images/ Frame 0ECC 47 B
180 B 149ms
22ms Image
image/gif 91.198.105.122
EURO-WEB-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://static.gambling-affiliation.com/images/ad_error5.gif?err=K7ygB7zyluriyocMEb1q8qFFwSaHUfbhnvZmf2wz-18_
Requested by: Host: www.pmufacile.fr
URL: https://www.pmufacile.fr/pronos/codeturf/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 91.198.105.122 , France, ASN35393 (EURO-WEB-AS, FR),
Reverse DNS
Software: nginx/1.15.5 /
Resource Hash: bea032003ecf807190d89c0572afa5c4386b7d457667352007b5de577322a42d

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://www.pmufacile.fr/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

date: Mon, 18 Mar 2024 05:31:14 GMT
last-modified: Fri, 15 Feb 2019 09:20:52 GMT
server: nginx/1.15.5
accept-ranges: bytes
etag: "5c668474-2f"
content-length: 47
content-type: image/gif

GET
H/1.1 200
OK bt_ok.gif
payment.allopass.com/imgweb/common/ Frame 0ECC 753 B
991 B 67ms
26ms Image
image/gif 185.119.26.1
WEBDEVIIN-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://payment.allopass.com/imgweb/common/bt_ok.gif
Requested by: Host: www.pmufacile.fr
URL: https://www.pmufacile.fr/pronos/codeturf/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 185.119.26.1 , France, ASN203544 (WEBDEVIIN-AS, FR),
Reverse DNS: 1.26.119.185.in-addr.arpa
Software: Apache /
Resource Hash: d1d6b5efe0d6c2540778435a8f7873cbec1eb76a2b107370388a8806cb5dda6a

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://www.pmufacile.fr/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

Date: Mon, 18 Mar 2024 05:31:14 GMT
Last-Modified: Tue, 26 Nov 2019 14:39:46 GMT
Server: Apache
ETag: "432cd-2f1-59840d9fb3080"
Content-Type: image/gif
Connection: close
Accept-Ranges: bytes
Content-Length: 753

GET
H2 200 ads Show response
pagead2.googlesyndication.com/pagead/ Frame 30B0 117 KB
40 KB 574ms
573ms Document
text/html 2a00:1450:4001:806::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/ads?ltd_cs=1&client=ca-pub-5203714787387788&output=html&h=90&slotname=4563536207&adk=2647235303&adf=3604715433&pi=t.ma~as.4563536207&w=970&format=970x90&url=http%3A%2F%2Fwww.codeturf.1s.fr%2F&wgl=1&dt=1710739874238&bpp=2&bdt=300&idt=202&shv=r20240313&mjsv=m202403130201&ptt=9&saldr=aa&correlator=7102738535244&frm=23&ife=1&pv=2&ga_vid=1719349003.1710739874&ga_sid=1710739874&ga_hid=1732679893&ga_fc=0&nhd=1&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&adx=20&ady=0&biw=1600&bih=1200&isw=1600&ish=90&ifk=3526821491&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C44798934%2C95327951%2C95327954%2C31081901%2C95320378%2C95321868%2C95325784%2C95326922%2C21065725&oid=2&pvsid=1072952987920628&tmod=1751596101&uas=0&nvt=1&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C90&vis=1&rsz=o%7Co%7CaeE%7C&abl=NA&pfx=0&fu=4&bc=23&bz=1&ifi=1&uci=1.5xn1k93fwbpr&fsb=1&dtd=210

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202403130201/show_ads_impl_with_ama_fy2021.js?client=ca-pub-5203714787387788&plah=www.codeturf.1s.fr&aplac=true&bust=31081901

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:806::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

1d5eef4a5b275fe934bce3ab543fed3252fc43d0d2acf5984fc0a823493ad26e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: http://www.codeturf.1s.fr/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36
accept-language: fr-FR,fr;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-encoding: br
content-length: 40524
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Mon, 18 Mar 2024 05:31:15 GMT
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 destination Show response
www.googletagmanager.com/gtag/ Frame 0ECC 297 KB
98 KB 41ms
41ms Script
application/javascript 2a00:1450:4001:812::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/destination?id=G-QG320G96PZ&l=dataLayer&cx=c

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-NVK252XV

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:812::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

56908dbb18499b6841d7320d6893482435edebcbf0cc3f8429d9f77c69df84c1

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://www.pmufacile.fr/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

date: Mon, 18 Mar 2024 05:31:14 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
access-control-allow-headers: Cache-Control
content-length: 99997
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires: Mon, 18 Mar 2024 05:31:14 GMT

GET
H2 200 css
fonts.googleapis.com/ Frame 30B0 4 KB
1 KB 94ms
35ms Stylesheet
text/css 2a00:1450:4001:82f::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Roboto%3A400%2C700

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/ads?ltd_cs=1&client=ca-pub-5203714787387788&output=html&h=90&slotname=4563536207&adk=2647235303&adf=3604715433&pi=t.ma~as.4563536207&w=970&format=970x90&url=http%3A%2F%2Fwww.codeturf.1s.fr%2F&wgl=1&dt=1710739874238&bpp=2&bdt=300&idt=202&shv=r20240313&mjsv=m202403130201&ptt=9&saldr=aa&correlator=7102738535244&frm=23&ife=1&pv=2&ga_vid=1719349003.1710739874&ga_sid=1710739874&ga_hid=1732679893&ga_fc=0&nhd=1&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&adx=20&ady=0&biw=1600&bih=1200&isw=1600&ish=90&ifk=3526821491&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C44798934%2C95327951%2C95327954%2C31081901%2C95320378%2C95321868%2C95325784%2C95326922%2C21065725&oid=2&pvsid=1072952987920628&tmod=1751596101&uas=0&nvt=1&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C90&vis=1&rsz=o%7Co%7CaeE%7C&abl=NA&pfx=0&fu=4&bc=23&bz=1&ifi=1&uci=1.5xn1k93fwbpr&fsb=1&dtd=210

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82f::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

396bd1ab182a204c8c227c5d6aef6cbe3a3481500e816635b408da715695dfa1

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Mon, 18 Mar 2024 05:31:15 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
last-modified: Mon, 18 Mar 2024 04:15:45 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Mon, 18 Mar 2024 05:31:15 GMT

GET
H3 200 load_preloaded_resource_fy2021.js Show response
pagead2.googlesyndication.com/pagead/js/r20240313/r20110914/client/ Frame 30B0 2 KB
822 B 61ms
61ms Script
text/javascript 2a00:1450:4001:806::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/r20240313/r20110914/client/load_preloaded_resource_fy2021.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:806::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

41d2526e9c4595fc1fc747555bda18a041033a863a9b2ed180e7b5836918facd

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://pagead2.googlesyndication.com/pagead/ads?ltd_cs=1&client=ca-pub-5203714787387788&output=html&h=90&slotname=4563536207&adk=2647235303&adf=3604715433&pi=t.ma~as.4563536207&w=970&format=970x90&url=http%3A%2F%2Fwww.codeturf.1s.fr%2F&wgl=1&dt=1710739874238&bpp=2&bdt=300&idt=202&shv=r20240313&mjsv=m202403130201&ptt=9&saldr=aa&correlator=7102738535244&frm=23&ife=1&pv=2&ga_vid=1719349003.1710739874&ga_sid=1710739874&ga_hid=1732679893&ga_fc=0&nhd=1&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&adx=20&ady=0&biw=1600&bih=1200&isw=1600&ish=90&ifk=3526821491&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C44798934%2C95327951%2C95327954%2C31081901%2C95320378%2C95321868%2C95325784%2C95326922%2C21065725&oid=2&pvsid=1072952987920628&tmod=1751596101&uas=0&nvt=1&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C90&vis=1&rsz=o%7Co%7CaeE%7C&abl=NA&pfx=0&fu=4&bc=23&bz=1&ifi=1&uci=1.5xn1k93fwbpr&fsb=1&dtd=210
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

date: Sun, 17 Mar 2024 18:22:09 GMT
content-encoding: br
x-content-type-options: nosniff
age: 40146
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 795
x-xss-protection: 0
server: cafe
etag: 4925184154378345226
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sun, 31 Mar 2024 18:22:09 GMT

GET
H3 200 abg_lite_fy2021.js Show response
pagead2.googlesyndication.com/pagead/js/r20240313/r20110914/ Frame 30B0 23 KB
9 KB 58ms
58ms Script
text/javascript 2a00:1450:4001:806::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/r20240313/r20110914/abg_lite_fy2021.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:806::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

0585c17865b250df20a5c5dbf25274d44443f26d24ed58bbe3215dd54dd864b1

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://pagead2.googlesyndication.com/pagead/ads?ltd_cs=1&client=ca-pub-5203714787387788&output=html&h=90&slotname=4563536207&adk=2647235303&adf=3604715433&pi=t.ma~as.4563536207&w=970&format=970x90&url=http%3A%2F%2Fwww.codeturf.1s.fr%2F&wgl=1&dt=1710739874238&bpp=2&bdt=300&idt=202&shv=r20240313&mjsv=m202403130201&ptt=9&saldr=aa&correlator=7102738535244&frm=23&ife=1&pv=2&ga_vid=1719349003.1710739874&ga_sid=1710739874&ga_hid=1732679893&ga_fc=0&nhd=1&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&adx=20&ady=0&biw=1600&bih=1200&isw=1600&ish=90&ifk=3526821491&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C44798934%2C95327951%2C95327954%2C31081901%2C95320378%2C95321868%2C95325784%2C95326922%2C21065725&oid=2&pvsid=1072952987920628&tmod=1751596101&uas=0&nvt=1&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C90&vis=1&rsz=o%7Co%7CaeE%7C&abl=NA&pfx=0&fu=4&bc=23&bz=1&ifi=1&uci=1.5xn1k93fwbpr&fsb=1&dtd=210
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

date: Sun, 17 Mar 2024 21:59:38 GMT
content-encoding: br
x-content-type-options: nosniff
age: 27097
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 8954
x-xss-protection: 0
server: cafe
etag: 11417926956348271285
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sun, 31 Mar 2024 21:59:38 GMT

GET
H3 200 window_focus_fy2021.js Show response
pagead2.googlesyndication.com/pagead/js/r20240313/r20110914/client/ Frame 30B0 3 KB
1 KB 63ms
62ms Script
text/javascript 2a00:1450:4001:806::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/r20240313/r20110914/client/window_focus_fy2021.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:806::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://pagead2.googlesyndication.com/pagead/ads?ltd_cs=1&client=ca-pub-5203714787387788&output=html&h=90&slotname=4563536207&adk=2647235303&adf=3604715433&pi=t.ma~as.4563536207&w=970&format=970x90&url=http%3A%2F%2Fwww.codeturf.1s.fr%2F&wgl=1&dt=1710739874238&bpp=2&bdt=300&idt=202&shv=r20240313&mjsv=m202403130201&ptt=9&saldr=aa&correlator=7102738535244&frm=23&ife=1&pv=2&ga_vid=1719349003.1710739874&ga_sid=1710739874&ga_hid=1732679893&ga_fc=0&nhd=1&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&adx=20&ady=0&biw=1600&bih=1200&isw=1600&ish=90&ifk=3526821491&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C44798934%2C95327951%2C95327954%2C31081901%2C95320378%2C95321868%2C95325784%2C95326922%2C21065725&oid=2&pvsid=1072952987920628&tmod=1751596101&uas=0&nvt=1&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C90&vis=1&rsz=o%7Co%7CaeE%7C&abl=NA&pfx=0&fu=4&bc=23&bz=1&ifi=1&uci=1.5xn1k93fwbpr&fsb=1&dtd=210
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

date: Sun, 17 Mar 2024 21:59:39 GMT
content-encoding: br
x-content-type-options: nosniff
age: 27096
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1236
x-xss-protection: 0
server: cafe
etag: 15004572836499977866
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sun, 31 Mar 2024 21:59:39 GMT

GET
H3 200 qs_click_protection_fy2021.js Show response
pagead2.googlesyndication.com/pagead/js/r20240313/r20110914/client/ Frame 30B0 20 KB
8 KB 37ms
37ms Script
text/javascript 2a00:1450:4001:806::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/r20240313/r20110914/client/qs_click_protection_fy2021.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:806::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

594ea28ece633b47536a3549082809e82c6772e5f2f324f26f8bc0f5de6842d2

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://pagead2.googlesyndication.com/pagead/ads?ltd_cs=1&client=ca-pub-5203714787387788&output=html&h=90&slotname=4563536207&adk=2647235303&adf=3604715433&pi=t.ma~as.4563536207&w=970&format=970x90&url=http%3A%2F%2Fwww.codeturf.1s.fr%2F&wgl=1&dt=1710739874238&bpp=2&bdt=300&idt=202&shv=r20240313&mjsv=m202403130201&ptt=9&saldr=aa&correlator=7102738535244&frm=23&ife=1&pv=2&ga_vid=1719349003.1710739874&ga_sid=1710739874&ga_hid=1732679893&ga_fc=0&nhd=1&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&adx=20&ady=0&biw=1600&bih=1200&isw=1600&ish=90&ifk=3526821491&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C44798934%2C95327951%2C95327954%2C31081901%2C95320378%2C95321868%2C95325784%2C95326922%2C21065725&oid=2&pvsid=1072952987920628&tmod=1751596101&uas=0&nvt=1&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C90&vis=1&rsz=o%7Co%7CaeE%7C&abl=NA&pfx=0&fu=4&bc=23&bz=1&ifi=1&uci=1.5xn1k93fwbpr&fsb=1&dtd=210
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

date: Sun, 17 Mar 2024 18:22:09 GMT
content-encoding: br
x-content-type-options: nosniff
age: 40146
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 8219
x-xss-protection: 0
server: cafe
etag: 17239101513064691842
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sun, 31 Mar 2024 18:22:09 GMT

GET
H3 200 ufs_web_display.js Show response
pagead2.googlesyndication.com/pagead/managed/js/activeview/current/ Frame 30B0 208 KB
63 KB 26ms
26ms Script
text/javascript 2a00:1450:4001:806::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/managed/js/activeview/current/ufs_web_display.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:806::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3edca7294f70460740b307b1b70e7356a6165cb7a76c774f65398d0d052ac8c8

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://pagead2.googlesyndication.com/pagead/ads?ltd_cs=1&client=ca-pub-5203714787387788&output=html&h=90&slotname=4563536207&adk=2647235303&adf=3604715433&pi=t.ma~as.4563536207&w=970&format=970x90&url=http%3A%2F%2Fwww.codeturf.1s.fr%2F&wgl=1&dt=1710739874238&bpp=2&bdt=300&idt=202&shv=r20240313&mjsv=m202403130201&ptt=9&saldr=aa&correlator=7102738535244&frm=23&ife=1&pv=2&ga_vid=1719349003.1710739874&ga_sid=1710739874&ga_hid=1732679893&ga_fc=0&nhd=1&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&adx=20&ady=0&biw=1600&bih=1200&isw=1600&ish=90&ifk=3526821491&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C44798934%2C95327951%2C95327954%2C31081901%2C95320378%2C95321868%2C95325784%2C95326922%2C21065725&oid=2&pvsid=1072952987920628&tmod=1751596101&uas=0&nvt=1&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C90&vis=1&rsz=o%7Co%7CaeE%7C&abl=NA&pfx=0&fu=4&bc=23&bz=1&ifi=1&uci=1.5xn1k93fwbpr&fsb=1&dtd=210
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

date: Mon, 18 Mar 2024 04:59:39 GMT
content-encoding: br
x-content-type-options: nosniff
age: 1896
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 64315
x-xss-protection: 0
server: cafe
etag
vary: Accept-Encoding
content-type: text/javascript; charset=windows-1251
cache-control: public, max-age=3600, stale-while-revalidate=3600
timing-allow-origin: *
expires: Mon, 18 Mar 2024 05:59:39 GMT

GET
H2 200 fae6ba9c9cb9ec876bbde5988f04c6f7.js Show response
www.gstatic.com/mysidia/ Frame 30B0 36 KB
15 KB 85ms
26ms Script
text/javascript 2a00:1450:4001:829::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/mysidia/fae6ba9c9cb9ec876bbde5988f04c6f7.js?tag=mysidia_one_click_handler_one_afma_2019

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:829::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

32993a86c58685503a2a375f9ed0ec5813961836562a3b5656fd9eb149a27d4a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

date: Wed, 13 Mar 2024 12:59:22 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 405113
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/mysidia
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 15132
x-xss-protection: 0
last-modified: Thu, 07 Mar 2024 03:02:07 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="mysidia"
vary: Accept-Encoding
report-to: {"group":"mysidia","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/mysidia"}]}
content-type: text/javascript
cache-control: public, max-age=7776000
accept-ranges: bytes
expires: Tue, 11 Jun 2024 12:59:22 GMT

GET
H2 200 6592766407814317453
tpc.googlesyndication.com/simgad/12843446337120071918/ Frame 30B0 31 KB
31 KB 86ms
27ms Image
image/jpeg 2a00:1450:4001:80e::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/simgad/12843446337120071918/6592766407814317453

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80e::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

5bd3248c0786db7b39d6cdf54086b0f8be94ddba53ed6619112cae2a0b95e8b4

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

expires: Sat, 15 Mar 2025 08:17:33 GMT
date: Fri, 15 Mar 2024 08:17:33 GMT
x-content-type-options: nosniff
age: 249222
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 31897
x-xss-protection: 0
last-modified: Tue, 02 Jan 2024 17:26:53 GMT
server: sffe
report-to: {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="content-ads-owners"
allow-fenced-frame-automatic-beacons: true

GET
H2 200 14763004658117789537
tpc.googlesyndication.com/simgad/3601645588533583010/ Frame 30B0 1 KB
2 KB 85ms
26ms Image
image/png 2a00:1450:4001:80e::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/simgad/3601645588533583010/14763004658117789537?w=100&h=100&tw=1&q=75

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80e::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

25d79cc51c13734ffd74172b2e55bb96b7112b63c882c79d3ddd7c786e659fd6

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

expires: Thu, 13 Mar 2025 21:36:16 GMT
date: Wed, 13 Mar 2024 21:36:16 GMT
x-content-type-options: nosniff
age: 374099
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1405
x-xss-protection: 0
last-modified: Tue, 02 Jan 2024 17:26:35 GMT
server: sffe
report-to: {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="content-ads-owners"
allow-fenced-frame-automatic-beacons: true

GET
DATA 200
OK truncated
/ Frame 30B0 215 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 26dfea84a1c5065f0045a38a9102aae41c349ccc3ba718d9675d7338939eab01

Request headers

accept-language: fr-FR,fr;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

Content-Type: image/png

GET
H2 200 KFOlCnqEu92Fr1MmWUlfBBc4.woff2
fonts.gstatic.com/s/roboto/v30/ Frame 30B0 15 KB
16 KB 92ms
33ms Font
font/woff2 2a00:1450:4001:800::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v30/KFOlCnqEu92Fr1MmWUlfBBc4.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto%3A400%2C700

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:800::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

f5aebdfea35d1e7656ef4acc5db1f243209755ae3300943ef8fc6280f363c860

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://pagead2.googlesyndication.com
accept-language: fr-FR,fr;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

date: Mon, 11 Mar 2024 20:16:13 GMT
x-content-type-options: nosniff
age: 551702
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 15860
x-xss-protection: 0
last-modified: Wed, 11 May 2022 19:24:42 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Tue, 11 Mar 2025 20:16:13 GMT

GET
H2 200 KFOmCnqEu92Fr1Mu4mxK.woff2
fonts.gstatic.com/s/roboto/v30/ Frame 30B0 15 KB
16 KB 84ms
26ms Font
font/woff2 2a00:1450:4001:800::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v30/KFOmCnqEu92Fr1Mu4mxK.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto%3A400%2C700

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:800::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

f6734f8177112c0839b961f96d813fcb189d81b60e96c33278c1983b6f419615

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://pagead2.googlesyndication.com
accept-language: fr-FR,fr;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

date: Wed, 13 Mar 2024 22:11:20 GMT
x-content-type-options: nosniff
age: 371995
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 15744
x-xss-protection: 0
last-modified: Wed, 11 May 2022 19:24:48 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Thu, 13 Mar 2025 22:11:20 GMT

GET
H3 200 adview
pagead2.googlesyndication.com/pagead/ Frame 30B0 0
0 59ms
59ms Fetch
text/html 2a00:1450:4001:806::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/adview?ai=CDAAZotH3ZZu2Ib7w_tMPtfKYiAK6l-Szdvr3jITUEoOD34KOKhABIKK6_gJg--GFg5wKoAG4wqODA8gBCakCnMhtbZNEsj6oAwHIA8sEqgTOAU_Qyx6AFZCsY0993mWIsPBUc9EJ6ZBbQtvRA5ubMpMHHRSWYY0hTvJEqnSJ04FQduzeGpwg05yK9sP8x86MbNGg054SNL9a9MXhAU2PkE4qufrdCLgZK6b03oAt_taNuq04OEJ6Ddw-ogTWyrtIwz5VSP8NHUqzCwI-k7wH6JRzDIFQUwfDKUybjVnNiKaO1sHpNxM4vqI2obrLqOZjHiL8TG9b8q8rvyGt9rsRH-NimwPjLFspWt1uTPgfd1IQrx-0SoaX94Mn3wKWsCkzwATG4vOQwASIBfrqw_VNkgUECAQYAZIFBAgFGASgBi6AB-D59_AEqAevvrECqAfVyRuoB6a-G6gHjs4bqAeT2BuoB-6WsQKoB_6esQLYBwDyBwQQ5d4N0ggqCJHhgHAQARgfMgfri4Dgv4ABOggAgICAgICULki9_cE6WKjWldSK_YQDmglPaHR0cHM6Ly93d3cubGFuZHJvdmVyLmZyL3JhbmdlLXJvdmVyL3JhbmdlLXJvdmVyLXZlbGFyL2luZGV4Lmh0bWw_Z2Nsc3JjPWF3LmRzJoAKAcgLAbgT5APYEwzQFQGAFwGyFxwKGggAEhRwdWItNTIwMzcxNDc4NzM4Nzc4OBgAshgJEgKoThguIgEA&sigh=jw5p2c6nQ3g&uach_m=%5BUACH%5D&ase=2&template_id=484&cbvp=2&vis=1&nis=5

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:806::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://pagead2.googlesyndication.com/pagead/ads?ltd_cs=1&client=ca-pub-5203714787387788&output=html&h=90&slotname=4563536207&adk=2647235303&adf=3604715433&pi=t.ma~as.4563536207&w=970&format=970x90&url=http%3A%2F%2Fwww.codeturf.1s.fr%2F&wgl=1&dt=1710739874238&bpp=2&bdt=300&idt=202&shv=r20240313&mjsv=m202403130201&ptt=9&saldr=aa&correlator=7102738535244&frm=23&ife=1&pv=2&ga_vid=1719349003.1710739874&ga_sid=1710739874&ga_hid=1732679893&ga_fc=0&nhd=1&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&adx=20&ady=0&biw=1600&bih=1200&isw=1600&ish=90&ifk=3526821491&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C44798934%2C95327951%2C95327954%2C31081901%2C95320378%2C95321868%2C95325784%2C95326922%2C21065725&oid=2&pvsid=1072952987920628&tmod=1751596101&uas=0&nvt=1&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C90&vis=1&rsz=o%7Co%7CaeE%7C&abl=NA&pfx=0&fu=4&bc=23&bz=1&ifi=1&uci=1.5xn1k93fwbpr&fsb=1&dtd=210
Attribution-Reporting-Eligible: event-source
accept-language: fr-FR,fr;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

content-security-policy: script-src 'none'; object-src 'none'
date: Mon, 18 Mar 2024 05:31:15 GMT
x-content-type-options: nosniff
server: cafe
content-type: text/html; charset=UTF-8
access-control-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0

GET
H3 200 sodar Show response
pagead2.googlesyndication.com/getconfig/ Frame C094 16 KB
12 KB 97ms
44ms XHR
application/json 2a00:1450:4001:806::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gda&tv=r20240313&st=env

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:806::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

16a993fbac68f38d2174bbf40a7685c30e20a07648bba6fa314951a61f4f76be

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: http://www.codeturf.1s.fr/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

date: Mon, 18 Mar 2024 05:31:15 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
content-type: application/json; charset=UTF-8
access-control-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 12247
x-xss-protection: 0

GET
H3 200 weUkfnhPfsAYDGwFPOg527s0mN-IfUjQ6Qxl1TanWMA.js Show response
pagead2.googlesyndication.com/bg/ Frame 6B49 51 KB
20 KB 25ms
25ms Script
text/javascript 2a00:1450:4001:806::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/weUkfnhPfsAYDGwFPOg527s0mN-IfUjQ6Qxl1TanWMA.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:806::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

c1e5247e784f7ec0180c6c053ce839dbbb3498df887d48d0e90c65d536a758c0

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://pagead2.googlesyndication.com/pagead/ads?ltd_cs=1&client=ca-pub-5203714787387788&output=html&h=90&slotname=4563536207&adk=2647235303&adf=3604715433&pi=t.ma~as.4563536207&w=970&format=970x90&url=http%3A%2F%2Fwww.codeturf.1s.fr%2F&wgl=1&dt=1710739874238&bpp=2&bdt=300&idt=202&shv=r20240313&mjsv=m202403130201&ptt=9&saldr=aa&correlator=7102738535244&frm=23&ife=1&pv=2&ga_vid=1719349003.1710739874&ga_sid=1710739874&ga_hid=1732679893&ga_fc=0&nhd=1&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&adx=20&ady=0&biw=1600&bih=1200&isw=1600&ish=90&ifk=3526821491&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C44798934%2C95327951%2C95327954%2C31081901%2C95320378%2C95321868%2C95325784%2C95326922%2C21065725&oid=2&pvsid=1072952987920628&tmod=1751596101&uas=0&nvt=1&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C90&vis=1&rsz=o%7Co%7CaeE%7C&abl=NA&pfx=0&fu=4&bc=23&bz=1&ifi=1&uci=1.5xn1k93fwbpr&fsb=1&dtd=210
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

date: Wed, 13 Mar 2024 12:49:32 GMT
content-encoding: br
x-content-type-options: nosniff
age: 405703
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 20158
x-xss-protection: 0
last-modified: Mon, 11 Mar 2024 13:28:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Thu, 13 Mar 2025 12:49:32 GMT

GET
H2 200 sodar2.js Show response
tpc.googlesyndication.com/sodar/ Frame C094 17 KB
7 KB 66ms
66ms Script
text/javascript 2a00:1450:4001:80e::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80e::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: http://www.codeturf.1s.fr/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

date: Mon, 18 Mar 2024 05:31:15 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 6386
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
etag: "1637097310169751"
vary: Accept-Encoding
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Mon, 18 Mar 2024 05:31:15 GMT

GET
H3 200 runner.html Show response
tpc.googlesyndication.com/sodar/sodar2/225/ Frame 93AE 13 KB
5 KB 26ms
25ms Document
text/html 2a00:1450:4001:80e::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80e::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: http://www.codeturf.1s.fr/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36
accept-language: fr-FR,fr;q=0.9

Response headers

accept-ranges: bytes
age: 27095
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=31536000
content-encoding: gzip
content-length: 5046
content-type: text/html
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy: cross-origin
date: Sun, 17 Mar 2024 21:59:40 GMT
expires: Mon, 17 Mar 2025 21:59:40 GMT
last-modified: Mon, 21 Jun 2021 20:47:05 GMT
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server: sffe
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 J7jMHEcdr0lVSatsUU1en4le0CiJfA3--2xrJ7e0v4U.js Show response
pagead2.googlesyndication.com/bg/ Frame 93AE 40 KB
15 KB 30ms
30ms Script
text/javascript 2a00:1450:4001:806::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/J7jMHEcdr0lVSatsUU1en4le0CiJfA3--2xrJ7e0v4U.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:806::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

27b8cc1c471daf495549ab6c514d5e9f895ed028897c0dfefb6c6b27b7b4bf85

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

date: Sun, 17 Mar 2024 20:56:58 GMT
content-encoding: br
x-content-type-options: nosniff
age: 30857
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 15583
x-xss-protection: 0
last-modified: Mon, 11 Mar 2024 13:28:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Mon, 17 Mar 2025 20:56:58 GMT

GET
H3 204 generate_204
tpc.googlesyndication.com/ Frame 93AE 0
10 B 72ms
69ms Image
text/plain 2a00:1450:4001:80e::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://tpc.googlesyndication.com/generate_204?8vIZWw
Requested by: Host: www.codeturf.1s.fr
URL: http://www.codeturf.1s.fr/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:80e::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

date: Mon, 18 Mar 2024 05:31:15 GMT
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0

GET
H3 204 sodar
pagead2.googlesyndication.com/pagead/ Frame C094 0
0 59ms
59ms Image
text/html 2a00:1450:4001:806::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&t=2&li=gda_r20240313&jk=1072952987920628&bg=!nJ-ln9DNAAY_ejuoH3o7ADQBe5WfOM5KN7qyRMYMVM_OmNO1UGsE96UiOODUdb8AFyR-Q4EzkfSEPuZCwiHCNBXh0NQjAgAAAFlSAAAAAmgBB5kC7eoy8IcCXha0Olo1Q5Pb1bfrLiqDZTPxfzKHcAjTFfep1kzFO22U0Zkfhx7R0jKcvQZwl5s7Df_JwwM-0fLtsr_V1QIUBadq7KcqpttUIIT_1w6NQurTU54j4KIjVgvV-boRXuYn5Tysow1Xg_N_fM5XuXXRjg1RvB7EUXbuc4A5g7r8C7vrGL4QpY0_1Yob5nlUHgCUYetVjpjxR3ScTh7nccp1_2MIE431ZP3eg8L0DPAhdqj-9nk1nh3ckk7a47_BTkzzEFHl7ojn5ujpLReScBb5wMUPp-Msm61QyAzYe-Xzz2PWElfxB6nIljWx27s5OwSpnaJgtncyQWz55hx6MQtptvzsv3pHR45xJRjGUp8J3B3Z6su9cIYIYQspUZiTpk7oZXPyxSlL2Pz4kYbbnqlIA0m-_Im71kTUDNY62I3Iyk-himKS_igkneWMChDt6QzzmbUcPWFlTSEME9MTXwkk-9SToaIiYvZx_iwWNvuzMFcTdHQGTG2ERoAPeLmBfdp7-nLRodnsM0T4oN7a8V6Ui9MRzrydRz87egp-1jcK5r20IDzDoVqPjYNFwUOEu2rtTR03DuiateFeAQrmCYBTU6-LZL-dFRN36_0fpaz-5XLoNFvdqU4d8gIw_xwim7PW0Pv3yEq6o9RU8letFRo0F3kSry6A9ss5pvDRPUMGa6FnJJBwVQZofRUFtEFFIBcYrcCEb7Y2YU9Dm11y_Nq6W8nyfqSy4FPS3RSH4w-iyIl2UJ4eY2TiuKOIQQOC7bOxiVW-7CZJcwjyqnYpACDzGDqsN2Q_eSSAbrGAtR0tiIIOg_C2SyWWYn9BDFigHG5V-YHGjXzyxCckhcQSKeQh9loSLEuLNQPqzedmAFNRr0V5N8VkCdAAqBuiR7l9OrQrUl0Aw9scCjS2Rr-2QjHNFC1J4xz4G6CpArJV0Le1HlBpnbRg_R8w-wSjmR5P92LQiG3rfvhcwqNPXuW0TnJ7zx3gxJJr4TBQ
Requested by: Host: www.codeturf.1s.fr
URL: http://www.codeturf.1s.fr/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:806::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: http://www.codeturf.1s.fr/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

GET
H3 200 activeview Show response
pagead2.googlesyndication.com/pcs/ Frame 30B0 42 B
64 B 64ms
63ms Fetch
image/gif 2a00:1450:4001:806::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjsuz1uEo61Py_5i2logLdV0VLbe09TPzJCQcKPXipDOKFXha2uYzV9IdMG32sQpOmAOGfCUMbHWsp450PK9oMjst_4Jp7Rm9k8r4Bi1JZFhtx7b0dCLD-gVXB1HpKiZL9SeWzsNH5Du9FKMFe5mL8f5KZj5NXl-DrCePT7GYHnA&sig=Cg0ArKJSzPKJYBmWPdr5EAE&id=lidar2&mcvt=1005&p=0,0,90,970&mtos=1005,1005,1005,1005,1005&tos=1005,0,0,0,0&v=20240313&bin=7&avms=nio&bs=0,0&mc=1&if=1&vu=1&app=0&itpl=22&adk=2647235303&rs=2&la=0&cr=0&vs=4&r=v&co=667267500&rst=1710739874450&rpt=876&met=mue&wmsd=0&pbe=0&vae=0&spb=0&sfl=0&ffslot=0&reach=8&io2=0

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/activeview/current/ufs_web_display.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:806::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://pagead2.googlesyndication.com/pagead/ads?ltd_cs=1&client=ca-pub-5203714787387788&output=html&h=90&slotname=4563536207&adk=2647235303&adf=3604715433&pi=t.ma~as.4563536207&w=970&format=970x90&url=http%3A%2F%2Fwww.codeturf.1s.fr%2F&wgl=1&dt=1710739874238&bpp=2&bdt=300&idt=202&shv=r20240313&mjsv=m202403130201&ptt=9&saldr=aa&correlator=7102738535244&frm=23&ife=1&pv=2&ga_vid=1719349003.1710739874&ga_sid=1710739874&ga_hid=1732679893&ga_fc=0&nhd=1&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&adx=20&ady=0&biw=1600&bih=1200&isw=1600&ish=90&ifk=3526821491&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C44798934%2C95327951%2C95327954%2C31081901%2C95320378%2C95321868%2C95325784%2C95326922%2C21065725&oid=2&pvsid=1072952987920628&tmod=1751596101&uas=0&nvt=1&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C90&vis=1&rsz=o%7Co%7CaeE%7C&abl=NA&pfx=0&fu=4&bc=23&bz=1&ifi=1&uci=1.5xn1k93fwbpr&fsb=1&dtd=210
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 18 Mar 2024 05:31:16 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Verdicts & Comments Add Verdict or Comment

8 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

3 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
payment.allopass.com/	1969-12-31 23:59:59	Name: ShopSessionId Value: 98f3f1d7-2c74-4f13-8d7b-edd3700c26f0
.allopass.com/	1970-01-21 03:57:55	Name: AP_CUSK Value: 3646747346
.1s.fr/	1970-01-20 23:31:31	Name: __eoi Value: ID=93dada44bcd389b6:T=1710739874:RT=1710739874:S=AA-AfjbYSZIGsQe_FmgVxUvLE6fZ

12 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
security	warning	URL: https://www.pmufacile.fr/pronos/codeturf/ Message: Mixed Content: The page at 'https://www.pmufacile.fr/pronos/codeturf/' was loaded over HTTPS, but requested an insecure element 'http://www.turfsur.com/img/logo.gif'. This request was automatically upgraded to HTTPS, For more information see https://blog.chromium.org/2019/10/no-more-mixed-messages-about-https.html
security	warning	URL: https://www.pmufacile.fr/pronos/codeturf/ Message: Mixed Content: The page at 'https://www.pmufacile.fr/pronos/codeturf/' was loaded over HTTPS, but requested an insecure element 'http://www.cissonturf.fr/images/logo.gif'. This request was automatically upgraded to HTTPS, For more information see https://blog.chromium.org/2019/10/no-more-mixed-messages-about-https.html
security	warning	URL: https://www.pmufacile.fr/pronos/codeturf/(Line 121) Message: Mixed Content: The page at 'https://www.pmufacile.fr/pronos/codeturf/' was loaded over HTTPS, but requested an insecure element 'http://www.turfsur.com/img/logo.gif'. This request was automatically upgraded to HTTPS, For more information see https://blog.chromium.org/2019/10/no-more-mixed-messages-about-https.html
security	warning	URL: https://www.pmufacile.fr/pronos/codeturf/(Line 121) Message: Mixed Content: The page at 'https://www.pmufacile.fr/pronos/codeturf/' was loaded over HTTPS, but requested an insecure element 'http://www.cissonturf.fr/images/logo.gif'. This request was automatically upgraded to HTTPS, For more information see https://blog.chromium.org/2019/10/no-more-mixed-messages-about-https.html
other	warning	URL: http://www.codeturf.1s.fr/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: http://www.codeturf.1s.fr/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: http://www.codeturf.1s.fr/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: http://www.codeturf.1s.fr/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: http://www.codeturf.1s.fr/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: http://www.codeturf.1s.fr/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: http://www.codeturf.1s.fr/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: http://www.codeturf.1s.fr/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

fonts.googleapis.com
fonts.gstatic.com
pagead2.googlesyndication.com
payment.allopass.com
static.gambling-affiliation.com
tpc.googlesyndication.com
www.cissonturf.fr
www.codeturf.1s.fr
www.gambling-affiliation.com
www.googletagmanager.com
www.gstatic.com
www.pmufacile.fr
www.turfsur.com
www.venez.fr
185.119.26.1
193.37.145.64
194.150.236.236
2a00:1450:4001:800::2003
2a00:1450:4001:806::2002
2a00:1450:4001:80e::2001
2a00:1450:4001:812::2008
2a00:1450:4001:829::2003
2a00:1450:4001:82f::200a
5.135.149.81
69.197.166.36
91.198.105.122
0585c17865b250df20a5c5dbf25274d44443f26d24ed58bbe3215dd54dd864b1
06ecbd3deb3dde6872fa7d6dd646690cb292b49cc15dc300cc425899d4b0a751
0c91a24c2deb753c963c48cd9c3e5d16ee96128b30bce193c4324e121728c306
119b529edc513290ac8b73e209c46750a556e6417ddb17f82ce4116c9bfb9693
123ad3afab16415eada5e7ab5960d6818597871562e0f0f6ebcf055f895a4ceb
16a993fbac68f38d2174bbf40a7685c30e20a07648bba6fa314951a61f4f76be
1d5eef4a5b275fe934bce3ab543fed3252fc43d0d2acf5984fc0a823493ad26e
2256ad5a6e2137c0cf0891a2a107dbd5307f129c1fb54a54201ad0b255983ce9
25d79cc51c13734ffd74172b2e55bb96b7112b63c882c79d3ddd7c786e659fd6
26dfea84a1c5065f0045a38a9102aae41c349ccc3ba718d9675d7338939eab01
27b8cc1c471daf495549ab6c514d5e9f895ed028897c0dfefb6c6b27b7b4bf85
3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5
3289fc83b622ca0a13683fa81b006a05de135d1938744d6e30e5c9be2f2d782a
3294ad0ed0f2de182e1ae274afbed2f5f2942f04d8352410633cbd78309f9815
32993a86c58685503a2a375f9ed0ec5813961836562a3b5656fd9eb149a27d4a
33e8cd739d896738c12b3d56e8481ef7e5cbed64d3070c9997924009283438e9
396bd1ab182a204c8c227c5d6aef6cbe3a3481500e816635b408da715695dfa1
3edca7294f70460740b307b1b70e7356a6165cb7a76c774f65398d0d052ac8c8
3faae8176ae050c8ba34dc1021dd172389e2441b44625b2eb9cf7bb991c7f463
41d2526e9c4595fc1fc747555bda18a041033a863a9b2ed180e7b5836918facd
4917d19d61c5fd4026e6a1e7c88db334ef56c60e6fbdee162de28faaae18781b
49d4ba84e10d9d1f2a83956dde4f20625fd11efc01f60a3a4552a9e09a05a74f
55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a
56908dbb18499b6841d7320d6893482435edebcbf0cc3f8429d9f77c69df84c1
594ea28ece633b47536a3549082809e82c6772e5f2f324f26f8bc0f5de6842d2
5bd3248c0786db7b39d6cdf54086b0f8be94ddba53ed6619112cae2a0b95e8b4
61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb
6983035af9df3d5c0cf99182617d55b26c74833bd02b3aed63128821ff957be3
726bde8b55ba6f3743ad0aa22a11efff7788a44fb4dbed59d54aa901d644bd4b
73e994d4b1fe59fe3b7d5e3ef17e23c56cdcfc1b20db05af4523f46e1dc797de
7dc792d48132ff15a9ad8c11a139bf26f8e13aa3df30a71582ae406ddffdab4f
7dd9659e56e92abc376e04d427903b2cfca1d52d854d38e35fefa4cf9e7fd9db
95eb15e76b752a9c78d6281cd3b7c43a8fbc2931783edf3bf3703af55eff06e2
9bd0c1e96f9d3b63b53ba8c355ada916479d8815034cab0aad1540c3c602d896
9d9142d75fbc635e2f6dec08271f4f077a660f9b5f39789dfe2adb72aa1843d3
bea032003ecf807190d89c0572afa5c4386b7d457667352007b5de577322a42d
c1e5247e784f7ec0180c6c053ce839dbbb3498df887d48d0e90c65d536a758c0
d0b56198683b9db9e627c518fa16cf03970698d66c34c3bb86dc1e2128ddb5fe
d1d6b5efe0d6c2540778435a8f7873cbec1eb76a2b107370388a8806cb5dda6a
ddfee87fd6bfa352e787d2cb27ff47104abf438b574eaea877fa65145a36ff9c
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e4bc5f2f9c3401b31790e8dc98cc085f9941466b57a43f5db3dfad1105b13165
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
f5aebdfea35d1e7656ef4acc5db1f243209755ae3300943ef8fc6280f363c860
f6734f8177112c0839b961f96d813fcb189d81b60e96c33278c1983b6f419615

www.codeturf.1s.fr Open in urlscan Pro 5.135.149.81 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Detected technologies

Page Statistics

50 Requests

92 %HTTPS

50 %IPv6

11 Domains

14 Subdomains

13 IPs

3 Countries

939 kBTransfer

2290 kBSize

3 Cookies

0 Outgoing links

Redirected requests

50 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 1 data transactions

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

www.codeturf.1s.fr Open in urlscan Pro
5.135.149.81 Public Scan

Screenshot
Live screenshot

Full Image

50
Requests

92 %
HTTPS

50 %
IPv6

11
Domains

14
Subdomains

13
IPs

3
Countries

939 kB
Transfer

2290 kB
Size

3
Cookies

50 HTTP transactions
1 data transactions