urlscan.io logo urlscan.io
SecurityTrails logo

www.gagnantpmu.1s.fr Open in urlscan Pro
5.135.149.81  Public Scan

Go To Rescan Add Verdict Report
URL: http://www.gagnantpmu.1s.fr/index.php?la_page_demandee=pronostics_des_abonne
Submission: On December 30 via manual from FR — Scanned from FR
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 12 IPs in 3 countries across 11 domains to perform 36 HTTP transactions. The main IP is 5.135.149.81, located in Le Chesnay, France and belongs to OVH, FR. The main domain is www.gagnantpmu.1s.fr.
This is the only time www.gagnantpmu.1s.fr was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

10    5.135.149.81 (Le Chesnay, France)

ASN16276 (OVH, FR)
PTR: web3.venez.net
www.gagnantpmu.1s.fr
www.venez.fr
4    194.150.236.236 (France)

ASN44976 (HIWIT_AS, FR)
PTR: ns76.hiwit.net
www.toptierce.net
1    2a00:1450:4001:806::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
pagead2.googlesyndication.com
2    194.150.236.190 (France)

ASN44976 (HIWIT_AS, FR)
PTR: ns30.hiwit.net
www.secretturf.com
2    2606:4700:3038::6815:ea1b (United States)

ASN13335 (CLOUDFLARENET, US)
img.root-top.com
2    2606:4700:3038::6815:ea1a (United States)

ASN13335 (CLOUDFLARENET, US)
img.root-top.com
2    91.198.105.122 (France)

ASN35393 (EURO-WEB-AS, FR)
www.gambling-affiliation.com
static.gambling-affiliation.com
3    185.119.26.1 (France)

ASN203544 (WEBDEVIIN-AS, FR)
PTR: 1.26.119.185.in-addr.arpa
payment.allopass.com
5    2a00:1450:4001:82a::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
pagead2.googlesyndication.com
2    2a00:1450:4001:81c::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
googleads.g.doubleclick.net
2    2a00:1450:4001:80f::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.googletagmanager.com
3    2a00:1450:4001:803::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
tpc.googlesyndication.com
1    2a00:1450:4001:811::2004 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.google.com
Apex Domain
Subdomains		 Transfer
9 googlesyndication.com
pagead2.googlesyndication.com — Cisco Umbrella Rank: 102
tpc.googlesyndication.com — Cisco Umbrella Rank: 148
228 KB
7 venez.fr
www.venez.fr
9 KB
4 root-top.com
img.root-top.com
11 KB
4 toptierce.net
www.toptierce.net
472 KB
3 allopass.com
payment.allopass.com
10 KB
3 1s.fr
www.gagnantpmu.1s.fr
3 KB
2 googletagmanager.com
www.googletagmanager.com — Cisco Umbrella Rank: 36
155 KB
2 doubleclick.net
googleads.g.doubleclick.net — Cisco Umbrella Rank: 33
5 KB
2 gambling-affiliation.com
www.gambling-affiliation.com
static.gambling-affiliation.com
88 KB
2 secretturf.com
www.secretturf.com
63 KB
1 google.com
www.google.com — Cisco Umbrella Rank: 2
1 KB
36 11
Domain Requested by
7 www.venez.fr www.gagnantpmu.1s.fr
www.venez.fr
6 pagead2.googlesyndication.com www.gagnantpmu.1s.fr
pagead2.googlesyndication.com
tpc.googlesyndication.com
4 img.root-top.com 2 redirects www.toptierce.net
4 www.toptierce.net www.gagnantpmu.1s.fr
www.toptierce.net
3 tpc.googlesyndication.com pagead2.googlesyndication.com
tpc.googlesyndication.com
3 payment.allopass.com www.toptierce.net
payment.allopass.com
3 www.gagnantpmu.1s.fr www.gagnantpmu.1s.fr
2 www.googletagmanager.com payment.allopass.com
www.googletagmanager.com
2 googleads.g.doubleclick.net pagead2.googlesyndication.com
2 www.secretturf.com 1 redirects www.toptierce.net
1 www.google.com tpc.googlesyndication.com
1 static.gambling-affiliation.com www.toptierce.net
1 www.gambling-affiliation.com www.toptierce.net
36 13

This site contains no links.

Subject Issuer Validity Valid
venez.fr
R3		 2023-12-04 -
2024-03-03		 3 months crt.sh
www.gambling-affiliation.com
Gandi RSA Domain Validation Secure Server CA 3		 2023-10-24 -
2024-10-24		 a year crt.sh
*.allopass.com
Sectigo RSA Domain Validation Secure Server CA		 2023-10-06 -
2024-10-07		 a year crt.sh
static.gambling-affiliation.com
Gandi RSA Domain Validation Secure Server CA 3		 2023-08-31 -
2024-08-31		 a year crt.sh
*.g.doubleclick.net
GTS CA 1C3		 2023-11-20 -
2024-02-12		 3 months crt.sh
*.google-analytics.com
GTS CA 1C3		 2023-11-20 -
2024-02-12		 3 months crt.sh
tpc.googlesyndication.com
GTS CA 1C3		 2023-11-20 -
2024-02-12		 3 months crt.sh
www.google.com
GTS CA 1C3		 2023-11-20 -
2024-02-12		 3 months crt.sh

This page contains 9 frames:

Primary Page: http://www.gagnantpmu.1s.fr/index.php?la_page_demandee=pronostics_des_abonne
Frame ID: B56A76B9241ED99F90753E3EEF479EF4
Requests: 1 HTTP requests in this frame

Frame: http://www.gagnantpmu.1s.fr/barre-gagnantpmu.1s.fr.html
Frame ID: FD516D9F4DE8515D85696F0DFE738116
Requests: 9 HTTP requests in this frame

Frame: http://www.toptierce.net/turf/gagnantpmu/index.php?la_page_demandee=pronostics_des_abonne
Frame ID: 664993E9C5890A1130F74C3DCB62A0BD
Requests: 14 HTTP requests in this frame

Frame: http://www.gagnantpmu.1s.fr/stats-gagnantpmu.1s.fr.html
Frame ID: FA4BEDF1E5B68DB876FC941DDEBCC46F
Requests: 1 HTTP requests in this frame

Frame: https://www.venez.fr/alternate-barre.htm
Frame ID: BF21038B706A74401A919D74D029C5B4
Requests: 4 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/html/r20231207/r20190131/zrt_lookup_fy2021.html
Frame ID: 301CE400F3C5975B0B0D63D9B967F29B
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5203714787387788&output=html&h=90&slotname=4563536207&adk=2647235303&adf=3604715433&pi=t.ma~as.4563536207&w=970&format=970x90&url=http%3A%2F%2Fwww.gagnantpmu.1s.fr%2Findex.php%3Fla_page_demandee%3Dpronostics_des_abonne&ea=0&wgl=1&dt=1703965126488&bpp=3&bdt=311&idt=239&shv=r20231207&mjsv=m202312070101&ptt=9&saldr=aa&correlator=5323097837498&frm=23&ife=1&pv=2&ga_vid=856567816.1703965127&ga_sid=1703965127&ga_hid=1722421290&ga_fc=0&nhd=1&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&adx=20&ady=0&biw=1600&bih=1200&isw=1600&ish=90&ifk=1413721042&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C31079438%2C31079964%2C44795922%2C95320885&oid=2&pvsid=818133963926908&tmod=2068946533&uas=0&nvt=1&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C90&vis=1&rsz=o%7Co%7CaeE%7C&abl=NA&pfx=0&fu=4&bc=23&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=1&uci=1.9crbg49jvpjs&fsb=1&dtd=250
Frame ID: C36AA86D14331B350B9330F96ECF2765
Requests: 1 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Frame ID: F6105D0E4E628AB0D9A0614D04524DAB
Requests: 3 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/aframe
Frame ID: 246BDE5629AB1CA35FC542F2C65E9408
Requests: 2 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page Title

GAGNANT PMU

Detected technologies

Overall confidence: 100%
Detected patterns
  • \.php(?:$|\?)
Overall confidence: 100%
Detected patterns
  • googlesyndication\.com/
Overall confidence: 100%
Detected patterns
  • googletagmanager\.com/gtm\.js

Page Statistics

36
Requests

69 %
HTTPS

62 %
IPv6

11
Domains

13
Subdomains

12
IPs

3
Countries

1044 kB
Transfer

1755 kB
Size

5
Cookies

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 7
  • http://www.secretturf.com/img/logo.gif HTTP 301
  • https://www.secretturf.com/img/logo.gif
Request Chain 8
  • http://img.root-top.com/topsite/toptierce/banner.gif HTTP 301
  • https://img.root-top.com/topsite/toptierce/banner.gif
Request Chain 9
  • http://img.root-top.com/topsite/simplejeux/banner.gif HTTP 301
  • https://img.root-top.com/topsite/simplejeux/banner.gif

36 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Primary Request index.php
www.gagnantpmu.1s.fr/ 		3 KB
1 KB 		Document
General
Check archive.org
Download Go to
Full URL
http://www.gagnantpmu.1s.fr/index.php?la_page_demandee=pronostics_des_abonne
Protocol
HTTP/1.1
Server
5.135.149.81 Le Chesnay, France, ASN16276 (OVH, FR),
Reverse DNS
web3.venez.net
Software
Apache /
Resource Hash
049efbeaaa90c6c20c1b29205849dc435ab18955dc31503dd9df87ceca762be0

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36
accept-language
fr-FR,fr;q=0.9

Response headers

Connection
Keep-Alive
Content-Encoding
gzip
Content-Length
1130
Content-Type
text/html; charset=iso-8859-1
Date
Sat, 30 Dec 2023 19:38:45 GMT
Keep-Alive
timeout=5, max=100
Server
Apache
Vary
Host,Accept-Encoding
barre-gagnantpmu.1s.fr.html
www.gagnantpmu.1s.fr/ Frame FD51 		3 KB
2 KB 		Document
General
Check archive.org
Download Go to
Full URL
http://www.gagnantpmu.1s.fr/barre-gagnantpmu.1s.fr.html
Requested by
Host: www.gagnantpmu.1s.fr
URL: http://www.gagnantpmu.1s.fr/index.php?la_page_demandee=pronostics_des_abonne
Protocol
HTTP/1.1
Server
5.135.149.81 Le Chesnay, France, ASN16276 (OVH, FR),
Reverse DNS
web3.venez.net
Software
Apache /
Resource Hash
a1eb407eac7112c42f36cc38d458a40ab208cc1c3b35883799e1632774fa7e43

Request headers

Referer
http://www.gagnantpmu.1s.fr/index.php?la_page_demandee=pronostics_des_abonne
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36
accept-language
fr-FR,fr;q=0.9

Response headers

Cache-Control
no-store, no-cache, must-revalidate post-check=0, pre-check=0
Connection
Keep-Alive
Content-Encoding
gzip
Content-Length
1499
Content-Type
text/html; charset=ISO-8859-1
Date
Sat, 30 Dec 2023 19:38:45 GMT
Expires
Sat, 30 Dec 2023 19:38:45 GMT
Keep-Alive
timeout=5, max=99
Last-Modified
Sat, 30 Dec 2023 19:38:45 GMT
Pragma
no-cache
Server
Apache
Vary
Accept-Encoding
index.php
www.toptierce.net/turf/gagnantpmu/ Frame 6649 		15 KB
16 KB 		Document
General
Check archive.org
Download Go to
Full URL
http://www.toptierce.net/turf/gagnantpmu/index.php?la_page_demandee=pronostics_des_abonne
Requested by
Host: www.gagnantpmu.1s.fr
URL: http://www.gagnantpmu.1s.fr/index.php?la_page_demandee=pronostics_des_abonne
Protocol
HTTP/1.1
Server
194.150.236.236 , France, ASN44976 (HIWIT_AS, FR),
Reverse DNS
ns76.hiwit.net
Software
Apache /
Resource Hash
79ae6d3727de495c701c82e96a8db8f24248757e83a66b5b73b9bdc43dd99359

Request headers

Referer
http://www.gagnantpmu.1s.fr/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36
accept-language
fr-FR,fr;q=0.9

Response headers

Connection
Keep-Alive
Content-Type
text/html
Date
Sat, 30 Dec 2023 19:38:46 GMT
Keep-Alive
timeout=15, max=100
Server
Apache
Transfer-Encoding
chunked
Vary
Host
stats-gagnantpmu.1s.fr.html
www.gagnantpmu.1s.fr/ Frame FA4B 		0
192 B 		Document
General
Check archive.org
Download Go to
Full URL
http://www.gagnantpmu.1s.fr/stats-gagnantpmu.1s.fr.html
Requested by
Host: www.gagnantpmu.1s.fr
URL: http://www.gagnantpmu.1s.fr/index.php?la_page_demandee=pronostics_des_abonne
Protocol
HTTP/1.1
Server
5.135.149.81 Le Chesnay, France, ASN16276 (OVH, FR),
Reverse DNS
web3.venez.net
Software
Apache /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
http://www.gagnantpmu.1s.fr/index.php?la_page_demandee=pronostics_des_abonne
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36
accept-language
fr-FR,fr;q=0.9

Response headers

Connection
Keep-Alive
Content-Length
0
Content-Type
text/html; charset=iso-8859-1
Date
Sat, 30 Dec 2023 19:38:45 GMT
Keep-Alive
timeout=5, max=100
Server
Apache
site.js
www.venez.fr/js/ Frame FD51 		2 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.venez.fr/js/site.js?www.venez.fr
Requested by
Host: www.gagnantpmu.1s.fr
URL: http://www.gagnantpmu.1s.fr/barre-gagnantpmu.1s.fr.html
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
5.135.149.81 Le Chesnay, France, ASN16276 (OVH, FR),
Reverse DNS
web3.venez.net
Software
Apache /
Resource Hash
0c91a24c2deb753c963c48cd9c3e5d16ee96128b30bce193c4324e121728c306

Request headers

accept-language
fr-FR,fr;q=0.9
Referer
http://www.gagnantpmu.1s.fr/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

Date
Sat, 30 Dec 2023 19:38:45 GMT
Content-Encoding
gzip
Last-Modified
Sat, 30 Dec 2023 19:38:45 GMT
Server
Apache
Vary
Accept-Encoding
Content-Type
application/javascript
Cache-Control
public, max-age=604800
Connection
Keep-Alive
Keep-Alive
timeout=5, max=100
Content-Length
1023
Expires
Sat, 06 Jan 2024 19:38:45 GMT
separateur90.gif
www.venez.fr/images/ Frame FD51 		82 B
388 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.venez.fr/images/separateur90.gif
Requested by
Host: www.gagnantpmu.1s.fr
URL: http://www.gagnantpmu.1s.fr/barre-gagnantpmu.1s.fr.html
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
5.135.149.81 Le Chesnay, France, ASN16276 (OVH, FR),
Reverse DNS
web3.venez.net
Software
Apache /
Resource Hash
3289fc83b622ca0a13683fa81b006a05de135d1938744d6e30e5c9be2f2d782a

Request headers

accept-language
fr-FR,fr;q=0.9
Referer
http://www.gagnantpmu.1s.fr/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

Date
Sat, 30 Dec 2023 19:38:45 GMT
Last-Modified
Thu, 15 Nov 2018 22:11:22 GMT
Server
Apache
ETag
"52-57abb54b25680"
Content-Type
image/gif
Cache-Control
max-age=604800, public
Connection
Keep-Alive
Accept-Ranges
bytes
Keep-Alive
timeout=5, max=100
Content-Length
82
adsbygoogle.js
pagead2.googlesyndication.com/pagead/js/ Frame FD51 		145 KB
54 KB 		Script
General
Check archive.org
Download Go to
Full URL
http://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js
Requested by
Host: www.gagnantpmu.1s.fr
URL: http://www.gagnantpmu.1s.fr/barre-gagnantpmu.1s.fr.html
Protocol
HTTP/1.1
Server
2a00:1450:4001:806::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e0027d62602d57ff26add96e2f8d5d71be1fc6f0325c5e635532a0e477a93663
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
fr-FR,fr;q=0.9
Referer
http://www.gagnantpmu.1s.fr/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

Date
Sat, 30 Dec 2023 19:38:46 GMT
Content-Encoding
gzip
X-Content-Type-Options
nosniff
P3P
policyref="http://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
Cross-Origin-Resource-Policy
cross-origin
Content-Disposition
attachment; filename="f.txt"
Content-Length
54229
X-XSS-Protection
0
Server
cafe
ETag
1137271092561830940
Vary
Accept-Encoding
Content-Type
text/javascript; charset=UTF-8
Access-Control-Allow-Origin
*
Cache-Control
private, max-age=3600, stale-while-revalidate=3600
Timing-Allow-Origin
*
Expires
Sat, 30 Dec 2023 19:38:46 GMT
header.gif
www.toptierce.net/turf/gagnantpmu/ Frame 6649 		211 KB
211 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
http://www.toptierce.net/turf/gagnantpmu/header.gif
Requested by
Host: www.toptierce.net
URL: http://www.toptierce.net/turf/gagnantpmu/index.php?la_page_demandee=pronostics_des_abonne
Protocol
HTTP/1.1
Server
194.150.236.236 , France, ASN44976 (HIWIT_AS, FR),
Reverse DNS
ns76.hiwit.net
Software
Apache /
Resource Hash
8d4c414dcf401a62edd2a6ce12252a8c357bcc252a6e0f6cf5c0c91f2dbce821

Request headers

accept-language
fr-FR,fr;q=0.9
Referer
http://www.toptierce.net/turf/gagnantpmu/index.php?la_page_demandee=pronostics_des_abonne
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

Date
Sat, 30 Dec 2023 19:38:46 GMT
Last-Modified
Sun, 02 Jul 2023 21:35:57 GMT
Server
Apache
ETag
"2b88481-34be8-5ff87d5d92940"
Vary
Host
Content-Type
image/gif
Connection
Keep-Alive
Accept-Ranges
bytes
Keep-Alive
timeout=15, max=99
Content-Length
216040
logo.gif
www.secretturf.com/img/ Frame 6649
Redirect Chain
  • http://www.secretturf.com/img/logo.gif
  • https://www.secretturf.com/img/logo.gif
62 KB
63 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.secretturf.com/img/logo.gif
Requested by
Host: www.toptierce.net
URL: http://www.toptierce.net/turf/gagnantpmu/index.php?la_page_demandee=pronostics_des_abonne
Protocol
HTTP/1.1
Server
194.150.236.190 , France, ASN44976 (HIWIT_AS, FR),
Reverse DNS
ns30.hiwit.net
Software
Apache /
Resource Hash
cce78252542c52ca1be1ee90ee21bb2293e769b0720f1a47ec6f719aac256054
Security Headers
Name Value
Strict-Transport-Security max-age=15768000

Request headers

accept-language
fr-FR,fr;q=0.9
Referer
http://www.toptierce.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

Date
Sat, 30 Dec 2023 19:38:46 GMT
Strict-Transport-Security
max-age=15768000
Last-Modified
Thu, 07 Dec 2017 14:35:05 GMT
Server
Apache
ETag
"7adf6f-f93c-55fc0f954d840"
Vary
Host
Content-Type
image/gif
Connection
Keep-Alive
Accept-Ranges
bytes
Keep-Alive
timeout=10, max=100
Content-Length
63804

Redirect headers

Location
https://www.secretturf.com/img/logo.gif
Date
Sat, 30 Dec 2023 19:38:46 GMT
Server
Apache
Connection
Keep-Alive
Keep-Alive
timeout=10, max=100
Content-Length
247
Content-Type
text/html; charset=iso-8859-1
banner.gif
img.root-top.com/topsite/toptierce/ Frame 6649
Redirect Chain
  • http://img.root-top.com/topsite/toptierce/banner.gif
  • https://img.root-top.com/topsite/toptierce/banner.gif
4 KB
5 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://img.root-top.com/topsite/toptierce/banner.gif
Requested by
Host: www.toptierce.net
URL: http://www.toptierce.net/turf/gagnantpmu/index.php?la_page_demandee=pronostics_des_abonne
Protocol
H2
Server
2606:4700:3038::6815:ea1a , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
597b8d67ab1ae1248dc69b6ef66b49d95eedc1ab74ae74234d86e3668d72e58e

Request headers

accept-language
fr-FR,fr;q=0.9
Referer
http://www.toptierce.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Sat, 30 Dec 2023 19:38:46 GMT
cf-cache-status
HIT
last-modified
Tue, 29 Nov 2022 12:52:50 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
age
1398045
etag
"1229025579"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=%2B1PnxHAagQ%2Fa4Ltgaarhhvg7Iml8jDMeVJFkUJ0yr9tIM4HplFUxcIs07Tvh8m6z%2ByU90rv5ID357s%2Bw0xuEY23Mu3DsJhAkXBodjBaQXrte%2FYXha%2BplLHkck9J8BpnNMASfkPNhZ9EdDbKyYeFo"}],"group":"cf-nel","max_age":604800}
content-type
image/png
cache-control
max-age=2678400
accept-ranges
bytes
cf-ray
83dcbeb7ced2d3e4-CDG
alt-svc
h3=":443"; ma=86400
content-length
4424

Redirect headers

Date
Sat, 30 Dec 2023 19:38:46 GMT
CF-Cache-Status
EXPIRED
NEL
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Server
cloudflare
Vary
Accept-Encoding
Report-To
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=6ansmjCew%2FZgJYDqUICksFVL0UPUeE4g1NFivg0gS5LmZ6IF8TF4PS%2FpayzRXP%2BwC10JqFurOE5Hxiy2S4SwCULK3FKyGfKK%2BFRyS4m0z%2B%2BVIv%2FETbLToODVvF5PDwcnzn4WLRa2C5hCRL%2FwhJ%2F5"}],"group":"cf-nel","max_age":604800}
Location
https://img.root-top.com/topsite/toptierce/banner.gif
Cache-Control
max-age=14400
Connection
keep-alive
CF-RAY
83dcbeb72c7d2173-CDG
alt-svc
h3=":443"; ma=86400
Content-Length
0
banner.gif
img.root-top.com/topsite/simplejeux/ Frame 6649
Redirect Chain
  • http://img.root-top.com/topsite/simplejeux/banner.gif
  • https://img.root-top.com/topsite/simplejeux/banner.gif
4 KB
5 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://img.root-top.com/topsite/simplejeux/banner.gif
Requested by
Host: www.toptierce.net
URL: http://www.toptierce.net/turf/gagnantpmu/index.php?la_page_demandee=pronostics_des_abonne
Protocol
H2
Server
2606:4700:3038::6815:ea1a , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
597b8d67ab1ae1248dc69b6ef66b49d95eedc1ab74ae74234d86e3668d72e58e

Request headers

accept-language
fr-FR,fr;q=0.9
Referer
http://www.toptierce.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Sat, 30 Dec 2023 19:38:46 GMT
cf-cache-status
HIT
last-modified
Tue, 29 Nov 2022 12:52:50 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
age
1401512
etag
"1229025579"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=b3i8ugEvC2W5kTPDILQJMRve70kxhSYPvQxhwd3QP86dj0d8I9HBd1ZEmYfX0jwNGEHoXVbIqw8MEL0iK4fTqZsvGD3oWhS87MVLbstAWZ6%2BmY4zwUt%2Bw4s4n66JT1Ymg4cSB2fqP9haR4N48W2%2B"}],"group":"cf-nel","max_age":604800}
content-type
image/png
cache-control
max-age=2678400
accept-ranges
bytes
cf-ray
83dcbeb7ced0d3e4-CDG
alt-svc
h3=":443"; ma=86400
content-length
4424

Redirect headers

Date
Sat, 30 Dec 2023 19:38:46 GMT
CF-Cache-Status
EXPIRED
NEL
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Server
cloudflare
Vary
Accept-Encoding
Report-To
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=aYNXIpgCwyOxdjd0%2BWSZWDDPPhUKA6dEqa8kraOPuDYOMNAX7iTKB%2BmV%2FBepImikGt11NyU7CookagoKUdckVZ0KytkzXNme%2B7ycc73imMxsrOTh9d0LWKoDzzNZmj7%2F%2FvSoQ45XoEer%2BrTG2WXI"}],"group":"cf-nel","max_age":604800}
Location
https://img.root-top.com/topsite/simplejeux/banner.gif
Cache-Control
max-age=14400
Connection
keep-alive
CF-RAY
83dcbeb729cd2a13-CDG
alt-svc
h3=":443"; ma=86400
Content-Length
0
logo.gif
www.toptierce.net/img/ Frame 6649 		12 KB
13 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
http://www.toptierce.net/img/logo.gif
Requested by
Host: www.toptierce.net
URL: http://www.toptierce.net/turf/gagnantpmu/index.php?la_page_demandee=pronostics_des_abonne
Protocol
HTTP/1.1
Server
194.150.236.236 , France, ASN44976 (HIWIT_AS, FR),
Reverse DNS
ns76.hiwit.net
Software
Apache /
Resource Hash
8e34cdba9ac65b3b6dd470052f0eb3442bdf7f6953e30b72d35ce0ab40ad9f40

Request headers

accept-language
fr-FR,fr;q=0.9
Referer
http://www.toptierce.net/turf/gagnantpmu/index.php?la_page_demandee=pronostics_des_abonne
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

Date
Sat, 30 Dec 2023 19:38:46 GMT
Last-Modified
Sun, 02 Jul 2023 21:37:26 GMT
Server
Apache
ETag
"2b885cb-316e-5ff87db273180"
Vary
Host
Content-Type
image/gif
Connection
Keep-Alive
Accept-Ranges
bytes
Keep-Alive
timeout=15, max=100
Content-Length
12654
v=zlbe2eq0QMHG7QxOddHZCOteC7aa5fgW.8MTPKiBTmI_
www.gambling-affiliation.com/cpm/ Frame 6649 		329 B
417 B 		Script
General
Check archive.org
Download Go to
Full URL
https://www.gambling-affiliation.com/cpm/v=zlbe2eq0QMHG7QxOddHZCOteC7aa5fgW.8MTPKiBTmI_
Requested by
Host: www.toptierce.net
URL: http://www.toptierce.net/turf/gagnantpmu/index.php?la_page_demandee=pronostics_des_abonne
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
91.198.105.122 , France, ASN35393 (EURO-WEB-AS, FR),
Reverse DNS
Software
Apache /
Resource Hash
33f8b978de8cbdedd3ab8bd12fccd186052571c9335d0d76633f15855e145548

Request headers

accept-language
fr-FR,fr;q=0.9
Referer
http://www.toptierce.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Sat, 30 Dec 2023 19:38:45 GMT
server
Apache
content-length
329
content-type
application/javascript
checkout.apu
payment.allopass.com/buy/ Frame 6649 		11 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://payment.allopass.com/buy/checkout.apu?ids=340814&idd=1495997&lang=fr
Requested by
Host: www.toptierce.net
URL: http://www.toptierce.net/turf/gagnantpmu/index.php?la_page_demandee=pronostics_des_abonne
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
185.119.26.1 , France, ASN203544 (WEBDEVIIN-AS, FR),
Reverse DNS
1.26.119.185.in-addr.arpa
Software
Apache /
Resource Hash
f576f13bc3c40d350539cf7fa65cbf97a69fd96e0806611536381378fc694f81

Request headers

accept-language
fr-FR,fr;q=0.9
Referer
http://www.toptierce.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

Pragma
no-cache
Date
Sat, 30 Dec 2023 19:38:46 GMT
Content-Encoding
gzip
Server
Apache
Vary
Accept-Encoding
P3P
CP='NON NID OTPa OUR NOR' policy-ref='http://payment.allopass.com/info/p3p/policy-references.xml'
Content-Type
text/html
Cache-Control
no-store, no-cache, must-revalidate, post-check=0, pre-check=0
Connection
close
Content-Length
2964
Expires
Thu, 19 Nov 1981 08:52:00 GMT
arp.jpg
www.toptierce.net/turf/gagnantpmu/ Frame 6649 		232 KB
232 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
http://www.toptierce.net/turf/gagnantpmu/arp.jpg
Requested by
Host: www.toptierce.net
URL: http://www.toptierce.net/turf/gagnantpmu/index.php?la_page_demandee=pronostics_des_abonne
Protocol
HTTP/1.1
Server
194.150.236.236 , France, ASN44976 (HIWIT_AS, FR),
Reverse DNS
ns76.hiwit.net
Software
Apache /
Resource Hash
5d14a8453724bd93aa1fa4ed67ecc2476fd58aae8fe72e3ef51a6499549647a1

Request headers

accept-language
fr-FR,fr;q=0.9
Referer
http://www.toptierce.net/turf/gagnantpmu/index.php?la_page_demandee=pronostics_des_abonne
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

Date
Sat, 30 Dec 2023 19:38:46 GMT
Last-Modified
Sun, 02 Jul 2023 21:35:56 GMT
Server
Apache
ETag
"2b8847c-3a0c4-5ff87d5c9e700"
Vary
Host
Content-Type
image/jpeg
Connection
Keep-Alive
Accept-Ranges
bytes
Keep-Alive
timeout=15, max=100
Content-Length
237764
alternate-barre.htm
www.venez.fr/ Frame BF21 		2 KB
1 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://www.venez.fr/alternate-barre.htm
Requested by
Host: www.gagnantpmu.1s.fr
URL: http://www.gagnantpmu.1s.fr/barre-gagnantpmu.1s.fr.html
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
5.135.149.81 Le Chesnay, France, ASN16276 (OVH, FR),
Reverse DNS
web3.venez.net
Software
Apache /
Resource Hash
151a85df765b8f0b4394effff55ca23efaf5ca15c9998e217bb1d46ce2a71bfe

Request headers

Referer
http://www.gagnantpmu.1s.fr/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36
accept-language
fr-FR,fr;q=0.9

Response headers

Connection
Keep-Alive
Content-Encoding
gzip
Content-Length
873
Content-Type
text/html; charset=iso-8859-1
Date
Sat, 30 Dec 2023 19:38:45 GMT
Keep-Alive
timeout=5, max=99
Server
Apache
Vary
Accept-Encoding
barre90.gif
www.venez.fr/images/ Frame FD51 		110 B
416 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.venez.fr/images/barre90.gif
Requested by
Host: www.gagnantpmu.1s.fr
URL: http://www.gagnantpmu.1s.fr/barre-gagnantpmu.1s.fr.html
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
5.135.149.81 Le Chesnay, France, ASN16276 (OVH, FR),
Reverse DNS
web3.venez.net
Software
Apache /
Resource Hash
49d4ba84e10d9d1f2a83956dde4f20625fd11efc01f60a3a4552a9e09a05a74f

Request headers

accept-language
fr-FR,fr;q=0.9
Referer
http://www.gagnantpmu.1s.fr/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

Date
Sat, 30 Dec 2023 19:38:45 GMT
Last-Modified
Thu, 15 Nov 2018 22:06:23 GMT
Server
Apache
ETag
"6e-57abb42dff5c0"
Content-Type
image/gif
Cache-Control
max-age=604800, public
Connection
Keep-Alive
Accept-Ranges
bytes
Keep-Alive
timeout=5, max=99
Content-Length
110
120x60.gif
www.venez.fr/images/ Frame BF21 		4 KB
4 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.venez.fr/images/120x60.gif
Requested by
Host: www.venez.fr
URL: https://www.venez.fr/alternate-barre.htm
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
5.135.149.81 Le Chesnay, France, ASN16276 (OVH, FR),
Reverse DNS
web3.venez.net
Software
Apache /
Resource Hash
7dc792d48132ff15a9ad8c11a139bf26f8e13aa3df30a71582ae406ddffdab4f

Request headers

accept-language
fr-FR,fr;q=0.9
Referer
https://www.venez.fr/alternate-barre.htm
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

Date
Sat, 30 Dec 2023 19:38:45 GMT
Last-Modified
Wed, 02 Mar 2011 00:16:24 GMT
Server
Apache
ETag
"f4c-49d74d2b9c600"
Content-Type
image/gif
Cache-Control
max-age=604800, public
Connection
Keep-Alive
Accept-Ranges
bytes
Keep-Alive
timeout=5, max=98
Content-Length
3916
site.js
www.venez.fr/js/ Frame BF21 		2 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.venez.fr/js/site.js?www.venez.fr
Requested by
Host: www.venez.fr
URL: https://www.venez.fr/alternate-barre.htm
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
5.135.149.81 Le Chesnay, France, ASN16276 (OVH, FR),
Reverse DNS
web3.venez.net
Software
Apache /
Resource Hash
0c91a24c2deb753c963c48cd9c3e5d16ee96128b30bce193c4324e121728c306

Request headers

accept-language
fr-FR,fr;q=0.9
Referer
https://www.venez.fr/alternate-barre.htm
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

Date
Sat, 30 Dec 2023 19:38:45 GMT
Content-Encoding
gzip
Last-Modified
Sat, 30 Dec 2023 19:38:45 GMT
Server
Apache
Vary
Accept-Encoding
Content-Type
application/javascript
Cache-Control
public, max-age=604800
Connection
Keep-Alive
Keep-Alive
timeout=5, max=98
Content-Length
1023
Expires
Sat, 06 Jan 2024 19:38:45 GMT
barre90.gif
www.venez.fr/images/ Frame BF21 		110 B
416 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.venez.fr/images/barre90.gif
Requested by
Host: www.venez.fr
URL: https://www.venez.fr/alternate-barre.htm
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
5.135.149.81 Le Chesnay, France, ASN16276 (OVH, FR),
Reverse DNS
web3.venez.net
Software
Apache /
Resource Hash
49d4ba84e10d9d1f2a83956dde4f20625fd11efc01f60a3a4552a9e09a05a74f

Request headers

accept-language
fr-FR,fr;q=0.9
Referer
https://www.venez.fr/alternate-barre.htm
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

Date
Sat, 30 Dec 2023 19:38:45 GMT
Last-Modified
Thu, 15 Nov 2018 22:06:23 GMT
Server
Apache
ETag
"6e-57abb42dff5c0"
Content-Type
image/gif
Cache-Control
max-age=604800, public
Connection
Keep-Alive
Accept-Ranges
bytes
Keep-Alive
timeout=5, max=97
Content-Length
110
62481.jpg
static.gambling-affiliation.com/uploads/ads/ Frame 6649 		88 KB
88 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static.gambling-affiliation.com/uploads/ads/62481.jpg
Requested by
Host: www.toptierce.net
URL: http://www.toptierce.net/turf/gagnantpmu/index.php?la_page_demandee=pronostics_des_abonne
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
91.198.105.122 , France, ASN35393 (EURO-WEB-AS, FR),
Reverse DNS
Software
nginx/1.15.5 /
Resource Hash
9b97320baaba8d39566a0be53b19cc3423502dac6b29f195460ddb1a5a791f49

Request headers

accept-language
fr-FR,fr;q=0.9
Referer
http://www.toptierce.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Sat, 30 Dec 2023 19:38:46 GMT
last-modified
Tue, 07 Mar 2023 17:07:52 GMT
server
nginx/1.15.5
accept-ranges
bytes
etag
"64076f68-15f1e"
content-length
89886
content-type
image/jpeg
show_ads_impl_with_ama_fy2021.js
pagead2.googlesyndication.com/pagead/managed/js/adsense/m202312070101/ Frame FD51 		399 KB
135 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202312070101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-5203714787387788&plah=www.gagnantpmu.1s.fr
Requested by
Host: pagead2.googlesyndication.com
URL: http://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
0b62665d7734ab931d8269a31afd9d29cf3f9e9f2751f952911cb9100fdf2856
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
fr-FR,fr;q=0.9
Referer
http://www.gagnantpmu.1s.fr/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Sat, 30 Dec 2023 19:38:46 GMT
content-encoding
br
x-content-type-options
nosniff
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
137961
x-xss-protection
0
server
cafe
etag
15503985968450252014
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
cache-control
private, max-age=3600, stale-while-revalidate=3600
timing-allow-origin
*
expires
Sat, 30 Dec 2023 19:38:46 GMT
zrt_lookup_fy2021.html
googleads.g.doubleclick.net/pagead/html/r20231207/r20190131/ Frame 301C 		9 KB
4 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/html/r20231207/r20190131/zrt_lookup_fy2021.html
Requested by
Host: pagead2.googlesyndication.com
URL: http://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:81c::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
1fc8dfdb8f646e934bf93bc6f793604bb12c6b304c04ac509aa86cdc1a2dbbea
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
http://www.gagnantpmu.1s.fr/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36
accept-language
fr-FR,fr;q=0.9

Response headers

age
20948
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, max-age=1209600
content-encoding
br
content-length
4130
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Sat, 30 Dec 2023 13:49:38 GMT
etag
5585625838579639069
expires
Sat, 13 Jan 2024 13:49:38 GMT
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server
cafe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
gtm.js
www.googletagmanager.com/ Frame 6649 		165 KB
60 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtm.js?id=GTM-NVK252XV
Requested by
Host: payment.allopass.com
URL: https://payment.allopass.com/buy/checkout.apu?ids=340814&idd=1495997&lang=fr
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80f::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
fb8d00527dd2f164cdeedebb56d3d05b3c830b2518f319511068f42decfaaa0c
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

accept-language
fr-FR,fr;q=0.9
Referer
http://www.toptierce.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Sat, 30 Dec 2023 19:38:46 GMT
content-encoding
br
strict-transport-security
max-age=31536000; includeSubDomains
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
61201
x-xss-protection
0
last-modified
Sat, 30 Dec 2023 18:00:00 GMT
server
Google Tag Manager
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
access-control-allow-headers
Cache-Control
expires
Sat, 30 Dec 2023 19:38:46 GMT
buy-button.css
payment.allopass.com/static/css/ Frame 6649 		2 KB
830 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://payment.allopass.com/static/css/buy-button.css?1
Requested by
Host: payment.allopass.com
URL: https://payment.allopass.com/buy/checkout.apu?ids=340814&idd=1495997&lang=fr
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
185.119.26.1 , France, ASN203544 (WEBDEVIIN-AS, FR),
Reverse DNS
1.26.119.185.in-addr.arpa
Software
Apache /
Resource Hash
95eb15e76b752a9c78d6281cd3b7c43a8fbc2931783edf3bf3703af55eff06e2

Request headers

accept-language
fr-FR,fr;q=0.9
Referer
http://www.toptierce.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

Date
Sat, 30 Dec 2023 19:38:46 GMT
Content-Encoding
gzip
Last-Modified
Mon, 21 Aug 2023 10:50:27 GMT
Server
Apache
ETag
"42312-69a-6036ca56d02c0"
Vary
Accept-Encoding
Content-Type
text/css
Connection
close
Accept-Ranges
bytes
Content-Length
546
162x56.png
payment.allopass.com/static/buy/button/fr/ Frame 6649 		6 KB
6 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://payment.allopass.com/static/buy/button/fr/162x56.png
Requested by
Host: www.toptierce.net
URL: http://www.toptierce.net/turf/gagnantpmu/index.php?la_page_demandee=pronostics_des_abonne
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
185.119.26.1 , France, ASN203544 (WEBDEVIIN-AS, FR),
Reverse DNS
1.26.119.185.in-addr.arpa
Software
Apache /
Resource Hash
7dd9659e56e92abc376e04d427903b2cfca1d52d854d38e35fefa4cf9e7fd9db

Request headers

accept-language
fr-FR,fr;q=0.9
Referer
http://www.toptierce.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

Date
Sat, 30 Dec 2023 19:38:46 GMT
Last-Modified
Mon, 21 Aug 2023 10:50:27 GMT
Server
Apache
ETag
"215ee-1688-6036ca56d02c0"
Content-Type
image/png
Connection
close
Accept-Ranges
bytes
Content-Length
5768
destination
www.googletagmanager.com/gtag/ Frame 6649 		289 KB
95 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtag/destination?id=G-QG320G96PZ&l=dataLayer&cx=c
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-NVK252XV
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80f::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
cfb26875a82c67a46c7f1a7dc2eaac5ffa7816695660d5b291056b72896e5de1
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

accept-language
fr-FR,fr;q=0.9
Referer
http://www.toptierce.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Sat, 30 Dec 2023 19:38:46 GMT
content-encoding
br
strict-transport-security
max-age=31536000; includeSubDomains
server
Google Tag Manager
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
access-control-allow-headers
Cache-Control
content-length
96706
x-xss-protection
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires
Sat, 30 Dec 2023 19:38:46 GMT
ads
googleads.g.doubleclick.net/pagead/ Frame C36A 		706 B
573 B 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5203714787387788&output=html&h=90&slotname=4563536207&adk=2647235303&adf=3604715433&pi=t.ma~as.4563536207&w=970&format=970x90&url=http%3A%2F%2Fwww.gagnantpmu.1s.fr%2Findex.php%3Fla_page_demandee%3Dpronostics_des_abonne&ea=0&wgl=1&dt=1703965126488&bpp=3&bdt=311&idt=239&shv=r20231207&mjsv=m202312070101&ptt=9&saldr=aa&correlator=5323097837498&frm=23&ife=1&pv=2&ga_vid=856567816.1703965127&ga_sid=1703965127&ga_hid=1722421290&ga_fc=0&nhd=1&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&adx=20&ady=0&biw=1600&bih=1200&isw=1600&ish=90&ifk=1413721042&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C31079438%2C31079964%2C44795922%2C95320885&oid=2&pvsid=818133963926908&tmod=2068946533&uas=0&nvt=1&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C90&vis=1&rsz=o%7Co%7CaeE%7C&abl=NA&pfx=0&fu=4&bc=23&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=1&uci=1.9crbg49jvpjs&fsb=1&dtd=250
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202312070101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-5203714787387788&plah=www.gagnantpmu.1s.fr
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:81c::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
467fb8524f4cdc93f4da6f2fc30e99b3bae112fa0f760ae72d6b54143c632b6f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
http://www.gagnantpmu.1s.fr/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36
accept-language
fr-FR,fr;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
private
content-encoding
br
content-length
352
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Sat, 30 Dec 2023 19:38:47 GMT
expires
Sat, 30 Dec 2023 19:38:47 GMT
observe-browsing-topics
?1
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server
cafe
timing-allow-origin
*
x-content-type-options
nosniff
x-xss-protection
0
sodar
pagead2.googlesyndication.com/getconfig/ Frame FD51 		16 KB
12 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gda&tv=r20231207&st=env
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202312070101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-5203714787387788&plah=www.gagnantpmu.1s.fr
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
32c4d99235098f0ce624d8a21b10666524451558c61986143123113cbfebfe71
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
fr-FR,fr;q=0.9
Referer
http://www.gagnantpmu.1s.fr/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Sat, 30 Dec 2023 19:38:47 GMT
content-encoding
br
x-content-type-options
nosniff
server
cafe
content-type
application/json; charset=UTF-8
access-control-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
12209
x-xss-protection
0
sodar2.js
tpc.googlesyndication.com/sodar/ Frame FD51 		17 KB
7 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/sodar2.js
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202312070101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-5203714787387788&plah=www.gagnantpmu.1s.fr
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:803::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
fr-FR,fr;q=0.9
Referer
http://www.gagnantpmu.1s.fr/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Sat, 30 Dec 2023 19:38:47 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
6386
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
etag
"1637097310169751"
vary
Accept-Encoding
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
expires
Sat, 30 Dec 2023 19:38:47 GMT
runner.html
tpc.googlesyndication.com/sodar/sodar2/225/ Frame F610 		13 KB
5 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:803::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
http://www.gagnantpmu.1s.fr/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36
accept-language
fr-FR,fr;q=0.9

Response headers

accept-ranges
bytes
age
87065
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, max-age=31536000
content-encoding
gzip
content-length
5046
content-type
text/html
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy
cross-origin
date
Fri, 29 Dec 2023 19:27:42 GMT
expires
Sat, 28 Dec 2024 19:27:42 GMT
last-modified
Mon, 21 Jun 2021 20:47:05 GMT
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server
sffe
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
aframe
www.google.com/recaptcha/api2/ Frame 246B 		829 B
1 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://www.google.com/recaptcha/api2/aframe
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:811::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
GSE /
Resource Hash
cdc8c52e34822c988f45d86ec596f14930f5dd909e5a2f3d3eb438c5918b235b
Security Headers
Name Value
Content-Security-Policy script-src 'report-sample' 'nonce-JKjaAkEsiIBzBweXq7hEbw' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
http://www.gagnantpmu.1s.fr/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36
accept-language
fr-FR,fr;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
private, max-age=300
content-encoding
gzip
content-security-policy
script-src 'report-sample' 'nonce-JKjaAkEsiIBzBweXq7hEbw' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-type
text/html; charset=utf-8
cross-origin-embedder-policy
require-corp
cross-origin-resource-policy
cross-origin
date
Sat, 30 Dec 2023 19:38:47 GMT
expires
Sat, 30 Dec 2023 19:38:47 GMT
report-to
{"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
server
GSE
x-content-type-options
nosniff
x-xss-protection
1; mode=block
Dtt_-LR3WxpzwV0Gscftq1A_D1owstvxoTnWWhwY4Ow.js
pagead2.googlesyndication.com/bg/ Frame F610 		39 KB
15 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/bg/Dtt_-LR3WxpzwV0Gscftq1A_D1owstvxoTnWWhwY4Ow.js
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
0edb7ff8b4775b1a73c15d06b1c7edab503f0f5a30b2dbf1a139d65a1c18e0ec
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
fr-FR,fr;q=0.9
Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Fri, 29 Dec 2023 19:27:42 GMT
content-encoding
br
x-content-type-options
nosniff
age
87065
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
15165
x-xss-protection
0
last-modified
Tue, 28 Nov 2023 18:18:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="botguard-scs"
vary
Accept-Encoding
report-to
{"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Sat, 28 Dec 2024 19:27:42 GMT
sodar
pagead2.googlesyndication.com/pagead/ Frame 246B 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&li=gda_r20231207&jk=818133963926908&rc=
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
fr-FR,fr;q=0.9
Referer
https://www.google.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers
generate_204
tpc.googlesyndication.com/ Frame F610 		0
10 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/generate_204?8Hmj2Q
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:803::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
fr-FR,fr;q=0.9
Referer
https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Sat, 30 Dec 2023 19:38:47 GMT
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
sodar
pagead2.googlesyndication.com/pagead/ Frame FD51 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&t=2&li=gda_r20231207&jk=818133963926908&bg=!n5ylnNPNAAY3kmNgF5I7ADQBe5WfONyJ2sFaBJJpwff2nzdu6EapkjNsUpk36fLIuDuiDPBNLa-uLOVw-OlzxnCIiqdQAgAAAEBSAAAAAmgBB5kDKwF_g1RqoZ0N3NNgwoVFuPTovKzvDVRw6f1h90JDQ_Xz7iK4AWs5mcFmdW1LgLeOakpdUUsVBDd7qSXg9zFpySPEHiXG0-xSzUC-v5DmAt35G351mnzXsDqhvznwhveGjZ6VZxb58NhLiNsSTskCdY-k6EmPsk_l2ZErkfAuL1xDgRaVYd0j9flaOwCv5poyazwnhpPgNE24xrfnIOFwueg8ppgW67aFoqdCA9jMsY4Qq6Pm3cYf3_5q4z-6e8RMBP86B-YktjY_L56xHsUBkfe04Pek3Bolbw28sudzYES02BV9PUY1b1LWTEsSjG9K-j0tOZJfaGsAr_VtR4hSr1FHk84Iz-TQuuEWPwUzNMfNYfiwBIr5SF4I5qnd1uE8GfLhmQJOrJJ4MLyWMCI5Nk7vBZQRTuGjgGyvIlNSDvb-kxuHzAAUcA8F4RKyDr50mAj6DSXzkay1oyXvNYa0ub9T4QcP9yOl5-Wv2tQjjH4NcBWi3NjED1TQH4Cuo9QrKmKoBUWUzz0XI2kwUNeqMyT6g2aBdDkDmmobhFP382M8PUFj3DDogO5JICq16p2f9BbO6E3_vawKUJHMuzPxcNoa5HgrSXwQQRCQ2jsKEMMuHeRUg3ODppdvh5zH5reVk2P-f9pQSj2IpZKcvcd-zqzu97QOQgoctiDM8h95j8mwNmq9AH77rXq2l0mpQBa59-Pcpykb-Cms8t066tm2s06mdFgjX3l4lqh7NZgTPmUh-Qk1Tx4kdJaG7ccgNzNv3in8-_xsIg1muAkjPxVBlfBlsUCPG2-FgECFn6wAE87hRVn__j34DYhd5uUPO3R6aL54thg53yu3a0Y4KbkIqQl-7oagktIsSjfTAsNvZ0Mx8ERpN4cH01y6OaObCHCDRsTUEoHlCiYpE86a1Mo5O1-XVyEjTj-P-iSccXA1TtK_VhZwAvSXYF-puIS-VukQ-2Jqqbd71Ss-j-CFjX_K7cBWxi-c0_j-XrAXfIIwp0brzgYEbF2oisLeY5G4Hv60vqptu3DaKWpkDKErQ9ijbjeGnHXdq4Bj221W5COKyPw1QWj200kOZ1BBs6M
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
fr-FR,fr;q=0.9
Referer
http://www.gagnantpmu.1s.fr/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

Verdicts & Comments Add Verdict or Comment

7 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| 0 object| 1 object| 2 object| google_reactive_ads_global_state object| google_ad_modifications number| google_global_correlator object| google_prev_clients

5 Cookies

Domain/Path Name / Value
payment.allopass.com/ Name: ShopSessionId
Value: f7be2164-7b6b-4117-905d-b7979a6bf3f1
.allopass.com/ Name: AP_CUSK
Value: 3638741435
.doubleclick.net/ Name: test_cookie
Value: CheckForPermission
.1s.fr/ Name: __gads
Value: ID=905cbbfb9e0f7c60:T=1703965126:RT=1703965126:S=ALNI_MaJtXpLWoMzSLyKVFjqhtQs1V9NgA
.1s.fr/ Name: __gpi
Value: UID=00000d3019559acc:T=1703965126:RT=1703965126:S=ALNI_Ma4xpeH8LTtt9602hXMAjmPAz9aJw

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

googleads.g.doubleclick.net
img.root-top.com
pagead2.googlesyndication.com
payment.allopass.com
static.gambling-affiliation.com
tpc.googlesyndication.com
www.gagnantpmu.1s.fr
www.gambling-affiliation.com
www.google.com
www.googletagmanager.com
www.secretturf.com
www.toptierce.net
www.venez.fr
185.119.26.1
194.150.236.190
194.150.236.236
2606:4700:3038::6815:ea1a
2606:4700:3038::6815:ea1b
2a00:1450:4001:803::2001
2a00:1450:4001:806::2002
2a00:1450:4001:80f::2008
2a00:1450:4001:811::2004
2a00:1450:4001:81c::2002
2a00:1450:4001:82a::2002
5.135.149.81
91.198.105.122
049efbeaaa90c6c20c1b29205849dc435ab18955dc31503dd9df87ceca762be0
0b62665d7734ab931d8269a31afd9d29cf3f9e9f2751f952911cb9100fdf2856
0c91a24c2deb753c963c48cd9c3e5d16ee96128b30bce193c4324e121728c306
0edb7ff8b4775b1a73c15d06b1c7edab503f0f5a30b2dbf1a139d65a1c18e0ec
151a85df765b8f0b4394effff55ca23efaf5ca15c9998e217bb1d46ce2a71bfe
1fc8dfdb8f646e934bf93bc6f793604bb12c6b304c04ac509aa86cdc1a2dbbea
3289fc83b622ca0a13683fa81b006a05de135d1938744d6e30e5c9be2f2d782a
32c4d99235098f0ce624d8a21b10666524451558c61986143123113cbfebfe71
33f8b978de8cbdedd3ab8bd12fccd186052571c9335d0d76633f15855e145548
467fb8524f4cdc93f4da6f2fc30e99b3bae112fa0f760ae72d6b54143c632b6f
49d4ba84e10d9d1f2a83956dde4f20625fd11efc01f60a3a4552a9e09a05a74f
55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a
597b8d67ab1ae1248dc69b6ef66b49d95eedc1ab74ae74234d86e3668d72e58e
5d14a8453724bd93aa1fa4ed67ecc2476fd58aae8fe72e3ef51a6499549647a1
61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb
79ae6d3727de495c701c82e96a8db8f24248757e83a66b5b73b9bdc43dd99359
7dc792d48132ff15a9ad8c11a139bf26f8e13aa3df30a71582ae406ddffdab4f
7dd9659e56e92abc376e04d427903b2cfca1d52d854d38e35fefa4cf9e7fd9db
8d4c414dcf401a62edd2a6ce12252a8c357bcc252a6e0f6cf5c0c91f2dbce821
8e34cdba9ac65b3b6dd470052f0eb3442bdf7f6953e30b72d35ce0ab40ad9f40
95eb15e76b752a9c78d6281cd3b7c43a8fbc2931783edf3bf3703af55eff06e2
9b97320baaba8d39566a0be53b19cc3423502dac6b29f195460ddb1a5a791f49
a1eb407eac7112c42f36cc38d458a40ab208cc1c3b35883799e1632774fa7e43
cce78252542c52ca1be1ee90ee21bb2293e769b0720f1a47ec6f719aac256054
cdc8c52e34822c988f45d86ec596f14930f5dd909e5a2f3d3eb438c5918b235b
cfb26875a82c67a46c7f1a7dc2eaac5ffa7816695660d5b291056b72896e5de1
e0027d62602d57ff26add96e2f8d5d71be1fc6f0325c5e635532a0e477a93663
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
f576f13bc3c40d350539cf7fa65cbf97a69fd96e0806611536381378fc694f81
fb8d00527dd2f164cdeedebb56d3d05b3c830b2518f319511068f42decfaaa0c