urlscan.io logo urlscan.io
SecurityTrails logo

www.malipmu.1s.fr Open in urlscan Pro
5.135.149.81  Public Scan

Go To Rescan Add Verdict Report
URL: http://www.malipmu.1s.fr/
Submission: On January 13 via manual from BF — Scanned from FR
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 23 IPs in 4 countries across 19 domains to perform 128 HTTP transactions. The main IP is 5.135.149.81, located in Le Chesnay, France and belongs to OVH, FR. The main domain is www.malipmu.1s.fr.
This is the only time www.malipmu.1s.fr was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

10    5.135.149.81 (Le Chesnay, France)

ASN16276 (OVH, FR)
PTR: web3.venez.net
www.malipmu.1s.fr
www.venez.fr
5    194.150.236.236 (France)

ASN44976 (HIWIT_AS, FR)
PTR: ns76.hiwit.net
www.toptierce.net
30    2a00:1450:4001:827::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
pagead2.googlesyndication.com
2    194.150.236.190 (France)

ASN44976 (HIWIT_AS, FR)
PTR: ns30.hiwit.net
www.secretturf.com
4    2606:4700:3038::6815:ea1a (United States)

ASN13335 (CLOUDFLARENET, US)
img.root-top.com
2    91.198.105.122 (France)

ASN35393 (EURO-WEB-AS, FR)
www.gambling-affiliation.com
static.gambling-affiliation.com
19    185.119.26.1 (France)

ASN203544 (WEBDEVIIN-AS, FR)
PTR: 1.26.119.185.in-addr.arpa
payment.allopass.com
7    2a00:1450:4001:830::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
googleads.g.doubleclick.net
2    54.241.64.65 (San Jose, United States)

ASN16509 (AMAZON-02, US)
PTR: ec2-54-241-64-65.us-west-1.compute.amazonaws.com
gmu-apps.com
2    2a00:1450:4001:811::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.googletagmanager.com
13    2a00:1450:4001:831::2006 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
s0.2mdn.net
14    2a00:1450:4001:802::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
tpc.googlesyndication.com
2    2a00:1450:4001:80e::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.googletagservices.com
8    142.250.181.226 (United States)

ASN15169 (GOOGLE, US)
PTR: fra16s56-in-f2.1e100.net
cm.g.doubleclick.net
7    172.64.151.101 (United States)

ASN13335 (CLOUDFLARENET, US)
dsum-sec.casalemedia.com
5    185.89.211.84 (Frankfurt am Main, Germany)

ASN29990 (ASN-APPNEX, US)
PTR: 959.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net
ib.adnxs.com
4    142.250.184.230 (United States)

ASN15169 (GOOGLE, US)
PTR: fra24s12-in-f6.1e100.net
ad.doubleclick.net
1    2a00:1450:4001:82b::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
fonts.googleapis.com
1    2a00:1450:4001:827::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
fonts.gstatic.com
2    18.66.122.86 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-18-66-122-86.fra60.r.cloudfront.net
bucket.cdnwebcloud.com
2    2a00:1450:4001:829::2004 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.google.com
1    63.35.133.16 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-63-35-133-16.eu-west-1.compute.amazonaws.com
neural40.cdnwebcloud.com
Apex Domain
Subdomains		 Transfer
44 googlesyndication.com
pagead2.googlesyndication.com — Cisco Umbrella Rank: 110
tpc.googlesyndication.com — Cisco Umbrella Rank: 157
691 KB
19 doubleclick.net
googleads.g.doubleclick.net — Cisco Umbrella Rank: 38
cm.g.doubleclick.net — Cisco Umbrella Rank: 260
ad.doubleclick.net — Cisco Umbrella Rank: 163
153 KB
19 allopass.com
payment.allopass.com
318 KB
13 2mdn.net
s0.2mdn.net — Cisco Umbrella Rank: 336
209 KB
7 casalemedia.com
dsum-sec.casalemedia.com — Cisco Umbrella Rank: 622
4 KB
7 venez.fr
www.venez.fr
9 KB
5 adnxs.com
ib.adnxs.com — Cisco Umbrella Rank: 253
5 KB
5 toptierce.net
www.toptierce.net
169 KB
4 root-top.com
img.root-top.com
11 KB
3 cdnwebcloud.com
bucket.cdnwebcloud.com — Cisco Umbrella Rank: 22466
neural40.cdnwebcloud.com — Cisco Umbrella Rank: 28905
8 KB
3 1s.fr
www.malipmu.1s.fr
3 KB
2 google.com
www.google.com — Cisco Umbrella Rank: 2
2 KB
2 googletagservices.com
www.googletagservices.com — Cisco Umbrella Rank: 230
130 KB
2 googletagmanager.com
www.googletagmanager.com — Cisco Umbrella Rank: 37
156 KB
2 gmu-apps.com
gmu-apps.com
6 KB
2 gambling-affiliation.com
www.gambling-affiliation.com
static.gambling-affiliation.com
208 KB
2 secretturf.com
www.secretturf.com
63 KB
1 gstatic.com
fonts.gstatic.com
16 KB
1 googleapis.com
fonts.googleapis.com — Cisco Umbrella Rank: 28
979 B
128 19
Domain Requested by
30 pagead2.googlesyndication.com www.malipmu.1s.fr
pagead2.googlesyndication.com
googleads.g.doubleclick.net
tpc.googlesyndication.com
www.googletagservices.com
19 payment.allopass.com www.toptierce.net
payment.allopass.com
14 tpc.googlesyndication.com www.malipmu.1s.fr
googleads.g.doubleclick.net
tpc.googlesyndication.com
pagead2.googlesyndication.com
13 s0.2mdn.net www.malipmu.1s.fr
s0.2mdn.net
googleads.g.doubleclick.net
8 cm.g.doubleclick.net 6 redirects googleads.g.doubleclick.net
7 dsum-sec.casalemedia.com 3 redirects googleads.g.doubleclick.net
7 googleads.g.doubleclick.net pagead2.googlesyndication.com
googleads.g.doubleclick.net
7 www.venez.fr www.malipmu.1s.fr
www.venez.fr
5 ib.adnxs.com 3 redirects googleads.g.doubleclick.net
5 www.toptierce.net www.malipmu.1s.fr
www.toptierce.net
4 ad.doubleclick.net www.malipmu.1s.fr
4 img.root-top.com 2 redirects www.toptierce.net
3 www.malipmu.1s.fr www.malipmu.1s.fr
2 www.google.com tpc.googlesyndication.com
2 bucket.cdnwebcloud.com s0.2mdn.net
bucket.cdnwebcloud.com
2 www.googletagservices.com googleads.g.doubleclick.net
2 www.googletagmanager.com payment.allopass.com
www.googletagmanager.com
2 gmu-apps.com payment.allopass.com
www.malipmu.1s.fr
2 www.secretturf.com 1 redirects www.toptierce.net
1 neural40.cdnwebcloud.com googleads.g.doubleclick.net
1 fonts.gstatic.com fonts.googleapis.com
1 fonts.googleapis.com s0.2mdn.net
1 static.gambling-affiliation.com www.toptierce.net
1 www.gambling-affiliation.com www.toptierce.net
128 24

This site contains no links.

Subject Issuer Validity Valid
venez.fr
R3		 2023-12-04 -
2024-03-03		 3 months crt.sh
www.gambling-affiliation.com
Gandi RSA Domain Validation Secure Server CA 3		 2023-10-24 -
2024-10-24		 a year crt.sh
static.gambling-affiliation.com
Gandi RSA Domain Validation Secure Server CA 3		 2023-08-31 -
2024-08-31		 a year crt.sh
*.allopass.com
Sectigo RSA Domain Validation Secure Server CA		 2023-10-06 -
2024-10-07		 a year crt.sh
*.g.doubleclick.net
GTS CA 1C3		 2023-12-11 -
2024-03-04		 3 months crt.sh
gmu-apps.com
Amazon RSA 2048 M02		 2023-12-02 -
2024-12-30		 a year crt.sh
*.google-analytics.com
GTS CA 1C3		 2023-12-11 -
2024-03-04		 3 months crt.sh
*.doubleclick.net
GTS CA 1C3		 2023-12-11 -
2024-03-04		 3 months crt.sh
tpc.googlesyndication.com
GTS CA 1C3		 2023-12-11 -
2024-03-04		 3 months crt.sh
upload.video.google.com
GTS CA 1C3		 2023-12-11 -
2024-03-04		 3 months crt.sh
*.gstatic.com
GTS CA 1C3		 2023-12-11 -
2024-03-04		 3 months crt.sh
*.cdnwebcloud.com
Amazon RSA 2048 M03		 2023-08-23 -
2024-09-21		 a year crt.sh
www.google.com
GTS CA 1C3		 2023-12-11 -
2024-03-04		 3 months crt.sh

This page contains 22 frames:

Primary Page: http://www.malipmu.1s.fr/
Frame ID: FC4A09E046A4D8CC755A127160010BED
Requests: 12 HTTP requests in this frame

Frame: http://www.malipmu.1s.fr/barre-malipmu.1s.fr.html
Frame ID: D0E8C2261CCDEF94E224D6401D577F53
Requests: 10 HTTP requests in this frame

Frame: http://www.toptierce.net/turf/malipmu/
Frame ID: 2A0F3BC635A7EF2F61C48584495E950B
Requests: 10 HTTP requests in this frame

Frame: http://www.malipmu.1s.fr/stats-malipmu.1s.fr.html
Frame ID: DEB2BB7554D9399F210335D4A7E29E67
Requests: 1 HTTP requests in this frame

Frame: https://www.venez.fr/alternate-barre.htm
Frame ID: 810C236A149E5EB1EAABE7579E5A300C
Requests: 4 HTTP requests in this frame

Frame: https://payment.allopass.com/buy/buy.apu?ids=340817&idd=1532449
Frame ID: 8991AB50F0ACFF76DBF9C425A1B54963
Requests: 23 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/html/r20240109/r20190131/zrt_lookup_fy2021.html
Frame ID: BBDFC79F3DBE4ACDAEFA9222FAE45AB1
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5203714787387788&output=html&h=90&slotname=4563536207&adk=2647235303&adf=3604715433&pi=t.ma~as.4563536207&w=970&format=970x90&url=http%3A%2F%2Fwww.malipmu.1s.fr%2F&ea=0&wgl=1&dt=1705120641692&bpp=3&bdt=298&idt=370&shv=r20240109&mjsv=m202401100101&ptt=9&saldr=aa&correlator=1950387900691&frm=23&ife=1&pv=2&ga_vid=295969197.1705120642&ga_sid=1705120642&ga_hid=187568388&ga_fc=0&nhd=1&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&adx=20&ady=0&biw=1600&bih=1200&isw=1600&ish=90&ifk=3048689311&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C44809531%2C31080401%2C95320869%2C95320890&oid=2&pvsid=610469223943217&tmod=2120805725&uas=0&nvt=1&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C90&vis=1&rsz=o%7Co%7CaeE%7C&abl=NA&pfx=0&fu=4&bc=23&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=1&uci=1.i9jtvxmcbhr5&fsb=1&dtd=381
Frame ID: 6B0341F466AD21BC20B225ADF08978A9
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5203714787387788&output=html&adk=1812271804&adf=3279755397&plaf=7%3A2&plat=3%3A128%2C4%3A128%2C9%3A32776%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32%2C41%3A32%2C42%3A32&plas=500x945_l%7C500x945_r&format=0x0&url=http%3A%2F%2Fwww.malipmu.1s.fr%2F&ea=0&pra=7&wgl=1&easpi=0&asro=0&aslmt=0.4&asamt=-1&asedf=0&asefa=1&aseiel=1~2~4~6&aslcwct=150&asacwct=25&aslmct=0.7&asamct=0.7&dt=1705120641715&bpp=2&bdt=322&idt=372&shv=r20240109&mjsv=m202401100101&ptt=9&saldr=aa&prev_fmts=970x90&nras=1&correlator=1950387900691&frm=23&ife=1&pv=1&ga_vid=295969197.1705120642&ga_sid=1705120642&ga_hid=187568388&ga_fc=0&nhd=1&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&adx=-12245933&ady=-12245933&biw=1600&bih=1200&isw=1600&ish=90&ifk=3048689311&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C44809531%2C31080401%2C95320869%2C95320890&oid=2&pvsid=610469223943217&tmod=2120805725&uas=0&nvt=1&fsapi=1&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C90&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=32772&bc=23&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=2&uci=2.nnaix6fw5ad0&fsb=1&dtd=378
Frame ID: 5DE88671E8E7D4664293DDAAC1E74EEC
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/xbbe/pixel?d=CPDkLxCZw2EYzIrw2QEwAQ&v=APEucNX2YFlJ4z9MJQHnyvpgyAo_4MiRRGJV_7FApFt3d8JH7dFCYiB8aDAqc6v8Lp0qNG1VodNcF80F2GijfTzpeJVmXSrWQU8p9lSWujAJLMamOoCYKG3bEEj1hBKZYxXot85WFxUwtlTHaCq7pPMisdVU3wluhysBDxqRuXd19WygbNJHefc
Frame ID: B946B3D6685D91A29FD8C4EF046C72FB
Requests: 5 HTTP requests in this frame

Frame: https://s0.2mdn.net/879366/express_html_inpage_rendering_lib_200_278.js
Frame ID: 0BBD2B7AED52A935F52751278BC55C31
Requests: 12 HTTP requests in this frame

Frame: https://s0.2mdn.net/sadbundle/7509247668429163338/index.html?ev=01_250
Frame ID: 297862CAE083B634690D9DA3A17C0D48
Requests: 6 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/62bHydCX.html
Frame ID: CFA45F735B6DFF777E98D1CFC5C7F85D
Requests: 3 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5203714787387788&output=html&adk=2896691772&adf=4145544820&lmt=1705120642&plaf=7%3A2&plat=3%3A128%2C4%3A128%2C9%3A32776%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32%2C41%3A32%2C42%3A32&plas=500x945_l%7C500x945_r&format=0x0&url=http%3A%2F%2Fwww.malipmu.1s.fr%2F&ea=0&pra=7&wgl=1&easpi=0&asro=0&aslmt=0.4&asamt=-1&asedf=0&asefa=1&aseiel=1~2~4~6&aslcwct=150&asacwct=25&aslmct=0.7&asamct=0.7&dt=1705120642568&bpp=1&bdt=1305&idt=181&shv=r20240109&mjsv=m202401080101&ptt=9&saldr=aa&abxe=1&cookie=ID%3Dccf96252be252b1d%3AT%3D1705120642%3ART%3D1705120642%3AS%3DALNI_MaCkIAKoa9VF7o7ZXL92ydQttEupQ&gpic=UID%3D00000d40843f5297%3AT%3D1705120642%3ART%3D1705120642%3AS%3DALNI_MaQ7ud4bCbZ-aQ9Ln9AVym04UaQxg&prev_fmts=728x90&nras=2&correlator=1950387900691&frm=20&pv=1&ga_vid=1413164066.1705120643&ga_sid=1705120643&ga_hid=666092396&ga_fc=0&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C95320238%2C31080260%2C31080265%2C95320890&oid=2&pvsid=1330006697239198&tmod=1818862177&uas=0&nvt=1&fsapi=1&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=32768&bc=23&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=2&uci=a!2&fsb=1&dtd=186
Frame ID: F51CE76D69B08E0F1D61C6D36A7639AA
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/html/r20240109/r20110914/zrt_lookup_fy2021.html?fsb=1
Frame ID: 96E8C71448633F8F9E8234CF7F35B37C
Requests: 14 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/xbbe/pixel?d=CNPh9QIQifbz8QEY2ej8ggIwAQ&v=APEucNVAyenNv6c6jSJfhVzLqcqOLGFJsvJcAdg4_r9FJoq5ehHXwWffTpb4t1KyWxw9nLbOgrZBonjcEgF_ddMtRZR-hzR4kax4o4Z1TaUw6xbhwiQgth1pS_PFi-K6r2wVXgpZH6jX5Ox5m1DNNBdSZRsSvzy2BmYoHiGUpGixX6nz2UysrQs
Frame ID: C48DC8F797C6DDAEAD1F451B431BFCBC
Requests: 5 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/62bHydCX.html
Frame ID: 1D22002959C701C4B0F4DE6F96BEF458
Requests: 3 HTTP requests in this frame

Frame: https://s0.2mdn.net/sadbundle/16952711314765686234/index.html?ev=01_250
Frame ID: BE9A568A8FA247D64132E489F6D0B98D
Requests: 7 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Frame ID: 56B7DB79E529469CF423D574415BC042
Requests: 3 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/aframe
Frame ID: F637E8D5FE63D34C76872F90658E7E9A
Requests: 2 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Frame ID: E4A254226E73BEAA35F0462BF2A63F36
Requests: 3 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/aframe
Frame ID: FB29F0AD59B4C4776D0FBFCB26221D8A
Requests: 2 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page Title

MALIPMU

Detected technologies

Overall confidence: 100%
Detected patterns
  • adnxs\.(?:net|com)
Overall confidence: 100%
Detected patterns
  • 2mdn\.net
Overall confidence: 100%
Detected patterns
  • fingerprint(\d)?(?:\.min)?\.js
Overall confidence: 100%
Detected patterns
  • googlesyndication\.com/
  • 2mdn\.net
Overall confidence: 100%
Detected patterns
  • googletagmanager\.com/gtm\.js
Overall confidence: 100%
Detected patterns
  • jquery[.-]([\d.]*\d)[^/]*\.js
  • jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

Page Statistics

128
Requests

84 %
HTTPS

45 %
IPv6

19
Domains

24
Subdomains

23
IPs

4
Countries

2155 kB
Transfer

4855 kB
Size

12
Cookies

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 7
  • http://www.secretturf.com/img/logo.gif HTTP 301
  • https://www.secretturf.com/img/logo.gif
Request Chain 8
  • http://img.root-top.com/topsite/simplejeux/banner.gif HTTP 301
  • https://img.root-top.com/topsite/simplejeux/banner.gif
Request Chain 10
  • http://img.root-top.com/topsite/toptierce/banner.gif HTTP 301
  • https://img.root-top.com/topsite/toptierce/banner.gif
Request Chain 50
  • https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_dbm HTTP 302
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEAoN79gG_LqBAwS-QZ-Em5E&google_cver=1
Request Chain 51
  • https://dsum-sec.casalemedia.com/rrum?ixi=0&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D HTTP 302
  • https://dsum-sec.casalemedia.com/rrum?cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D&cm_dsp_id=85&ixi=0&C=1 HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_hm=ZaITgvvLmN63mVUKkm8wYwAA HTTP 302
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEAoN79gG_LqBAwS-QZ-Em5E&google_cver=1
Request Chain 52
  • https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_cm&google_dbm HTTP 302
  • https://ib.adnxs.com/setuid?entity=101&code=CAESEGBIWhH8_gVufOkXmkb1kFc&google_cver=1
Request Chain 53
  • https://ib.adnxs.com/getuid?https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=${BASE64_UID_ENC} HTTP 307
  • https://ib.adnxs.com/bounce?%2Fgetuid%3Fhttps%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dappnexus%26google_hm%3D%24%7BBASE64_UID_ENC%7D HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=MTM0MDI4MzM2OTk3NTM4MjcyMg%3D%3D
Request Chain 98
  • https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_dbm HTTP 302
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEAoN79gG_LqBAwS-QZ-Em5E&google_cver=1
Request Chain 99
  • https://dsum-sec.casalemedia.com/rrum?ixi=0&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_hm=ZaITgvvLmN63mVUKkm8wYwAA HTTP 302
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEAoN79gG_LqBAwS-QZ-Em5E&google_cver=1
Request Chain 100
  • https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_cm&google_dbm HTTP 302
  • https://ib.adnxs.com/setuid?entity=101&code=CAESEGBIWhH8_gVufOkXmkb1kFc&google_cver=1
Request Chain 101
  • https://ib.adnxs.com/getuid?https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=${BASE64_UID_ENC} HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=MTM0MDI4MzM2OTk3NTM4MjcyMg%3D%3D

128 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Primary Request /
www.malipmu.1s.fr/ 		3 KB
1 KB 		Document
General
Check archive.org
Download Go to
Full URL
http://www.malipmu.1s.fr/
Protocol
HTTP/1.1
Server
5.135.149.81 Le Chesnay, France, ASN16276 (OVH, FR),
Reverse DNS
web3.venez.net
Software
Apache /
Resource Hash
1d7e1c57904e81bbb5f28bfcce89bc800085098638d02579064423ceb424920f

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36
accept-language
fr-FR,fr;q=0.9

Response headers

Connection
Keep-Alive
Content-Encoding
gzip
Content-Length
1082
Content-Type
text/html; charset=iso-8859-1
Date
Sat, 13 Jan 2024 04:37:21 GMT
Keep-Alive
timeout=5, max=100
Server
Apache
Vary
Accept-Encoding
barre-malipmu.1s.fr.html
www.malipmu.1s.fr/ Frame D0E8 		3 KB
2 KB 		Document
General
Check archive.org
Download Go to
Full URL
http://www.malipmu.1s.fr/barre-malipmu.1s.fr.html
Requested by
Host: www.malipmu.1s.fr
URL: http://www.malipmu.1s.fr/
Protocol
HTTP/1.1
Server
5.135.149.81 Le Chesnay, France, ASN16276 (OVH, FR),
Reverse DNS
web3.venez.net
Software
Apache /
Resource Hash
e244da07d1e80f0b44441d3219ef69e8130fde7279a887cf964489950f5db935

Request headers

Referer
http://www.malipmu.1s.fr/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36
accept-language
fr-FR,fr;q=0.9

Response headers

Cache-Control
no-store, no-cache, must-revalidate post-check=0, pre-check=0
Connection
Keep-Alive
Content-Encoding
gzip
Content-Length
1483
Content-Type
text/html; charset=ISO-8859-1
Date
Sat, 13 Jan 2024 04:37:21 GMT
Expires
Sat, 13 Jan 2024 04:37:21 GMT
Keep-Alive
timeout=5, max=99
Last-Modified
Sat, 13 Jan 2024 04:37:21 GMT
Pragma
no-cache
Server
Apache
Vary
Accept-Encoding
/
www.toptierce.net/turf/malipmu/ Frame 2A0F 		8 KB
8 KB 		Document
General
Check archive.org
Download Go to
Full URL
http://www.toptierce.net/turf/malipmu/
Requested by
Host: www.malipmu.1s.fr
URL: http://www.malipmu.1s.fr/
Protocol
HTTP/1.1
Server
194.150.236.236 , France, ASN44976 (HIWIT_AS, FR),
Reverse DNS
ns76.hiwit.net
Software
Apache /
Resource Hash
96a94504da20942a3a8dc93a23f78ee10259861852144a0e0d0c5be6eb7192a9

Request headers

Referer
http://www.malipmu.1s.fr/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36
accept-language
fr-FR,fr;q=0.9

Response headers

Connection
Keep-Alive
Content-Type
text/html
Date
Sat, 13 Jan 2024 04:37:21 GMT
Keep-Alive
timeout=15, max=100
Server
Apache
Transfer-Encoding
chunked
Vary
Host
stats-malipmu.1s.fr.html
www.malipmu.1s.fr/ Frame DEB2 		0
192 B 		Document
General
Check archive.org
Download Go to
Full URL
http://www.malipmu.1s.fr/stats-malipmu.1s.fr.html
Requested by
Host: www.malipmu.1s.fr
URL: http://www.malipmu.1s.fr/
Protocol
HTTP/1.1
Server
5.135.149.81 Le Chesnay, France, ASN16276 (OVH, FR),
Reverse DNS
web3.venez.net
Software
Apache /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
http://www.malipmu.1s.fr/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36
accept-language
fr-FR,fr;q=0.9

Response headers

Connection
Keep-Alive
Content-Length
0
Content-Type
text/html; charset=iso-8859-1
Date
Sat, 13 Jan 2024 04:37:21 GMT
Keep-Alive
timeout=5, max=100
Server
Apache
site.js
www.venez.fr/js/ Frame D0E8 		2 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.venez.fr/js/site.js?www.venez.fr
Requested by
Host: www.malipmu.1s.fr
URL: http://www.malipmu.1s.fr/barre-malipmu.1s.fr.html
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
5.135.149.81 Le Chesnay, France, ASN16276 (OVH, FR),
Reverse DNS
web3.venez.net
Software
Apache /
Resource Hash
0c91a24c2deb753c963c48cd9c3e5d16ee96128b30bce193c4324e121728c306

Request headers

accept-language
fr-FR,fr;q=0.9
Referer
http://www.malipmu.1s.fr/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

Date
Sat, 13 Jan 2024 04:37:21 GMT
Content-Encoding
gzip
Last-Modified
Sat, 13 Jan 2024 04:37:21 GMT
Server
Apache
Vary
Accept-Encoding
Content-Type
application/javascript
Cache-Control
public, max-age=604800
Connection
Keep-Alive
Keep-Alive
timeout=5, max=100
Content-Length
1023
Expires
Sat, 20 Jan 2024 04:37:21 GMT
separateur90.gif
www.venez.fr/images/ Frame D0E8 		82 B
388 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.venez.fr/images/separateur90.gif
Requested by
Host: www.malipmu.1s.fr
URL: http://www.malipmu.1s.fr/barre-malipmu.1s.fr.html
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
5.135.149.81 Le Chesnay, France, ASN16276 (OVH, FR),
Reverse DNS
web3.venez.net
Software
Apache /
Resource Hash
3289fc83b622ca0a13683fa81b006a05de135d1938744d6e30e5c9be2f2d782a

Request headers

accept-language
fr-FR,fr;q=0.9
Referer
http://www.malipmu.1s.fr/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

Date
Sat, 13 Jan 2024 04:37:21 GMT
Last-Modified
Thu, 15 Nov 2018 22:11:22 GMT
Server
Apache
ETag
"52-57abb54b25680"
Content-Type
image/gif
Cache-Control
max-age=604800, public
Connection
Keep-Alive
Accept-Ranges
bytes
Keep-Alive
timeout=5, max=100
Content-Length
82
adsbygoogle.js
pagead2.googlesyndication.com/pagead/js/ Frame D0E8 		146 KB
54 KB 		Script
General
Check archive.org
Download Go to
Full URL
http://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js
Requested by
Host: www.malipmu.1s.fr
URL: http://www.malipmu.1s.fr/barre-malipmu.1s.fr.html
Protocol
HTTP/1.1
Server
2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
b223c9e7829aabc4dc2fd83f11c6474857bac50cf6b6540f7c0dfa14be21d8d6
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
fr-FR,fr;q=0.9
Referer
http://www.malipmu.1s.fr/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

Date
Sat, 13 Jan 2024 04:37:21 GMT
Content-Encoding
gzip
X-Content-Type-Options
nosniff
P3P
policyref="http://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
Cross-Origin-Resource-Policy
cross-origin
Content-Disposition
attachment; filename="f.txt"
Content-Length
54331
X-XSS-Protection
0
Server
cafe
ETag
16156467205182955362
Vary
Accept-Encoding
Content-Type
text/javascript; charset=UTF-8
Access-Control-Allow-Origin
*
Cache-Control
private, max-age=3600, stale-while-revalidate=3600
Timing-Allow-Origin
*
Expires
Sat, 13 Jan 2024 04:37:21 GMT
header.gif
www.toptierce.net/turf/malipmu/ Frame 2A0F 		85 KB
86 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
http://www.toptierce.net/turf/malipmu/header.gif
Requested by
Host: www.toptierce.net
URL: http://www.toptierce.net/turf/malipmu/
Protocol
HTTP/1.1
Server
194.150.236.236 , France, ASN44976 (HIWIT_AS, FR),
Reverse DNS
ns76.hiwit.net
Software
Apache /
Resource Hash
f708cf84d69a0f2267eadcd97dd50bde07ae053d0604ae510161861a06fd70f7

Request headers

accept-language
fr-FR,fr;q=0.9
Referer
http://www.toptierce.net/turf/malipmu/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

Date
Sat, 13 Jan 2024 04:37:21 GMT
Last-Modified
Sun, 02 Jul 2023 21:36:24 GMT
Server
Apache
ETag
"2b884c7-155b3-5ff87d7752600"
Vary
Host
Content-Type
image/gif
Connection
Keep-Alive
Accept-Ranges
bytes
Keep-Alive
timeout=15, max=100
Content-Length
87475
logo.gif
www.secretturf.com/img/ Frame 2A0F
Redirect Chain
  • http://www.secretturf.com/img/logo.gif
  • https://www.secretturf.com/img/logo.gif
62 KB
63 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.secretturf.com/img/logo.gif
Requested by
Host: www.toptierce.net
URL: http://www.toptierce.net/turf/malipmu/
Protocol
HTTP/1.1
Server
194.150.236.190 , France, ASN44976 (HIWIT_AS, FR),
Reverse DNS
ns30.hiwit.net
Software
Apache /
Resource Hash
cce78252542c52ca1be1ee90ee21bb2293e769b0720f1a47ec6f719aac256054
Security Headers
Name Value
Strict-Transport-Security max-age=15768000

Request headers

accept-language
fr-FR,fr;q=0.9
Referer
http://www.toptierce.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

Date
Sat, 13 Jan 2024 04:37:21 GMT
Strict-Transport-Security
max-age=15768000
Last-Modified
Thu, 07 Dec 2017 14:35:05 GMT
Server
Apache
ETag
"7adf6f-f93c-55fc0f954d840"
Vary
Host
Content-Type
image/gif
Connection
Keep-Alive
Accept-Ranges
bytes
Keep-Alive
timeout=10, max=100
Content-Length
63804

Redirect headers

Location
https://www.secretturf.com/img/logo.gif
Date
Sat, 13 Jan 2024 04:37:21 GMT
Server
Apache
Connection
Keep-Alive
Keep-Alive
timeout=10, max=100
Content-Length
247
Content-Type
text/html; charset=iso-8859-1
banner.gif
img.root-top.com/topsite/simplejeux/ Frame 2A0F
Redirect Chain
  • http://img.root-top.com/topsite/simplejeux/banner.gif
  • https://img.root-top.com/topsite/simplejeux/banner.gif
4 KB
5 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://img.root-top.com/topsite/simplejeux/banner.gif
Requested by
Host: www.toptierce.net
URL: http://www.toptierce.net/turf/malipmu/
Protocol
H2
Server
2606:4700:3038::6815:ea1a , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
597b8d67ab1ae1248dc69b6ef66b49d95eedc1ab74ae74234d86e3668d72e58e

Request headers

accept-language
fr-FR,fr;q=0.9
Referer
http://www.toptierce.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date
Sat, 13 Jan 2024 04:37:21 GMT
cf-cache-status
HIT
last-modified
Tue, 29 Nov 2022 12:52:50 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
age
787692
etag
"1229025579"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Bav%2FzvG8SPzwMBxgpwMTQkfBjq%2FdNvo5HfVvtu0MRjiL%2BVsUHVQ1ILaGYV%2FYuSNg7xjEu4cn2IN393NgnyHY7Y7Pq1PRaeiBhn1ZMsJNz%2FJ%2Be%2BKjjNHjv252OHsLEesjiCKZDuWiMrO0LovLRC6%2F"}],"group":"cf-nel","max_age":604800}
content-type
image/png
cache-control
max-age=2678400
accept-ranges
bytes
cf-ray
844af189ca7a2a6e-CDG
alt-svc
h3=":443"; ma=86400
content-length
4424

Redirect headers

Date
Sat, 13 Jan 2024 04:37:21 GMT
CF-Cache-Status
HIT
NEL
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Server
cloudflare
Age
648
Vary
Accept-Encoding
Report-To
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=kERKi%2FhYcdvVQh%2BJAORX5vxtz1BA0rVC4hKv1Y1iGeNCgODzifnVU5qxcfVlyjR2FYYnpLDEPnuZRJl%2BIQAAcqYf4NNVKMD%2F4s%2BtQoq3U0WxYG0etAVcdxt492LlQo1P43kT88kcylitKgPsJLJP"}],"group":"cf-nel","max_age":604800}
Location
https://img.root-top.com/topsite/simplejeux/banner.gif
Cache-Control
max-age=14400
Connection
keep-alive
CF-RAY
844af1895f3f2a74-CDG
alt-svc
h3=":443"; ma=86400
Content-Length
0
logo.gif
www.toptierce.net/img/ Frame 2A0F 		12 KB
13 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
http://www.toptierce.net/img/logo.gif
Requested by
Host: www.toptierce.net
URL: http://www.toptierce.net/turf/malipmu/
Protocol
HTTP/1.1
Server
194.150.236.236 , France, ASN44976 (HIWIT_AS, FR),
Reverse DNS
ns76.hiwit.net
Software
Apache /
Resource Hash
8e34cdba9ac65b3b6dd470052f0eb3442bdf7f6953e30b72d35ce0ab40ad9f40

Request headers

accept-language
fr-FR,fr;q=0.9
Referer
http://www.toptierce.net/turf/malipmu/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

Date
Sat, 13 Jan 2024 04:37:21 GMT
Last-Modified
Sun, 02 Jul 2023 21:37:26 GMT
Server
Apache
ETag
"2b885cb-316e-5ff87db273180"
Vary
Host
Content-Type
image/gif
Connection
Keep-Alive
Accept-Ranges
bytes
Keep-Alive
timeout=15, max=100
Content-Length
12654
banner.gif
img.root-top.com/topsite/toptierce/ Frame 2A0F
Redirect Chain
  • http://img.root-top.com/topsite/toptierce/banner.gif
  • https://img.root-top.com/topsite/toptierce/banner.gif
4 KB
5 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://img.root-top.com/topsite/toptierce/banner.gif
Requested by
Host: www.toptierce.net
URL: http://www.toptierce.net/turf/malipmu/
Protocol
H2
Server
2606:4700:3038::6815:ea1a , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
597b8d67ab1ae1248dc69b6ef66b49d95eedc1ab74ae74234d86e3668d72e58e

Request headers

accept-language
fr-FR,fr;q=0.9
Referer
http://www.toptierce.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date
Sat, 13 Jan 2024 04:37:21 GMT
cf-cache-status
HIT
last-modified
Tue, 29 Nov 2022 12:52:50 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
age
789095
etag
"1229025579"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=1PisrL3mp%2FNEWJ4PfSI32rkMl2i1Vf2tD4UZbLM8PNq8ELkY4UP7jeFC8VbeB%2Bex2n0IuGXtbLUXRYoHFsBTfH5sW7f9mfRQlBIo3TivM4cZzsMsJjFYUyebdK3pEfV0amKFA08u23Sf3bQa5Tzp"}],"group":"cf-nel","max_age":604800}
content-type
image/png
cache-control
max-age=2678400
accept-ranges
bytes
cf-ray
844af189ca7b2a6e-CDG
alt-svc
h3=":443"; ma=86400
content-length
4424

Redirect headers

Date
Sat, 13 Jan 2024 04:37:21 GMT
CF-Cache-Status
EXPIRED
NEL
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Server
cloudflare
Vary
Accept-Encoding
Report-To
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=u4z6KZTG6ayXLGpXLSziEVrs31di97%2BPh9RFNe%2FH6fg5QVSN8SY8EcXjlqUEowOu%2FmLMzKITB6vmcVtW74QrtqVX11cajNJ%2BNqJEk1kRidQIO2inPKlchIBSEy3LA32mV%2FndgZie5IZDfn3%2FX%2FT%2B"}],"group":"cf-nel","max_age":604800}
Location
https://img.root-top.com/topsite/toptierce/banner.gif
Cache-Control
max-age=14400
Connection
keep-alive
CF-RAY
844af1895ba6d34f-CDG
alt-svc
h3=":443"; ma=86400
Content-Length
0
v=c-uMZ7rGrk.wx.hUDZmT8YbUNpJRfs6tUnYvdKbA8VI_
www.gambling-affiliation.com/cpm/ Frame 2A0F 		339 B
427 B 		Script
General
Check archive.org
Download Go to
Full URL
https://www.gambling-affiliation.com/cpm/v=c-uMZ7rGrk.wx.hUDZmT8YbUNpJRfs6tUnYvdKbA8VI_
Requested by
Host: www.toptierce.net
URL: http://www.toptierce.net/turf/malipmu/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
91.198.105.122 , France, ASN35393 (EURO-WEB-AS, FR),
Reverse DNS
Software
Apache /
Resource Hash
de421ad2eb9e68d7798320a44138c37baea59c11ddff99bc492e10be0ccbfe4c

Request headers

accept-language
fr-FR,fr;q=0.9
Referer
http://www.toptierce.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date
Sat, 13 Jan 2024 04:37:21 GMT
server
Apache
content-length
339
content-type
application/javascript
chevaux-course.jpg
www.toptierce.net/turf/malipmu/ Frame 2A0F 		27 KB
27 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
http://www.toptierce.net/turf/malipmu/chevaux-course.jpg
Requested by
Host: www.toptierce.net
URL: http://www.toptierce.net/turf/malipmu/
Protocol
HTTP/1.1
Server
194.150.236.236 , France, ASN44976 (HIWIT_AS, FR),
Reverse DNS
ns76.hiwit.net
Software
Apache /
Resource Hash
e612bd601b0098f708e7631a77393f16dd489ed11f32c1b155b76d8fa480a7ca

Request headers

accept-language
fr-FR,fr;q=0.9
Referer
http://www.toptierce.net/turf/malipmu/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

Date
Sat, 13 Jan 2024 04:37:21 GMT
Last-Modified
Sun, 02 Jul 2023 21:36:22 GMT
Server
Apache
ETag
"2b884c2-6cb7-5ff87d756a180"
Vary
Host
Content-Type
image/jpeg
Connection
Keep-Alive
Accept-Ranges
bytes
Keep-Alive
timeout=15, max=99
Content-Length
27831
puce.png
www.toptierce.net/turf/malipmu/ Frame 2A0F 		35 KB
36 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
http://www.toptierce.net/turf/malipmu/puce.png
Requested by
Host: www.toptierce.net
URL: http://www.toptierce.net/turf/malipmu/
Protocol
HTTP/1.1
Server
194.150.236.236 , France, ASN44976 (HIWIT_AS, FR),
Reverse DNS
ns76.hiwit.net
Software
Apache /
Resource Hash
4b7912eb5c02b7f4ca397f3b8101850573e2a795d25eaedd05201a1919b30861

Request headers

accept-language
fr-FR,fr;q=0.9
Referer
http://www.toptierce.net/turf/malipmu/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

Date
Sat, 13 Jan 2024 04:37:21 GMT
Last-Modified
Sun, 02 Jul 2023 21:36:25 GMT
Server
Apache
ETag
"2b884d2-8d59-5ff87d7846840"
Vary
Host
Content-Type
image/png
Connection
Keep-Alive
Accept-Ranges
bytes
Keep-Alive
timeout=15, max=100
Content-Length
36185
alternate-barre.htm
www.venez.fr/ Frame 810C 		2 KB
1 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://www.venez.fr/alternate-barre.htm
Requested by
Host: www.malipmu.1s.fr
URL: http://www.malipmu.1s.fr/barre-malipmu.1s.fr.html
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
5.135.149.81 Le Chesnay, France, ASN16276 (OVH, FR),
Reverse DNS
web3.venez.net
Software
Apache /
Resource Hash
7f8a8af2d8caa5fc8d5dd131e71d17a7f84b9d5dee6e7ddb3a19a83e7799a4bb

Request headers

Referer
http://www.malipmu.1s.fr/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36
accept-language
fr-FR,fr;q=0.9

Response headers

Connection
Keep-Alive
Content-Encoding
gzip
Content-Length
870
Content-Type
text/html; charset=iso-8859-1
Date
Sat, 13 Jan 2024 04:37:21 GMT
Keep-Alive
timeout=5, max=99
Server
Apache
Vary
Accept-Encoding
barre90.gif
www.venez.fr/images/ Frame D0E8 		110 B
416 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.venez.fr/images/barre90.gif
Requested by
Host: www.malipmu.1s.fr
URL: http://www.malipmu.1s.fr/barre-malipmu.1s.fr.html
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
5.135.149.81 Le Chesnay, France, ASN16276 (OVH, FR),
Reverse DNS
web3.venez.net
Software
Apache /
Resource Hash
49d4ba84e10d9d1f2a83956dde4f20625fd11efc01f60a3a4552a9e09a05a74f

Request headers

accept-language
fr-FR,fr;q=0.9
Referer
http://www.malipmu.1s.fr/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

Date
Sat, 13 Jan 2024 04:37:21 GMT
Last-Modified
Thu, 15 Nov 2018 22:06:23 GMT
Server
Apache
ETag
"6e-57abb42dff5c0"
Content-Type
image/gif
Cache-Control
max-age=604800, public
Connection
Keep-Alive
Accept-Ranges
bytes
Keep-Alive
timeout=5, max=99
Content-Length
110
120x60.gif
www.venez.fr/images/ Frame 810C 		4 KB
4 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.venez.fr/images/120x60.gif
Requested by
Host: www.venez.fr
URL: https://www.venez.fr/alternate-barre.htm
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
5.135.149.81 Le Chesnay, France, ASN16276 (OVH, FR),
Reverse DNS
web3.venez.net
Software
Apache /
Resource Hash
7dc792d48132ff15a9ad8c11a139bf26f8e13aa3df30a71582ae406ddffdab4f

Request headers

accept-language
fr-FR,fr;q=0.9
Referer
https://www.venez.fr/alternate-barre.htm
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

Date
Sat, 13 Jan 2024 04:37:21 GMT
Last-Modified
Wed, 02 Mar 2011 00:16:24 GMT
Server
Apache
ETag
"f4c-49d74d2b9c600"
Content-Type
image/gif
Cache-Control
max-age=604800, public
Connection
Keep-Alive
Accept-Ranges
bytes
Keep-Alive
timeout=5, max=98
Content-Length
3916
site.js
www.venez.fr/js/ Frame 810C 		2 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.venez.fr/js/site.js?www.venez.fr
Requested by
Host: www.venez.fr
URL: https://www.venez.fr/alternate-barre.htm
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
5.135.149.81 Le Chesnay, France, ASN16276 (OVH, FR),
Reverse DNS
web3.venez.net
Software
Apache /
Resource Hash
0c91a24c2deb753c963c48cd9c3e5d16ee96128b30bce193c4324e121728c306

Request headers

accept-language
fr-FR,fr;q=0.9
Referer
https://www.venez.fr/alternate-barre.htm
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

Date
Sat, 13 Jan 2024 04:37:21 GMT
Content-Encoding
gzip
Last-Modified
Sat, 13 Jan 2024 04:37:21 GMT
Server
Apache
Vary
Accept-Encoding
Content-Type
application/javascript
Cache-Control
public, max-age=604800
Connection
Keep-Alive
Keep-Alive
timeout=5, max=98
Content-Length
1023
Expires
Sat, 20 Jan 2024 04:37:21 GMT
barre90.gif
www.venez.fr/images/ Frame 810C 		110 B
416 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.venez.fr/images/barre90.gif
Requested by
Host: www.venez.fr
URL: https://www.venez.fr/alternate-barre.htm
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
5.135.149.81 Le Chesnay, France, ASN16276 (OVH, FR),
Reverse DNS
web3.venez.net
Software
Apache /
Resource Hash
49d4ba84e10d9d1f2a83956dde4f20625fd11efc01f60a3a4552a9e09a05a74f

Request headers

accept-language
fr-FR,fr;q=0.9
Referer
https://www.venez.fr/alternate-barre.htm
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

Date
Sat, 13 Jan 2024 04:37:21 GMT
Last-Modified
Thu, 15 Nov 2018 22:06:23 GMT
Server
Apache
ETag
"6e-57abb42dff5c0"
Content-Type
image/gif
Cache-Control
max-age=604800, public
Connection
Keep-Alive
Accept-Ranges
bytes
Keep-Alive
timeout=5, max=97
Content-Length
110
25995.gif
static.gambling-affiliation.com/uploads/ads/ Frame 2A0F 		207 KB
208 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static.gambling-affiliation.com/uploads/ads/25995.gif
Requested by
Host: www.toptierce.net
URL: http://www.toptierce.net/turf/malipmu/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
91.198.105.122 , France, ASN35393 (EURO-WEB-AS, FR),
Reverse DNS
Software
nginx/1.15.5 /
Resource Hash
1816069af86c24f0cc7eb81c78311efc0aba9aded5642284cf673bb1c7130e7e

Request headers

accept-language
fr-FR,fr;q=0.9
Referer
http://www.toptierce.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date
Sat, 13 Jan 2024 04:37:21 GMT
last-modified
Wed, 19 May 2021 07:07:11 GMT
server
nginx/1.15.5
accept-ranges
bytes
etag
"60a4b91f-33dd1"
content-length
212433
content-type
image/gif
buy.apu
payment.allopass.com/buy/ Frame 8991 		10 KB
4 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://payment.allopass.com/buy/buy.apu?ids=340817&idd=1532449
Requested by
Host: www.toptierce.net
URL: http://www.toptierce.net/turf/malipmu/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
185.119.26.1 , France, ASN203544 (WEBDEVIIN-AS, FR),
Reverse DNS
1.26.119.185.in-addr.arpa
Software
Apache /
Resource Hash
88cea518caaeba1eeecaf91586a146f5cb06349564d11b6bd480192e05f0cb4c

Request headers

Referer
http://www.toptierce.net/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36
accept-language
fr-FR,fr;q=0.9

Response headers

Access-Control-Allow-Origin
*
Cache-Control
no-store, no-cache, must-revalidate, post-check=0, pre-check=0
Connection
close
Content-Encoding
gzip
Content-Length
2977
Content-Type
text/html; charset=UTF-8
Date
Sat, 13 Jan 2024 04:37:21 GMT
Expires
Thu, 19 Nov 1981 08:52:00 GMT
P3P
CP='NON NID OTPa OUR NOR' policy-ref='http://payment.allopass.com/info/p3p/policy-references.xml'
Pragma
no-cache
Server
Apache
Vary
Accept-Encoding
show_ads_impl_with_ama_fy2021.js
pagead2.googlesyndication.com/pagead/managed/js/adsense/m202401100101/ Frame D0E8 		401 KB
137 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202401100101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-5203714787387788&plah=www.malipmu.1s.fr&bust=31080401
Requested by
Host: pagead2.googlesyndication.com
URL: http://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
0e7d01a20aecfde737dba6bf0213e3917e50990930e8cad651cee9ff1cdb5f0a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
fr-FR,fr;q=0.9
Referer
http://www.malipmu.1s.fr/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date
Sat, 13 Jan 2024 04:37:21 GMT
content-encoding
br
x-content-type-options
nosniff
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
139279
x-xss-protection
0
server
cafe
etag
7119013147342523180
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
cache-control
private, max-age=3600, stale-while-revalidate=3600
timing-allow-origin
*
expires
Sat, 13 Jan 2024 04:37:21 GMT
zrt_lookup_fy2021.html
googleads.g.doubleclick.net/pagead/html/r20240109/r20190131/ Frame BBDF 		9 KB
4 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/html/r20240109/r20190131/zrt_lookup_fy2021.html
Requested by
Host: pagead2.googlesyndication.com
URL: http://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e93b8c0ae5b5910b7107c8b455eda029935c56efa8de0be2443d8eabba207197
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
http://www.malipmu.1s.fr/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36
accept-language
fr-FR,fr;q=0.9

Response headers

age
28629
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, max-age=1209600
content-encoding
br
content-length
4173
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Fri, 12 Jan 2024 20:40:12 GMT
etag
9219409622527106327
expires
Fri, 26 Jan 2024 20:40:12 GMT
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server
cafe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
jBox.all.min.css
payment.allopass.com/static/css/jBox/ Frame 8991 		16 KB
4 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://payment.allopass.com/static/css/jBox/jBox.all.min.css
Requested by
Host: payment.allopass.com
URL: https://payment.allopass.com/buy/buy.apu?ids=340817&idd=1532449
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
185.119.26.1 , France, ASN203544 (WEBDEVIIN-AS, FR),
Reverse DNS
1.26.119.185.in-addr.arpa
Software
Apache /
Resource Hash
16393c3e769e20445f7f78adf6a188dae9d932249842c1033dc2144bac1296ac

Request headers

accept-language
fr-FR,fr;q=0.9
Referer
https://payment.allopass.com/buy/buy.apu?ids=340817&idd=1532449
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

Date
Sat, 13 Jan 2024 04:37:21 GMT
Content-Encoding
gzip
Last-Modified
Mon, 21 Aug 2023 10:50:27 GMT
Server
Apache
ETag
"21985-40d7-6036ca56d02c0"
Vary
Accept-Encoding
Content-Type
text/css
Connection
close
Accept-Ranges
bytes
Content-Length
3631
base.css
payment.allopass.com/static/css/ Frame 8991 		81 KB
15 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://payment.allopass.com/static/css/base.css?68
Requested by
Host: payment.allopass.com
URL: https://payment.allopass.com/buy/buy.apu?ids=340817&idd=1532449
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
185.119.26.1 , France, ASN203544 (WEBDEVIIN-AS, FR),
Reverse DNS
1.26.119.185.in-addr.arpa
Software
Apache /
Resource Hash
3975eb898756e296608f964f0fe799ecf25bbf79467666a3c3218dad3db1de6e

Request headers

accept-language
fr-FR,fr;q=0.9
Referer
https://payment.allopass.com/buy/buy.apu?ids=340817&idd=1532449
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

Date
Sat, 13 Jan 2024 04:37:21 GMT
Content-Encoding
gzip
Last-Modified
Mon, 21 Aug 2023 10:50:27 GMT
Server
Apache
ETag
"215fa-143f2-6036ca56d02c0"
Vary
Accept-Encoding
Content-Type
text/css
Connection
close
Accept-Ranges
bytes
Content-Length
14739
carousel.css
payment.allopass.com/static/css/ Frame 8991 		21 KB
3 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://payment.allopass.com/static/css/carousel.css?68
Requested by
Host: payment.allopass.com
URL: https://payment.allopass.com/buy/buy.apu?ids=340817&idd=1532449
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
185.119.26.1 , France, ASN203544 (WEBDEVIIN-AS, FR),
Reverse DNS
1.26.119.185.in-addr.arpa
Software
Apache /
Resource Hash
1decf61f3465e4585a9a8cd868c343796bb6f43dfd1f03fa0b361dab97b4627c

Request headers

accept-language
fr-FR,fr;q=0.9
Referer
https://payment.allopass.com/buy/buy.apu?ids=340817&idd=1532449
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

Date
Sat, 13 Jan 2024 04:37:22 GMT
Content-Encoding
gzip
Last-Modified
Mon, 21 Aug 2023 10:50:27 GMT
Server
Apache
ETag
"21904-54eb-6036ca56d02c0"
Vary
Accept-Encoding
Content-Type
text/css
Connection
close
Accept-Ranges
bytes
Content-Length
2387
jquery-1.3.2.min.js
payment.allopass.com/static/js/ext/ Frame 8991 		56 KB
20 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://payment.allopass.com/static/js/ext/jquery-1.3.2.min.js
Requested by
Host: payment.allopass.com
URL: https://payment.allopass.com/buy/buy.apu?ids=340817&idd=1532449
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
185.119.26.1 , France, ASN203544 (WEBDEVIIN-AS, FR),
Reverse DNS
1.26.119.185.in-addr.arpa
Software
Apache /
Resource Hash
c8370a2d050359e9d505acc411e6f457a49b21360a21e6cbc9229bad3a767899

Request headers

accept-language
fr-FR,fr;q=0.9
Referer
https://payment.allopass.com/buy/buy.apu?ids=340817&idd=1532449
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

Date
Sat, 13 Jan 2024 04:37:22 GMT
Content-Encoding
gzip
Last-Modified
Mon, 21 Aug 2023 10:50:27 GMT
Server
Apache
ETag
"21722-dfa6-6036ca56d02c0"
Vary
Accept-Encoding
Content-Type
application/javascript
Connection
close
Accept-Ranges
bytes
Content-Length
19740
jquery-1.11.3.min.js
payment.allopass.com/static/js/ext/ Frame 8991 		94 KB
33 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://payment.allopass.com/static/js/ext/jquery-1.11.3.min.js
Requested by
Host: payment.allopass.com
URL: https://payment.allopass.com/buy/buy.apu?ids=340817&idd=1532449
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
185.119.26.1 , France, ASN203544 (WEBDEVIIN-AS, FR),
Reverse DNS
1.26.119.185.in-addr.arpa
Software
Apache /
Resource Hash
ecb916133a9376911f10bc5c659952eb0031e457f5df367cde560edbfba38fb8

Request headers

accept-language
fr-FR,fr;q=0.9
Referer
https://payment.allopass.com/buy/buy.apu?ids=340817&idd=1532449
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

Date
Sat, 13 Jan 2024 04:37:22 GMT
Content-Encoding
gzip
Last-Modified
Mon, 21 Aug 2023 10:50:27 GMT
Server
Apache
ETag
"4106a-176d5-6036ca56d02c0"
Vary
Accept-Encoding
Content-Type
application/javascript
Connection
close
Accept-Ranges
bytes
Content-Length
33279
general.js
payment.allopass.com/onetime/scripts/ Frame 8991 		4 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://payment.allopass.com/onetime/scripts/general.js?04
Requested by
Host: payment.allopass.com
URL: https://payment.allopass.com/buy/buy.apu?ids=340817&idd=1532449
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
185.119.26.1 , France, ASN203544 (WEBDEVIIN-AS, FR),
Reverse DNS
1.26.119.185.in-addr.arpa
Software
Apache /
Resource Hash
c1893b3f02db32e36ee562842bc299d27c047656416c204667abf42f04777d2a

Request headers

accept-language
fr-FR,fr;q=0.9
Referer
https://payment.allopass.com/buy/buy.apu?ids=340817&idd=1532449
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

Date
Sat, 13 Jan 2024 04:37:22 GMT
Content-Encoding
gzip
Last-Modified
Mon, 21 Aug 2023 10:50:26 GMT
Server
Apache
ETag
"2090b-f37-6036ca55dc080"
Vary
Accept-Encoding
Content-Type
application/javascript
Connection
close
Accept-Ranges
bytes
Content-Length
1593
jBox.all.min.js
payment.allopass.com/static/js/ext/ Frame 8991 		51 KB
13 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://payment.allopass.com/static/js/ext/jBox.all.min.js
Requested by
Host: payment.allopass.com
URL: https://payment.allopass.com/buy/buy.apu?ids=340817&idd=1532449
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
185.119.26.1 , France, ASN203544 (WEBDEVIIN-AS, FR),
Reverse DNS
1.26.119.185.in-addr.arpa
Software
Apache /
Resource Hash
d176bb09818fe74dc0e1d369c411c2e3ca68bbf64a8eb76b43ec306520229833

Request headers

accept-language
fr-FR,fr;q=0.9
Referer
https://payment.allopass.com/buy/buy.apu?ids=340817&idd=1532449
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

Date
Sat, 13 Jan 2024 04:37:22 GMT
Content-Encoding
gzip
Last-Modified
Mon, 21 Aug 2023 10:50:27 GMT
Server
Apache
ETag
"21a1f-cb59-6036ca56d02c0"
Vary
Accept-Encoding
Content-Type
application/javascript
Connection
close
Accept-Ranges
bytes
Content-Length
12605
top.js
gmu-apps.com/js/ Frame 8991 		54 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://gmu-apps.com/js/top.js
Requested by
Host: payment.allopass.com
URL: https://payment.allopass.com/buy/buy.apu?ids=340817&idd=1532449
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.241.64.65 San Jose, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-54-241-64-65.us-west-1.compute.amazonaws.com
Software
Apache /
Resource Hash
cdca24fd19906ad7adbf066e55d3ee87750c3901e9b5d1beb538408274d32109

Request headers

accept-language
fr-FR,fr;q=0.9
Referer
https://payment.allopass.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 13 Jan 2024 04:37:22 GMT
content-encoding
gzip
last-modified
Fri, 02 Apr 2021 20:31:35 GMT
server
Apache
vary
Accept-Encoding
content-type
application/javascript
cache-control
max-age=0, no-cache, no-store, must-revalidate
accept-ranges
bytes
content-length
5772
expires
Sun, 8 Mar 1981 10:00:00 GMT
fr.png
payment.allopass.com/icons/flags/24x24/ Frame 8991 		536 B
774 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://payment.allopass.com/icons/flags/24x24/fr.png
Requested by
Host: payment.allopass.com
URL: https://payment.allopass.com/buy/buy.apu?ids=340817&idd=1532449
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
185.119.26.1 , France, ASN203544 (WEBDEVIIN-AS, FR),
Reverse DNS
1.26.119.185.in-addr.arpa
Software
Apache /
Resource Hash
54df4beda3ad05d5c621511ff15b2882588ff457e36132035d5f21fb29f2a750

Request headers

accept-language
fr-FR,fr;q=0.9
Referer
https://payment.allopass.com/buy/buy.apu?ids=340817&idd=1532449
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

Date
Sat, 13 Jan 2024 04:37:22 GMT
Last-Modified
Tue, 26 Nov 2019 14:39:45 GMT
Server
Apache
ETag
"22c1e-218-59840d9ebee40"
Content-Type
image/png
Connection
close
Accept-Ranges
bytes
Content-Length
536
check-codes.js
payment.allopass.com/static/js/ Frame 8991 		2 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://payment.allopass.com/static/js/check-codes.js?01
Requested by
Host: payment.allopass.com
URL: https://payment.allopass.com/buy/buy.apu?ids=340817&idd=1532449
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
185.119.26.1 , France, ASN203544 (WEBDEVIIN-AS, FR),
Reverse DNS
1.26.119.185.in-addr.arpa
Software
Apache /
Resource Hash
97a9de3830f4bd7bcb7cf4805dbdcf1f4c6e843fcd4a814c6a5d7bc2b11fee1a

Request headers

accept-language
fr-FR,fr;q=0.9
Referer
https://payment.allopass.com/buy/buy.apu?ids=340817&idd=1532449
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

Date
Sat, 13 Jan 2024 04:37:22 GMT
Content-Encoding
gzip
Last-Modified
Mon, 21 Aug 2023 10:50:27 GMT
Server
Apache
ETag
"21716-9d7-6036ca56d02c0"
Vary
Accept-Encoding
Content-Type
application/javascript
Connection
close
Accept-Ranges
bytes
Content-Length
795
fingerprint2.min.js
payment.allopass.com/static/js/ext/ Frame 8991 		33 KB
10 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://payment.allopass.com/static/js/ext/fingerprint2.min.js
Requested by
Host: payment.allopass.com
URL: https://payment.allopass.com/buy/buy.apu?ids=340817&idd=1532449
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
185.119.26.1 , France, ASN203544 (WEBDEVIIN-AS, FR),
Reverse DNS
1.26.119.185.in-addr.arpa
Software
Apache /
Resource Hash
faf063f091dd745b82f9aeb12544a10ef3ee5989078c1a90d377d863fff884c7

Request headers

accept-language
fr-FR,fr;q=0.9
Referer
https://payment.allopass.com/buy/buy.apu?ids=340817&idd=1532449
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

Date
Sat, 13 Jan 2024 04:37:22 GMT
Content-Encoding
gzip
Last-Modified
Mon, 21 Aug 2023 10:50:27 GMT
Server
Apache
ETag
"41068-8432-6036ca56d02c0"
Vary
Accept-Encoding
Content-Type
application/javascript
Connection
close
Accept-Ranges
bytes
Content-Length
10209
arrow-down.png
payment.allopass.com/static/css/images/ Frame 8991 		315 B
553 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://payment.allopass.com/static/css/images/arrow-down.png
Requested by
Host: payment.allopass.com
URL: https://payment.allopass.com/buy/buy.apu?ids=340817&idd=1532449
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
185.119.26.1 , France, ASN203544 (WEBDEVIIN-AS, FR),
Reverse DNS
1.26.119.185.in-addr.arpa
Software
Apache /
Resource Hash
c0a130d7b90ac605b17acd40337aa673f2f6b1779801ba8ea7d894d38b87ba36

Request headers

accept-language
fr-FR,fr;q=0.9
Referer
https://payment.allopass.com/buy/buy.apu?ids=340817&idd=1532449
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

Date
Sat, 13 Jan 2024 04:37:22 GMT
Last-Modified
Mon, 21 Aug 2023 10:50:27 GMT
Server
Apache
ETag
"21734-13b-6036ca56d02c0"
Content-Type
image/png
Connection
close
Accept-Ranges
bytes
Content-Length
315
carousel.js
payment.allopass.com/static/js/ Frame 8991 		7 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://payment.allopass.com/static/js/carousel.js?5
Requested by
Host: payment.allopass.com
URL: https://payment.allopass.com/buy/buy.apu?ids=340817&idd=1532449
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
185.119.26.1 , France, ASN203544 (WEBDEVIIN-AS, FR),
Reverse DNS
1.26.119.185.in-addr.arpa
Software
Apache /
Resource Hash
8db08a66fc20669ae93e6d8e919f56a863ce77d3e1ea0bb97efc4c35da450435

Request headers

accept-language
fr-FR,fr;q=0.9
Referer
https://payment.allopass.com/buy/buy.apu?ids=340817&idd=1532449
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

Date
Sat, 13 Jan 2024 04:37:22 GMT
Content-Encoding
gzip
Last-Modified
Mon, 21 Aug 2023 10:50:27 GMT
Server
Apache
ETag
"41064-1b55-6036ca56d02c0"
Vary
Accept-Encoding
Content-Type
application/javascript
Connection
close
Accept-Ranges
bytes
Content-Length
1830
gtm.js
www.googletagmanager.com/ Frame 8991 		166 KB
61 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtm.js?id=GTM-NVK252XV
Requested by
Host: payment.allopass.com
URL: https://payment.allopass.com/buy/buy.apu?ids=340817&idd=1532449
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:811::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
f49557c53b5a2b5ba8e6496011e3c2728b1d20a8eea9c638d9ba796eda2a8791
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

accept-language
fr-FR,fr;q=0.9
Referer
https://payment.allopass.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date
Sat, 13 Jan 2024 04:37:22 GMT
content-encoding
br
strict-transport-security
max-age=31536000; includeSubDomains
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
61576
x-xss-protection
0
last-modified
Sat, 13 Jan 2024 03:00:00 GMT
server
Google Tag Manager
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
access-control-allow-headers
Cache-Control
expires
Sat, 13 Jan 2024 04:37:22 GMT
duration.css
payment.allopass.com/static/css/ Frame 8991 		3 KB
1 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://payment.allopass.com/static/css/duration.css
Requested by
Host: payment.allopass.com
URL: https://payment.allopass.com/static/css/base.css?68
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
185.119.26.1 , France, ASN203544 (WEBDEVIIN-AS, FR),
Reverse DNS
1.26.119.185.in-addr.arpa
Software
Apache /
Resource Hash
b88598db6441341112078d3c81ea00ddf76e566ad9c68dcfec28a4d5100ca7b8

Request headers

accept-language
fr-FR,fr;q=0.9
Referer
https://payment.allopass.com/static/css/base.css?68
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

Date
Sat, 13 Jan 2024 04:37:22 GMT
Content-Encoding
gzip
Last-Modified
Mon, 21 Aug 2023 10:50:27 GMT
Server
Apache
ETag
"216eb-b61-6036ca56d02c0"
Vary
Accept-Encoding
Content-Type
text/css
Connection
close
Accept-Ranges
bytes
Content-Length
793
ads
googleads.g.doubleclick.net/pagead/ Frame 6B03 		111 KB
45 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5203714787387788&output=html&h=90&slotname=4563536207&adk=2647235303&adf=3604715433&pi=t.ma~as.4563536207&w=970&format=970x90&url=http%3A%2F%2Fwww.malipmu.1s.fr%2F&ea=0&wgl=1&dt=1705120641692&bpp=3&bdt=298&idt=370&shv=r20240109&mjsv=m202401100101&ptt=9&saldr=aa&correlator=1950387900691&frm=23&ife=1&pv=2&ga_vid=295969197.1705120642&ga_sid=1705120642&ga_hid=187568388&ga_fc=0&nhd=1&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&adx=20&ady=0&biw=1600&bih=1200&isw=1600&ish=90&ifk=3048689311&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C44809531%2C31080401%2C95320869%2C95320890&oid=2&pvsid=610469223943217&tmod=2120805725&uas=0&nvt=1&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C90&vis=1&rsz=o%7Co%7CaeE%7C&abl=NA&pfx=0&fu=4&bc=23&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=1&uci=1.i9jtvxmcbhr5&fsb=1&dtd=381
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202401100101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-5203714787387788&plah=www.malipmu.1s.fr&bust=31080401
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
b3ea80bf0cac29dba7599e04e2d0b44ed5b31dc5a13ef6fc2acfa9aa6c87d1ad
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
http://www.malipmu.1s.fr/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36
accept-language
fr-FR,fr;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
private
content-encoding
br
content-length
45463
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Sat, 13 Jan 2024 04:37:22 GMT
expires
Sat, 13 Jan 2024 04:37:22 GMT
observe-browsing-topics
?1
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server
cafe
timing-allow-origin
*
x-content-type-options
nosniff
x-xss-protection
0
ads
googleads.g.doubleclick.net/pagead/ Frame 5DE8 		122 KB
48 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5203714787387788&output=html&adk=1812271804&adf=3279755397&plaf=7%3A2&plat=3%3A128%2C4%3A128%2C9%3A32776%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32%2C41%3A32%2C42%3A32&plas=500x945_l%7C500x945_r&format=0x0&url=http%3A%2F%2Fwww.malipmu.1s.fr%2F&ea=0&pra=7&wgl=1&easpi=0&asro=0&aslmt=0.4&asamt=-1&asedf=0&asefa=1&aseiel=1~2~4~6&aslcwct=150&asacwct=25&aslmct=0.7&asamct=0.7&dt=1705120641715&bpp=2&bdt=322&idt=372&shv=r20240109&mjsv=m202401100101&ptt=9&saldr=aa&prev_fmts=970x90&nras=1&correlator=1950387900691&frm=23&ife=1&pv=1&ga_vid=295969197.1705120642&ga_sid=1705120642&ga_hid=187568388&ga_fc=0&nhd=1&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&adx=-12245933&ady=-12245933&biw=1600&bih=1200&isw=1600&ish=90&ifk=3048689311&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C44809531%2C31080401%2C95320869%2C95320890&oid=2&pvsid=610469223943217&tmod=2120805725&uas=0&nvt=1&fsapi=1&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C90&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=32772&bc=23&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=2&uci=2.nnaix6fw5ad0&fsb=1&dtd=378
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202401100101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-5203714787387788&plah=www.malipmu.1s.fr&bust=31080401
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
25cb744080d6deff4264b5ba524f0dce05c93ec3daa38013a08bf7480123d6ee
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
http://www.malipmu.1s.fr/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36
accept-language
fr-FR,fr;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
private
content-encoding
br
content-length
49076
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Sat, 13 Jan 2024 04:37:22 GMT
expires
Sat, 13 Jan 2024 04:37:22 GMT
observe-browsing-topics
?1
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server
cafe
timing-allow-origin
*
x-content-type-options
nosniff
x-xss-protection
0
reactive_library_fy2021.js
pagead2.googlesyndication.com/pagead/managed/js/adsense/m202401100101/ Frame D0E8 		162 KB
55 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202401100101/reactive_library_fy2021.js?bust=31080401
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202401100101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-5203714787387788&plah=www.malipmu.1s.fr&bust=31080401
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
494f83e5feda9fb5349f8be38b0bef2e9f301e388e1cfd047564cebbbf34d815
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
fr-FR,fr;q=0.9
Referer
http://www.malipmu.1s.fr/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date
Sat, 13 Jan 2024 04:37:22 GMT
content-encoding
br
x-content-type-options
nosniff
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
56396
x-xss-protection
0
server
cafe
etag
12953961914700961593
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
cache-control
private, max-age=1209600
timing-allow-origin
*
expires
Sat, 13 Jan 2024 04:37:22 GMT
pixel
googleads.g.doubleclick.net/xbbe/ Frame B946 		624 B
246 B 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/xbbe/pixel?d=CPDkLxCZw2EYzIrw2QEwAQ&v=APEucNX2YFlJ4z9MJQHnyvpgyAo_4MiRRGJV_7FApFt3d8JH7dFCYiB8aDAqc6v8Lp0qNG1VodNcF80F2GijfTzpeJVmXSrWQU8p9lSWujAJLMamOoCYKG3bEEj1hBKZYxXot85WFxUwtlTHaCq7pPMisdVU3wluhysBDxqRuXd19WygbNJHefc
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5203714787387788&output=html&h=90&slotname=4563536207&adk=2647235303&adf=3604715433&pi=t.ma~as.4563536207&w=970&format=970x90&url=http%3A%2F%2Fwww.malipmu.1s.fr%2F&ea=0&wgl=1&dt=1705120641692&bpp=3&bdt=298&idt=370&shv=r20240109&mjsv=m202401100101&ptt=9&saldr=aa&correlator=1950387900691&frm=23&ife=1&pv=2&ga_vid=295969197.1705120642&ga_sid=1705120642&ga_hid=187568388&ga_fc=0&nhd=1&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&adx=20&ady=0&biw=1600&bih=1200&isw=1600&ish=90&ifk=3048689311&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C44809531%2C31080401%2C95320869%2C95320890&oid=2&pvsid=610469223943217&tmod=2120805725&uas=0&nvt=1&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C90&vis=1&rsz=o%7Co%7CaeE%7C&abl=NA&pfx=0&fu=4&bc=23&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=1&uci=1.i9jtvxmcbhr5&fsb=1&dtd=381
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
9ff367082be1d94abc86ad1e75ff921cc5d53846e860267372fade66305f9120
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5203714787387788&output=html&h=90&slotname=4563536207&adk=2647235303&adf=3604715433&pi=t.ma~as.4563536207&w=970&format=970x90&url=http%3A%2F%2Fwww.malipmu.1s.fr%2F&ea=0&wgl=1&dt=1705120641692&bpp=3&bdt=298&idt=370&shv=r20240109&mjsv=m202401100101&ptt=9&saldr=aa&correlator=1950387900691&frm=23&ife=1&pv=2&ga_vid=295969197.1705120642&ga_sid=1705120642&ga_hid=187568388&ga_fc=0&nhd=1&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&adx=20&ady=0&biw=1600&bih=1200&isw=1600&ish=90&ifk=3048689311&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C44809531%2C31080401%2C95320869%2C95320890&oid=2&pvsid=610469223943217&tmod=2120805725&uas=0&nvt=1&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C90&vis=1&rsz=o%7Co%7CaeE%7C&abl=NA&pfx=0&fu=4&bc=23&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=1&uci=1.i9jtvxmcbhr5&fsb=1&dtd=381
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36
accept-language
fr-FR,fr;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
private
content-encoding
br
content-length
222
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Sat, 13 Jan 2024 04:37:22 GMT
expires
Sat, 13 Jan 2024 04:37:22 GMT
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server
cafe
timing-allow-origin
*
x-content-type-options
nosniff
x-xss-protection
0
express_html_inpage_rendering_lib_200_278.js
s0.2mdn.net/879366/ Frame 0BBD 		111 KB
39 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://s0.2mdn.net/879366/express_html_inpage_rendering_lib_200_278.js
Requested by
Host: www.malipmu.1s.fr
URL: http://www.malipmu.1s.fr/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:831::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
1642dd5dc126df4feff2255cba0988528507973d842d0a73331a5873f6b9d4e5
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://googleads.g.doubleclick.net/
Origin
https://googleads.g.doubleclick.net
accept-language
fr-FR,fr;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date
Fri, 12 Jan 2024 21:44:19 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
24783
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
39806
x-xss-protection
0
last-modified
Tue, 14 Mar 2023 18:44:05 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
text/javascript
access-control-allow-origin
*
cache-control
public, max-age=86400
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Sat, 13 Jan 2024 21:44:19 GMT
omrhp_fy2021.js
pagead2.googlesyndication.com/pagead/js/r20240109/r20110914/elements/html/ Frame 0BBD 		7 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/js/r20240109/r20110914/elements/html/omrhp_fy2021.js
Requested by
Host: www.malipmu.1s.fr
URL: http://www.malipmu.1s.fr/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
c4b813f7aa04eca20be469b259cca2779799f58e280d73488bd7386940d2d146
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
fr-FR,fr;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date
Sat, 13 Jan 2024 00:01:20 GMT
content-encoding
br
x-content-type-options
nosniff
age
16562
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
3071
x-xss-protection
0
server
cafe
etag
10674441169935035545
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Sat, 27 Jan 2024 00:01:20 GMT
abg_lite_fy2021.js
pagead2.googlesyndication.com/pagead/js/r20240109/r20110914/ Frame 0BBD 		23 KB
9 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/js/r20240109/r20110914/abg_lite_fy2021.js
Requested by
Host: www.malipmu.1s.fr
URL: http://www.malipmu.1s.fr/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
428f4d59e61cdf9887ad4cd7c4592a24b214d2d9c0ba09db01c4cfde66a3cd11
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
fr-FR,fr;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date
Sat, 13 Jan 2024 00:01:21 GMT
content-encoding
br
x-content-type-options
nosniff
age
16561
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
9276
x-xss-protection
0
server
cafe
etag
3558958386372919956
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Sat, 27 Jan 2024 00:01:21 GMT
Q12zgMmT.js
tpc.googlesyndication.com/sodar/ Frame 0BBD 		41 KB
14 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/Q12zgMmT.js
Requested by
Host: www.malipmu.1s.fr
URL: http://www.malipmu.1s.fr/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:802::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
435db380c9936c0970dcd3d9941eab6aec2fcf2a38c3e2b4e02d957e8e76bd1f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
fr-FR,fr;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date
Fri, 12 Jan 2024 20:07:48 GMT
content-encoding
br
x-content-type-options
nosniff
age
30574
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
13937
x-xss-protection
0
last-modified
Fri, 25 Aug 2023 23:48:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
vary
Accept-Encoding
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Sat, 11 Jan 2025 20:07:48 GMT
window_focus_fy2021.js
tpc.googlesyndication.com/pagead/js/r20240109/r20110914/client/ Frame 0BBD 		3 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20240109/r20110914/client/window_focus_fy2021.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5203714787387788&output=html&h=90&slotname=4563536207&adk=2647235303&adf=3604715433&pi=t.ma~as.4563536207&w=970&format=970x90&url=http%3A%2F%2Fwww.malipmu.1s.fr%2F&ea=0&wgl=1&dt=1705120641692&bpp=3&bdt=298&idt=370&shv=r20240109&mjsv=m202401100101&ptt=9&saldr=aa&correlator=1950387900691&frm=23&ife=1&pv=2&ga_vid=295969197.1705120642&ga_sid=1705120642&ga_hid=187568388&ga_fc=0&nhd=1&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&adx=20&ady=0&biw=1600&bih=1200&isw=1600&ish=90&ifk=3048689311&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C44809531%2C31080401%2C95320869%2C95320890&oid=2&pvsid=610469223943217&tmod=2120805725&uas=0&nvt=1&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C90&vis=1&rsz=o%7Co%7CaeE%7C&abl=NA&pfx=0&fu=4&bc=23&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=1&uci=1.i9jtvxmcbhr5&fsb=1&dtd=381
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:802::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
fr-FR,fr;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date
Fri, 12 Jan 2024 17:58:07 GMT
content-encoding
br
x-content-type-options
nosniff
age
38355
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
1236
x-xss-protection
0
server
cafe
etag
15004572836499977866
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Fri, 26 Jan 2024 17:58:07 GMT
qs_click_protection_fy2021.js
tpc.googlesyndication.com/pagead/js/r20240109/r20110914/client/ Frame 0BBD 		20 KB
9 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20240109/r20110914/client/qs_click_protection_fy2021.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5203714787387788&output=html&h=90&slotname=4563536207&adk=2647235303&adf=3604715433&pi=t.ma~as.4563536207&w=970&format=970x90&url=http%3A%2F%2Fwww.malipmu.1s.fr%2F&ea=0&wgl=1&dt=1705120641692&bpp=3&bdt=298&idt=370&shv=r20240109&mjsv=m202401100101&ptt=9&saldr=aa&correlator=1950387900691&frm=23&ife=1&pv=2&ga_vid=295969197.1705120642&ga_sid=1705120642&ga_hid=187568388&ga_fc=0&nhd=1&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&adx=20&ady=0&biw=1600&bih=1200&isw=1600&ish=90&ifk=3048689311&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C44809531%2C31080401%2C95320869%2C95320890&oid=2&pvsid=610469223943217&tmod=2120805725&uas=0&nvt=1&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C90&vis=1&rsz=o%7Co%7CaeE%7C&abl=NA&pfx=0&fu=4&bc=23&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=1&uci=1.i9jtvxmcbhr5&fsb=1&dtd=381
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:802::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
d58acf16b5e4521c9eb24fe9fd97308e5f8be1297e4b63a547e5b610611799ae
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
fr-FR,fr;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date
Fri, 12 Jan 2024 19:20:11 GMT
content-encoding
br
x-content-type-options
nosniff
age
33431
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
8492
x-xss-protection
0
server
cafe
etag
9878124937798820110
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Fri, 26 Jan 2024 19:20:11 GMT
ufs_web_display.js
www.googletagservices.com/activeview/js/current/ Frame 0BBD 		205 KB
65 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/activeview/js/current/ufs_web_display.js?cache=r20110914
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5203714787387788&output=html&h=90&slotname=4563536207&adk=2647235303&adf=3604715433&pi=t.ma~as.4563536207&w=970&format=970x90&url=http%3A%2F%2Fwww.malipmu.1s.fr%2F&ea=0&wgl=1&dt=1705120641692&bpp=3&bdt=298&idt=370&shv=r20240109&mjsv=m202401100101&ptt=9&saldr=aa&correlator=1950387900691&frm=23&ife=1&pv=2&ga_vid=295969197.1705120642&ga_sid=1705120642&ga_hid=187568388&ga_fc=0&nhd=1&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&adx=20&ady=0&biw=1600&bih=1200&isw=1600&ish=90&ifk=3048689311&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C44809531%2C31080401%2C95320869%2C95320890&oid=2&pvsid=610469223943217&tmod=2120805725&uas=0&nvt=1&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C90&vis=1&rsz=o%7Co%7CaeE%7C&abl=NA&pfx=0&fu=4&bc=23&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=1&uci=1.i9jtvxmcbhr5&fsb=1&dtd=381
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
ed88d5a1c97dc43c114c0b289b3b5abf077be44e8e8765a9ad777f94af433411
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
fr-FR,fr;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date
Sat, 13 Jan 2024 04:37:22 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
66227
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="active-view-scs-read-write-acl"
etag
"1704891455226136"
vary
Accept-Encoding
report-to
{"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
timing-allow-origin
*
expires
Sat, 13 Jan 2024 04:37:22 GMT
gen_204
pagead2.googlesyndication.com/pagead/ Frame 0BBD 		42 B
173 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=xbid&dbm_b=AKAmf-AVNGskhr_JsdmQsSJGTPK6x2neGf1jAmpRqaJ9BEjtslQRbdVtbjYuw40qIQiP-LITggvaqn5fiThGIk6wLohfH3_yDYLe1iDSoRMVVg37C3iY3Aw
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5203714787387788&output=html&h=90&slotname=4563536207&adk=2647235303&adf=3604715433&pi=t.ma~as.4563536207&w=970&format=970x90&url=http%3A%2F%2Fwww.malipmu.1s.fr%2F&ea=0&wgl=1&dt=1705120641692&bpp=3&bdt=298&idt=370&shv=r20240109&mjsv=m202401100101&ptt=9&saldr=aa&correlator=1950387900691&frm=23&ife=1&pv=2&ga_vid=295969197.1705120642&ga_sid=1705120642&ga_hid=187568388&ga_fc=0&nhd=1&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&adx=20&ady=0&biw=1600&bih=1200&isw=1600&ish=90&ifk=3048689311&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C44809531%2C31080401%2C95320869%2C95320890&oid=2&pvsid=610469223943217&tmod=2120805725&uas=0&nvt=1&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C90&vis=1&rsz=o%7Co%7CaeE%7C&abl=NA&pfx=0&fu=4&bc=23&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=1&uci=1.i9jtvxmcbhr5&fsb=1&dtd=381
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
fr-FR,fr;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 13 Jan 2024 04:37:22 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
rum
dsum-sec.casalemedia.com/ Frame B946
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_dbm
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEAoN79gG_LqBAwS-QZ-Em5E&google_cver=1
43 B
337 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEAoN79gG_LqBAwS-QZ-Em5E&google_cver=1
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CPDkLxCZw2EYzIrw2QEwAQ&v=APEucNX2YFlJ4z9MJQHnyvpgyAo_4MiRRGJV_7FApFt3d8JH7dFCYiB8aDAqc6v8Lp0qNG1VodNcF80F2GijfTzpeJVmXSrWQU8p9lSWujAJLMamOoCYKG3bEEj1hBKZYxXot85WFxUwtlTHaCq7pPMisdVU3wluhysBDxqRuXd19WygbNJHefc
Protocol
H2
Server
172.64.151.101 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
fr-FR,fr;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 13 Jan 2024 04:37:22 GMT
cf-cache-status
DYNAMIC
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=JZiEZ8x5qE4ZYy%2BwJLq5ZiINfjffrX4af1%2Bvo0BUx%2Fmnia7sFoaARRhbcmXIxLQ2Zo8QDHTGCxvIRcQUE9HgHOACwyX3SGqveR9jTER8k2iotcJyTxl3rxOvyhcNYsRVosModUQRBA1avg%3D%3D"}],"group":"cf-nel","max_age":604800}
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
content-type
image/gif
cache-control
no-cache
cf-ray
844af18fbb0502c9-CDG
alt-svc
h3=":443"; ma=86400
content-length
43
expires
0

Redirect headers

pragma
no-cache
date
Sat, 13 Jan 2024 04:37:22 GMT
server
HTTP server (unknown)
content-type
text/html; charset=UTF-8
location
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEAoN79gG_LqBAwS-QZ-Em5E&google_cver=1
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
313
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
rum
dsum-sec.casalemedia.com/ Frame B946
Redirect Chain
  • https://dsum-sec.casalemedia.com/rrum?ixi=0&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D
  • https://dsum-sec.casalemedia.com/rrum?cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D&cm_dsp_id=85&ixi=0&C=1
  • https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_hm=ZaITgvvLmN63mVUKkm8wYwAA
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEAoN79gG_LqBAwS-QZ-Em5E&google_cver=1
43 B
774 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEAoN79gG_LqBAwS-QZ-Em5E&google_cver=1
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CPDkLxCZw2EYzIrw2QEwAQ&v=APEucNX2YFlJ4z9MJQHnyvpgyAo_4MiRRGJV_7FApFt3d8JH7dFCYiB8aDAqc6v8Lp0qNG1VodNcF80F2GijfTzpeJVmXSrWQU8p9lSWujAJLMamOoCYKG3bEEj1hBKZYxXot85WFxUwtlTHaCq7pPMisdVU3wluhysBDxqRuXd19WygbNJHefc
Protocol
H3
Server
172.64.151.101 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
fr-FR,fr;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 13 Jan 2024 04:37:22 GMT
cf-cache-status
DYNAMIC
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=yU%2BzsqNF%2BhtURlfXLz5MuunNQVQJ8ioaWt845cXv2Q9jhhvpXpHoVsBwJ482%2FSzARnLgThhCNY9qB6WOOWuxWBY%2BbdHJfu2MEB%2F5OxtZG1JuXrz2UZ%2Fk5jRYUZlDatslK34NHR7dHuZLmg%3D%3D"}],"group":"cf-nel","max_age":604800}
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
content-type
image/gif
cache-control
no-cache
cf-ray
844af190388b0171-CDG
alt-svc
h3=":443"; ma=86400
content-length
43
expires
0

Redirect headers

pragma
no-cache
date
Sat, 13 Jan 2024 04:37:22 GMT
server
HTTP server (unknown)
content-type
text/html; charset=UTF-8
location
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEAoN79gG_LqBAwS-QZ-Em5E&google_cver=1
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
313
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
setuid
ib.adnxs.com/ Frame B946
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_cm&google_dbm
  • https://ib.adnxs.com/setuid?entity=101&code=CAESEGBIWhH8_gVufOkXmkb1kFc&google_cver=1
43 B
1006 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ib.adnxs.com/setuid?entity=101&code=CAESEGBIWhH8_gVufOkXmkb1kFc&google_cver=1
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CPDkLxCZw2EYzIrw2QEwAQ&v=APEucNX2YFlJ4z9MJQHnyvpgyAo_4MiRRGJV_7FApFt3d8JH7dFCYiB8aDAqc6v8Lp0qNG1VodNcF80F2GijfTzpeJVmXSrWQU8p9lSWujAJLMamOoCYKG3bEEj1hBKZYxXot85WFxUwtlTHaCq7pPMisdVU3wluhysBDxqRuXd19WygbNJHefc
Protocol
H2
Server
185.89.211.84 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),
Reverse DNS
959.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net
Software
nginx/1.23.4 /
Resource Hash
4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
fr-FR,fr;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 13 Jan 2024 04:37:22 GMT
an-x-request-uuid
342cfcc2-62cc-45b0-acc9-b2672c6770fe
server
nginx/1.23.4
accept-ch
Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type
image/gif
cache-control
no-store, no-cache, private
x-proxy-origin
37.59.164.108; 37.59.164.108; 959.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
content-length
43
x-xss-protection
0
expires
Sat, 15 Nov 2008 16:00:00 GMT

Redirect headers

pragma
no-cache
date
Sat, 13 Jan 2024 04:37:22 GMT
server
HTTP server (unknown)
content-type
text/html; charset=UTF-8
location
https://ib.adnxs.com/setuid?entity=101&code=CAESEGBIWhH8_gVufOkXmkb1kFc&google_cver=1
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
290
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
pixel
cm.g.doubleclick.net/ Frame B946
Redirect Chain
  • https://ib.adnxs.com/getuid?https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=${BASE64_UID_ENC}
  • https://ib.adnxs.com/bounce?%2Fgetuid%3Fhttps%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dappnexus%26google_hm%3D%24%7BBASE64_UID_ENC%7D
  • https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=MTM0MDI4MzM2OTk3NTM4MjcyMg%3D%3D
170 B
243 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=MTM0MDI4MzM2OTk3NTM4MjcyMg%3D%3D
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CPDkLxCZw2EYzIrw2QEwAQ&v=APEucNX2YFlJ4z9MJQHnyvpgyAo_4MiRRGJV_7FApFt3d8JH7dFCYiB8aDAqc6v8Lp0qNG1VodNcF80F2GijfTzpeJVmXSrWQU8p9lSWujAJLMamOoCYKG3bEEj1hBKZYxXot85WFxUwtlTHaCq7pPMisdVU3wluhysBDxqRuXd19WygbNJHefc
Protocol
H2
Server
142.250.181.226 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s56-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
fr-FR,fr;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 13 Jan 2024 04:37:22 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma
no-cache
date
Sat, 13 Jan 2024 04:37:22 GMT
an-x-request-uuid
cf7f518f-825c-4f1a-90af-7d7ffd0cec64
server
nginx/1.23.4
accept-ch
Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type
text/html; charset=utf-8
access-control-allow-origin
*
cache-control
no-store, no-cache, private
access-control-allow-credentials
true
location
https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=MTM0MDI4MzM2OTk3NTM4MjcyMg%3D%3D
x-proxy-origin
37.59.164.108; 37.59.164.108; 959.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
content-length
0
x-xss-protection
0
expires
Sat, 15 Nov 2008 16:00:00 GMT
adsbygoogle.js
pagead2.googlesyndication.com/pagead/js/ 		146 KB
50 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202401100101/reactive_library_fy2021.js?bust=31080401
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
145bb9be280d21f319706c5229d7689fd15c736da7f60735b29fadd3fb5ae8fd
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
fr-FR,fr;q=0.9
Referer
http://www.malipmu.1s.fr/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date
Sat, 13 Jan 2024 04:37:22 GMT
content-encoding
br
x-content-type-options
nosniff
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
51193
x-xss-protection
0
server
cafe
etag
14660263366265290586
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=3600, stale-while-revalidate=3600
timing-allow-origin
*
expires
Sat, 13 Jan 2024 04:37:22 GMT
secure-lock.gif
payment.allopass.com/static/css/icons/ Frame 8991 		181 B
418 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://payment.allopass.com/static/css/icons/secure-lock.gif
Requested by
Host: payment.allopass.com
URL: https://payment.allopass.com/static/css/base.css?68
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
185.119.26.1 , France, ASN203544 (WEBDEVIIN-AS, FR),
Reverse DNS
1.26.119.185.in-addr.arpa
Software
Apache /
Resource Hash
b74d93c2e43195ed06c03dcc855663cce5faec3d82a53598eb84f0714bb5ced9

Request headers

accept-language
fr-FR,fr;q=0.9
Referer
https://payment.allopass.com/static/css/base.css?68
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

Date
Sat, 13 Jan 2024 04:37:22 GMT
Last-Modified
Mon, 21 Aug 2023 10:50:27 GMT
Server
Apache
ETag
"21947-b5-6036ca56d02c0"
Content-Type
image/gif
Connection
close
Accept-Ranges
bytes
Content-Length
181
sms-logo-new-1.jpg
payment.allopass.com/static/images/payment-solutions/ Frame 8991 		6 KB
7 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://payment.allopass.com/static/images/payment-solutions/sms-logo-new-1.jpg
Requested by
Host: payment.allopass.com
URL: https://payment.allopass.com/static/css/base.css?68
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
185.119.26.1 , France, ASN203544 (WEBDEVIIN-AS, FR),
Reverse DNS
1.26.119.185.in-addr.arpa
Software
Apache /
Resource Hash
f8e7cca5d725305e0a7c5932bc1e70a4e22abd39bbddcecd52ae3caaa531606b

Request headers

accept-language
fr-FR,fr;q=0.9
Referer
https://payment.allopass.com/static/css/base.css?68
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

Date
Sat, 13 Jan 2024 04:37:22 GMT
Last-Modified
Mon, 21 Aug 2023 10:50:27 GMT
Server
Apache
ETag
"216f6-1974-6036ca56d02c0"
Content-Type
image/jpeg
Connection
close
Accept-Ranges
bytes
Content-Length
6516
field.png
payment.allopass.com/static/css/images/ Frame 8991 		170 B
407 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://payment.allopass.com/static/css/images/field.png
Requested by
Host: payment.allopass.com
URL: https://payment.allopass.com/static/css/base.css?68
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
185.119.26.1 , France, ASN203544 (WEBDEVIIN-AS, FR),
Reverse DNS
1.26.119.185.in-addr.arpa
Software
Apache /
Resource Hash
7ffb9e58d885b0eaf644c52103b65f0019590149c75e77ff18f826d9bb3fa4e9

Request headers

accept-language
fr-FR,fr;q=0.9
Referer
https://payment.allopass.com/static/css/base.css?68
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

Date
Sat, 13 Jan 2024 04:37:22 GMT
Last-Modified
Mon, 21 Aug 2023 10:50:27 GMT
Server
Apache
ETag
"40faa-aa-6036ca56d02c0"
Content-Type
image/png
Connection
close
Accept-Ranges
bytes
Content-Length
170
truncated
/ Frame 0BBD 		217 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
f0accc13693b74bf28ea4dc561da4b5bb10b3dd68d9a75253e810bd8abf3a9af

Request headers

accept-language
fr-FR,fr;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

Content-Type
image/png
allopass-logo-small.svg
payment.allopass.com/static/css/images/ Frame 8991 		116 KB
116 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://payment.allopass.com/static/css/images/allopass-logo-small.svg
Requested by
Host: payment.allopass.com
URL: https://payment.allopass.com/static/css/base.css?68
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
185.119.26.1 , France, ASN203544 (WEBDEVIIN-AS, FR),
Reverse DNS
1.26.119.185.in-addr.arpa
Software
Apache /
Resource Hash
a82d1b3a85473bad87120c7d6b42782c0b5132e88feab8d6bd22a65ac85f70d4

Request headers

accept-language
fr-FR,fr;q=0.9
Referer
https://payment.allopass.com/static/css/base.css?68
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

Date
Sat, 13 Jan 2024 04:37:22 GMT
Last-Modified
Mon, 21 Aug 2023 10:50:27 GMT
Server
Apache
ETag
"21732-1cf64-6036ca56d02c0"
Content-Type
image/svg+xml
Connection
close
Accept-Ranges
bytes
Content-Length
118628
carousel-row-mobiyo.png
payment.allopass.com/static/css/images/ Frame 8991 		87 KB
87 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://payment.allopass.com/static/css/images/carousel-row-mobiyo.png
Requested by
Host: payment.allopass.com
URL: https://payment.allopass.com/static/css/carousel.css?68
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
185.119.26.1 , France, ASN203544 (WEBDEVIIN-AS, FR),
Reverse DNS
1.26.119.185.in-addr.arpa
Software
Apache /
Resource Hash
5b0231eec0d06b77f534fe202e99a40e89685551d6f1afdebc3c581e3ea76a0b

Request headers

accept-language
fr-FR,fr;q=0.9
Referer
https://payment.allopass.com/static/css/carousel.css?68
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

Date
Sat, 13 Jan 2024 04:37:22 GMT
Last-Modified
Mon, 21 Aug 2023 10:50:27 GMT
Server
Apache
ETag
"21957-15a80-6036ca56d02c0"
Content-Type
image/png
Connection
close
Accept-Ranges
bytes
Content-Length
88704
index.html
s0.2mdn.net/sadbundle/7509247668429163338/ Frame 2978 		20 KB
5 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://s0.2mdn.net/sadbundle/7509247668429163338/index.html?ev=01_250
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/879366/express_html_inpage_rendering_lib_200_278.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:831::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
cf45c33ce297e2cc2d652903decd2b1eae7c1e9f66d4986627a6f63cc3441710
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://googleads.g.doubleclick.net/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36
accept-language
fr-FR,fr;q=0.9

Response headers

accept-ranges
bytes
access-control-allow-origin
*
age
58486
allow-fenced-frame-automatic-beacons
true
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, max-age=31536000
content-encoding
gzip
content-length
4591
content-type
text/html
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
cross-origin-resource-policy
cross-origin
date
Fri, 12 Jan 2024 12:22:36 GMT
expires
Sat, 11 Jan 2025 12:22:36 GMT
last-modified
Sat, 17 Dec 2022 18:23:11 GMT
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
server
sffe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-dns-prefetch-control
off
x-xss-protection
0
view
ad.doubleclick.net/pcs/ Frame 0BBD 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://ad.doubleclick.net/pcs/view?xai=AKAOjstFJGNO4ztHgIHUq1JrX_qoY4h3yuHNMu6yYRmBoVdISp6o99oUTwtRIcfV8xS7s9jTJsveB6snQpUw3_e7IkM2NppjhVju2YBluRRpMEznYXL9MS4ZGR3LE56OvyZLpN_oAli4MNrMGgE-1t2BmQOhnuklV3Y2DSHR9hieqC2Jy-INhy5QLe00Sg5bU6EYSfjZw85p2el2_e-8iSZV26s_jzHjxDt1EkiVWYbcLkvSvPEnQ9ST2vmsxORne35KB4YmIxcWhx8Bh5RaHpI74s2ICcGwDeU891O13O2_KE8qabJJnNFIzLf7w62OY0hut1VhMir3hgt4Bqu4P0jMuF4Z3wXMuRmCkoaDrtpi3ioO1Wd2cFV3yqah6MWyPfIl2htdXNXq_9997CyoBfWx4s55GrY-SnBsvCLYOhZyNI83U8swaqOeoHA0TLfifOJ9t2LOkwJmxULsbB-1KPwE39AKPPPM7V3Q3kUE3gdcagTVAgcEOXpGblyTabgE_dX-Aq0yqiFINd3p9XLsuqV5XqfeSUD_zyfv-izpeukt8_hV9WKDmxTgxhvytkNUpXOliiJNmevVrQMGPUXKpIfgK8EZDTd8LHfv6njYsEinCTeve9HHzPJ5M2BLVpCKb5s22Dw8wBqmPQUxLWF69p-CvTgJctNng220STPAyWX0pNoyI_emd7Gc6KTVzogCtKJZi1diNwrqmC9KLuRByQACtS3z9iHhIB7aOHFEo7fhDVFvWjOgKxlm9Ja1F3OYuTGTvXqZLUEV1xoccFryP1LZvaDBeUbcG83cnH64Nq_lAOjMFKdo9_tmHq-KmW5Ie9KhzGuUWqBxvbUd4zRr2IuNCPa6HQnKY1pjCXLecRNLRaWGi9-4E1O56-pgsRSCo7_8NyEuQNT9glR8879WW2GC-KFwzSRndXSmeXH9DXsybC4pXGuv1y3FpQ-BIg-YSHmJsaL81D3n3U7eBgXimm1Gp-SQCJDlLz_452xUHtns6rwN00UYJ65LKO-cGZ_iaUH_RWMeecBwv7GHjFGggi5uKlXCbkhQBpSZ7sP0tNM9W11D5kMOCbgIynWFso7VnPQQZ0aP6MXkAf-W4Om_bTbgPmui_oMa-I9oyDLSLkvnalxNKIaX8o338V6yZsv67tK-x-bX09TFR0HYTy9Wx8Y8oUA39p2y37yeGxTmit_DFR3CwX4jYzowzTX0CgF6_Cfd8kscc7MXiBwJTyTIUatMVbEBsTc1qT3YVo2h4vzsQXedN89-ryVobQFnOQnJtvKcbob__W8OCUQizc9CcYfZ4pUTgzYcFDLs83HNjC397M8vSTCoBKf3fCxsbLi0ryl6TTQiBBIZ&sai=AMfl-YSY6Ep0R9DREkazLL7WJoN3OfLuXVInBfrtXi2HXJ6PCH2z4eVz2NPnxYjOd4-Nk7AXOP8blWtdzSCvCsnM9XH-WTis6OixH7iIe05dMmSo43lfrM3JHYR6om2eIfdLohxKoqoTD9-vAXDtz24ze72oGtuxuxIReb6qK3a76tfP5h62YR041EsrajBi50yHWE2jRWmGzfm-h89qdxL-XzjEzFPG6bAfzCsstFsOArve8D3MWDfvTNOgVfwLwfIBbBVwQziK-gHll4-_L2yty5tFsRRoe3FKL1VKkaaWQzNrnJE6SbCBPeb9ogn09OuNx9xm52YACJGJHBhFM0nLXoULa8XeQRNXeF6HxfZmyUvrxNRNmuVirTxUi3geM8TgnQYGhTFbmstNXjhkPWSV_Y5IqcN_sKI6bZKxIEy0b6TkbYofoMiHHZGaVo0s4NaaxzqkULLcSfbKGUMDNHgPxohr_SJ4_FZoUonJtAPuoJWvhE1mjOJEnR4lZQ8wdjbTOUVzCvCOnsk&sig=Cg0ArKJSzL0GPe4lkqIMEAE&uach_m=%5BUACH%5D&pr=missingexchangepricemacro&crd=aHR0cHM6Ly9iaXRkZWZlbmRlci5mcg&fbs_aeid=%5Bgw_fbsaeid%5D&urlfix=1&omid=0&rm=1&ctpt=237&cbvp=1&cstd=236&cisv=r20240109.74673&arae=0&ftch=1&adurl=
Requested by
Host: www.malipmu.1s.fr
URL: http://www.malipmu.1s.fr/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.184.230 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s12-in-f6.1e100.net
Software
cafe /
Resource Hash
Security Headers
Name Value
Content-Security-Policy script-src 'none'; object-src 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
fr-FR,fr;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

content-security-policy
script-src 'none'; object-src 'none'
date
Sat, 13 Jan 2024 04:37:22 GMT
x-content-type-options
nosniff
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server
cafe
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin
*
content-type
image/gif
cache-control
private
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
62bHydCX.html
tpc.googlesyndication.com/sodar/ Frame CFA4 		38 KB
13 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/62bHydCX.html
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/Q12zgMmT.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:802::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
eb66c7c9d097d5ba414230f422484c17fa6f37157d30e1ded2cc5f65a9667987
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://googleads.g.doubleclick.net/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36
accept-language
fr-FR,fr;q=0.9

Response headers

accept-ranges
bytes
age
15992
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, max-age=31536000
content-encoding
br
content-length
13045
content-type
text/html
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy
cross-origin
date
Sat, 13 Jan 2024 00:10:50 GMT
expires
Sun, 12 Jan 2025 00:10:50 GMT
last-modified
Fri, 25 Aug 2023 23:48:00 GMT
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server
sffe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
show_ads_impl_with_ama_fy2021.js
pagead2.googlesyndication.com/pagead/managed/js/adsense/m202401080101/ 		402 KB
136 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202401080101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-5203714787387788&plah=www.malipmu.1s.fr
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
7231e09668ab3202e273312e2a7f3dcd9f0b4019ceefd8ef587d3e38fd8bda51
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
fr-FR,fr;q=0.9
Referer
http://www.malipmu.1s.fr/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date
Sat, 13 Jan 2024 04:37:22 GMT
content-encoding
br
x-content-type-options
nosniff
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
139381
x-xss-protection
0
server
cafe
etag
9162923884486578347
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
cache-control
private, max-age=3600, stale-while-revalidate=3600
timing-allow-origin
*
expires
Sat, 13 Jan 2024 04:37:22 GMT
gen_204
pagead2.googlesyndication.com/pagead/ 		0
20 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=new_abg_tag&value=false&host_v=false&frequency=0.01&eid=44759876%2C44759927%2C95320238%2C31080260%2C31080265
Requested by
Host: www.malipmu.1s.fr
URL: http://www.malipmu.1s.fr/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
fr-FR,fr;q=0.9
Referer
http://www.malipmu.1s.fr/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 13 Jan 2024 04:37:22 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
gen_204
pagead2.googlesyndication.com/pagead/ 		0
20 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=predictive_abg&a_c=ca-pub-5203714787387788&p_c=ca-pub-5203714787387788&b_v=r20240109&eid=44759876%2C44759927%2C95320238%2C31080260%2C31080265
Requested by
Host: www.malipmu.1s.fr
URL: http://www.malipmu.1s.fr/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
fr-FR,fr;q=0.9
Referer
http://www.malipmu.1s.fr/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 13 Jan 2024 04:37:22 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
gen_204
pagead2.googlesyndication.com/pagead/ 		0
20 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=overlay_settings_from_ppabg&p_s=true&eid=44759876%2C44759927%2C95320238%2C31080260%2C31080265
Requested by
Host: www.malipmu.1s.fr
URL: http://www.malipmu.1s.fr/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
fr-FR,fr;q=0.9
Referer
http://www.malipmu.1s.fr/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 13 Jan 2024 04:37:22 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
destination
www.googletagmanager.com/gtag/ Frame 8991 		291 KB
95 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtag/destination?id=G-QG320G96PZ&l=dataLayer&cx=c
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-NVK252XV
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:811::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
0b12a7cba4fbc4ac0081d8190314922585732f30f5beb366aee8cdef35c73aa2
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

accept-language
fr-FR,fr;q=0.9
Referer
https://payment.allopass.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date
Sat, 13 Jan 2024 04:37:22 GMT
content-encoding
br
strict-transport-security
max-age=31536000; includeSubDomains
server
Google Tag Manager
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
access-control-allow-headers
Cache-Control
content-length
97163
x-xss-protection
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires
Sat, 13 Jan 2024 04:37:22 GMT
MCFrRHZE15CKjvM6RLwmjguI7mqh03m56A7oA9GJNi8.js
pagead2.googlesyndication.com/bg/ Frame CFA4 		39 KB
15 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/bg/MCFrRHZE15CKjvM6RLwmjguI7mqh03m56A7oA9GJNi8.js
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/62bHydCX.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
30216b447644d7908a8ef33a44bc268e0b88ee6aa1d379b9e80ee803d189362f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
fr-FR,fr;q=0.9
Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date
Fri, 12 Jan 2024 16:01:33 GMT
content-encoding
br
x-content-type-options
nosniff
age
45349
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
15229
x-xss-protection
0
last-modified
Wed, 03 Jan 2024 11:18:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="botguard-scs"
vary
Accept-Encoding
report-to
{"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Sat, 11 Jan 2025 16:01:33 GMT
50584e69e768459a3294a462783789f1.js
s0.2mdn.net/sadbundle/7509247668429163338/ Frame 2978 		97 KB
28 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://s0.2mdn.net/sadbundle/7509247668429163338/50584e69e768459a3294a462783789f1.js
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/7509247668429163338/index.html?ev=01_250
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:831::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
9350d3b6a9ae6b2737eb5aeb8e1cca11793272a1efd2bb8a5d305b8c22d53959
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
fr-FR,fr;q=0.9
Referer
https://s0.2mdn.net/sadbundle/7509247668429163338/index.html?ev=01_250
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

expires
Sat, 11 Jan 2025 19:57:26 GMT
date
Fri, 12 Jan 2024 19:57:26 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
31196
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
28224
x-xss-protection
0
last-modified
Sat, 17 Dec 2022 18:23:11 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
application/x-javascript
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
allow-fenced-frame-automatic-beacons
true
css
fonts.googleapis.com/ Frame 2978 		2 KB
979 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css?family=Roboto:500
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/7509247668429163338/50584e69e768459a3294a462783789f1.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82b::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
fd3fad3e15262b0e096e7d7cc57efd2e684a679ccacb704d94542ba3d7d93d17
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

accept-language
fr-FR,fr;q=0.9
Referer
https://s0.2mdn.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
date
Sat, 13 Jan 2024 04:37:22 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection
0
last-modified
Sat, 13 Jan 2024 03:40:37 GMT
server
ESF
cross-origin-opener-policy
same-origin-allow-popups
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Sat, 13 Jan 2024 04:37:22 GMT
c44b5bd89ae44dea143507d761fe52e8.png
s0.2mdn.net/sadbundle/7509247668429163338/media/ Frame 2978 		18 KB
18 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s0.2mdn.net/sadbundle/7509247668429163338/media/c44b5bd89ae44dea143507d761fe52e8.png
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/7509247668429163338/index.html?ev=01_250
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:831::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
a5360f245d31d695ac6c7c2c5f2be062af87560fcbaac3f9be1ba01879ea2d9d
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
fr-FR,fr;q=0.9
Referer
https://s0.2mdn.net/sadbundle/7509247668429163338/index.html?ev=01_250
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

expires
Wed, 08 Jan 2025 08:57:25 GMT
date
Tue, 09 Jan 2024 08:57:25 GMT
x-content-type-options
nosniff
age
329997
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
18463
x-xss-protection
0
last-modified
Sat, 17 Dec 2022 18:23:11 GMT
server
sffe
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
allow-fenced-frame-automatic-beacons
true
fb2405b160d35da2c54812c244ca11bc.svg
s0.2mdn.net/sadbundle/7509247668429163338/media/ Frame 2978 		7 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s0.2mdn.net/sadbundle/7509247668429163338/media/fb2405b160d35da2c54812c244ca11bc.svg
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/7509247668429163338/index.html?ev=01_250
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:831::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
3ae0acf8f41b691001b7f1ab5413ddb845dc438f0edf7e354960a305f3f9d1bb
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
fr-FR,fr;q=0.9
Referer
https://s0.2mdn.net/sadbundle/7509247668429163338/index.html?ev=01_250
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

allow-fenced-frame-automatic-beacons
true
date
Sat, 13 Jan 2024 04:37:22 GMT
content-encoding
gzip
x-content-type-options
nosniff
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
2357
x-xss-protection
0
last-modified
Sat, 17 Dec 2022 18:23:11 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Sun, 12 Jan 2025 04:37:22 GMT
gen_204
pagead2.googlesyndication.com/pagead/ Frame CFA4 		0
20 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar&v=44&t=2&bgai=BUn7wghOiZamPBvPH1PIPgPK-6AEAAAAAOAHgBAI&bg=!CAulC0TNAAaumcC-jpk7ADQBe5WfOI4Vvh-1OEXCCzDWvcWfU7sCKqJrjEI5tQUpKFTk-wsjY-MbcYZgNromayWZYnPQAgAAAEtSAAAAAWgBBwoAPhrPn-ntT4U8ycmGgwoTG0YCFlkWxhc12yKuWfIKMZyfH64hYCnYbdffXn_Wh2oH4DDKdSb3OpFuFBwHZh4OmQM4GY6mlOFng3DFaG-lEoYS_wL8-1aDutdlTWu_Sz8AXDDnjwdCVXHC4zY9d4Tr6pJdoqRzF-e4sKTpmxrv1Zobi3mV0Gj3hN3Eo_VH3zqtlXWWQZbMv9SwfGIf_-P56-BlchgckoEOc7Uwvz3w0lzBsyhKnNFcjgVuys_-BAGYFO540d9o9w59eN6JqEFJabs_-PZwA8UUq4IuGWV3S197ccA0bvWIaqKLpMeNUrIH_vya9yksQrdkQ-aRlnhzamXAPypZ0jUjEHnzoWHDDR98oSEAtHLhY7vNru6DQn1bmfLoiDdstxSFzvur0xI3ETNsi-XKS9TKxbFLHgD5zoM3MhmGGRzSKDR0g6XbbEvZnsK4XY3PLHSQ-Np_RKjtzYv782psRmnjf3Vytn7N8jICcsld7dJNPvtQU2m5x19e0YK3JDtYImqFrStTUrWGyCQNrdDrP06x6vC0FcAsG3MPSZ2G1-Bk4XOjRYi53ki0-rSa1SsrymU9bOIbaTapQfftVY4Cnj83DoViSCB84GT7e66XOheY1wGVOaPJkFKAo29Rm9bchn79CcTMrvHF9Hq_b8QhVwRyAN1U_ck8MLDHdvGTB-9qMqrYUdKtsM1ETiulbUP_uEs26fGYJgngZmRktJZgc2nnyZ5mBIIPZdckhol39V9Dawol-iGhgJHjyF81b4TYUyjBg1Fnj0ZyCxCiRaVMTZ3rLJaJ9qoYKzLurhLZ9CT-XMZN3JQS8mu6sZW122qhWS5Wrc32xZNEQLUL_o8AXahQ35GElyyriJNprs55QJU_IgbMS-P-rMmrFZ3ER4FZnO-y8eA9jd36TkICo0KhXk9TAlYS0IEbeFvMi61fBrr3KpHo5dZoKfoL-TBzQGtjdgkRnQKnx4qHPuuMlmkhgehUKib7W3Fw1kwfUnqxf3rN3HJOqgC45fWKM7vBfJVbooLZYTSNdL4z2b0uIum8QSYQXYHH46zUSkw_DnkNR7Oge9sZcwNA02QgOYH_nR3lqamxFuByXGCfCF6USj1CSupyLd-XcOuxyvLxIvOuZ38_t4U2opIbpSQ5Qeq2D1GcV2WUj_7JLA_twvMATtwz0YGT4wQ
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5203714787387788&output=html&h=90&slotname=4563536207&adk=2647235303&adf=3604715433&pi=t.ma~as.4563536207&w=970&format=970x90&url=http%3A%2F%2Fwww.malipmu.1s.fr%2F&ea=0&wgl=1&dt=1705120641692&bpp=3&bdt=298&idt=370&shv=r20240109&mjsv=m202401100101&ptt=9&saldr=aa&correlator=1950387900691&frm=23&ife=1&pv=2&ga_vid=295969197.1705120642&ga_sid=1705120642&ga_hid=187568388&ga_fc=0&nhd=1&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&adx=20&ady=0&biw=1600&bih=1200&isw=1600&ish=90&ifk=3048689311&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C44809531%2C31080401%2C95320869%2C95320890&oid=2&pvsid=610469223943217&tmod=2120805725&uas=0&nvt=1&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C90&vis=1&rsz=o%7Co%7CaeE%7C&abl=NA&pfx=0&fu=4&bc=23&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=1&uci=1.i9jtvxmcbhr5&fsb=1&dtd=381
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
fr-FR,fr;q=0.9
Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 13 Jan 2024 04:37:22 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
gen_204
pagead2.googlesyndication.com/pagead/ 		0
20 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=afc_etu&etus=4&sig=1&tms=200&eid=44759876%2C44759927%2C95320238%2C31080260%2C31080265
Requested by
Host: www.malipmu.1s.fr
URL: http://www.malipmu.1s.fr/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
fr-FR,fr;q=0.9
Referer
http://www.malipmu.1s.fr/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 13 Jan 2024 04:37:22 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
reactive_library_fy2021.js
pagead2.googlesyndication.com/pagead/managed/js/adsense/m202401080101/ 		162 KB
55 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202401080101/reactive_library_fy2021.js
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202401080101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-5203714787387788&plah=www.malipmu.1s.fr
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
a855457118dc6c67988ec9f1f760964fe493726b78dddce2c71d3cfeb7cccd47
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
fr-FR,fr;q=0.9
Referer
http://www.malipmu.1s.fr/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date
Sat, 13 Jan 2024 04:37:22 GMT
content-encoding
br
x-content-type-options
nosniff
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
56395
x-xss-protection
0
server
cafe
etag
16883396591272062122
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
cache-control
private, max-age=1209600
timing-allow-origin
*
expires
Sat, 13 Jan 2024 04:37:22 GMT
gen_204
pagead2.googlesyndication.com/pagead/ 		0
20 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=afc_etu&etus=4&sig=0&tms=200&eid=44759876%2C44759927%2C95320238%2C31080260%2C31080265%2C95320890
Requested by
Host: www.malipmu.1s.fr
URL: http://www.malipmu.1s.fr/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
fr-FR,fr;q=0.9
Referer
http://www.malipmu.1s.fr/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 13 Jan 2024 04:37:22 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
ads
googleads.g.doubleclick.net/pagead/ Frame F51C 		134 KB
50 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5203714787387788&output=html&adk=2896691772&adf=4145544820&lmt=1705120642&plaf=7%3A2&plat=3%3A128%2C4%3A128%2C9%3A32776%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32%2C41%3A32%2C42%3A32&plas=500x945_l%7C500x945_r&format=0x0&url=http%3A%2F%2Fwww.malipmu.1s.fr%2F&ea=0&pra=7&wgl=1&easpi=0&asro=0&aslmt=0.4&asamt=-1&asedf=0&asefa=1&aseiel=1~2~4~6&aslcwct=150&asacwct=25&aslmct=0.7&asamct=0.7&dt=1705120642568&bpp=1&bdt=1305&idt=181&shv=r20240109&mjsv=m202401080101&ptt=9&saldr=aa&abxe=1&cookie=ID%3Dccf96252be252b1d%3AT%3D1705120642%3ART%3D1705120642%3AS%3DALNI_MaCkIAKoa9VF7o7ZXL92ydQttEupQ&gpic=UID%3D00000d40843f5297%3AT%3D1705120642%3ART%3D1705120642%3AS%3DALNI_MaQ7ud4bCbZ-aQ9Ln9AVym04UaQxg&prev_fmts=728x90&nras=2&correlator=1950387900691&frm=20&pv=1&ga_vid=1413164066.1705120643&ga_sid=1705120643&ga_hid=666092396&ga_fc=0&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C95320238%2C31080260%2C31080265%2C95320890&oid=2&pvsid=1330006697239198&tmod=1818862177&uas=0&nvt=1&fsapi=1&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=32768&bc=23&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=2&uci=a!2&fsb=1&dtd=186
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202401080101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-5203714787387788&plah=www.malipmu.1s.fr
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
86eacdac937f3bb58da03b18aa9123e06f72c3ecbe60413476000ce9c79cb6c1
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
http://www.malipmu.1s.fr/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36
accept-language
fr-FR,fr;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-encoding
br
content-length
51562
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Sat, 13 Jan 2024 04:37:22 GMT
observe-browsing-topics
?1
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server
cafe
timing-allow-origin
*
x-content-type-options
nosniff
x-xss-protection
0
KFOlCnqEu92Fr1MmEU9fBBc4.woff2
fonts.gstatic.com/s/roboto/v30/ Frame 2978 		16 KB
16 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/roboto/v30/KFOlCnqEu92Fr1MmEU9fBBc4.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto:500
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:827::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
b019538234514166ec7665359d097403358f8a4c991901983922fb4d56989f1e
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://s0.2mdn.net
accept-language
fr-FR,fr;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date
Tue, 09 Jan 2024 09:10:14 GMT
x-content-type-options
nosniff
age
329228
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
15920
x-xss-protection
0
last-modified
Wed, 11 May 2022 19:24:45 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Wed, 08 Jan 2025 09:10:14 GMT
view
ad.doubleclick.net/pcs/ Frame 0BBD 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://ad.doubleclick.net/pcs/view?xai=AKAOjstFJGNO4ztHgIHUq1JrX_qoY4h3yuHNMu6yYRmBoVdISp6o99oUTwtRIcfV8xS7s9jTJsveB6snQpUw3_e7IkM2NppjhVju2YBluRRpMEznYXL9MS4ZGR3LE56OvyZLpN_oAli4MNrMGgE-1t2BmQOhnuklV3Y2DSHR9hieqC2Jy-INhy5QLe00Sg5bU6EYSfjZw85p2el2_e-8iSZV26s_jzHjxDt1EkiVWYbcLkvSvPEnQ9ST2vmsxORne35KB4YmIxcWhx8Bh5RaHpI74s2ICcGwDeU891O13O2_KE8qabJJnNFIzLf7w62OY0hut1VhMir3hgt4Bqu4P0jMuF4Z3wXMuRmCkoaDrtpi3ioO1Wd2cFV3yqah6MWyPfIl2htdXNXq_9997CyoBfWx4s55GrY-SnBsvCLYOhZyNI83U8swaqOeoHA0TLfifOJ9t2LOkwJmxULsbB-1KPwE39AKPPPM7V3Q3kUE3gdcagTVAgcEOXpGblyTabgE_dX-Aq0yqiFINd3p9XLsuqV5XqfeSUD_zyfv-izpeukt8_hV9WKDmxTgxhvytkNUpXOliiJNmevVrQMGPUXKpIfgK8EZDTd8LHfv6njYsEinCTeve9HHzPJ5M2BLVpCKb5s22Dw8wBqmPQUxLWF69p-CvTgJctNng220STPAyWX0pNoyI_emd7Gc6KTVzogCtKJZi1diNwrqmC9KLuRByQACtS3z9iHhIB7aOHFEo7fhDVFvWjOgKxlm9Ja1F3OYuTGTvXqZLUEV1xoccFryP1LZvaDBeUbcG83cnH64Nq_lAOjMFKdo9_tmHq-KmW5Ie9KhzGuUWqBxvbUd4zRr2IuNCPa6HQnKY1pjCXLecRNLRaWGi9-4E1O56-pgsRSCo7_8NyEuQNT9glR8879WW2GC-KFwzSRndXSmeXH9DXsybC4pXGuv1y3FpQ-BIg-YSHmJsaL81D3n3U7eBgXimm1Gp-SQCJDlLz_452xUHtns6rwN00UYJ65LKO-cGZ_iaUH_RWMeecBwv7GHjFGggi5uKlXCbkhQBpSZ7sP0tNM9W11D5kMOCbgIynWFso7VnPQQZ0aP6MXkAf-W4Om_bTbgPmui_oMa-I9oyDLSLkvnalxNKIaX8o338V6yZsv67tK-x-bX09TFR0HYTy9Wx8Y8oUA39p2y37yeGxTmit_DFR3CwX4jYzowzTX0CgF6_Cfd8kscc7MXiBwJTyTIUatMVbEBsTc1qT3YVo2h4vzsQXedN89-ryVobQFnOQnJtvKcbob__W8OCUQizc9CcYfZ4pUTgzYcFDLs83HNjC397M8vSTCoBKf3fCxsbLi0ryl6TTQiBBIZ&sai=AMfl-YSY6Ep0R9DREkazLL7WJoN3OfLuXVInBfrtXi2HXJ6PCH2z4eVz2NPnxYjOd4-Nk7AXOP8blWtdzSCvCsnM9XH-WTis6OixH7iIe05dMmSo43lfrM3JHYR6om2eIfdLohxKoqoTD9-vAXDtz24ze72oGtuxuxIReb6qK3a76tfP5h62YR041EsrajBi50yHWE2jRWmGzfm-h89qdxL-XzjEzFPG6bAfzCsstFsOArve8D3MWDfvTNOgVfwLwfIBbBVwQziK-gHll4-_L2yty5tFsRRoe3FKL1VKkaaWQzNrnJE6SbCBPeb9ogn09OuNx9xm52YACJGJHBhFM0nLXoULa8XeQRNXeF6HxfZmyUvrxNRNmuVirTxUi3geM8TgnQYGhTFbmstNXjhkPWSV_Y5IqcN_sKI6bZKxIEy0b6TkbYofoMiHHZGaVo0s4NaaxzqkULLcSfbKGUMDNHgPxohr_SJ4_FZoUonJtAPuoJWvhE1mjOJEnR4lZQ8wdjbTOUVzCvCOnsk&sig=Cg0ArKJSzL0GPe4lkqIMEAE&uach_m=%5BUACH%5D&pr=missingexchangepricemacro&crd=aHR0cHM6Ly9iaXRkZWZlbmRlci5mcg&fbs_aeid=%5Bgw_fbsaeid%5D&urlfix=1&omid=0&rm=1&ctpt=552&vt=11&dtpt=315&dett=3&cstd=236&cisv=r20240109.74673&arae=0&ftch=1&adurl=
Requested by
Host: www.malipmu.1s.fr
URL: http://www.malipmu.1s.fr/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.184.230 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s12-in-f6.1e100.net
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
fr-FR,fr;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date
Sat, 13 Jan 2024 04:37:22 GMT
x-content-type-options
nosniff
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server
cafe
content-type
image/gif
access-control-allow-origin
*
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
private
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
sodar
pagead2.googlesyndication.com/getconfig/ Frame D0E8 		16 KB
12 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gda&tv=r20240109&st=env
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202401100101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-5203714787387788&plah=www.malipmu.1s.fr&bust=31080401
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
f6d087273faea2cee48bd7ed456c74d3981ade8cefe0f6d8b11e5a92378ad41f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
fr-FR,fr;q=0.9
Referer
http://www.malipmu.1s.fr/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date
Sat, 13 Jan 2024 04:37:22 GMT
content-encoding
br
x-content-type-options
nosniff
server
cafe
content-type
application/json; charset=UTF-8
access-control-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
12363
x-xss-protection
0
zrt_lookup_fy2021.html
googleads.g.doubleclick.net/pagead/html/r20240109/r20110914/ Frame 96E8 		9 KB
4 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/html/r20240109/r20110914/zrt_lookup_fy2021.html?fsb=1
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202401080101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-5203714787387788&plah=www.malipmu.1s.fr
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e93b8c0ae5b5910b7107c8b455eda029935c56efa8de0be2443d8eabba207197
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
http://www.malipmu.1s.fr/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36
accept-language
fr-FR,fr;q=0.9

Response headers

age
24548
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, max-age=1209600
content-encoding
br
content-length
4173
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Fri, 12 Jan 2024 21:48:14 GMT
etag
9219409622527106327
expires
Fri, 26 Jan 2024 21:48:14 GMT
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server
cafe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
pixel
googleads.g.doubleclick.net/xbbe/ Frame C48D 		624 B
242 B 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/xbbe/pixel?d=CNPh9QIQifbz8QEY2ej8ggIwAQ&v=APEucNVAyenNv6c6jSJfhVzLqcqOLGFJsvJcAdg4_r9FJoq5ehHXwWffTpb4t1KyWxw9nLbOgrZBonjcEgF_ddMtRZR-hzR4kax4o4Z1TaUw6xbhwiQgth1pS_PFi-K6r2wVXgpZH6jX5Ox5m1DNNBdSZRsSvzy2BmYoHiGUpGixX6nz2UysrQs
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20240109/r20110914/zrt_lookup_fy2021.html?fsb=1
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
9ff367082be1d94abc86ad1e75ff921cc5d53846e860267372fade66305f9120
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://googleads.g.doubleclick.net/pagead/html/r20240109/r20110914/zrt_lookup_fy2021.html?fsb=1
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36
accept-language
fr-FR,fr;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-encoding
br
content-length
222
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Sat, 13 Jan 2024 04:37:22 GMT
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server
cafe
timing-allow-origin
*
x-content-type-options
nosniff
x-xss-protection
0
express_html_inpage_rendering_lib_200_278.js
s0.2mdn.net/879366/ Frame 96E8 		111 KB
39 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://s0.2mdn.net/879366/express_html_inpage_rendering_lib_200_278.js
Requested by
Host: www.malipmu.1s.fr
URL: http://www.malipmu.1s.fr/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:831::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
1642dd5dc126df4feff2255cba0988528507973d842d0a73331a5873f6b9d4e5
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://googleads.g.doubleclick.net/
Origin
https://googleads.g.doubleclick.net
accept-language
fr-FR,fr;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date
Fri, 12 Jan 2024 21:44:19 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
24783
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
39806
x-xss-protection
0
last-modified
Tue, 14 Mar 2023 18:44:05 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
text/javascript
access-control-allow-origin
*
cache-control
public, max-age=86400
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Sat, 13 Jan 2024 21:44:19 GMT
omrhp_fy2021.js
pagead2.googlesyndication.com/pagead/js/r20240109/r20110914/elements/html/ Frame 96E8 		7 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/js/r20240109/r20110914/elements/html/omrhp_fy2021.js
Requested by
Host: www.malipmu.1s.fr
URL: http://www.malipmu.1s.fr/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
c4b813f7aa04eca20be469b259cca2779799f58e280d73488bd7386940d2d146
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
fr-FR,fr;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date
Sat, 13 Jan 2024 00:01:20 GMT
content-encoding
br
x-content-type-options
nosniff
age
16562
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
3071
x-xss-protection
0
server
cafe
etag
10674441169935035545
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Sat, 27 Jan 2024 00:01:20 GMT
abg_lite_fy2021.js
pagead2.googlesyndication.com/pagead/js/r20240109/r20110914/ Frame 96E8 		23 KB
9 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/js/r20240109/r20110914/abg_lite_fy2021.js
Requested by
Host: www.malipmu.1s.fr
URL: http://www.malipmu.1s.fr/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
428f4d59e61cdf9887ad4cd7c4592a24b214d2d9c0ba09db01c4cfde66a3cd11
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
fr-FR,fr;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date
Sat, 13 Jan 2024 00:01:21 GMT
content-encoding
br
x-content-type-options
nosniff
age
16561
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
9276
x-xss-protection
0
server
cafe
etag
3558958386372919956
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Sat, 27 Jan 2024 00:01:21 GMT
Q12zgMmT.js
tpc.googlesyndication.com/sodar/ Frame 96E8 		41 KB
14 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/Q12zgMmT.js
Requested by
Host: www.malipmu.1s.fr
URL: http://www.malipmu.1s.fr/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:802::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
435db380c9936c0970dcd3d9941eab6aec2fcf2a38c3e2b4e02d957e8e76bd1f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
fr-FR,fr;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date
Fri, 12 Jan 2024 20:07:48 GMT
content-encoding
br
x-content-type-options
nosniff
age
30574
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
13937
x-xss-protection
0
last-modified
Fri, 25 Aug 2023 23:48:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
vary
Accept-Encoding
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Sat, 11 Jan 2025 20:07:48 GMT
window_focus_fy2021.js
tpc.googlesyndication.com/pagead/js/r20240109/r20110914/client/ Frame 96E8 		3 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20240109/r20110914/client/window_focus_fy2021.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20240109/r20110914/zrt_lookup_fy2021.html?fsb=1
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:802::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
fr-FR,fr;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date
Fri, 12 Jan 2024 17:58:07 GMT
content-encoding
br
x-content-type-options
nosniff
age
38355
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
1236
x-xss-protection
0
server
cafe
etag
15004572836499977866
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Fri, 26 Jan 2024 17:58:07 GMT
qs_click_protection_fy2021.js
tpc.googlesyndication.com/pagead/js/r20240109/r20110914/client/ Frame 96E8 		20 KB
8 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20240109/r20110914/client/qs_click_protection_fy2021.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20240109/r20110914/zrt_lookup_fy2021.html?fsb=1
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:802::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
d58acf16b5e4521c9eb24fe9fd97308e5f8be1297e4b63a547e5b610611799ae
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
fr-FR,fr;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date
Fri, 12 Jan 2024 19:20:11 GMT
content-encoding
br
x-content-type-options
nosniff
age
33431
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
8492
x-xss-protection
0
server
cafe
etag
9878124937798820110
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Fri, 26 Jan 2024 19:20:11 GMT
gen_204
pagead2.googlesyndication.com/pagead/ Frame 96E8 		42 B
63 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=xbid&dbm_b=AKAmf-DhA-VT4GaEYu1o1in0F8cQBWPL5U9zGBMrH0buypk0ZqHkSUiPTynHJqiWzGHEfupg10fNyU0_biafcNKrNq2b1lLU2VzJp_1BP3wff0ueexjoBS4
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20240109/r20110914/zrt_lookup_fy2021.html?fsb=1
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
fr-FR,fr;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 13 Jan 2024 04:37:22 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
ufs_web_display.js
www.googletagservices.com/activeview/js/current/ Frame 96E8 		205 KB
65 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/activeview/js/current/ufs_web_display.js?cache=r20110914
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20240109/r20110914/zrt_lookup_fy2021.html?fsb=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
ed88d5a1c97dc43c114c0b289b3b5abf077be44e8e8765a9ad777f94af433411
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
fr-FR,fr;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date
Sat, 13 Jan 2024 04:37:22 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
66227
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="active-view-scs-read-write-acl"
etag
"1704891455226136"
vary
Accept-Encoding
report-to
{"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
timing-allow-origin
*
expires
Sat, 13 Jan 2024 04:37:22 GMT
62bHydCX.html
tpc.googlesyndication.com/sodar/ Frame 1D22 		38 KB
13 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/62bHydCX.html
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/Q12zgMmT.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:802::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
eb66c7c9d097d5ba414230f422484c17fa6f37157d30e1ded2cc5f65a9667987
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://googleads.g.doubleclick.net/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36
accept-language
fr-FR,fr;q=0.9

Response headers

accept-ranges
bytes
age
15992
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, max-age=31536000
content-encoding
br
content-length
13045
content-type
text/html
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy
cross-origin
date
Sat, 13 Jan 2024 00:10:50 GMT
expires
Sun, 12 Jan 2025 00:10:50 GMT
last-modified
Fri, 25 Aug 2023 23:48:00 GMT
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server
sffe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
n_one_vway_bahia-principe-es_np.js
bucket.cdnwebcloud.com/ Frame 96E8 		1 KB
974 B 		Script
General
Check archive.org
Download Go to
Full URL
https://bucket.cdnwebcloud.com/n_one_vway_bahia-principe-es_np.js?n_o_nu=not&n_o_aut_tc=385537041&ord=3590273774
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/879366/express_html_inpage_rendering_lib_200_278.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.66.122.86 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-66-122-86.fra60.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
74130e91791cf3496d353724953e6466d3240ea308838a482dff16cd6c119aa0

Request headers

accept-language
fr-FR,fr;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date
Sat, 13 Jan 2024 02:34:12 GMT
content-encoding
gzip
via
1.1 375431e28d82888f474ac3665a4ceb66.cloudfront.net (CloudFront)
last-modified
Fri, 20 Dec 2019 13:03:10 GMT
server
AmazonS3
x-amz-cf-pop
FRA60-P2
age
7392
etag
W/"9748fb959a7ee41d8aebb52473ace3d2"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
application/javascript
x-amz-cf-id
XOnc1sUud8gYIitYl24FXEhTQWcxsJeE9inFafbnwB7xlQPzdkapAw==
index.html
s0.2mdn.net/sadbundle/16952711314765686234/ Frame BE9A 		85 KB
19 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://s0.2mdn.net/sadbundle/16952711314765686234/index.html?ev=01_250
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/879366/express_html_inpage_rendering_lib_200_278.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:831::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
bdfee5efc0ee6379da2ef12db5cc0a79397e8c891d12f220f3caf91e1427e1ef
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://googleads.g.doubleclick.net/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36
accept-language
fr-FR,fr;q=0.9

Response headers

accept-ranges
bytes
access-control-allow-origin
*
age
36223
allow-fenced-frame-automatic-beacons
true
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, max-age=31536000
content-encoding
gzip
content-length
19820
content-type
text/html
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
cross-origin-resource-policy
cross-origin
date
Fri, 12 Jan 2024 18:33:39 GMT
expires
Sat, 11 Jan 2025 18:33:39 GMT
last-modified
Thu, 12 May 2022 17:32:46 GMT
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
server
sffe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-dns-prefetch-control
off
x-xss-protection
0
view
ad.doubleclick.net/pcs/ Frame 96E8 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://ad.doubleclick.net/pcs/view?xai=AKAOjsvlleAqPtEUNNXsYeNtf4jAIwOht2houCJxWT7sjNQCIQsXJRBu4xshdDv9Mh5E6KyMTY1qkcssc9ZrMo-agmLL15j06Kn0N5VqN9t18c1klQIt0WGtCjkhUVVcUDrSqaAokqLXfIrP-IYu8MZIkaYIbe8MaSVstxv_WPa7yRQ6HeJ0mkPwaxbbxQg-Y2IJTH6XR_JjdB0KjDPeAp-kGscZq0l48AMKbr1TFgB60xiS97BUSLhZqatkL-wwO1ze9-P732CgThFqqXObmRWXQAidNvGf4EGarhBkz3UJ6h9zj6dVOKOu17XrHuzzuYMqxDXJlhoNSr-qW53oPkoEYZk5p8J6Eh9HUePshXqLO0v0ZDNwkjx8e36r02c0a2Ip-ojAQmKBoL9P3rkpWoBjyzFG64xvlz2WRhBUUt4912inKJxAyf4m5_70qRvIq8X2qOD0JkdIyEzGBX3YP6ilfLj6-oe8nquOS5l_uqowI9VemdEk6rty3UTUQGmST6uu7B7OyGzsZOx0eLIYFn2O79tgr0d56Hd2A8w0aww2_x0yDvWNKEC87jWvGOoesHcbHo4oI7_ydLYJ5u_KvFIlZGNb5YLgm6eNBMuPIZBymoPagPuGL6mJ_xkrH-1ab-v43HAQXUT4jaEEkTFCk755jFHMqbyb9Nbsv9qezuO4PYJ-ZdXlcz1AIRAY118LHv-K2EkOBTELTv2nUexK9Z1NlBsnJZZMmogN28seob2x-PL1Hwce4du8wO2vCQUAqNHL815pgg8agQA4ABNSJx34LLNU_UAW_BUxnV7GonL3g_wj-DNEzmnCbxP6qEdfl6ceUHIZtnIvyG11NW6lxATEJW39TEBKQmSTvIQqBa7tidIx2r0GH2fNRmWVi4u0ShLmkFupt-stxuFR_92S2wal8tyLzN21TmdvfAWLVrNTIup0Wn4IoUnBY43WieHOOkkvV7Y49sZ7m_525FSUHma0F4C4UeiVO9nbA5s_ZOgDXLoMzvi7gs1-bgI554pSXKlUM4hZE3_ZKU-z90mEQ94igMaUKBYAg4JDnBUQKaoefHZMJWfQeANhhf0ORC3vGyNFnud8zo7WdI6qwE_tAky0fSDvb-W1AVJWTTRdtYxTHDfAle98d0uyG4uIFmG-TZeBTqw2XKcB0iXicIPn2rHh3Aul8zrmLsr_rO8q3l1B7CxLrnNdBFpbKEQ0pjNqU7zagOzj9LaKMvJkrSLi7ZWPu2s0Txfs9MGOP2mk4B0ZX_0ynE02T-4PguBnM-eB8mgqFz73xE6lTyvqUayeN1cDhFafO9PfNKOZVmPmH3cDt436fbx-aA2di9MGAALWWme5tNpp9X14cClJ5ephz2BqA42Y0grzn4Gy912LoUBm6bv5&sai=AMfl-YQ0E18Apw_TwMuXLOzGKdgsoEKyvSDPZDgwN2_1LzmferxrpQnPBPQprtUmwABBRrN4kloos8HZoi7ggiCILhpr2HNG54YIVITCIYLWLSruwrhgk3ei9O7WDHkodhSJKCt6eop8eB66skp9wWwM8q0vowEQFNKB8m1UU7q9rxNfn4qdZ_O5D73uaHUDFNcJ_31pQvInMKMdaialpcnbmD4ojhtWfKXUJ9De0UkaK6PHf0Qxv51Nfy_mxAOzvzOpJqocfgm-FxvIjSmYh_vWGT3c-U8z4NHCbD11TqCbkq8GXciz69jwfIulYKUslKCpRi1Jcj6F-sv615bzfdhHliZnjHuQMZLX-_51ta0_wRpk1so32MfGWLBI3antuawfYgZDf_zq6-fMu6hAzrfQ7FjNlVOGbSfQpa4RFBkm8PDgNpXYUV1wmUFwEujQWkWvxd8aBIe8T8BEwmJBjKYGuGBqJZM2TawxgRNXjswgyG7PepmqI5NjtSfIIdzlsodRXQPKgsU&sig=Cg0ArKJSzI_eVp_rzJlkEAE&uach_m=%5BUACH%5D&pr=missingexchangepricemacro&crd=aHR0cHM6Ly9iYWhpYS1wcmluY2lwZS5jb20&fbs_aeid=%5Bgw_fbsaeid%5D&urlfix=1&omid=0&rm=1&ctpt=57&cbvp=1&cstd=56&cisv=r20240109.46612&arae=0&ftch=1&adurl=
Requested by
Host: www.malipmu.1s.fr
URL: http://www.malipmu.1s.fr/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.184.230 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s12-in-f6.1e100.net
Software
cafe /
Resource Hash
Security Headers
Name Value
Content-Security-Policy script-src 'none'; object-src 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
fr-FR,fr;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

content-security-policy
script-src 'none'; object-src 'none'
date
Sat, 13 Jan 2024 04:37:23 GMT
x-content-type-options
nosniff
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server
cafe
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin
*
content-type
image/gif
cache-control
private
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
MCFrRHZE15CKjvM6RLwmjguI7mqh03m56A7oA9GJNi8.js
pagead2.googlesyndication.com/bg/ Frame 1D22 		39 KB
15 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/bg/MCFrRHZE15CKjvM6RLwmjguI7mqh03m56A7oA9GJNi8.js
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/62bHydCX.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
30216b447644d7908a8ef33a44bc268e0b88ee6aa1d379b9e80ee803d189362f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
fr-FR,fr;q=0.9
Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date
Fri, 12 Jan 2024 16:01:33 GMT
content-encoding
br
x-content-type-options
nosniff
age
45349
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
15229
x-xss-protection
0
last-modified
Wed, 03 Jan 2024 11:18:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="botguard-scs"
vary
Accept-Encoding
report-to
{"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Sat, 11 Jan 2025 16:01:33 GMT
sodar2.js
tpc.googlesyndication.com/sodar/ Frame D0E8 		17 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/sodar2.js
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202401100101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-5203714787387788&plah=www.malipmu.1s.fr&bust=31080401
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:802::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
fr-FR,fr;q=0.9
Referer
http://www.malipmu.1s.fr/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date
Sat, 13 Jan 2024 04:37:23 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
6386
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
etag
"1637097310169751"
vary
Accept-Encoding
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
expires
Sat, 13 Jan 2024 04:37:23 GMT
rum
dsum-sec.casalemedia.com/ Frame C48D
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_dbm
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEAoN79gG_LqBAwS-QZ-Em5E&google_cver=1
43 B
732 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEAoN79gG_LqBAwS-QZ-Em5E&google_cver=1
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CNPh9QIQifbz8QEY2ej8ggIwAQ&v=APEucNVAyenNv6c6jSJfhVzLqcqOLGFJsvJcAdg4_r9FJoq5ehHXwWffTpb4t1KyWxw9nLbOgrZBonjcEgF_ddMtRZR-hzR4kax4o4Z1TaUw6xbhwiQgth1pS_PFi-K6r2wVXgpZH6jX5Ox5m1DNNBdSZRsSvzy2BmYoHiGUpGixX6nz2UysrQs
Protocol
H3
Server
172.64.151.101 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
fr-FR,fr;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 13 Jan 2024 04:37:23 GMT
cf-cache-status
DYNAMIC
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=7%2FohjZK%2F55gqaygxZKVrFdVmbPacmPPLsxorh%2FV0LKn4ZQW21L4K9QwBBtn2YWep45oaQtldnvb5X9N4pdCkrUEWBUIkLZ4UvHK02Ep5203EUJji%2BY53j9EGento1FwA11A3jzkO31roiQ%3D%3D"}],"group":"cf-nel","max_age":604800}
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
content-type
image/gif
cache-control
no-cache
cf-ray
844af1930a4b0171-CDG
alt-svc
h3=":443"; ma=86400
content-length
43
expires
0

Redirect headers

pragma
no-cache
date
Sat, 13 Jan 2024 04:37:23 GMT
server
HTTP server (unknown)
content-type
text/html; charset=UTF-8
location
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEAoN79gG_LqBAwS-QZ-Em5E&google_cver=1
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
313
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
rum
dsum-sec.casalemedia.com/ Frame C48D
Redirect Chain
  • https://dsum-sec.casalemedia.com/rrum?ixi=0&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D
  • https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_hm=ZaITgvvLmN63mVUKkm8wYwAA
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEAoN79gG_LqBAwS-QZ-Em5E&google_cver=1
43 B
739 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEAoN79gG_LqBAwS-QZ-Em5E&google_cver=1
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CNPh9QIQifbz8QEY2ej8ggIwAQ&v=APEucNVAyenNv6c6jSJfhVzLqcqOLGFJsvJcAdg4_r9FJoq5ehHXwWffTpb4t1KyWxw9nLbOgrZBonjcEgF_ddMtRZR-hzR4kax4o4Z1TaUw6xbhwiQgth1pS_PFi-K6r2wVXgpZH6jX5Ox5m1DNNBdSZRsSvzy2BmYoHiGUpGixX6nz2UysrQs
Protocol
H3
Server
172.64.151.101 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
fr-FR,fr;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 13 Jan 2024 04:37:23 GMT
cf-cache-status
DYNAMIC
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=ltrK%2F0wnJCjrbH7JOpMTE%2BZ6HrpVO476gNyUGGQTi3bb1GIYsZObfyOy%2Fh77YdFcnkKq7mMdoZnYC%2BSj72%2FLzB0PqlmOOhnOkTlzTuYjr0Lndz%2FvyG4GDJKzf4nOZHqRcoCGSr1b8LcTVQ%3D%3D"}],"group":"cf-nel","max_age":604800}
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
content-type
image/gif
cache-control
no-cache
cf-ray
844af1934a650171-CDG
alt-svc
h3=":443"; ma=86400
content-length
43
expires
0

Redirect headers

pragma
no-cache
date
Sat, 13 Jan 2024 04:37:23 GMT
server
HTTP server (unknown)
content-type
text/html; charset=UTF-8
location
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEAoN79gG_LqBAwS-QZ-Em5E&google_cver=1
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
313
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
setuid
ib.adnxs.com/ Frame C48D
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_cm&google_dbm
  • https://ib.adnxs.com/setuid?entity=101&code=CAESEGBIWhH8_gVufOkXmkb1kFc&google_cver=1
43 B
1008 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ib.adnxs.com/setuid?entity=101&code=CAESEGBIWhH8_gVufOkXmkb1kFc&google_cver=1
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CNPh9QIQifbz8QEY2ej8ggIwAQ&v=APEucNVAyenNv6c6jSJfhVzLqcqOLGFJsvJcAdg4_r9FJoq5ehHXwWffTpb4t1KyWxw9nLbOgrZBonjcEgF_ddMtRZR-hzR4kax4o4Z1TaUw6xbhwiQgth1pS_PFi-K6r2wVXgpZH6jX5Ox5m1DNNBdSZRsSvzy2BmYoHiGUpGixX6nz2UysrQs
Protocol
H2
Server
185.89.211.84 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),
Reverse DNS
959.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net
Software
nginx/1.23.4 /
Resource Hash
4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
fr-FR,fr;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 13 Jan 2024 04:37:23 GMT
an-x-request-uuid
f3c3d168-2007-456b-9e0b-5c7fd00271ab
server
nginx/1.23.4
accept-ch
Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type
image/gif
cache-control
no-store, no-cache, private
x-proxy-origin
37.59.164.108; 37.59.164.108; 959.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
content-length
43
x-xss-protection
0
expires
Sat, 15 Nov 2008 16:00:00 GMT

Redirect headers

pragma
no-cache
date
Sat, 13 Jan 2024 04:37:23 GMT
server
HTTP server (unknown)
content-type
text/html; charset=UTF-8
location
https://ib.adnxs.com/setuid?entity=101&code=CAESEGBIWhH8_gVufOkXmkb1kFc&google_cver=1
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
290
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
pixel
cm.g.doubleclick.net/ Frame C48D
Redirect Chain
  • https://ib.adnxs.com/getuid?https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=${BASE64_UID_ENC}
  • https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=MTM0MDI4MzM2OTk3NTM4MjcyMg%3D%3D
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=MTM0MDI4MzM2OTk3NTM4MjcyMg%3D%3D
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CNPh9QIQifbz8QEY2ej8ggIwAQ&v=APEucNVAyenNv6c6jSJfhVzLqcqOLGFJsvJcAdg4_r9FJoq5ehHXwWffTpb4t1KyWxw9nLbOgrZBonjcEgF_ddMtRZR-hzR4kax4o4Z1TaUw6xbhwiQgth1pS_PFi-K6r2wVXgpZH6jX5Ox5m1DNNBdSZRsSvzy2BmYoHiGUpGixX6nz2UysrQs
Protocol
H3
Server
142.250.181.226 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s56-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
fr-FR,fr;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 13 Jan 2024 04:37:23 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma
no-cache
date
Sat, 13 Jan 2024 04:37:23 GMT
an-x-request-uuid
5e16b7cd-cea6-47ba-9e14-6c1eeeeed907
server
nginx/1.23.4
accept-ch
Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type
text/html; charset=utf-8
access-control-allow-origin
*
cache-control
no-store, no-cache, private
access-control-allow-credentials
true
location
https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=MTM0MDI4MzM2OTk3NTM4MjcyMg%3D%3D
x-proxy-origin
37.59.164.108; 37.59.164.108; 959.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
content-length
0
x-xss-protection
0
expires
Sat, 15 Nov 2008 16:00:00 GMT
DcmEnabler_01_247.js
s0.2mdn.net/879366/ Frame BE9A 		29 KB
10 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://s0.2mdn.net/879366/DcmEnabler_01_247.js
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/16952711314765686234/index.html?ev=01_250
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:831::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
467a5b06cb117035f7882e8c71d80e093f04ce586c1ac2b84e7e4adf978edb30
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
fr-FR,fr;q=0.9
Referer
https://s0.2mdn.net/sadbundle/16952711314765686234/index.html?ev=01_250
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date
Fri, 12 Jan 2024 20:32:49 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
29074
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
10136
x-xss-protection
0
last-modified
Mon, 27 Sep 2021 18:45:03 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
text/javascript
access-control-allow-origin
*
cache-control
public, max-age=86400
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Sat, 13 Jan 2024 20:32:49 GMT
view
ad.doubleclick.net/pcs/ Frame 96E8 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://ad.doubleclick.net/pcs/view?xai=AKAOjsvlleAqPtEUNNXsYeNtf4jAIwOht2houCJxWT7sjNQCIQsXJRBu4xshdDv9Mh5E6KyMTY1qkcssc9ZrMo-agmLL15j06Kn0N5VqN9t18c1klQIt0WGtCjkhUVVcUDrSqaAokqLXfIrP-IYu8MZIkaYIbe8MaSVstxv_WPa7yRQ6HeJ0mkPwaxbbxQg-Y2IJTH6XR_JjdB0KjDPeAp-kGscZq0l48AMKbr1TFgB60xiS97BUSLhZqatkL-wwO1ze9-P732CgThFqqXObmRWXQAidNvGf4EGarhBkz3UJ6h9zj6dVOKOu17XrHuzzuYMqxDXJlhoNSr-qW53oPkoEYZk5p8J6Eh9HUePshXqLO0v0ZDNwkjx8e36r02c0a2Ip-ojAQmKBoL9P3rkpWoBjyzFG64xvlz2WRhBUUt4912inKJxAyf4m5_70qRvIq8X2qOD0JkdIyEzGBX3YP6ilfLj6-oe8nquOS5l_uqowI9VemdEk6rty3UTUQGmST6uu7B7OyGzsZOx0eLIYFn2O79tgr0d56Hd2A8w0aww2_x0yDvWNKEC87jWvGOoesHcbHo4oI7_ydLYJ5u_KvFIlZGNb5YLgm6eNBMuPIZBymoPagPuGL6mJ_xkrH-1ab-v43HAQXUT4jaEEkTFCk755jFHMqbyb9Nbsv9qezuO4PYJ-ZdXlcz1AIRAY118LHv-K2EkOBTELTv2nUexK9Z1NlBsnJZZMmogN28seob2x-PL1Hwce4du8wO2vCQUAqNHL815pgg8agQA4ABNSJx34LLNU_UAW_BUxnV7GonL3g_wj-DNEzmnCbxP6qEdfl6ceUHIZtnIvyG11NW6lxATEJW39TEBKQmSTvIQqBa7tidIx2r0GH2fNRmWVi4u0ShLmkFupt-stxuFR_92S2wal8tyLzN21TmdvfAWLVrNTIup0Wn4IoUnBY43WieHOOkkvV7Y49sZ7m_525FSUHma0F4C4UeiVO9nbA5s_ZOgDXLoMzvi7gs1-bgI554pSXKlUM4hZE3_ZKU-z90mEQ94igMaUKBYAg4JDnBUQKaoefHZMJWfQeANhhf0ORC3vGyNFnud8zo7WdI6qwE_tAky0fSDvb-W1AVJWTTRdtYxTHDfAle98d0uyG4uIFmG-TZeBTqw2XKcB0iXicIPn2rHh3Aul8zrmLsr_rO8q3l1B7CxLrnNdBFpbKEQ0pjNqU7zagOzj9LaKMvJkrSLi7ZWPu2s0Txfs9MGOP2mk4B0ZX_0ynE02T-4PguBnM-eB8mgqFz73xE6lTyvqUayeN1cDhFafO9PfNKOZVmPmH3cDt436fbx-aA2di9MGAALWWme5tNpp9X14cClJ5ephz2BqA42Y0grzn4Gy912LoUBm6bv5&sai=AMfl-YQ0E18Apw_TwMuXLOzGKdgsoEKyvSDPZDgwN2_1LzmferxrpQnPBPQprtUmwABBRrN4kloos8HZoi7ggiCILhpr2HNG54YIVITCIYLWLSruwrhgk3ei9O7WDHkodhSJKCt6eop8eB66skp9wWwM8q0vowEQFNKB8m1UU7q9rxNfn4qdZ_O5D73uaHUDFNcJ_31pQvInMKMdaialpcnbmD4ojhtWfKXUJ9De0UkaK6PHf0Qxv51Nfy_mxAOzvzOpJqocfgm-FxvIjSmYh_vWGT3c-U8z4NHCbD11TqCbkq8GXciz69jwfIulYKUslKCpRi1Jcj6F-sv615bzfdhHliZnjHuQMZLX-_51ta0_wRpk1so32MfGWLBI3antuawfYgZDf_zq6-fMu6hAzrfQ7FjNlVOGbSfQpa4RFBkm8PDgNpXYUV1wmUFwEujQWkWvxd8aBIe8T8BEwmJBjKYGuGBqJZM2TawxgRNXjswgyG7PepmqI5NjtSfIIdzlsodRXQPKgsU&sig=Cg0ArKJSzI_eVp_rzJlkEAE&uach_m=%5BUACH%5D&pr=missingexchangepricemacro&crd=aHR0cHM6Ly9iYWhpYS1wcmluY2lwZS5jb20&fbs_aeid=%5Bgw_fbsaeid%5D&urlfix=1&omid=0&rm=1&ctpt=123&vt=11&dtpt=66&dett=3&cstd=56&cisv=r20240109.46612&arae=0&ftch=1&adurl=
Requested by
Host: www.malipmu.1s.fr
URL: http://www.malipmu.1s.fr/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.184.230 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s12-in-f6.1e100.net
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
fr-FR,fr;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date
Sat, 13 Jan 2024 04:37:23 GMT
x-content-type-options
nosniff
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server
cafe
content-type
image/gif
access-control-allow-origin
*
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
private
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
runner.html
tpc.googlesyndication.com/sodar/sodar2/225/ Frame 56B7 		13 KB
5 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:802::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
http://www.malipmu.1s.fr/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36
accept-language
fr-FR,fr;q=0.9

Response headers

accept-ranges
bytes
age
35247
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, max-age=31536000
content-encoding
gzip
content-length
5046
content-type
text/html
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy
cross-origin
date
Fri, 12 Jan 2024 18:49:56 GMT
expires
Sat, 11 Jan 2025 18:49:56 GMT
last-modified
Mon, 21 Jun 2021 20:47:05 GMT
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server
sffe
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
aframe
www.google.com/recaptcha/api2/ Frame F637 		829 B
1 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://www.google.com/recaptcha/api2/aframe
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:829::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
GSE /
Resource Hash
ba4423daffb8b9092d10086f61c78c4a8edaeb9284f43043916a003a22023cb0
Security Headers
Name Value
Content-Security-Policy script-src 'report-sample' 'nonce-rSnAtobBcZGPojUCERy6BA' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
http://www.malipmu.1s.fr/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36
accept-language
fr-FR,fr;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
private, max-age=300
content-encoding
gzip
content-security-policy
script-src 'report-sample' 'nonce-rSnAtobBcZGPojUCERy6BA' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-type
text/html; charset=utf-8
cross-origin-embedder-policy
require-corp
cross-origin-resource-policy
cross-origin
date
Sat, 13 Jan 2024 04:37:23 GMT
expires
Sat, 13 Jan 2024 04:37:23 GMT
report-to
{"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
server
GSE
x-content-type-options
nosniff
x-xss-protection
1; mode=block
capa728x90.png
s0.2mdn.net/sadbundle/16952711314765686234/ Frame BE9A 		7 KB
7 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s0.2mdn.net/sadbundle/16952711314765686234/capa728x90.png
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20240109/r20110914/zrt_lookup_fy2021.html?fsb=1
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:831::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
d467c69f0626d13fa58e672ae2878301d2966ec7f20456f6366070c287ba04c5
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
fr-FR,fr;q=0.9
Referer
https://s0.2mdn.net/sadbundle/16952711314765686234/index.html?ev=01_250
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

expires
Sat, 11 Jan 2025 15:39:57 GMT
date
Fri, 12 Jan 2024 15:39:57 GMT
x-content-type-options
nosniff
age
46646
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
6807
x-xss-protection
0
last-modified
Thu, 12 May 2022 17:32:46 GMT
server
sffe
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
allow-fenced-frame-automatic-beacons
true
blueCyan2_728x90.png
s0.2mdn.net/sadbundle/16952711314765686234/ Frame BE9A 		5 KB
5 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s0.2mdn.net/sadbundle/16952711314765686234/blueCyan2_728x90.png
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20240109/r20110914/zrt_lookup_fy2021.html?fsb=1
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:831::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
e19ad546ad912846a48dc3d0717206a78c58fcbb7c0c2655b4e99dff25c18831
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
fr-FR,fr;q=0.9
Referer
https://s0.2mdn.net/sadbundle/16952711314765686234/index.html?ev=01_250
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

expires
Sat, 11 Jan 2025 13:21:43 GMT
date
Fri, 12 Jan 2024 13:21:43 GMT
x-content-type-options
nosniff
age
54940
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
5320
x-xss-protection
0
last-modified
Thu, 12 May 2022 17:32:46 GMT
server
sffe
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
allow-fenced-frame-automatic-beacons
true
logo_728x90.png
s0.2mdn.net/sadbundle/16952711314765686234/ Frame BE9A 		12 KB
12 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s0.2mdn.net/sadbundle/16952711314765686234/logo_728x90.png
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20240109/r20110914/zrt_lookup_fy2021.html?fsb=1
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:831::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
f2a0523678e497bd7db21e23ef72a764cfbaacd353db631de238fd359b613ecc
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
fr-FR,fr;q=0.9
Referer
https://s0.2mdn.net/sadbundle/16952711314765686234/index.html?ev=01_250
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

expires
Sat, 11 Jan 2025 15:07:30 GMT
date
Fri, 12 Jan 2024 15:07:30 GMT
x-content-type-options
nosniff
age
48593
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
12250
x-xss-protection
0
last-modified
Thu, 12 May 2022 17:32:46 GMT
server
sffe
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
allow-fenced-frame-automatic-beacons
true
blueCyan_728x90.png
s0.2mdn.net/sadbundle/16952711314765686234/ Frame BE9A 		5 KB
5 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s0.2mdn.net/sadbundle/16952711314765686234/blueCyan_728x90.png
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20240109/r20110914/zrt_lookup_fy2021.html?fsb=1
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:831::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
b4a956d7ae088ba52d86c1a771115659de1901c17a641b3f33d07e8653a80b24
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
fr-FR,fr;q=0.9
Referer
https://s0.2mdn.net/sadbundle/16952711314765686234/index.html?ev=01_250
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

expires
Sun, 12 Jan 2025 03:54:50 GMT
date
Sat, 13 Jan 2024 03:54:50 GMT
x-content-type-options
nosniff
age
2553
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
5228
x-xss-protection
0
last-modified
Thu, 12 May 2022 17:32:46 GMT
server
sffe
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
allow-fenced-frame-automatic-beacons
true
fondo728x90.jpg
s0.2mdn.net/sadbundle/16952711314765686234/ Frame BE9A 		20 KB
20 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s0.2mdn.net/sadbundle/16952711314765686234/fondo728x90.jpg
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20240109/r20110914/zrt_lookup_fy2021.html?fsb=1
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:831::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
63b65c373bdcfb22227a98b04f31afa28227929ea80f3617a8493cff44b67467
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
fr-FR,fr;q=0.9
Referer
https://s0.2mdn.net/sadbundle/16952711314765686234/index.html?ev=01_250
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

expires
Sun, 12 Jan 2025 01:03:54 GMT
date
Sat, 13 Jan 2024 01:03:54 GMT
x-content-type-options
nosniff
age
12809
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
20700
x-xss-protection
0
last-modified
Thu, 12 May 2022 17:32:46 GMT
server
sffe
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
image/jpeg
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
allow-fenced-frame-automatic-beacons
true
noah.min.js
bucket.cdnwebcloud.com/ Frame 96E8 		19 KB
7 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://bucket.cdnwebcloud.com/noah.min.js?1705120643064
Requested by
Host: bucket.cdnwebcloud.com
URL: https://bucket.cdnwebcloud.com/n_one_vway_bahia-principe-es_np.js?n_o_nu=not&n_o_aut_tc=385537041&ord=3590273774
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.66.122.86 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-66-122-86.fra60.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
3949bc357609db6e9bc5796a30a25a1865ba837e2cada69a1832b03e0814a51d

Request headers

accept-language
fr-FR,fr;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date
Fri, 12 Jan 2024 18:28:30 GMT
content-encoding
br
via
1.1 375431e28d82888f474ac3665a4ceb66.cloudfront.net (CloudFront)
last-modified
Mon, 04 Sep 2023 14:02:49 GMT
server
AmazonS3
x-amz-cf-pop
FRA60-P2
age
36534
x-amz-server-side-encryption
AES256
etag
W/"3c5a63b88b693279fc4d9dcff91d29c1"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
application/javascript
x-amz-cf-id
CjPWXvJkHE2rc4xhfNOGogtNpRgy2SSo3bu-abn8zdvfGelNevScRA==
gen_204
pagead2.googlesyndication.com/pagead/ Frame 1D22 		0
20 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar&v=44&t=2&bgai=BL7ZlghOiZdKmB6jN1PIPptiwkAsAAAAAOAHgBAI&bg=!ZGelZyjNAAaumcC-jpk7ADQBe5WfOIpvBnZkCzLK312VFsOjAint8hiz0BRcgMr0yQUoBRt-aBhagno6sP6ncEV3y61pAgAAACxSAAAAAWgBBwoAi8nA5hNiXB3fZ3OwB6QJfPV1zOfgXa0W1jyIDKgF6FMiwPv2C9BRNMCD7Et2ykvc3YYW-TrB8CI23ICZk_oHfjt8Ot5PoWgmPRb7WVqWRatN8Df3qDL3EPflXvm1GtxqpnNVXdO7JGsYx5gBmms8ZGu9YXUMJq_vT9d9cRJcbAwfnN3QVrSvcmwNaUCZAuLoEVD9cNs5LpvAgnLgkBp0_UA6EVCEtRFia8DVWSDIMmx4Ytv6vJKRTWldlL4xMWr905PyP0Z4DpyTzbUrx4nwOHsUNS_lXTQFGZlBr8_GUhRubLEMhwQLSbDt2ySPSAaJiuha0nVeJStMcnr0rh3HO1tRg6V1TeX2Ndctx-pCFTyLZkOgYdC_QRNsCudnN7S6auDfjfYeY8z2tTzphF_bcFizLWh9EQBFvt3VRGcFqNPX0bQazrlU5zCU6y4_EerbH2R8tmg0na72GPznhE9CmHGL4hdAtmI6hGksOaVEQH-NgKf_SeicBlZdgks7XHRJQGvRWTflIEzmVyi6uodmV4Tz350J9W6LbsKPGBzpDtsP-AGXdZwaICQWrRQypLFs00o6gwuM1cYNhCltW_4fXU7fKGTbT3isg5HvyaZiptVpXILFlN-pR6o4xbiSYiINAYq94RDygqGIriLv-2JDAEJoSR-Tbu-2WO54lQ8SiRn2bXKBcEk6bru2mXtiUv1hlxuZvsZKqWYb9z__2G2AEfYdWqDZMLntK3zpCBYL2UNHrtZcCKgNnoC4cgzmP0uY3rMiPCqMk-pu2JDUFLKWBmwxG7zm6NdqQiW6Hp9x_URlLug6oPRf66YMNzDxtQzg4msI_9mm7iYTwiLUjnFKBv42KY4gxjJauTqYqfUGzB6-12vkL8nP4H2LhaHTwXw9LzwvZjiH0IEktHRUWpd1uH767jhFuch-4TKGWA5oCwIaDUh6PnvliX59n6qbCKR2hWJfVV1lRUeMbcR3cDq6Ed-Bc9bCMGGyNOmgfTufG_6J2PDPYMbpQz9i5J6SmXdYVHkT8zIIXdnfJG5QKirg7GSLxFCDnyUBaDDR40TtdGviiXNVLKWmDRLARqmJOVIOvRbmb_8ARLy0LTOez8gwO0_IpVY4_nbTBIopRkvvokHEDnLYEZXb5bveD_DnSzhmiaa4zZtUsVOjc0kxk0Y7fCc
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20240109/r20110914/zrt_lookup_fy2021.html?fsb=1
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
fr-FR,fr;q=0.9
Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 13 Jan 2024 04:37:23 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
MCFrRHZE15CKjvM6RLwmjguI7mqh03m56A7oA9GJNi8.js
pagead2.googlesyndication.com/bg/ Frame 56B7 		39 KB
15 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/bg/MCFrRHZE15CKjvM6RLwmjguI7mqh03m56A7oA9GJNi8.js
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
30216b447644d7908a8ef33a44bc268e0b88ee6aa1d379b9e80ee803d189362f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
fr-FR,fr;q=0.9
Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date
Fri, 12 Jan 2024 16:01:33 GMT
content-encoding
br
x-content-type-options
nosniff
age
45350
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
15229
x-xss-protection
0
last-modified
Wed, 03 Jan 2024 11:18:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="botguard-scs"
vary
Accept-Encoding
report-to
{"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Sat, 11 Jan 2025 16:01:33 GMT
atp
neural40.cdnwebcloud.com/ Frame 96E8 		74 B
324 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://neural40.cdnwebcloud.com/atp?1507070016575=&n_o_aut_tc=385537041&nonhm=true&gdpr_consent=CMP_NOT_FOUND
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20240109/r20110914/zrt_lookup_fy2021.html?fsb=1
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
63.35.133.16 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-63-35-133-16.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
01b58ddb2f86a768f91751b62f25395417f6cf526191a4aefc1ebe4f8beacdcb

Request headers

accept-language
fr-FR,fr;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

access-control-allow-origin
*
date
Sat, 13 Jan 2024 04:37:23 GMT
cache-control
no-cache, no-store, max-age=0, must-revalidate
content-length
74
content-type
image/png
generate_204
tpc.googlesyndication.com/ Frame 56B7 		0
10 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/generate_204?DYjChw
Requested by
Host: www.malipmu.1s.fr
URL: http://www.malipmu.1s.fr/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:802::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
fr-FR,fr;q=0.9
Referer
https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date
Sat, 13 Jan 2024 04:37:23 GMT
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
chk.php
gmu-apps.com/ Frame 8991 		0
94 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://gmu-apps.com/chk.php
Requested by
Host: www.malipmu.1s.fr
URL: http://www.malipmu.1s.fr/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.241.64.65 San Jose, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-54-241-64-65.us-west-1.compute.amazonaws.com
Software
Apache /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://payment.allopass.com/
accept-language
fr-FR,fr;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36
Content-Type
application/x-www-form-urlencoded

Response headers

access-control-allow-origin
*
date
Sat, 13 Jan 2024 04:37:23 GMT
server
Apache
content-length
0
content-type
text/html; charset=UTF-8
sodar
pagead2.googlesyndication.com/getconfig/ 		16 KB
12 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gda&tv=r20240109&st=env
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202401080101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-5203714787387788&plah=www.malipmu.1s.fr
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
04d2e7284d9b0c871bc311ed650accbcc55747bdc6c037ca480ecd1fff6efe2a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
fr-FR,fr;q=0.9
Referer
http://www.malipmu.1s.fr/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date
Sat, 13 Jan 2024 04:37:23 GMT
content-encoding
br
x-content-type-options
nosniff
server
cafe
content-type
application/json; charset=UTF-8
access-control-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
12362
x-xss-protection
0
sodar
pagead2.googlesyndication.com/pagead/ Frame F637 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&li=gda_r20240109&jk=610469223943217&rc=
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
fr-FR,fr;q=0.9
Referer
https://www.google.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers
sodar2.js
tpc.googlesyndication.com/sodar/ 		17 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/sodar2.js
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202401080101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-5203714787387788&plah=www.malipmu.1s.fr
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:802::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
fr-FR,fr;q=0.9
Referer
http://www.malipmu.1s.fr/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date
Sat, 13 Jan 2024 04:37:23 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
6386
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
etag
"1637097310169751"
vary
Accept-Encoding
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
expires
Sat, 13 Jan 2024 04:37:23 GMT
runner.html
tpc.googlesyndication.com/sodar/sodar2/225/ Frame E4A2 		13 KB
5 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:802::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
http://www.malipmu.1s.fr/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36
accept-language
fr-FR,fr;q=0.9

Response headers

accept-ranges
bytes
age
35247
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, max-age=31536000
content-encoding
gzip
content-length
5046
content-type
text/html
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy
cross-origin
date
Fri, 12 Jan 2024 18:49:56 GMT
expires
Sat, 11 Jan 2025 18:49:56 GMT
last-modified
Mon, 21 Jun 2021 20:47:05 GMT
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server
sffe
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
aframe
www.google.com/recaptcha/api2/ Frame FB29 		829 B
772 B 		Document
General
Check archive.org
Download Go to
Full URL
https://www.google.com/recaptcha/api2/aframe
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:829::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
GSE /
Resource Hash
b84421bb4c9927c4614736b70814335aa65bd8c53480c61755545c35878dede5
Security Headers
Name Value
Content-Security-Policy script-src 'report-sample' 'nonce-WJTIKXyeBVuq6S9kZVNEew' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
http://www.malipmu.1s.fr/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36
accept-language
fr-FR,fr;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
private, max-age=300
content-encoding
gzip
content-security-policy
script-src 'report-sample' 'nonce-WJTIKXyeBVuq6S9kZVNEew' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-type
text/html; charset=utf-8
cross-origin-embedder-policy
require-corp
cross-origin-resource-policy
cross-origin
date
Sat, 13 Jan 2024 04:37:23 GMT
expires
Sat, 13 Jan 2024 04:37:23 GMT
report-to
{"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
server
GSE
x-content-type-options
nosniff
x-xss-protection
1; mode=block
activeview
pagead2.googlesyndication.com/pcs/ Frame 0BBD 		42 B
64 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjsvsy1cPiz5vuj-97fVmylIvu_1csy2MOtZZgi2xuzvVRKeArE8jgaT-hKZL0EuqlwF5iGpy7T87LgEmyWSmRF_15sA4mg0C1cUFOImal0p5IjJrqSLZ7k-lnFRPcMkYQ1DwQsmuI41CB23NovP2AogoK1kq&sai=AMfl-YQS69z7MYXaQH8zQ29AMlpN46o_7qRiKjIbNooxqI2sntSMNT07a01RFz_SxCS48vIOby8EKwNPgKFZOC-SNtrPMFyKsfmPaWA7ydmHhQPTpsYpaAn07JnMIJxlaWkBNnKX5AKTxZSHIDWzbgS-gw&sig=Cg0ArKJSzI_FF92j2hVfEAE&cid=CAQSTwAvHhf_iHyKZP9Vc9a1xUO-uUJOJwrPAnr5yZpZuuvef2rhqEmZpCA_F5jDBUYBO3fVxvDd9n_Fwgve5pRXW0W97u1lGyG5SeA-OBHTp70YAQ&id=lidar2&mcvt=1000&p=0,0,90,728&mtos=1000,1000,1000,1000,1000&tos=1000,0,0,0,0&v=20240110&bin=7&avms=nio&bs=0,0&mc=1&if=1&vu=1&app=0&itpl=20&adk=2647235303&rs=2&la=0&cr=0&vs=4&r=v&rst=1705120642295&rpt=339&met=ie&wmsd=0&pbe=0&vae=0&spb=0&ffslot=0&reach=0&io2=0
Requested by
Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/ufs_web_display.js?cache=r20110914
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
fr-FR,fr;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 13 Jan 2024 04:37:23 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
access-control-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
sodar
pagead2.googlesyndication.com/pagead/ Frame D0E8 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&t=2&li=gda_r20240109&jk=610469223943217&bg=!9fal9rnNAAaumcC-jpk7ADQBe5WfOH9L7jB_b9VFdYyIZPxb2J0RlpeztFPvCCYvpLHqgr_Cgu1YnKPx-gFnre7iyTVdAgAAADFSAAAAAmgBBwoAT19gh9kKC7n0H0v7RN6IREk04fdsZyxPIWE6_YQ2quzvdLxcnpYeygqTgj3fGnGzZ3nxSTGUG2jey6xEmEw2MTjyUcUlpmav--EExQRvIkmZAuufYtVWfGTJOQsoIA0QHOpFIvdcYFRLrX-MC7pwYiKQ5LAwkmNuJNAIns7Xtx7puYvTUpu5FNn9HDTkp233Z_877uS689QmJKw-S5vkhqCPDzv5RAB-jkgtN_RxzyzGdMTBb55psayAYOOi_8Nc9YqhIGx4W0eTfrY0BtM7JPrr8ftN9Jic017hFLd1uSVja7JjFK5xMdEMaoXJByXdi_elPXLoda2Lr0TiqLrpj1X9HDrlzHYfUAgzOBFzpK5SOHYzlVYcAyOSWJHPzvKTsZKfFhwqdZ-MF9GYCd4B5qN9AXbyNT450ALq0AeuoOXK97wdZrwMSexQXqWliwuh1X1TRrQyHmMVrJeC0ddmLhvUxeDljfHFkkC11y8X8dOHkBuT1LO7pZKiCWdQGbHKoT7C2k2ELsFy2hRveehHd6v-8PAk1mtjvqGaEUYhXjIOd_MgMfPIm1VrieYaQTfQswO6H-dp6ICBZkpnNzj8Mj1bmtOxKiFY6GDRpY5zt3YJrZj_vv6Fbh6EnPzUGGWwZU8lQtT8ugoh2P0aZ4LLSa2Ybhz-1zysICdKNozQDcvTFRxF4IWSrWZGfyGhmtn5cCbKzPwcB8Ms0lOtmQmlRv-Hv2ZpmZS49rqqsgdMGWNQ_mtKvL9H044n3Ou4rs84-GtioEz_kesmA9THyigbNupdNiOtEqDtk0id0c01PtAC8l9dB6yRuqCUF0CK6UOkMEFbaTrw06hFW5O5kqinTqniDEoDW764ABKZ_56iTeqXbIQAzi-_IFsv6df9Z96_EVUQ5wwbHbET9PFqfcIVLZ3A5JKSAXeNDtnpg9-1wgpXSZdJzlvKHun_lvz_I-tHwqtajH_1OiMuC7w0Hdsv0upfxLuCdV3sjJygWptmVk-YQgGcGv01MEqyqNP6kPg2CyxikiwELylK4VOVqL4_hRrIqh1c6RClo31Ll1-8U8jmmf3tP9WbiFGiNI_zfM38aS9j54J2dhVDnqrpDzk
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
fr-FR,fr;q=0.9
Referer
http://www.malipmu.1s.fr/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers
sodar
pagead2.googlesyndication.com/pagead/ Frame FB29 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&li=gda_r20240109&jk=1330006697239198&rc=
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
fr-FR,fr;q=0.9
Referer
https://www.google.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers
MCFrRHZE15CKjvM6RLwmjguI7mqh03m56A7oA9GJNi8.js
pagead2.googlesyndication.com/bg/ Frame E4A2 		39 KB
15 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/bg/MCFrRHZE15CKjvM6RLwmjguI7mqh03m56A7oA9GJNi8.js
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
30216b447644d7908a8ef33a44bc268e0b88ee6aa1d379b9e80ee803d189362f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
fr-FR,fr;q=0.9
Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date
Fri, 12 Jan 2024 16:01:33 GMT
content-encoding
br
x-content-type-options
nosniff
age
45350
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
15229
x-xss-protection
0
last-modified
Wed, 03 Jan 2024 11:18:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="botguard-scs"
vary
Accept-Encoding
report-to
{"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Sat, 11 Jan 2025 16:01:33 GMT
generate_204
tpc.googlesyndication.com/ Frame E4A2 		0
10 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/generate_204?5i38Vw
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:802::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
fr-FR,fr;q=0.9
Referer
https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date
Sat, 13 Jan 2024 04:37:23 GMT
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
sodar
pagead2.googlesyndication.com/pagead/ 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&t=2&li=gda_r20240109&jk=1330006697239198&bg=!FhWlFVrNAAaumcC-jpk7ADQBe5WfOJxu8TZgh2U1MHTaovk30PC5JNezX0XU7RLjUxtQs6wYmH6NumKn9DFTF4bBCsNBAgAAADVSAAAAAWgBBwoAxgXQa2ktKXl6WzR9U8d-Gcs0XjrohbbuIHuF4sWIRF6gEjt8JR0djIrggzYqYVIdRnj1t7-OCrnO-NdYKif7GEgifLTBxYWAwac_0bIk5-J-NWOfsAekrYcgPvoWbSIdIY4hEJRJoU8h6t6_RE71cWYns9rtHVm-vNq9RlcxTh_TvExawOR7V5hj1gVgPa_aqVUwzGNHbd0hDE7EviQmC_yrO60NT-Ouo4kl1Ay7Fayl8m5Xr3qvkblxMgwSM9PbC1jFvmkWQpkCvscGFWYSFO-oVS71rxMzcU-EH0YTzoAaWrLMcQt3uk2kilXmhlVqf81B2-qnWdwPXLZ1agSQsG_M6ujnpJ5GP_XkYqlal9S7XddXSVKhXM2841LS7vQCkG90BmEUIlsHTnCPL0S8eFpy93XCyP_Q_ryeKgUJbfheoOtsJtbhcatjTOQXhoUUDUcNrZx2ZetVTITtVSHBopOAJJdFR8VZac3meGILjyv1dGwOSxYbqRxUwkZmKJwPG1pWhslnUukf6YWLdKopLdjRNxPTRE07Wp-awCrf6jze8RvXO6I-RsQ6UsvBaRPnH3tPBCRy3RnywrDyioU-IEDZpDJ6IbIqQd5o6u4z4UiBJJaWNq9HNj4mh6w9I_TQvu-gKXpVcidGPfEaBewIV-dFKLjKlk0WVTddoOyX2xn41E2qtEnTCniw3CnBuD_Z2vmKhyRTtlqPFgVr9Ea4LoSbRDGLx3KReg4dhe0JTrd4RT7rUhsqPdVlpmGkViZiqkgCbk87Ho3gZPQ8AP0si5geHEoF52zxwqSn_Yzr_LJxMat1n0b_AvmSsnuq7NWxJnnLP3pbtU5wgD_fz9skjEWuxfzVebziLFIgdaq7FUcmwuL6209cA_xGDXduvDnWgGBPokPRblD2bwW5sI5zP4LHiu7f3yWjW8mlufCno37c5cCeStO_g0yhWIypG0vWMtC-vKCp08H8cZl_Qothu-hCDJENqtBEhe342FSTp0DTk6L6FFHOmfrbggq3bpBYoZwO65r4YEpMlYGKWd695gexBXLB4uF-tB1wNQQvfzPdQscsCOb6jYuF0uDJfijOIjrF4Oo-fc5lGTU-MSiiG2xkorYcFDu82Kna4fLYfpfkroKW0UHOL1RD1prNtvOZ3glyYvmKhq6Pt7Nd7HyYz-bzPLNktQ07qEr2r7S-896WdkpjZzaL6w
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
fr-FR,fr;q=0.9
Referer
http://www.malipmu.1s.fr/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

Verdicts & Comments Add Verdict or Comment

33 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| 0 object| 1 object| 2 object| 3 object| 4 object| 5 object| google_reactive_ads_global_state object| google_ad_modifications number| google_global_correlator object| google_prev_clients object| adsbygoogle object| googletag object| google_js_reporting_queue number| google_srt object| google_persistent_state_async object| google_logging_queue number| tmod object| ggeac boolean| google_measure_js_timing object| google_image_requests object| google_sa_queue function| google_process_slots boolean| google_apltlad function| google_spfd number| google_unique_id object| google_sv_map number| google_rum_task_id_counter function| google_sa_impl object| google_llp object| gaGlobal object| ampInaboxIframes object| ampInaboxPendingMessages object| GoogleGcLKhOms

12 Cookies

Domain/Path Name / Value
payment.allopass.com/ Name: ShopSessionId
Value: 6f91618d-e1c9-4edc-9b93-4d878696e442
.allopass.com/ Name: AP_CUSK
Value: 3640150579
.doubleclick.net/ Name: IDE
Value: AHWqTUnIK1q5ru0u8li9CFNelfqybE2xNeF_QN91psI7hn5gpBGY-JYXnnJm_6pX
.adnxs.com/ Name: uuid2
Value: 1340283369975382722
.casalemedia.com/ Name: CMID
Value: ZaITgvvLmN63mVUKkm8wYwAA
.casalemedia.com/ Name: CMPS
Value: 3334
.casalemedia.com/ Name: CMPRO
Value: 3334
.1s.fr/ Name: __gads
Value: ID=73cca71daa063d8d:T=1705120642:RT=1705120642:S=ALNI_MYV4mk-wV5531yArLh-wxFQf_Umhg
.1s.fr/ Name: __gpi
Value: UID=00000d408422c8e6:T=1705120642:RT=1705120642:S=ALNI_MZ1mMOJMw4oovlf01fNPbdbUECLUA
.adnxs.com/ Name: XANDR_PANID
Value: Yum1RFj5EBwpmSC7zL9BS8DYrhaUfvmlo8xXZZdiEmQ-0w98a-ixdtDWX0kGgasG1iegEEGvtMLA1bSIWhIW9yVugZJYY67HUXAeKebSTKQ.
.adnxs.com/ Name: anj
Value: dTM7k!M41.D>6NRF']wIg2HaNHWiyL!A#FA(<j<dINiYhTyXnfi8FW/m<vL<dt!_c7klOg8@G(N76=552UseqL/o+L%(2K:$doS]%6lNX#w67#
.neural40.cdnwebcloud.com/ Name: n_one
Value: 71c71f37-b1cd-11ee-8584-0242ac110002

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

ad.doubleclick.net
bucket.cdnwebcloud.com
cm.g.doubleclick.net
dsum-sec.casalemedia.com
fonts.googleapis.com
fonts.gstatic.com
gmu-apps.com
googleads.g.doubleclick.net
ib.adnxs.com
img.root-top.com
neural40.cdnwebcloud.com
pagead2.googlesyndication.com
payment.allopass.com
s0.2mdn.net
static.gambling-affiliation.com
tpc.googlesyndication.com
www.gambling-affiliation.com
www.google.com
www.googletagmanager.com
www.googletagservices.com
www.malipmu.1s.fr
www.secretturf.com
www.toptierce.net
www.venez.fr
142.250.181.226
142.250.184.230
172.64.151.101
18.66.122.86
185.119.26.1
185.89.211.84
194.150.236.190
194.150.236.236
2606:4700:3038::6815:ea1a
2a00:1450:4001:802::2001
2a00:1450:4001:80e::2002
2a00:1450:4001:811::2008
2a00:1450:4001:827::2002
2a00:1450:4001:827::2003
2a00:1450:4001:829::2004
2a00:1450:4001:82b::200a
2a00:1450:4001:830::2002
2a00:1450:4001:831::2006
5.135.149.81
54.241.64.65
63.35.133.16
91.198.105.122
01b58ddb2f86a768f91751b62f25395417f6cf526191a4aefc1ebe4f8beacdcb
04d2e7284d9b0c871bc311ed650accbcc55747bdc6c037ca480ecd1fff6efe2a
0b12a7cba4fbc4ac0081d8190314922585732f30f5beb366aee8cdef35c73aa2
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
0c91a24c2deb753c963c48cd9c3e5d16ee96128b30bce193c4324e121728c306
0e7d01a20aecfde737dba6bf0213e3917e50990930e8cad651cee9ff1cdb5f0a
145bb9be280d21f319706c5229d7689fd15c736da7f60735b29fadd3fb5ae8fd
16393c3e769e20445f7f78adf6a188dae9d932249842c1033dc2144bac1296ac
1642dd5dc126df4feff2255cba0988528507973d842d0a73331a5873f6b9d4e5
1816069af86c24f0cc7eb81c78311efc0aba9aded5642284cf673bb1c7130e7e
1d7e1c57904e81bbb5f28bfcce89bc800085098638d02579064423ceb424920f
1decf61f3465e4585a9a8cd868c343796bb6f43dfd1f03fa0b361dab97b4627c
25cb744080d6deff4264b5ba524f0dce05c93ec3daa38013a08bf7480123d6ee
30216b447644d7908a8ef33a44bc268e0b88ee6aa1d379b9e80ee803d189362f
3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5
3289fc83b622ca0a13683fa81b006a05de135d1938744d6e30e5c9be2f2d782a
3949bc357609db6e9bc5796a30a25a1865ba837e2cada69a1832b03e0814a51d
3975eb898756e296608f964f0fe799ecf25bbf79467666a3c3218dad3db1de6e
3ae0acf8f41b691001b7f1ab5413ddb845dc438f0edf7e354960a305f3f9d1bb
428f4d59e61cdf9887ad4cd7c4592a24b214d2d9c0ba09db01c4cfde66a3cd11
435db380c9936c0970dcd3d9941eab6aec2fcf2a38c3e2b4e02d957e8e76bd1f
467a5b06cb117035f7882e8c71d80e093f04ce586c1ac2b84e7e4adf978edb30
494f83e5feda9fb5349f8be38b0bef2e9f301e388e1cfd047564cebbbf34d815
49d4ba84e10d9d1f2a83956dde4f20625fd11efc01f60a3a4552a9e09a05a74f
4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef
4b7912eb5c02b7f4ca397f3b8101850573e2a795d25eaedd05201a1919b30861
54df4beda3ad05d5c621511ff15b2882588ff457e36132035d5f21fb29f2a750
55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a
597b8d67ab1ae1248dc69b6ef66b49d95eedc1ab74ae74234d86e3668d72e58e
5b0231eec0d06b77f534fe202e99a40e89685551d6f1afdebc3c581e3ea76a0b
61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb
63b65c373bdcfb22227a98b04f31afa28227929ea80f3617a8493cff44b67467
7231e09668ab3202e273312e2a7f3dcd9f0b4019ceefd8ef587d3e38fd8bda51
74130e91791cf3496d353724953e6466d3240ea308838a482dff16cd6c119aa0
7dc792d48132ff15a9ad8c11a139bf26f8e13aa3df30a71582ae406ddffdab4f
7f8a8af2d8caa5fc8d5dd131e71d17a7f84b9d5dee6e7ddb3a19a83e7799a4bb
7ffb9e58d885b0eaf644c52103b65f0019590149c75e77ff18f826d9bb3fa4e9
86eacdac937f3bb58da03b18aa9123e06f72c3ecbe60413476000ce9c79cb6c1
88cea518caaeba1eeecaf91586a146f5cb06349564d11b6bd480192e05f0cb4c
8db08a66fc20669ae93e6d8e919f56a863ce77d3e1ea0bb97efc4c35da450435
8e34cdba9ac65b3b6dd470052f0eb3442bdf7f6953e30b72d35ce0ab40ad9f40
9350d3b6a9ae6b2737eb5aeb8e1cca11793272a1efd2bb8a5d305b8c22d53959
96a94504da20942a3a8dc93a23f78ee10259861852144a0e0d0c5be6eb7192a9
97a9de3830f4bd7bcb7cf4805dbdcf1f4c6e843fcd4a814c6a5d7bc2b11fee1a
9ff367082be1d94abc86ad1e75ff921cc5d53846e860267372fade66305f9120
a5360f245d31d695ac6c7c2c5f2be062af87560fcbaac3f9be1ba01879ea2d9d
a82d1b3a85473bad87120c7d6b42782c0b5132e88feab8d6bd22a65ac85f70d4
a855457118dc6c67988ec9f1f760964fe493726b78dddce2c71d3cfeb7cccd47
b019538234514166ec7665359d097403358f8a4c991901983922fb4d56989f1e
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b
b223c9e7829aabc4dc2fd83f11c6474857bac50cf6b6540f7c0dfa14be21d8d6
b3ea80bf0cac29dba7599e04e2d0b44ed5b31dc5a13ef6fc2acfa9aa6c87d1ad
b4a956d7ae088ba52d86c1a771115659de1901c17a641b3f33d07e8653a80b24
b74d93c2e43195ed06c03dcc855663cce5faec3d82a53598eb84f0714bb5ced9
b84421bb4c9927c4614736b70814335aa65bd8c53480c61755545c35878dede5
b88598db6441341112078d3c81ea00ddf76e566ad9c68dcfec28a4d5100ca7b8
ba4423daffb8b9092d10086f61c78c4a8edaeb9284f43043916a003a22023cb0
bdfee5efc0ee6379da2ef12db5cc0a79397e8c891d12f220f3caf91e1427e1ef
c0a130d7b90ac605b17acd40337aa673f2f6b1779801ba8ea7d894d38b87ba36
c1893b3f02db32e36ee562842bc299d27c047656416c204667abf42f04777d2a
c4b813f7aa04eca20be469b259cca2779799f58e280d73488bd7386940d2d146
c8370a2d050359e9d505acc411e6f457a49b21360a21e6cbc9229bad3a767899
cce78252542c52ca1be1ee90ee21bb2293e769b0720f1a47ec6f719aac256054
cdca24fd19906ad7adbf066e55d3ee87750c3901e9b5d1beb538408274d32109
cf45c33ce297e2cc2d652903decd2b1eae7c1e9f66d4986627a6f63cc3441710
d176bb09818fe74dc0e1d369c411c2e3ca68bbf64a8eb76b43ec306520229833
d467c69f0626d13fa58e672ae2878301d2966ec7f20456f6366070c287ba04c5
d58acf16b5e4521c9eb24fe9fd97308e5f8be1297e4b63a547e5b610611799ae
de421ad2eb9e68d7798320a44138c37baea59c11ddff99bc492e10be0ccbfe4c
e19ad546ad912846a48dc3d0717206a78c58fcbb7c0c2655b4e99dff25c18831
e244da07d1e80f0b44441d3219ef69e8130fde7279a887cf964489950f5db935
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e612bd601b0098f708e7631a77393f16dd489ed11f32c1b155b76d8fa480a7ca
e93b8c0ae5b5910b7107c8b455eda029935c56efa8de0be2443d8eabba207197
eb66c7c9d097d5ba414230f422484c17fa6f37157d30e1ded2cc5f65a9667987
ecb916133a9376911f10bc5c659952eb0031e457f5df367cde560edbfba38fb8
ed88d5a1c97dc43c114c0b289b3b5abf077be44e8e8765a9ad777f94af433411
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
f0accc13693b74bf28ea4dc561da4b5bb10b3dd68d9a75253e810bd8abf3a9af
f2a0523678e497bd7db21e23ef72a764cfbaacd353db631de238fd359b613ecc
f49557c53b5a2b5ba8e6496011e3c2728b1d20a8eea9c638d9ba796eda2a8791
f6d087273faea2cee48bd7ed456c74d3981ade8cefe0f6d8b11e5a92378ad41f
f708cf84d69a0f2267eadcd97dd50bde07ae053d0604ae510161861a06fd70f7
f8e7cca5d725305e0a7c5932bc1e70a4e22abd39bbddcecd52ae3caaa531606b
faf063f091dd745b82f9aeb12544a10ef3ee5989078c1a90d377d863fff884c7
fd3fad3e15262b0e096e7d7cc57efd2e684a679ccacb704d94542ba3d7d93d17