urlscan.io logo urlscan.io
SecurityTrails logo

www.starpmu.c4.fr Open in urlscan Pro
5.135.149.81  Public Scan

Go To Rescan Add Verdict Report
URL: http://www.starpmu.c4.fr/
Submission: On December 03 via manual from BF — Scanned from FR
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 16 IPs in 3 countries across 16 domains to perform 60 HTTP transactions. The main IP is 5.135.149.81, located in Le Chesnay, France and belongs to OVH, FR. The main domain is www.starpmu.c4.fr.
This is the only time www.starpmu.c4.fr was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

10    5.135.149.81 (Le Chesnay, France)

ASN16276 (OVH, FR)
PTR: web3.venez.net
www.starpmu.c4.fr
www.venez.fr
9    194.150.236.190 (France)

ASN44976 (HIWIT_AS, FR)
PTR: ns30.hiwit.net
www.bahturf6.ouba.com
www.secretturf.com
6    2a00:1450:4001:80e::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
pagead2.googlesyndication.com
1    194.150.236.236 (France)

ASN44976 (HIWIT_AS, FR)
PTR: ns76.hiwit.net
www.toptierce.net
2    2606:4700:3038::6815:ea1a (United States)

ASN13335 (CLOUDFLARENET, US)
img.root-top.com
2    2606:4700:3038::6815:ea1b (United States)

ASN13335 (CLOUDFLARENET, US)
img.root-top.com
2    91.198.105.123 (France)

ASN35393 (EURO-WEB-AS, FR)
www.gambling-affiliation.com
static.gambling-affiliation.com
18    185.119.26.1 (France)

ASN203544 (WEBDEVIIN-AS, FR)
PTR: 1.26.119.185.in-addr.arpa
payment.allopass.com
2    2a00:1450:4001:82f::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
googleads.g.doubleclick.net
1    2a00:1450:4001:810::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
partner.googleadservices.com
1    2a00:1450:4001:813::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
adservice.google.fr
1    2a00:1450:4001:830::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
adservice.google.com
2    54.219.162.239 (San Jose, United States)

ASN16509 (AMAZON-02, US)
PTR: ec2-54-219-162-239.us-west-1.compute.amazonaws.com
gmu-apps.com
1    2a00:1450:4001:828::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.googletagmanager.com
3    2a00:1450:4001:80f::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
tpc.googlesyndication.com
1    2a00:1450:4001:811::2004 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.google.com
1    2a00:1450:4001:803::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.google-analytics.com
Apex Domain
Subdomains		 Transfer
18 allopass.com
payment.allopass.com
207 KB
9 googlesyndication.com
pagead2.googlesyndication.com — Cisco Umbrella Rank: 101
tpc.googlesyndication.com — Cisco Umbrella Rank: 139
206 KB
7 venez.fr
www.venez.fr
9 KB
7 ouba.com
www.bahturf6.ouba.com
1 MB
4 root-top.com
img.root-top.com
10 KB
3 c4.fr
www.starpmu.c4.fr
3 KB
2 gmu-apps.com
gmu-apps.com
6 KB
2 google.com
adservice.google.com — Cisco Umbrella Rank: 70
www.google.com — Cisco Umbrella Rank: 2
2 KB
2 doubleclick.net
googleads.g.doubleclick.net — Cisco Umbrella Rank: 33
5 KB
2 gambling-affiliation.com
www.gambling-affiliation.com
static.gambling-affiliation.com
39 KB
2 secretturf.com
www.secretturf.com
63 KB
1 google-analytics.com
www.google-analytics.com — Cisco Umbrella Rank: 27
20 KB
1 googletagmanager.com
www.googletagmanager.com — Cisco Umbrella Rank: 48
45 KB
1 google.fr
adservice.google.fr — Cisco Umbrella Rank: 24221
792 B
1 googleadservices.com
partner.googleadservices.com — Cisco Umbrella Rank: 859
692 B
1 toptierce.net
www.toptierce.net
13 KB
60 16
Domain Requested by
18 payment.allopass.com www.bahturf6.ouba.com
payment.allopass.com
7 www.venez.fr www.starpmu.c4.fr
www.venez.fr
7 www.bahturf6.ouba.com www.starpmu.c4.fr
www.bahturf6.ouba.com
6 pagead2.googlesyndication.com www.starpmu.c4.fr
pagead2.googlesyndication.com
tpc.googlesyndication.com
4 img.root-top.com 2 redirects www.bahturf6.ouba.com
3 tpc.googlesyndication.com pagead2.googlesyndication.com
tpc.googlesyndication.com
www.starpmu.c4.fr
3 www.starpmu.c4.fr www.starpmu.c4.fr
2 gmu-apps.com payment.allopass.com
www.starpmu.c4.fr
2 googleads.g.doubleclick.net pagead2.googlesyndication.com
2 www.secretturf.com 1 redirects www.bahturf6.ouba.com
1 www.google-analytics.com www.googletagmanager.com
1 www.google.com tpc.googlesyndication.com
1 www.googletagmanager.com payment.allopass.com
1 adservice.google.com pagead2.googlesyndication.com
1 adservice.google.fr pagead2.googlesyndication.com
1 partner.googleadservices.com pagead2.googlesyndication.com
1 static.gambling-affiliation.com www.bahturf6.ouba.com
1 www.gambling-affiliation.com www.bahturf6.ouba.com
1 www.toptierce.net www.bahturf6.ouba.com
60 19

This site contains no links.

Subject Issuer Validity Valid
venez.fr
R3		 2022-11-19 -
2023-02-17		 3 months crt.sh
www.gambling-affiliation.com
Gandi Standard SSL CA 2		 2022-10-28 -
2023-10-28		 a year crt.sh
static.gambling-affiliation.com
Gandi Standard SSL CA 2		 2022-08-22 -
2023-08-22		 a year crt.sh
*.allopass.com
Sectigo RSA Domain Validation Secure Server CA		 2022-10-07 -
2023-10-07		 a year crt.sh
*.g.doubleclick.net
GTS CA 1C3		 2022-11-02 -
2023-01-25		 3 months crt.sh
*.googleadservices.com
GTS CA 1C3		 2022-11-02 -
2023-01-25		 3 months crt.sh
*.google.fr
GTS CA 1C3		 2022-11-02 -
2023-01-25		 3 months crt.sh
*.google.com
GTS CA 1C3		 2022-11-02 -
2023-01-25		 3 months crt.sh
gmu-apps.com
Amazon		 2022-01-31 -
2023-03-01		 a year crt.sh
*.google-analytics.com
GTS CA 1C3		 2022-11-02 -
2023-01-25		 3 months crt.sh
tpc.googlesyndication.com
GTS CA 1C3		 2022-11-02 -
2023-01-25		 3 months crt.sh
www.google.com
GTS CA 1C3		 2022-11-02 -
2023-01-25		 3 months crt.sh

This page contains 10 frames:

Primary Page: http://www.starpmu.c4.fr/
Frame ID: 0DB8FB73CD3F443CBB3048340A3847C6
Requests: 1 HTTP requests in this frame

Frame: http://www.starpmu.c4.fr/barre-starpmu.c4.fr.html
Frame ID: 57B2B722C3CF506A52B227FEAD5D46F7
Requests: 12 HTTP requests in this frame

Frame: http://www.bahturf6.ouba.com/starpmu/
Frame ID: 604FBA5C57497DB94C470688EF091F94
Requests: 13 HTTP requests in this frame

Frame: http://www.starpmu.c4.fr/stats-starpmu.c4.fr.html
Frame ID: 9F7A9DFC8DDA469323D47FFD2563CF99
Requests: 1 HTTP requests in this frame

Frame: https://www.venez.fr/alternate-barre.htm
Frame ID: 1F8E6515B5CA7A7F32A88FAAEB176CE2
Requests: 4 HTTP requests in this frame

Frame: https://payment.allopass.com/buy/buy.apu?ids=350564&idd=1532815
Frame ID: C82B41864F0A239BCDEEF4455000D3A2
Requests: 22 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/html/r20221110/r20190131/zrt_lookup.html
Frame ID: 49DF459BB8B3A59FDE2D80F0CE035C4E
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5203714787387788&output=html&h=90&slotname=4563536207&adk=2647235303&adf=3604715433&pi=t.ma~as.4563536207&w=970&format=970x90&url=http%3A%2F%2Fwww.starpmu.c4.fr%2F&ea=0&wgl=1&dt=1670069242760&bpp=4&bdt=419&idt=259&shv=r20221110&mjsv=m202211150101&ptt=9&saldr=aa&correlator=1672415310043&frm=23&ife=1&pv=2&ga_vid=842712976.1670069243&ga_sid=1670069243&ga_hid=1431496699&ga_fc=0&nhd=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&adx=20&ady=0&biw=1600&bih=1200&isw=1600&ish=90&ifk=4057606834&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C44777877%2C42531705%2C44774292&oid=2&pvsid=1913604240282529&tmod=96387480&uas=0&nvt=1&eae=2&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C90&vis=1&rsz=o%7Co%7CaeE%7C&abl=NA&pfx=0&fu=4&bc=23&ifi=1&uci=1.9b19wgd5ftqy&fsb=1&dtd=284
Frame ID: 3A7E4F2CD3EA546CE1CD78A1FBDA7910
Requests: 1 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Frame ID: F922D0E49A36B9C3A1504D5F4E7B3BED
Requests: 3 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/aframe
Frame ID: A337819AB2367F410EF7A8B652ECB381
Requests: 2 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page Title

STAR PMU

Detected technologies

Overall confidence: 100%
Detected patterns
  • fingerprint(\d)?(?:\.min)?\.js
Overall confidence: 100%
Detected patterns
  • googlesyndication\.com/
Overall confidence: 100%
Detected patterns
  • google-analytics\.com/(?:ga|urchin|analytics)\.js
Overall confidence: 100%
Detected patterns
  • googletagmanager\.com/gtm\.js
Overall confidence: 100%
Detected patterns
  • jquery[.-]([\d.]*\d)[^/]*\.js
  • jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

Page Statistics

60
Requests

75 %
HTTPS

65 %
IPv6

16
Domains

19
Subdomains

16
IPs

3
Countries

2001 kB
Transfer

2790 kB
Size

5
Cookies

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 7
  • http://www.secretturf.com/img/logo.gif HTTP 301
  • https://www.secretturf.com/img/logo.gif
Request Chain 9
  • http://img.root-top.com/topsite/simplejeux/banner.gif HTTP 301
  • https://img.root-top.com/topsite/simplejeux/banner.gif
Request Chain 10
  • http://img.root-top.com/topsite/toptierce/banner.gif HTTP 301
  • https://img.root-top.com/topsite/toptierce/banner.gif

60 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Primary Request /
www.starpmu.c4.fr/ 		3 KB
1 KB 		Document
General
Check archive.org
Download Go to
Full URL
http://www.starpmu.c4.fr/
Protocol
HTTP/1.1
Server
5.135.149.81 Le Chesnay, France, ASN16276 (OVH, FR),
Reverse DNS
web3.venez.net
Software
Apache /
Resource Hash
fec867ff0a1f6c573a08edcd7d855ad4bfaf3e28627f3c8fd961f92ff8784277

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.71 Safari/537.36
accept-language
fr-FR,fr;q=0.9

Response headers

Connection
Keep-Alive
Content-Encoding
gzip
Content-Length
1077
Content-Type
text/html; charset=iso-8859-1
Date
Sat, 03 Dec 2022 12:07:21 GMT
Keep-Alive
timeout=5, max=100
Server
Apache
Vary
Accept-Encoding
barre-starpmu.c4.fr.html
www.starpmu.c4.fr/ Frame 57B2 		3 KB
2 KB 		Document
General
Check archive.org
Download Go to
Full URL
http://www.starpmu.c4.fr/barre-starpmu.c4.fr.html
Requested by
Host: www.starpmu.c4.fr
URL: http://www.starpmu.c4.fr/
Protocol
HTTP/1.1
Server
5.135.149.81 Le Chesnay, France, ASN16276 (OVH, FR),
Reverse DNS
web3.venez.net
Software
Apache /
Resource Hash
d9972d7317223d913045a29b609ba7349cbaea036b07659417e7ad0a75dac17c

Request headers

Referer
http://www.starpmu.c4.fr/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.71 Safari/537.36
accept-language
fr-FR,fr;q=0.9

Response headers

Cache-Control
no-store, no-cache, must-revalidate post-check=0, pre-check=0
Connection
Keep-Alive
Content-Encoding
gzip
Content-Length
1493
Content-Type
text/html; charset=ISO-8859-1
Date
Sat, 03 Dec 2022 12:07:21 GMT
Expires
Sat, 03 Dec 2022 12:07:21 GMT
Keep-Alive
timeout=5, max=99
Last-Modified
Sat, 03 Dec 2022 12:07:21 GMT
Pragma
no-cache
Server
Apache
Vary
Accept-Encoding
/
www.bahturf6.ouba.com/starpmu/ Frame 604F 		7 KB
8 KB 		Document
General
Check archive.org
Download Go to
Full URL
http://www.bahturf6.ouba.com/starpmu/
Requested by
Host: www.starpmu.c4.fr
URL: http://www.starpmu.c4.fr/
Protocol
HTTP/1.1
Server
194.150.236.190 , France, ASN44976 (HIWIT_AS, FR),
Reverse DNS
ns30.hiwit.net
Software
Apache /
Resource Hash
d433ef87264b183e0af0f4ba28c5b07f2dbc392d278852429a337caeb104768e

Request headers

Referer
http://www.starpmu.c4.fr/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.71 Safari/537.36
accept-language
fr-FR,fr;q=0.9

Response headers

Connection
Keep-Alive
Content-Type
text/html
Date
Sat, 03 Dec 2022 12:07:22 GMT
Keep-Alive
timeout=10, max=100
Server
Apache
Transfer-Encoding
chunked
Vary
Host
stats-starpmu.c4.fr.html
www.starpmu.c4.fr/ Frame 9F7A 		0
192 B 		Document
General
Check archive.org
Download Go to
Full URL
http://www.starpmu.c4.fr/stats-starpmu.c4.fr.html
Requested by
Host: www.starpmu.c4.fr
URL: http://www.starpmu.c4.fr/
Protocol
HTTP/1.1
Server
5.135.149.81 Le Chesnay, France, ASN16276 (OVH, FR),
Reverse DNS
web3.venez.net
Software
Apache /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
http://www.starpmu.c4.fr/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.71 Safari/537.36
accept-language
fr-FR,fr;q=0.9

Response headers

Connection
Keep-Alive
Content-Length
0
Content-Type
text/html; charset=iso-8859-1
Date
Sat, 03 Dec 2022 12:07:21 GMT
Keep-Alive
timeout=5, max=100
Server
Apache
site.js
www.venez.fr/js/ Frame 57B2 		2 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.venez.fr/js/site.js?www.venez.fr
Requested by
Host: www.starpmu.c4.fr
URL: http://www.starpmu.c4.fr/barre-starpmu.c4.fr.html
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
5.135.149.81 Le Chesnay, France, ASN16276 (OVH, FR),
Reverse DNS
web3.venez.net
Software
Apache /
Resource Hash
0c91a24c2deb753c963c48cd9c3e5d16ee96128b30bce193c4324e121728c306

Request headers

accept-language
fr-FR,fr;q=0.9
Referer
http://www.starpmu.c4.fr/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.71 Safari/537.36

Response headers

Date
Sat, 03 Dec 2022 12:07:22 GMT
Content-Encoding
gzip
Last-Modified
Sat, 03 Dec 2022 12:07:22 GMT
Server
Apache
Vary
Accept-Encoding
Content-Type
application/javascript
Cache-Control
public, max-age=604800
Connection
Keep-Alive
Keep-Alive
timeout=5, max=100
Content-Length
1023
Expires
Sat, 10 Dec 2022 12:07:22 GMT
separateur90.gif
www.venez.fr/images/ Frame 57B2 		82 B
388 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.venez.fr/images/separateur90.gif
Requested by
Host: www.starpmu.c4.fr
URL: http://www.starpmu.c4.fr/barre-starpmu.c4.fr.html
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
5.135.149.81 Le Chesnay, France, ASN16276 (OVH, FR),
Reverse DNS
web3.venez.net
Software
Apache /
Resource Hash
3289fc83b622ca0a13683fa81b006a05de135d1938744d6e30e5c9be2f2d782a

Request headers

accept-language
fr-FR,fr;q=0.9
Referer
http://www.starpmu.c4.fr/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.71 Safari/537.36

Response headers

Date
Sat, 03 Dec 2022 12:07:22 GMT
Last-Modified
Thu, 15 Nov 2018 22:11:22 GMT
Server
Apache
ETag
"52-57abb54b25680"
Content-Type
image/gif
Cache-Control
max-age=604800, public
Connection
Keep-Alive
Accept-Ranges
bytes
Keep-Alive
timeout=5, max=100
Content-Length
82
adsbygoogle.js
pagead2.googlesyndication.com/pagead/js/ Frame 57B2 		142 KB
51 KB 		Script
General
Check archive.org
Download Go to
Full URL
http://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js
Requested by
Host: www.starpmu.c4.fr
URL: http://www.starpmu.c4.fr/barre-starpmu.c4.fr.html
Protocol
HTTP/1.1
Server
2a00:1450:4001:80e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
28dbfd4926602dc0e40dcb3b5d6b3ad7ea9cc51ab91eddc1d97d3cf9dd0cef36
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
fr-FR,fr;q=0.9
Referer
http://www.starpmu.c4.fr/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.71 Safari/537.36

Response headers

Date
Sat, 03 Dec 2022 12:07:22 GMT
Content-Encoding
gzip
X-Content-Type-Options
nosniff
P3P
policyref="http://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
Cross-Origin-Resource-Policy
cross-origin
Content-Disposition
attachment; filename="f.txt"
Content-Length
51580
X-XSS-Protection
0
Server
cafe
ETag
14237153953917487183
Vary
Accept-Encoding
Content-Type
text/javascript; charset=UTF-8
Access-Control-Allow-Origin
*
Cache-Control
private, max-age=3600
Timing-Allow-Origin
*
Expires
Sat, 03 Dec 2022 12:07:22 GMT
header.jpg
www.bahturf6.ouba.com/starpmu/ Frame 604F 		100 KB
100 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
http://www.bahturf6.ouba.com/starpmu/header.jpg
Requested by
Host: www.bahturf6.ouba.com
URL: http://www.bahturf6.ouba.com/starpmu/
Protocol
HTTP/1.1
Server
194.150.236.190 , France, ASN44976 (HIWIT_AS, FR),
Reverse DNS
ns30.hiwit.net
Software
Apache /
Resource Hash
0d3c8911d20a475daa04eb642ec462f122183fca7486d36124ae01c1571c326f

Request headers

accept-language
fr-FR,fr;q=0.9
Referer
http://www.bahturf6.ouba.com/starpmu/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.71 Safari/537.36

Response headers

Date
Sat, 03 Dec 2022 12:07:22 GMT
Last-Modified
Sat, 21 Apr 2018 06:51:53 GMT
Server
Apache
ETag
"95050f-19075-56a563d603440"
Vary
Host
Content-Type
image/jpeg
Connection
Keep-Alive
Accept-Ranges
bytes
Keep-Alive
timeout=10, max=99
Content-Length
102517
logo.gif
www.secretturf.com/img/ Frame 604F
Redirect Chain
  • http://www.secretturf.com/img/logo.gif
  • https://www.secretturf.com/img/logo.gif
62 KB
63 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.secretturf.com/img/logo.gif
Requested by
Host: www.bahturf6.ouba.com
URL: http://www.bahturf6.ouba.com/starpmu/
Protocol
HTTP/1.1
Server
194.150.236.190 , France, ASN44976 (HIWIT_AS, FR),
Reverse DNS
ns30.hiwit.net
Software
Apache /
Resource Hash
cce78252542c52ca1be1ee90ee21bb2293e769b0720f1a47ec6f719aac256054
Security Headers
Name Value
Strict-Transport-Security max-age=15768000

Request headers

accept-language
fr-FR,fr;q=0.9
Referer
http://www.bahturf6.ouba.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.71 Safari/537.36

Response headers

Date
Sat, 03 Dec 2022 12:07:22 GMT
Strict-Transport-Security
max-age=15768000
Last-Modified
Thu, 07 Dec 2017 14:35:05 GMT
Server
Apache
ETag
"7adf6f-f93c-55fc0f954d840"
Vary
Host
Content-Type
image/gif
Connection
Keep-Alive
Accept-Ranges
bytes
Keep-Alive
timeout=10, max=100
Content-Length
63804

Redirect headers

Location
https://www.secretturf.com/img/logo.gif
Date
Sat, 03 Dec 2022 12:07:22 GMT
Server
Apache
Connection
Keep-Alive
Keep-Alive
timeout=10, max=100
Content-Length
247
Content-Type
text/html; charset=iso-8859-1
logo.gif
www.toptierce.net/img/ Frame 604F 		12 KB
13 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
http://www.toptierce.net/img/logo.gif
Requested by
Host: www.bahturf6.ouba.com
URL: http://www.bahturf6.ouba.com/starpmu/
Protocol
HTTP/1.1
Server
194.150.236.236 , France, ASN44976 (HIWIT_AS, FR),
Reverse DNS
ns76.hiwit.net
Software
Apache /
Resource Hash
8e34cdba9ac65b3b6dd470052f0eb3442bdf7f6953e30b72d35ce0ab40ad9f40

Request headers

accept-language
fr-FR,fr;q=0.9
Referer
http://www.bahturf6.ouba.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.71 Safari/537.36

Response headers

Date
Sat, 03 Dec 2022 12:07:22 GMT
Last-Modified
Thu, 21 Oct 2021 13:34:50 GMT
Server
Apache
ETag
"2606a6d-316e-5cedcf5789280"
Vary
Host
Content-Type
image/gif
Connection
Keep-Alive
Accept-Ranges
bytes
Keep-Alive
timeout=15, max=100
Content-Length
12654
banner.gif
img.root-top.com/topsite/simplejeux/ Frame 604F
Redirect Chain
  • http://img.root-top.com/topsite/simplejeux/banner.gif
  • https://img.root-top.com/topsite/simplejeux/banner.gif
4 KB
4 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://img.root-top.com/topsite/simplejeux/banner.gif
Requested by
Host: www.bahturf6.ouba.com
URL: http://www.bahturf6.ouba.com/starpmu/
Protocol
H2
Server
2606:4700:3038::6815:ea1b , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
c89138fe4d60f677872fa14679dd7d6807b9f614bd62beb3ffc112f082442b8d

Request headers

accept-language
fr-FR,fr;q=0.9
Referer
http://www.bahturf6.ouba.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.71 Safari/537.36

Response headers

date
Sat, 03 Dec 2022 12:07:22 GMT
cf-cache-status
HIT
last-modified
Wed, 14 Sep 2011 18:49:04 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
age
872070
etag
"3909270785"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=%2B7yYjDQpxabizAnOKGQXGN3TVX9Q4sGwScOdhHXWfhaeKKxJoLIbjem9VDX0IXiBEVMBxP16ZXX0pYiXRVHqRLZRrDtRhYICd5DrElS1H65ZlrIacGNpjNC%2FvwcaLZYWtioxxhI6HWZpolZmy8g3"}],"group":"cf-nel","max_age":604800}
content-type
image/png
cache-control
max-age=2678400
accept-ranges
bytes
cf-ray
773c2e7daf45d702-CDG
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
3872

Redirect headers

Date
Sat, 03 Dec 2022 12:07:22 GMT
CF-Cache-Status
HIT
NEL
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Server
cloudflare
Age
48
Vary
Accept-Encoding
Report-To
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=2I%2Fp5hKhWoHebThAXk%2BcVbwvgXSLBz2XnkrzPEn63wh1YFz%2BKlF9HCloEaUaRuhW1EFEkCR2QNfm85PS%2BkL89pvRlRvM77saIdmh8%2B2AYTKKiJWLMdzS3kIhKJBgM%2BEi3Hhda3KGwmMZYU9Adhp0"}],"group":"cf-nel","max_age":604800}
Location
https://img.root-top.com/topsite/simplejeux/banner.gif
Cache-Control
max-age=14400
Connection
keep-alive
CF-RAY
773c2e7d0e53f138-CDG
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
Content-Length
0
banner.gif
img.root-top.com/topsite/toptierce/ Frame 604F
Redirect Chain
  • http://img.root-top.com/topsite/toptierce/banner.gif
  • https://img.root-top.com/topsite/toptierce/banner.gif
4 KB
4 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://img.root-top.com/topsite/toptierce/banner.gif
Requested by
Host: www.bahturf6.ouba.com
URL: http://www.bahturf6.ouba.com/starpmu/
Protocol
H2
Server
2606:4700:3038::6815:ea1b , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
c89138fe4d60f677872fa14679dd7d6807b9f614bd62beb3ffc112f082442b8d

Request headers

accept-language
fr-FR,fr;q=0.9
Referer
http://www.bahturf6.ouba.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.71 Safari/537.36

Response headers

date
Sat, 03 Dec 2022 12:07:22 GMT
cf-cache-status
HIT
last-modified
Wed, 14 Sep 2011 18:49:04 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
age
872068
etag
"3909270785"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=1IDr3BzqwZ4q5lMwQ%2FO2ux5J4C8liPEdliS9yhjt%2B96zQD1srardE51%2FRcRVZZ%2FjKd%2B5A9FvuEiDzDCCJuHIZqk2IaLmTnDMARhg5g4eKnY0Fc%2Fe3qUHyKA%2FR7NdMRQyN05Nx%2B3oi6h4EhOzs305"}],"group":"cf-nel","max_age":604800}
content-type
image/png
cache-control
max-age=2678400
accept-ranges
bytes
cf-ray
773c2e7ddf85d702-CDG
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
3872

Redirect headers

Date
Sat, 03 Dec 2022 12:07:22 GMT
CF-Cache-Status
EXPIRED
NEL
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Server
cloudflare
Vary
Accept-Encoding
Report-To
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=a%2BZ85blnSElE3F5%2BUtAeWWRvVJ6SAkylEgH%2FF1Fotr5LNX40UNf5gwK0Xth14SrbEQFWnLpvNl%2BLf6fpMIhJgYjK8e2ZSoDTUnXniBl4y%2Bs97AkuaCjAR0Zs75%2FeIFXUgR0gIXxVocCoirLo2PFv"}],"group":"cf-nel","max_age":604800}
Location
https://img.root-top.com/topsite/toptierce/banner.gif
Cache-Control
max-age=14400
Connection
keep-alive
CF-RAY
773c2e7d0e79d3bf-CDG
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
Content-Length
0
horse.png
www.bahturf6.ouba.com/starpmu/ Frame 604F 		448 KB
449 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
http://www.bahturf6.ouba.com/starpmu/horse.png
Requested by
Host: www.bahturf6.ouba.com
URL: http://www.bahturf6.ouba.com/starpmu/
Protocol
HTTP/1.1
Server
194.150.236.190 , France, ASN44976 (HIWIT_AS, FR),
Reverse DNS
ns30.hiwit.net
Software
Apache /
Resource Hash
2fa10f945b54a8c3dae51ec8575fced805d5fa75c8eaab5055368c69f5929470

Request headers

accept-language
fr-FR,fr;q=0.9
Referer
http://www.bahturf6.ouba.com/starpmu/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.71 Safari/537.36

Response headers

Date
Sat, 03 Dec 2022 12:07:22 GMT
Last-Modified
Sat, 21 Apr 2018 06:52:11 GMT
Server
Apache
ETag
"950538-7016b-56a563e72dcc0"
Vary
Host
Content-Type
image/png
Connection
Keep-Alive
Accept-Ranges
bytes
Keep-Alive
timeout=10, max=100
Content-Length
459115
v=8eq9OIhDHA6MioAnHZ68VKUQHY1TqSNMeHiDcHd7.wk_GA7331V2
www.gambling-affiliation.com/cpm/ Frame 604F 		339 B
540 B 		Script
General
Check archive.org
Download Go to
Full URL
https://www.gambling-affiliation.com/cpm/v=8eq9OIhDHA6MioAnHZ68VKUQHY1TqSNMeHiDcHd7.wk_GA7331V2
Requested by
Host: www.bahturf6.ouba.com
URL: http://www.bahturf6.ouba.com/starpmu/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
91.198.105.123 , France, ASN35393 (EURO-WEB-AS, FR),
Reverse DNS
Software
Apache/2.4.39 (Unix) PHP/5.6.40 / PHP/5.6.40
Resource Hash
e73f35a2695c25afc6c840e30e75ef33b86739b67779f54d8a965897f84105bb

Request headers

accept-language
fr-FR,fr;q=0.9
Referer
http://www.bahturf6.ouba.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.71 Safari/537.36

Response headers

Date
Sat, 03 Dec 2022 12:07:22 GMT
Server
Apache/2.4.39 (Unix) PHP/5.6.40
Connection
close
X-Powered-By
PHP/5.6.40
Content-Length
339
Content-Type
application/javascript
pre.png
www.bahturf6.ouba.com/starpmu/ Frame 604F 		385 KB
385 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
http://www.bahturf6.ouba.com/starpmu/pre.png
Requested by
Host: www.bahturf6.ouba.com
URL: http://www.bahturf6.ouba.com/starpmu/
Protocol
HTTP/1.1
Server
194.150.236.190 , France, ASN44976 (HIWIT_AS, FR),
Reverse DNS
ns30.hiwit.net
Software
Apache /
Resource Hash
90f144baa8f0ae01bc1c80eb55b4d64aa857abdf5f557337a554dd08709b8403

Request headers

accept-language
fr-FR,fr;q=0.9
Referer
http://www.bahturf6.ouba.com/starpmu/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.71 Safari/537.36

Response headers

Date
Sat, 03 Dec 2022 12:07:22 GMT
Last-Modified
Sat, 21 Apr 2018 06:52:19 GMT
Server
Apache
ETag
"950545-604a2-56a563eeceec0"
Vary
Host
Content-Type
image/png
Connection
Keep-Alive
Accept-Ranges
bytes
Keep-Alive
timeout=10, max=100
Content-Length
394402
course.jpg
www.bahturf6.ouba.com/starpmu/ Frame 604F 		61 KB
62 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
http://www.bahturf6.ouba.com/starpmu/course.jpg
Requested by
Host: www.bahturf6.ouba.com
URL: http://www.bahturf6.ouba.com/starpmu/
Protocol
HTTP/1.1
Server
194.150.236.190 , France, ASN44976 (HIWIT_AS, FR),
Reverse DNS
ns30.hiwit.net
Software
Apache /
Resource Hash
39a1c19b12bc248b1003ac59120a5a37ba588402cda89e276228838dc56b90d9

Request headers

accept-language
fr-FR,fr;q=0.9
Referer
http://www.bahturf6.ouba.com/starpmu/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.71 Safari/537.36

Response headers

Date
Sat, 03 Dec 2022 12:07:22 GMT
Last-Modified
Sat, 21 Apr 2018 06:51:50 GMT
Server
Apache
ETag
"950500-f5e3-56a563d326d80"
Vary
Host
Content-Type
image/jpeg
Connection
Keep-Alive
Accept-Ranges
bytes
Keep-Alive
timeout=10, max=100
Content-Length
62947
bg.jpg
www.bahturf6.ouba.com/starpmu/ Frame 604F 		297 KB
297 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
http://www.bahturf6.ouba.com/starpmu/bg.jpg
Requested by
Host: www.bahturf6.ouba.com
URL: http://www.bahturf6.ouba.com/starpmu/
Protocol
HTTP/1.1
Server
194.150.236.190 , France, ASN44976 (HIWIT_AS, FR),
Reverse DNS
ns30.hiwit.net
Software
Apache /
Resource Hash
7ad0dbecc2a742c5f3a5c5fa4fc5f7ca9cdcbeb21f67c7fc29fbe30f95415b58

Request headers

accept-language
fr-FR,fr;q=0.9
Referer
http://www.bahturf6.ouba.com/starpmu/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.71 Safari/537.36

Response headers

Date
Sat, 03 Dec 2022 12:07:22 GMT
Last-Modified
Sat, 21 Apr 2018 06:51:48 GMT
Server
Apache
ETag
"9504fe-4a43c-56a563d13e900"
Vary
Host
Content-Type
image/jpeg
Connection
Keep-Alive
Accept-Ranges
bytes
Keep-Alive
timeout=10, max=100
Content-Length
304188
alternate-barre.htm
www.venez.fr/ Frame 1F8E 		2 KB
1 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://www.venez.fr/alternate-barre.htm
Requested by
Host: www.starpmu.c4.fr
URL: http://www.starpmu.c4.fr/barre-starpmu.c4.fr.html
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
5.135.149.81 Le Chesnay, France, ASN16276 (OVH, FR),
Reverse DNS
web3.venez.net
Software
Apache /
Resource Hash
214bc07440bbb5df34e99867c2070112f9bb5243528e0cde6429345083c6cd7a

Request headers

Referer
http://www.starpmu.c4.fr/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.71 Safari/537.36
accept-language
fr-FR,fr;q=0.9

Response headers

Connection
Keep-Alive
Content-Encoding
gzip
Content-Length
873
Content-Type
text/html; charset=iso-8859-1
Date
Sat, 03 Dec 2022 12:07:22 GMT
Keep-Alive
timeout=5, max=98
Server
Apache
Vary
Accept-Encoding
barre90.gif
www.venez.fr/images/ Frame 57B2 		110 B
416 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.venez.fr/images/barre90.gif
Requested by
Host: www.starpmu.c4.fr
URL: http://www.starpmu.c4.fr/barre-starpmu.c4.fr.html
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
5.135.149.81 Le Chesnay, France, ASN16276 (OVH, FR),
Reverse DNS
web3.venez.net
Software
Apache /
Resource Hash
49d4ba84e10d9d1f2a83956dde4f20625fd11efc01f60a3a4552a9e09a05a74f

Request headers

accept-language
fr-FR,fr;q=0.9
Referer
http://www.starpmu.c4.fr/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.71 Safari/537.36

Response headers

Date
Sat, 03 Dec 2022 12:07:22 GMT
Last-Modified
Thu, 15 Nov 2018 22:06:23 GMT
Server
Apache
ETag
"6e-57abb42dff5c0"
Content-Type
image/gif
Cache-Control
max-age=604800, public
Connection
Keep-Alive
Accept-Ranges
bytes
Keep-Alive
timeout=5, max=99
Content-Length
110
55045.jpg
static.gambling-affiliation.com/uploads/ads/ Frame 604F 		38 KB
39 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static.gambling-affiliation.com/uploads/ads/55045.jpg
Requested by
Host: www.bahturf6.ouba.com
URL: http://www.bahturf6.ouba.com/starpmu/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
91.198.105.123 , France, ASN35393 (EURO-WEB-AS, FR),
Reverse DNS
Software
nginx/1.15.5 /
Resource Hash
3b0652ce330355d9152e4477bdd7b727ba3664a8991c140dbfd505f9e346d123

Request headers

accept-language
fr-FR,fr;q=0.9
Referer
http://www.bahturf6.ouba.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.71 Safari/537.36

Response headers

Date
Sat, 03 Dec 2022 12:07:22 GMT
Last-Modified
Wed, 17 Jun 2020 10:13:56 GMT
Server
nginx/1.15.5
ETag
"5ee9ece4-99b3"
Content-Type
image/jpeg
Connection
close
Accept-Ranges
bytes
Content-Length
39347
buy.apu
payment.allopass.com/buy/ Frame C82B 		9 KB
4 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://payment.allopass.com/buy/buy.apu?ids=350564&idd=1532815
Requested by
Host: www.bahturf6.ouba.com
URL: http://www.bahturf6.ouba.com/starpmu/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
185.119.26.1 , France, ASN203544 (WEBDEVIIN-AS, FR),
Reverse DNS
1.26.119.185.in-addr.arpa
Software
Apache /
Resource Hash
e7c3feb96cf54dbf0ea4ddce66d8c44f78d9706d2d4ff6404e4ba6984cfbab9e

Request headers

Referer
http://www.bahturf6.ouba.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.71 Safari/537.36
accept-language
fr-FR,fr;q=0.9

Response headers

Access-Control-Allow-Origin
*
Cache-Control
no-store, no-cache, must-revalidate, post-check=0, pre-check=0
Connection
close
Content-Encoding
gzip
Content-Length
3122
Content-Type
text/html; charset=UTF-8
Date
Sat, 03 Dec 2022 12:07:22 GMT
Expires
Thu, 19 Nov 1981 08:52:00 GMT
P3P
CP='NON NID OTPa OUR NOR' policy-ref='http://payment.allopass.com/info/p3p/policy-references.xml'
Pragma
no-cache
Server
Apache
Vary
Accept-Encoding
date.png
www.bahturf6.ouba.com/starpmu/ Frame 604F 		72 KB
72 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
http://www.bahturf6.ouba.com/starpmu/date.png
Requested by
Host: www.bahturf6.ouba.com
URL: http://www.bahturf6.ouba.com/starpmu/
Protocol
HTTP/1.1
Server
194.150.236.190 , France, ASN44976 (HIWIT_AS, FR),
Reverse DNS
ns30.hiwit.net
Software
Apache /
Resource Hash
fb2b3c4042f738369784fcce38f29786cb8eda07ce8693bf7f6e275e4de0ddee

Request headers

accept-language
fr-FR,fr;q=0.9
Referer
http://www.bahturf6.ouba.com/starpmu/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.71 Safari/537.36

Response headers

Date
Sat, 03 Dec 2022 12:07:22 GMT
Last-Modified
Sat, 21 Apr 2018 06:51:51 GMT
Server
Apache
ETag
"95050d-120a0-56a563d41afc0"
Vary
Host
Content-Type
image/png
Connection
Keep-Alive
Accept-Ranges
bytes
Keep-Alive
timeout=10, max=99
Content-Length
73888
show_ads_impl_with_ama_fy2021.js
pagead2.googlesyndication.com/pagead/managed/js/adsense/m202211150101/ Frame 57B2 		354 KB
117 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202211150101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-5203714787387788&plah=www.starpmu.c4.fr
Requested by
Host: pagead2.googlesyndication.com
URL: http://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
de369a05c8ee20431904c1cd8c6dd51113d984ac881c7f6da78102711e984b20
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
fr-FR,fr;q=0.9
Referer
http://www.starpmu.c4.fr/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.71 Safari/537.36

Response headers

date
Sat, 03 Dec 2022 12:07:22 GMT
content-encoding
br
x-content-type-options
nosniff
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
119174
x-xss-protection
0
server
cafe
etag
15322748037682645930
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
cache-control
private, max-age=3600, stale-while-revalidate=3600
timing-allow-origin
*
expires
Sat, 03 Dec 2022 12:07:22 GMT
zrt_lookup.html
googleads.g.doubleclick.net/pagead/html/r20221110/r20190131/ Frame 49DF 		10 KB
5 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/html/r20221110/r20190131/zrt_lookup.html
Requested by
Host: pagead2.googlesyndication.com
URL: http://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
9da238ca619f3bf71312de3c9c913c653941ada56cb5e1601aafb6094ae51cdc
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
http://www.starpmu.c4.fr/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.71 Safari/537.36
accept-language
fr-FR,fr;q=0.9

Response headers

age
11806
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
public, max-age=1209600
content-encoding
br
content-length
4242
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Sat, 03 Dec 2022 08:50:36 GMT
etag
10353107486223812946
expires
Sat, 17 Dec 2022 08:50:36 GMT
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server
cafe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
120x60.gif
www.venez.fr/images/ Frame 1F8E 		4 KB
4 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.venez.fr/images/120x60.gif
Requested by
Host: www.venez.fr
URL: https://www.venez.fr/alternate-barre.htm
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
5.135.149.81 Le Chesnay, France, ASN16276 (OVH, FR),
Reverse DNS
web3.venez.net
Software
Apache /
Resource Hash
7dc792d48132ff15a9ad8c11a139bf26f8e13aa3df30a71582ae406ddffdab4f

Request headers

accept-language
fr-FR,fr;q=0.9
Referer
https://www.venez.fr/alternate-barre.htm
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.71 Safari/537.36

Response headers

Date
Sat, 03 Dec 2022 12:07:22 GMT
Last-Modified
Wed, 02 Mar 2011 00:16:24 GMT
Server
Apache
ETag
"f4c-49d74d2b9c600"
Content-Type
image/gif
Cache-Control
max-age=604800, public
Connection
Keep-Alive
Accept-Ranges
bytes
Keep-Alive
timeout=5, max=97
Content-Length
3916
site.js
www.venez.fr/js/ Frame 1F8E 		2 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.venez.fr/js/site.js?www.venez.fr
Requested by
Host: www.venez.fr
URL: https://www.venez.fr/alternate-barre.htm
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
5.135.149.81 Le Chesnay, France, ASN16276 (OVH, FR),
Reverse DNS
web3.venez.net
Software
Apache /
Resource Hash
0c91a24c2deb753c963c48cd9c3e5d16ee96128b30bce193c4324e121728c306

Request headers

accept-language
fr-FR,fr;q=0.9
Referer
https://www.venez.fr/alternate-barre.htm
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.71 Safari/537.36

Response headers

Date
Sat, 03 Dec 2022 12:07:22 GMT
Content-Encoding
gzip
Last-Modified
Sat, 03 Dec 2022 12:07:22 GMT
Server
Apache
Vary
Accept-Encoding
Content-Type
application/javascript
Cache-Control
public, max-age=604800
Connection
Keep-Alive
Keep-Alive
timeout=5, max=99
Content-Length
1023
Expires
Sat, 10 Dec 2022 12:07:22 GMT
barre90.gif
www.venez.fr/images/ Frame 1F8E 		110 B
416 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.venez.fr/images/barre90.gif
Requested by
Host: www.venez.fr
URL: https://www.venez.fr/alternate-barre.htm
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
5.135.149.81 Le Chesnay, France, ASN16276 (OVH, FR),
Reverse DNS
web3.venez.net
Software
Apache /
Resource Hash
49d4ba84e10d9d1f2a83956dde4f20625fd11efc01f60a3a4552a9e09a05a74f

Request headers

accept-language
fr-FR,fr;q=0.9
Referer
https://www.venez.fr/alternate-barre.htm
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.71 Safari/537.36

Response headers

Date
Sat, 03 Dec 2022 12:07:22 GMT
Last-Modified
Thu, 15 Nov 2018 22:06:23 GMT
Server
Apache
ETag
"6e-57abb42dff5c0"
Content-Type
image/gif
Cache-Control
max-age=604800, public
Connection
Keep-Alive
Accept-Ranges
bytes
Keep-Alive
timeout=5, max=98
Content-Length
110
cookie.js
partner.googleadservices.com/gampad/ Frame 57B2 		377 B
692 B 		Script
General
Check archive.org
Download Go to
Full URL
https://partner.googleadservices.com/gampad/cookie.js?domain=www.starpmu.c4.fr&callback=_gfp_s_&client=ca-pub-5203714787387788&gpid_exp=1
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202211150101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-5203714787387788&plah=www.starpmu.c4.fr
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
211c83d75a526abd75327013ce4f386e7bb7861cbc93f206193aa49496eeb8a8
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
fr-FR,fr;q=0.9
Referer
http://www.starpmu.c4.fr/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.71 Safari/537.36

Response headers

date
Sat, 03 Dec 2022 12:07:23 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-type
text/javascript; charset=UTF-8
cache-control
private
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
247
x-xss-protection
0
integrator.js
adservice.google.fr/adsid/ Frame 57B2 		107 B
792 B 		Script
General
Check archive.org
Download Go to
Full URL
https://adservice.google.fr/adsid/integrator.js?domain=www.starpmu.c4.fr
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202211150101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-5203714787387788&plah=www.starpmu.c4.fr
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
fr-FR,fr;q=0.9
Referer
http://www.starpmu.c4.fr/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.71 Safari/537.36

Response headers

date
Sat, 03 Dec 2022 12:07:23 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
content-type
application/javascript; charset=UTF-8
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control
private, no-cache, no-store
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length
100
x-xss-protection
0
integrator.js
adservice.google.com/adsid/ Frame 57B2 		107 B
549 B 		Script
General
Check archive.org
Download Go to
Full URL
https://adservice.google.com/adsid/integrator.js?domain=www.starpmu.c4.fr
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202211150101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-5203714787387788&plah=www.starpmu.c4.fr
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
fr-FR,fr;q=0.9
Referer
http://www.starpmu.c4.fr/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.71 Safari/537.36

Response headers

date
Sat, 03 Dec 2022 12:07:23 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
content-type
application/javascript; charset=UTF-8
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control
private, no-cache, no-store
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
100
x-xss-protection
0
ads
googleads.g.doubleclick.net/pagead/ Frame 3A7E 		436 B
407 B 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5203714787387788&output=html&h=90&slotname=4563536207&adk=2647235303&adf=3604715433&pi=t.ma~as.4563536207&w=970&format=970x90&url=http%3A%2F%2Fwww.starpmu.c4.fr%2F&ea=0&wgl=1&dt=1670069242760&bpp=4&bdt=419&idt=259&shv=r20221110&mjsv=m202211150101&ptt=9&saldr=aa&correlator=1672415310043&frm=23&ife=1&pv=2&ga_vid=842712976.1670069243&ga_sid=1670069243&ga_hid=1431496699&ga_fc=0&nhd=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&adx=20&ady=0&biw=1600&bih=1200&isw=1600&ish=90&ifk=4057606834&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C44777877%2C42531705%2C44774292&oid=2&pvsid=1913604240282529&tmod=96387480&uas=0&nvt=1&eae=2&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C90&vis=1&rsz=o%7Co%7CaeE%7C&abl=NA&pfx=0&fu=4&bc=23&ifi=1&uci=1.9b19wgd5ftqy&fsb=1&dtd=284
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202211150101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-5203714787387788&plah=www.starpmu.c4.fr
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
23c7d6f2d1cf2481460bf58bb3ccfed4a8ab4b5375742068a75372ed033f1913
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
http://www.starpmu.c4.fr/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.71 Safari/537.36
accept-language
fr-FR,fr;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
private
content-encoding
br
content-length
209
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Sat, 03 Dec 2022 12:07:23 GMT
expires
Sat, 03 Dec 2022 12:07:23 GMT
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server
cafe
timing-allow-origin
*
x-content-type-options
nosniff
x-xss-protection
0
sodar
pagead2.googlesyndication.com/getconfig/ Frame 57B2 		14 KB
11 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gda&tv=r20221110&st=env
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202211150101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-5203714787387788&plah=www.starpmu.c4.fr
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
67ff164aa1a45d3f4d3814f3c768c14600f26099fd1be6fbf2026968379bf4a4
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
fr-FR,fr;q=0.9
Referer
http://www.starpmu.c4.fr/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.71 Safari/537.36

Response headers

date
Sat, 03 Dec 2022 12:07:23 GMT
content-encoding
br
x-content-type-options
nosniff
server
cafe
content-type
application/json; charset=UTF-8
access-control-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
11155
x-xss-protection
0
jBox.all.min.css
payment.allopass.com/static/css/jBox/ Frame C82B 		16 KB
4 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://payment.allopass.com/static/css/jBox/jBox.all.min.css
Requested by
Host: payment.allopass.com
URL: https://payment.allopass.com/buy/buy.apu?ids=350564&idd=1532815
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
185.119.26.1 , France, ASN203544 (WEBDEVIIN-AS, FR),
Reverse DNS
1.26.119.185.in-addr.arpa
Software
Apache /
Resource Hash
16393c3e769e20445f7f78adf6a188dae9d932249842c1033dc2144bac1296ac

Request headers

accept-language
fr-FR,fr;q=0.9
Referer
https://payment.allopass.com/buy/buy.apu?ids=350564&idd=1532815
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.71 Safari/537.36

Response headers

Date
Sat, 03 Dec 2022 12:07:23 GMT
Content-Encoding
gzip
Last-Modified
Tue, 16 Nov 2021 13:36:55 GMT
Server
Apache
ETag
"21680-40d7-5d0e804cbabc0"
Vary
Accept-Encoding
Content-Type
text/css
Connection
close
Accept-Ranges
bytes
Content-Length
3631
base.css
payment.allopass.com/static/css/ Frame C82B 		81 KB
15 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://payment.allopass.com/static/css/base.css?68
Requested by
Host: payment.allopass.com
URL: https://payment.allopass.com/buy/buy.apu?ids=350564&idd=1532815
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
185.119.26.1 , France, ASN203544 (WEBDEVIIN-AS, FR),
Reverse DNS
1.26.119.185.in-addr.arpa
Software
Apache /
Resource Hash
adfe383e215844ddafe2b7149d13c92118cc519a174bf6035494bab363034f4c

Request headers

accept-language
fr-FR,fr;q=0.9
Referer
https://payment.allopass.com/buy/buy.apu?ids=350564&idd=1532815
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.71 Safari/537.36

Response headers

Date
Sat, 03 Dec 2022 12:07:23 GMT
Content-Encoding
gzip
Last-Modified
Fri, 26 Nov 2021 09:46:13 GMT
Server
Apache
ETag
"40f30-143f2-5d1adf6294340"
Vary
Accept-Encoding
Content-Type
text/css
Connection
close
Accept-Ranges
bytes
Content-Length
14716
carousel.css
payment.allopass.com/static/css/ Frame C82B 		21 KB
3 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://payment.allopass.com/static/css/carousel.css?68
Requested by
Host: payment.allopass.com
URL: https://payment.allopass.com/buy/buy.apu?ids=350564&idd=1532815
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
185.119.26.1 , France, ASN203544 (WEBDEVIIN-AS, FR),
Reverse DNS
1.26.119.185.in-addr.arpa
Software
Apache /
Resource Hash
1decf61f3465e4585a9a8cd868c343796bb6f43dfd1f03fa0b361dab97b4627c

Request headers

accept-language
fr-FR,fr;q=0.9
Referer
https://payment.allopass.com/buy/buy.apu?ids=350564&idd=1532815
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.71 Safari/537.36

Response headers

Date
Sat, 03 Dec 2022 12:07:23 GMT
Content-Encoding
gzip
Last-Modified
Tue, 16 Nov 2021 13:36:55 GMT
Server
Apache
ETag
"216eb-54eb-5d0e804cbabc0"
Vary
Accept-Encoding
Content-Type
text/css
Connection
close
Accept-Ranges
bytes
Content-Length
2387
jquery-1.3.2.min.js
payment.allopass.com/static/js/ext/ Frame C82B 		56 KB
20 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://payment.allopass.com/static/js/ext/jquery-1.3.2.min.js
Requested by
Host: payment.allopass.com
URL: https://payment.allopass.com/buy/buy.apu?ids=350564&idd=1532815
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
185.119.26.1 , France, ASN203544 (WEBDEVIIN-AS, FR),
Reverse DNS
1.26.119.185.in-addr.arpa
Software
Apache /
Resource Hash
c8370a2d050359e9d505acc411e6f457a49b21360a21e6cbc9229bad3a767899

Request headers

accept-language
fr-FR,fr;q=0.9
Referer
https://payment.allopass.com/buy/buy.apu?ids=350564&idd=1532815
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.71 Safari/537.36

Response headers

Date
Sat, 03 Dec 2022 12:07:23 GMT
Content-Encoding
gzip
Last-Modified
Tue, 16 Nov 2021 13:36:55 GMT
Server
Apache
ETag
"21a22-dfa6-5d0e804cbabc0"
Vary
Accept-Encoding
Content-Type
application/javascript
Connection
close
Accept-Ranges
bytes
Content-Length
19740
jquery-1.11.3.min.js
payment.allopass.com/static/js/ext/ Frame C82B 		94 KB
33 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://payment.allopass.com/static/js/ext/jquery-1.11.3.min.js
Requested by
Host: payment.allopass.com
URL: https://payment.allopass.com/buy/buy.apu?ids=350564&idd=1532815
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
185.119.26.1 , France, ASN203544 (WEBDEVIIN-AS, FR),
Reverse DNS
1.26.119.185.in-addr.arpa
Software
Apache /
Resource Hash
ecb916133a9376911f10bc5c659952eb0031e457f5df367cde560edbfba38fb8

Request headers

accept-language
fr-FR,fr;q=0.9
Referer
https://payment.allopass.com/buy/buy.apu?ids=350564&idd=1532815
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.71 Safari/537.36

Response headers

Date
Sat, 03 Dec 2022 12:07:23 GMT
Content-Encoding
gzip
Last-Modified
Tue, 16 Nov 2021 13:36:55 GMT
Server
Apache
ETag
"21722-176d5-5d0e804cbabc0"
Vary
Accept-Encoding
Content-Type
application/javascript
Connection
close
Accept-Ranges
bytes
Content-Length
33279
general.js
payment.allopass.com/onetime/scripts/ Frame C82B 		4 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://payment.allopass.com/onetime/scripts/general.js?04
Requested by
Host: payment.allopass.com
URL: https://payment.allopass.com/buy/buy.apu?ids=350564&idd=1532815
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
185.119.26.1 , France, ASN203544 (WEBDEVIIN-AS, FR),
Reverse DNS
1.26.119.185.in-addr.arpa
Software
Apache /
Resource Hash
c1893b3f02db32e36ee562842bc299d27c047656416c204667abf42f04777d2a

Request headers

accept-language
fr-FR,fr;q=0.9
Referer
https://payment.allopass.com/buy/buy.apu?ids=350564&idd=1532815
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.71 Safari/537.36

Response headers

Date
Sat, 03 Dec 2022 12:07:23 GMT
Content-Encoding
gzip
Last-Modified
Tue, 16 Nov 2021 13:36:55 GMT
Server
Apache
ETag
"41d9f-f37-5d0e804cbabc0"
Vary
Accept-Encoding
Content-Type
application/javascript
Connection
close
Accept-Ranges
bytes
Content-Length
1593
jBox.all.min.js
payment.allopass.com/static/js/ext/ Frame C82B 		51 KB
13 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://payment.allopass.com/static/js/ext/jBox.all.min.js
Requested by
Host: payment.allopass.com
URL: https://payment.allopass.com/buy/buy.apu?ids=350564&idd=1532815
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
185.119.26.1 , France, ASN203544 (WEBDEVIIN-AS, FR),
Reverse DNS
1.26.119.185.in-addr.arpa
Software
Apache /
Resource Hash
d176bb09818fe74dc0e1d369c411c2e3ca68bbf64a8eb76b43ec306520229833

Request headers

accept-language
fr-FR,fr;q=0.9
Referer
https://payment.allopass.com/buy/buy.apu?ids=350564&idd=1532815
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.71 Safari/537.36

Response headers

Date
Sat, 03 Dec 2022 12:07:23 GMT
Content-Encoding
gzip
Last-Modified
Tue, 16 Nov 2021 13:36:55 GMT
Server
Apache
ETag
"4106a-cb59-5d0e804cbabc0"
Vary
Accept-Encoding
Content-Type
application/javascript
Connection
close
Accept-Ranges
bytes
Content-Length
12605
top.js
gmu-apps.com/js/ Frame C82B 		54 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://gmu-apps.com/js/top.js
Requested by
Host: payment.allopass.com
URL: https://payment.allopass.com/buy/buy.apu?ids=350564&idd=1532815
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.219.162.239 San Jose, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-54-219-162-239.us-west-1.compute.amazonaws.com
Software
Apache /
Resource Hash
cdca24fd19906ad7adbf066e55d3ee87750c3901e9b5d1beb538408274d32109

Request headers

accept-language
fr-FR,fr;q=0.9
Referer
https://payment.allopass.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.71 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 03 Dec 2022 12:07:23 GMT
content-encoding
gzip
last-modified
Fri, 02 Apr 2021 20:31:35 GMT
server
Apache
vary
Accept-Encoding
content-type
application/javascript
cache-control
max-age=0, no-cache, no-store, must-revalidate
accept-ranges
bytes
content-length
5772
expires
Sun, 8 Mar 1981 10:00:00 GMT
fr.png
payment.allopass.com/icons/flags/24x24/ Frame C82B 		536 B
774 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://payment.allopass.com/icons/flags/24x24/fr.png
Requested by
Host: payment.allopass.com
URL: https://payment.allopass.com/buy/buy.apu?ids=350564&idd=1532815
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
185.119.26.1 , France, ASN203544 (WEBDEVIIN-AS, FR),
Reverse DNS
1.26.119.185.in-addr.arpa
Software
Apache /
Resource Hash
54df4beda3ad05d5c621511ff15b2882588ff457e36132035d5f21fb29f2a750

Request headers

accept-language
fr-FR,fr;q=0.9
Referer
https://payment.allopass.com/buy/buy.apu?ids=350564&idd=1532815
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.71 Safari/537.36

Response headers

Date
Sat, 03 Dec 2022 12:07:23 GMT
Last-Modified
Tue, 26 Nov 2019 14:39:45 GMT
Server
Apache
ETag
"2238c-218-59840d9ebee40"
Content-Type
image/png
Connection
close
Accept-Ranges
bytes
Content-Length
536
check-codes.js
payment.allopass.com/static/js/ Frame C82B 		2 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://payment.allopass.com/static/js/check-codes.js?01
Requested by
Host: payment.allopass.com
URL: https://payment.allopass.com/buy/buy.apu?ids=350564&idd=1532815
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
185.119.26.1 , France, ASN203544 (WEBDEVIIN-AS, FR),
Reverse DNS
1.26.119.185.in-addr.arpa
Software
Apache /
Resource Hash
97a9de3830f4bd7bcb7cf4805dbdcf1f4c6e843fcd4a814c6a5d7bc2b11fee1a

Request headers

accept-language
fr-FR,fr;q=0.9
Referer
https://payment.allopass.com/buy/buy.apu?ids=350564&idd=1532815
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.71 Safari/537.36

Response headers

Date
Sat, 03 Dec 2022 12:07:23 GMT
Content-Encoding
gzip
Last-Modified
Fri, 29 Jul 2022 07:06:45 GMT
Server
Apache
ETag
"24c89-9d7-5e4ec4afc0b40"
Vary
Accept-Encoding
Content-Type
application/javascript
Connection
close
Accept-Ranges
bytes
Content-Length
795
fingerprint2.min.js
payment.allopass.com/static/js/ext/ Frame C82B 		33 KB
10 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://payment.allopass.com/static/js/ext/fingerprint2.min.js
Requested by
Host: payment.allopass.com
URL: https://payment.allopass.com/buy/buy.apu?ids=350564&idd=1532815
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
185.119.26.1 , France, ASN203544 (WEBDEVIIN-AS, FR),
Reverse DNS
1.26.119.185.in-addr.arpa
Software
Apache /
Resource Hash
faf063f091dd745b82f9aeb12544a10ef3ee5989078c1a90d377d863fff884c7

Request headers

accept-language
fr-FR,fr;q=0.9
Referer
https://payment.allopass.com/buy/buy.apu?ids=350564&idd=1532815
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.71 Safari/537.36

Response headers

Date
Sat, 03 Dec 2022 12:07:23 GMT
Content-Encoding
gzip
Last-Modified
Tue, 16 Nov 2021 13:36:55 GMT
Server
Apache
ETag
"2171f-8432-5d0e804cbabc0"
Vary
Accept-Encoding
Content-Type
application/javascript
Connection
close
Accept-Ranges
bytes
Content-Length
10209
arrow-down.png
payment.allopass.com/static/css/images/ Frame C82B 		315 B
553 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://payment.allopass.com/static/css/images/arrow-down.png
Requested by
Host: payment.allopass.com
URL: https://payment.allopass.com/buy/buy.apu?ids=350564&idd=1532815
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
185.119.26.1 , France, ASN203544 (WEBDEVIIN-AS, FR),
Reverse DNS
1.26.119.185.in-addr.arpa
Software
Apache /
Resource Hash
c0a130d7b90ac605b17acd40337aa673f2f6b1779801ba8ea7d894d38b87ba36

Request headers

accept-language
fr-FR,fr;q=0.9
Referer
https://payment.allopass.com/buy/buy.apu?ids=350564&idd=1532815
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.71 Safari/537.36

Response headers

Date
Sat, 03 Dec 2022 12:07:23 GMT
Last-Modified
Tue, 16 Nov 2021 13:36:55 GMT
Server
Apache
ETag
"21735-13b-5d0e804cbabc0"
Content-Type
image/png
Connection
close
Accept-Ranges
bytes
Content-Length
315
carousel.js
payment.allopass.com/static/js/ Frame C82B 		7 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://payment.allopass.com/static/js/carousel.js?5
Requested by
Host: payment.allopass.com
URL: https://payment.allopass.com/buy/buy.apu?ids=350564&idd=1532815
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
185.119.26.1 , France, ASN203544 (WEBDEVIIN-AS, FR),
Reverse DNS
1.26.119.185.in-addr.arpa
Software
Apache /
Resource Hash
8db08a66fc20669ae93e6d8e919f56a863ce77d3e1ea0bb97efc4c35da450435

Request headers

accept-language
fr-FR,fr;q=0.9
Referer
https://payment.allopass.com/buy/buy.apu?ids=350564&idd=1532815
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.71 Safari/537.36

Response headers

Date
Sat, 03 Dec 2022 12:07:23 GMT
Content-Encoding
gzip
Last-Modified
Tue, 16 Nov 2021 13:36:55 GMT
Server
Apache
ETag
"21a1b-1b55-5d0e804cbabc0"
Vary
Accept-Encoding
Content-Type
application/javascript
Connection
close
Accept-Ranges
bytes
Content-Length
1830
gtm.js
www.googletagmanager.com/ Frame C82B 		115 KB
45 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtm.js?id=GTM-NHFGDSD
Requested by
Host: payment.allopass.com
URL: https://payment.allopass.com/buy/buy.apu?ids=350564&idd=1532815
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:828::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
4702757fced271a1aa3b79147128f31d3a569fec7e17e48f89915b58c0089dcb
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

accept-language
fr-FR,fr;q=0.9
Referer
https://payment.allopass.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.71 Safari/537.36

Response headers

date
Sat, 03 Dec 2022 12:07:23 GMT
content-encoding
br
strict-transport-security
max-age=31536000; includeSubDomains
server
Google Tag Manager
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
access-control-allow-headers
Cache-Control
content-length
45435
x-xss-protection
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
expires
Sat, 03 Dec 2022 12:07:23 GMT
sodar2.js
tpc.googlesyndication.com/sodar/ Frame 57B2 		17 KB
7 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/sodar2.js
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202211150101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-5203714787387788&plah=www.starpmu.c4.fr
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
fr-FR,fr;q=0.9
Referer
http://www.starpmu.c4.fr/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.71 Safari/537.36

Response headers

date
Sat, 03 Dec 2022 12:07:23 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
6386
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
etag
"1637097310169751"
vary
Accept-Encoding
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
expires
Sat, 03 Dec 2022 12:07:23 GMT
duration.css
payment.allopass.com/static/css/ Frame C82B 		3 KB
1 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://payment.allopass.com/static/css/duration.css
Requested by
Host: payment.allopass.com
URL: https://payment.allopass.com/static/css/base.css?68
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
185.119.26.1 , France, ASN203544 (WEBDEVIIN-AS, FR),
Reverse DNS
1.26.119.185.in-addr.arpa
Software
Apache /
Resource Hash
b88598db6441341112078d3c81ea00ddf76e566ad9c68dcfec28a4d5100ca7b8

Request headers

accept-language
fr-FR,fr;q=0.9
Referer
https://payment.allopass.com/static/css/base.css?68
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.71 Safari/537.36

Response headers

Date
Sat, 03 Dec 2022 12:07:23 GMT
Content-Encoding
gzip
Last-Modified
Tue, 16 Nov 2021 13:36:55 GMT
Server
Apache
ETag
"21600-b61-5d0e804cbabc0"
Vary
Accept-Encoding
Content-Type
text/css
Connection
close
Accept-Ranges
bytes
Content-Length
793
runner.html
tpc.googlesyndication.com/sodar/sodar2/225/ Frame F922 		13 KB
5 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
http://www.starpmu.c4.fr/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.71 Safari/537.36
accept-language
fr-FR,fr;q=0.9

Response headers

accept-ranges
bytes
age
4657
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
public, max-age=31536000
content-encoding
gzip
content-length
5046
content-type
text/html
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy
cross-origin
date
Sat, 03 Dec 2022 10:49:46 GMT
expires
Sun, 03 Dec 2023 10:49:46 GMT
last-modified
Mon, 21 Jun 2021 20:47:05 GMT
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server
sffe
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
aframe
www.google.com/recaptcha/api2/ Frame A337 		783 B
1 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://www.google.com/recaptcha/api2/aframe
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:811::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
GSE /
Resource Hash
29e47b9067a4d1973c1a49666b3930d81fc7c7097fbca0bded6a23dd9c6e8e0d
Security Headers
Name Value
Content-Security-Policy script-src 'report-sample' 'nonce-_qWiSeArmvu4NYoz5iteQg' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
http://www.starpmu.c4.fr/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.71 Safari/537.36
accept-language
fr-FR,fr;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
private, max-age=300
content-encoding
gzip
content-length
511
content-security-policy
script-src 'report-sample' 'nonce-_qWiSeArmvu4NYoz5iteQg' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-type
text/html; charset=utf-8
cross-origin-embedder-policy
require-corp
cross-origin-resource-policy
cross-origin
date
Sat, 03 Dec 2022 12:07:23 GMT
expires
Sat, 03 Dec 2022 12:07:23 GMT
report-to
{"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
server
GSE
x-content-type-options
nosniff
x-xss-protection
1; mode=block
rVlqs_C6MEoymNIgrpYBY2eJfhVJuMjEUeWab4z9yRM.js
pagead2.googlesyndication.com/bg/ Frame F922 		36 KB
16 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/bg/rVlqs_C6MEoymNIgrpYBY2eJfhVJuMjEUeWab4z9yRM.js
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
ad596ab3f0ba304a3298d220ae96016367897e1549b8c8c451e59a6f8cfdc913
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
fr-FR,fr;q=0.9
Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.71 Safari/537.36

Response headers

date
Fri, 02 Dec 2022 13:53:28 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
80035
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
15986
x-xss-protection
0
last-modified
Thu, 03 Nov 2022 09:28:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="botguard-scs"
vary
Accept-Encoding
report-to
{"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Sat, 02 Dec 2023 13:53:28 GMT
analytics.js
www.google-analytics.com/ Frame C82B 		49 KB
20 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/analytics.js
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-NHFGDSD
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:803::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
b42e4a056cb5b80c5a315040826866445ec9332f0749e184509ab2d9d3b86719
Security Headers
Name Value
Strict-Transport-Security max-age=10886400; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
fr-FR,fr;q=0.9
Referer
https://payment.allopass.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.71 Safari/537.36

Response headers

strict-transport-security
max-age=10886400; includeSubDomains; preload
content-encoding
gzip
x-content-type-options
nosniff
date
Sat, 03 Dec 2022 11:15:46 GMT
last-modified
Tue, 27 Sep 2022 22:01:05 GMT
server
Golfe2
age
3097
vary
Accept-Encoding
content-type
text/javascript
cache-control
public, max-age=7200
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
20039
expires
Sat, 03 Dec 2022 13:15:46 GMT
sodar
pagead2.googlesyndication.com/pagead/ Frame A337 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&li=gda_r20221110&jk=1913604240282529&rc=
Requested by
Host: www.starpmu.c4.fr
URL: http://www.starpmu.c4.fr/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
fr-FR,fr;q=0.9
Referer
https://www.google.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.71 Safari/537.36

Response headers
generate_204
tpc.googlesyndication.com/ Frame F922 		0
10 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/generate_204?OVbGYw
Requested by
Host: www.starpmu.c4.fr
URL: http://www.starpmu.c4.fr/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
fr-FR,fr;q=0.9
Referer
https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.71 Safari/537.36

Response headers

date
Sat, 03 Dec 2022 12:07:23 GMT
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
secure-lock.gif
payment.allopass.com/static/css/icons/ Frame C82B 		181 B
418 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://payment.allopass.com/static/css/icons/secure-lock.gif
Requested by
Host: payment.allopass.com
URL: https://payment.allopass.com/static/css/base.css?68
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
185.119.26.1 , France, ASN203544 (WEBDEVIIN-AS, FR),
Reverse DNS
1.26.119.185.in-addr.arpa
Software
Apache /
Resource Hash
b74d93c2e43195ed06c03dcc855663cce5faec3d82a53598eb84f0714bb5ced9

Request headers

accept-language
fr-FR,fr;q=0.9
Referer
https://payment.allopass.com/static/css/base.css?68
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.71 Safari/537.36

Response headers

Date
Sat, 03 Dec 2022 12:07:23 GMT
Last-Modified
Tue, 16 Nov 2021 13:36:55 GMT
Server
Apache
ETag
"40f92-b5-5d0e804cbabc0"
Content-Type
image/gif
Connection
close
Accept-Ranges
bytes
Content-Length
181
field.png
payment.allopass.com/static/css/images/ Frame C82B 		170 B
407 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://payment.allopass.com/static/css/images/field.png
Requested by
Host: payment.allopass.com
URL: https://payment.allopass.com/static/css/base.css?68
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
185.119.26.1 , France, ASN203544 (WEBDEVIIN-AS, FR),
Reverse DNS
1.26.119.185.in-addr.arpa
Software
Apache /
Resource Hash
7ffb9e58d885b0eaf644c52103b65f0019590149c75e77ff18f826d9bb3fa4e9

Request headers

accept-language
fr-FR,fr;q=0.9
Referer
https://payment.allopass.com/static/css/base.css?68
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.71 Safari/537.36

Response headers

Date
Sat, 03 Dec 2022 12:07:23 GMT
Last-Modified
Tue, 16 Nov 2021 13:36:55 GMT
Server
Apache
ETag
"21748-aa-5d0e804cbabc0"
Content-Type
image/png
Connection
close
Accept-Ranges
bytes
Content-Length
170
logo-mobiyo-small.png
payment.allopass.com/static/css/images/ Frame C82B 		12 KB
12 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://payment.allopass.com/static/css/images/logo-mobiyo-small.png
Requested by
Host: payment.allopass.com
URL: https://payment.allopass.com/static/css/base.css?68
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
185.119.26.1 , France, ASN203544 (WEBDEVIIN-AS, FR),
Reverse DNS
1.26.119.185.in-addr.arpa
Software
Apache /
Resource Hash
56b137612eb9e7e11421f576f02d3ea90e604fd12ab5873e6ff90aa9101e28db

Request headers

accept-language
fr-FR,fr;q=0.9
Referer
https://payment.allopass.com/static/css/base.css?68
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.71 Safari/537.36

Response headers

Date
Sat, 03 Dec 2022 12:07:23 GMT
Last-Modified
Tue, 16 Nov 2021 13:36:55 GMT
Server
Apache
ETag
"2196b-2e5e-5d0e804cbabc0"
Content-Type
image/png
Connection
close
Accept-Ranges
bytes
Content-Length
11870
carousel-row-mobiyo.png
payment.allopass.com/static/css/images/ Frame C82B 		87 KB
87 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://payment.allopass.com/static/css/images/carousel-row-mobiyo.png
Requested by
Host: payment.allopass.com
URL: https://payment.allopass.com/static/css/carousel.css?68
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
185.119.26.1 , France, ASN203544 (WEBDEVIIN-AS, FR),
Reverse DNS
1.26.119.185.in-addr.arpa
Software
Apache /
Resource Hash
5b0231eec0d06b77f534fe202e99a40e89685551d6f1afdebc3c581e3ea76a0b

Request headers

accept-language
fr-FR,fr;q=0.9
Referer
https://payment.allopass.com/static/css/carousel.css?68
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.71 Safari/537.36

Response headers

Date
Sat, 03 Dec 2022 12:07:23 GMT
Last-Modified
Tue, 16 Nov 2021 13:36:55 GMT
Server
Apache
ETag
"21653-15a80-5d0e804cbabc0"
Content-Type
image/png
Connection
close
Accept-Ranges
bytes
Content-Length
88704
sodar
pagead2.googlesyndication.com/pagead/ Frame 57B2 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&t=2&li=gda_r20221110&jk=1913604240282529&bg=!gIOlg8fNAAbvMpMzzzI7ACkAdvg8WvB8mvXBxzObazD18s816uVn9cgD7N_jSVrE0Fcf1-nRCkPW_wIAAAD5UgAAAANoAQeZAr2n-GOudEymULrAjjWbA5RtrVNF-CsMBOy-An4Qn8iTCthwyFUCTNby9byOREq_ISSUMVtHNzr3mT8MCNkp1kszmwBqoaW6X6kMNCjtMkMoHFVu5zY0BO8RCVKGezt36gner-0JaJfrcikz2gttuZXOvWgIs1FBkZT5x6vsBGJplSgnW8nM09s3aUxKJhN3wo_csW3v4MJtlTdZAXue7-C557qh0QgTwuHm5-4cwsQkdJHQSYzf7gOeKHVRptyFtmNdua3EJmvVh2q0XVszRvqjxyEkTnRrlG6w9e_klwAJuj8JtaRZIaqky1wXOpKbgXRs6zXuXRiQNxcTTmH3zSLSViQBvtD9-JipXrcO8bs63sbm60JeakzeLc1EmsMGut0fGusDwVSDlafi1qPZq7bTowHAMiNrczr8gJ2xqsQ3WdKzOLZw0uuxP2QYINcgdJKXDVlEoYpVl2PyGkfGKst9bCUsQdQwODLa5u53_3If71noYUhkNve6NRvv3n8Qx5BuzB3_chi7inKPG7_8TdTZY_clH-Q4M6q3MRhSSAT4XGaG3EMXFDfXxnFjDt6MBkqIDIHyTnrlk--QOYo7wzkZpx7flMA40mGY0JQMKZjajjZ-XcMjuz2vf4gCl7j6SteraNKVTlUjuVn6omI7375Vqevre95uCTZQh0VzNEIUrDQ80xiNtoQo6NXAO-xBYM199qcvYl1wZ3kbWyTSb3_neQHBMkKmzjzTrU2wM_M9XOv1Ex1h2J-IWVYAszf42M6Xseft2VYK3Q9VPPQK8gRt_Iog_ZKFSKJ-tuvonaF1wnmTDwA88HSQv-mRJlmsR7Dtt0_csW1U1VnoUb_dfoAw0LZm8XiMazXDEvEnUDjJWuOGbAUDI28tbPqlIJlgTrN7ZXluqtWX-iWlHv_yOLgcX2T265PEs75yUE6yBw
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
fr-FR,fr;q=0.9
Referer
http://www.starpmu.c4.fr/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.71 Safari/537.36

Response headers
chk.php
gmu-apps.com/ Frame C82B 		0
94 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://gmu-apps.com/chk.php
Requested by
Host: www.starpmu.c4.fr
URL: http://www.starpmu.c4.fr/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.219.162.239 San Jose, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-54-219-162-239.us-west-1.compute.amazonaws.com
Software
Apache /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://payment.allopass.com/
accept-language
fr-FR,fr;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.71 Safari/537.36
Content-Type
application/x-www-form-urlencoded

Response headers

access-control-allow-origin
*
date
Sat, 03 Dec 2022 12:07:24 GMT
server
Apache
content-length
0
content-type
text/html; charset=UTF-8

Verdicts & Comments Add Verdict or Comment

8 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| 0 object| 1 object| 2 object| oncontentvisibilityautostatechange object| google_reactive_ads_global_state object| google_ad_modifications number| google_global_correlator object| google_prev_clients

5 Cookies

Domain/Path Name / Value
.c4.fr/ Name: __gads
Value: ID=6790475fa34b6509-22c4b8b043d80003:T=1670069243:RT=1670069243:S=ALNI_MZpcs5-QNNLmKZaQmHi3J6-yFCUXA
.c4.fr/ Name: __gpi
Value: UID=00000b8c35d18e3f:T=1670069243:RT=1670069243:S=ALNI_MbqYYB2Tjn5yffdJEofZklt5-5o7A
.doubleclick.net/ Name: test_cookie
Value: CheckForPermission
payment.allopass.com/ Name: ShopSessionId
Value: 4cc6bbb7-80cc-475a-bb8c-8657dc143315
.allopass.com/ Name: AP_CUSK
Value: 3597166408

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

adservice.google.com
adservice.google.fr
gmu-apps.com
googleads.g.doubleclick.net
img.root-top.com
pagead2.googlesyndication.com
partner.googleadservices.com
payment.allopass.com
static.gambling-affiliation.com
tpc.googlesyndication.com
www.bahturf6.ouba.com
www.gambling-affiliation.com
www.google-analytics.com
www.google.com
www.googletagmanager.com
www.secretturf.com
www.starpmu.c4.fr
www.toptierce.net
www.venez.fr
185.119.26.1
194.150.236.190
194.150.236.236
2606:4700:3038::6815:ea1a
2606:4700:3038::6815:ea1b
2a00:1450:4001:803::200e
2a00:1450:4001:80e::2002
2a00:1450:4001:80f::2001
2a00:1450:4001:810::2002
2a00:1450:4001:811::2004
2a00:1450:4001:813::2002
2a00:1450:4001:828::2008
2a00:1450:4001:82f::2002
2a00:1450:4001:830::2002
5.135.149.81
54.219.162.239
91.198.105.123
0c91a24c2deb753c963c48cd9c3e5d16ee96128b30bce193c4324e121728c306
0d3c8911d20a475daa04eb642ec462f122183fca7486d36124ae01c1571c326f
16393c3e769e20445f7f78adf6a188dae9d932249842c1033dc2144bac1296ac
1decf61f3465e4585a9a8cd868c343796bb6f43dfd1f03fa0b361dab97b4627c
211c83d75a526abd75327013ce4f386e7bb7861cbc93f206193aa49496eeb8a8
214bc07440bbb5df34e99867c2070112f9bb5243528e0cde6429345083c6cd7a
23c7d6f2d1cf2481460bf58bb3ccfed4a8ab4b5375742068a75372ed033f1913
28dbfd4926602dc0e40dcb3b5d6b3ad7ea9cc51ab91eddc1d97d3cf9dd0cef36
29e47b9067a4d1973c1a49666b3930d81fc7c7097fbca0bded6a23dd9c6e8e0d
2fa10f945b54a8c3dae51ec8575fced805d5fa75c8eaab5055368c69f5929470
3289fc83b622ca0a13683fa81b006a05de135d1938744d6e30e5c9be2f2d782a
39a1c19b12bc248b1003ac59120a5a37ba588402cda89e276228838dc56b90d9
3b0652ce330355d9152e4477bdd7b727ba3664a8991c140dbfd505f9e346d123
4702757fced271a1aa3b79147128f31d3a569fec7e17e48f89915b58c0089dcb
49d4ba84e10d9d1f2a83956dde4f20625fd11efc01f60a3a4552a9e09a05a74f
54df4beda3ad05d5c621511ff15b2882588ff457e36132035d5f21fb29f2a750
55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a
56b137612eb9e7e11421f576f02d3ea90e604fd12ab5873e6ff90aa9101e28db
5b0231eec0d06b77f534fe202e99a40e89685551d6f1afdebc3c581e3ea76a0b
61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb
67ff164aa1a45d3f4d3814f3c768c14600f26099fd1be6fbf2026968379bf4a4
7ad0dbecc2a742c5f3a5c5fa4fc5f7ca9cdcbeb21f67c7fc29fbe30f95415b58
7dc792d48132ff15a9ad8c11a139bf26f8e13aa3df30a71582ae406ddffdab4f
7ffb9e58d885b0eaf644c52103b65f0019590149c75e77ff18f826d9bb3fa4e9
8db08a66fc20669ae93e6d8e919f56a863ce77d3e1ea0bb97efc4c35da450435
8e34cdba9ac65b3b6dd470052f0eb3442bdf7f6953e30b72d35ce0ab40ad9f40
90f144baa8f0ae01bc1c80eb55b4d64aa857abdf5f557337a554dd08709b8403
97a9de3830f4bd7bcb7cf4805dbdcf1f4c6e843fcd4a814c6a5d7bc2b11fee1a
9da238ca619f3bf71312de3c9c913c653941ada56cb5e1601aafb6094ae51cdc
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
ad596ab3f0ba304a3298d220ae96016367897e1549b8c8c451e59a6f8cfdc913
adfe383e215844ddafe2b7149d13c92118cc519a174bf6035494bab363034f4c
b42e4a056cb5b80c5a315040826866445ec9332f0749e184509ab2d9d3b86719
b74d93c2e43195ed06c03dcc855663cce5faec3d82a53598eb84f0714bb5ced9
b88598db6441341112078d3c81ea00ddf76e566ad9c68dcfec28a4d5100ca7b8
c0a130d7b90ac605b17acd40337aa673f2f6b1779801ba8ea7d894d38b87ba36
c1893b3f02db32e36ee562842bc299d27c047656416c204667abf42f04777d2a
c8370a2d050359e9d505acc411e6f457a49b21360a21e6cbc9229bad3a767899
c89138fe4d60f677872fa14679dd7d6807b9f614bd62beb3ffc112f082442b8d
cce78252542c52ca1be1ee90ee21bb2293e769b0720f1a47ec6f719aac256054
cdca24fd19906ad7adbf066e55d3ee87750c3901e9b5d1beb538408274d32109
d176bb09818fe74dc0e1d369c411c2e3ca68bbf64a8eb76b43ec306520229833
d433ef87264b183e0af0f4ba28c5b07f2dbc392d278852429a337caeb104768e
d9972d7317223d913045a29b609ba7349cbaea036b07659417e7ad0a75dac17c
de369a05c8ee20431904c1cd8c6dd51113d984ac881c7f6da78102711e984b20
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e73f35a2695c25afc6c840e30e75ef33b86739b67779f54d8a965897f84105bb
e7c3feb96cf54dbf0ea4ddce66d8c44f78d9706d2d4ff6404e4ba6984cfbab9e
ecb916133a9376911f10bc5c659952eb0031e457f5df367cde560edbfba38fb8
faf063f091dd745b82f9aeb12544a10ef3ee5989078c1a90d377d863fff884c7
fb2b3c4042f738369784fcce38f29786cb8eda07ce8693bf7f6e275e4de0ddee
fec867ff0a1f6c573a08edcd7d855ad4bfaf3e28627f3c8fd961f92ff8784277