banco3.onlc.fr Open in urlscan Pro
2606:4700:20::681a:1f9 Public Scan

Go To Rescan
Add Verdict Report

URL:
https://banco3.onlc.fr/
Submission: On February 02 via manual (February 2nd 2024, 11:25:43 pm UTC) from BF — Scanned from FR

Summary HTTP 60 Redirects Links 6 Behaviour Indicators

Summary

This website contacted 14 IPs in 3 countries across 13 domains to perform 60 HTTP transactions. The main IP is 2606:4700:20::681a:1f9, located in United States and belongs to CLOUDFLARENET, US. The main domain is banco3.onlc.fr.
TLS certificate: Issued by Cloudflare Inc ECC CA-3 on April 15th 2023. Valid for: a year.

This is the only time banco3.onlc.fr was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
1	2606:4700:20:... 2606:4700:20::681a:1f9	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	2a00:1450:400... 2a00:1450:4001:81c::200a	15169 (GOOGLE) (GOOGLE)
3	2606:4700::68... 2606:4700::6811:190e	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	45.58.124.226 45.58.124.226	23470 (RELIABLESITE) (RELIABLESITE)
11	2a02:4780:27:... 2a02:4780:27:1147:0:2471:9b8b:2	47583 (AS-HOSTINGER) (AS-HOSTINGER)
18	185.119.26.1 185.119.26.1	203544 (WEBDEVIIN-AS) (WEBDEVIIN-AS)
2	2606:4700:20:... 2606:4700:20::681a:6a2	13335 (CLOUDFLAR...) (CLOUDFLARENET)
2	2606:4700::68... 2606:4700::6810:5914	13335 (CLOUDFLAR...) (CLOUDFLARENET)
9	2606:4700:303... 2606:4700:3031::ac43:b060	13335 (CLOUDFLAR...) (CLOUDFLARENET)
2	54.183.117.230 54.183.117.230	16509 (AMAZON-02) (AMAZON-02)
6	2a00:1450:400... 2a00:1450:4001:810::2008	15169 (GOOGLE) (GOOGLE)
2	2606:4700::68... 2606:4700::6810:3965	13335 (CLOUDFLAR...) (CLOUDFLARENET)
2	2a00:1450:400... 2a00:1450:4001:82b::200e	15169 (GOOGLE) (GOOGLE)
60	14

1 2606:4700:20::681a:1f9 (United States)

ASN13335 (CLOUDFLARENET, US)

banco3.onlc.fr	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:81c::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

ajax.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2606:4700::6811:190e (United States)

ASN13335 (CLOUDFLARENET, US)

cdnjs.cloudflare.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 45.58.124.226 (Piscataway, United States)

ASN23470 (RELIABLESITE, US)
PTR: s11.flagcounter.com

s10.flagcounter.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

11 2a02:4780:27:1147:0:2471:9b8b:2 (Paris, France)

ASN47583 (AS-HOSTINGER, CY)

francecourses.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

18 185.119.26.1 (France)

ASN203544 (WEBDEVIIN-AS, FR)
PTR: 1.26.119.185.in-addr.arpa

payment.allopass.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2606:4700:20::681a:6a2 (United States)

ASN13335 (CLOUDFLARENET, US)

static.onlc.eu	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2606:4700::6810:5914 (United States)

ASN13335 (CLOUDFLARENET, US)

cdn.jsdelivr.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

9 2606:4700:3031::ac43:b060 (United States)

ASN13335 (CLOUDFLARENET, US)

www.pronostic-facile.fr	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
cdn0.pronostic-facile.fr	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 54.183.117.230 (San Jose, United States)

ASN16509 (AMAZON-02, US)
PTR: ec2-54-183-117-230.us-west-1.compute.amazonaws.com

gmu-apps.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 2a00:1450:4001:810::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.googletagmanager.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2606:4700::6810:3965 (United States)

ASN13335 (CLOUDFLARENET, US)

static.cloudflareinsights.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:82b::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
18	allopass.com payment.allopass.com	311 KB
11	francecourses.com francecourses.com	2 MB
9	pronostic-facile.fr www.pronostic-facile.fr cdn0.pronostic-facile.fr	21 KB
6	googletagmanager.com www.googletagmanager.com — Cisco Umbrella Rank: 37	454 KB
3	cloudflare.com cdnjs.cloudflare.com — Cisco Umbrella Rank: 225	45 KB
2	google-analytics.com www.google-analytics.com — Cisco Umbrella Rank: 27	41 KB
2	cloudflareinsights.com static.cloudflareinsights.com — Cisco Umbrella Rank: 811	14 KB
2	gmu-apps.com gmu-apps.com	6 KB
2	jsdelivr.net cdn.jsdelivr.net — Cisco Umbrella Rank: 324	57 KB
2	onlc.eu static.onlc.eu	68 KB
1	flagcounter.com s10.flagcounter.com — Cisco Umbrella Rank: 771296	82 KB
1	googleapis.com ajax.googleapis.com — Cisco Umbrella Rank: 369	34 KB
1	onlc.fr banco3.onlc.fr	4 KB
60	13

	Domain	Requested by
18	payment.allopass.com	banco3.onlc.fr payment.allopass.com
11	francecourses.com	banco3.onlc.fr francecourses.com
8	www.pronostic-facile.fr	francecourses.com www.pronostic-facile.fr static.cloudflareinsights.com
6	www.googletagmanager.com	payment.allopass.com www.pronostic-facile.fr www.googletagmanager.com
3	cdnjs.cloudflare.com	banco3.onlc.fr francecourses.com
2	www.google-analytics.com	www.googletagmanager.com
2	static.cloudflareinsights.com	www.pronostic-facile.fr
2	gmu-apps.com	payment.allopass.com banco3.onlc.fr
2	cdn.jsdelivr.net	francecourses.com
2	static.onlc.eu	banco3.onlc.fr
1	cdn0.pronostic-facile.fr	www.pronostic-facile.fr
1	s10.flagcounter.com	banco3.onlc.fr
1	ajax.googleapis.com	banco3.onlc.fr
1	banco3.onlc.fr
60	14

This site contains links to these domains. Also see Links.

Domain
vu.fr
www.francecourses.com
info.flagcounter.com
ai.onlinecreation.pro
www.onlinecreation.me

Subject Issuer	Validity	Valid
sni.cloudflaressl.com Cloudflare Inc ECC CA-3	`2023-04-15` - `2024-04-14`	a year	crt.sh
upload.video.google.com GTS CA 1C3	`2024-01-09` - `2024-04-02`	3 months	crt.sh
s06.flagcounter.com R3	`2023-12-18` - `2024-03-17`	3 months	crt.sh
francecourses.com R3	`2024-01-09` - `2024-04-08`	3 months	crt.sh
*.allopass.com Sectigo RSA Domain Validation Secure Server CA	`2023-10-06` - `2024-10-07`	a year	crt.sh
pronostic-facile.fr GTS CA 1P5	`2024-01-31` - `2024-04-30`	3 months	crt.sh
gmu-apps.com Amazon RSA 2048 M02	`2023-12-02` - `2024-12-30`	a year	crt.sh
*.google-analytics.com GTS CA 1C3	`2024-01-09` - `2024-04-02`	3 months	crt.sh

This page contains 5 frames:

Primary Page: https://banco3.onlc.fr/
Frame ID: DA12F73E11B8F72A6470D92142A92F2A
Requests: 7 HTTP requests in this frame

Frame: https://francecourses.com/
Frame ID: 327388AFE3BD0F1EF62EB468F63BA4D2
Requests: 16 HTTP requests in this frame

Frame: https://payment.allopass.com/buy/buy.apu?ids=299326&idd=1275257
Frame ID: 76F0BE5014EAE9D0484AC0F154194BAB
Requests: 22 HTTP requests in this frame

Frame: https://www.pronostic-facile.fr/widget/beausoleil/quinte_infos/all
Frame ID: D41FA1E0497E1E1D8DF08C24A8145C48
Requests: 7 HTTP requests in this frame

Frame: https://www.pronostic-facile.fr/widget/partner/feed/all
Frame ID: ABEC33EE1E4B58010879BAF496B84F4C
Requests: 9 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

Accueil - BANCO4

Detected technologies

Bootstrap (Web Frameworks) Expand

Overall confidence: 100%
Detected patterns

bootstrap(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)[^>]*?(?:\.min)?\.js

Cloudflare Browser Insights (Analytics) Expand

Overall confidence: 100%
Detected patterns

static\.cloudflareinsights\.com/beacon(?:\.min)?\.js

FingerprintJS (JavaScript libraries) Expand

Overall confidence: 100%
Detected patterns

fingerprint(\d)?(?:\.min)?\.js

Google Analytics (Analytics) Expand

Overall confidence: 100%
Detected patterns

google-analytics\.com/(?:ga|urchin|analytics)\.js

Google Tag Manager (Tag Managers) Expand

Overall confidence: 100%
Detected patterns

googletagmanager\.com/gtm\.js
googletagmanager\.com/gtag/js

jQuery (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

jquery[.-]([\d.]*\d)[^/]*\.js
/([\d.]+)/jquery(?:\.min)?\.js
jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

jsDelivr (CDN) Expand

Overall confidence: 100%
Detected patterns

//cdn\.jsdelivr\.net/

Page Statistics

60
Requests

100 %
HTTPS

77 %
IPv6

13
Domains

14
Subdomains

14
IPs

3
Countries

2689 kB
Transfer

4408 kB
Size

3
Cookies

6 Outgoing links

These are links going to different origins than the main page.

URL: http://vu.fr/gutD
Title: CHAT HIPPIQUE 1

Search URL Search Domain Scan URL

URL: http://www.francecourses.com/
Title: CHAT HIPPIQUE 2

Search URL Search Domain Scan URL

URL: http://info.flagcounter.com/rsen

Search URL Search Domain Scan URL

URL: https://ai.onlinecreation.pro/
Title: Publicité servant à financer l'hébergement de ce site 🤖 Une Intelligence Artificielle français intelligente facile à utiliser qui ridiculise les autres IA ! 🇫🇷 Découvrez AI•, votre assistant d'automatisation de texte et d'images! Laissez l'intelligence artificielle transformer vos idées en réalités visuelles. Pas besoin d'être un expert, AI• est à la portée de tous. Commencez dès maintenant!

Search URL Search Domain Scan URL

URL: https://www.onlinecreation.me/?p=banco3NDD
Title: Site créé gratuitement grâce à OnlineCreation.me

Search URL Search Domain Scan URL

URL: https://www.onlinecreation.me/mentionslegalessites.php?NomSite=banco3NDD
Title: Tous droits réservés

Search URL Search Domain Scan URL

Redirected requests

There were HTTP redirect chains for the following requests:

60 HTTP transactions
1 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2 200 Primary Request / Show response
banco3.onlc.fr/ 9 KB
4 KB 134ms
54ms Document
text/html 2606:4700:20::681a:1f9
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://banco3.onlc.fr/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:1f9 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: a9eccfd8fa2dc13ea8cc64cb51317ab17db1c0c28dda4f67bfd8f480750d1b2c

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36
accept-language: fr-FR,fr;q=0.9

Response headers

access-control-allow-origin: https://www.onlinecreation.me
alt-svc: h3=":443"; ma=86400
cache-control: no-store, no-cache, must-revalidate
cf-cache-status: DYNAMIC
cf-ray: 84f631cedf49d373-CDG
content-encoding: br
content-type: text/html; charset=utf-8
date: Fri, 02 Feb 2024 23:25:39 GMT
expires: Thu, 19 Nov 1981 08:52:00 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
p3p: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
pragma: no-cache
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=lMlPOzbkdsqCPZ49AlHEyRe3UDc7ZiopdTOt%2FPrkZU02qyC4IQ%2FmIh8d%2BP%2BwpQEQKL7iCC3uxVlFM36QKUgtxQTr%2F4wkBb10T9SfJ%2FbbE0WYQ%2Ff1y9gzmouNFrvNcVmjdrhVpod0EpO7c4yW"}],"group":"cf-nel","max_age":604800}
server: cloudflare

GET
H2 200 jquery.min.js Show response
ajax.googleapis.com/ajax/libs/jquery/1.7.2/ 93 KB
34 KB 140ms
24ms Script
text/javascript 2a00:1450:4001:81c::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://ajax.googleapis.com/ajax/libs/jquery/1.7.2/jquery.min.js

Requested by

Host: banco3.onlc.fr
URL: https://banco3.onlc.fr/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:81c::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

47b68dce8cb6805ad5b3ea4d27af92a241f4e29a5c12a274c852e4346a0500b4

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://banco3.onlc.fr/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Thu, 01 Feb 2024 15:18:38 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 115621
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/hosted-libraries-pushers
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 33845
x-xss-protection: 0
last-modified: Tue, 03 Mar 2020 19:15:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="hosted-libraries-pushers"
vary: Accept-Encoding
report-to: {"group":"hosted-libraries-pushers","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/hosted-libraries-pushers"}]}
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=31536000, stale-while-revalidate=2592000
accept-ranges: bytes
timing-allow-origin: *
expires: Fri, 31 Jan 2025 15:18:38 GMT

GET
H2 200 mediaelementplayer.min.css
cdnjs.cloudflare.com/ajax/libs/mediaelement/2.9.5/ 17 KB
3 KB 141ms
26ms Stylesheet
text/css 2606:4700::6811:190e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdnjs.cloudflare.com/ajax/libs/mediaelement/2.9.5/mediaelementplayer.min.css

Requested by

Host: banco3.onlc.fr
URL: https://banco3.onlc.fr/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6811:190e , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

a3ecfe4da73d3f04f54aca493982a068a9e328942a64100bfc976cbae9cafb10

Security Headers

Name	Value
Strict-Transport-Security	max-age=15780000
X-Content-Type-Options	nosniff

Request headers

Referer
Origin: https://banco3.onlc.fr
accept-language: fr-FR,fr;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Fri, 02 Feb 2024 23:25:39 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=15780000
age: 5596966
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 2265
last-modified: Mon, 04 May 2020 16:13:19 GMT
server: cloudflare
cf-cdnjs-via: cfworker/kv
etag: "5eb03f1f-4392"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=kXYEqSCAtbGO5YnQoebgx1M7PkrHgTrVO9Du20gMLZ0Ww%2F8Pr0GnHP3sJKdyv8Q3mvm%2BVXq%2BlGQILZW6D67iGoXP5xh70rUbWXc%2B%2BliDuycHVTGFsYIEPz24CzE1rdQlLhNSlRIQRioOJdnOEtXYz4p9"}],"group":"cf-nel","max_age":604800}
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: public, max-age=30672000
accept-ranges: bytes
timing-allow-origin: *
cf-ray: 84f631cfef703cfe-CDG
expires: Wed, 22 Jan 2025 23:25:39 GMT

GET
H2 200 mediaelement-and-player.min.js Show response
cdnjs.cloudflare.com/ajax/libs/mediaelement/2.9.5/ 61 KB
15 KB 144ms
29ms Script
application/javascript 2606:4700::6811:190e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdnjs.cloudflare.com/ajax/libs/mediaelement/2.9.5/mediaelement-and-player.min.js

Requested by

Host: banco3.onlc.fr
URL: https://banco3.onlc.fr/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6811:190e , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

c190fd4534143b46005a1fb176e61c80c6dc36b7893ba45f2d5480217dfcb8c3

Security Headers

Name	Value
Strict-Transport-Security	max-age=15780000
X-Content-Type-Options	nosniff

Request headers

Referer
Origin: https://banco3.onlc.fr
accept-language: fr-FR,fr;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Fri, 02 Feb 2024 23:25:39 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=15780000
age: 5778889
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 15089
last-modified: Mon, 04 May 2020 16:13:19 GMT
server: cloudflare
cf-cdnjs-via: cfworker/kv
etag: "5eb03f1f-f42f"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=s4zgTbCAy6ppVhqQe4UX1CO7wGkrgA9EMmrJvrDGDqQQpuKvFxGduTv5ErUdoRDRUl%2BhvhFmzNrAJdbH86UEbqqon2tIR3dkpCXOuavPvkvV2nbk%2F5HFqQevvIbHCN4PTi7BX8DGo0326j0NlDgupZSk"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: public, max-age=30672000
accept-ranges: bytes
timing-allow-origin: *
cf-ray: 84f631cfef713cfe-CDG
expires: Wed, 22 Jan 2025 23:25:39 GMT

GET
H/1.1 200
OK /
s10.flagcounter.com/map/rsen/size_s/txt_000000/border_CCCCCC/pageviews_1/viewers_0/flags_0/ 82 KB
82 KB 745ms
118ms Image
image/png 45.58.124.226
RELIABLESITE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://s10.flagcounter.com/map/rsen/size_s/txt_000000/border_CCCCCC/pageviews_1/viewers_0/flags_0/
Requested by: Host: banco3.onlc.fr
URL: https://banco3.onlc.fr/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 45.58.124.226 Piscataway, United States, ASN23470 (RELIABLESITE, US),
Reverse DNS: s11.flagcounter.com
Software: Apache/2.4.6 (CentOS) OpenSSL/1.0.2k-fips /
Resource Hash: 05f0cede476f89a22a51371c76f43a7c1ad81ba3a7607075b4432f99f592029a

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://banco3.onlc.fr/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

Pragma: no-cache
Date: Fri, 02 Feb 2024 23:25:40 GMT
Cache-control: no-cache
Server: Apache/2.4.6 (CentOS) OpenSSL/1.0.2k-fips
Connection: close
Transfer-Encoding: chunked
Content-Type: image/png

GET
H2 200 / Show response
francecourses.com/ Frame 3273 21 KB
5 KB 160ms
77ms Document
text/html 2a02:4780:27:1147:0:2471:9b8b:2
AS-HOSTINGER

General

Check archive.org

Show headers Download Go to

Full URL

https://francecourses.com/

Requested by

Host: banco3.onlc.fr
URL: https://banco3.onlc.fr/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:4780:27:1147:0:2471:9b8b:2 Paris, France, ASN47583 (AS-HOSTINGER, CY),

Reverse DNS

Software

LiteSpeed / PHP/8.1.24

Resource Hash

fb096d7b15e552d02d68be94dc687b1183311c83ec203ba75c126bf7b0462415

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests

Request headers

Referer: https://banco3.onlc.fr/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36
accept-language: fr-FR,fr;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000, h3-29=":443"; ma=2592000, h3-Q050=":443"; ma=2592000, h3-Q046=":443"; ma=2592000, h3-Q043=":443"; ma=2592000, quic=":443"; ma=2592000; v="43,46"
cache-control: no-cache, private
content-encoding: br
content-length: 4415
content-security-policy: upgrade-insecure-requests
content-type: text/html; charset=UTF-8
date: Fri, 02 Feb 2024 23:25:39 GMT
platform: hostinger
server: LiteSpeed
vary: Accept-Encoding
x-powered-by: PHP/8.1.24

GET
H/1.1 200
OK buy.apu Show response
payment.allopass.com/buy/ Frame 76F0 9 KB
4 KB 227ms
88ms Document
text/html 185.119.26.1
WEBDEVIIN-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://payment.allopass.com/buy/buy.apu?ids=299326&idd=1275257
Requested by: Host: banco3.onlc.fr
URL: https://banco3.onlc.fr/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 185.119.26.1 , France, ASN203544 (WEBDEVIIN-AS, FR),
Reverse DNS: 1.26.119.185.in-addr.arpa
Software: Apache /
Resource Hash: bcc6c597c6737248a4fe4c3fa808966dcb036c9d616b453e885f6fcaa3b36884

Request headers

Referer: https://banco3.onlc.fr/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36
accept-language: fr-FR,fr;q=0.9

Response headers

Access-Control-Allow-Origin: *
Cache-Control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
Connection: close
Content-Encoding: gzip
Content-Length: 3180
Content-Type: text/html; charset=UTF-8
Date: Fri, 02 Feb 2024 23:25:39 GMT
Expires: Thu, 19 Nov 1981 08:52:00 GMT
P3P: CP='NON NID OTPa OUR NOR' policy-ref='http://payment.allopass.com/info/p3p/policy-references.xml'
Pragma: no-cache
Server: Apache
Vary: Accept-Encoding

GET
H2 200 head.jpg
static.onlc.eu/designs/piano/ 38 KB
38 KB 179ms
58ms Image
image/jpeg 2606:4700:20::681a:6a2
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://static.onlc.eu/designs/piano/head.jpg
Requested by: Host: banco3.onlc.fr
URL: https://banco3.onlc.fr/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:6a2 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 178f8ce68c079d701fb2d8e636b6c0ce046c1ad7f7294d22398a8d374de0c50c

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://banco3.onlc.fr/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Fri, 02 Feb 2024 23:25:39 GMT
cf-cache-status: MISS
last-modified: Fri, 29 Sep 2006 06:21:11 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
etag: "1774917336"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=gb4SUHFKbmP5efqqa0K2B8i0Uai4qSP1LSOxLMv014e3DhywkLBdxkQsgWaa5nO0bHa9IyCEj2kuLDvbUF8P2O%2BrsNBAFjYDloJVjNQZkc5rg8bIfzzULeIQ6mepvRBYUXhZkPdq4vn0jdsw"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
access-control-allow-origin: *
cache-control: max-age=31536000
accept-ranges: bytes
cf-ray: 84f631d11cae0218-CDG
alt-svc: h3=":443"; ma=86400
content-length: 38586

GET
H2 200 ligne.gif
static.onlc.eu/designs/piano/ 29 KB
30 KB 183ms
62ms Image
image/gif 2606:4700:20::681a:6a2
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://static.onlc.eu/designs/piano/ligne.gif
Requested by: Host: banco3.onlc.fr
URL: https://banco3.onlc.fr/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:6a2 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 7183a05060f815ad74aab94bc85e6d98cb03491fac64c7f96523628074074312

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://banco3.onlc.fr/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Fri, 02 Feb 2024 23:25:39 GMT
cf-cache-status: MISS
last-modified: Fri, 29 Sep 2006 06:21:11 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
etag: "1610864344"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=3gsc4bmHc%2FDtJBz2yyBhZDCUUeSoccqRY33unvm06swhvWbiNcIGv20ewvRxsXzOfm4q8q4poreaytaCW0IWhLNcoxYpDwzdockuTeZk9VrSdEAznA4p284zCTBoNuY3SGm3nsmGLk5DgiTo"}],"group":"cf-nel","max_age":604800}
content-type: image/gif
access-control-allow-origin: *
cache-control: max-age=31536000
accept-ranges: bytes
cf-ray: 84f631d11cb00218-CDG
alt-svc: h3=":443"; ma=86400
content-length: 30084

GET
H2 200 jquery.min.js Show response
cdnjs.cloudflare.com/ajax/libs/jquery/3.7.0/ Frame 3273 85 KB
27 KB 26ms
25ms Script
application/javascript 2606:4700::6811:190e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdnjs.cloudflare.com/ajax/libs/jquery/3.7.0/jquery.min.js

Requested by

Host: francecourses.com
URL: https://francecourses.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6811:190e , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

d8f9afbf492e4c139e9d2bcb9ba6ef7c14921eb509fb703bc7a3f911b774eff8

Security Headers

Name	Value
Strict-Transport-Security	max-age=15780000
X-Content-Type-Options	nosniff

Request headers

Referer
Origin: https://francecourses.com
accept-language: fr-FR,fr;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Fri, 02 Feb 2024 23:25:39 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=15780000
age: 82484
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 27437
last-modified: Sun, 07 Jan 2024 20:26:00 GMT
server: cloudflare
cf-cdnjs-via: cfworker/kv
etag: "659afac8-6b2d"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Tx1bWUI37u9bCja3d3m8pArX0l3t4lmPN7OGiRT2G2bb2eotqOokjbQ%2FzBNwECB8SgzBlvvf7b2ISIIJVb%2FwChjh2ggDJP52rtBAI2%2BRR7cj64WzprM7rKsiyUZi75tyOd%2F%2BrmF%2FDYTrpH5vTQYfwrZY"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: public, max-age=30672000
accept-ranges: bytes
timing-allow-origin: *
cf-ray: 84f631d158183cfe-CDG
expires: Wed, 22 Jan 2025 23:25:39 GMT

GET
H2 200 bootstrap.min.css
cdn.jsdelivr.net/npm/bootstrap@5.3.1/dist/css/ Frame 3273 227 KB
33 KB 71ms
30ms Stylesheet
text/css 2606:4700::6810:5914
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.jsdelivr.net/npm/bootstrap@5.3.1/dist/css/bootstrap.min.css

Requested by

Host: francecourses.com
URL: https://francecourses.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6810:5914 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

d939d21f27010c09b6c2966681d8b4cfcd64ca418f240922518f967fded16ef6

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://francecourses.com/
Origin: https://francecourses.com
accept-language: fr-FR,fr;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Fri, 02 Feb 2024 23:25:39 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
age: 5517131
x-jsd-version: 5.3.1
content-encoding: br
x-cache: HIT
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
x-served-by: cache-fra-eddf8230038-FRA
x-jsd-version-type: version
server: cloudflare
etag: W/"38d97-sT73BUPXDB7H/dVqXrydfWQCOFE"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=5gMUyj%2BSZz4jvpdxiuxC0iTG%2BtyKYR9%2BTHJqyo0efWXqJEkPPSfV1hEN%2Bdtawe1TrKvzKy9BuqEkxwtkvwVaeW3lNHH9wvdup%2B0jEgy7ezUfFaHN%2BaM%2B0qajQH3f2%2B%2ByK4Mh3Mxt%2BaLKMCXae8Y%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/css; charset=utf-8
access-control-allow-origin: *
access-control-expose-headers: *
cache-control: public, max-age=31536000, s-maxage=31536000, immutable
timing-allow-origin: *
cf-ray: 84f631d19d872298-CDG

GET
H2 200 allopass.png
francecourses.com/assets/img/ Frame 3273 34 KB
34 KB 18ms
18ms Image
image/png 2a02:4780:27:1147:0:2471:9b8b:2
AS-HOSTINGER

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://francecourses.com/assets/img/allopass.png

Requested by

Host: francecourses.com
URL: https://francecourses.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:4780:27:1147:0:2471:9b8b:2 Paris, France, ASN47583 (AS-HOSTINGER, CY),

Reverse DNS

Software

LiteSpeed /

Resource Hash

49d27f3ea606ba1b50258dd4b6fe16e83f1b9c5f7a0fae518398149aee2ae043

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://francecourses.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Fri, 02 Feb 2024 23:25:39 GMT
content-security-policy: upgrade-insecure-requests
last-modified: Mon, 27 Nov 2023 23:20:58 GMT
server: LiteSpeed
etag: "86b3-6565245a-397253f83d227154;;;"
content-type: image/png
cache-control: public, max-age=604800
accept-ranges: bytes
platform: hostinger
content-length: 34483
expires: Fri, 09 Feb 2024 23:25:39 GMT

GET
H2 200 OM.png
francecourses.com/assets/img/ Frame 3273 171 KB
172 KB 18ms
18ms Image
image/png 2a02:4780:27:1147:0:2471:9b8b:2
AS-HOSTINGER

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://francecourses.com/assets/img/OM.png

Requested by

Host: francecourses.com
URL: https://francecourses.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:4780:27:1147:0:2471:9b8b:2 Paris, France, ASN47583 (AS-HOSTINGER, CY),

Reverse DNS

Software

LiteSpeed /

Resource Hash

2a6bffd614771fc60619abe7e7f1ccebe3d1434e83abe9947821edb5a588e786

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://francecourses.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Fri, 02 Feb 2024 23:25:39 GMT
content-security-policy: upgrade-insecure-requests
last-modified: Wed, 22 Nov 2023 07:31:24 GMT
server: LiteSpeed
etag: "2adfb-655dae4c-2de26ce9cfda8af9;;;"
content-type: image/png
cache-control: public, max-age=604800
accept-ranges: bytes
platform: hostinger
content-length: 175611
expires: Fri, 09 Feb 2024 23:25:39 GMT

GET
H2 200 Wave.jpg
francecourses.com/assets/img/ Frame 3273 7 KB
7 KB 52ms
51ms Image
image/jpeg 2a02:4780:27:1147:0:2471:9b8b:2
AS-HOSTINGER

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://francecourses.com/assets/img/Wave.jpg

Requested by

Host: francecourses.com
URL: https://francecourses.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:4780:27:1147:0:2471:9b8b:2 Paris, France, ASN47583 (AS-HOSTINGER, CY),

Reverse DNS

Software

LiteSpeed /

Resource Hash

4104a267c7a5a5f95617a0161dc278892d36b6a603fd10314b5629a436f7f37f

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://francecourses.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Fri, 02 Feb 2024 23:25:39 GMT
content-security-policy: upgrade-insecure-requests
last-modified: Wed, 22 Nov 2023 07:31:24 GMT
server: LiteSpeed
etag: "1b95-655dae4c-1c49731926e276f7;;;"
content-type: image/jpeg
cache-control: public, max-age=604800
accept-ranges: bytes
platform: hostinger
content-length: 7061
expires: Fri, 09 Feb 2024 23:25:39 GMT

GET
H2 200 MoovMoney.png
francecourses.com/assets/img/ Frame 3273 5 KB
6 KB 52ms
51ms Image
image/png 2a02:4780:27:1147:0:2471:9b8b:2
AS-HOSTINGER

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://francecourses.com/assets/img/MoovMoney.png

Requested by

Host: francecourses.com
URL: https://francecourses.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:4780:27:1147:0:2471:9b8b:2 Paris, France, ASN47583 (AS-HOSTINGER, CY),

Reverse DNS

Software

LiteSpeed /

Resource Hash

ec1e78be371a37bb7191514684de498dfffa760040f873fcb380484873d84392

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://francecourses.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Fri, 02 Feb 2024 23:25:39 GMT
content-security-policy: upgrade-insecure-requests
last-modified: Wed, 22 Nov 2023 07:31:24 GMT
server: LiteSpeed
etag: "15d8-655dae4c-768486ce4cf959a1;;;"
content-type: image/png
cache-control: public, max-age=604800
accept-ranges: bytes
platform: hostinger
content-length: 5592
expires: Fri, 09 Feb 2024 23:25:39 GMT

GET
H2 200 MoneyGram.jpg
francecourses.com/assets/img/ Frame 3273 42 KB
42 KB 52ms
51ms Image
image/jpeg 2a02:4780:27:1147:0:2471:9b8b:2
AS-HOSTINGER

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://francecourses.com/assets/img/MoneyGram.jpg

Requested by

Host: francecourses.com
URL: https://francecourses.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:4780:27:1147:0:2471:9b8b:2 Paris, France, ASN47583 (AS-HOSTINGER, CY),

Reverse DNS

Software

LiteSpeed /

Resource Hash

0ae51d165e857dcaf5457e5b59239fd1adf09bcb58deb336a4704853272f8fb1

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://francecourses.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Fri, 02 Feb 2024 23:25:39 GMT
content-security-policy: upgrade-insecure-requests
last-modified: Wed, 22 Nov 2023 07:31:24 GMT
server: LiteSpeed
etag: "a6c3-655dae4c-aaf0d07ad7f27525;;;"
content-type: image/jpeg
cache-control: public, max-age=604800
accept-ranges: bytes
platform: hostinger
content-length: 42691
expires: Fri, 09 Feb 2024 23:25:39 GMT

GET
H2 200 ExpressUnion.png
francecourses.com/assets/img/ Frame 3273 3 KB
3 KB 51ms
51ms Image
image/png 2a02:4780:27:1147:0:2471:9b8b:2
AS-HOSTINGER

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://francecourses.com/assets/img/ExpressUnion.png

Requested by

Host: francecourses.com
URL: https://francecourses.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:4780:27:1147:0:2471:9b8b:2 Paris, France, ASN47583 (AS-HOSTINGER, CY),

Reverse DNS

Software

LiteSpeed /

Resource Hash

2d0d688227d7a366fbe9b7c56a889cc66784190277581f52a7e82bc2996c1d1d

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://francecourses.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Fri, 02 Feb 2024 23:25:39 GMT
content-security-policy: upgrade-insecure-requests
last-modified: Wed, 22 Nov 2023 07:31:24 GMT
server: LiteSpeed
etag: "ce9-655dae4c-5a37cbc3a1cc536b;;;"
content-type: image/png
cache-control: public, max-age=604800
accept-ranges: bytes
platform: hostinger
content-length: 3305
expires: Fri, 09 Feb 2024 23:25:39 GMT

GET
H2 200 Ria.png
francecourses.com/assets/img/ Frame 3273 5 KB
5 KB 55ms
55ms Image
image/png 2a02:4780:27:1147:0:2471:9b8b:2
AS-HOSTINGER

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://francecourses.com/assets/img/Ria.png

Requested by

Host: francecourses.com
URL: https://francecourses.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:4780:27:1147:0:2471:9b8b:2 Paris, France, ASN47583 (AS-HOSTINGER, CY),

Reverse DNS

Software

LiteSpeed /

Resource Hash

52ed3db08547075f5bba86c1ddb148bc3b0953fa2b1d3e564d1988a369736974

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://francecourses.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Fri, 02 Feb 2024 23:25:39 GMT
content-security-policy: upgrade-insecure-requests
last-modified: Wed, 22 Nov 2023 07:31:24 GMT
server: LiteSpeed
etag: "123f-655dae4c-21087063f5d2714c;;;"
content-type: image/png
cache-control: public, max-age=604800
accept-ranges: bytes
platform: hostinger
content-length: 4671
expires: Fri, 09 Feb 2024 23:25:39 GMT

GET
H2 200 WesternUnion.png
francecourses.com/assets/img/ Frame 3273 8 KB
9 KB 56ms
55ms Image
image/png 2a02:4780:27:1147:0:2471:9b8b:2
AS-HOSTINGER

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://francecourses.com/assets/img/WesternUnion.png

Requested by

Host: francecourses.com
URL: https://francecourses.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:4780:27:1147:0:2471:9b8b:2 Paris, France, ASN47583 (AS-HOSTINGER, CY),

Reverse DNS

Software

LiteSpeed /

Resource Hash

5544764b0ce3f547366a931223094c6c1ed1d340e9abb5fb1d4789f44c02a472

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://francecourses.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Fri, 02 Feb 2024 23:25:39 GMT
content-security-policy: upgrade-insecure-requests
last-modified: Wed, 22 Nov 2023 07:31:24 GMT
server: LiteSpeed
etag: "21cd-655dae4c-b5eee505622772d9;;;"
content-type: image/png
cache-control: public, max-age=604800
accept-ranges: bytes
platform: hostinger
content-length: 8653
expires: Fri, 09 Feb 2024 23:25:39 GMT

GET
H2 200 quinte_infos Show response
www.pronostic-facile.fr/widget/beausoleil/script/ Frame 3273 252 B
599 B 168ms
125ms Script
text/html 2606:4700:3031::ac43:b060
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://www.pronostic-facile.fr/widget/beausoleil/script/quinte_infos
Requested by: Host: francecourses.com
URL: https://francecourses.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3031::ac43:b060 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 5ecb9fa015efa552725f2848be3041a9efca1ae5854c0694ba9cc468e84f972d

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://francecourses.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

x-runtime: 1
date: Fri, 02 Feb 2024 23:25:39 GMT
content-encoding: br
cf-cache-status: DYNAMIC
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=VuTa3TeyuxirR1pQbVhi3q7WrgMYf2yNNSjIYCs4F37uZIe6VvvuLh6C%2Fo50ewO6iFRp0rrRV1QCG4ib5DVXJT%2BZvnL0xx434EJFhaAIbw25AzVHiu3PzUQ%2BwcIx1Z1qppjtLs4%2FabfmAhBeJQBENIsRWZzcTg%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/html; charset=utf-8
cache-control: private, max-age=0, must-revalidate
cf-ray: 84f631d1d9732a31-CDG
alt-svc: h3=":443"; ma=86400

GET
H2 200 feed Show response
www.pronostic-facile.fr/widget/partner/script/ Frame 3273 241 B
799 B 163ms
120ms Script
text/html 2606:4700:3031::ac43:b060
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://www.pronostic-facile.fr/widget/partner/script/feed
Requested by: Host: francecourses.com
URL: https://francecourses.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3031::ac43:b060 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 513cec403f6af81be17808ef9b227d5ea5a3ffa19eb5bcf72b035b5f3d802a25

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://francecourses.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

x-runtime: 1
date: Fri, 02 Feb 2024 23:25:39 GMT
content-encoding: br
cf-cache-status: DYNAMIC
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=fJi43jvYolHXyHAq%2Fqye1qbiFM0Dc0TctZVKB1FsHk3VqYrwu9q96ztiWjaX5OodevCrXopcA3y5W8%2Bv7cr12iIUnkceGjEEAskwLaWv1OqihzwZwFiV95lRTmpT4minmVZTQx6i66QUw4lxKY%2B6tBjkG8PHLw%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/html; charset=utf-8
cache-control: private, max-age=0, must-revalidate
cf-ray: 84f631d1d9762a31-CDG
alt-svc: h3=":443"; ma=86400

GET
H2 200 bootstrap.bundle.min.js Show response
cdn.jsdelivr.net/npm/bootstrap@5.3.1/dist/js/ Frame 3273 79 KB
25 KB 31ms
28ms Script
application/javascript 2606:4700::6810:5914
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.jsdelivr.net/npm/bootstrap@5.3.1/dist/js/bootstrap.bundle.min.js

Requested by

Host: francecourses.com
URL: https://francecourses.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6810:5914 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

d2ea6c1e0cabca20d18e924b25a1cd0187c38ba7c33f60ab06e1b0402b9bcdb5

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://francecourses.com/
Origin: https://francecourses.com
accept-language: fr-FR,fr;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Fri, 02 Feb 2024 23:25:39 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
age: 7510755
x-jsd-version: 5.3.1
content-encoding: br
x-cache: HIT, HIT
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
x-served-by: cache-fra-etou8220068-FRA, cache-ams21060-AMS
x-jsd-version-type: version
server: cloudflare
etag: W/"13b1c-zlT4XyePvNXLIpL5wYbu32PNz4g"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=uLg%2B3YMeUQ7aW5Z%2BftRieuyAgFbqeYDKXbxriN5SVvm1BU%2FvXYjujiCEhysp0hpNpGEJwmiXld0lNBTlOQko2eocgVX2EvgSmHJyKdvuGsL3iYZNEZ%2BJrBd4oJCTS4AgEjLfX%2BTwtjKJnAk6PLg%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
access-control-expose-headers: *
cache-control: public, max-age=31536000, s-maxage=31536000, immutable
timing-allow-origin: *
cf-ray: 84f631d19d882298-CDG

GET
H/1.1 200
OK jBox.all.min.css
payment.allopass.com/static/css/jBox/ Frame 76F0 16 KB
4 KB 62ms
24ms Stylesheet
text/css 185.119.26.1
WEBDEVIIN-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://payment.allopass.com/static/css/jBox/jBox.all.min.css
Requested by: Host: payment.allopass.com
URL: https://payment.allopass.com/buy/buy.apu?ids=299326&idd=1275257
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 185.119.26.1 , France, ASN203544 (WEBDEVIIN-AS, FR),
Reverse DNS: 1.26.119.185.in-addr.arpa
Software: Apache /
Resource Hash: 16393c3e769e20445f7f78adf6a188dae9d932249842c1033dc2144bac1296ac

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://payment.allopass.com/buy/buy.apu?ids=299326&idd=1275257
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

Date: Fri, 02 Feb 2024 23:25:39 GMT
Content-Encoding: gzip
Last-Modified: Mon, 21 Aug 2023 10:50:27 GMT
Server: Apache
ETag: "2167f-40d7-6036ca56d02c0"
Vary: Accept-Encoding
Content-Type: text/css
Connection: close
Accept-Ranges: bytes
Content-Length: 3631

GET
H/1.1 200
OK base.css
payment.allopass.com/static/css/ Frame 76F0 81 KB
15 KB 64ms
25ms Stylesheet
text/css 185.119.26.1
WEBDEVIIN-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://payment.allopass.com/static/css/base.css?68
Requested by: Host: payment.allopass.com
URL: https://payment.allopass.com/buy/buy.apu?ids=299326&idd=1275257
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 185.119.26.1 , France, ASN203544 (WEBDEVIIN-AS, FR),
Reverse DNS: 1.26.119.185.in-addr.arpa
Software: Apache /
Resource Hash: 3975eb898756e296608f964f0fe799ecf25bbf79467666a3c3218dad3db1de6e

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://payment.allopass.com/buy/buy.apu?ids=299326&idd=1275257
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

Date: Fri, 02 Feb 2024 23:25:39 GMT
Content-Encoding: gzip
Last-Modified: Mon, 21 Aug 2023 10:50:27 GMT
Server: Apache
ETag: "216e7-143f2-6036ca56d02c0"
Vary: Accept-Encoding
Content-Type: text/css
Connection: close
Accept-Ranges: bytes
Content-Length: 14739

GET
H/1.1 200
OK carousel.css
payment.allopass.com/static/css/ Frame 76F0 21 KB
3 KB 63ms
24ms Stylesheet
text/css 185.119.26.1
WEBDEVIIN-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://payment.allopass.com/static/css/carousel.css?68
Requested by: Host: payment.allopass.com
URL: https://payment.allopass.com/buy/buy.apu?ids=299326&idd=1275257
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 185.119.26.1 , France, ASN203544 (WEBDEVIIN-AS, FR),
Reverse DNS: 1.26.119.185.in-addr.arpa
Software: Apache /
Resource Hash: 1decf61f3465e4585a9a8cd868c343796bb6f43dfd1f03fa0b361dab97b4627c

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://payment.allopass.com/buy/buy.apu?ids=299326&idd=1275257
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

Date: Fri, 02 Feb 2024 23:25:39 GMT
Content-Encoding: gzip
Last-Modified: Mon, 21 Aug 2023 10:50:27 GMT
Server: Apache
ETag: "21904-54eb-6036ca56d02c0"
Vary: Accept-Encoding
Content-Type: text/css
Connection: close
Accept-Ranges: bytes
Content-Length: 2387

GET
H/1.1 200
OK jquery-1.3.2.min.js Show response
payment.allopass.com/static/js/ext/ Frame 76F0 56 KB
20 KB 65ms
26ms Script
application/javascript 185.119.26.1
WEBDEVIIN-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://payment.allopass.com/static/js/ext/jquery-1.3.2.min.js
Requested by: Host: payment.allopass.com
URL: https://payment.allopass.com/buy/buy.apu?ids=299326&idd=1275257
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 185.119.26.1 , France, ASN203544 (WEBDEVIIN-AS, FR),
Reverse DNS: 1.26.119.185.in-addr.arpa
Software: Apache /
Resource Hash: c8370a2d050359e9d505acc411e6f457a49b21360a21e6cbc9229bad3a767899

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://payment.allopass.com/buy/buy.apu?ids=299326&idd=1275257
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

Date: Fri, 02 Feb 2024 23:25:39 GMT
Content-Encoding: gzip
Last-Modified: Mon, 21 Aug 2023 10:50:27 GMT
Server: Apache
ETag: "4106b-dfa6-6036ca56d02c0"
Vary: Accept-Encoding
Content-Type: application/javascript
Connection: close
Accept-Ranges: bytes
Content-Length: 19740

GET
H/1.1 200
OK jquery-1.11.3.min.js Show response
payment.allopass.com/static/js/ext/ Frame 76F0 94 KB
33 KB 66ms
27ms Script
application/javascript 185.119.26.1
WEBDEVIIN-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://payment.allopass.com/static/js/ext/jquery-1.11.3.min.js
Requested by: Host: payment.allopass.com
URL: https://payment.allopass.com/buy/buy.apu?ids=299326&idd=1275257
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 185.119.26.1 , France, ASN203544 (WEBDEVIIN-AS, FR),
Reverse DNS: 1.26.119.185.in-addr.arpa
Software: Apache /
Resource Hash: ecb916133a9376911f10bc5c659952eb0031e457f5df367cde560edbfba38fb8

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://payment.allopass.com/buy/buy.apu?ids=299326&idd=1275257
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

Date: Fri, 02 Feb 2024 23:25:39 GMT
Content-Encoding: gzip
Last-Modified: Mon, 21 Aug 2023 10:50:27 GMT
Server: Apache
ETag: "21721-176d5-6036ca56d02c0"
Vary: Accept-Encoding
Content-Type: application/javascript
Connection: close
Accept-Ranges: bytes
Content-Length: 33279

GET
H/1.1 200
OK general.js Show response
payment.allopass.com/onetime/scripts/ Frame 76F0 4 KB
2 KB 62ms
23ms Script
application/javascript 185.119.26.1
WEBDEVIIN-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://payment.allopass.com/onetime/scripts/general.js?04
Requested by: Host: payment.allopass.com
URL: https://payment.allopass.com/buy/buy.apu?ids=299326&idd=1275257
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 185.119.26.1 , France, ASN203544 (WEBDEVIIN-AS, FR),
Reverse DNS: 1.26.119.185.in-addr.arpa
Software: Apache /
Resource Hash: c1893b3f02db32e36ee562842bc299d27c047656416c204667abf42f04777d2a

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://payment.allopass.com/buy/buy.apu?ids=299326&idd=1275257
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

Date: Fri, 02 Feb 2024 23:25:39 GMT
Content-Encoding: gzip
Last-Modified: Mon, 21 Aug 2023 10:50:26 GMT
Server: Apache
ETag: "2090b-f37-6036ca55dc080"
Vary: Accept-Encoding
Content-Type: application/javascript
Connection: close
Accept-Ranges: bytes
Content-Length: 1593

GET
H/1.1 200
OK jBox.all.min.js Show response
payment.allopass.com/static/js/ext/ Frame 76F0 51 KB
13 KB 137ms
30ms Script
application/javascript 185.119.26.1
WEBDEVIIN-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://payment.allopass.com/static/js/ext/jBox.all.min.js
Requested by: Host: payment.allopass.com
URL: https://payment.allopass.com/buy/buy.apu?ids=299326&idd=1275257
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 185.119.26.1 , France, ASN203544 (WEBDEVIIN-AS, FR),
Reverse DNS: 1.26.119.185.in-addr.arpa
Software: Apache /
Resource Hash: d176bb09818fe74dc0e1d369c411c2e3ca68bbf64a8eb76b43ec306520229833

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://payment.allopass.com/buy/buy.apu?ids=299326&idd=1275257
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

Date: Fri, 02 Feb 2024 23:25:39 GMT
Content-Encoding: gzip
Last-Modified: Mon, 21 Aug 2023 10:50:27 GMT
Server: Apache
ETag: "2171f-cb59-6036ca56d02c0"
Vary: Accept-Encoding
Content-Type: application/javascript
Connection: close
Accept-Ranges: bytes
Content-Length: 12605

GET
H2 200 top.js Show response
gmu-apps.com/js/ Frame 76F0 54 KB
6 KB 521ms
165ms Script
application/javascript 54.183.117.230
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://gmu-apps.com/js/top.js
Requested by: Host: payment.allopass.com
URL: https://payment.allopass.com/buy/buy.apu?ids=299326&idd=1275257
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 54.183.117.230 San Jose, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-54-183-117-230.us-west-1.compute.amazonaws.com
Software: Apache /
Resource Hash: cdca24fd19906ad7adbf066e55d3ee87750c3901e9b5d1beb538408274d32109

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://payment.allopass.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 02 Feb 2024 23:25:39 GMT
content-encoding: gzip
last-modified: Fri, 02 Apr 2021 20:31:35 GMT
server: Apache
vary: Accept-Encoding
content-type: application/javascript
cache-control: max-age=0, no-cache, no-store, must-revalidate
accept-ranges: bytes
content-length: 5772
expires: Sun, 8 Mar 1981 10:00:00 GMT

GET
H/1.1 200
OK fr.png
payment.allopass.com/icons/flags/24x24/ Frame 76F0 536 B
774 B 53ms
18ms Image
image/png 185.119.26.1
WEBDEVIIN-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://payment.allopass.com/icons/flags/24x24/fr.png
Requested by: Host: payment.allopass.com
URL: https://payment.allopass.com/buy/buy.apu?ids=299326&idd=1275257
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 185.119.26.1 , France, ASN203544 (WEBDEVIIN-AS, FR),
Reverse DNS: 1.26.119.185.in-addr.arpa
Software: Apache /
Resource Hash: 54df4beda3ad05d5c621511ff15b2882588ff457e36132035d5f21fb29f2a750

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://payment.allopass.com/buy/buy.apu?ids=299326&idd=1275257
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

Date: Fri, 02 Feb 2024 23:25:39 GMT
Last-Modified: Tue, 26 Nov 2019 14:39:45 GMT
Server: Apache
ETag: "22e62-218-59840d9ebee40"
Content-Type: image/png
Connection: close
Accept-Ranges: bytes
Content-Length: 536

GET
H/1.1 200
OK check-codes.js Show response
payment.allopass.com/static/js/ Frame 76F0 2 KB
1 KB 67ms
28ms Script
application/javascript 185.119.26.1
WEBDEVIIN-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://payment.allopass.com/static/js/check-codes.js?01
Requested by: Host: payment.allopass.com
URL: https://payment.allopass.com/buy/buy.apu?ids=299326&idd=1275257
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 185.119.26.1 , France, ASN203544 (WEBDEVIIN-AS, FR),
Reverse DNS: 1.26.119.185.in-addr.arpa
Software: Apache /
Resource Hash: 97a9de3830f4bd7bcb7cf4805dbdcf1f4c6e843fcd4a814c6a5d7bc2b11fee1a

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://payment.allopass.com/buy/buy.apu?ids=299326&idd=1275257
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

Date: Fri, 02 Feb 2024 23:25:39 GMT
Content-Encoding: gzip
Last-Modified: Mon, 21 Aug 2023 10:50:27 GMT
Server: Apache
ETag: "41065-9d7-6036ca56d02c0"
Vary: Accept-Encoding
Content-Type: application/javascript
Connection: close
Accept-Ranges: bytes
Content-Length: 795

GET
H/1.1 200
OK fingerprint2.min.js Show response
payment.allopass.com/static/js/ext/ Frame 76F0 33 KB
10 KB 85ms
20ms Script
application/javascript 185.119.26.1
WEBDEVIIN-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://payment.allopass.com/static/js/ext/fingerprint2.min.js
Requested by: Host: payment.allopass.com
URL: https://payment.allopass.com/buy/buy.apu?ids=299326&idd=1275257
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 185.119.26.1 , France, ASN203544 (WEBDEVIIN-AS, FR),
Reverse DNS: 1.26.119.185.in-addr.arpa
Software: Apache /
Resource Hash: faf063f091dd745b82f9aeb12544a10ef3ee5989078c1a90d377d863fff884c7

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://payment.allopass.com/buy/buy.apu?ids=299326&idd=1275257
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

Date: Fri, 02 Feb 2024 23:25:39 GMT
Content-Encoding: gzip
Last-Modified: Mon, 21 Aug 2023 10:50:27 GMT
Server: Apache
ETag: "21804-8432-6036ca56d02c0"
Vary: Accept-Encoding
Content-Type: application/javascript
Connection: close
Accept-Ranges: bytes
Content-Length: 10209

GET
H/1.1 200
OK arrow-down.png
payment.allopass.com/static/css/images/ Frame 76F0 315 B
553 B 54ms
18ms Image
image/png 185.119.26.1
WEBDEVIIN-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://payment.allopass.com/static/css/images/arrow-down.png
Requested by: Host: payment.allopass.com
URL: https://payment.allopass.com/buy/buy.apu?ids=299326&idd=1275257
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 185.119.26.1 , France, ASN203544 (WEBDEVIIN-AS, FR),
Reverse DNS: 1.26.119.185.in-addr.arpa
Software: Apache /
Resource Hash: c0a130d7b90ac605b17acd40337aa673f2f6b1779801ba8ea7d894d38b87ba36

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://payment.allopass.com/buy/buy.apu?ids=299326&idd=1275257
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

Date: Fri, 02 Feb 2024 23:25:39 GMT
Last-Modified: Mon, 21 Aug 2023 10:50:27 GMT
Server: Apache
ETag: "2194e-13b-6036ca56d02c0"
Content-Type: image/png
Connection: close
Accept-Ranges: bytes
Content-Length: 315

GET
H/1.1 200
OK carousel.js Show response
payment.allopass.com/static/js/ Frame 76F0 7 KB
2 KB 55ms
19ms Script
application/javascript 185.119.26.1
WEBDEVIIN-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://payment.allopass.com/static/js/carousel.js?5
Requested by: Host: payment.allopass.com
URL: https://payment.allopass.com/buy/buy.apu?ids=299326&idd=1275257
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 185.119.26.1 , France, ASN203544 (WEBDEVIIN-AS, FR),
Reverse DNS: 1.26.119.185.in-addr.arpa
Software: Apache /
Resource Hash: 8db08a66fc20669ae93e6d8e919f56a863ce77d3e1ea0bb97efc4c35da450435

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://payment.allopass.com/buy/buy.apu?ids=299326&idd=1275257
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

Date: Fri, 02 Feb 2024 23:25:39 GMT
Content-Encoding: gzip
Last-Modified: Mon, 21 Aug 2023 10:50:27 GMT
Server: Apache
ETag: "41064-1b55-6036ca56d02c0"
Vary: Accept-Encoding
Content-Type: application/javascript
Connection: close
Accept-Ranges: bytes
Content-Length: 1830

GET
H2 200 gtm.js Show response
www.googletagmanager.com/ Frame 76F0 168 KB
61 KB 88ms
33ms Script
application/javascript 2a00:1450:4001:810::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtm.js?id=GTM-NVK252XV

Requested by

Host: payment.allopass.com
URL: https://payment.allopass.com/buy/buy.apu?ids=299326&idd=1275257

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:810::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

e973bbf7a3bd136c91667840051b7bcfb0a7d8a675f37347dda6f02f09a32e34

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://payment.allopass.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Fri, 02 Feb 2024 23:25:39 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 62095
x-xss-protection: 0
last-modified: Fri, 02 Feb 2024 21:00:00 GMT
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Fri, 02 Feb 2024 23:25:39 GMT

GET
H3 200 horse-3880449_1920.jpg
francecourses.com/assets/img/hero-carousel/ Frame 3273 740 KB
740 KB 19ms
19ms Image
image/jpeg 2a02:4780:27:1147:0:2471:9b8b:2
AS-HOSTINGER

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://francecourses.com/assets/img/hero-carousel/horse-3880449_1920.jpg

Requested by

Host: francecourses.com
URL: https://francecourses.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a02:4780:27:1147:0:2471:9b8b:2 Paris, France, ASN47583 (AS-HOSTINGER, CY),

Reverse DNS

Software

LiteSpeed /

Resource Hash

ca9db144acb25acb923cacb7e0224040e5baa5e442e9a16982acb16187bfde36

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://francecourses.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Fri, 02 Feb 2024 23:25:39 GMT
content-security-policy: upgrade-insecure-requests
last-modified: Mon, 11 Sep 2023 19:26:21 GMT
server: LiteSpeed
etag: "b8f0c-64ff69dd-4ea79a12837920f;;;"
content-type: image/jpeg
cache-control: public, max-age=604800
accept-ranges: bytes
platform: hostinger
alt-svc: h3=":443"; ma=2592000, h3-29=":443"; ma=2592000, h3-Q050=":443"; ma=2592000, h3-Q046=":443"; ma=2592000, h3-Q043=":443"; ma=2592000, quic=":443"; ma=2592000; v="43,46"
content-length: 757516
expires: Fri, 09 Feb 2024 23:25:39 GMT

GET
H3 200 horses-380402_1920.jpg
francecourses.com/assets/img/hero-carousel/ Frame 3273 530 KB
530 KB 41ms
40ms Image
image/jpeg 2a02:4780:27:1147:0:2471:9b8b:2
AS-HOSTINGER

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://francecourses.com/assets/img/hero-carousel/horses-380402_1920.jpg

Requested by

Host: francecourses.com
URL: https://francecourses.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a02:4780:27:1147:0:2471:9b8b:2 Paris, France, ASN47583 (AS-HOSTINGER, CY),

Reverse DNS

Software

LiteSpeed /

Resource Hash

87f94d1c864f64f059185532d5c13dc78fa80c920ed41e0530c53285d49cd0bb

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://francecourses.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Fri, 02 Feb 2024 23:25:39 GMT
content-security-policy: upgrade-insecure-requests
last-modified: Mon, 11 Sep 2023 19:26:21 GMT
server: LiteSpeed
etag: "8483c-64ff69dd-6a540a83961f04b7;;;"
content-type: image/jpeg
cache-control: public, max-age=604800
accept-ranges: bytes
platform: hostinger
content-length: 542780
expires: Fri, 09 Feb 2024 23:25:39 GMT

GET
H/1.1 200
OK duration.css
payment.allopass.com/static/css/ Frame 76F0 3 KB
1 KB 50ms
29ms Stylesheet
text/css 185.119.26.1
WEBDEVIIN-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://payment.allopass.com/static/css/duration.css
Requested by: Host: payment.allopass.com
URL: https://payment.allopass.com/static/css/base.css?68
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 185.119.26.1 , France, ASN203544 (WEBDEVIIN-AS, FR),
Reverse DNS: 1.26.119.185.in-addr.arpa
Software: Apache /
Resource Hash: b88598db6441341112078d3c81ea00ddf76e566ad9c68dcfec28a4d5100ca7b8

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://payment.allopass.com/static/css/base.css?68
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

Date: Fri, 02 Feb 2024 23:25:39 GMT
Content-Encoding: gzip
Last-Modified: Mon, 21 Aug 2023 10:50:27 GMT
Server: Apache
ETag: "21905-b61-6036ca56d02c0"
Vary: Accept-Encoding
Content-Type: text/css
Connection: close
Accept-Ranges: bytes
Content-Length: 793

GET
H2 200 all Show response
www.pronostic-facile.fr/widget/beausoleil/quinte_infos/ Frame D41F 9 KB
4 KB 53ms
52ms Document
text/html 2606:4700:3031::ac43:b060
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://www.pronostic-facile.fr/widget/beausoleil/quinte_infos/all
Requested by: Host: www.pronostic-facile.fr
URL: https://www.pronostic-facile.fr/widget/beausoleil/script/quinte_infos
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3031::ac43:b060 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 4e3a1916445593a024f4c105a8ed9ba3316483d07afd87dd8fc0cdafc36266c3

Request headers

Referer: https://francecourses.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36
accept-language: fr-FR,fr;q=0.9

Response headers

alt-svc: h3=":443"; ma=86400
cache-control: private, max-age=0, must-revalidate
cf-cache-status: DYNAMIC
cf-ray: 84f631d2ba7e2a31-CDG
content-encoding: br
content-type: text/html; charset=utf-8
date: Fri, 02 Feb 2024 23:25:39 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=XMWJLcJ7hqbCDzLiV0muZ7TrKkT%2F%2FYAQPx9c1jkfUBPZ29W41PIx0bf9v979H8%2BprvZL%2BptoQzGGJfAgrac%2BmuUMuIKecSnQV0kd7L7Pvz3wtczZ2zLLHL7PmtGo5XgrplqEk9UPVS1S98lsbI1%2BoNHDuPJIVg%3D%3D"}],"group":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
x-runtime: 1

GET
H2 200 all Show response
www.pronostic-facile.fr/widget/partner/feed/ Frame ABEC 15 KB
6 KB 56ms
55ms Document
text/html 2606:4700:3031::ac43:b060
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://www.pronostic-facile.fr/widget/partner/feed/all
Requested by: Host: www.pronostic-facile.fr
URL: https://www.pronostic-facile.fr/widget/partner/script/feed
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3031::ac43:b060 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 01cf350925d5d308fbd73a4e7b492cc9b16d71418c1ebf046afb4943316876f1

Request headers

Referer: https://francecourses.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36
accept-language: fr-FR,fr;q=0.9

Response headers

alt-svc: h3=":443"; ma=86400
cache-control: private, max-age=0, must-revalidate
cf-cache-status: DYNAMIC
cf-ray: 84f631d2ba822a31-CDG
content-encoding: br
content-type: text/html; charset=utf-8
date: Fri, 02 Feb 2024 23:25:39 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=hQDEBWfcjAGFW34Mp7xoQiIy76TRK8a6Rpj4LaO1ujwt9FMnWyVY8BbEhkk6oRiROqEQFu0OXjHP3uB%2BJbWfmRLWbxC0evTPTMr5PK1y2MaV%2BMlJ9PBl1OiqRnKFLpI%2BOCkGwT1iCUYNu9K4Dnre4hGP4QMSsg%3D%3D"}],"group":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
x-runtime: 2

GET
H3 200 rocket-loader.min.js Show response
www.pronostic-facile.fr/cdn-cgi/scripts/7d0fa10a/cloudflare-static/ Frame D41F 12 KB
4 KB 23ms
20ms Script
application/javascript 2606:4700:3031::ac43:b060
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.pronostic-facile.fr/cdn-cgi/scripts/7d0fa10a/cloudflare-static/rocket-loader.min.js

Requested by

Host: www.pronostic-facile.fr
URL: https://www.pronostic-facile.fr/widget/beausoleil/quinte_infos/all

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:3031::ac43:b060 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

ccf00d1923b0131a10e0c6d26f95e5dee6ebf8621a27e83c5a2f68a2e0093142

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	DENY

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://www.pronostic-facile.fr/widget/beausoleil/quinte_infos/all
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Fri, 02 Feb 2024 23:25:39 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Tue, 30 Jan 2024 18:47:37 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
etag: W/"65b94449-302c"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=rntAz0r3G9sMpMlL%2FNpK0%2FfOhXc9NvxAkNcrVuePDeO6TAiiYa8ML%2FPr7hqIjPpzxQJuWw3VqLsVUkBRL0lGpE8PJd9ck%2BU%2Fo7UdKLURLmqDb5Kf34mekHXW%2BxX0e6r3oC9cjPrVLTYGnPjTyeQpvaOBlaBXjQ%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
x-frame-options: DENY
cache-control: max-age=172800, public
cf-ray: 84f631d30c002a63-CDG
expires: Sun, 04 Feb 2024 23:25:39 GMT

GET
H2 200 v84a3a4012de94ce1a686ba8c167c359c1696973893317 Show response
static.cloudflareinsights.com/beacon.min.js/ Frame D41F 20 KB
7 KB 89ms
50ms Script
text/javascript 2606:4700::6810:3965
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://static.cloudflareinsights.com/beacon.min.js/v84a3a4012de94ce1a686ba8c167c359c1696973893317
Requested by: Host: www.pronostic-facile.fr
URL: https://www.pronostic-facile.fr/widget/beausoleil/quinte_infos/all
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6810:3965 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 6153d13804862b0fc1c016cf1129f34cb7c6185f2cf4bf1a3a862eecdab50101

Request headers

Referer: https://www.pronostic-facile.fr/
Origin: https://www.pronostic-facile.fr
accept-language: fr-FR,fr;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Fri, 02 Feb 2024 23:25:39 GMT
content-encoding: gzip
last-modified: Tue, 10 Oct 2023 21:38:13 GMT
server: cloudflare
etag: W/"2023.10.0"
vary: Accept-Encoding
content-type: text/javascript;charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=86400
cross-origin-resource-policy: cross-origin
cf-ray: 84f631d34b6ff097-CDG

GET
H2 200 rss-fp-1612893811.png
cdn0.pronostic-facile.fr/images/icones/16x16/ Frame ABEC 739 B
1 KB 33ms
33ms Image
image/png 2606:4700:3031::ac43:b060
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn0.pronostic-facile.fr/images/icones/16x16/rss-fp-1612893811.png
Requested by: Host: www.pronostic-facile.fr
URL: https://www.pronostic-facile.fr/widget/partner/feed/all
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3031::ac43:b060 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 33a9e139005456be86ff3edf316e2efbb38e5f8819a6a515feb8fb2d6cba36ee

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://www.pronostic-facile.fr/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Fri, 02 Feb 2024 23:25:39 GMT
via: 1.1 d0ae3b366fa3a601b6a0ff857f3decf0.cloudfront.net (CloudFront)
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-amz-cf-pop: CDG52-P5
age: 4714
x-cache: Hit from cloudfront
alt-svc: h3=":443"; ma=86400
content-length: 739
last-modified: Tue, 09 Feb 2021 18:03:31 GMT
server: cloudflare
etag: "6022ce73-2e3"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=mYm%2Fvfz5SDQgYpenkz64aFACKzHscMc6NORyb2SVOX1EHg9uIc5lokk9sU1KGMzt91yiI5pfGNpVqvV41pwN9YTLR9XPiozf0HeyqJnnO2BNmDhKNYKiH74Ccd%2B6Kgp9W5y0EjkzO8AwlQ%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=315360000
accept-ranges: bytes
cf-ray: 84f631d30aea2a31-CDG
x-amz-cf-id: N5Ld0jGd1B6iS6UDlOd_AVdFrgnj5mM7Mo0usU42UdzkwRajp82s4w==
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H3 200 rocket-loader.min.js Show response
www.pronostic-facile.fr/cdn-cgi/scripts/7d0fa10a/cloudflare-static/ Frame ABEC 12 KB
4 KB 21ms
21ms Script
application/javascript 2606:4700:3031::ac43:b060
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.pronostic-facile.fr/cdn-cgi/scripts/7d0fa10a/cloudflare-static/rocket-loader.min.js

Requested by

Host: www.pronostic-facile.fr
URL: https://www.pronostic-facile.fr/widget/partner/feed/all

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:3031::ac43:b060 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

ccf00d1923b0131a10e0c6d26f95e5dee6ebf8621a27e83c5a2f68a2e0093142

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	DENY

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://www.pronostic-facile.fr/widget/partner/feed/all
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Fri, 02 Feb 2024 23:25:39 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Tue, 30 Jan 2024 18:47:37 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
etag: W/"65b94449-302c"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=psryS67WXm3fmU%2FzLITGyUQvbrRcbAoaCIJYLTmOq8Y2piTC5bCaHCYUAcexl%2B7ybp8ZZppq%2FpIWWghNcdoovvoorST%2BL7zKcEDd9DEwGZQQfqyOCfDMQUykivm8B0plu1ZdkTlUXsA0p6MI1vCsFwlPVwPUuA%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
x-frame-options: DENY
cache-control: max-age=172800, public
cf-ray: 84f631d30c022a63-CDG
expires: Sun, 04 Feb 2024 23:25:39 GMT

GET
H2 200 v84a3a4012de94ce1a686ba8c167c359c1696973893317 Show response
static.cloudflareinsights.com/beacon.min.js/ Frame ABEC 20 KB
7 KB 84ms
48ms Script
text/javascript 2606:4700::6810:3965
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://static.cloudflareinsights.com/beacon.min.js/v84a3a4012de94ce1a686ba8c167c359c1696973893317
Requested by: Host: www.pronostic-facile.fr
URL: https://www.pronostic-facile.fr/widget/partner/feed/all
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6810:3965 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 6153d13804862b0fc1c016cf1129f34cb7c6185f2cf4bf1a3a862eecdab50101

Request headers

Referer: https://www.pronostic-facile.fr/
Origin: https://www.pronostic-facile.fr
accept-language: fr-FR,fr;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Fri, 02 Feb 2024 23:25:39 GMT
content-encoding: gzip
last-modified: Tue, 10 Oct 2023 21:38:13 GMT
server: cloudflare
etag: W/"2023.10.0"
vary: Accept-Encoding
content-type: text/javascript;charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=86400
cross-origin-resource-policy: cross-origin
cf-ray: 84f631d34b70f097-CDG

GET
DATA 200
OK truncated
/ Frame ABEC 1 KB
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: cc1f17eb97dc9ae2e869982ff18c92729195281f5b6b685128e10778b24e73a3

Request headers

accept-language: fr-FR,fr;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

Content-Type: image/png

GET
H2 200 js Show response
www.googletagmanager.com/gtag/ Frame D41F 189 KB
68 KB 50ms
50ms Script
application/javascript 2a00:1450:4001:810::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=UA-630351-12

Requested by

Host: www.pronostic-facile.fr
URL: https://www.pronostic-facile.fr/cdn-cgi/scripts/7d0fa10a/cloudflare-static/rocket-loader.min.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:810::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

70a918b785a183035a85147c05b8deb2c84ffa4ca04d7855e30a21bb48bdcbde

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://www.pronostic-facile.fr/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Fri, 02 Feb 2024 23:25:39 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 69822
x-xss-protection: 0
last-modified: Fri, 02 Feb 2024 21:00:00 GMT
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Fri, 02 Feb 2024 23:25:39 GMT

GET
H2 200 js Show response
www.googletagmanager.com/gtag/ Frame ABEC 189 KB
68 KB 39ms
39ms Script
application/javascript 2a00:1450:4001:810::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=UA-630351-12

Requested by

Host: www.pronostic-facile.fr
URL: https://www.pronostic-facile.fr/cdn-cgi/scripts/7d0fa10a/cloudflare-static/rocket-loader.min.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:810::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

70a918b785a183035a85147c05b8deb2c84ffa4ca04d7855e30a21bb48bdcbde

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://www.pronostic-facile.fr/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Fri, 02 Feb 2024 23:25:39 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 69822
x-xss-protection: 0
last-modified: Fri, 02 Feb 2024 21:00:00 GMT
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Fri, 02 Feb 2024 23:25:39 GMT

POST
H3 204 rum Show response
www.pronostic-facile.fr/cdn-cgi/ Frame ABEC 0
147 B 22ms
22ms XHR
text/plain 2606:4700:3031::ac43:b060
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.pronostic-facile.fr/cdn-cgi/rum?

Requested by

Host: static.cloudflareinsights.com
URL: https://static.cloudflareinsights.com/beacon.min.js/v84a3a4012de94ce1a686ba8c167c359c1696973893317

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:3031::ac43:b060 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	DENY

Request headers

Referer: https://www.pronostic-facile.fr/widget/partner/feed/all
accept-language: fr-FR,fr;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36
content-type: application/json

Response headers

date: Fri, 02 Feb 2024 23:25:39 GMT
x-content-type-options: nosniff
server: cloudflare
vary: Origin
access-control-max-age: 86400
access-control-allow-methods: POST,OPTIONS
access-control-allow-origin: https://www.pronostic-facile.fr
x-frame-options: DENY
access-control-allow-credentials: true
cf-ray: 84f631d3ac6c2a63-CDG

POST
H3 204 rum Show response
www.pronostic-facile.fr/cdn-cgi/ Frame D41F 0
147 B 21ms
21ms XHR
text/plain 2606:4700:3031::ac43:b060
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.pronostic-facile.fr/cdn-cgi/rum?

Requested by

Host: static.cloudflareinsights.com
URL: https://static.cloudflareinsights.com/beacon.min.js/v84a3a4012de94ce1a686ba8c167c359c1696973893317

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:3031::ac43:b060 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	DENY

Request headers

Referer: https://www.pronostic-facile.fr/widget/beausoleil/quinte_infos/all
accept-language: fr-FR,fr;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36
content-type: application/json

Response headers

date: Fri, 02 Feb 2024 23:25:39 GMT
x-content-type-options: nosniff
server: cloudflare
vary: Origin
access-control-max-age: 86400
access-control-allow-methods: POST,OPTIONS
access-control-allow-origin: https://www.pronostic-facile.fr
x-frame-options: DENY
access-control-allow-credentials: true
cf-ray: 84f631d3ac6d2a63-CDG

GET
H3 200 js Show response
www.googletagmanager.com/gtag/ Frame ABEC 228 KB
80 KB 40ms
40ms Script
application/javascript 2a00:1450:4001:810::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=G-PEY0K16Y5K&l=dataLayer&cx=c

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=UA-630351-12

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:810::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

11cb9bbdbd62a92aba476dce6d0e56bd7399acc83ba80660e3d5d50af8dd17ae

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://www.pronostic-facile.fr/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Fri, 02 Feb 2024 23:25:39 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
access-control-allow-headers: Cache-Control
content-length: 82293
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires: Fri, 02 Feb 2024 23:25:39 GMT

GET
H2 200 analytics.js Show response
www.google-analytics.com/ Frame ABEC 52 KB
21 KB 80ms
24ms Script
text/javascript 2a00:1450:4001:82b::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/analytics.js

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=UA-630351-12

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82b::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

de36e50194320a7d3ef1ace9bd34a875a8bd458b253c061979dd628e9bf49afd

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://www.pronostic-facile.fr/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

strict-transport-security: max-age=10886400; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
date: Fri, 02 Feb 2024 21:48:09 GMT
last-modified: Tue, 12 Dec 2023 18:09:08 GMT
server: Golfe2
age: 5850
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=7200
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 20994
expires: Fri, 02 Feb 2024 23:48:09 GMT

GET
H3 200 js Show response
www.googletagmanager.com/gtag/ Frame D41F 228 KB
80 KB 43ms
43ms Script
application/javascript 2a00:1450:4001:810::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=G-PEY0K16Y5K&l=dataLayer&cx=c

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=UA-630351-12

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:810::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

6e2ab55f018567441e7a4acd09d0d369d14bab7b56c464fec3b7aeadcc4d6ce2

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://www.pronostic-facile.fr/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Fri, 02 Feb 2024 23:25:39 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
access-control-allow-headers: Cache-Control
content-length: 82299
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires: Fri, 02 Feb 2024 23:25:39 GMT

GET
H2 200 analytics.js Show response
www.google-analytics.com/ Frame D41F 52 KB
21 KB 83ms
33ms Script
text/javascript 2a00:1450:4001:82b::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/analytics.js

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=UA-630351-12

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82b::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

de36e50194320a7d3ef1ace9bd34a875a8bd458b253c061979dd628e9bf49afd

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://www.pronostic-facile.fr/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

strict-transport-security: max-age=10886400; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
date: Fri, 02 Feb 2024 21:48:09 GMT
last-modified: Tue, 12 Dec 2023 18:09:08 GMT
server: Golfe2
age: 5850
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=7200
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 20994
expires: Fri, 02 Feb 2024 23:48:09 GMT

GET
H/1.1 200
OK secure-lock.gif
payment.allopass.com/static/css/icons/ Frame 76F0 181 B
418 B 55ms
19ms Image
image/gif 185.119.26.1
WEBDEVIIN-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://payment.allopass.com/static/css/icons/secure-lock.gif
Requested by: Host: payment.allopass.com
URL: https://payment.allopass.com/static/css/base.css?68
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 185.119.26.1 , France, ASN203544 (WEBDEVIIN-AS, FR),
Reverse DNS: 1.26.119.185.in-addr.arpa
Software: Apache /
Resource Hash: b74d93c2e43195ed06c03dcc855663cce5faec3d82a53598eb84f0714bb5ced9

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://payment.allopass.com/static/css/base.css?68
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

Date: Fri, 02 Feb 2024 23:25:39 GMT
Last-Modified: Mon, 21 Aug 2023 10:50:27 GMT
Server: Apache
ETag: "40f91-b5-6036ca56d02c0"
Content-Type: image/gif
Connection: close
Accept-Ranges: bytes
Content-Length: 181

GET
H/1.1 200
OK field.png
payment.allopass.com/static/css/images/ Frame 76F0 170 B
407 B 54ms
18ms Image
image/png 185.119.26.1
WEBDEVIIN-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://payment.allopass.com/static/css/images/field.png
Requested by: Host: payment.allopass.com
URL: https://payment.allopass.com/static/css/base.css?68
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 185.119.26.1 , France, ASN203544 (WEBDEVIIN-AS, FR),
Reverse DNS: 1.26.119.185.in-addr.arpa
Software: Apache /
Resource Hash: 7ffb9e58d885b0eaf644c52103b65f0019590149c75e77ff18f826d9bb3fa4e9

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://payment.allopass.com/static/css/base.css?68
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

Date: Fri, 02 Feb 2024 23:25:39 GMT
Last-Modified: Mon, 21 Aug 2023 10:50:27 GMT
Server: Apache
ETag: "21960-aa-6036ca56d02c0"
Content-Type: image/png
Connection: close
Accept-Ranges: bytes
Content-Length: 170

GET
H/1.1 200
OK allopass-logo-small.svg
payment.allopass.com/static/css/images/ Frame 76F0 116 KB
116 KB 54ms
19ms Image
image/svg+xml 185.119.26.1
WEBDEVIIN-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://payment.allopass.com/static/css/images/allopass-logo-small.svg
Requested by: Host: payment.allopass.com
URL: https://payment.allopass.com/static/css/base.css?68
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 185.119.26.1 , France, ASN203544 (WEBDEVIIN-AS, FR),
Reverse DNS: 1.26.119.185.in-addr.arpa
Software: Apache /
Resource Hash: a82d1b3a85473bad87120c7d6b42782c0b5132e88feab8d6bd22a65ac85f70d4

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://payment.allopass.com/static/css/base.css?68
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

Date: Fri, 02 Feb 2024 23:25:39 GMT
Last-Modified: Mon, 21 Aug 2023 10:50:27 GMT
Server: Apache
ETag: "21646-1cf64-6036ca56d02c0"
Content-Type: image/svg+xml
Connection: close
Accept-Ranges: bytes
Content-Length: 118628

GET
H/1.1 200
OK carousel-row-mobiyo.png
payment.allopass.com/static/css/images/ Frame 76F0 87 KB
87 KB 55ms
19ms Image
image/png 185.119.26.1
WEBDEVIIN-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://payment.allopass.com/static/css/images/carousel-row-mobiyo.png
Requested by: Host: payment.allopass.com
URL: https://payment.allopass.com/static/css/carousel.css?68
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 185.119.26.1 , France, ASN203544 (WEBDEVIIN-AS, FR),
Reverse DNS: 1.26.119.185.in-addr.arpa
Software: Apache /
Resource Hash: 5b0231eec0d06b77f534fe202e99a40e89685551d6f1afdebc3c581e3ea76a0b

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://payment.allopass.com/static/css/carousel.css?68
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

Date: Fri, 02 Feb 2024 23:25:39 GMT
Last-Modified: Mon, 21 Aug 2023 10:50:27 GMT
Server: Apache
ETag: "2173d-15a80-6036ca56d02c0"
Content-Type: image/png
Connection: close
Accept-Ranges: bytes
Content-Length: 88704

GET
H3 200 destination Show response
www.googletagmanager.com/gtag/ Frame 76F0 292 KB
96 KB 40ms
40ms Script
application/javascript 2a00:1450:4001:810::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/destination?id=G-QG320G96PZ&l=dataLayer&cx=c

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-NVK252XV

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:810::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

3a5e225991d6dabdfab6506bd6cddc89d2be94f2bcaa3336e142be34ff081791

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://payment.allopass.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Fri, 02 Feb 2024 23:25:40 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
access-control-allow-headers: Cache-Control
content-length: 97791
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires: Fri, 02 Feb 2024 23:25:40 GMT

POST
H2 200 chk.php Show response
gmu-apps.com/ Frame 76F0 0
94 B 479ms
167ms XHR
text/html 54.183.117.230
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://gmu-apps.com/chk.php
Requested by: Host: banco3.onlc.fr
URL: https://banco3.onlc.fr/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 54.183.117.230 San Jose, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-54-183-117-230.us-west-1.compute.amazonaws.com
Software: Apache /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://payment.allopass.com/
accept-language: fr-FR,fr;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36
Content-Type: application/x-www-form-urlencoded

Response headers

access-control-allow-origin: *
date: Fri, 02 Feb 2024 23:25:41 GMT
server: Apache
content-length: 0
content-type: text/html; charset=UTF-8

Verdicts & Comments Add Verdict or Comment

11 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

3 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
banco3.onlc.fr/	1970-01-20 18:09:12	Name: PHPSESSID Value: 19j468qo37ebbfk8bhim3h90vr
payment.allopass.com/	1969-12-31 23:59:59	Name: ShopSessionId Value: ce26bcf4-acf5-4e21-a7fc-8d771fcce686
.allopass.com/	1970-01-21 02:54:12	Name: AP_CUSK Value: 3642348861

40 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
security	warning	URL: https://banco3.onlc.fr/ Message: Mixed Content: The page at 'https://banco3.onlc.fr/' was loaded over HTTPS, but requested an insecure element 'http://s10.flagcounter.com/map/rsen/size_s/txt_000000/border_CCCCCC/pageviews_1/viewers_0/flags_0/'. This request was automatically upgraded to HTTPS, For more information see https://blog.chromium.org/2019/10/no-more-mixed-messages-about-https.html
security	warning	URL: https://banco3.onlc.fr/(Line 130) Message: Mixed Content: The page at 'https://banco3.onlc.fr/' was loaded over HTTPS, but requested an insecure element 'http://s10.flagcounter.com/map/rsen/size_s/txt_000000/border_CCCCCC/pageviews_1/viewers_0/flags_0/'. This request was automatically upgraded to HTTPS, For more information see https://blog.chromium.org/2019/10/no-more-mixed-messages-about-https.html
other	warning	URL: https://banco3.onlc.fr/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://banco3.onlc.fr/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://banco3.onlc.fr/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://banco3.onlc.fr/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://banco3.onlc.fr/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://banco3.onlc.fr/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://banco3.onlc.fr/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://banco3.onlc.fr/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://banco3.onlc.fr/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://banco3.onlc.fr/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://banco3.onlc.fr/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://banco3.onlc.fr/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://banco3.onlc.fr/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://banco3.onlc.fr/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://banco3.onlc.fr/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://banco3.onlc.fr/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://banco3.onlc.fr/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://banco3.onlc.fr/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://banco3.onlc.fr/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://banco3.onlc.fr/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://banco3.onlc.fr/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://banco3.onlc.fr/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://banco3.onlc.fr/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://banco3.onlc.fr/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://banco3.onlc.fr/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://banco3.onlc.fr/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://banco3.onlc.fr/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://banco3.onlc.fr/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://banco3.onlc.fr/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://banco3.onlc.fr/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://banco3.onlc.fr/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://banco3.onlc.fr/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://banco3.onlc.fr/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://banco3.onlc.fr/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://banco3.onlc.fr/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://banco3.onlc.fr/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://banco3.onlc.fr/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://banco3.onlc.fr/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

ajax.googleapis.com
banco3.onlc.fr
cdn.jsdelivr.net
cdn0.pronostic-facile.fr
cdnjs.cloudflare.com
francecourses.com
gmu-apps.com
payment.allopass.com
s10.flagcounter.com
static.cloudflareinsights.com
static.onlc.eu
www.google-analytics.com
www.googletagmanager.com
www.pronostic-facile.fr
185.119.26.1
2606:4700:20::681a:1f9
2606:4700:20::681a:6a2
2606:4700:3031::ac43:b060
2606:4700::6810:3965
2606:4700::6810:5914
2606:4700::6811:190e
2a00:1450:4001:810::2008
2a00:1450:4001:81c::200a
2a00:1450:4001:82b::200e
2a02:4780:27:1147:0:2471:9b8b:2
45.58.124.226
54.183.117.230
01cf350925d5d308fbd73a4e7b492cc9b16d71418c1ebf046afb4943316876f1
05f0cede476f89a22a51371c76f43a7c1ad81ba3a7607075b4432f99f592029a
0ae51d165e857dcaf5457e5b59239fd1adf09bcb58deb336a4704853272f8fb1
11cb9bbdbd62a92aba476dce6d0e56bd7399acc83ba80660e3d5d50af8dd17ae
16393c3e769e20445f7f78adf6a188dae9d932249842c1033dc2144bac1296ac
178f8ce68c079d701fb2d8e636b6c0ce046c1ad7f7294d22398a8d374de0c50c
1decf61f3465e4585a9a8cd868c343796bb6f43dfd1f03fa0b361dab97b4627c
2a6bffd614771fc60619abe7e7f1ccebe3d1434e83abe9947821edb5a588e786
2d0d688227d7a366fbe9b7c56a889cc66784190277581f52a7e82bc2996c1d1d
33a9e139005456be86ff3edf316e2efbb38e5f8819a6a515feb8fb2d6cba36ee
3975eb898756e296608f964f0fe799ecf25bbf79467666a3c3218dad3db1de6e
3a5e225991d6dabdfab6506bd6cddc89d2be94f2bcaa3336e142be34ff081791
4104a267c7a5a5f95617a0161dc278892d36b6a603fd10314b5629a436f7f37f
47b68dce8cb6805ad5b3ea4d27af92a241f4e29a5c12a274c852e4346a0500b4
49d27f3ea606ba1b50258dd4b6fe16e83f1b9c5f7a0fae518398149aee2ae043
4e3a1916445593a024f4c105a8ed9ba3316483d07afd87dd8fc0cdafc36266c3
513cec403f6af81be17808ef9b227d5ea5a3ffa19eb5bcf72b035b5f3d802a25
52ed3db08547075f5bba86c1ddb148bc3b0953fa2b1d3e564d1988a369736974
54df4beda3ad05d5c621511ff15b2882588ff457e36132035d5f21fb29f2a750
5544764b0ce3f547366a931223094c6c1ed1d340e9abb5fb1d4789f44c02a472
5b0231eec0d06b77f534fe202e99a40e89685551d6f1afdebc3c581e3ea76a0b
5ecb9fa015efa552725f2848be3041a9efca1ae5854c0694ba9cc468e84f972d
6153d13804862b0fc1c016cf1129f34cb7c6185f2cf4bf1a3a862eecdab50101
6e2ab55f018567441e7a4acd09d0d369d14bab7b56c464fec3b7aeadcc4d6ce2
70a918b785a183035a85147c05b8deb2c84ffa4ca04d7855e30a21bb48bdcbde
7183a05060f815ad74aab94bc85e6d98cb03491fac64c7f96523628074074312
7ffb9e58d885b0eaf644c52103b65f0019590149c75e77ff18f826d9bb3fa4e9
87f94d1c864f64f059185532d5c13dc78fa80c920ed41e0530c53285d49cd0bb
8db08a66fc20669ae93e6d8e919f56a863ce77d3e1ea0bb97efc4c35da450435
97a9de3830f4bd7bcb7cf4805dbdcf1f4c6e843fcd4a814c6a5d7bc2b11fee1a
a3ecfe4da73d3f04f54aca493982a068a9e328942a64100bfc976cbae9cafb10
a82d1b3a85473bad87120c7d6b42782c0b5132e88feab8d6bd22a65ac85f70d4
a9eccfd8fa2dc13ea8cc64cb51317ab17db1c0c28dda4f67bfd8f480750d1b2c
b74d93c2e43195ed06c03dcc855663cce5faec3d82a53598eb84f0714bb5ced9
b88598db6441341112078d3c81ea00ddf76e566ad9c68dcfec28a4d5100ca7b8
bcc6c597c6737248a4fe4c3fa808966dcb036c9d616b453e885f6fcaa3b36884
c0a130d7b90ac605b17acd40337aa673f2f6b1779801ba8ea7d894d38b87ba36
c1893b3f02db32e36ee562842bc299d27c047656416c204667abf42f04777d2a
c190fd4534143b46005a1fb176e61c80c6dc36b7893ba45f2d5480217dfcb8c3
c8370a2d050359e9d505acc411e6f457a49b21360a21e6cbc9229bad3a767899
ca9db144acb25acb923cacb7e0224040e5baa5e442e9a16982acb16187bfde36
cc1f17eb97dc9ae2e869982ff18c92729195281f5b6b685128e10778b24e73a3
ccf00d1923b0131a10e0c6d26f95e5dee6ebf8621a27e83c5a2f68a2e0093142
cdca24fd19906ad7adbf066e55d3ee87750c3901e9b5d1beb538408274d32109
d176bb09818fe74dc0e1d369c411c2e3ca68bbf64a8eb76b43ec306520229833
d2ea6c1e0cabca20d18e924b25a1cd0187c38ba7c33f60ab06e1b0402b9bcdb5
d8f9afbf492e4c139e9d2bcb9ba6ef7c14921eb509fb703bc7a3f911b774eff8
d939d21f27010c09b6c2966681d8b4cfcd64ca418f240922518f967fded16ef6
de36e50194320a7d3ef1ace9bd34a875a8bd458b253c061979dd628e9bf49afd
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e973bbf7a3bd136c91667840051b7bcfb0a7d8a675f37347dda6f02f09a32e34
ec1e78be371a37bb7191514684de498dfffa760040f873fcb380484873d84392
ecb916133a9376911f10bc5c659952eb0031e457f5df367cde560edbfba38fb8
faf063f091dd745b82f9aeb12544a10ef3ee5989078c1a90d377d863fff884c7
fb096d7b15e552d02d68be94dc687b1183311c83ec203ba75c126bf7b0462415

banco3.onlc.fr Open in urlscan Pro 2606:4700:20::681a:1f9 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Detected technologies

Page Statistics

60 Requests

100 %HTTPS

77 %IPv6

13 Domains

14 Subdomains

14 IPs

3 Countries

2689 kBTransfer

4408 kBSize

3 Cookies

6 Outgoing links

Redirected requests

60 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 1 data transactions

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

banco3.onlc.fr Open in urlscan Pro
2606:4700:20::681a:1f9 Public Scan

Screenshot
Live screenshot

Full Image

60
Requests

100 %
HTTPS

77 %
IPv6

13
Domains

14
Subdomains

14
IPs

3
Countries

2689 kB
Transfer

4408 kB
Size

3
Cookies

60 HTTP transactions
1 data transactions