www.meneurdejeux.powa.fr Open in urlscan Pro
194.150.236.179  Public Scan

27 Outgoing links

These are links going to different origins than the main page.

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Redirected requests

There were HTTP redirect chains for the following requests:

26 HTTP transactions Everything HTML Script AJAX CSS Image Expand all
0 data transactions

Method Protocol	Status	Resource Path	Size x-fer	Time Latency	Type MIME-Type	IP Location
GET H/1.1	200 OK	Primary Request / Show response www.meneurdejeux.powa.fr/	19 KB 19 KB	150ms 113ms	Document text/html	194.150.236.179 HIWIT_AS
General Check archive.org Show headers Download Go to Full URL http://www.meneurdejeux.powa.fr/ Protocol HTTP/1.1 Server 194.150.236.179 , France, ASN44976 (HIWIT_AS, FR), Reverse DNS ns19.hiwit.net Software Apache / Resource Hash 2d699893eaadeda4d9439832880eb35bd23642f7f024226c7505b310c4945029 Request headers Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36 Accept-Language fr-FR,fr;q=0.9 Response headers Date Tue, 01 Feb 2022 15:53:41 GMT Server Apache Expires Thu, 19 Nov 1981 08:52:00 GMT Cache-Control no-store, no-cache, must-revalidate, post-check=0, pre-check=0 Pragma no-cache Vary Host Keep-Alive timeout=15, max=100 Connection Keep-Alive Transfer-Encoding chunked Content-Type text/html
GET H/1.1	200 OK	entete.jpg www.meneurdejeux.powa.fr/img/	75 KB 75 KB	19ms 19ms	Image image/jpeg	194.150.236.179 HIWIT_AS
General Check archive.org Show headers Download Go to Show image Full URL http://www.meneurdejeux.powa.fr/img/entete.jpg Requested by Host: www.meneurdejeux.powa.fr URL: http://www.meneurdejeux.powa.fr/ Protocol HTTP/1.1 Server 194.150.236.179 , France, ASN44976 (HIWIT_AS, FR), Reverse DNS ns19.hiwit.net Software Apache / Resource Hash e35517b5f1702b7160894574cd5386d66d075c0ed8bd3e0fe74802da5db66b31 Request headers Accept-Language fr-FR,fr;q=0.9 Referer http://www.meneurdejeux.powa.fr/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36 Response headers Date Tue, 01 Feb 2022 15:53:41 GMT Last-Modified Wed, 29 May 2019 19:26:55 GMT Server Apache ETag "173935e-12a8d-58a0bc3a1fdc0" Vary Host Content-Type image/jpeg Connection Keep-Alive Accept-Ranges bytes Keep-Alive timeout=15, max=99 Content-Length 76429
GET H/1.1	200 OK	cheval_course.jpg www.meneurdejeux.powa.fr/img/	29 KB 30 KB	41ms 21ms	Image image/jpeg	194.150.236.179 HIWIT_AS
General Check archive.org Show headers Download Go to Show image Full URL http://www.meneurdejeux.powa.fr/img/cheval_course.jpg Requested by Host: www.meneurdejeux.powa.fr URL: http://www.meneurdejeux.powa.fr/ Protocol HTTP/1.1 Server 194.150.236.179 , France, ASN44976 (HIWIT_AS, FR), Reverse DNS ns19.hiwit.net Software Apache / Resource Hash 8b0d6f3983fff988570ba1f33075ae01eba4fefdecc4bd26e8c32cf47c2649ff Request headers Accept-Language fr-FR,fr;q=0.9 Referer http://www.meneurdejeux.powa.fr/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36 Response headers Date Tue, 01 Feb 2022 15:53:41 GMT Last-Modified Wed, 29 May 2019 19:26:54 GMT Server Apache ETag "173935d-754a-58a0bc392bb80" Vary Host Content-Type image/jpeg Connection Keep-Alive Accept-Ranges bytes Keep-Alive timeout=15, max=100 Content-Length 30026
GET H/1.1	200 OK	checkout.apu Show response payment.allopass.com/buy/	11 KB 4 KB	365ms 244ms	Script text/html	185.119.26.1 WEBDEVIIN-AS
General Check archive.org Show headers Download Go to Full URL https://payment.allopass.com/buy/checkout.apu?ids=353252&idd=1542399&lang=fr Requested by Host: www.meneurdejeux.powa.fr URL: http://www.meneurdejeux.powa.fr/ Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_256_GCM Server 185.119.26.1 , France, ASN203544 (WEBDEVIIN-AS, FR), Reverse DNS 1.26.119.185.in-addr.arpa Software Apache / Resource Hash 2caad8fc9a6c30ebd03d9695a1227870dec6d2d3fa69a007eae2d9b7359868e0 Request headers Accept-Language fr-FR,fr;q=0.9 Referer http://www.meneurdejeux.powa.fr/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36 Response headers Pragma no-cache Date Tue, 01 Feb 2022 15:53:41 GMT Content-Encoding gzip Server Apache Vary Accept-Encoding P3P CP='NON NID OTPa OUR NOR' policy-ref='http://payment.allopass.com/info/p3p/policy-references.xml' Cache-Control no-store, no-cache, must-revalidate, post-check=0, pre-check=0 Connection close Content-Type text/html Content-Length 2960 Expires Thu, 19 Nov 1981 08:52:00 GMT
GET H/1.1	200 OK	script.php Show response script.starpass.fr/	25 B 289 B	147ms 37ms	Script text/html	194.0.255.28 NEO-ASN legacy Ne...
General Check archive.org Show headers Download Go to Full URL https://script.starpass.fr/script.php?idd=433940&datas= Requested by Host: www.meneurdejeux.powa.fr URL: http://www.meneurdejeux.powa.fr/ Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_256_GCM Server 194.0.255.28 , France, ASN8218 (NEO-ASN legacy Neotelecoms, FR), Reverse DNS srv28.bdmultimedia.fr Software Apache / Resource Hash a0710d7ae8f4a0ab076452dc7c3882b1c553ee11603bc5f9cf9dce10400ae1ce Request headers Accept-Language fr-FR,fr;q=0.9 Referer http://www.meneurdejeux.powa.fr/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36 Response headers Date Tue, 01 Feb 2022 15:53:13 GMT Content-Encoding gzip Server Apache Vary Accept-Encoding,User-Agent Content-Type text/html; charset=UTF-8 Connection Keep-Alive Keep-Alive timeout=2, max=100 Content-Length 43
GET H/1.1	200 OK	galop.jpg www.meneurdejeux.powa.fr/img/	30 KB 30 KB	41ms 20ms	Image image/jpeg	194.150.236.179 HIWIT_AS
General Check archive.org Show headers Download Go to Show image Full URL http://www.meneurdejeux.powa.fr/img/galop.jpg Requested by Host: www.meneurdejeux.powa.fr URL: http://www.meneurdejeux.powa.fr/ Protocol HTTP/1.1 Server 194.150.236.179 , France, ASN44976 (HIWIT_AS, FR), Reverse DNS ns19.hiwit.net Software Apache / Resource Hash 21686961b968cc34bd0654b8015b0ebfece1137ec5c089aa1be62ec0bbb49943 Request headers Accept-Language fr-FR,fr;q=0.9 Referer http://www.meneurdejeux.powa.fr/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36 Response headers Date Tue, 01 Feb 2022 15:53:41 GMT Last-Modified Wed, 29 May 2019 19:26:59 GMT Server Apache ETag "1739360-780a-58a0bc3df06c0" Vary Host Content-Type image/jpeg Connection Keep-Alive Accept-Ranges bytes Keep-Alive timeout=15, max=100 Content-Length 30730
GET H/1.1	200 OK	logo.gif www.meneurdejeux.powa.fr/img/	9 KB 9 KB	55ms 18ms	Image image/gif	194.150.236.179 HIWIT_AS
General Check archive.org Show headers Download Go to Show image Full URL http://www.meneurdejeux.powa.fr/img/logo.gif Requested by Host: www.meneurdejeux.powa.fr URL: http://www.meneurdejeux.powa.fr/ Protocol HTTP/1.1 Server 194.150.236.179 , France, ASN44976 (HIWIT_AS, FR), Reverse DNS ns19.hiwit.net Software Apache / Resource Hash 6857d8543ce3d315ec47e6127d28bfe24af8dd63374d42701dd66d3f58ed44cb Request headers Accept-Language fr-FR,fr;q=0.9 Referer http://www.meneurdejeux.powa.fr/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36 Response headers Date Tue, 01 Feb 2022 15:53:41 GMT Last-Modified Wed, 29 May 2019 19:27:00 GMT Server Apache ETag "1739361-2400-58a0bc3ee4900" Vary Host Content-Type image/gif Connection Keep-Alive Accept-Ranges bytes Keep-Alive timeout=15, max=100 Content-Length 9216
GET H/1.1	200 OK	analysepronop.gif www.top-pmu.com/logo/	16 KB 16 KB	58ms 20ms	Image image/gif	194.150.236.190 HIWIT_AS
General Check archive.org Show headers Download Go to Show image Full URL http://www.top-pmu.com/logo/analysepronop.gif Requested by Host: www.meneurdejeux.powa.fr URL: http://www.meneurdejeux.powa.fr/ Protocol HTTP/1.1 Server 194.150.236.190 , France, ASN44976 (HIWIT_AS, FR), Reverse DNS ns30.hiwit.net Software Apache / Resource Hash 3bf7897c6122f9c0adea1ac770174dde74b0a56e65e432b8e8bb713d5e55fd99 Request headers Accept-Language fr-FR,fr;q=0.9 Referer http://www.meneurdejeux.powa.fr/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36 Response headers Date Tue, 01 Feb 2022 15:53:41 GMT Last-Modified Mon, 18 Jun 2018 17:21:57 GMT Server Apache ETag "97308c-3fdd-56eedcd773740" Vary Host Content-Type image/gif Connection Keep-Alive Accept-Ranges bytes Keep-Alive timeout=10, max=100 Content-Length 16349
GET H2	200	LAVOIX%2BDUTIERCE.gif 4.bp.blogspot.com/-ohHQpmvyOQw/V5S_3CepZCI/AAAAAAAAAD8/MFp9AZLQ5jwPv8umJZV5ae2xIm4FDienwCK4B/s1600/	51 KB 51 KB	99ms 38ms	Image image/gif	2a00:1450:4001:812::2001 GOOGLE
General Check archive.org Show headers Download Go to Show image Full URL https://4.bp.blogspot.com/-ohHQpmvyOQw/V5S_3CepZCI/AAAAAAAAAD8/MFp9AZLQ5jwPv8umJZV5ae2xIm4FDienwCK4B/s1600/LAVOIX%2BDUTIERCE.gif Requested by Host: www.meneurdejeux.powa.fr URL: http://www.meneurdejeux.powa.fr/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:812::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software fife / Resource Hash b20f66c6e80acce4877d4f6cd436b6883790e26814b5badfaed8e782fda21fd6 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Accept-Language fr-FR,fr;q=0.9 Referer http://www.meneurdejeux.powa.fr/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36 Response headers date Tue, 01 Feb 2022 15:53:41 GMT x-content-type-options nosniff age 0 content-disposition inline;filename="LAVOIX DUTIERCE.gif" alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 52059 x-xss-protection 0 server fife etag "v40" vary Origin content-type image/gif access-control-allow-origin * access-control-expose-headers Content-Length cache-control public, max-age=86400, no-transform timing-allow-origin * expires Mon, 10 Jan 2022 10:35:02 GMT
GET H/1.1	200 OK	logo.gif www.turfsupreme.com/img/	12 KB 12 KB	64ms 23ms	Image image/gif	194.150.236.179 HIWIT_AS
General Check archive.org Show headers Download Go to Show image Full URL http://www.turfsupreme.com/img/logo.gif Requested by Host: www.meneurdejeux.powa.fr URL: http://www.meneurdejeux.powa.fr/ Protocol HTTP/1.1 Server 194.150.236.179 , France, ASN44976 (HIWIT_AS, FR), Reverse DNS ns19.hiwit.net Software Apache / Resource Hash 4e8a20b63b2e1ad0440e81976f2640c70cd5b7bc55e77d39514ff89993ef0a79 Request headers Accept-Language fr-FR,fr;q=0.9 Referer http://www.meneurdejeux.powa.fr/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36 Response headers Date Tue, 01 Feb 2022 15:53:41 GMT Last-Modified Thu, 26 Sep 2019 09:44:47 GMT Server Apache ETag "17395c7-2ec9-593719eb801c0" Vary Host Content-Type image/gif Connection Keep-Alive Accept-Ranges bytes Keep-Alive timeout=15, max=100 Content-Length 11977
GET H/1.1	200 OK	zedturf.gif www.top-pmu.com/logo/	25 KB 26 KB	40ms 20ms	Image image/gif	194.150.236.190 HIWIT_AS
General Check archive.org Show headers Download Go to Show image Full URL http://www.top-pmu.com/logo/zedturf.gif Requested by Host: www.meneurdejeux.powa.fr URL: http://www.meneurdejeux.powa.fr/ Protocol HTTP/1.1 Server 194.150.236.190 , France, ASN44976 (HIWIT_AS, FR), Reverse DNS ns30.hiwit.net Software Apache / Resource Hash 2778f885798d67bdf29616e414e69f0f1ab8e198b555f09ff1806a4cc05ca8cc Request headers Accept-Language fr-FR,fr;q=0.9 Referer http://www.meneurdejeux.powa.fr/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36 Response headers Date Tue, 01 Feb 2022 15:53:41 GMT Last-Modified Sun, 17 Jun 2018 18:03:56 GMT Server Apache ETag "914bd0-64f7-56eda45c4bb00" Vary Host Content-Type image/gif Connection Keep-Alive Accept-Ranges bytes Keep-Alive timeout=10, max=100 Content-Length 25847
GET H/1.1	200 OK	clubhi.gif www.top-pmu.com/logo/	18 KB 19 KB	44ms 23ms	Image image/gif	194.150.236.190 HIWIT_AS
General Check archive.org Show headers Download Go to Show image Full URL http://www.top-pmu.com/logo/clubhi.gif Requested by Host: www.meneurdejeux.powa.fr URL: http://www.meneurdejeux.powa.fr/ Protocol HTTP/1.1 Server 194.150.236.190 , France, ASN44976 (HIWIT_AS, FR), Reverse DNS ns30.hiwit.net Software Apache / Resource Hash 894cfcbf30440dd1b1a2554dbecfc0653c25149b7ee6ead829461eb4c15bd6eb Request headers Accept-Language fr-FR,fr;q=0.9 Referer http://www.meneurdejeux.powa.fr/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36 Response headers Date Tue, 01 Feb 2022 15:53:41 GMT Last-Modified Sun, 17 Jun 2018 18:04:50 GMT Server Apache ETag "914bda-498c-56eda48fcb480" Vary Host Content-Type image/gif Connection Keep-Alive Accept-Ranges bytes Keep-Alive timeout=10, max=100 Content-Length 18828
GET H2	200	TURFSUP.gif 2.bp.blogspot.com/-fJqdFiDqNt8/WamKKySwunI/AAAAAAAAABc/llzZciGWZco5MQzICezm71IsSV06TTNDgCEwYBhgL/s1600/	337 KB 338 KB	88ms 27ms	Image image/gif	2a00:1450:4001:812::2001 GOOGLE
General Check archive.org Show headers Download Go to Show image Full URL https://2.bp.blogspot.com/-fJqdFiDqNt8/WamKKySwunI/AAAAAAAAABc/llzZciGWZco5MQzICezm71IsSV06TTNDgCEwYBhgL/s1600/TURFSUP.gif Requested by Host: www.meneurdejeux.powa.fr URL: http://www.meneurdejeux.powa.fr/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:812::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software fife / Resource Hash 1834df167893cb472a83d164c935cd849de348bb85363eaa914bdb290d8cfb8d Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Accept-Language fr-FR,fr;q=0.9 Referer http://www.meneurdejeux.powa.fr/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36 Response headers date Tue, 01 Feb 2022 14:48:39 GMT x-content-type-options nosniff age 3902 content-disposition inline;filename="TURFSUP.gif" alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 345150 x-xss-protection 0 server fife etag "v18" vary Origin content-type image/gif access-control-allow-origin * access-control-expose-headers Content-Length cache-control public, max-age=86400, no-transform timing-allow-origin * expires Wed, 02 Feb 2022 08:50:45 GMT
GET H/1.0	200 OK	iframe_sponsor.eur Show response www.allosponsor.com/cgi-bin/	7 KB 2 KB	78ms 21ms	Script text/html	213.246.57.128 IKOULA
General Check archive.org Show headers Download Go to Full URL http://www.allosponsor.com/cgi-bin/iframe_sponsor.eur?num_site_aff=87753&type=3&popinto=1 Requested by Host: www.meneurdejeux.powa.fr URL: http://www.meneurdejeux.powa.fr/ Protocol HTTP/1.0 Server 213.246.57.128 , France, ASN21409 (IKOULA, FR), Reverse DNS www.allosponsor.com Software Apache/2.2.22 (Debian) / Resource Hash cddae8f552ed7a9cc53bce9c430ba158a1000d9123ec5c8f84b00d17a08743a0 Request headers Accept-Language fr-FR,fr;q=0.9 Referer http://www.meneurdejeux.powa.fr/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36 Response headers Date Tue, 01 Feb 2022 15:53:39 GMT Via 1.1 www.allosponsor.com:80 (squid/2.7.STABLE9) X-Cache-Lookup MISS from www.allosponsor.com:80 Server Apache/2.2.22 (Debian) Vary Accept-Encoding X-Cache MISS from www.allosponsor.com Content-Type text/html Connection close Content-Encoding gzip
GET H/1.1	200 OK	/ www.meneurdejeux.powa.fr/	5 KB 5 KB	89ms 87ms	Image text/html	194.150.236.179 HIWIT_AS
General Check archive.org Show headers Download Go to Show image Full URL http://www.meneurdejeux.powa.fr/ Requested by Host: www.meneurdejeux.powa.fr URL: http://www.meneurdejeux.powa.fr/ Protocol HTTP/1.1 Server 194.150.236.179 , France, ASN44976 (HIWIT_AS, FR), Reverse DNS ns19.hiwit.net Software Apache / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Request headers Accept-Language fr-FR,fr;q=0.9 Referer http://www.meneurdejeux.powa.fr/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36 Response headers Pragma no-cache Date Tue, 01 Feb 2022 15:53:41 GMT Server Apache Vary Host Content-Type text/html Cache-Control no-store, no-cache, must-revalidate, post-check=0, pre-check=0 Transfer-Encoding chunked Connection Keep-Alive Keep-Alive timeout=15, max=100 Expires Thu, 19 Nov 1981 08:52:00 GMT
GET H2	200	gtm.js Show response www.googletagmanager.com/	94 KB 37 KB	101ms 43ms	Script application/javascript	2a00:1450:4001:813::2008 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://www.googletagmanager.com/gtm.js?id=GTM-NHFGDSD Requested by Host: payment.allopass.com URL: https://payment.allopass.com/buy/checkout.apu?ids=353252&idd=1542399&lang=fr Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:813::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software Google Tag Manager / Resource Hash 273bdebff68dc149488a7896373ffec9749ad9371da44ed3aa6e0815b1e8a69a Security Headers Name Value Strict-Transport-Security max-age=31536000; includeSubDomains X-Xss-Protection 0 Request headers Accept-Language fr-FR,fr;q=0.9 Referer http://www.meneurdejeux.powa.fr/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36 Response headers date Tue, 01 Feb 2022 15:53:42 GMT content-encoding br vary Accept-Encoding cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 37116 x-xss-protection 0 last-modified Tue, 01 Feb 2022 15:00:00 GMT server Google Tag Manager strict-transport-security max-age=31536000; includeSubDomains content-type application/javascript; charset=UTF-8 access-control-allow-origin * cache-control private, max-age=900 access-control-allow-credentials true access-control-allow-headers Cache-Control expires Tue, 01 Feb 2022 15:53:42 GMT
GET H/1.1	200 OK	buy-button.css payment.allopass.com/static/css/	2 KB 830 B	75ms 26ms	Stylesheet text/css	185.119.26.1 WEBDEVIIN-AS
General Check archive.org Show headers Download Go to Full URL https://payment.allopass.com/static/css/buy-button.css?1 Requested by Host: payment.allopass.com URL: https://payment.allopass.com/buy/checkout.apu?ids=353252&idd=1542399&lang=fr Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_256_GCM Server 185.119.26.1 , France, ASN203544 (WEBDEVIIN-AS, FR), Reverse DNS 1.26.119.185.in-addr.arpa Software Apache / Resource Hash 95eb15e76b752a9c78d6281cd3b7c43a8fbc2931783edf3bf3703af55eff06e2 Request headers Accept-Language fr-FR,fr;q=0.9 Referer http://www.meneurdejeux.powa.fr/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36 Response headers Date Tue, 01 Feb 2022 15:53:42 GMT Content-Encoding gzip Last-Modified Tue, 16 Nov 2021 13:36:55 GMT Server Apache ETag "26782-69a-5d0e804cbabc0" Vary Accept-Encoding Content-Type text/css Connection close Accept-Ranges bytes Content-Length 546
GET H/1.1	200 OK	162x56.png payment.allopass.com/static/buy/button/fr/	6 KB 6 KB	74ms 26ms	Image image/png	185.119.26.1 WEBDEVIIN-AS
General Check archive.org Show headers Download Go to Show image Full URL https://payment.allopass.com/static/buy/button/fr/162x56.png Requested by Host: www.meneurdejeux.powa.fr URL: http://www.meneurdejeux.powa.fr/ Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_256_GCM Server 185.119.26.1 , France, ASN203544 (WEBDEVIIN-AS, FR), Reverse DNS 1.26.119.185.in-addr.arpa Software Apache / Resource Hash 7dd9659e56e92abc376e04d427903b2cfca1d52d854d38e35fefa4cf9e7fd9db Request headers Accept-Language fr-FR,fr;q=0.9 Referer http://www.meneurdejeux.powa.fr/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36 Response headers Date Tue, 01 Feb 2022 15:53:42 GMT Last-Modified Tue, 16 Nov 2021 13:36:55 GMT Server Apache ETag "218f3-1688-5d0e804cbabc0" Content-Type image/png Connection close Accept-Ranges bytes Content-Length 5768
GET H/1.0	200 OK	iframe_sponsor.eur Show response www.allosponsor.com/cgi-bin/ Frame E630	2 KB 1 KB	39ms 20ms	Document text/html	213.246.57.128 IKOULA
General Check archive.org Show headers Download Go to Full URL http://www.allosponsor.com/cgi-bin/iframe_sponsor.eur?num_site_aff=87753&type=3&affc=1&s=0 Requested by Host: www.allosponsor.com URL: http://www.allosponsor.com/cgi-bin/iframe_sponsor.eur?num_site_aff=87753&type=3&popinto=1 Protocol HTTP/1.0 Server 213.246.57.128 , France, ASN21409 (IKOULA, FR), Reverse DNS www.allosponsor.com Software Apache/2.2.22 (Debian) / Resource Hash b57e23b95d2674863d21d3ae612415d566a558f69cc46b7daf3034d976ad3808 Request headers Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36 Accept-Language fr-FR,fr;q=0.9 Referer http://www.meneurdejeux.powa.fr/ Response headers Date Tue, 01 Feb 2022 15:53:39 GMT Server Apache/2.2.22 (Debian) Vary Accept-Encoding Content-Encoding gzip Content-Type text/html X-Cache MISS from www.allosponsor.com X-Cache-Lookup MISS from www.allosponsor.com:80 Via 1.1 www.allosponsor.com:80 (squid/2.7.STABLE9) Connection close
GET H/1.0	200 OK	iframe_sponsor.eur Show response www.allosponsor.com/cgi-bin/ Frame 4E8B	2 KB 1 KB	39ms 20ms	Document text/html	213.246.57.128 IKOULA
General Check archive.org Show headers Download Go to Full URL http://www.allosponsor.com/cgi-bin/iframe_sponsor.eur?num_site_aff=87753&affc=1&s=0 Requested by Host: www.allosponsor.com URL: http://www.allosponsor.com/cgi-bin/iframe_sponsor.eur?num_site_aff=87753&type=3&popinto=1 Protocol HTTP/1.0 Server 213.246.57.128 , France, ASN21409 (IKOULA, FR), Reverse DNS www.allosponsor.com Software Apache/2.2.22 (Debian) / Resource Hash 47b967e27c9baaba644bb55cfc1db81f6d9838a2e696ffcd28d81d50920b71ec Request headers Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36 Accept-Language fr-FR,fr;q=0.9 Referer http://www.meneurdejeux.powa.fr/ Response headers Date Tue, 01 Feb 2022 15:53:39 GMT Server Apache/2.2.22 (Debian) Vary Accept-Encoding Content-Encoding gzip Content-Type text/html X-Cache MISS from www.allosponsor.com X-Cache-Lookup MISS from www.allosponsor.com:80 Via 1.1 www.allosponsor.com:80 (squid/2.7.STABLE9) Connection close
GET H/1.0	200 OK	transp.gif www.allosponsor.com/images/	49 B 449 B	40ms 20ms	Image image/gif	213.246.57.128 IKOULA
General Check archive.org Show headers Download Go to Show image Full URL http://www.allosponsor.com/images/transp.gif Requested by Host: www.meneurdejeux.powa.fr URL: http://www.meneurdejeux.powa.fr/ Protocol HTTP/1.0 Server 213.246.57.128 , France, ASN21409 (IKOULA, FR), Reverse DNS www.allosponsor.com Software Apache/2.2.22 (Debian) / Resource Hash 02d2855c8a5417cd637df1e81f781e42ff2b12ad6dffb923a3822f16b5bfa82a Request headers Accept-Language fr-FR,fr;q=0.9 Referer http://www.meneurdejeux.powa.fr/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36 Response headers Date Tue, 01 Feb 2022 15:53:39 GMT Via 1.1 www.allosponsor.com:80 (squid/2.7.STABLE9) X-Cache-Lookup HIT from www.allosponsor.com:80 Last-Modified Thu, 18 Dec 2008 10:28:48 GMT Server Apache/2.2.22 (Debian) ETag "3803d3-31-45e4fa86d3800" X-Cache MISS from www.allosponsor.com Content-Type image/gif Connection keep-alive Accept-Ranges bytes Content-Length 49
GET H/1.0	200 OK	closeb.gif www.allosponsor.com/images/	706 B 1 KB	40ms 20ms	Image image/gif	213.246.57.128 IKOULA
General Check archive.org Show headers Download Go to Show image Full URL http://www.allosponsor.com/images/closeb.gif Requested by Host: www.meneurdejeux.powa.fr URL: http://www.meneurdejeux.powa.fr/ Protocol HTTP/1.0 Server 213.246.57.128 , France, ASN21409 (IKOULA, FR), Reverse DNS www.allosponsor.com Software Apache/2.2.22 (Debian) / Resource Hash 18df3f0fa94f39427ebee0a8ada0faf4c4351c27c1d46ce5682807337b1966ed Request headers Accept-Language fr-FR,fr;q=0.9 Referer http://www.meneurdejeux.powa.fr/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36 Response headers Date Tue, 01 Feb 2022 15:53:39 GMT Via 1.1 www.allosponsor.com:80 (squid/2.7.STABLE9) X-Cache-Lookup HIT from www.allosponsor.com:80 Last-Modified Sat, 20 Dec 2008 14:28:55 GMT Server Apache/2.2.22 (Debian) ETag "380380-2c2-45e7b3ed557c0" X-Cache MISS from www.allosponsor.com Content-Type image/gif Connection keep-alive Accept-Ranges bytes Content-Length 706
GET H/1.1	200 OK	gapturf.gif www.millionturfcourse.com/img/ Frame E630	21 KB 21 KB	100ms 20ms	Image image/gif	194.150.236.190 HIWIT_AS
General Check archive.org Show headers Download Go to Show image Full URL https://www.millionturfcourse.com/img/gapturf.gif Requested by Host: www.allosponsor.com URL: http://www.allosponsor.com/cgi-bin/iframe_sponsor.eur?num_site_aff=87753&type=3&affc=1&s=0 Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_256_GCM Server 194.150.236.190 , France, ASN44976 (HIWIT_AS, FR), Reverse DNS ns30.hiwit.net Software Apache / Resource Hash 56af58ee23a0afd0bc76f5e857d0b64a3612bf58715f5cccfb36a5bf71e0246c Security Headers Name Value Strict-Transport-Security max-age=15768000 Request headers Accept-Language fr-FR,fr;q=0.9 Referer http://www.allosponsor.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36 Response headers Date Tue, 01 Feb 2022 15:53:42 GMT Last-Modified Fri, 24 Sep 2021 18:38:10 GMT Server Apache ETag "e9e502-5217-5ccc20c8f6880" Vary Host Content-Type image/gif Connection Keep-Alive Strict-Transport-Security max-age=15768000 Accept-Ranges bytes Keep-Alive timeout=10, max=100 Content-Length 21015
GET H/1.1	200 OK	gapturf.gif www.millionturfcourse.com/img/ Frame 4E8B	21 KB 21 KB	99ms 20ms	Image image/gif	194.150.236.190 HIWIT_AS
General Check archive.org Show headers Download Go to Show image Full URL https://www.millionturfcourse.com/img/gapturf.gif Requested by Host: www.allosponsor.com URL: http://www.allosponsor.com/cgi-bin/iframe_sponsor.eur?num_site_aff=87753&affc=1&s=0 Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_256_GCM Server 194.150.236.190 , France, ASN44976 (HIWIT_AS, FR), Reverse DNS ns30.hiwit.net Software Apache / Resource Hash 56af58ee23a0afd0bc76f5e857d0b64a3612bf58715f5cccfb36a5bf71e0246c Security Headers Name Value Strict-Transport-Security max-age=15768000 Request headers Accept-Language fr-FR,fr;q=0.9 Referer http://www.allosponsor.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36 Response headers Date Tue, 01 Feb 2022 15:53:42 GMT Last-Modified Fri, 24 Sep 2021 18:38:10 GMT Server Apache ETag "e9e502-5217-5ccc20c8f6880" Vary Host Content-Type image/gif Connection Keep-Alive Strict-Transport-Security max-age=15768000 Accept-Ranges bytes Keep-Alive timeout=10, max=100 Content-Length 21015
GET H2	200	analytics.js Show response www.google-analytics.com/	49 KB 20 KB	83ms 24ms	Script text/javascript	2a00:1450:4001:827::200e GOOGLE
General Check archive.org Show headers Download Go to Full URL https://www.google-analytics.com/analytics.js Requested by Host: www.googletagmanager.com URL: https://www.googletagmanager.com/gtm.js?id=GTM-NHFGDSD Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:827::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software Golfe2 / Resource Hash a1925038db769477ab74b4df34350c35688a795bb718727b0f4292a4a78a6210 Security Headers Name Value Strict-Transport-Security max-age=10886400; includeSubDomains; preload X-Content-Type-Options nosniff Request headers Accept-Language fr-FR,fr;q=0.9 Referer http://www.meneurdejeux.powa.fr/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36 Response headers strict-transport-security max-age=10886400; includeSubDomains; preload content-encoding gzip x-content-type-options nosniff last-modified Tue, 02 Nov 2021 17:39:06 GMT server Golfe2 age 6530 date Tue, 01 Feb 2022 14:04:52 GMT vary Accept-Encoding content-type text/javascript cache-control public, max-age=7200 cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 20006 expires Tue, 01 Feb 2022 16:04:52 GMT
POST H2	200	collect Show response www.google-analytics.com/j/	1 B 213 B	33ms 33ms	XHR text/plain	2a00:1450:4001:827::200e GOOGLE
General Check archive.org Show headers Download Go to Full URL https://www.google-analytics.com/j/collect?v=1&_v=j96&a=1526274250&t=pageview&_s=1&dl=http%3A%2F%2Fwww.meneurdejeux.powa.fr%2F&ul=en-us&de=windows-1252&dt=MENEUR%20DE%20JEUX&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=YEBAAEABAAAAAC~&jid=1525323111&gjid=1606714559&cid=218020993.1643730822&tid=UA-135619294-1&_gid=857219203.1643730822&_r=1&gtm=2wg1q0NHFGDSD&cd1=ALS-LIBS-CHECKOUT-15&cd2=1542399&cd3=353252&cd4=(not%20set)&cd5=classic&z=1263058149 Requested by Host: www.google-analytics.com URL: https://www.google-analytics.com/analytics.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:827::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software Golfe2 / Resource Hash 6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b Security Headers Name Value X-Content-Type-Options nosniff Request headers Referer http://www.meneurdejeux.powa.fr/ Accept-Language fr-FR,fr;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36 Content-Type text/plain Response headers pragma no-cache date Tue, 01 Feb 2022 15:53:42 GMT x-content-type-options nosniff last-modified Sun, 17 May 1998 03:00:00 GMT server Golfe2 content-type text/plain access-control-allow-origin http://www.meneurdejeux.powa.fr cache-control no-cache, no-store, must-revalidate access-control-allow-credentials true cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 1 expires Fri, 01 Jan 1990 00:00:00 GMT

39 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| 0 object| 1 object| headID object| cssNode function| allopassButtons number| alreadyrunflag undefined| proto undefined| contentloadtag number| _timer object| dataLayer function| openup boolean| IE boolean| W3C object| currIDb object| currIDs number| xoff number| yoff number| marge_haute number| marge_gauche number| c_height number| c_width function| trackmouse function| stopdrag function| grab_id function| NS6bugfix function| incrzindex function| fermeture function| createPopup number| zctr number| totz object| IDh object| elts object| google_tag_manager object| google_tag_data string| GoogleAnalyticsObject function| ga object| gaplugins object| gaGlobal object| gaData

6 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

			Domain/Path	Expires	Name / Value
			www.meneurdejeux.powa.fr/	1969-12-31 23:59:59	Name: PHPSESSID Value: 267b9629d681195d626009519d2f5348
			payment.allopass.com/	1969-12-31 23:59:59	Name: ShopSessionId Value: 4ec0ddd5-571c-4885-80e3-32d72a5d9324
			.allopass.com/	1970-01-20 09:21:06	Name: AP_CUSK Value: 3553160471
			.powa.fr/	1970-01-20 18:06:42	Name: _ga Value: GA1.2.218020993.1643730822
			.powa.fr/	1970-01-20 00:36:57	Name: _gid Value: GA1.2.857219203.1643730822
			.powa.fr/	1970-01-20 00:35:30	Name: _gat_UA-135619294-1 Value: 1

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

2.bp.blogspot.com
4.bp.blogspot.com
payment.allopass.com
script.starpass.fr
www.allosponsor.com
www.google-analytics.com
www.googletagmanager.com
www.meneurdejeux.powa.fr
www.millionturfcourse.com
www.top-pmu.com
www.turfsupreme.com
185.119.26.1
194.0.255.28
194.150.236.179
194.150.236.190
213.246.57.128
2a00:1450:4001:812::2001
2a00:1450:4001:813::2008
2a00:1450:4001:827::200e
02d2855c8a5417cd637df1e81f781e42ff2b12ad6dffb923a3822f16b5bfa82a
1834df167893cb472a83d164c935cd849de348bb85363eaa914bdb290d8cfb8d
18df3f0fa94f39427ebee0a8ada0faf4c4351c27c1d46ce5682807337b1966ed
21686961b968cc34bd0654b8015b0ebfece1137ec5c089aa1be62ec0bbb49943
273bdebff68dc149488a7896373ffec9749ad9371da44ed3aa6e0815b1e8a69a
2778f885798d67bdf29616e414e69f0f1ab8e198b555f09ff1806a4cc05ca8cc
2caad8fc9a6c30ebd03d9695a1227870dec6d2d3fa69a007eae2d9b7359868e0
2d699893eaadeda4d9439832880eb35bd23642f7f024226c7505b310c4945029
3bf7897c6122f9c0adea1ac770174dde74b0a56e65e432b8e8bb713d5e55fd99
47b967e27c9baaba644bb55cfc1db81f6d9838a2e696ffcd28d81d50920b71ec
4e8a20b63b2e1ad0440e81976f2640c70cd5b7bc55e77d39514ff89993ef0a79
56af58ee23a0afd0bc76f5e857d0b64a3612bf58715f5cccfb36a5bf71e0246c
6857d8543ce3d315ec47e6127d28bfe24af8dd63374d42701dd66d3f58ed44cb
6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b
7dd9659e56e92abc376e04d427903b2cfca1d52d854d38e35fefa4cf9e7fd9db
894cfcbf30440dd1b1a2554dbecfc0653c25149b7ee6ead829461eb4c15bd6eb
8b0d6f3983fff988570ba1f33075ae01eba4fefdecc4bd26e8c32cf47c2649ff
95eb15e76b752a9c78d6281cd3b7c43a8fbc2931783edf3bf3703af55eff06e2
a0710d7ae8f4a0ab076452dc7c3882b1c553ee11603bc5f9cf9dce10400ae1ce
a1925038db769477ab74b4df34350c35688a795bb718727b0f4292a4a78a6210
b20f66c6e80acce4877d4f6cd436b6883790e26814b5badfaed8e782fda21fd6
b57e23b95d2674863d21d3ae612415d566a558f69cc46b7daf3034d976ad3808
cddae8f552ed7a9cc53bce9c430ba158a1000d9123ec5c8f84b00d17a08743a0
e35517b5f1702b7160894574cd5386d66d075c0ed8bd3e0fe74802da5db66b31
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855