urlscan.io logo urlscan.io
SecurityTrails logo

topcouple.vu.cx Open in urlscan Pro
5.135.149.81  Public Scan

Go To Rescan Add Verdict Report
URL: http://topcouple.vu.cx/
Submission: On December 25 via manual from BF — Scanned from FR
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 14 IPs in 4 countries across 13 domains to perform 49 HTTP transactions. The main IP is 5.135.149.81, located in Le Chesnay, France and belongs to OVH, FR. The main domain is topcouple.vu.cx.
This is the only time topcouple.vu.cx was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

10    5.135.149.81 (Le Chesnay, France)

ASN16276 (OVH, FR)
PTR: web3.venez.net
topcouple.vu.cx
www.venez.fr
11    193.37.145.66 (France)

ASN210403 (LWS, FR)
www.lesleaders.com
6    2a00:1450:400d:807::2002 (Ireland)

ASN15169 (GOOGLE, US)
pagead2.googlesyndication.com
4    185.119.26.1 (France)

ASN203544 (WEBDEVIIN-AS, FR)
PTR: 1.26.119.185.in-addr.arpa
payment.allopass.com
1    194.0.255.28 (France)

ASN8218 (NEO-ASN legacy Neotelecoms, FR)
PTR: srv28.bdmultimedia.fr
script.starpass.fr
2    2a00:1450:4001:80f::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
googleads.g.doubleclick.net
1    2a00:1450:400d:806::2002 (Ireland)

ASN15169 (GOOGLE, US)
partner.googleadservices.com
1    2a00:1450:400d:808::2002 (Ireland)

ASN15169 (GOOGLE, US)
adservice.google.fr
1    2a00:1450:400d:802::2002 (Ireland)

ASN15169 (GOOGLE, US)
adservice.google.com
1    2a00:1450:4001:827::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.googletagmanager.com
1    2a00:1450:4001:828::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.google-analytics.com
3    2a00:1450:400d:804::2001 (Ireland)

ASN15169 (GOOGLE, US)
tpc.googlesyndication.com
1    2a00:1450:4001:806::2004 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.google.com
6    2600:9000:214f:9800:b:f280:8a40:93a1 (United States)

ASN16509 (AMAZON-02, US)
d1crle9mdp1ve1.cloudfront.net
Apex Domain
Subdomains		 Transfer
11 lesleaders.com
www.lesleaders.com
333 KB
9 googlesyndication.com
pagead2.googlesyndication.com — Cisco Umbrella Rank: 135
tpc.googlesyndication.com — Cisco Umbrella Rank: 185
207 KB
7 venez.fr
www.venez.fr
9 KB
6 cloudfront.net
d1crle9mdp1ve1.cloudfront.net
84 KB
4 allopass.com
payment.allopass.com
11 KB
3 vu.cx
topcouple.vu.cx
3 KB
2 google.com
adservice.google.com — Cisco Umbrella Rank: 129
www.google.com — Cisco Umbrella Rank: 15
2 KB
2 doubleclick.net
googleads.g.doubleclick.net — Cisco Umbrella Rank: 64
5 KB
1 google-analytics.com
www.google-analytics.com — Cisco Umbrella Rank: 87
20 KB
1 googletagmanager.com
www.googletagmanager.com — Cisco Umbrella Rank: 115
45 KB
1 google.fr
adservice.google.fr — Cisco Umbrella Rank: 19374
792 B
1 googleadservices.com
partner.googleadservices.com — Cisco Umbrella Rank: 1055
694 B
1 starpass.fr
script.starpass.fr
94 KB
49 13
Domain Requested by
11 www.lesleaders.com topcouple.vu.cx
www.lesleaders.com
7 www.venez.fr topcouple.vu.cx
www.venez.fr
6 d1crle9mdp1ve1.cloudfront.net www.lesleaders.com
6 pagead2.googlesyndication.com topcouple.vu.cx
pagead2.googlesyndication.com
tpc.googlesyndication.com
4 payment.allopass.com www.lesleaders.com
payment.allopass.com
3 tpc.googlesyndication.com pagead2.googlesyndication.com
tpc.googlesyndication.com
3 topcouple.vu.cx topcouple.vu.cx
2 googleads.g.doubleclick.net pagead2.googlesyndication.com
1 www.google.com tpc.googlesyndication.com
1 www.google-analytics.com www.googletagmanager.com
1 www.googletagmanager.com payment.allopass.com
1 adservice.google.com pagead2.googlesyndication.com
1 adservice.google.fr pagead2.googlesyndication.com
1 partner.googleadservices.com pagead2.googlesyndication.com
1 script.starpass.fr www.lesleaders.com
49 15

This site contains no links.

Subject Issuer Validity Valid
venez.fr
R3		 2022-12-17 -
2023-03-17		 3 months crt.sh
*.allopass.com
Sectigo RSA Domain Validation Secure Server CA		 2022-10-07 -
2023-10-07		 a year crt.sh
script.starpass.fr
ZeroSSL RSA Domain Secure Site CA		 2022-11-18 -
2023-02-16		 3 months crt.sh
*.g.doubleclick.net
GTS CA 1C3		 2022-11-28 -
2023-02-20		 3 months crt.sh
*.googleadservices.com
GTS CA 1C3		 2022-11-28 -
2023-02-20		 3 months crt.sh
*.google.fr
GTS CA 1C3		 2022-11-28 -
2023-02-20		 3 months crt.sh
*.google.com
GTS CA 1C3		 2022-11-28 -
2023-02-20		 3 months crt.sh
*.google-analytics.com
GTS CA 1C3		 2022-11-28 -
2023-02-20		 3 months crt.sh
tpc.googlesyndication.com
GTS CA 1C3		 2022-11-28 -
2023-02-20		 3 months crt.sh
www.google.com
GTS CA 1C3		 2022-11-28 -
2023-02-20		 3 months crt.sh
*.cloudfront.net
Amazon		 2022-02-01 -
2023-01-31		 a year crt.sh

This page contains 9 frames:

Primary Page: http://topcouple.vu.cx/
Frame ID: 03792558EBCC3C607F694E4E2B1B620A
Requests: 1 HTTP requests in this frame

Frame: http://topcouple.vu.cx/barre-topcouple.vu.cx.html
Frame ID: DC72EBA4D2C985992ADD8377BD739580
Requests: 12 HTTP requests in this frame

Frame: http://www.lesleaders.com/turf/topcouple/
Frame ID: BF77AFAA28ED93833DBF70241D4DA422
Requests: 24 HTTP requests in this frame

Frame: http://topcouple.vu.cx/stats-topcouple.vu.cx.html
Frame ID: B7CCA4B2EF75584E5E2E2C9C2FC81E21
Requests: 1 HTTP requests in this frame

Frame: https://www.venez.fr/alternate-barre.htm
Frame ID: 0E9CF21EF208AF14FC902FCAADCBED63
Requests: 4 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/html/r20221207/r20190131/zrt_lookup.html
Frame ID: B5C1BCD19D87545B2185766DE6CE01F6
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5203714787387788&output=html&h=90&slotname=4563536207&adk=2647235303&adf=3604715433&pi=t.ma~as.4563536207&w=970&format=970x90&url=http%3A%2F%2Ftopcouple.vu.cx%2F&ea=0&wgl=1&dt=1672004644864&bpp=3&bdt=530&idt=380&shv=r20221207&mjsv=m202212070101&ptt=9&saldr=aa&correlator=711535609775&frm=23&ife=1&pv=2&ga_vid=677742222.1672004645&ga_sid=1672004645&ga_hid=2063084470&ga_fc=0&nhd=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&adx=20&ady=0&biw=1600&bih=1200&isw=1600&ish=90&ifk=1976710827&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C44773810%2C31071276%2C44773745%2C44780792&oid=2&pvsid=1228410522051311&tmod=649235809&uas=0&nvt=1&eae=2&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C90&vis=1&rsz=o%7Co%7CaeE%7C&abl=NA&pfx=0&fu=4&bc=23&ifi=1&uci=1.1uuf3anddxb&fsb=1&dtd=398
Frame ID: 6DC7D1B9FEDE37513E6AABF7EC3DC421
Requests: 1 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Frame ID: A23E70468C1A5B34024EF7014900AA21
Requests: 3 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/aframe
Frame ID: AD4472D3D2A69397D04EEF4732581598
Requests: 2 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page Title

TOP COUPLE

Detected technologies

Overall confidence: 100%
Detected patterns
  • googlesyndication\.com/
Overall confidence: 100%
Detected patterns
  • google-analytics\.com/(?:ga|urchin|analytics)\.js
Overall confidence: 100%
Detected patterns
  • googletagmanager\.com/gtm\.js

Page Statistics

49
Requests

69 %
HTTPS

71 %
IPv6

13
Domains

15
Subdomains

14
IPs

4
Countries

815 kB
Transfer

1743 kB
Size

5
Cookies

Redirected requests

There were HTTP redirect chains for the following requests:

49 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Primary Request /
topcouple.vu.cx/ 		3 KB
1 KB 		Document
General
Check archive.org
Download Go to
Full URL
http://topcouple.vu.cx/
Protocol
HTTP/1.1
Server
5.135.149.81 Le Chesnay, France, ASN16276 (OVH, FR),
Reverse DNS
web3.venez.net
Software
Apache /
Resource Hash
70171d8d52d634df170223544bd105a541badef69939fddd86bf64455492e19a

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
accept-language
fr-FR,fr;q=0.9

Response headers

Connection
Keep-Alive
Content-Encoding
gzip
Content-Length
1093
Content-Type
text/html; charset=iso-8859-1
Date
Sun, 25 Dec 2022 21:44:03 GMT
Keep-Alive
timeout=5, max=100
Server
Apache
Vary
Accept-Encoding
barre-topcouple.vu.cx.html
topcouple.vu.cx/ Frame DC72 		3 KB
2 KB 		Document
General
Check archive.org
Download Go to
Full URL
http://topcouple.vu.cx/barre-topcouple.vu.cx.html
Requested by
Host: topcouple.vu.cx
URL: http://topcouple.vu.cx/
Protocol
HTTP/1.1
Server
5.135.149.81 Le Chesnay, France, ASN16276 (OVH, FR),
Reverse DNS
web3.venez.net
Software
Apache /
Resource Hash
30b850783d99e4160296bac23e868551d2e8c13ec6aa08f214bb2e359b1d9e2f

Request headers

Referer
http://topcouple.vu.cx/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
accept-language
fr-FR,fr;q=0.9

Response headers

Cache-Control
no-store, no-cache, must-revalidate post-check=0, pre-check=0
Connection
Keep-Alive
Content-Encoding
gzip
Content-Length
1495
Content-Type
text/html; charset=ISO-8859-1
Date
Sun, 25 Dec 2022 21:44:03 GMT
Expires
Sun, 25 Dec 2022 21:44:03 GMT
Keep-Alive
timeout=5, max=99
Last-Modified
Sun, 25 Dec 2022 21:44:03 GMT
Pragma
no-cache
Server
Apache
Vary
Accept-Encoding
/
www.lesleaders.com/turf/topcouple/ Frame BF77 		11 KB
3 KB 		Document
General
Check archive.org
Download Go to
Full URL
http://www.lesleaders.com/turf/topcouple/
Requested by
Host: topcouple.vu.cx
URL: http://topcouple.vu.cx/
Protocol
HTTP/1.1
Server
193.37.145.66 , France, ASN210403 (LWS, FR),
Reverse DNS
Software
nginx / PHP/5.6.40
Resource Hash
013ef65b8a42c5dc19739adb61c87c4a50bf95237e230bf46458a6a6275f0a4e

Request headers

Referer
http://topcouple.vu.cx/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
accept-language
fr-FR,fr;q=0.9

Response headers

Cache-Control
no-store, no-cache, must-revalidate, post-check=0, pre-check=0
Connection
keep-alive
Content-Encoding
gzip
Content-Length
2917
Content-Type
text/html; charset=UTF-8
Date
Sun, 25 Dec 2022 21:44:04 GMT
Expires
Thu, 19 Nov 1981 08:52:00 GMT
Pragma
no-cache
Server
nginx
Vary
Accept-Encoding
X-Powered-By
PHP/5.6.40
stats-topcouple.vu.cx.html
topcouple.vu.cx/ Frame B7CC 		0
192 B 		Document
General
Check archive.org
Download Go to
Full URL
http://topcouple.vu.cx/stats-topcouple.vu.cx.html
Requested by
Host: topcouple.vu.cx
URL: http://topcouple.vu.cx/
Protocol
HTTP/1.1
Server
5.135.149.81 Le Chesnay, France, ASN16276 (OVH, FR),
Reverse DNS
web3.venez.net
Software
Apache /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
http://topcouple.vu.cx/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
accept-language
fr-FR,fr;q=0.9

Response headers

Connection
Keep-Alive
Content-Length
0
Content-Type
text/html; charset=iso-8859-1
Date
Sun, 25 Dec 2022 21:44:03 GMT
Keep-Alive
timeout=5, max=100
Server
Apache
site.js
www.venez.fr/js/ Frame DC72 		2 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.venez.fr/js/site.js?www.venez.fr
Requested by
Host: topcouple.vu.cx
URL: http://topcouple.vu.cx/barre-topcouple.vu.cx.html
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
5.135.149.81 Le Chesnay, France, ASN16276 (OVH, FR),
Reverse DNS
web3.venez.net
Software
Apache /
Resource Hash
0c91a24c2deb753c963c48cd9c3e5d16ee96128b30bce193c4324e121728c306

Request headers

accept-language
fr-FR,fr;q=0.9
Referer
http://topcouple.vu.cx/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

Date
Sun, 25 Dec 2022 21:44:03 GMT
Content-Encoding
gzip
Last-Modified
Sun, 25 Dec 2022 21:44:03 GMT
Server
Apache
Vary
Accept-Encoding
Content-Type
application/javascript
Cache-Control
public, max-age=604800
Connection
Keep-Alive
Keep-Alive
timeout=5, max=100
Content-Length
1023
Expires
Sun, 01 Jan 2023 21:44:03 GMT
separateur90.gif
www.venez.fr/images/ Frame DC72 		82 B
388 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.venez.fr/images/separateur90.gif
Requested by
Host: topcouple.vu.cx
URL: http://topcouple.vu.cx/barre-topcouple.vu.cx.html
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
5.135.149.81 Le Chesnay, France, ASN16276 (OVH, FR),
Reverse DNS
web3.venez.net
Software
Apache /
Resource Hash
3289fc83b622ca0a13683fa81b006a05de135d1938744d6e30e5c9be2f2d782a

Request headers

accept-language
fr-FR,fr;q=0.9
Referer
http://topcouple.vu.cx/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

Date
Sun, 25 Dec 2022 21:44:03 GMT
Last-Modified
Thu, 15 Nov 2018 22:11:22 GMT
Server
Apache
ETag
"52-57abb54b25680"
Content-Type
image/gif
Cache-Control
max-age=604800, public
Connection
Keep-Alive
Accept-Ranges
bytes
Keep-Alive
timeout=5, max=100
Content-Length
82
adsbygoogle.js
pagead2.googlesyndication.com/pagead/js/ Frame DC72 		144 KB
51 KB 		Script
General
Check archive.org
Download Go to
Full URL
http://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js
Requested by
Host: topcouple.vu.cx
URL: http://topcouple.vu.cx/barre-topcouple.vu.cx.html
Protocol
HTTP/1.1
Server
2a00:1450:400d:807::2002 , Ireland, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
a0ef480526209200a6cad3ba5c7510f5a344d76f62a1d2e158a37fe800a4356b
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
fr-FR,fr;q=0.9
Referer
http://topcouple.vu.cx/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

Date
Sun, 25 Dec 2022 21:44:04 GMT
Content-Encoding
gzip
X-Content-Type-Options
nosniff
P3P
policyref="http://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
Cross-Origin-Resource-Policy
cross-origin
Content-Disposition
attachment; filename="f.txt"
Content-Length
52093
X-XSS-Protection
0
Server
cafe
ETag
7422041556404200479
Vary
Accept-Encoding
Content-Type
text/javascript; charset=UTF-8
Access-Control-Allow-Origin
*
Cache-Control
private, max-age=3600
Timing-Allow-Origin
*
Expires
Sun, 25 Dec 2022 21:44:04 GMT
a1.jpg
www.lesleaders.com/turf/topcouple/images/ Frame BF77 		54 KB
54 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
http://www.lesleaders.com/turf/topcouple/images/a1.jpg
Requested by
Host: www.lesleaders.com
URL: http://www.lesleaders.com/turf/topcouple/
Protocol
HTTP/1.1
Server
193.37.145.66 , France, ASN210403 (LWS, FR),
Reverse DNS
Software
nginx /
Resource Hash
5f612f22ad1e20f8991548e8b3027865fb994dc74d8f254d5a4379cd397777bd

Request headers

accept-language
fr-FR,fr;q=0.9
Referer
http://www.lesleaders.com/turf/topcouple/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

Date
Sun, 25 Dec 2022 21:44:04 GMT
Last-Modified
Tue, 17 Aug 2021 14:00:40 GMT
Server
nginx
ETag
"d742-5c9c1be33eadf"
Content-Type
image/jpeg
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
55106
logo.gif
www.lesleaders.com/img/ Frame BF77 		30 KB
30 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
http://www.lesleaders.com/img/logo.gif
Requested by
Host: www.lesleaders.com
URL: http://www.lesleaders.com/turf/topcouple/
Protocol
HTTP/1.1
Server
193.37.145.66 , France, ASN210403 (LWS, FR),
Reverse DNS
Software
nginx /
Resource Hash
8c9ff7c5b615fba96821177236b13d95ac0b7b2c67da14f8f3846be6d1b7eb6e

Request headers

accept-language
fr-FR,fr;q=0.9
Referer
http://www.lesleaders.com/turf/topcouple/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

Date
Sun, 25 Dec 2022 21:44:04 GMT
Last-Modified
Thu, 29 Aug 2019 11:44:42 GMT
Server
nginx
ETag
"7775-5914008050804"
Content-Type
image/gif
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
30581
zeturf.gif
www.lesleaders.com/turf/topcouple/ Frame BF77 		21 KB
21 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
http://www.lesleaders.com/turf/topcouple/zeturf.gif
Requested by
Host: www.lesleaders.com
URL: http://www.lesleaders.com/turf/topcouple/
Protocol
HTTP/1.1
Server
193.37.145.66 , France, ASN210403 (LWS, FR),
Reverse DNS
Software
nginx /
Resource Hash
801b6007b856e6b14a9772fa15a3e3ac80ee68a6005131685701f9020bbc04b5

Request headers

accept-language
fr-FR,fr;q=0.9
Referer
http://www.lesleaders.com/turf/topcouple/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

Date
Sun, 25 Dec 2022 21:44:04 GMT
Last-Modified
Tue, 17 Aug 2021 14:00:37 GMT
Server
nginx
ETag
"53ab-5c9c1be0420a8"
Content-Type
image/gif
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
21419
img2.jpg
www.lesleaders.com/turf/topcouple/images/ Frame BF77 		68 KB
68 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
http://www.lesleaders.com/turf/topcouple/images/img2.jpg
Requested by
Host: www.lesleaders.com
URL: http://www.lesleaders.com/turf/topcouple/
Protocol
HTTP/1.1
Server
193.37.145.66 , France, ASN210403 (LWS, FR),
Reverse DNS
Software
nginx /
Resource Hash
5c5ab61051be558678cb833560ea4e6b014eef6f09e6df38ddfca91c8c927261

Request headers

accept-language
fr-FR,fr;q=0.9
Referer
http://www.lesleaders.com/turf/topcouple/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

Date
Sun, 25 Dec 2022 21:44:04 GMT
Last-Modified
Tue, 17 Aug 2021 14:00:43 GMT
Server
nginx
ETag
"10fa4-5c9c1be5ffbf8"
Content-Type
image/jpeg
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
69540
checkout.apu
payment.allopass.com/buy/ Frame BF77 		11 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://payment.allopass.com/buy/checkout.apu?ids=357179&idd=1558072&lang=fr
Requested by
Host: www.lesleaders.com
URL: http://www.lesleaders.com/turf/topcouple/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
185.119.26.1 , France, ASN203544 (WEBDEVIIN-AS, FR),
Reverse DNS
1.26.119.185.in-addr.arpa
Software
Apache /
Resource Hash
a24e3346a6e2b965727afe9773b9284dbae82a99a329930ed4d22e8492460b0e

Request headers

accept-language
fr-FR,fr;q=0.9
Referer
http://www.lesleaders.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

Pragma
no-cache
Date
Sun, 25 Dec 2022 21:44:04 GMT
Content-Encoding
gzip
Server
Apache
Vary
Accept-Encoding
P3P
CP='NON NID OTPa OUR NOR' policy-ref='http://payment.allopass.com/info/p3p/policy-references.xml'
Content-Type
text/html
Cache-Control
no-store, no-cache, must-revalidate, post-check=0, pre-check=0
Connection
close
Content-Length
2960
Expires
Thu, 19 Nov 1981 08:52:00 GMT
script.php
script.starpass.fr/ Frame BF77 		533 KB
94 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://script.starpass.fr/script.php?idd=443716&datas=
Requested by
Host: www.lesleaders.com
URL: http://www.lesleaders.com/turf/topcouple/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
194.0.255.28 , France, ASN8218 (NEO-ASN legacy Neotelecoms, FR),
Reverse DNS
srv28.bdmultimedia.fr
Software
Apache /
Resource Hash
8d0496ce7f7442400c9cf7de629dbbcc47e1d591aeb6e2e3db2e2b923b43e5ac

Request headers

accept-language
fr-FR,fr;q=0.9
Referer
http://www.lesleaders.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

Date
Sun, 25 Dec 2022 21:43:24 GMT
Content-Encoding
gzip
Server
Apache
Vary
Accept-Encoding,User-Agent
Transfer-Encoding
chunked
Content-Type
text/html; charset=UTF-8
Connection
Keep-Alive
Keep-Alive
timeout=2, max=100
img1a.jpg
www.lesleaders.com/turf/topcouple/images/ Frame BF77 		90 KB
90 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
http://www.lesleaders.com/turf/topcouple/images/img1a.jpg
Requested by
Host: www.lesleaders.com
URL: http://www.lesleaders.com/turf/topcouple/
Protocol
HTTP/1.1
Server
193.37.145.66 , France, ASN210403 (LWS, FR),
Reverse DNS
Software
nginx /
Resource Hash
0b78fa0ce366b66b8932c56c3af7ec7edbf58a72c5e55c01a1713bb20c7d1ddb

Request headers

accept-language
fr-FR,fr;q=0.9
Referer
http://www.lesleaders.com/turf/topcouple/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

Date
Sun, 25 Dec 2022 21:44:04 GMT
Last-Modified
Tue, 17 Aug 2021 14:00:42 GMT
Server
nginx
ETag
"16619-5c9c1be5925fe"
Content-Type
image/jpeg
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
91673
a2.jpg
www.lesleaders.com/turf/topcouple/images/ Frame BF77 		17 KB
17 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
http://www.lesleaders.com/turf/topcouple/images/a2.jpg
Requested by
Host: www.lesleaders.com
URL: http://www.lesleaders.com/turf/topcouple/
Protocol
HTTP/1.1
Server
193.37.145.66 , France, ASN210403 (LWS, FR),
Reverse DNS
Software
nginx /
Resource Hash
c112d031665794a10448816efdb20fd55aa258af58adc14cbca9b01d82495b3e

Request headers

accept-language
fr-FR,fr;q=0.9
Referer
http://www.lesleaders.com/turf/topcouple/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

Date
Sun, 25 Dec 2022 21:44:04 GMT
Last-Modified
Tue, 17 Aug 2021 14:00:40 GMT
Server
nginx
ETag
"43b2-5c9c1be31b860"
Content-Type
image/jpeg
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
17330
/
www.lesleaders.com/turf/topcouple/ Frame BF77 		11 KB
11 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
http://www.lesleaders.com/turf/topcouple/
Requested by
Host: www.lesleaders.com
URL: http://www.lesleaders.com/turf/topcouple/
Protocol
HTTP/1.1
Server
193.37.145.66 , France, ASN210403 (LWS, FR),
Reverse DNS
Software
nginx / PHP/5.6.40
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
fr-FR,fr;q=0.9
Referer
http://www.lesleaders.com/turf/topcouple/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

Pragma
no-cache
Date
Sun, 25 Dec 2022 21:44:04 GMT
Content-Encoding
gzip
Server
nginx
X-Powered-By
PHP/5.6.40
Vary
Accept-Encoding
Content-Type
text/html; charset=UTF-8
Cache-Control
no-store, no-cache, must-revalidate, post-check=0, pre-check=0
Connection
keep-alive
Content-Length
2917
Expires
Thu, 19 Nov 1981 08:52:00 GMT
arm.jpg
www.lesleaders.com/turf/topcouple/images/ Frame BF77 		4 KB
4 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
http://www.lesleaders.com/turf/topcouple/images/arm.jpg
Requested by
Host: www.lesleaders.com
URL: http://www.lesleaders.com/turf/topcouple/
Protocol
HTTP/1.1
Server
193.37.145.66 , France, ASN210403 (LWS, FR),
Reverse DNS
Software
nginx /
Resource Hash
18afbb827530ab5aa1c4a9ae99726259a20db6cea3c92fe70521cf3051956ef8

Request headers

accept-language
fr-FR,fr;q=0.9
Referer
http://www.lesleaders.com/turf/topcouple/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

Date
Sun, 25 Dec 2022 21:44:04 GMT
Last-Modified
Tue, 17 Aug 2021 14:00:40 GMT
Server
nginx
ETag
"10bb-5c9c1be3a14f9"
Content-Type
image/jpeg
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
4283
course.jpg
www.lesleaders.com/turf/topcouple/medias/ Frame BF77 		1 KB
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
http://www.lesleaders.com/turf/topcouple/medias/course.jpg
Requested by
Host: www.lesleaders.com
URL: http://www.lesleaders.com/turf/topcouple/
Protocol
HTTP/1.1
Server
193.37.145.66 , France, ASN210403 (LWS, FR),
Reverse DNS
Software
nginx /
Resource Hash
7beddacd8e604a82f931e120557fd4e25fbe9c0b4d9aead927e1b588d3e59663

Request headers

accept-language
fr-FR,fr;q=0.9
Referer
http://www.lesleaders.com/turf/topcouple/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

Date
Sun, 25 Dec 2022 21:44:04 GMT
Content-Encoding
gzip
Server
nginx
Connection
keep-alive
Transfer-Encoding
chunked
Content-Type
text/html
arnum.png
www.lesleaders.com/turf/topcouple/images/ Frame BF77 		32 KB
32 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
http://www.lesleaders.com/turf/topcouple/images/arnum.png
Requested by
Host: www.lesleaders.com
URL: http://www.lesleaders.com/turf/topcouple/
Protocol
HTTP/1.1
Server
193.37.145.66 , France, ASN210403 (LWS, FR),
Reverse DNS
Software
nginx /
Resource Hash
6e4bdaf71020d0a543a882af40794dde5192da22ca839c7cf46f608a21e680e6

Request headers

accept-language
fr-FR,fr;q=0.9
Referer
http://www.lesleaders.com/turf/topcouple/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

Date
Sun, 25 Dec 2022 21:44:04 GMT
Last-Modified
Tue, 17 Aug 2021 14:00:41 GMT
Server
nginx
ETag
"805e-5c9c1be3f0695"
Content-Type
image/png
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
32862
alternate-barre.htm
www.venez.fr/ Frame 0E9C 		2 KB
1 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://www.venez.fr/alternate-barre.htm
Requested by
Host: topcouple.vu.cx
URL: http://topcouple.vu.cx/barre-topcouple.vu.cx.html
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
5.135.149.81 Le Chesnay, France, ASN16276 (OVH, FR),
Reverse DNS
web3.venez.net
Software
Apache /
Resource Hash
85ca9bb53cefa288cbb5f75f620ae7654be082e26b63c910b1901ca6305b935b

Request headers

Referer
http://topcouple.vu.cx/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
accept-language
fr-FR,fr;q=0.9

Response headers

Connection
Keep-Alive
Content-Encoding
gzip
Content-Length
872
Content-Type
text/html; charset=iso-8859-1
Date
Sun, 25 Dec 2022 21:44:03 GMT
Keep-Alive
timeout=5, max=99
Server
Apache
Vary
Accept-Encoding
barre90.gif
www.venez.fr/images/ Frame DC72 		110 B
416 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.venez.fr/images/barre90.gif
Requested by
Host: topcouple.vu.cx
URL: http://topcouple.vu.cx/barre-topcouple.vu.cx.html
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
5.135.149.81 Le Chesnay, France, ASN16276 (OVH, FR),
Reverse DNS
web3.venez.net
Software
Apache /
Resource Hash
49d4ba84e10d9d1f2a83956dde4f20625fd11efc01f60a3a4552a9e09a05a74f

Request headers

accept-language
fr-FR,fr;q=0.9
Referer
http://topcouple.vu.cx/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

Date
Sun, 25 Dec 2022 21:44:03 GMT
Last-Modified
Thu, 15 Nov 2018 22:06:23 GMT
Server
Apache
ETag
"6e-57abb42dff5c0"
Content-Type
image/gif
Cache-Control
max-age=604800, public
Connection
Keep-Alive
Accept-Ranges
bytes
Keep-Alive
timeout=5, max=99
Content-Length
110
120x60.gif
www.venez.fr/images/ Frame 0E9C 		4 KB
4 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.venez.fr/images/120x60.gif
Requested by
Host: www.venez.fr
URL: https://www.venez.fr/alternate-barre.htm
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
5.135.149.81 Le Chesnay, France, ASN16276 (OVH, FR),
Reverse DNS
web3.venez.net
Software
Apache /
Resource Hash
7dc792d48132ff15a9ad8c11a139bf26f8e13aa3df30a71582ae406ddffdab4f

Request headers

accept-language
fr-FR,fr;q=0.9
Referer
https://www.venez.fr/alternate-barre.htm
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

Date
Sun, 25 Dec 2022 21:44:03 GMT
Last-Modified
Wed, 02 Mar 2011 00:16:24 GMT
Server
Apache
ETag
"f4c-49d74d2b9c600"
Content-Type
image/gif
Cache-Control
max-age=604800, public
Connection
Keep-Alive
Accept-Ranges
bytes
Keep-Alive
timeout=5, max=98
Content-Length
3916
site.js
www.venez.fr/js/ Frame 0E9C 		2 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.venez.fr/js/site.js?www.venez.fr
Requested by
Host: www.venez.fr
URL: https://www.venez.fr/alternate-barre.htm
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
5.135.149.81 Le Chesnay, France, ASN16276 (OVH, FR),
Reverse DNS
web3.venez.net
Software
Apache /
Resource Hash
0c91a24c2deb753c963c48cd9c3e5d16ee96128b30bce193c4324e121728c306

Request headers

accept-language
fr-FR,fr;q=0.9
Referer
https://www.venez.fr/alternate-barre.htm
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

Date
Sun, 25 Dec 2022 21:44:03 GMT
Content-Encoding
gzip
Last-Modified
Sun, 25 Dec 2022 21:44:03 GMT
Server
Apache
Vary
Accept-Encoding
Content-Type
application/javascript
Cache-Control
public, max-age=604800
Connection
Keep-Alive
Keep-Alive
timeout=5, max=98
Content-Length
1023
Expires
Sun, 01 Jan 2023 21:44:03 GMT
barre90.gif
www.venez.fr/images/ Frame 0E9C 		110 B
416 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.venez.fr/images/barre90.gif
Requested by
Host: www.venez.fr
URL: https://www.venez.fr/alternate-barre.htm
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
5.135.149.81 Le Chesnay, France, ASN16276 (OVH, FR),
Reverse DNS
web3.venez.net
Software
Apache /
Resource Hash
49d4ba84e10d9d1f2a83956dde4f20625fd11efc01f60a3a4552a9e09a05a74f

Request headers

accept-language
fr-FR,fr;q=0.9
Referer
https://www.venez.fr/alternate-barre.htm
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

Date
Sun, 25 Dec 2022 21:44:03 GMT
Last-Modified
Thu, 15 Nov 2018 22:06:23 GMT
Server
Apache
ETag
"6e-57abb42dff5c0"
Content-Type
image/gif
Cache-Control
max-age=604800, public
Connection
Keep-Alive
Accept-Ranges
bytes
Keep-Alive
timeout=5, max=97
Content-Length
110
show_ads_impl_with_ama_fy2021.js
pagead2.googlesyndication.com/pagead/managed/js/adsense/m202212070101/ Frame DC72 		355 KB
118 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202212070101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-5203714787387788&plah=topcouple.vu.cx&bust=31071276
Requested by
Host: pagead2.googlesyndication.com
URL: http://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:400d:807::2002 , Ireland, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
83620838976ba9b68e5b7d091fecdc40e89f60bc17717984b06c3aa8a3be57a4
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
fr-FR,fr;q=0.9
Referer
http://topcouple.vu.cx/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Sun, 25 Dec 2022 21:44:05 GMT
content-encoding
br
x-content-type-options
nosniff
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
119791
x-xss-protection
0
server
cafe
etag
15242275470772383339
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
cache-control
private, max-age=3600, stale-while-revalidate=3600
timing-allow-origin
*
expires
Sun, 25 Dec 2022 21:44:05 GMT
zrt_lookup.html
googleads.g.doubleclick.net/pagead/html/r20221207/r20190131/ Frame B5C1 		10 KB
5 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/html/r20221207/r20190131/zrt_lookup.html
Requested by
Host: pagead2.googlesyndication.com
URL: http://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
9da238ca619f3bf71312de3c9c913c653941ada56cb5e1601aafb6094ae51cdc
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
http://topcouple.vu.cx/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
accept-language
fr-FR,fr;q=0.9

Response headers

age
35804
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
public, max-age=1209600
content-encoding
br
content-length
4242
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Sun, 25 Dec 2022 11:47:20 GMT
etag
10353107486223812946
expires
Sun, 08 Jan 2023 11:47:20 GMT
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server
cafe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
cookie.js
partner.googleadservices.com/gampad/ Frame DC72 		377 B
694 B 		Script
General
Check archive.org
Download Go to
Full URL
https://partner.googleadservices.com/gampad/cookie.js?domain=topcouple.vu.cx&callback=_gfp_s_&client=ca-pub-5203714787387788&gpid_exp=1
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202212070101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-5203714787387788&plah=topcouple.vu.cx&bust=31071276
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:400d:806::2002 , Ireland, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
604a4bdbe6c6fb461e25d74c35188cfcef69e46bfc11cd9d635ea7b516b075b1
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
fr-FR,fr;q=0.9
Referer
http://topcouple.vu.cx/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Sun, 25 Dec 2022 21:44:05 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-type
text/javascript; charset=UTF-8
cache-control
private
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
249
x-xss-protection
0
integrator.js
adservice.google.fr/adsid/ Frame DC72 		107 B
792 B 		Script
General
Check archive.org
Download Go to
Full URL
https://adservice.google.fr/adsid/integrator.js?domain=topcouple.vu.cx
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202212070101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-5203714787387788&plah=topcouple.vu.cx&bust=31071276
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:400d:808::2002 , Ireland, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
fr-FR,fr;q=0.9
Referer
http://topcouple.vu.cx/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Sun, 25 Dec 2022 21:44:05 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
content-type
application/javascript; charset=UTF-8
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control
private, no-cache, no-store
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length
100
x-xss-protection
0
integrator.js
adservice.google.com/adsid/ Frame DC72 		107 B
549 B 		Script
General
Check archive.org
Download Go to
Full URL
https://adservice.google.com/adsid/integrator.js?domain=topcouple.vu.cx
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202212070101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-5203714787387788&plah=topcouple.vu.cx&bust=31071276
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:400d:802::2002 , Ireland, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
fr-FR,fr;q=0.9
Referer
http://topcouple.vu.cx/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Sun, 25 Dec 2022 21:44:05 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
content-type
application/javascript; charset=UTF-8
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control
private, no-cache, no-store
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
100
x-xss-protection
0
ads
googleads.g.doubleclick.net/pagead/ Frame 6DC7 		436 B
408 B 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5203714787387788&output=html&h=90&slotname=4563536207&adk=2647235303&adf=3604715433&pi=t.ma~as.4563536207&w=970&format=970x90&url=http%3A%2F%2Ftopcouple.vu.cx%2F&ea=0&wgl=1&dt=1672004644864&bpp=3&bdt=530&idt=380&shv=r20221207&mjsv=m202212070101&ptt=9&saldr=aa&correlator=711535609775&frm=23&ife=1&pv=2&ga_vid=677742222.1672004645&ga_sid=1672004645&ga_hid=2063084470&ga_fc=0&nhd=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&adx=20&ady=0&biw=1600&bih=1200&isw=1600&ish=90&ifk=1976710827&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C44773810%2C31071276%2C44773745%2C44780792&oid=2&pvsid=1228410522051311&tmod=649235809&uas=0&nvt=1&eae=2&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C90&vis=1&rsz=o%7Co%7CaeE%7C&abl=NA&pfx=0&fu=4&bc=23&ifi=1&uci=1.1uuf3anddxb&fsb=1&dtd=398
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202212070101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-5203714787387788&plah=topcouple.vu.cx&bust=31071276
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
0201bf50f2f01c351b9ad578cb7ecfb98241b6476cd33a8780f8ffb9b2024629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
http://topcouple.vu.cx/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
accept-language
fr-FR,fr;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
private
content-encoding
br
content-length
209
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Sun, 25 Dec 2022 21:44:05 GMT
expires
Sun, 25 Dec 2022 21:44:05 GMT
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server
cafe
timing-allow-origin
*
x-content-type-options
nosniff
x-xss-protection
0
gtm.js
www.googletagmanager.com/ Frame BF77 		115 KB
45 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtm.js?id=GTM-NHFGDSD
Requested by
Host: payment.allopass.com
URL: https://payment.allopass.com/buy/checkout.apu?ids=357179&idd=1558072&lang=fr
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:827::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
f8f4e3281fa5c88a24cf10c7f7434fb4aa2256b726f39874385df1193e3c7e8f
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

accept-language
fr-FR,fr;q=0.9
Referer
http://www.lesleaders.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Sun, 25 Dec 2022 21:44:05 GMT
content-encoding
br
strict-transport-security
max-age=31536000; includeSubDomains
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
45380
x-xss-protection
0
last-modified
Sun, 25 Dec 2022 21:00:00 GMT
server
Google Tag Manager
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
access-control-allow-headers
Cache-Control
expires
Sun, 25 Dec 2022 21:44:05 GMT
buy-button.css
payment.allopass.com/static/css/ Frame BF77 		2 KB
830 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://payment.allopass.com/static/css/buy-button.css?1
Requested by
Host: payment.allopass.com
URL: https://payment.allopass.com/buy/checkout.apu?ids=357179&idd=1558072&lang=fr
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
185.119.26.1 , France, ASN203544 (WEBDEVIIN-AS, FR),
Reverse DNS
1.26.119.185.in-addr.arpa
Software
Apache /
Resource Hash
95eb15e76b752a9c78d6281cd3b7c43a8fbc2931783edf3bf3703af55eff06e2

Request headers

accept-language
fr-FR,fr;q=0.9
Referer
http://www.lesleaders.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

Date
Sun, 25 Dec 2022 21:44:05 GMT
Content-Encoding
gzip
Last-Modified
Tue, 16 Nov 2021 13:36:55 GMT
Server
Apache
ETag
"215fd-69a-5d0e804cbabc0"
Vary
Accept-Encoding
Content-Type
text/css
Connection
close
Accept-Ranges
bytes
Content-Length
546
162x56.png
payment.allopass.com/static/buy/button/fr/ Frame BF77 		6 KB
6 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://payment.allopass.com/static/buy/button/fr/162x56.png
Requested by
Host: www.lesleaders.com
URL: http://www.lesleaders.com/turf/topcouple/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
185.119.26.1 , France, ASN203544 (WEBDEVIIN-AS, FR),
Reverse DNS
1.26.119.185.in-addr.arpa
Software
Apache /
Resource Hash
7dd9659e56e92abc376e04d427903b2cfca1d52d854d38e35fefa4cf9e7fd9db

Request headers

accept-language
fr-FR,fr;q=0.9
Referer
http://www.lesleaders.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

Date
Sun, 25 Dec 2022 21:44:05 GMT
Last-Modified
Tue, 16 Nov 2021 13:36:55 GMT
Server
Apache
ETag
"218f3-1688-5d0e804cbabc0"
Content-Type
image/png
Connection
close
Accept-Ranges
bytes
Content-Length
5768
bt_ok.gif
payment.allopass.com/imgweb/common/ Frame BF77 		753 B
991 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://payment.allopass.com/imgweb/common/bt_ok.gif
Requested by
Host: www.lesleaders.com
URL: http://www.lesleaders.com/turf/topcouple/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
185.119.26.1 , France, ASN203544 (WEBDEVIIN-AS, FR),
Reverse DNS
1.26.119.185.in-addr.arpa
Software
Apache /
Resource Hash
d1d6b5efe0d6c2540778435a8f7873cbec1eb76a2b107370388a8806cb5dda6a

Request headers

accept-language
fr-FR,fr;q=0.9
Referer
http://www.lesleaders.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

Date
Sun, 25 Dec 2022 21:44:05 GMT
Last-Modified
Tue, 26 Nov 2019 14:39:46 GMT
Server
Apache
ETag
"22a09-2f1-59840d9fb3080"
Content-Type
image/gif
Connection
close
Accept-Ranges
bytes
Content-Length
753
analytics.js
www.google-analytics.com/ Frame BF77 		49 KB
20 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/analytics.js
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-NHFGDSD
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:828::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
b42e4a056cb5b80c5a315040826866445ec9332f0749e184509ab2d9d3b86719
Security Headers
Name Value
Strict-Transport-Security max-age=10886400; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
fr-FR,fr;q=0.9
Referer
http://www.lesleaders.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

strict-transport-security
max-age=10886400; includeSubDomains; preload
content-encoding
gzip
x-content-type-options
nosniff
date
Sun, 25 Dec 2022 19:50:44 GMT
last-modified
Tue, 27 Sep 2022 22:01:05 GMT
server
Golfe2
age
6801
vary
Accept-Encoding
content-type
text/javascript
cache-control
public, max-age=7200
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
20039
expires
Sun, 25 Dec 2022 21:50:44 GMT
sodar
pagead2.googlesyndication.com/getconfig/ Frame DC72 		14 KB
11 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gda&tv=r20221207&st=env
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202212070101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-5203714787387788&plah=topcouple.vu.cx&bust=31071276
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:400d:807::2002 , Ireland, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
66ee2907d4360a501571731c0eb35d51100049b7708ccdac9eee1b6e25995d87
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
fr-FR,fr;q=0.9
Referer
http://topcouple.vu.cx/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Sun, 25 Dec 2022 21:44:05 GMT
content-encoding
br
x-content-type-options
nosniff
server
cafe
content-type
application/json; charset=UTF-8
access-control-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
11160
x-xss-protection
0
sodar2.js
tpc.googlesyndication.com/sodar/ Frame DC72 		17 KB
7 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/sodar2.js
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202212070101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-5203714787387788&plah=topcouple.vu.cx&bust=31071276
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:400d:804::2001 , Ireland, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
fr-FR,fr;q=0.9
Referer
http://topcouple.vu.cx/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Sun, 25 Dec 2022 21:44:05 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
6386
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
etag
"1637097310169751"
vary
Accept-Encoding
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
expires
Sun, 25 Dec 2022 21:44:05 GMT
runner.html
tpc.googlesyndication.com/sodar/sodar2/225/ Frame A23E 		13 KB
5 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:400d:804::2001 , Ireland, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
http://topcouple.vu.cx/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
accept-language
fr-FR,fr;q=0.9

Response headers

accept-ranges
bytes
age
417933
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
public, max-age=31536000
content-encoding
gzip
content-length
5046
content-type
text/html
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy
cross-origin
date
Wed, 21 Dec 2022 01:38:33 GMT
expires
Thu, 21 Dec 2023 01:38:33 GMT
last-modified
Mon, 21 Jun 2021 20:47:05 GMT
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server
sffe
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
aframe
www.google.com/recaptcha/api2/ Frame AD44 		783 B
1 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://www.google.com/recaptcha/api2/aframe
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:806::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
GSE /
Resource Hash
717756dd4f8f31cadee77814d8c38aa9e159f5deef85b7c6cd4cf648a2b613f0
Security Headers
Name Value
Content-Security-Policy script-src 'report-sample' 'nonce-ZsAr6NaeNTOUE0Fx2wO2Kw' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
http://topcouple.vu.cx/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
accept-language
fr-FR,fr;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
private, max-age=300
content-encoding
gzip
content-length
513
content-security-policy
script-src 'report-sample' 'nonce-ZsAr6NaeNTOUE0Fx2wO2Kw' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-type
text/html; charset=utf-8
cross-origin-embedder-policy
require-corp
cross-origin-resource-policy
cross-origin
date
Sun, 25 Dec 2022 21:44:06 GMT
expires
Sun, 25 Dec 2022 21:44:06 GMT
report-to
{"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
server
GSE
x-content-type-options
nosniff
x-xss-protection
1; mode=block
spritev3.png
d1crle9mdp1ve1.cloudfront.net/script/v3/themes/default_blue/images/ Frame BF77 		10 KB
10 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://d1crle9mdp1ve1.cloudfront.net/script/v3/themes/default_blue/images/spritev3.png
Requested by
Host: www.lesleaders.com
URL: http://www.lesleaders.com/turf/topcouple/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:214f:9800:b:f280:8a40:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Apache /
Resource Hash
f61a5853e0d521650c49841a7eaa276055806233c503f55ffa9d0015e7940874

Request headers

accept-language
fr-FR,fr;q=0.9
Referer
http://www.lesleaders.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

Date
Sat, 26 Nov 2022 11:15:49 GMT
Via
1.1 8d31bbd9d6638cdacab37047b8045da4.cloudfront.net (CloudFront)
Last-Modified
Wed, 25 Sep 2013 06:45:43 GMT
Server
Apache
X-Amz-Cf-Pop
FRA53-C1
Age
2543257
X-Cache
Hit from cloudfront
Content-Type
image/png
Cache-Control
max-age=2678400
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
10005
X-Amz-Cf-Id
PLCKm8WD6Opat9URBdd9HgGvLmGEaOeD4PzH7GMpHO-51GhBYlkClA==
Expires
Tue, 27 Dec 2022 11:15:49 GMT
kit-micropaiement-starpass-logo.png
d1crle9mdp1ve1.cloudfront.net/script/v3/themes/default_blue/images/ Frame BF77 		14 KB
15 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://d1crle9mdp1ve1.cloudfront.net/script/v3/themes/default_blue/images/kit-micropaiement-starpass-logo.png
Requested by
Host: www.lesleaders.com
URL: http://www.lesleaders.com/turf/topcouple/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:214f:9800:b:f280:8a40:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Apache /
Resource Hash
16b75ffef6575fb4a8392662d6f4cbc1ce9731090c344d9275aa18c1bf4d22f8

Request headers

accept-language
fr-FR,fr;q=0.9
Referer
http://www.lesleaders.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

Date
Tue, 29 Nov 2022 01:36:58 GMT
Via
1.1 ab39b007ab81966ada6e7fb1536bf376.cloudfront.net (CloudFront)
Last-Modified
Wed, 25 Sep 2013 06:45:43 GMT
Server
Apache
X-Amz-Cf-Pop
FRA53-C1
Age
2318788
X-Cache
Hit from cloudfront
Content-Type
image/png
Cache-Control
max-age=2678400
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
14648
X-Amz-Cf-Id
58V99kRQXINHggNqTEzswRYcBA9_7fdNe5kL-ru64SaVclKkXCOVCg==
Expires
Fri, 30 Dec 2022 01:36:58 GMT
sprite-solution-v3.3.png
d1crle9mdp1ve1.cloudfront.net/script/v3/themes/default/images/ Frame BF77 		10 KB
10 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://d1crle9mdp1ve1.cloudfront.net/script/v3/themes/default/images/sprite-solution-v3.3.png
Requested by
Host: www.lesleaders.com
URL: http://www.lesleaders.com/turf/topcouple/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:214f:9800:b:f280:8a40:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Apache /
Resource Hash
69fc9bfe3dda05ea6979425fce9cdc5f36ed97b8464700cc2bcd269e7b6900bc

Request headers

accept-language
fr-FR,fr;q=0.9
Referer
http://www.lesleaders.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

Date
Fri, 25 Nov 2022 06:07:37 GMT
Via
1.1 d16428714e022976873ccc980fdc1288.cloudfront.net (CloudFront)
Last-Modified
Thu, 11 Aug 2016 12:43:28 GMT
Server
Apache
X-Amz-Cf-Pop
FRA53-C1
Age
2648150
X-Cache
Hit from cloudfront
Content-Type
image/png
Cache-Control
max-age=2678400
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
10206
X-Amz-Cf-Id
mB1a62BmYJSaqmkyag_Gm7pHDDZwrpN0hEq_Jkk8Mit8PEgvGDYiWw==
Expires
Mon, 26 Dec 2022 06:07:37 GMT
sprite-flag-v6.4.png
d1crle9mdp1ve1.cloudfront.net/script/v3/themes/default/images/ Frame BF77 		30 KB
31 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://d1crle9mdp1ve1.cloudfront.net/script/v3/themes/default/images/sprite-flag-v6.4.png
Requested by
Host: www.lesleaders.com
URL: http://www.lesleaders.com/turf/topcouple/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:214f:9800:b:f280:8a40:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Apache /
Resource Hash
8c9da1b1f22e858156ed9b50e24062cc53aca8b630f303fc00de0975a789c0d2

Request headers

accept-language
fr-FR,fr;q=0.9
Referer
http://www.lesleaders.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

Date
Sun, 27 Nov 2022 05:02:07 GMT
Via
1.1 660f4277d8fbef27985e8a4a97e362cc.cloudfront.net (CloudFront)
Last-Modified
Thu, 29 May 2014 12:26:16 GMT
Server
Apache
X-Amz-Cf-Pop
FRA53-C1
Age
2479279
X-Cache
Hit from cloudfront
Content-Type
image/png
Cache-Control
max-age=2678400
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
31072
X-Amz-Cf-Id
aMJaWl4u8HyQBhz5IxhYgov4BArEXjhNKTlOZixwhc5A1XvK_jHw_A==
Expires
Wed, 28 Dec 2022 05:02:07 GMT
logo.png
d1crle9mdp1ve1.cloudfront.net/script/v3/panel/cb/default/image/ Frame BF77 		14 KB
15 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://d1crle9mdp1ve1.cloudfront.net/script/v3/panel/cb/default/image/logo.png
Requested by
Host: www.lesleaders.com
URL: http://www.lesleaders.com/turf/topcouple/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:214f:9800:b:f280:8a40:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Apache /
Resource Hash
c594bd41589245fab296d11ed6fb8af54b28bde777fd51e54adb6285289f5740

Request headers

accept-language
fr-FR,fr;q=0.9
Referer
http://www.lesleaders.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

Date
Wed, 14 Dec 2022 11:30:51 GMT
Via
1.1 d16428714e022976873ccc980fdc1288.cloudfront.net (CloudFront)
Last-Modified
Wed, 25 Sep 2013 06:45:23 GMT
Server
Apache
X-Amz-Cf-Pop
FRA53-C1
Age
987155
X-Cache
Hit from cloudfront
Content-Type
image/png
Cache-Control
max-age=2678400
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
14358
X-Amz-Cf-Id
2U3M_DBtVOrzDAY7oA8Iy15C8hlhC_QPxriKB1ndVPvi4pbqTg6U5w==
Expires
Sat, 14 Jan 2023 11:30:51 GMT
logo-internet-plus-mobile.jpg
d1crle9mdp1ve1.cloudfront.net/script/v3/panel/mpme/default/image/ Frame BF77 		3 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://d1crle9mdp1ve1.cloudfront.net/script/v3/panel/mpme/default/image/logo-internet-plus-mobile.jpg
Requested by
Host: www.lesleaders.com
URL: http://www.lesleaders.com/turf/topcouple/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:214f:9800:b:f280:8a40:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Apache /
Resource Hash
e325f17eee64e9e9a17d47240daa5e58989c3b54c32f61b9b7bdb9095db43e0a

Request headers

accept-language
fr-FR,fr;q=0.9
Referer
http://www.lesleaders.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

Date
Fri, 02 Dec 2022 01:31:18 GMT
Via
1.1 8d31bbd9d6638cdacab37047b8045da4.cloudfront.net (CloudFront)
Last-Modified
Wed, 25 Sep 2013 06:45:27 GMT
Server
Apache
X-Amz-Cf-Pop
FRA53-C1
Age
2059929
X-Cache
Hit from cloudfront
Content-Type
image/jpeg
Cache-Control
max-age=2678400
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
3025
X-Amz-Cf-Id
K-y6hVqw7D2u_YekuwjT4U7ub6QSFk7P7TJ5esMoknYAufsV8dyOvw==
Expires
Mon, 02 Jan 2023 01:31:18 GMT
sodar
pagead2.googlesyndication.com/pagead/ Frame AD44 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&li=gda_r20221207&jk=1228410522051311&rc=
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:400d:807::2002 , Ireland, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
fr-FR,fr;q=0.9
Referer
https://www.google.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers
Jk7fixpOLBqPs8Ll1CI4HFyikeoml7Ub_Y2jZpe5d_o.js
pagead2.googlesyndication.com/bg/ Frame A23E 		36 KB
16 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/bg/Jk7fixpOLBqPs8Ll1CI4HFyikeoml7Ub_Y2jZpe5d_o.js
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:400d:807::2002 , Ireland, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
264edf8b1a4e2c1a8fb3c2e5d422381c5ca291ea2697b51bfd8da36697b977fa
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
fr-FR,fr;q=0.9
Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Mon, 19 Dec 2022 12:26:41 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
551845
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
15923
x-xss-protection
0
last-modified
Mon, 05 Dec 2022 17:18:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="botguard-scs"
vary
Accept-Encoding
report-to
{"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Tue, 19 Dec 2023 12:26:41 GMT
generate_204
tpc.googlesyndication.com/ Frame A23E 		0
10 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/generate_204?50Ba8g
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:400d:804::2001 , Ireland, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
fr-FR,fr;q=0.9
Referer
https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Sun, 25 Dec 2022 21:44:06 GMT
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
sodar
pagead2.googlesyndication.com/pagead/ Frame DC72 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&t=2&li=gda_r20221207&jk=1228410522051311&bg=!-_il-LzNAAYgquz3AKo7ACkAdvg8Wtn9KJC48xt9vQRA_3B_5puZxAm2XfONojgkkm9OXqCkk7lHpgIAAABiUgAAAANoAQeZAwMviLYa26oih91YpXi7IbzcGi78qXLIZ6pid3KEf8qXc8voqUs5yOuXACf-6xkFZsX8v3bn2qKbV9fLsyXD9IxVIjFBGemitjyuDGgUIam55XbNM16eF0aWRwpg0idCvwzeYnqRcRB8R6f13-1NJR3xNcvAPNevyboDGSi2l2AxzwpuoUbDEPZblzE1OaaLwatLPmGPwNpaT3uiN3arow4H6-ZzGMFwUfRiqY7LdEO-86qPcF18MFrO-O4vfQdjh_ZJ3dcg3IsydIV4N4C8_AmdzdRlS8ODhjaVvXLNWgQVsxao1_GPxZ5QDIrGRLCwMm-H2Kbj3pzYYcc2KQIDq2Utn9JismE2KXWHSOSWL4gw0V4vud0EHadgJgPJfU6vXVnbxktFwrabPtQowUJ26ZqzuWxG_slY6lxwXnsdHhPOBjphgu5Y1-qiW-MBAj1AVNV2hG9VF7NOXrsn35_Id4J_CNTYY2kbYplqaokhirsDnf_ucWa6BSdjh-YHK6eN9ReLHJXeALOixl0fJiMd99Q-lGt2XG3eigHaiAvGESU1CFk8NQeHQPy3tz5qL8PwuLQ83CQnULfh22qfwPMKNqPMJtpJBQFRfVLYMmPi3Wb1KNmMv79cv07uVsH3JaTT595XJGEooNUv5pL_cEwE4eY6Cgi3CcN-A0GqNsQpSgWcu-adf2WCOQacnb8ORU0VhbFFc0Ah1QNyLRpe12DljwjMGJyb1C6W0nY1xFuZ5rP01dtmcxOXZHSxOStPOvywefA61OuW-A5RwtPrUmV-Rp5AQP3q3fxuvYVsdF3ZaSpcpwa7Q0aOmKqPh2H6CUQZ_IxgTKLUKiKYGQUehr0aMzl4i71-68sPUINBWYKDoU2ulz0EWBAdNwx6NoBmetT-AtKZ8tiBTeGboZdMHiJ5TRcXhHze8mjllTyOl2TyQZ9fIbCyhpycahchiZzLdawCa5wyoisMHuXGTer8X8k7-4Kp-3Wqfq4tH1hZp1RfZufuhEXp9U2di4z996Ujmd2fbLxlVi0
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:400d:807::2002 , Ireland, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
fr-FR,fr;q=0.9
Referer
http://topcouple.vu.cx/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

Verdicts & Comments Add Verdict or Comment

8 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| 0 object| 1 object| 2 object| oncontentvisibilityautostatechange object| google_reactive_ads_global_state object| google_ad_modifications number| google_global_correlator object| google_prev_clients

5 Cookies

Domain/Path Name / Value
payment.allopass.com/ Name: ShopSessionId
Value: a98602c8-593e-4220-90ce-4ce7fc7cc40d
.allopass.com/ Name: AP_CUSK
Value: 3600085347
.doubleclick.net/ Name: test_cookie
Value: CheckForPermission
.vu.cx/ Name: __gads
Value: ID=78ed52987ab288d4-229f154b69da0060:T=1672004645:RT=1672004645:S=ALNI_MZAcglJnwiivSBjXcN3n-k5qZVy5w
.vu.cx/ Name: __gpi
Value: UID=00000b984113ee17:T=1672004645:RT=1672004645:S=ALNI_Mau02jNsu0DrfxOh2LAGMeiwXPR8A

1 Console Messages

Source Level URL
Text
network error URL: http://www.lesleaders.com/turf/topcouple/medias/course.jpg
Message:
Failed to load resource: the server responded with a status of 404 (Not Found)

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

adservice.google.com
adservice.google.fr
d1crle9mdp1ve1.cloudfront.net
googleads.g.doubleclick.net
pagead2.googlesyndication.com
partner.googleadservices.com
payment.allopass.com
script.starpass.fr
topcouple.vu.cx
tpc.googlesyndication.com
www.google-analytics.com
www.google.com
www.googletagmanager.com
www.lesleaders.com
www.venez.fr
185.119.26.1
193.37.145.66
194.0.255.28
2600:9000:214f:9800:b:f280:8a40:93a1
2a00:1450:4001:806::2004
2a00:1450:4001:80f::2002
2a00:1450:4001:827::2008
2a00:1450:4001:828::200e
2a00:1450:400d:802::2002
2a00:1450:400d:804::2001
2a00:1450:400d:806::2002
2a00:1450:400d:807::2002
2a00:1450:400d:808::2002
5.135.149.81
013ef65b8a42c5dc19739adb61c87c4a50bf95237e230bf46458a6a6275f0a4e
0201bf50f2f01c351b9ad578cb7ecfb98241b6476cd33a8780f8ffb9b2024629
0b78fa0ce366b66b8932c56c3af7ec7edbf58a72c5e55c01a1713bb20c7d1ddb
0c91a24c2deb753c963c48cd9c3e5d16ee96128b30bce193c4324e121728c306
16b75ffef6575fb4a8392662d6f4cbc1ce9731090c344d9275aa18c1bf4d22f8
18afbb827530ab5aa1c4a9ae99726259a20db6cea3c92fe70521cf3051956ef8
264edf8b1a4e2c1a8fb3c2e5d422381c5ca291ea2697b51bfd8da36697b977fa
30b850783d99e4160296bac23e868551d2e8c13ec6aa08f214bb2e359b1d9e2f
3289fc83b622ca0a13683fa81b006a05de135d1938744d6e30e5c9be2f2d782a
49d4ba84e10d9d1f2a83956dde4f20625fd11efc01f60a3a4552a9e09a05a74f
55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a
5c5ab61051be558678cb833560ea4e6b014eef6f09e6df38ddfca91c8c927261
5f612f22ad1e20f8991548e8b3027865fb994dc74d8f254d5a4379cd397777bd
604a4bdbe6c6fb461e25d74c35188cfcef69e46bfc11cd9d635ea7b516b075b1
61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb
66ee2907d4360a501571731c0eb35d51100049b7708ccdac9eee1b6e25995d87
69fc9bfe3dda05ea6979425fce9cdc5f36ed97b8464700cc2bcd269e7b6900bc
6e4bdaf71020d0a543a882af40794dde5192da22ca839c7cf46f608a21e680e6
70171d8d52d634df170223544bd105a541badef69939fddd86bf64455492e19a
717756dd4f8f31cadee77814d8c38aa9e159f5deef85b7c6cd4cf648a2b613f0
7beddacd8e604a82f931e120557fd4e25fbe9c0b4d9aead927e1b588d3e59663
7dc792d48132ff15a9ad8c11a139bf26f8e13aa3df30a71582ae406ddffdab4f
7dd9659e56e92abc376e04d427903b2cfca1d52d854d38e35fefa4cf9e7fd9db
801b6007b856e6b14a9772fa15a3e3ac80ee68a6005131685701f9020bbc04b5
83620838976ba9b68e5b7d091fecdc40e89f60bc17717984b06c3aa8a3be57a4
85ca9bb53cefa288cbb5f75f620ae7654be082e26b63c910b1901ca6305b935b
8c9da1b1f22e858156ed9b50e24062cc53aca8b630f303fc00de0975a789c0d2
8c9ff7c5b615fba96821177236b13d95ac0b7b2c67da14f8f3846be6d1b7eb6e
8d0496ce7f7442400c9cf7de629dbbcc47e1d591aeb6e2e3db2e2b923b43e5ac
95eb15e76b752a9c78d6281cd3b7c43a8fbc2931783edf3bf3703af55eff06e2
9da238ca619f3bf71312de3c9c913c653941ada56cb5e1601aafb6094ae51cdc
a0ef480526209200a6cad3ba5c7510f5a344d76f62a1d2e158a37fe800a4356b
a24e3346a6e2b965727afe9773b9284dbae82a99a329930ed4d22e8492460b0e
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
b42e4a056cb5b80c5a315040826866445ec9332f0749e184509ab2d9d3b86719
c112d031665794a10448816efdb20fd55aa258af58adc14cbca9b01d82495b3e
c594bd41589245fab296d11ed6fb8af54b28bde777fd51e54adb6285289f5740
d1d6b5efe0d6c2540778435a8f7873cbec1eb76a2b107370388a8806cb5dda6a
e325f17eee64e9e9a17d47240daa5e58989c3b54c32f61b9b7bdb9095db43e0a
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
f61a5853e0d521650c49841a7eaa276055806233c503f55ffa9d0015e7940874
f8f4e3281fa5c88a24cf10c7f7434fb4aa2256b726f39874385df1193e3c7e8f