urlscan.io logo urlscan.io
SecurityTrails logo

www.malipmu.1s.fr Open in urlscan Pro
5.135.149.81  Public Scan

Go To Rescan Add Verdict Report
URL: http://www.malipmu.1s.fr/
Submission: On December 30 via manual from MA — Scanned from FR
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 12 IPs in 3 countries across 12 domains to perform 55 HTTP transactions. The main IP is 5.135.149.81, located in Le Chesnay, France and belongs to OVH, FR. The main domain is www.malipmu.1s.fr.
This is the only time www.malipmu.1s.fr was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

10    5.135.149.81 (Le Chesnay, France)

ASN16276 (OVH, FR)
PTR: web3.venez.net
www.malipmu.1s.fr
www.venez.fr
5    194.150.236.236 (France)

ASN44976 (HIWIT_AS, FR)
PTR: ns76.hiwit.net
www.toptierce.net
6    2a00:1450:4001:80b::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
pagead2.googlesyndication.com
2    194.150.236.190 (France)

ASN44976 (HIWIT_AS, FR)
PTR: ns30.hiwit.net
www.secretturf.com
2    2606:4700:3038::6815:ea1b (United States)

ASN13335 (CLOUDFLARENET, US)
img.root-top.com
2    2606:4700:3038::6815:ea1a (United States)

ASN13335 (CLOUDFLARENET, US)
img.root-top.com
2    91.198.105.122 (France)

ASN35393 (EURO-WEB-AS, FR)
www.gambling-affiliation.com
static.gambling-affiliation.com
2    2a00:1450:4001:802::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
googleads.g.doubleclick.net
19    185.119.26.1 (France)

ASN203544 (WEBDEVIIN-AS, FR)
PTR: 1.26.119.185.in-addr.arpa
payment.allopass.com
2    54.219.2.218 (San Jose, United States)

ASN16509 (AMAZON-02, US)
PTR: ec2-54-219-2-218.us-west-1.compute.amazonaws.com
gmu-apps.com
2    2a00:1450:4001:80f::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.googletagmanager.com
3    2a00:1450:4001:829::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
tpc.googlesyndication.com
1    2a00:1450:4001:80b::2004 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.google.com
Apex Domain
Subdomains		 Transfer
19 allopass.com
payment.allopass.com
318 KB
9 googlesyndication.com
pagead2.googlesyndication.com — Cisco Umbrella Rank: 102
tpc.googlesyndication.com — Cisco Umbrella Rank: 148
228 KB
7 venez.fr
www.venez.fr
9 KB
5 toptierce.net
www.toptierce.net
169 KB
4 root-top.com
img.root-top.com
11 KB
3 1s.fr
www.malipmu.1s.fr
3 KB
2 googletagmanager.com
www.googletagmanager.com — Cisco Umbrella Rank: 36
155 KB
2 gmu-apps.com
gmu-apps.com
6 KB
2 doubleclick.net
googleads.g.doubleclick.net — Cisco Umbrella Rank: 33
5 KB
2 gambling-affiliation.com
www.gambling-affiliation.com
static.gambling-affiliation.com
208 KB
2 secretturf.com
www.secretturf.com
63 KB
1 google.com
www.google.com — Cisco Umbrella Rank: 2
1 KB
55 12
Domain Requested by
19 payment.allopass.com www.toptierce.net
payment.allopass.com
7 www.venez.fr www.malipmu.1s.fr
www.venez.fr
6 pagead2.googlesyndication.com www.malipmu.1s.fr
pagead2.googlesyndication.com
tpc.googlesyndication.com
5 www.toptierce.net www.malipmu.1s.fr
www.toptierce.net
4 img.root-top.com 2 redirects www.toptierce.net
3 tpc.googlesyndication.com pagead2.googlesyndication.com
tpc.googlesyndication.com
3 www.malipmu.1s.fr www.malipmu.1s.fr
2 www.googletagmanager.com payment.allopass.com
www.googletagmanager.com
2 gmu-apps.com payment.allopass.com
www.malipmu.1s.fr
2 googleads.g.doubleclick.net pagead2.googlesyndication.com
2 www.secretturf.com 1 redirects www.toptierce.net
1 www.google.com tpc.googlesyndication.com
1 static.gambling-affiliation.com www.toptierce.net
1 www.gambling-affiliation.com www.toptierce.net
55 14

This site contains no links.

Subject Issuer Validity Valid
venez.fr
R3		 2023-12-04 -
2024-03-03		 3 months crt.sh
www.gambling-affiliation.com
Gandi RSA Domain Validation Secure Server CA 3		 2023-10-24 -
2024-10-24		 a year crt.sh
*.g.doubleclick.net
GTS CA 1C3		 2023-11-20 -
2024-02-12		 3 months crt.sh
static.gambling-affiliation.com
Gandi RSA Domain Validation Secure Server CA 3		 2023-08-31 -
2024-08-31		 a year crt.sh
*.allopass.com
Sectigo RSA Domain Validation Secure Server CA		 2023-10-06 -
2024-10-07		 a year crt.sh
gmu-apps.com
Amazon RSA 2048 M02		 2023-12-02 -
2024-12-30		 a year crt.sh
*.google-analytics.com
GTS CA 1C3		 2023-11-20 -
2024-02-12		 3 months crt.sh
tpc.googlesyndication.com
GTS CA 1C3		 2023-11-20 -
2024-02-12		 3 months crt.sh
www.google.com
GTS CA 1C3		 2023-11-20 -
2024-02-12		 3 months crt.sh

This page contains 10 frames:

Primary Page: http://www.malipmu.1s.fr/
Frame ID: F27F856448B84CC4319CF77ECB26BF26
Requests: 1 HTTP requests in this frame

Frame: http://www.malipmu.1s.fr/barre-malipmu.1s.fr.html
Frame ID: 1E41C05D56A13DDBAF38F7001AFDB35B
Requests: 9 HTTP requests in this frame

Frame: http://www.toptierce.net/turf/malipmu/
Frame ID: 8108B7638BC2444F70745CA28BA4CD0C
Requests: 10 HTTP requests in this frame

Frame: http://www.malipmu.1s.fr/stats-malipmu.1s.fr.html
Frame ID: 89B210CEB99A93C2E479469723EE799A
Requests: 1 HTTP requests in this frame

Frame: https://www.venez.fr/alternate-barre.htm
Frame ID: 85E0763998AD42B018EF98DA4CAC632B
Requests: 4 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/html/r20231207/r20190131/zrt_lookup_fy2021.html
Frame ID: D303637757C26225EFBDC8DEE82F2DB8
Requests: 1 HTTP requests in this frame

Frame: https://payment.allopass.com/buy/buy.apu?ids=340817&idd=1532449
Frame ID: B2CF43C8B6EB460A26AD26C7D87E3FF8
Requests: 23 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5203714787387788&output=html&h=90&slotname=4563536207&adk=2647235303&adf=3604715433&pi=t.ma~as.4563536207&w=970&format=970x90&url=http%3A%2F%2Fwww.malipmu.1s.fr%2F&ea=0&wgl=1&dt=1703938369310&bpp=2&bdt=304&idt=302&shv=r20231207&mjsv=m202312070101&ptt=9&saldr=aa&correlator=684620719039&frm=23&ife=1&pv=2&ga_vid=1800444807.1703938370&ga_sid=1703938370&ga_hid=290011130&ga_fc=0&nhd=1&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&adx=20&ady=0&biw=1600&bih=1200&isw=1600&ish=90&ifk=3048689311&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C31080104%2C95320884%2C21065724&oid=2&pvsid=12572098771836&tmod=231808983&uas=0&nvt=1&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C90&vis=1&rsz=o%7Co%7CaeE%7C&abl=NA&pfx=0&fu=4&bc=23&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=1&uci=1.fsd9mkz1d4hu&fsb=1&dtd=312
Frame ID: 1E3DFF3523E85EF4CA1BD02D91343981
Requests: 1 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Frame ID: 44113222B60C467C5F091222A8D3AC1B
Requests: 3 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/aframe
Frame ID: 6E0F479420450CB4C385AE93E8B74443
Requests: 2 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page Title

MALIPMU

Detected technologies

Overall confidence: 100%
Detected patterns
  • fingerprint(\d)?(?:\.min)?\.js
Overall confidence: 100%
Detected patterns
  • googlesyndication\.com/
Overall confidence: 100%
Detected patterns
  • googletagmanager\.com/gtm\.js
Overall confidence: 100%
Detected patterns
  • jquery[.-]([\d.]*\d)[^/]*\.js
  • jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

Page Statistics

55
Requests

78 %
HTTPS

54 %
IPv6

12
Domains

14
Subdomains

12
IPs

3
Countries

1174 kB
Transfer

2197 kB
Size

5
Cookies

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 7
  • http://www.secretturf.com/img/logo.gif HTTP 301
  • https://www.secretturf.com/img/logo.gif
Request Chain 8
  • http://img.root-top.com/topsite/simplejeux/banner.gif HTTP 301
  • https://img.root-top.com/topsite/simplejeux/banner.gif
Request Chain 10
  • http://img.root-top.com/topsite/toptierce/banner.gif HTTP 301
  • https://img.root-top.com/topsite/toptierce/banner.gif

55 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Primary Request /
www.malipmu.1s.fr/ 		3 KB
1 KB 		Document
General
Check archive.org
Download Go to
Full URL
http://www.malipmu.1s.fr/
Protocol
HTTP/1.1
Server
5.135.149.81 Le Chesnay, France, ASN16276 (OVH, FR),
Reverse DNS
web3.venez.net
Software
Apache /
Resource Hash
10b425b4b37d35c1f5adbc27a1bb50d39367f606925610e8f81a000035d2a4a2

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36
accept-language
fr-FR,fr;q=0.9

Response headers

Connection
Keep-Alive
Content-Encoding
gzip
Content-Length
1084
Content-Type
text/html; charset=iso-8859-1
Date
Sat, 30 Dec 2023 12:12:48 GMT
Keep-Alive
timeout=5, max=100
Server
Apache
Vary
Accept-Encoding
barre-malipmu.1s.fr.html
www.malipmu.1s.fr/ Frame 1E41 		3 KB
2 KB 		Document
General
Check archive.org
Download Go to
Full URL
http://www.malipmu.1s.fr/barre-malipmu.1s.fr.html
Requested by
Host: www.malipmu.1s.fr
URL: http://www.malipmu.1s.fr/
Protocol
HTTP/1.1
Server
5.135.149.81 Le Chesnay, France, ASN16276 (OVH, FR),
Reverse DNS
web3.venez.net
Software
Apache /
Resource Hash
1befcb391da9cc1ca530a0050e43c1ea7058da0c171441156857ab143cd5a1a1

Request headers

Referer
http://www.malipmu.1s.fr/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36
accept-language
fr-FR,fr;q=0.9

Response headers

Cache-Control
no-store, no-cache, must-revalidate post-check=0, pre-check=0
Connection
Keep-Alive
Content-Encoding
gzip
Content-Length
1494
Content-Type
text/html; charset=ISO-8859-1
Date
Sat, 30 Dec 2023 12:12:48 GMT
Expires
Sat, 30 Dec 2023 12:12:48 GMT
Keep-Alive
timeout=5, max=99
Last-Modified
Sat, 30 Dec 2023 12:12:48 GMT
Pragma
no-cache
Server
Apache
Vary
Accept-Encoding
/
www.toptierce.net/turf/malipmu/ Frame 8108 		8 KB
8 KB 		Document
General
Check archive.org
Download Go to
Full URL
http://www.toptierce.net/turf/malipmu/
Requested by
Host: www.malipmu.1s.fr
URL: http://www.malipmu.1s.fr/
Protocol
HTTP/1.1
Server
194.150.236.236 , France, ASN44976 (HIWIT_AS, FR),
Reverse DNS
ns76.hiwit.net
Software
Apache /
Resource Hash
8018ddb36e60f8a9fa22983e43e710957fc9ddc0e4582490a421a57326eac74a

Request headers

Referer
http://www.malipmu.1s.fr/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36
accept-language
fr-FR,fr;q=0.9

Response headers

Connection
Keep-Alive
Content-Type
text/html
Date
Sat, 30 Dec 2023 12:12:48 GMT
Keep-Alive
timeout=15, max=100
Server
Apache
Transfer-Encoding
chunked
Vary
Host
stats-malipmu.1s.fr.html
www.malipmu.1s.fr/ Frame 89B2 		0
192 B 		Document
General
Check archive.org
Download Go to
Full URL
http://www.malipmu.1s.fr/stats-malipmu.1s.fr.html
Requested by
Host: www.malipmu.1s.fr
URL: http://www.malipmu.1s.fr/
Protocol
HTTP/1.1
Server
5.135.149.81 Le Chesnay, France, ASN16276 (OVH, FR),
Reverse DNS
web3.venez.net
Software
Apache /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
http://www.malipmu.1s.fr/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36
accept-language
fr-FR,fr;q=0.9

Response headers

Connection
Keep-Alive
Content-Length
0
Content-Type
text/html; charset=iso-8859-1
Date
Sat, 30 Dec 2023 12:12:48 GMT
Keep-Alive
timeout=5, max=100
Server
Apache
site.js
www.venez.fr/js/ Frame 1E41 		2 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.venez.fr/js/site.js?www.venez.fr
Requested by
Host: www.malipmu.1s.fr
URL: http://www.malipmu.1s.fr/barre-malipmu.1s.fr.html
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
5.135.149.81 Le Chesnay, France, ASN16276 (OVH, FR),
Reverse DNS
web3.venez.net
Software
Apache /
Resource Hash
0c91a24c2deb753c963c48cd9c3e5d16ee96128b30bce193c4324e121728c306

Request headers

accept-language
fr-FR,fr;q=0.9
Referer
http://www.malipmu.1s.fr/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

Date
Sat, 30 Dec 2023 12:12:48 GMT
Content-Encoding
gzip
Last-Modified
Sat, 30 Dec 2023 12:12:48 GMT
Server
Apache
Vary
Accept-Encoding
Content-Type
application/javascript
Cache-Control
public, max-age=604800
Connection
Keep-Alive
Keep-Alive
timeout=5, max=100
Content-Length
1023
Expires
Sat, 06 Jan 2024 12:12:48 GMT
separateur90.gif
www.venez.fr/images/ Frame 1E41 		82 B
388 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.venez.fr/images/separateur90.gif
Requested by
Host: www.malipmu.1s.fr
URL: http://www.malipmu.1s.fr/barre-malipmu.1s.fr.html
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
5.135.149.81 Le Chesnay, France, ASN16276 (OVH, FR),
Reverse DNS
web3.venez.net
Software
Apache /
Resource Hash
3289fc83b622ca0a13683fa81b006a05de135d1938744d6e30e5c9be2f2d782a

Request headers

accept-language
fr-FR,fr;q=0.9
Referer
http://www.malipmu.1s.fr/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

Date
Sat, 30 Dec 2023 12:12:48 GMT
Last-Modified
Thu, 15 Nov 2018 22:11:22 GMT
Server
Apache
ETag
"52-57abb54b25680"
Content-Type
image/gif
Cache-Control
max-age=604800, public
Connection
Keep-Alive
Accept-Ranges
bytes
Keep-Alive
timeout=5, max=100
Content-Length
82
adsbygoogle.js
pagead2.googlesyndication.com/pagead/js/ Frame 1E41 		145 KB
54 KB 		Script
General
Check archive.org
Download Go to
Full URL
http://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js
Requested by
Host: www.malipmu.1s.fr
URL: http://www.malipmu.1s.fr/barre-malipmu.1s.fr.html
Protocol
HTTP/1.1
Server
2a00:1450:4001:80b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
12fb28b0a4af568b54af47fb3259395ea3ac647472ebf7e5275c8e82531455d9
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
fr-FR,fr;q=0.9
Referer
http://www.malipmu.1s.fr/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

Date
Sat, 30 Dec 2023 12:12:49 GMT
Content-Encoding
gzip
X-Content-Type-Options
nosniff
P3P
policyref="http://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
Cross-Origin-Resource-Policy
cross-origin
Content-Disposition
attachment; filename="f.txt"
Content-Length
54227
X-XSS-Protection
0
Server
cafe
ETag
13787791890725838955
Vary
Accept-Encoding
Content-Type
text/javascript; charset=UTF-8
Access-Control-Allow-Origin
*
Cache-Control
private, max-age=3600, stale-while-revalidate=3600
Timing-Allow-Origin
*
Expires
Sat, 30 Dec 2023 12:12:49 GMT
header.gif
www.toptierce.net/turf/malipmu/ Frame 8108 		85 KB
86 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
http://www.toptierce.net/turf/malipmu/header.gif
Requested by
Host: www.toptierce.net
URL: http://www.toptierce.net/turf/malipmu/
Protocol
HTTP/1.1
Server
194.150.236.236 , France, ASN44976 (HIWIT_AS, FR),
Reverse DNS
ns76.hiwit.net
Software
Apache /
Resource Hash
f708cf84d69a0f2267eadcd97dd50bde07ae053d0604ae510161861a06fd70f7

Request headers

accept-language
fr-FR,fr;q=0.9
Referer
http://www.toptierce.net/turf/malipmu/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

Date
Sat, 30 Dec 2023 12:12:49 GMT
Last-Modified
Sun, 02 Jul 2023 21:36:24 GMT
Server
Apache
ETag
"2b884c7-155b3-5ff87d7752600"
Vary
Host
Content-Type
image/gif
Connection
Keep-Alive
Accept-Ranges
bytes
Keep-Alive
timeout=15, max=99
Content-Length
87475
logo.gif
www.secretturf.com/img/ Frame 8108
Redirect Chain
  • http://www.secretturf.com/img/logo.gif
  • https://www.secretturf.com/img/logo.gif
62 KB
63 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.secretturf.com/img/logo.gif
Requested by
Host: www.toptierce.net
URL: http://www.toptierce.net/turf/malipmu/
Protocol
HTTP/1.1
Server
194.150.236.190 , France, ASN44976 (HIWIT_AS, FR),
Reverse DNS
ns30.hiwit.net
Software
Apache /
Resource Hash
cce78252542c52ca1be1ee90ee21bb2293e769b0720f1a47ec6f719aac256054
Security Headers
Name Value
Strict-Transport-Security max-age=15768000

Request headers

accept-language
fr-FR,fr;q=0.9
Referer
http://www.toptierce.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

Date
Sat, 30 Dec 2023 12:12:49 GMT
Strict-Transport-Security
max-age=15768000
Last-Modified
Thu, 07 Dec 2017 14:35:05 GMT
Server
Apache
ETag
"7adf6f-f93c-55fc0f954d840"
Vary
Host
Content-Type
image/gif
Connection
Keep-Alive
Accept-Ranges
bytes
Keep-Alive
timeout=10, max=100
Content-Length
63804

Redirect headers

Location
https://www.secretturf.com/img/logo.gif
Date
Sat, 30 Dec 2023 12:12:49 GMT
Server
Apache
Connection
Keep-Alive
Keep-Alive
timeout=10, max=100
Content-Length
247
Content-Type
text/html; charset=iso-8859-1
banner.gif
img.root-top.com/topsite/simplejeux/ Frame 8108
Redirect Chain
  • http://img.root-top.com/topsite/simplejeux/banner.gif
  • https://img.root-top.com/topsite/simplejeux/banner.gif
4 KB
5 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://img.root-top.com/topsite/simplejeux/banner.gif
Requested by
Host: www.toptierce.net
URL: http://www.toptierce.net/turf/malipmu/
Protocol
H2
Server
2606:4700:3038::6815:ea1a , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
597b8d67ab1ae1248dc69b6ef66b49d95eedc1ab74ae74234d86e3668d72e58e

Request headers

accept-language
fr-FR,fr;q=0.9
Referer
http://www.toptierce.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Sat, 30 Dec 2023 12:12:49 GMT
cf-cache-status
HIT
last-modified
Tue, 29 Nov 2022 12:52:50 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
age
7143
etag
"1229025579"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=scMWZpEimi2h0HNw8TkIfUvdTRPmnSgbgLOJdR6MUDB9U%2B9wqDC2R3tSqmrF3X7D3kiN7ppRCHons1qGJCs2gFnWwC1RduyAoYFhhoYHjUA1%2FM0DM3YTohRuCr4GLP2N9Q1dENO5DTRqxZOk5FqA"}],"group":"cf-nel","max_age":604800}
content-type
image/png
cache-control
max-age=2678400
accept-ranges
bytes
cf-ray
83da31779d5bf844-CDG
alt-svc
h3=":443"; ma=86400
content-length
4424

Redirect headers

Date
Sat, 30 Dec 2023 12:12:49 GMT
CF-Cache-Status
EXPIRED
NEL
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Server
cloudflare
Vary
Accept-Encoding
Report-To
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=bRBneo6xzWBZQ6eUg49A7wrAo2wml%2BPCnM7qqCXPEs79Rte6uo4CRWMl18rQU8ZdJaORoX8oHT1Id4thRHYYhuEESHGs1%2Bjem95caoZ8%2BCZLl2F8%2BnATQ6%2BpACEsItA2nj03SmOytbKFqhIp33GJ"}],"group":"cf-nel","max_age":604800}
Location
https://img.root-top.com/topsite/simplejeux/banner.gif
Cache-Control
max-age=14400
Connection
keep-alive
CF-RAY
83da31770c13d52e-CDG
alt-svc
h3=":443"; ma=86400
Content-Length
0
logo.gif
www.toptierce.net/img/ Frame 8108 		12 KB
13 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
http://www.toptierce.net/img/logo.gif
Requested by
Host: www.toptierce.net
URL: http://www.toptierce.net/turf/malipmu/
Protocol
HTTP/1.1
Server
194.150.236.236 , France, ASN44976 (HIWIT_AS, FR),
Reverse DNS
ns76.hiwit.net
Software
Apache /
Resource Hash
8e34cdba9ac65b3b6dd470052f0eb3442bdf7f6953e30b72d35ce0ab40ad9f40

Request headers

accept-language
fr-FR,fr;q=0.9
Referer
http://www.toptierce.net/turf/malipmu/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

Date
Sat, 30 Dec 2023 12:12:49 GMT
Last-Modified
Sun, 02 Jul 2023 21:37:26 GMT
Server
Apache
ETag
"2b885cb-316e-5ff87db273180"
Vary
Host
Content-Type
image/gif
Connection
Keep-Alive
Accept-Ranges
bytes
Keep-Alive
timeout=15, max=100
Content-Length
12654
banner.gif
img.root-top.com/topsite/toptierce/ Frame 8108
Redirect Chain
  • http://img.root-top.com/topsite/toptierce/banner.gif
  • https://img.root-top.com/topsite/toptierce/banner.gif
4 KB
5 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://img.root-top.com/topsite/toptierce/banner.gif
Requested by
Host: www.toptierce.net
URL: http://www.toptierce.net/turf/malipmu/
Protocol
H2
Server
2606:4700:3038::6815:ea1a , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
597b8d67ab1ae1248dc69b6ef66b49d95eedc1ab74ae74234d86e3668d72e58e

Request headers

accept-language
fr-FR,fr;q=0.9
Referer
http://www.toptierce.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Sat, 30 Dec 2023 12:12:49 GMT
cf-cache-status
HIT
last-modified
Tue, 29 Nov 2022 12:52:50 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
age
5539
etag
"1229025579"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=zgK16urMbeFNcy%2BkNfPwrZaUjRsuc0TcxPZ43e80bnOXx5Wu9uM9Mp%2FIf6Li6unsykJ3jTyDbZLE7FTnvjQqIWcpMcXyzYROFH8z9Lmg1mo7iaIQO46156OIknqa0US%2BYPZMYmyxlAnvxg7O3Dsa"}],"group":"cf-nel","max_age":604800}
content-type
image/png
cache-control
max-age=2678400
accept-ranges
bytes
cf-ray
83da31779d5af844-CDG
alt-svc
h3=":443"; ma=86400
content-length
4424

Redirect headers

Date
Sat, 30 Dec 2023 12:12:49 GMT
CF-Cache-Status
EXPIRED
NEL
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Server
cloudflare
Vary
Accept-Encoding
Report-To
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=1NLVo8QuHm%2BXde0nXAgf58jQr3yCRce4%2Bz3vspJoYluL4sz3Se2b4S8auQBygm8G05fdqITKPFsvZI2KeJbyW3mLBWCQg%2BWUwzVLey6TpPuw4cpxE0aBM9SfePJ52ZuGGIAtPcBAJ70aVUbBNcwI"}],"group":"cf-nel","max_age":604800}
Location
https://img.root-top.com/topsite/toptierce/banner.gif
Cache-Control
max-age=14400
Connection
keep-alive
CF-RAY
83da31770cd56ecc-CDG
alt-svc
h3=":443"; ma=86400
Content-Length
0
v=c-uMZ7rGrk.wx.hUDZmT8YbUNpJRfs6tUnYvdKbA8VI_
www.gambling-affiliation.com/cpm/ Frame 8108 		339 B
427 B 		Script
General
Check archive.org
Download Go to
Full URL
https://www.gambling-affiliation.com/cpm/v=c-uMZ7rGrk.wx.hUDZmT8YbUNpJRfs6tUnYvdKbA8VI_
Requested by
Host: www.toptierce.net
URL: http://www.toptierce.net/turf/malipmu/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
91.198.105.122 , France, ASN35393 (EURO-WEB-AS, FR),
Reverse DNS
Software
Apache /
Resource Hash
de421ad2eb9e68d7798320a44138c37baea59c11ddff99bc492e10be0ccbfe4c

Request headers

accept-language
fr-FR,fr;q=0.9
Referer
http://www.toptierce.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Sat, 30 Dec 2023 12:12:49 GMT
server
Apache
content-length
339
content-type
application/javascript
chevaux-course.jpg
www.toptierce.net/turf/malipmu/ Frame 8108 		27 KB
27 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
http://www.toptierce.net/turf/malipmu/chevaux-course.jpg
Requested by
Host: www.toptierce.net
URL: http://www.toptierce.net/turf/malipmu/
Protocol
HTTP/1.1
Server
194.150.236.236 , France, ASN44976 (HIWIT_AS, FR),
Reverse DNS
ns76.hiwit.net
Software
Apache /
Resource Hash
e612bd601b0098f708e7631a77393f16dd489ed11f32c1b155b76d8fa480a7ca

Request headers

accept-language
fr-FR,fr;q=0.9
Referer
http://www.toptierce.net/turf/malipmu/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

Date
Sat, 30 Dec 2023 12:12:49 GMT
Last-Modified
Sun, 02 Jul 2023 21:36:22 GMT
Server
Apache
ETag
"2b884c2-6cb7-5ff87d756a180"
Vary
Host
Content-Type
image/jpeg
Connection
Keep-Alive
Accept-Ranges
bytes
Keep-Alive
timeout=15, max=100
Content-Length
27831
puce.png
www.toptierce.net/turf/malipmu/ Frame 8108 		35 KB
36 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
http://www.toptierce.net/turf/malipmu/puce.png
Requested by
Host: www.toptierce.net
URL: http://www.toptierce.net/turf/malipmu/
Protocol
HTTP/1.1
Server
194.150.236.236 , France, ASN44976 (HIWIT_AS, FR),
Reverse DNS
ns76.hiwit.net
Software
Apache /
Resource Hash
4b7912eb5c02b7f4ca397f3b8101850573e2a795d25eaedd05201a1919b30861

Request headers

accept-language
fr-FR,fr;q=0.9
Referer
http://www.toptierce.net/turf/malipmu/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

Date
Sat, 30 Dec 2023 12:12:49 GMT
Last-Modified
Sun, 02 Jul 2023 21:36:25 GMT
Server
Apache
ETag
"2b884d2-8d59-5ff87d7846840"
Vary
Host
Content-Type
image/png
Connection
Keep-Alive
Accept-Ranges
bytes
Keep-Alive
timeout=15, max=100
Content-Length
36185
alternate-barre.htm
www.venez.fr/ Frame 85E0 		2 KB
1 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://www.venez.fr/alternate-barre.htm
Requested by
Host: www.malipmu.1s.fr
URL: http://www.malipmu.1s.fr/barre-malipmu.1s.fr.html
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
5.135.149.81 Le Chesnay, France, ASN16276 (OVH, FR),
Reverse DNS
web3.venez.net
Software
Apache /
Resource Hash
7b56014ba0b9e872637cfb5c9c4cfe0e08c93767cbf73b922fdb586ebc89650d

Request headers

Referer
http://www.malipmu.1s.fr/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36
accept-language
fr-FR,fr;q=0.9

Response headers

Connection
Keep-Alive
Content-Encoding
gzip
Content-Length
873
Content-Type
text/html; charset=iso-8859-1
Date
Sat, 30 Dec 2023 12:12:48 GMT
Keep-Alive
timeout=5, max=99
Server
Apache
Vary
Accept-Encoding
barre90.gif
www.venez.fr/images/ Frame 1E41 		110 B
416 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.venez.fr/images/barre90.gif
Requested by
Host: www.malipmu.1s.fr
URL: http://www.malipmu.1s.fr/barre-malipmu.1s.fr.html
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
5.135.149.81 Le Chesnay, France, ASN16276 (OVH, FR),
Reverse DNS
web3.venez.net
Software
Apache /
Resource Hash
49d4ba84e10d9d1f2a83956dde4f20625fd11efc01f60a3a4552a9e09a05a74f

Request headers

accept-language
fr-FR,fr;q=0.9
Referer
http://www.malipmu.1s.fr/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

Date
Sat, 30 Dec 2023 12:12:48 GMT
Last-Modified
Thu, 15 Nov 2018 22:06:23 GMT
Server
Apache
ETag
"6e-57abb42dff5c0"
Content-Type
image/gif
Cache-Control
max-age=604800, public
Connection
Keep-Alive
Accept-Ranges
bytes
Keep-Alive
timeout=5, max=99
Content-Length
110
120x60.gif
www.venez.fr/images/ Frame 85E0 		4 KB
4 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.venez.fr/images/120x60.gif
Requested by
Host: www.venez.fr
URL: https://www.venez.fr/alternate-barre.htm
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
5.135.149.81 Le Chesnay, France, ASN16276 (OVH, FR),
Reverse DNS
web3.venez.net
Software
Apache /
Resource Hash
7dc792d48132ff15a9ad8c11a139bf26f8e13aa3df30a71582ae406ddffdab4f

Request headers

accept-language
fr-FR,fr;q=0.9
Referer
https://www.venez.fr/alternate-barre.htm
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

Date
Sat, 30 Dec 2023 12:12:48 GMT
Last-Modified
Wed, 02 Mar 2011 00:16:24 GMT
Server
Apache
ETag
"f4c-49d74d2b9c600"
Content-Type
image/gif
Cache-Control
max-age=604800, public
Connection
Keep-Alive
Accept-Ranges
bytes
Keep-Alive
timeout=5, max=98
Content-Length
3916
site.js
www.venez.fr/js/ Frame 85E0 		2 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.venez.fr/js/site.js?www.venez.fr
Requested by
Host: www.venez.fr
URL: https://www.venez.fr/alternate-barre.htm
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
5.135.149.81 Le Chesnay, France, ASN16276 (OVH, FR),
Reverse DNS
web3.venez.net
Software
Apache /
Resource Hash
0c91a24c2deb753c963c48cd9c3e5d16ee96128b30bce193c4324e121728c306

Request headers

accept-language
fr-FR,fr;q=0.9
Referer
https://www.venez.fr/alternate-barre.htm
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

Date
Sat, 30 Dec 2023 12:12:48 GMT
Content-Encoding
gzip
Last-Modified
Sat, 30 Dec 2023 12:12:48 GMT
Server
Apache
Vary
Accept-Encoding
Content-Type
application/javascript
Cache-Control
public, max-age=604800
Connection
Keep-Alive
Keep-Alive
timeout=5, max=98
Content-Length
1023
Expires
Sat, 06 Jan 2024 12:12:48 GMT
barre90.gif
www.venez.fr/images/ Frame 85E0 		110 B
416 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.venez.fr/images/barre90.gif
Requested by
Host: www.venez.fr
URL: https://www.venez.fr/alternate-barre.htm
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
5.135.149.81 Le Chesnay, France, ASN16276 (OVH, FR),
Reverse DNS
web3.venez.net
Software
Apache /
Resource Hash
49d4ba84e10d9d1f2a83956dde4f20625fd11efc01f60a3a4552a9e09a05a74f

Request headers

accept-language
fr-FR,fr;q=0.9
Referer
https://www.venez.fr/alternate-barre.htm
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

Date
Sat, 30 Dec 2023 12:12:48 GMT
Last-Modified
Thu, 15 Nov 2018 22:06:23 GMT
Server
Apache
ETag
"6e-57abb42dff5c0"
Content-Type
image/gif
Cache-Control
max-age=604800, public
Connection
Keep-Alive
Accept-Ranges
bytes
Keep-Alive
timeout=5, max=97
Content-Length
110
show_ads_impl_with_ama_fy2021.js
pagead2.googlesyndication.com/pagead/managed/js/adsense/m202312070101/ Frame 1E41 		399 KB
135 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202312070101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-5203714787387788&plah=www.malipmu.1s.fr
Requested by
Host: pagead2.googlesyndication.com
URL: http://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
d19b1cb0d45af7c0d78100c0ca22687b2ecc7da93d21833f19d8bf591a245989
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
fr-FR,fr;q=0.9
Referer
http://www.malipmu.1s.fr/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Sat, 30 Dec 2023 12:12:49 GMT
content-encoding
br
x-content-type-options
nosniff
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
137961
x-xss-protection
0
server
cafe
etag
6822380267644104628
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
cache-control
private, max-age=3600, stale-while-revalidate=3600
timing-allow-origin
*
expires
Sat, 30 Dec 2023 12:12:49 GMT
zrt_lookup_fy2021.html
googleads.g.doubleclick.net/pagead/html/r20231207/r20190131/ Frame D303 		9 KB
4 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/html/r20231207/r20190131/zrt_lookup_fy2021.html
Requested by
Host: pagead2.googlesyndication.com
URL: http://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:802::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
1fc8dfdb8f646e934bf93bc6f793604bb12c6b304c04ac509aa86cdc1a2dbbea
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
http://www.malipmu.1s.fr/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36
accept-language
fr-FR,fr;q=0.9

Response headers

age
46436
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, max-age=1209600
content-encoding
br
content-length
4130
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Fri, 29 Dec 2023 23:18:53 GMT
etag
5585625838579639069
expires
Fri, 12 Jan 2024 23:18:53 GMT
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server
cafe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
25995.gif
static.gambling-affiliation.com/uploads/ads/ Frame 8108 		207 KB
208 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static.gambling-affiliation.com/uploads/ads/25995.gif
Requested by
Host: www.toptierce.net
URL: http://www.toptierce.net/turf/malipmu/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
91.198.105.122 , France, ASN35393 (EURO-WEB-AS, FR),
Reverse DNS
Software
nginx/1.15.5 /
Resource Hash
1816069af86c24f0cc7eb81c78311efc0aba9aded5642284cf673bb1c7130e7e

Request headers

accept-language
fr-FR,fr;q=0.9
Referer
http://www.toptierce.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Sat, 30 Dec 2023 12:12:49 GMT
last-modified
Wed, 19 May 2021 07:07:11 GMT
server
nginx/1.15.5
accept-ranges
bytes
etag
"60a4b91f-33dd1"
content-length
212433
content-type
image/gif
buy.apu
payment.allopass.com/buy/ Frame B2CF 		10 KB
4 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://payment.allopass.com/buy/buy.apu?ids=340817&idd=1532449
Requested by
Host: www.toptierce.net
URL: http://www.toptierce.net/turf/malipmu/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
185.119.26.1 , France, ASN203544 (WEBDEVIIN-AS, FR),
Reverse DNS
1.26.119.185.in-addr.arpa
Software
Apache /
Resource Hash
1db7af4f5fbf1169ce9b407b477a728c35f4b25c940ea4ddd19492b87f609fd6

Request headers

Referer
http://www.toptierce.net/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36
accept-language
fr-FR,fr;q=0.9

Response headers

Access-Control-Allow-Origin
*
Cache-Control
no-store, no-cache, must-revalidate, post-check=0, pre-check=0
Connection
close
Content-Encoding
gzip
Content-Length
3292
Content-Type
text/html; charset=UTF-8
Date
Sat, 30 Dec 2023 12:12:49 GMT
Expires
Thu, 19 Nov 1981 08:52:00 GMT
P3P
CP='NON NID OTPa OUR NOR' policy-ref='http://payment.allopass.com/info/p3p/policy-references.xml'
Pragma
no-cache
Server
Apache
Vary
Accept-Encoding
ads
googleads.g.doubleclick.net/pagead/ Frame 1E3D 		706 B
576 B 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5203714787387788&output=html&h=90&slotname=4563536207&adk=2647235303&adf=3604715433&pi=t.ma~as.4563536207&w=970&format=970x90&url=http%3A%2F%2Fwww.malipmu.1s.fr%2F&ea=0&wgl=1&dt=1703938369310&bpp=2&bdt=304&idt=302&shv=r20231207&mjsv=m202312070101&ptt=9&saldr=aa&correlator=684620719039&frm=23&ife=1&pv=2&ga_vid=1800444807.1703938370&ga_sid=1703938370&ga_hid=290011130&ga_fc=0&nhd=1&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&adx=20&ady=0&biw=1600&bih=1200&isw=1600&ish=90&ifk=3048689311&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C31080104%2C95320884%2C21065724&oid=2&pvsid=12572098771836&tmod=231808983&uas=0&nvt=1&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C90&vis=1&rsz=o%7Co%7CaeE%7C&abl=NA&pfx=0&fu=4&bc=23&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=1&uci=1.fsd9mkz1d4hu&fsb=1&dtd=312
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202312070101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-5203714787387788&plah=www.malipmu.1s.fr
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:802::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
188f9cc05f71edca7fb58204c7060eb768a5587139a19def1e35946a31333347
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
http://www.malipmu.1s.fr/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36
accept-language
fr-FR,fr;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
private
content-encoding
br
content-length
355
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Sat, 30 Dec 2023 12:12:50 GMT
expires
Sat, 30 Dec 2023 12:12:50 GMT
observe-browsing-topics
?1
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server
cafe
timing-allow-origin
*
x-content-type-options
nosniff
x-xss-protection
0
jBox.all.min.css
payment.allopass.com/static/css/jBox/ Frame B2CF 		16 KB
4 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://payment.allopass.com/static/css/jBox/jBox.all.min.css
Requested by
Host: payment.allopass.com
URL: https://payment.allopass.com/buy/buy.apu?ids=340817&idd=1532449
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
185.119.26.1 , France, ASN203544 (WEBDEVIIN-AS, FR),
Reverse DNS
1.26.119.185.in-addr.arpa
Software
Apache /
Resource Hash
16393c3e769e20445f7f78adf6a188dae9d932249842c1033dc2144bac1296ac

Request headers

accept-language
fr-FR,fr;q=0.9
Referer
https://payment.allopass.com/buy/buy.apu?ids=340817&idd=1532449
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

Date
Sat, 30 Dec 2023 12:12:49 GMT
Content-Encoding
gzip
Last-Modified
Mon, 21 Aug 2023 10:50:27 GMT
Server
Apache
ETag
"40fcf-40d7-6036ca56d02c0"
Vary
Accept-Encoding
Content-Type
text/css
Connection
close
Accept-Ranges
bytes
Content-Length
3631
base.css
payment.allopass.com/static/css/ Frame B2CF 		81 KB
15 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://payment.allopass.com/static/css/base.css?68
Requested by
Host: payment.allopass.com
URL: https://payment.allopass.com/buy/buy.apu?ids=340817&idd=1532449
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
185.119.26.1 , France, ASN203544 (WEBDEVIIN-AS, FR),
Reverse DNS
1.26.119.185.in-addr.arpa
Software
Apache /
Resource Hash
3975eb898756e296608f964f0fe799ecf25bbf79467666a3c3218dad3db1de6e

Request headers

accept-language
fr-FR,fr;q=0.9
Referer
https://payment.allopass.com/buy/buy.apu?ids=340817&idd=1532449
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

Date
Sat, 30 Dec 2023 12:12:49 GMT
Content-Encoding
gzip
Last-Modified
Mon, 21 Aug 2023 10:50:27 GMT
Server
Apache
ETag
"216e7-143f2-6036ca56d02c0"
Vary
Accept-Encoding
Content-Type
text/css
Connection
close
Accept-Ranges
bytes
Content-Length
14739
carousel.css
payment.allopass.com/static/css/ Frame B2CF 		21 KB
3 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://payment.allopass.com/static/css/carousel.css?68
Requested by
Host: payment.allopass.com
URL: https://payment.allopass.com/buy/buy.apu?ids=340817&idd=1532449
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
185.119.26.1 , France, ASN203544 (WEBDEVIIN-AS, FR),
Reverse DNS
1.26.119.185.in-addr.arpa
Software
Apache /
Resource Hash
1decf61f3465e4585a9a8cd868c343796bb6f43dfd1f03fa0b361dab97b4627c

Request headers

accept-language
fr-FR,fr;q=0.9
Referer
https://payment.allopass.com/buy/buy.apu?ids=340817&idd=1532449
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

Date
Sat, 30 Dec 2023 12:12:49 GMT
Content-Encoding
gzip
Last-Modified
Mon, 21 Aug 2023 10:50:27 GMT
Server
Apache
ETag
"21904-54eb-6036ca56d02c0"
Vary
Accept-Encoding
Content-Type
text/css
Connection
close
Accept-Ranges
bytes
Content-Length
2387
jquery-1.3.2.min.js
payment.allopass.com/static/js/ext/ Frame B2CF 		56 KB
20 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://payment.allopass.com/static/js/ext/jquery-1.3.2.min.js
Requested by
Host: payment.allopass.com
URL: https://payment.allopass.com/buy/buy.apu?ids=340817&idd=1532449
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
185.119.26.1 , France, ASN203544 (WEBDEVIIN-AS, FR),
Reverse DNS
1.26.119.185.in-addr.arpa
Software
Apache /
Resource Hash
c8370a2d050359e9d505acc411e6f457a49b21360a21e6cbc9229bad3a767899

Request headers

accept-language
fr-FR,fr;q=0.9
Referer
https://payment.allopass.com/buy/buy.apu?ids=340817&idd=1532449
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

Date
Sat, 30 Dec 2023 12:12:49 GMT
Content-Encoding
gzip
Last-Modified
Mon, 21 Aug 2023 10:50:27 GMT
Server
Apache
ETag
"21722-dfa6-6036ca56d02c0"
Vary
Accept-Encoding
Content-Type
application/javascript
Connection
close
Accept-Ranges
bytes
Content-Length
19740
jquery-1.11.3.min.js
payment.allopass.com/static/js/ext/ Frame B2CF 		94 KB
33 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://payment.allopass.com/static/js/ext/jquery-1.11.3.min.js
Requested by
Host: payment.allopass.com
URL: https://payment.allopass.com/buy/buy.apu?ids=340817&idd=1532449
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
185.119.26.1 , France, ASN203544 (WEBDEVIIN-AS, FR),
Reverse DNS
1.26.119.185.in-addr.arpa
Software
Apache /
Resource Hash
ecb916133a9376911f10bc5c659952eb0031e457f5df367cde560edbfba38fb8

Request headers

accept-language
fr-FR,fr;q=0.9
Referer
https://payment.allopass.com/buy/buy.apu?ids=340817&idd=1532449
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

Date
Sat, 30 Dec 2023 12:12:49 GMT
Content-Encoding
gzip
Last-Modified
Mon, 21 Aug 2023 10:50:27 GMT
Server
Apache
ETag
"4106a-176d5-6036ca56d02c0"
Vary
Accept-Encoding
Content-Type
application/javascript
Connection
close
Accept-Ranges
bytes
Content-Length
33279
general.js
payment.allopass.com/onetime/scripts/ Frame B2CF 		4 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://payment.allopass.com/onetime/scripts/general.js?04
Requested by
Host: payment.allopass.com
URL: https://payment.allopass.com/buy/buy.apu?ids=340817&idd=1532449
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
185.119.26.1 , France, ASN203544 (WEBDEVIIN-AS, FR),
Reverse DNS
1.26.119.185.in-addr.arpa
Software
Apache /
Resource Hash
c1893b3f02db32e36ee562842bc299d27c047656416c204667abf42f04777d2a

Request headers

accept-language
fr-FR,fr;q=0.9
Referer
https://payment.allopass.com/buy/buy.apu?ids=340817&idd=1532449
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

Date
Sat, 30 Dec 2023 12:12:49 GMT
Content-Encoding
gzip
Last-Modified
Mon, 21 Aug 2023 10:50:26 GMT
Server
Apache
ETag
"3f9b5-f37-6036ca55dc080"
Vary
Accept-Encoding
Content-Type
application/javascript
Connection
close
Accept-Ranges
bytes
Content-Length
1593
jBox.all.min.js
payment.allopass.com/static/js/ext/ Frame B2CF 		51 KB
13 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://payment.allopass.com/static/js/ext/jBox.all.min.js
Requested by
Host: payment.allopass.com
URL: https://payment.allopass.com/buy/buy.apu?ids=340817&idd=1532449
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
185.119.26.1 , France, ASN203544 (WEBDEVIIN-AS, FR),
Reverse DNS
1.26.119.185.in-addr.arpa
Software
Apache /
Resource Hash
d176bb09818fe74dc0e1d369c411c2e3ca68bbf64a8eb76b43ec306520229833

Request headers

accept-language
fr-FR,fr;q=0.9
Referer
https://payment.allopass.com/buy/buy.apu?ids=340817&idd=1532449
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

Date
Sat, 30 Dec 2023 12:12:49 GMT
Content-Encoding
gzip
Last-Modified
Mon, 21 Aug 2023 10:50:27 GMT
Server
Apache
ETag
"21805-cb59-6036ca56d02c0"
Vary
Accept-Encoding
Content-Type
application/javascript
Connection
close
Accept-Ranges
bytes
Content-Length
12605
top.js
gmu-apps.com/js/ Frame B2CF 		54 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://gmu-apps.com/js/top.js
Requested by
Host: payment.allopass.com
URL: https://payment.allopass.com/buy/buy.apu?ids=340817&idd=1532449
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.219.2.218 San Jose, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-54-219-2-218.us-west-1.compute.amazonaws.com
Software
Apache /
Resource Hash
cdca24fd19906ad7adbf066e55d3ee87750c3901e9b5d1beb538408274d32109

Request headers

accept-language
fr-FR,fr;q=0.9
Referer
https://payment.allopass.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 30 Dec 2023 12:12:50 GMT
content-encoding
gzip
last-modified
Fri, 02 Apr 2021 20:31:35 GMT
server
Apache
vary
Accept-Encoding
content-type
application/javascript
cache-control
max-age=0, no-cache, no-store, must-revalidate
accept-ranges
bytes
content-length
5772
expires
Sun, 8 Mar 1981 10:00:00 GMT
fr.png
payment.allopass.com/icons/flags/24x24/ Frame B2CF 		536 B
774 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://payment.allopass.com/icons/flags/24x24/fr.png
Requested by
Host: payment.allopass.com
URL: https://payment.allopass.com/buy/buy.apu?ids=340817&idd=1532449
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
185.119.26.1 , France, ASN203544 (WEBDEVIIN-AS, FR),
Reverse DNS
1.26.119.185.in-addr.arpa
Software
Apache /
Resource Hash
54df4beda3ad05d5c621511ff15b2882588ff457e36132035d5f21fb29f2a750

Request headers

accept-language
fr-FR,fr;q=0.9
Referer
https://payment.allopass.com/buy/buy.apu?ids=340817&idd=1532449
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

Date
Sat, 30 Dec 2023 12:12:49 GMT
Last-Modified
Tue, 26 Nov 2019 14:39:45 GMT
Server
Apache
ETag
"42c49-218-59840d9ebee40"
Content-Type
image/png
Connection
close
Accept-Ranges
bytes
Content-Length
536
check-codes.js
payment.allopass.com/static/js/ Frame B2CF 		2 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://payment.allopass.com/static/js/check-codes.js?01
Requested by
Host: payment.allopass.com
URL: https://payment.allopass.com/buy/buy.apu?ids=340817&idd=1532449
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
185.119.26.1 , France, ASN203544 (WEBDEVIIN-AS, FR),
Reverse DNS
1.26.119.185.in-addr.arpa
Software
Apache /
Resource Hash
97a9de3830f4bd7bcb7cf4805dbdcf1f4c6e843fcd4a814c6a5d7bc2b11fee1a

Request headers

accept-language
fr-FR,fr;q=0.9
Referer
https://payment.allopass.com/buy/buy.apu?ids=340817&idd=1532449
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

Date
Sat, 30 Dec 2023 12:12:49 GMT
Content-Encoding
gzip
Last-Modified
Mon, 21 Aug 2023 10:50:27 GMT
Server
Apache
ETag
"21a1b-9d7-6036ca56d02c0"
Vary
Accept-Encoding
Content-Type
application/javascript
Connection
close
Accept-Ranges
bytes
Content-Length
795
fingerprint2.min.js
payment.allopass.com/static/js/ext/ Frame B2CF 		33 KB
10 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://payment.allopass.com/static/js/ext/fingerprint2.min.js
Requested by
Host: payment.allopass.com
URL: https://payment.allopass.com/buy/buy.apu?ids=340817&idd=1532449
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
185.119.26.1 , France, ASN203544 (WEBDEVIIN-AS, FR),
Reverse DNS
1.26.119.185.in-addr.arpa
Software
Apache /
Resource Hash
faf063f091dd745b82f9aeb12544a10ef3ee5989078c1a90d377d863fff884c7

Request headers

accept-language
fr-FR,fr;q=0.9
Referer
https://payment.allopass.com/buy/buy.apu?ids=340817&idd=1532449
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

Date
Sat, 30 Dec 2023 12:12:49 GMT
Content-Encoding
gzip
Last-Modified
Mon, 21 Aug 2023 10:50:27 GMT
Server
Apache
ETag
"21a1e-8432-6036ca56d02c0"
Vary
Accept-Encoding
Content-Type
application/javascript
Connection
close
Accept-Ranges
bytes
Content-Length
10209
arrow-down.png
payment.allopass.com/static/css/images/ Frame B2CF 		315 B
553 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://payment.allopass.com/static/css/images/arrow-down.png
Requested by
Host: payment.allopass.com
URL: https://payment.allopass.com/buy/buy.apu?ids=340817&idd=1532449
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
185.119.26.1 , France, ASN203544 (WEBDEVIIN-AS, FR),
Reverse DNS
1.26.119.185.in-addr.arpa
Software
Apache /
Resource Hash
c0a130d7b90ac605b17acd40337aa673f2f6b1779801ba8ea7d894d38b87ba36

Request headers

accept-language
fr-FR,fr;q=0.9
Referer
https://payment.allopass.com/buy/buy.apu?ids=340817&idd=1532449
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

Date
Sat, 30 Dec 2023 12:12:49 GMT
Last-Modified
Mon, 21 Aug 2023 10:50:27 GMT
Server
Apache
ETag
"40f98-13b-6036ca56d02c0"
Content-Type
image/png
Connection
close
Accept-Ranges
bytes
Content-Length
315
carousel.js
payment.allopass.com/static/js/ Frame B2CF 		7 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://payment.allopass.com/static/js/carousel.js?5
Requested by
Host: payment.allopass.com
URL: https://payment.allopass.com/buy/buy.apu?ids=340817&idd=1532449
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
185.119.26.1 , France, ASN203544 (WEBDEVIIN-AS, FR),
Reverse DNS
1.26.119.185.in-addr.arpa
Software
Apache /
Resource Hash
8db08a66fc20669ae93e6d8e919f56a863ce77d3e1ea0bb97efc4c35da450435

Request headers

accept-language
fr-FR,fr;q=0.9
Referer
https://payment.allopass.com/buy/buy.apu?ids=340817&idd=1532449
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

Date
Sat, 30 Dec 2023 12:12:49 GMT
Content-Encoding
gzip
Last-Modified
Mon, 21 Aug 2023 10:50:27 GMT
Server
Apache
ETag
"21715-1b55-6036ca56d02c0"
Vary
Accept-Encoding
Content-Type
application/javascript
Connection
close
Accept-Ranges
bytes
Content-Length
1830
gtm.js
www.googletagmanager.com/ Frame B2CF 		165 KB
60 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtm.js?id=GTM-NVK252XV
Requested by
Host: payment.allopass.com
URL: https://payment.allopass.com/buy/buy.apu?ids=340817&idd=1532449
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80f::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
5fce12e67cf3f60e476f1b7fe4503383b9139ac34e2f7f650663cbdd457ba26c
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

accept-language
fr-FR,fr;q=0.9
Referer
https://payment.allopass.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Sat, 30 Dec 2023 12:12:49 GMT
content-encoding
br
strict-transport-security
max-age=31536000; includeSubDomains
server
Google Tag Manager
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
access-control-allow-headers
Cache-Control
content-length
61200
x-xss-protection
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires
Sat, 30 Dec 2023 12:12:49 GMT
duration.css
payment.allopass.com/static/css/ Frame B2CF 		3 KB
1 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://payment.allopass.com/static/css/duration.css
Requested by
Host: payment.allopass.com
URL: https://payment.allopass.com/static/css/base.css?68
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
185.119.26.1 , France, ASN203544 (WEBDEVIIN-AS, FR),
Reverse DNS
1.26.119.185.in-addr.arpa
Software
Apache /
Resource Hash
b88598db6441341112078d3c81ea00ddf76e566ad9c68dcfec28a4d5100ca7b8

Request headers

accept-language
fr-FR,fr;q=0.9
Referer
https://payment.allopass.com/static/css/base.css?68
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

Date
Sat, 30 Dec 2023 12:12:49 GMT
Content-Encoding
gzip
Last-Modified
Mon, 21 Aug 2023 10:50:27 GMT
Server
Apache
ETag
"40f4f-b61-6036ca56d02c0"
Vary
Accept-Encoding
Content-Type
text/css
Connection
close
Accept-Ranges
bytes
Content-Length
793
sodar
pagead2.googlesyndication.com/getconfig/ Frame 1E41 		16 KB
12 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gda&tv=r20231207&st=env
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202312070101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-5203714787387788&plah=www.malipmu.1s.fr
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
503998162c193bf1f0c03612187fbe5c75cf3341938e1e7ceba19d2d5ac45065
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
fr-FR,fr;q=0.9
Referer
http://www.malipmu.1s.fr/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Sat, 30 Dec 2023 12:12:50 GMT
content-encoding
br
x-content-type-options
nosniff
server
cafe
content-type
application/json; charset=UTF-8
access-control-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
12225
x-xss-protection
0
sodar2.js
tpc.googlesyndication.com/sodar/ Frame 1E41 		17 KB
7 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/sodar2.js
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202312070101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-5203714787387788&plah=www.malipmu.1s.fr
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:829::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
fr-FR,fr;q=0.9
Referer
http://www.malipmu.1s.fr/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Sat, 30 Dec 2023 12:12:50 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
6386
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
etag
"1637097310169751"
vary
Accept-Encoding
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
expires
Sat, 30 Dec 2023 12:12:50 GMT
secure-lock.gif
payment.allopass.com/static/css/icons/ Frame B2CF 		181 B
418 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://payment.allopass.com/static/css/icons/secure-lock.gif
Requested by
Host: payment.allopass.com
URL: https://payment.allopass.com/static/css/base.css?68
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
185.119.26.1 , France, ASN203544 (WEBDEVIIN-AS, FR),
Reverse DNS
1.26.119.185.in-addr.arpa
Software
Apache /
Resource Hash
b74d93c2e43195ed06c03dcc855663cce5faec3d82a53598eb84f0714bb5ced9

Request headers

accept-language
fr-FR,fr;q=0.9
Referer
https://payment.allopass.com/static/css/base.css?68
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

Date
Sat, 30 Dec 2023 12:12:50 GMT
Last-Modified
Mon, 21 Aug 2023 10:50:27 GMT
Server
Apache
ETag
"21641-b5-6036ca56d02c0"
Content-Type
image/gif
Connection
close
Accept-Ranges
bytes
Content-Length
181
sms-logo-new-1.jpg
payment.allopass.com/static/images/payment-solutions/ Frame B2CF 		6 KB
7 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://payment.allopass.com/static/images/payment-solutions/sms-logo-new-1.jpg
Requested by
Host: payment.allopass.com
URL: https://payment.allopass.com/static/css/base.css?68
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
185.119.26.1 , France, ASN203544 (WEBDEVIIN-AS, FR),
Reverse DNS
1.26.119.185.in-addr.arpa
Software
Apache /
Resource Hash
f8e7cca5d725305e0a7c5932bc1e70a4e22abd39bbddcecd52ae3caaa531606b

Request headers

accept-language
fr-FR,fr;q=0.9
Referer
https://payment.allopass.com/static/css/base.css?68
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

Date
Sat, 30 Dec 2023 12:12:50 GMT
Last-Modified
Mon, 21 Aug 2023 10:50:27 GMT
Server
Apache
ETag
"219fb-1974-6036ca56d02c0"
Content-Type
image/jpeg
Connection
close
Accept-Ranges
bytes
Content-Length
6516
field.png
payment.allopass.com/static/css/images/ Frame B2CF 		170 B
407 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://payment.allopass.com/static/css/images/field.png
Requested by
Host: payment.allopass.com
URL: https://payment.allopass.com/static/css/base.css?68
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
185.119.26.1 , France, ASN203544 (WEBDEVIIN-AS, FR),
Reverse DNS
1.26.119.185.in-addr.arpa
Software
Apache /
Resource Hash
7ffb9e58d885b0eaf644c52103b65f0019590149c75e77ff18f826d9bb3fa4e9

Request headers

accept-language
fr-FR,fr;q=0.9
Referer
https://payment.allopass.com/static/css/base.css?68
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

Date
Sat, 30 Dec 2023 12:12:50 GMT
Last-Modified
Mon, 21 Aug 2023 10:50:27 GMT
Server
Apache
ETag
"21747-aa-6036ca56d02c0"
Content-Type
image/png
Connection
close
Accept-Ranges
bytes
Content-Length
170
allopass-logo-small.svg
payment.allopass.com/static/css/images/ Frame B2CF 		116 KB
116 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://payment.allopass.com/static/css/images/allopass-logo-small.svg
Requested by
Host: payment.allopass.com
URL: https://payment.allopass.com/static/css/base.css?68
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
185.119.26.1 , France, ASN203544 (WEBDEVIIN-AS, FR),
Reverse DNS
1.26.119.185.in-addr.arpa
Software
Apache /
Resource Hash
a82d1b3a85473bad87120c7d6b42782c0b5132e88feab8d6bd22a65ac85f70d4

Request headers

accept-language
fr-FR,fr;q=0.9
Referer
https://payment.allopass.com/static/css/base.css?68
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

Date
Sat, 30 Dec 2023 12:12:50 GMT
Last-Modified
Mon, 21 Aug 2023 10:50:27 GMT
Server
Apache
ETag
"40f96-1cf64-6036ca56d02c0"
Content-Type
image/svg+xml
Connection
close
Accept-Ranges
bytes
Content-Length
118628
carousel-row-mobiyo.png
payment.allopass.com/static/css/images/ Frame B2CF 		87 KB
87 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://payment.allopass.com/static/css/images/carousel-row-mobiyo.png
Requested by
Host: payment.allopass.com
URL: https://payment.allopass.com/static/css/carousel.css?68
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
185.119.26.1 , France, ASN203544 (WEBDEVIIN-AS, FR),
Reverse DNS
1.26.119.185.in-addr.arpa
Software
Apache /
Resource Hash
5b0231eec0d06b77f534fe202e99a40e89685551d6f1afdebc3c581e3ea76a0b

Request headers

accept-language
fr-FR,fr;q=0.9
Referer
https://payment.allopass.com/static/css/carousel.css?68
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

Date
Sat, 30 Dec 2023 12:12:50 GMT
Last-Modified
Mon, 21 Aug 2023 10:50:27 GMT
Server
Apache
ETag
"21652-15a80-6036ca56d02c0"
Content-Type
image/png
Connection
close
Accept-Ranges
bytes
Content-Length
88704
destination
www.googletagmanager.com/gtag/ Frame B2CF 		289 KB
95 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtag/destination?id=G-QG320G96PZ&l=dataLayer&cx=c
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-NVK252XV
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80f::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
cfb26875a82c67a46c7f1a7dc2eaac5ffa7816695660d5b291056b72896e5de1
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

accept-language
fr-FR,fr;q=0.9
Referer
https://payment.allopass.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Sat, 30 Dec 2023 12:12:50 GMT
content-encoding
br
strict-transport-security
max-age=31536000; includeSubDomains
server
Google Tag Manager
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
access-control-allow-headers
Cache-Control
content-length
96706
x-xss-protection
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires
Sat, 30 Dec 2023 12:12:50 GMT
runner.html
tpc.googlesyndication.com/sodar/sodar2/225/ Frame 4411 		13 KB
5 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:829::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
http://www.malipmu.1s.fr/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36
accept-language
fr-FR,fr;q=0.9

Response headers

accept-ranges
bytes
age
60308
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, max-age=31536000
content-encoding
gzip
content-length
5046
content-type
text/html
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy
cross-origin
date
Fri, 29 Dec 2023 19:27:42 GMT
expires
Sat, 28 Dec 2024 19:27:42 GMT
last-modified
Mon, 21 Jun 2021 20:47:05 GMT
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server
sffe
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
aframe
www.google.com/recaptcha/api2/ Frame 6E0F 		829 B
1 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://www.google.com/recaptcha/api2/aframe
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80b::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
GSE /
Resource Hash
6bd0f191160f7d6f1c7fa73a759f1b1621d3975078de129e30fce2858a3cf1bc
Security Headers
Name Value
Content-Security-Policy script-src 'report-sample' 'nonce-A7neUKvynKUuNVwtrdKSkw' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
http://www.malipmu.1s.fr/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36
accept-language
fr-FR,fr;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
private, max-age=300
content-encoding
gzip
content-security-policy
script-src 'report-sample' 'nonce-A7neUKvynKUuNVwtrdKSkw' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-type
text/html; charset=utf-8
cross-origin-embedder-policy
require-corp
cross-origin-resource-policy
cross-origin
date
Sat, 30 Dec 2023 12:12:50 GMT
expires
Sat, 30 Dec 2023 12:12:50 GMT
report-to
{"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
server
GSE
x-content-type-options
nosniff
x-xss-protection
1; mode=block
Dtt_-LR3WxpzwV0Gscftq1A_D1owstvxoTnWWhwY4Ow.js
pagead2.googlesyndication.com/bg/ Frame 4411 		39 KB
15 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/bg/Dtt_-LR3WxpzwV0Gscftq1A_D1owstvxoTnWWhwY4Ow.js
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
0edb7ff8b4775b1a73c15d06b1c7edab503f0f5a30b2dbf1a139d65a1c18e0ec
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
fr-FR,fr;q=0.9
Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Fri, 29 Dec 2023 19:27:42 GMT
content-encoding
br
x-content-type-options
nosniff
age
60308
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
15165
x-xss-protection
0
last-modified
Tue, 28 Nov 2023 18:18:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="botguard-scs"
vary
Accept-Encoding
report-to
{"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Sat, 28 Dec 2024 19:27:42 GMT
sodar
pagead2.googlesyndication.com/pagead/ Frame 6E0F 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&li=gda_r20231207&jk=12572098771836&rc=
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
fr-FR,fr;q=0.9
Referer
https://www.google.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers
generate_204
tpc.googlesyndication.com/ Frame 4411 		0
10 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/generate_204?_sWCzg
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:829::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
fr-FR,fr;q=0.9
Referer
https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Sat, 30 Dec 2023 12:12:50 GMT
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
chk.php
gmu-apps.com/ Frame B2CF 		0
94 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://gmu-apps.com/chk.php
Requested by
Host: www.malipmu.1s.fr
URL: http://www.malipmu.1s.fr/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.219.2.218 San Jose, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-54-219-2-218.us-west-1.compute.amazonaws.com
Software
Apache /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://payment.allopass.com/
accept-language
fr-FR,fr;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36
Content-Type
application/x-www-form-urlencoded

Response headers

access-control-allow-origin
*
date
Sat, 30 Dec 2023 12:12:51 GMT
server
Apache
content-length
0
content-type
text/html; charset=UTF-8
sodar
pagead2.googlesyndication.com/pagead/ Frame 1E41 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&t=2&li=gda_r20231207&jk=12572098771836&bg=!4uGl4a7NAAY3kmNgF5I7ADQBe5WfOLUx_mcSimENIFDktBQNMoliW7DsCkFuwRUrYbsh1GSNLlo1sq98UWvRi3xUyMrvAgAAADZSAAAAAmgBB5kDDy-d2u5Wdrj_cHSPYk5zG0S08FHGyXdze2-O07t0ASJnjlBKdjdHZi38rkihR_ZrDIPDbPbTLs8JsF4FSQx2weM765tjIPMTKBcbn1P3EOtCXrbYV4i-72yt2NCohKUDTYEUdRB1v3zm8LIsPkWnJ_rRWtVTAbVJtpGGGfRLl_ndvHWtnjjHbM2pKRlaoyNalKb7-j0dXKbDdlxGZx6J7nnCBf6RZzKN09jtSBXGbJLbFWPrimD5Ykmmst_CXFmc9FH_U7l6jukJarL00le3-RiB9aYkcx8pWlt-Op1rcYj1fmqC21oaFccFPQVurPBJWNcUwpoUsdIUGRDRv_5DHWEzBzmfVsVsi4qBZHAoLYq5rNdQn2L2TQDOHHMkIqawm4Y06R5p62ox5M6s2Ja2bU5MK63gnMHZHLuwrlwvxwb9QVrtDOJcK5nx2skxSsqWh5Jq99zk2TF_4HdPnC7r6fl989yVZSKrSx0CTXqRqMpHqsUH0QuQz4WXWm_r4WeC2m4Rs7L1O9kmdBdNgM6sZjlnXGdg7mDOFanQWKg3q_B-8T5CkjOYEaI4MdCiZl_XCVklmSCmkeRZ3JnqDN2tO48XX29aUZ7UhivYWaNHAGbchYxNOskUlyNyhjX1-GXoWTXD-P_RMhsTDvTsZGyEbQQrr-sRkuFOeIuOYxy9GdsMGFVKltDvH_-6vdPEpglTjy35fh7wJaph0c0vqy9j2dAdSu02Pd4di2igHZbD7jSjF4LyTRP_LbRE0ebzzOyU-St85_yGBM8rDkLR6QGnMpk5gWowHKxUMTeq4ZFF5CoK2GSbO1wiOBgP7-rdOVvKbnf0PxKqfq38x6K5XiZqWN8Q8x3Bv_qq4qFzsj-sVydh5Tzn1WV3H_BJbHjVPen62Ta9eoVuMg-1PJubcIBxn6cIZUYd5NyB_p1lsrAOFhKmQo5SYkUPcFpdFecbUbqUap6YiLYG7cflUM7nihwU3cN6Bdyx5TBzt5SHn2KRrnnwIlbTFPXMjO5rYkFugt8kE4STnt2LYaDbpms7z6xeIw
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
fr-FR,fr;q=0.9
Referer
http://www.malipmu.1s.fr/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

Verdicts & Comments Add Verdict or Comment

7 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| 0 object| 1 object| 2 object| google_reactive_ads_global_state object| google_ad_modifications number| google_global_correlator object| google_prev_clients

5 Cookies

Domain/Path Name / Value
payment.allopass.com/ Name: ShopSessionId
Value: 83058464-fac2-4fd9-bbe2-31295ca77b58
.allopass.com/ Name: AP_CUSK
Value: 3638703899
.doubleclick.net/ Name: test_cookie
Value: CheckForPermission
.1s.fr/ Name: __gads
Value: ID=ce9ceb48e7b9ac20:T=1703938369:RT=1703938369:S=ALNI_Mb-VzKr1CDq-ddlEa_B4_XlFIwjlg
.1s.fr/ Name: __gpi
Value: UID=00000d2ff8ff247c:T=1703938369:RT=1703938369:S=ALNI_MYGLQsPLRM3wI2KBAwwXYrmdWlaEw

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

gmu-apps.com
googleads.g.doubleclick.net
img.root-top.com
pagead2.googlesyndication.com
payment.allopass.com
static.gambling-affiliation.com
tpc.googlesyndication.com
www.gambling-affiliation.com
www.google.com
www.googletagmanager.com
www.malipmu.1s.fr
www.secretturf.com
www.toptierce.net
www.venez.fr
185.119.26.1
194.150.236.190
194.150.236.236
2606:4700:3038::6815:ea1a
2606:4700:3038::6815:ea1b
2a00:1450:4001:802::2002
2a00:1450:4001:80b::2002
2a00:1450:4001:80b::2004
2a00:1450:4001:80f::2008
2a00:1450:4001:829::2001
5.135.149.81
54.219.2.218
91.198.105.122
0c91a24c2deb753c963c48cd9c3e5d16ee96128b30bce193c4324e121728c306
0edb7ff8b4775b1a73c15d06b1c7edab503f0f5a30b2dbf1a139d65a1c18e0ec
10b425b4b37d35c1f5adbc27a1bb50d39367f606925610e8f81a000035d2a4a2
12fb28b0a4af568b54af47fb3259395ea3ac647472ebf7e5275c8e82531455d9
16393c3e769e20445f7f78adf6a188dae9d932249842c1033dc2144bac1296ac
1816069af86c24f0cc7eb81c78311efc0aba9aded5642284cf673bb1c7130e7e
188f9cc05f71edca7fb58204c7060eb768a5587139a19def1e35946a31333347
1befcb391da9cc1ca530a0050e43c1ea7058da0c171441156857ab143cd5a1a1
1db7af4f5fbf1169ce9b407b477a728c35f4b25c940ea4ddd19492b87f609fd6
1decf61f3465e4585a9a8cd868c343796bb6f43dfd1f03fa0b361dab97b4627c
1fc8dfdb8f646e934bf93bc6f793604bb12c6b304c04ac509aa86cdc1a2dbbea
3289fc83b622ca0a13683fa81b006a05de135d1938744d6e30e5c9be2f2d782a
3975eb898756e296608f964f0fe799ecf25bbf79467666a3c3218dad3db1de6e
49d4ba84e10d9d1f2a83956dde4f20625fd11efc01f60a3a4552a9e09a05a74f
4b7912eb5c02b7f4ca397f3b8101850573e2a795d25eaedd05201a1919b30861
503998162c193bf1f0c03612187fbe5c75cf3341938e1e7ceba19d2d5ac45065
54df4beda3ad05d5c621511ff15b2882588ff457e36132035d5f21fb29f2a750
55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a
597b8d67ab1ae1248dc69b6ef66b49d95eedc1ab74ae74234d86e3668d72e58e
5b0231eec0d06b77f534fe202e99a40e89685551d6f1afdebc3c581e3ea76a0b
5fce12e67cf3f60e476f1b7fe4503383b9139ac34e2f7f650663cbdd457ba26c
61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb
6bd0f191160f7d6f1c7fa73a759f1b1621d3975078de129e30fce2858a3cf1bc
7b56014ba0b9e872637cfb5c9c4cfe0e08c93767cbf73b922fdb586ebc89650d
7dc792d48132ff15a9ad8c11a139bf26f8e13aa3df30a71582ae406ddffdab4f
7ffb9e58d885b0eaf644c52103b65f0019590149c75e77ff18f826d9bb3fa4e9
8018ddb36e60f8a9fa22983e43e710957fc9ddc0e4582490a421a57326eac74a
8db08a66fc20669ae93e6d8e919f56a863ce77d3e1ea0bb97efc4c35da450435
8e34cdba9ac65b3b6dd470052f0eb3442bdf7f6953e30b72d35ce0ab40ad9f40
97a9de3830f4bd7bcb7cf4805dbdcf1f4c6e843fcd4a814c6a5d7bc2b11fee1a
a82d1b3a85473bad87120c7d6b42782c0b5132e88feab8d6bd22a65ac85f70d4
b74d93c2e43195ed06c03dcc855663cce5faec3d82a53598eb84f0714bb5ced9
b88598db6441341112078d3c81ea00ddf76e566ad9c68dcfec28a4d5100ca7b8
c0a130d7b90ac605b17acd40337aa673f2f6b1779801ba8ea7d894d38b87ba36
c1893b3f02db32e36ee562842bc299d27c047656416c204667abf42f04777d2a
c8370a2d050359e9d505acc411e6f457a49b21360a21e6cbc9229bad3a767899
cce78252542c52ca1be1ee90ee21bb2293e769b0720f1a47ec6f719aac256054
cdca24fd19906ad7adbf066e55d3ee87750c3901e9b5d1beb538408274d32109
cfb26875a82c67a46c7f1a7dc2eaac5ffa7816695660d5b291056b72896e5de1
d176bb09818fe74dc0e1d369c411c2e3ca68bbf64a8eb76b43ec306520229833
d19b1cb0d45af7c0d78100c0ca22687b2ecc7da93d21833f19d8bf591a245989
de421ad2eb9e68d7798320a44138c37baea59c11ddff99bc492e10be0ccbfe4c
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e612bd601b0098f708e7631a77393f16dd489ed11f32c1b155b76d8fa480a7ca
ecb916133a9376911f10bc5c659952eb0031e457f5df367cde560edbfba38fb8
f708cf84d69a0f2267eadcd97dd50bde07ae053d0604ae510161861a06fd70f7
f8e7cca5d725305e0a7c5932bc1e70a4e22abd39bbddcecd52ae3caaa531606b
faf063f091dd745b82f9aeb12544a10ef3ee5989078c1a90d377d863fff884c7