www.meneurdejeux.powa.fr Open in urlscan Pro
194.150.236.179  Public Scan

27 Outgoing links

These are links going to different origins than the main page.

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Redirected requests

There were HTTP redirect chains for the following requests:

26 HTTP transactions Everything HTML Script AJAX CSS Image Expand all
0 data transactions

Method Protocol	Status	Resource Path	Size x-fer	Time Latency	Type MIME-Type	IP Location
GET H/1.1	200 OK	Primary Request / Show response www.meneurdejeux.powa.fr/	19 KB 19 KB	274ms 239ms	Document text/html	194.150.236.179 HIWIT_AS
General Check archive.org Show headers Download Go to Full URL http://www.meneurdejeux.powa.fr/ Protocol HTTP/1.1 Server 194.150.236.179 , France, ASN44976 (HIWIT_AS, FR), Reverse DNS ns19.hiwit.net Software Apache / Resource Hash 189e7b878f3b4b1c0e12d52f686d452dfb63ac014e7f8a10d45f85ef03660008 Request headers Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36 Accept-Language fr-FR,fr;q=0.9 Response headers Date Fri, 04 Mar 2022 20:51:30 GMT Server Apache Expires Thu, 19 Nov 1981 08:52:00 GMT Cache-Control no-store, no-cache, must-revalidate, post-check=0, pre-check=0 Pragma no-cache Vary Host Keep-Alive timeout=15, max=100 Connection Keep-Alive Transfer-Encoding chunked Content-Type text/html
GET H/1.1	200 OK	entete.jpg www.meneurdejeux.powa.fr/img/	75 KB 75 KB	17ms 17ms	Image image/jpeg	194.150.236.179 HIWIT_AS
General Check archive.org Show headers Download Go to Show image Full URL http://www.meneurdejeux.powa.fr/img/entete.jpg Requested by Host: www.meneurdejeux.powa.fr URL: http://www.meneurdejeux.powa.fr/ Protocol HTTP/1.1 Server 194.150.236.179 , France, ASN44976 (HIWIT_AS, FR), Reverse DNS ns19.hiwit.net Software Apache / Resource Hash e35517b5f1702b7160894574cd5386d66d075c0ed8bd3e0fe74802da5db66b31 Request headers Accept-Language fr-FR,fr;q=0.9 Referer http://www.meneurdejeux.powa.fr/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36 Response headers Date Fri, 04 Mar 2022 20:51:30 GMT Last-Modified Wed, 29 May 2019 19:26:55 GMT Server Apache ETag "173935e-12a8d-58a0bc3a1fdc0" Vary Host Content-Type image/jpeg Connection Keep-Alive Accept-Ranges bytes Keep-Alive timeout=15, max=99 Content-Length 76429
GET H/1.1	200 OK	cheval_course.jpg www.meneurdejeux.powa.fr/img/	29 KB 30 KB	35ms 17ms	Image image/jpeg	194.150.236.179 HIWIT_AS
General Check archive.org Show headers Download Go to Show image Full URL http://www.meneurdejeux.powa.fr/img/cheval_course.jpg Requested by Host: www.meneurdejeux.powa.fr URL: http://www.meneurdejeux.powa.fr/ Protocol HTTP/1.1 Server 194.150.236.179 , France, ASN44976 (HIWIT_AS, FR), Reverse DNS ns19.hiwit.net Software Apache / Resource Hash 8b0d6f3983fff988570ba1f33075ae01eba4fefdecc4bd26e8c32cf47c2649ff Request headers Accept-Language fr-FR,fr;q=0.9 Referer http://www.meneurdejeux.powa.fr/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36 Response headers Date Fri, 04 Mar 2022 20:51:30 GMT Last-Modified Wed, 29 May 2019 19:26:54 GMT Server Apache ETag "173935d-754a-58a0bc392bb80" Vary Host Content-Type image/jpeg Connection Keep-Alive Accept-Ranges bytes Keep-Alive timeout=15, max=100 Content-Length 30026
GET H/1.1	200 OK	checkout.apu Show response payment.allopass.com/buy/	11 KB 4 KB	459ms 267ms	Script text/html	185.119.26.1 WEBDEVIIN-AS
General Check archive.org Show headers Download Go to Full URL https://payment.allopass.com/buy/checkout.apu?ids=353252&idd=1542399&lang=fr Requested by Host: www.meneurdejeux.powa.fr URL: http://www.meneurdejeux.powa.fr/ Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_256_GCM Server 185.119.26.1 , France, ASN203544 (WEBDEVIIN-AS, FR), Reverse DNS 1.26.119.185.in-addr.arpa Software Apache / Resource Hash 2caad8fc9a6c30ebd03d9695a1227870dec6d2d3fa69a007eae2d9b7359868e0 Request headers Accept-Language fr-FR,fr;q=0.9 Referer http://www.meneurdejeux.powa.fr/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36 Response headers Pragma no-cache Date Fri, 04 Mar 2022 20:51:31 GMT Content-Encoding gzip Server Apache Vary Accept-Encoding P3P CP='NON NID OTPa OUR NOR' policy-ref='http://payment.allopass.com/info/p3p/policy-references.xml' Cache-Control no-store, no-cache, must-revalidate, post-check=0, pre-check=0 Connection close Content-Type text/html Content-Length 2960 Expires Thu, 19 Nov 1981 08:52:00 GMT
GET H/1.1	200 OK	script.php Show response script.starpass.fr/	25 B 289 B	144ms 40ms	Script text/html	194.0.255.28 NEO-ASN legacy Ne...
General Check archive.org Show headers Download Go to Full URL https://script.starpass.fr/script.php?idd=433940&datas= Requested by Host: www.meneurdejeux.powa.fr URL: http://www.meneurdejeux.powa.fr/ Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_256_GCM Server 194.0.255.28 , France, ASN8218 (NEO-ASN legacy Neotelecoms, FR), Reverse DNS srv28.bdmultimedia.fr Software Apache / Resource Hash a0710d7ae8f4a0ab076452dc7c3882b1c553ee11603bc5f9cf9dce10400ae1ce Request headers Accept-Language fr-FR,fr;q=0.9 Referer http://www.meneurdejeux.powa.fr/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36 Response headers Date Fri, 04 Mar 2022 20:51:01 GMT Content-Encoding gzip Server Apache Vary Accept-Encoding,User-Agent Content-Type text/html; charset=UTF-8 Connection Keep-Alive Keep-Alive timeout=2, max=100 Content-Length 43
GET H/1.1	200 OK	galop.jpg www.meneurdejeux.powa.fr/img/	30 KB 30 KB	34ms 17ms	Image image/jpeg	194.150.236.179 HIWIT_AS
General Check archive.org Show headers Download Go to Show image Full URL http://www.meneurdejeux.powa.fr/img/galop.jpg Requested by Host: www.meneurdejeux.powa.fr URL: http://www.meneurdejeux.powa.fr/ Protocol HTTP/1.1 Server 194.150.236.179 , France, ASN44976 (HIWIT_AS, FR), Reverse DNS ns19.hiwit.net Software Apache / Resource Hash 21686961b968cc34bd0654b8015b0ebfece1137ec5c089aa1be62ec0bbb49943 Request headers Accept-Language fr-FR,fr;q=0.9 Referer http://www.meneurdejeux.powa.fr/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36 Response headers Date Fri, 04 Mar 2022 20:51:30 GMT Last-Modified Wed, 29 May 2019 19:26:59 GMT Server Apache ETag "1739360-780a-58a0bc3df06c0" Vary Host Content-Type image/jpeg Connection Keep-Alive Accept-Ranges bytes Keep-Alive timeout=15, max=100 Content-Length 30730
GET H/1.1	200 OK	logo.gif www.meneurdejeux.powa.fr/img/	9 KB 9 KB	48ms 17ms	Image image/gif	194.150.236.179 HIWIT_AS
General Check archive.org Show headers Download Go to Show image Full URL http://www.meneurdejeux.powa.fr/img/logo.gif Requested by Host: www.meneurdejeux.powa.fr URL: http://www.meneurdejeux.powa.fr/ Protocol HTTP/1.1 Server 194.150.236.179 , France, ASN44976 (HIWIT_AS, FR), Reverse DNS ns19.hiwit.net Software Apache / Resource Hash 6857d8543ce3d315ec47e6127d28bfe24af8dd63374d42701dd66d3f58ed44cb Request headers Accept-Language fr-FR,fr;q=0.9 Referer http://www.meneurdejeux.powa.fr/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36 Response headers Date Fri, 04 Mar 2022 20:51:30 GMT Last-Modified Wed, 29 May 2019 19:27:00 GMT Server Apache ETag "1739361-2400-58a0bc3ee4900" Vary Host Content-Type image/gif Connection Keep-Alive Accept-Ranges bytes Keep-Alive timeout=15, max=100 Content-Length 9216
GET H/1.1	200 OK	analysepronop.gif www.top-pmu.com/logo/	16 KB 16 KB	54ms 18ms	Image image/gif	194.150.236.190 HIWIT_AS
General Check archive.org Show headers Download Go to Show image Full URL http://www.top-pmu.com/logo/analysepronop.gif Requested by Host: www.meneurdejeux.powa.fr URL: http://www.meneurdejeux.powa.fr/ Protocol HTTP/1.1 Server 194.150.236.190 , France, ASN44976 (HIWIT_AS, FR), Reverse DNS ns30.hiwit.net Software Apache / Resource Hash 3bf7897c6122f9c0adea1ac770174dde74b0a56e65e432b8e8bb713d5e55fd99 Request headers Accept-Language fr-FR,fr;q=0.9 Referer http://www.meneurdejeux.powa.fr/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36 Response headers Date Fri, 04 Mar 2022 20:51:30 GMT Last-Modified Mon, 18 Jun 2018 17:21:57 GMT Server Apache ETag "97308c-3fdd-56eedcd773740" Vary Host Content-Type image/gif Connection Keep-Alive Accept-Ranges bytes Keep-Alive timeout=10, max=100 Content-Length 16349
GET H2	200	LAVOIX%2BDUTIERCE.gif 4.bp.blogspot.com/-ohHQpmvyOQw/V5S_3CepZCI/AAAAAAAAAD8/MFp9AZLQ5jwPv8umJZV5ae2xIm4FDienwCK4B/s1600/	51 KB 51 KB	115ms 28ms	Image image/gif	142.250.185.161 GOOGLE
General Check archive.org Show headers Download Go to Show image Full URL https://4.bp.blogspot.com/-ohHQpmvyOQw/V5S_3CepZCI/AAAAAAAAAD8/MFp9AZLQ5jwPv8umJZV5ae2xIm4FDienwCK4B/s1600/LAVOIX%2BDUTIERCE.gif Requested by Host: www.meneurdejeux.powa.fr URL: http://www.meneurdejeux.powa.fr/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 142.250.185.161 , United States, ASN15169 (GOOGLE, US), Reverse DNS fra16s51-in-f1.1e100.net Software fife / Resource Hash b20f66c6e80acce4877d4f6cd436b6883790e26814b5badfaed8e782fda21fd6 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Accept-Language fr-FR,fr;q=0.9 Referer http://www.meneurdejeux.powa.fr/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36 Response headers date Fri, 04 Mar 2022 18:13:03 GMT x-content-type-options nosniff age 9507 content-disposition inline;filename="LAVOIX DUTIERCE.gif" alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 52059 x-xss-protection 0 server fife etag "v40" vary Origin content-type image/gif access-control-allow-origin * access-control-expose-headers Content-Length cache-control public, max-age=86400, no-transform timing-allow-origin * expires Fri, 04 Feb 2022 18:47:38 GMT
GET H/1.1	200 OK	logo.gif www.turfsupreme.com/img/	12 KB 12 KB	51ms 17ms	Image image/gif	194.150.236.179 HIWIT_AS
General Check archive.org Show headers Download Go to Show image Full URL http://www.turfsupreme.com/img/logo.gif Requested by Host: www.meneurdejeux.powa.fr URL: http://www.meneurdejeux.powa.fr/ Protocol HTTP/1.1 Server 194.150.236.179 , France, ASN44976 (HIWIT_AS, FR), Reverse DNS ns19.hiwit.net Software Apache / Resource Hash 4e8a20b63b2e1ad0440e81976f2640c70cd5b7bc55e77d39514ff89993ef0a79 Request headers Accept-Language fr-FR,fr;q=0.9 Referer http://www.meneurdejeux.powa.fr/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36 Response headers Date Fri, 04 Mar 2022 20:51:30 GMT Last-Modified Thu, 26 Sep 2019 09:44:47 GMT Server Apache ETag "17395c7-2ec9-593719eb801c0" Vary Host Content-Type image/gif Connection Keep-Alive Accept-Ranges bytes Keep-Alive timeout=15, max=100 Content-Length 11977
GET H/1.1	200 OK	zedturf.gif www.top-pmu.com/logo/	25 KB 26 KB	41ms 19ms	Image image/gif	194.150.236.190 HIWIT_AS
General Check archive.org Show headers Download Go to Show image Full URL http://www.top-pmu.com/logo/zedturf.gif Requested by Host: www.meneurdejeux.powa.fr URL: http://www.meneurdejeux.powa.fr/ Protocol HTTP/1.1 Server 194.150.236.190 , France, ASN44976 (HIWIT_AS, FR), Reverse DNS ns30.hiwit.net Software Apache / Resource Hash 2778f885798d67bdf29616e414e69f0f1ab8e198b555f09ff1806a4cc05ca8cc Request headers Accept-Language fr-FR,fr;q=0.9 Referer http://www.meneurdejeux.powa.fr/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36 Response headers Date Fri, 04 Mar 2022 20:51:30 GMT Last-Modified Sun, 17 Jun 2018 18:03:56 GMT Server Apache ETag "914bd0-64f7-56eda45c4bb00" Vary Host Content-Type image/gif Connection Keep-Alive Accept-Ranges bytes Keep-Alive timeout=10, max=100 Content-Length 25847
GET H/1.1	200 OK	clubhi.gif www.top-pmu.com/logo/	18 KB 19 KB	34ms 17ms	Image image/gif	194.150.236.190 HIWIT_AS
General Check archive.org Show headers Download Go to Show image Full URL http://www.top-pmu.com/logo/clubhi.gif Requested by Host: www.meneurdejeux.powa.fr URL: http://www.meneurdejeux.powa.fr/ Protocol HTTP/1.1 Server 194.150.236.190 , France, ASN44976 (HIWIT_AS, FR), Reverse DNS ns30.hiwit.net Software Apache / Resource Hash 894cfcbf30440dd1b1a2554dbecfc0653c25149b7ee6ead829461eb4c15bd6eb Request headers Accept-Language fr-FR,fr;q=0.9 Referer http://www.meneurdejeux.powa.fr/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36 Response headers Date Fri, 04 Mar 2022 20:51:30 GMT Last-Modified Sun, 17 Jun 2018 18:04:50 GMT Server Apache ETag "914bda-498c-56eda48fcb480" Vary Host Content-Type image/gif Connection Keep-Alive Accept-Ranges bytes Keep-Alive timeout=10, max=100 Content-Length 18828
GET H2	200	TURFSUP.gif 2.bp.blogspot.com/-fJqdFiDqNt8/WamKKySwunI/AAAAAAAAABc/llzZciGWZco5MQzICezm71IsSV06TTNDgCEwYBhgL/s1600/	680 KB 681 KB	94ms 28ms	Image image/gif	142.250.185.161 GOOGLE
General Check archive.org Show headers Download Go to Show image Full URL https://2.bp.blogspot.com/-fJqdFiDqNt8/WamKKySwunI/AAAAAAAAABc/llzZciGWZco5MQzICezm71IsSV06TTNDgCEwYBhgL/s1600/TURFSUP.gif Requested by Host: www.meneurdejeux.powa.fr URL: http://www.meneurdejeux.powa.fr/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 142.250.185.161 , United States, ASN15169 (GOOGLE, US), Reverse DNS fra16s51-in-f1.1e100.net Software fife / Resource Hash ae4b9aba31ecf01ef6543c4b75dc8d8039e582f9e10d8e72cc1beffdbe4d4927 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Accept-Language fr-FR,fr;q=0.9 Referer http://www.meneurdejeux.powa.fr/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36 Response headers date Fri, 04 Mar 2022 18:45:51 GMT x-content-type-options nosniff age 7539 content-disposition inline;filename="TURFSUP.gif" alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 696785 x-xss-protection 0 server fife etag "v18" vary Origin content-type image/gif access-control-allow-origin * access-control-expose-headers Content-Length cache-control public, max-age=86400, no-transform timing-allow-origin * expires Fri, 04 Mar 2022 07:39:13 GMT
GET H/1.0	200 OK	iframe_sponsor.eur Show response www.allosponsor.com/cgi-bin/	7 KB 2 KB	45ms 20ms	Script text/html	213.246.57.128 IKOULA
General Check archive.org Show headers Download Go to Full URL http://www.allosponsor.com/cgi-bin/iframe_sponsor.eur?num_site_aff=87753&type=3&popinto=1 Requested by Host: www.meneurdejeux.powa.fr URL: http://www.meneurdejeux.powa.fr/ Protocol HTTP/1.0 Server 213.246.57.128 , France, ASN21409 (IKOULA, FR), Reverse DNS www.allosponsor.com Software Apache/2.2.22 (Debian) / Resource Hash 9fa92e39783918a0581c1ba1bb676aaaa2c477e2af0f4678ba0db4bba69925b2 Request headers Accept-Language fr-FR,fr;q=0.9 Referer http://www.meneurdejeux.powa.fr/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36 Response headers Date Fri, 04 Mar 2022 20:51:29 GMT Via 1.1 www.allosponsor.com:80 (squid/2.7.STABLE9) X-Cache-Lookup MISS from www.allosponsor.com:80 Server Apache/2.2.22 (Debian) Vary Accept-Encoding X-Cache MISS from www.allosponsor.com Content-Type text/html Connection close Content-Encoding gzip
GET H/1.1	200 OK	/ www.meneurdejeux.powa.fr/	8 KB 8 KB	89ms 89ms	Image text/html	194.150.236.179 HIWIT_AS
General Check archive.org Show headers Download Go to Show image Full URL http://www.meneurdejeux.powa.fr/ Requested by Host: www.meneurdejeux.powa.fr URL: http://www.meneurdejeux.powa.fr/ Protocol HTTP/1.1 Server 194.150.236.179 , France, ASN44976 (HIWIT_AS, FR), Reverse DNS ns19.hiwit.net Software Apache / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Request headers Accept-Language fr-FR,fr;q=0.9 Referer http://www.meneurdejeux.powa.fr/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36 Response headers Pragma no-cache Date Fri, 04 Mar 2022 20:51:30 GMT Server Apache Vary Host Content-Type text/html Cache-Control no-store, no-cache, must-revalidate, post-check=0, pre-check=0 Transfer-Encoding chunked Connection Keep-Alive Keep-Alive timeout=15, max=100 Expires Thu, 19 Nov 1981 08:52:00 GMT
GET H2	200	gtm.js Show response www.googletagmanager.com/	95 KB 37 KB	100ms 38ms	Script application/javascript	142.250.185.72 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://www.googletagmanager.com/gtm.js?id=GTM-NHFGDSD Requested by Host: payment.allopass.com URL: https://payment.allopass.com/buy/checkout.apu?ids=353252&idd=1542399&lang=fr Protocol H2 Security TLS 1.3, , AES_128_GCM Server 142.250.185.72 , United States, ASN15169 (GOOGLE, US), Reverse DNS fra16s48-in-f8.1e100.net Software Google Tag Manager / Resource Hash fbe5d0fab6f290ed842cfcceb0a60c636d192aba40721a5a667b667bb360dd5e Security Headers Name Value Strict-Transport-Security max-age=31536000; includeSubDomains X-Xss-Protection 0 Request headers Accept-Language fr-FR,fr;q=0.9 Referer http://www.meneurdejeux.powa.fr/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36 Response headers date Fri, 04 Mar 2022 20:51:31 GMT content-encoding br vary Accept-Encoding cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 37549 x-xss-protection 0 last-modified Fri, 04 Mar 2022 18:00:00 GMT server Google Tag Manager strict-transport-security max-age=31536000; includeSubDomains content-type application/javascript; charset=UTF-8 access-control-allow-origin * cache-control private, max-age=900 access-control-allow-credentials true access-control-allow-headers Cache-Control expires Fri, 04 Mar 2022 20:51:31 GMT
GET H/1.1	200 OK	buy-button.css payment.allopass.com/static/css/	2 KB 830 B	58ms 17ms	Stylesheet text/css	185.119.26.1 WEBDEVIIN-AS
General Check archive.org Show headers Download Go to Full URL https://payment.allopass.com/static/css/buy-button.css?1 Requested by Host: payment.allopass.com URL: https://payment.allopass.com/buy/checkout.apu?ids=353252&idd=1542399&lang=fr Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_256_GCM Server 185.119.26.1 , France, ASN203544 (WEBDEVIIN-AS, FR), Reverse DNS 1.26.119.185.in-addr.arpa Software Apache / Resource Hash 95eb15e76b752a9c78d6281cd3b7c43a8fbc2931783edf3bf3703af55eff06e2 Request headers Accept-Language fr-FR,fr;q=0.9 Referer http://www.meneurdejeux.powa.fr/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36 Response headers Date Fri, 04 Mar 2022 20:51:31 GMT Content-Encoding gzip Last-Modified Tue, 16 Nov 2021 13:36:55 GMT Server Apache ETag "24bbe-69a-5d0e804cbabc0" Vary Accept-Encoding Content-Type text/css Connection close Accept-Ranges bytes Content-Length 546
GET H/1.1	200 OK	162x56.png payment.allopass.com/static/buy/button/fr/	6 KB 6 KB	58ms 18ms	Image image/png	185.119.26.1 WEBDEVIIN-AS
General Check archive.org Show headers Download Go to Show image Full URL https://payment.allopass.com/static/buy/button/fr/162x56.png Requested by Host: www.meneurdejeux.powa.fr URL: http://www.meneurdejeux.powa.fr/ Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_256_GCM Server 185.119.26.1 , France, ASN203544 (WEBDEVIIN-AS, FR), Reverse DNS 1.26.119.185.in-addr.arpa Software Apache / Resource Hash 7dd9659e56e92abc376e04d427903b2cfca1d52d854d38e35fefa4cf9e7fd9db Request headers Accept-Language fr-FR,fr;q=0.9 Referer http://www.meneurdejeux.powa.fr/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36 Response headers Date Fri, 04 Mar 2022 20:51:31 GMT Last-Modified Tue, 16 Nov 2021 13:36:55 GMT Server Apache ETag "218f3-1688-5d0e804cbabc0" Content-Type image/png Connection close Accept-Ranges bytes Content-Length 5768
GET H/1.0	200 OK	iframe_sponsor.eur Show response www.allosponsor.com/cgi-bin/ Frame 279B	2 KB 1 KB	38ms 19ms	Document text/html	213.246.57.128 IKOULA
General Check archive.org Show headers Download Go to Full URL http://www.allosponsor.com/cgi-bin/iframe_sponsor.eur?num_site_aff=87753&type=3&affc=1&s=0 Requested by Host: www.allosponsor.com URL: http://www.allosponsor.com/cgi-bin/iframe_sponsor.eur?num_site_aff=87753&type=3&popinto=1 Protocol HTTP/1.0 Server 213.246.57.128 , France, ASN21409 (IKOULA, FR), Reverse DNS www.allosponsor.com Software Apache/2.2.22 (Debian) / Resource Hash 27cc295465d21ca62e1d8e2e686498fa50c6f07be13c088fdb4102d70faffd49 Request headers Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36 Accept-Language fr-FR,fr;q=0.9 Referer http://www.meneurdejeux.powa.fr/ Response headers Date Fri, 04 Mar 2022 20:51:29 GMT Server Apache/2.2.22 (Debian) Vary Accept-Encoding Content-Encoding gzip Content-Type text/html X-Cache MISS from www.allosponsor.com X-Cache-Lookup MISS from www.allosponsor.com:80 Via 1.1 www.allosponsor.com:80 (squid/2.7.STABLE9) Connection close
GET H/1.0	200 OK	iframe_sponsor.eur Show response www.allosponsor.com/cgi-bin/ Frame 1CC8	2 KB 1 KB	37ms 19ms	Document text/html	213.246.57.128 IKOULA
General Check archive.org Show headers Download Go to Full URL http://www.allosponsor.com/cgi-bin/iframe_sponsor.eur?num_site_aff=87753&affc=1&s=0 Requested by Host: www.allosponsor.com URL: http://www.allosponsor.com/cgi-bin/iframe_sponsor.eur?num_site_aff=87753&type=3&popinto=1 Protocol HTTP/1.0 Server 213.246.57.128 , France, ASN21409 (IKOULA, FR), Reverse DNS www.allosponsor.com Software Apache/2.2.22 (Debian) / Resource Hash f1a4a73bc589d1b44fcaedb0d6f34506123465f3bf0e9286bf7482cb3267feed Request headers Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36 Accept-Language fr-FR,fr;q=0.9 Referer http://www.meneurdejeux.powa.fr/ Response headers Date Fri, 04 Mar 2022 20:51:29 GMT Server Apache/2.2.22 (Debian) Vary Accept-Encoding Content-Encoding gzip Content-Type text/html X-Cache MISS from www.allosponsor.com X-Cache-Lookup MISS from www.allosponsor.com:80 Via 1.1 www.allosponsor.com:80 (squid/2.7.STABLE9) Connection close
GET H/1.0	200 OK	transp.gif www.allosponsor.com/images/	49 B 449 B	37ms 19ms	Image image/gif	213.246.57.128 IKOULA
General Check archive.org Show headers Download Go to Show image Full URL http://www.allosponsor.com/images/transp.gif Requested by Host: www.meneurdejeux.powa.fr URL: http://www.meneurdejeux.powa.fr/ Protocol HTTP/1.0 Server 213.246.57.128 , France, ASN21409 (IKOULA, FR), Reverse DNS www.allosponsor.com Software Apache/2.2.22 (Debian) / Resource Hash 02d2855c8a5417cd637df1e81f781e42ff2b12ad6dffb923a3822f16b5bfa82a Request headers Accept-Language fr-FR,fr;q=0.9 Referer http://www.meneurdejeux.powa.fr/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36 Response headers Date Fri, 04 Mar 2022 20:51:29 GMT Via 1.1 www.allosponsor.com:80 (squid/2.7.STABLE9) X-Cache-Lookup HIT from www.allosponsor.com:80 Last-Modified Thu, 18 Dec 2008 10:28:48 GMT Server Apache/2.2.22 (Debian) ETag "3803d3-31-45e4fa86d3800" X-Cache MISS from www.allosponsor.com Content-Type image/gif Connection keep-alive Accept-Ranges bytes Content-Length 49
GET H/1.0	200 OK	closeb.gif www.allosponsor.com/images/	706 B 1 KB	37ms 19ms	Image image/gif	213.246.57.128 IKOULA
General Check archive.org Show headers Download Go to Show image Full URL http://www.allosponsor.com/images/closeb.gif Requested by Host: www.meneurdejeux.powa.fr URL: http://www.meneurdejeux.powa.fr/ Protocol HTTP/1.0 Server 213.246.57.128 , France, ASN21409 (IKOULA, FR), Reverse DNS www.allosponsor.com Software Apache/2.2.22 (Debian) / Resource Hash 18df3f0fa94f39427ebee0a8ada0faf4c4351c27c1d46ce5682807337b1966ed Request headers Accept-Language fr-FR,fr;q=0.9 Referer http://www.meneurdejeux.powa.fr/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36 Response headers Date Fri, 04 Mar 2022 20:51:29 GMT Via 1.1 www.allosponsor.com:80 (squid/2.7.STABLE9) X-Cache-Lookup HIT from www.allosponsor.com:80 Last-Modified Sat, 20 Dec 2008 14:28:55 GMT Server Apache/2.2.22 (Debian) ETag "380380-2c2-45e7b3ed557c0" X-Cache MISS from www.allosponsor.com Content-Type image/gif Connection keep-alive Accept-Ranges bytes Content-Length 706
GET H2	200	AVvXsEgigGJNGqedPLY2MirO4dRGWkLKerSHxiJLq3_s9bMRSIEO_A-6PMKBO-BTWRtEu42Qh9Quotqnt_3_BCxqkUfbrk9O4y5M2yNzDFQI7scWt2s4piFiz90Ou6x0pr4FfZqIaylBEUgvFXHi0pnS4dVRvAn1JMSqhM2JRR5lSdfaGPXJvGY7nCw3NW8hIg blogger.googleusercontent.com/img/a/ Frame 279B	20 KB 20 KB	323ms 255ms	Image image/gif	142.250.185.129 GOOGLE
General Check archive.org Show headers Download Go to Show image Full URL https://blogger.googleusercontent.com/img/a/AVvXsEgigGJNGqedPLY2MirO4dRGWkLKerSHxiJLq3_s9bMRSIEO_A-6PMKBO-BTWRtEu42Qh9Quotqnt_3_BCxqkUfbrk9O4y5M2yNzDFQI7scWt2s4piFiz90Ou6x0pr4FfZqIaylBEUgvFXHi0pnS4dVRvAn1JMSqhM2JRR5lSdfaGPXJvGY7nCw3NW8hIg Requested by Host: www.allosponsor.com URL: http://www.allosponsor.com/cgi-bin/iframe_sponsor.eur?num_site_aff=87753&type=3&affc=1&s=0 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 142.250.185.129 , United States, ASN15169 (GOOGLE, US), Reverse DNS fra16s50-in-f1.1e100.net Software fife / Resource Hash 28605b48cd6af6da382a84380e864e3616fe76c2dbf290997e9da31ec07815ca Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Accept-Language fr-FR,fr;q=0.9 Referer http://www.allosponsor.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36 Response headers date Fri, 04 Mar 2022 20:51:31 GMT x-content-type-options nosniff server fife etag "vac" vary Origin content-type image/gif access-control-expose-headers Content-Length cache-control public, max-age=86400, no-transform content-disposition inline;filename="anigifTICKET11.gif" alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 20284 x-xss-protection 0 expires Sat, 05 Mar 2022 20:51:31 GMT
GET H2	200	AVvXsEgigGJNGqedPLY2MirO4dRGWkLKerSHxiJLq3_s9bMRSIEO_A-6PMKBO-BTWRtEu42Qh9Quotqnt_3_BCxqkUfbrk9O4y5M2yNzDFQI7scWt2s4piFiz90Ou6x0pr4FfZqIaylBEUgvFXHi0pnS4dVRvAn1JMSqhM2JRR5lSdfaGPXJvGY7nCw3NW8hIg blogger.googleusercontent.com/img/a/ Frame 1CC8	20 KB 20 KB	308ms 245ms	Image image/gif	142.250.185.129 GOOGLE
General Check archive.org Show headers Download Go to Show image Full URL https://blogger.googleusercontent.com/img/a/AVvXsEgigGJNGqedPLY2MirO4dRGWkLKerSHxiJLq3_s9bMRSIEO_A-6PMKBO-BTWRtEu42Qh9Quotqnt_3_BCxqkUfbrk9O4y5M2yNzDFQI7scWt2s4piFiz90Ou6x0pr4FfZqIaylBEUgvFXHi0pnS4dVRvAn1JMSqhM2JRR5lSdfaGPXJvGY7nCw3NW8hIg Requested by Host: www.allosponsor.com URL: http://www.allosponsor.com/cgi-bin/iframe_sponsor.eur?num_site_aff=87753&affc=1&s=0 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 142.250.185.129 , United States, ASN15169 (GOOGLE, US), Reverse DNS fra16s50-in-f1.1e100.net Software fife / Resource Hash 28605b48cd6af6da382a84380e864e3616fe76c2dbf290997e9da31ec07815ca Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Accept-Language fr-FR,fr;q=0.9 Referer http://www.allosponsor.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36 Response headers date Fri, 04 Mar 2022 20:51:31 GMT x-content-type-options nosniff server fife etag "vac" vary Origin content-type image/gif access-control-expose-headers Content-Length cache-control public, max-age=86400, no-transform content-disposition inline;filename="anigifTICKET11.gif" alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 20284 x-xss-protection 0 expires Sat, 05 Mar 2022 20:51:31 GMT
GET H2	200	analytics.js Show response www.google-analytics.com/	49 KB 20 KB	88ms 26ms	Script text/javascript	142.250.186.110 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://www.google-analytics.com/analytics.js Requested by Host: www.googletagmanager.com URL: https://www.googletagmanager.com/gtm.js?id=GTM-NHFGDSD Protocol H2 Security TLS 1.3, , AES_128_GCM Server 142.250.186.110 , United States, ASN15169 (GOOGLE, US), Reverse DNS fra24s06-in-f14.1e100.net Software Golfe2 / Resource Hash a1925038db769477ab74b4df34350c35688a795bb718727b0f4292a4a78a6210 Security Headers Name Value Strict-Transport-Security max-age=10886400; includeSubDomains; preload X-Content-Type-Options nosniff Request headers Accept-Language fr-FR,fr;q=0.9 Referer http://www.meneurdejeux.powa.fr/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36 Response headers strict-transport-security max-age=10886400; includeSubDomains; preload content-encoding gzip x-content-type-options nosniff last-modified Tue, 02 Nov 2021 17:39:06 GMT server Golfe2 age 2799 date Fri, 04 Mar 2022 20:04:52 GMT vary Accept-Encoding content-type text/javascript cache-control public, max-age=7200 cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 20006 expires Fri, 04 Mar 2022 22:04:52 GMT
POST H2	200	collect Show response www.google-analytics.com/j/	1 B 213 B	35ms 34ms	XHR text/plain	142.250.186.110 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://www.google-analytics.com/j/collect?v=1&_v=j96&a=1360972765&t=pageview&_s=1&dl=http%3A%2F%2Fwww.meneurdejeux.powa.fr%2F&ul=en-us&de=windows-1252&dt=MENEUR%20DE%20JEUX&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=YEBAAEABAAAAAC~&jid=150877160&gjid=1233564192&cid=438114821.1646427092&tid=UA-135619294-1&_gid=635096916.1646427092&_r=1&gtm=2wg320NHFGDSD&cd1=ALS-LIBS-CHECKOUT-15&cd2=1542399&cd3=353252&cd4=(not%20set)&cd5=classic&z=276422519 Requested by Host: www.google-analytics.com URL: https://www.google-analytics.com/analytics.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 142.250.186.110 , United States, ASN15169 (GOOGLE, US), Reverse DNS fra24s06-in-f14.1e100.net Software Golfe2 / Resource Hash 6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b Security Headers Name Value X-Content-Type-Options nosniff Request headers Referer http://www.meneurdejeux.powa.fr/ Accept-Language fr-FR,fr;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36 Content-Type text/plain Response headers pragma no-cache date Fri, 04 Mar 2022 20:51:31 GMT x-content-type-options nosniff last-modified Sun, 17 May 1998 03:00:00 GMT server Golfe2 content-type text/plain access-control-allow-origin http://www.meneurdejeux.powa.fr cache-control no-cache, no-store, must-revalidate access-control-allow-credentials true cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 1 expires Fri, 01 Jan 1990 00:00:00 GMT

42 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| 0 object| 1 function| structuredClone object| oncontextlost object| oncontextrestored object| headID object| cssNode function| allopassButtons number| alreadyrunflag undefined| proto undefined| contentloadtag number| _timer object| dataLayer function| openup boolean| IE boolean| W3C object| currIDb object| currIDs number| xoff number| yoff number| marge_haute number| marge_gauche number| c_height number| c_width function| trackmouse function| stopdrag function| grab_id function| NS6bugfix function| incrzindex function| fermeture function| createPopup number| zctr number| totz object| IDh object| elts object| google_tag_manager object| google_tag_data string| GoogleAnalyticsObject function| ga object| gaplugins object| gaGlobal object| gaData

6 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

			Domain/Path	Expires	Name / Value
			www.meneurdejeux.powa.fr/	1969-12-31 23:59:59	Name: PHPSESSID Value: 4cfa9779ef42e0cfab0a48916af09977
			payment.allopass.com/	1969-12-31 23:59:59	Name: ShopSessionId Value: 72cfab17-fde0-404a-831b-f6b7e40652b9
			.allopass.com/	1970-01-20 10:06:03	Name: AP_CUSK Value: 3558036418
			.powa.fr/	1970-01-20 18:51:39	Name: _ga Value: GA1.2.438114821.1646427092
			.powa.fr/	1970-01-20 01:21:53	Name: _gid Value: GA1.2.635096916.1646427092
			.powa.fr/	1970-01-20 01:20:27	Name: _gat_UA-135619294-1 Value: 1

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

2.bp.blogspot.com
4.bp.blogspot.com
blogger.googleusercontent.com
payment.allopass.com
script.starpass.fr
www.allosponsor.com
www.google-analytics.com
www.googletagmanager.com
www.meneurdejeux.powa.fr
www.top-pmu.com
www.turfsupreme.com
142.250.185.129
142.250.185.161
142.250.185.72
142.250.186.110
185.119.26.1
194.0.255.28
194.150.236.179
194.150.236.190
213.246.57.128
02d2855c8a5417cd637df1e81f781e42ff2b12ad6dffb923a3822f16b5bfa82a
189e7b878f3b4b1c0e12d52f686d452dfb63ac014e7f8a10d45f85ef03660008
18df3f0fa94f39427ebee0a8ada0faf4c4351c27c1d46ce5682807337b1966ed
21686961b968cc34bd0654b8015b0ebfece1137ec5c089aa1be62ec0bbb49943
2778f885798d67bdf29616e414e69f0f1ab8e198b555f09ff1806a4cc05ca8cc
27cc295465d21ca62e1d8e2e686498fa50c6f07be13c088fdb4102d70faffd49
28605b48cd6af6da382a84380e864e3616fe76c2dbf290997e9da31ec07815ca
2caad8fc9a6c30ebd03d9695a1227870dec6d2d3fa69a007eae2d9b7359868e0
3bf7897c6122f9c0adea1ac770174dde74b0a56e65e432b8e8bb713d5e55fd99
4e8a20b63b2e1ad0440e81976f2640c70cd5b7bc55e77d39514ff89993ef0a79
6857d8543ce3d315ec47e6127d28bfe24af8dd63374d42701dd66d3f58ed44cb
6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b
7dd9659e56e92abc376e04d427903b2cfca1d52d854d38e35fefa4cf9e7fd9db
894cfcbf30440dd1b1a2554dbecfc0653c25149b7ee6ead829461eb4c15bd6eb
8b0d6f3983fff988570ba1f33075ae01eba4fefdecc4bd26e8c32cf47c2649ff
95eb15e76b752a9c78d6281cd3b7c43a8fbc2931783edf3bf3703af55eff06e2
9fa92e39783918a0581c1ba1bb676aaaa2c477e2af0f4678ba0db4bba69925b2
a0710d7ae8f4a0ab076452dc7c3882b1c553ee11603bc5f9cf9dce10400ae1ce
a1925038db769477ab74b4df34350c35688a795bb718727b0f4292a4a78a6210
ae4b9aba31ecf01ef6543c4b75dc8d8039e582f9e10d8e72cc1beffdbe4d4927
b20f66c6e80acce4877d4f6cd436b6883790e26814b5badfaed8e782fda21fd6
e35517b5f1702b7160894574cd5386d66d075c0ed8bd3e0fe74802da5db66b31
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
f1a4a73bc589d1b44fcaedb0d6f34506123465f3bf0e9286bf7482cb3267feed
fbe5d0fab6f290ed842cfcceb0a60c636d192aba40721a5a667b667bb360dd5e