urlscan.io logo urlscan.io
SecurityTrails logo

emergencetrio.fi4s.net Open in urlscan Pro
80.80.233.53  Public Scan

Go To Rescan Add Verdict Report
URL: http://emergencetrio.fi4s.net/index.php
Submission: On July 01 via manual from SN — Scanned from DE
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 9 IPs in 4 countries across 9 domains to perform 22 HTTP transactions. The main IP is 80.80.233.53, located in Granges, Switzerland and belongs to SAFEHOSTNET Colocation center in Geneva, CH. The main domain is emergencetrio.fi4s.net.
This is the only time emergencetrio.fi4s.net was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
7 80.80.233.53 21217 (SAFEHOSTN...)
1 194.150.236.190 44976 (HIWIT_AS)
1 91.216.107.79 210403 (LWS)
2 2 2606:4700:303... 13335 (CLOUDFLAR...)
1 2001:bc8:1200... 12876 (Online SAS)
2 8 2606:4700:303... 13335 (CLOUDFLAR...)
2 2a00:1450:400... 15169 (GOOGLE)
2 2606:4700:440... 13335 (CLOUDFLAR...)
2 2a00:1450:400... 15169 (GOOGLE)
22 9
7    80.80.233.53 (Granges, Switzerland)

ASN21217 (SAFEHOSTNET Colocation center in Geneva, CH)
PTR: hosting01.services.oxito.com
emergencetrio.fi4s.net
1    194.150.236.190 (France)

ASN44976 (HIWIT_AS, FR)
PTR: ns30.hiwit.net
www.kadopronos.com
1    91.216.107.79 (France)

ASN210403 (LWS, FR)
maxigainpmu.com
2    2606:4700:3038::6815:ea1b (United States)

ASN13335 (CLOUDFLARENET, US)
img.root-top.com
1    2001:bc8:1200:1b01::1 (France)

ASN12876 (Online SAS, FR)
i.goopics.net
8    2606:4700:3034::6815:15de (United States)

ASN13335 (CLOUDFLARENET, US)
www.pronostic-facile.fr
2    2a00:1450:4001:80f::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.googletagmanager.com
2    2606:4700:440e::ac40:9c1a (United States)

ASN13335 (CLOUDFLARENET, US)
static.cloudflareinsights.com
2    2a00:1450:4001:82a::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.google-analytics.com
Apex Domain
Subdomains		 Transfer
8 pronostic-facile.fr
www.pronostic-facile.fr
11 KB
7 fi4s.net
emergencetrio.fi4s.net
145 KB
2 google-analytics.com
www.google-analytics.com — Cisco Umbrella Rank: 49
39 KB
2 cloudflareinsights.com
static.cloudflareinsights.com — Cisco Umbrella Rank: 1325
10 KB
2 googletagmanager.com
www.googletagmanager.com — Cisco Umbrella Rank: 89
79 KB
2 root-top.com
img.root-top.com
1 KB
1 goopics.net
i.goopics.net — Cisco Umbrella Rank: 293840
205 KB
1 maxigainpmu.com
maxigainpmu.com
367 KB
1 kadopronos.com
www.kadopronos.com
21 KB
22 9
Domain Requested by
8 www.pronostic-facile.fr 2 redirects emergencetrio.fi4s.net
www.pronostic-facile.fr
static.cloudflareinsights.com
7 emergencetrio.fi4s.net emergencetrio.fi4s.net
2 www.google-analytics.com www.googletagmanager.com
2 static.cloudflareinsights.com www.pronostic-facile.fr
2 www.googletagmanager.com www.pronostic-facile.fr
2 img.root-top.com 2 redirects
1 i.goopics.net emergencetrio.fi4s.net
1 maxigainpmu.com emergencetrio.fi4s.net
1 www.kadopronos.com emergencetrio.fi4s.net
22 9

This site contains links to these domains. Also see Links.

Domain
www.whatsapp.com
www.kadopronos.com
maxigainpmu.com
www.root-top.com
Subject Issuer Validity Valid
sni.cloudflaressl.com
Cloudflare Inc ECC CA-3		 2022-05-11 -
2023-05-11		 a year crt.sh
*.google-analytics.com
GTS CA 1C3		 2022-06-06 -
2022-08-29		 3 months crt.sh

This page contains 3 frames:

Primary Page: http://emergencetrio.fi4s.net/index.php
Frame ID: 53556C441263F260D4FD65E53F933B8C
Requests: 13 HTTP requests in this frame

Frame: https://www.pronostic-facile.fr/widget/partner/quinte_result/all
Frame ID: 9C0B891ABA9F8591F2B2F8EDC30C3643
Requests: 5 HTTP requests in this frame

Frame: https://www.pronostic-facile.fr/widget/partner/quinte_runners/all
Frame ID: 67B45B3D6C29D97664D8B6FE893FEBF5
Requests: 5 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page Title

.::Emergencetrio::.

Detected technologies

Overall confidence: 100%
Detected patterns
  • \.php(?:$|\?)
Overall confidence: 100%
Detected patterns
  • static\.cloudflareinsights\.com/beacon(?:\.min)?\.js
Overall confidence: 100%
Detected patterns
  • google-analytics\.com/(?:ga|urchin|analytics)\.js
Overall confidence: 100%
Detected patterns
  • googletagmanager\.com/gtag/js

Page Statistics

22
Requests

45 %
HTTPS

67 %
IPv6

9
Domains

9
Subdomains

9
IPs

4
Countries

876 kB
Transfer

1098 kB
Size

0
Cookies

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 3
  • http://img.root-top.com/topsite/maxigains/banner.gif HTTP 301
  • https://img.root-top.com/topsite/maxigains/banner.gif HTTP 302
  • https://i.goopics.net/PX04d.gif
Request Chain 4
  • http://www.pronostic-facile.fr/widget/partner/script/quinte_result HTTP 301
  • https://www.pronostic-facile.fr/widget/partner/script/quinte_result
Request Chain 5
  • http://www.pronostic-facile.fr/widget/partner/script/quinte_runners HTTP 301
  • https://www.pronostic-facile.fr/widget/partner/script/quinte_runners

22 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Primary Request index.php
emergencetrio.fi4s.net/ 		23 KB
23 KB 		Document
General
Check archive.org
Download Go to
Full URL
http://emergencetrio.fi4s.net/index.php
Protocol
HTTP/1.1
Server
80.80.233.53 Granges, Switzerland, ASN21217 (SAFEHOSTNET Colocation center in Geneva, CH),
Reverse DNS
hosting01.services.oxito.com
Software
Apache/2.4.6 () OpenSSL/1.0.2k-fips mod_fcgid/2.3.9 / PHP/5.5.38
Resource Hash
ecc430d828b57817d53476d40473da851974fb71ddaa26e4276e90649338ea95

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

Content-Type
text/html
Date
Fri, 01 Jul 2022 21:20:23 GMT
Server
Apache/2.4.6 () OpenSSL/1.0.2k-fips mod_fcgid/2.3.9
Transfer-Encoding
chunked
X-Powered-By
PHP/5.5.38
special.css
emergencetrio.fi4s.net/css/ 		4 KB
4 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
http://emergencetrio.fi4s.net/css/special.css
Requested by
Host: emergencetrio.fi4s.net
URL: http://emergencetrio.fi4s.net/index.php
Protocol
HTTP/1.1
Server
80.80.233.53 Granges, Switzerland, ASN21217 (SAFEHOSTNET Colocation center in Geneva, CH),
Reverse DNS
hosting01.services.oxito.com
Software
Apache/2.4.6 () OpenSSL/1.0.2k-fips mod_fcgid/2.3.9 /
Resource Hash
95a444fc03f71cf90c6fc9d03d63fdc7c20f74539ceb918e60312df2b251e4f8

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://emergencetrio.fi4s.net/index.php
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

Date
Fri, 01 Jul 2022 21:20:24 GMT
Last-Modified
Tue, 07 Apr 2020 07:40:30 GMT
Server
Apache/2.4.6 () OpenSSL/1.0.2k-fips mod_fcgid/2.3.9
Accept-Ranges
bytes
ETag
"f0d-5a2ae7f7d374a"
Content-Length
3853
Content-Type
text/css
logo.gif
www.kadopronos.com/ 		21 KB
21 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
http://www.kadopronos.com/logo.gif
Requested by
Host: emergencetrio.fi4s.net
URL: http://emergencetrio.fi4s.net/index.php
Protocol
HTTP/1.1
Server
194.150.236.190 , France, ASN44976 (HIWIT_AS, FR),
Reverse DNS
ns30.hiwit.net
Software
Apache /
Resource Hash
ccbbbd90275e710d90aef52a56eae643a1f37efd6152467a3087947470d49616

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://emergencetrio.fi4s.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

Date
Fri, 01 Jul 2022 21:20:24 GMT
Last-Modified
Thu, 03 May 2018 10:09:50 GMT
Server
Apache
ETag
"9797a3-5338-56b4a67655780"
Vary
Host
Content-Type
image/gif
Connection
Keep-Alive
Accept-Ranges
bytes
Keep-Alive
timeout=10, max=100
Content-Length
21304
maxi_ban.gif
maxigainpmu.com/ 		366 KB
367 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
http://maxigainpmu.com/maxi_ban.gif
Requested by
Host: emergencetrio.fi4s.net
URL: http://emergencetrio.fi4s.net/index.php
Protocol
HTTP/1.1
Server
91.216.107.79 , France, ASN210403 (LWS, FR),
Reverse DNS
Software
nginx /
Resource Hash
c5a628c08f520917ae7af4095cefad04a5b8ace5b9924d1c2bd7004f76debeca

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://emergencetrio.fi4s.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

Date
Fri, 01 Jul 2022 21:20:24 GMT
Last-Modified
Sun, 30 Jul 2017 18:15:41 GMT
Server
nginx
ETag
"5b907-5558ce6ed305d"
Vary
Host
Content-Type
image/gif
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
375047
PX04d.gif
i.goopics.net/
Redirect Chain
  • http://img.root-top.com/topsite/maxigains/banner.gif
  • https://img.root-top.com/topsite/maxigains/banner.gif
  • https://i.goopics.net/PX04d.gif
204 KB
205 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://i.goopics.net/PX04d.gif
Requested by
Host: emergencetrio.fi4s.net
URL: http://emergencetrio.fi4s.net/index.php
Protocol
H2
Server
2001:bc8:1200:1b01::1 , France, ASN12876 (Online SAS, FR),
Reverse DNS
Software
nginx/1.18.0 /
Resource Hash
7047a1c38d5aa14077198535062c8294a3fadc721030cb5c3d154fc988a4a431

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://emergencetrio.fi4s.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date
Fri, 01 Jul 2022 21:20:24 GMT
x-openstack-request-id
tx3f86f1cf3aaa4592adf37-00624df685
last-modified
Sun, 21 Nov 2021 03:46:46 GMT
server
nginx/1.18.0
x-iplb-request-id
339F9F8C:95F6_3626E64B:01BB_624DF685_8B60AD:4160
etag
e4ac032f30bdaf9cf751eae5b786cfe1
x-iplb-instance
33618
x-object-meta-mtime
1594275471
access-control-allow-origin
*
x-timestamp
1637466405.26519
x-cache-status
HIT
accept-ranges
bytes
content-type
image/gif
content-length
208871
x-trans-id
tx3f86f1cf3aaa4592adf37-00624df685

Redirect headers

date
Fri, 01 Jul 2022 21:20:24 GMT
cf-cache-status
BYPASS
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=dBw9%2B3Ztljs6eyP4SlUOyZDVLof9uq6n4%2F1WXc5%2Bt0UEwp4DBLCCLtSJpA6y68JK09hZZZd5JYQef343aSRKqTe2ey13BrzIKmGmAFly8%2BIJp06QtyPkU7x2%2BOW%2B4tU%2BfG7ljVE2QpKTgytODwxs"}],"group":"cf-nel","max_age":604800}
content-type
text/html; charset=iso-8859-1
location
https://i.goopics.net/PX04d.gif
cf-ray
72422f7a4df9babb-MXP
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
quinte_result
www.pronostic-facile.fr/widget/partner/script/
Redirect Chain
  • http://www.pronostic-facile.fr/widget/partner/script/quinte_result
  • https://www.pronostic-facile.fr/widget/partner/script/quinte_result
250 B
910 B 		Script
General
Check archive.org
Download Go to
Full URL
https://www.pronostic-facile.fr/widget/partner/script/quinte_result
Requested by
Host: emergencetrio.fi4s.net
URL: http://emergencetrio.fi4s.net/index.php
Protocol
H2
Server
2606:4700:3034::6815:15de , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
384c8c2d901082eaea218d5e823a419e423c429e294879ed95621d0f0f947919

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://emergencetrio.fi4s.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

x-runtime
1
date
Fri, 01 Jul 2022 21:20:24 GMT
content-encoding
br
cf-cache-status
DYNAMIC
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=oLZ7VtGlN%2Fl6QAVNebib0BvAVI8v5TDb3V9gZXFx%2BIAVmum3lDmYGQWVJkvzbunb7Ry6lbsvXhNp2qMx4iBpjczuwqFXqLC3lA5zDJmkwSwFEOiQEr3EPp5sJW%2BTNdr8t2J3%2FaJnlxmYinwJxEbM53olloPnbg%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
text/html; charset=utf-8
cache-control
private, max-age=0, must-revalidate
cf-ray
72422f7a2a473752-MXP
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400

Redirect headers

Date
Fri, 01 Jul 2022 21:20:24 GMT
CF-Cache-Status
DYNAMIC
NEL
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Server
cloudflare
Transfer-Encoding
chunked
Report-To
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=RFla1rE89xC%2BI%2FlsUjCYHloBqGYFFhbSyuVNAu4YCdPkLV56KMv13JNEfAyfZir0RXWBn8ChdX1PlGjQ6TF%2F4TD1hSyiHSxVGLuQb53w2e5XK38JSD45Gce7W67fDMXncyYJ80BVfKa0A%2FtJw4lsnFUuDK02fw%3D%3D"}],"group":"cf-nel","max_age":604800}
Content-Type
text/html
Location
https://www.pronostic-facile.fr/widget/partner/script/quinte_result
Connection
keep-alive
CF-RAY
72422f797abdbab7-MXP
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
quinte_runners
www.pronostic-facile.fr/widget/partner/script/
Redirect Chain
  • http://www.pronostic-facile.fr/widget/partner/script/quinte_runners
  • https://www.pronostic-facile.fr/widget/partner/script/quinte_runners
251 B
614 B 		Script
General
Check archive.org
Download Go to
Full URL
https://www.pronostic-facile.fr/widget/partner/script/quinte_runners
Requested by
Host: emergencetrio.fi4s.net
URL: http://emergencetrio.fi4s.net/index.php
Protocol
H2
Server
2606:4700:3034::6815:15de , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
c12334f075c3ef7a6c6fd68e3e441221457c69d7e6629fbc74d38b57c267ccd6

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://emergencetrio.fi4s.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

x-runtime
1
date
Fri, 01 Jul 2022 21:20:24 GMT
content-encoding
br
cf-cache-status
DYNAMIC
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=D%2F%2FQWwxcpcXc6%2FHDi3rGOhVsvYZ%2F2tjelzVgSXhM1bXph90x%2FLA1Kbg88GoWR6yoZizZBnXlofxW9U5Qsr%2BtitvrNuEPMeMGCw1eBWy%2F8%2BbbqsFqNxeYP89n8RP0MRVbWZPJTg6LYG1UgLqQVlRtk1lX85WRiQ%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
text/html; charset=utf-8
cache-control
private, max-age=0, must-revalidate
cf-ray
72422f7a2a483752-MXP
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400

Redirect headers

Date
Fri, 01 Jul 2022 21:20:24 GMT
CF-Cache-Status
DYNAMIC
NEL
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Server
cloudflare
Transfer-Encoding
chunked
Report-To
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=G5kiqPskM8ZPHxQSDukkU%2Fs1EsC9zAnImEnWkdXBc0AKncCn4Gqh%2BrzIsqMJcIE0MiSDrqUA5ONPR1AWghPAi9oLSCEMiglU7dZ9l1QoTcuQXu0Y%2BXSihPYEW1%2FRwxMoVqNSSpRLdGSK4Gwc4kDn6qjGQVWrBw%3D%3D"}],"group":"cf-nel","max_age":604800}
Content-Type
text/html
Location
https://www.pronostic-facile.fr/widget/partner/script/quinte_runners
Connection
keep-alive
CF-RAY
72422f7978760e16-MXP
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
truncated
/ 		14 KB
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
850d78ee97ca795d18847816cd22feaa53c4ec0bbb7b2809ef1c183e38d4356b

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://emergencetrio.fi4s.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

Content-Type
image/jpeg
headBANN.png
emergencetrio.fi4s.net/banniere/ 		63 KB
63 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
http://emergencetrio.fi4s.net/banniere/headBANN.png
Requested by
Host: emergencetrio.fi4s.net
URL: http://emergencetrio.fi4s.net/css/special.css
Protocol
HTTP/1.1
Server
80.80.233.53 Granges, Switzerland, ASN21217 (SAFEHOSTNET Colocation center in Geneva, CH),
Reverse DNS
hosting01.services.oxito.com
Software
Apache/2.4.6 () OpenSSL/1.0.2k-fips mod_fcgid/2.3.9 /
Resource Hash
ab7f52decc0296848548b03611c401692c564dec9b63982e719e95fea83a28a4

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://emergencetrio.fi4s.net/css/special.css
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

Date
Fri, 01 Jul 2022 21:20:24 GMT
Last-Modified
Tue, 07 Apr 2020 07:40:21 GMT
Server
Apache/2.4.6 () OpenSSL/1.0.2k-fips mod_fcgid/2.3.9
Accept-Ranges
bytes
ETag
"fada-5a2ae7ef25c64"
Content-Length
64218
Content-Type
image/png
CHEV.jpg
emergencetrio.fi4s.net/ 		8 KB
8 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
http://emergencetrio.fi4s.net/CHEV.jpg
Requested by
Host: emergencetrio.fi4s.net
URL: http://emergencetrio.fi4s.net/css/special.css
Protocol
HTTP/1.1
Server
80.80.233.53 Granges, Switzerland, ASN21217 (SAFEHOSTNET Colocation center in Geneva, CH),
Reverse DNS
hosting01.services.oxito.com
Software
Apache/2.4.6 () OpenSSL/1.0.2k-fips mod_fcgid/2.3.9 /
Resource Hash
e5ebd07720c31a6e76e1d4a214ec28889ceaeb334c424ce85b90a474718ce7c2

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://emergencetrio.fi4s.net/css/special.css
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

Date
Fri, 01 Jul 2022 21:20:24 GMT
Last-Modified
Tue, 07 Apr 2020 07:39:30 GMT
Server
Apache/2.4.6 () OpenSSL/1.0.2k-fips mod_fcgid/2.3.9
Accept-Ranges
bytes
ETag
"1f81-5a2ae7bec4061"
Content-Length
8065
Content-Type
image/jpeg
btn_font.png
emergencetrio.fi4s.net/bouton/ 		32 KB
32 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
http://emergencetrio.fi4s.net/bouton/btn_font.png
Requested by
Host: emergencetrio.fi4s.net
URL: http://emergencetrio.fi4s.net/css/special.css
Protocol
HTTP/1.1
Server
80.80.233.53 Granges, Switzerland, ASN21217 (SAFEHOSTNET Colocation center in Geneva, CH),
Reverse DNS
hosting01.services.oxito.com
Software
Apache/2.4.6 () OpenSSL/1.0.2k-fips mod_fcgid/2.3.9 /
Resource Hash
104dafce825d22b501a2094b6e027c7ee2548056c79ec341923381d360bb83e2

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://emergencetrio.fi4s.net/css/special.css
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

Date
Fri, 01 Jul 2022 21:20:24 GMT
Last-Modified
Tue, 07 Apr 2020 07:40:27 GMT
Server
Apache/2.4.6 () OpenSSL/1.0.2k-fips mod_fcgid/2.3.9
Accept-Ranges
bytes
ETag
"7f25-5a2ae7f4f9f68"
Content-Length
32549
Content-Type
image/png
font_body.png
emergencetrio.fi4s.net/image/ 		3 KB
4 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
http://emergencetrio.fi4s.net/image/font_body.png
Requested by
Host: emergencetrio.fi4s.net
URL: http://emergencetrio.fi4s.net/css/special.css
Protocol
HTTP/1.1
Server
80.80.233.53 Granges, Switzerland, ASN21217 (SAFEHOSTNET Colocation center in Geneva, CH),
Reverse DNS
hosting01.services.oxito.com
Software
Apache/2.4.6 () OpenSSL/1.0.2k-fips mod_fcgid/2.3.9 /
Resource Hash
7b1b3324ca40e17567050e9d686fa9e0efc81dcb569b0754517ba9b60bb532ad

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://emergencetrio.fi4s.net/css/special.css
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

Date
Fri, 01 Jul 2022 21:20:24 GMT
Last-Modified
Tue, 07 Apr 2020 07:40:34 GMT
Server
Apache/2.4.6 () OpenSSL/1.0.2k-fips mod_fcgid/2.3.9
Accept-Ranges
bytes
ETag
"d37-5a2ae7fc089ad"
Content-Length
3383
Content-Type
image/png
bouton.gif
emergencetrio.fi4s.net/ 		11 KB
11 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
http://emergencetrio.fi4s.net/bouton.gif
Requested by
Host: emergencetrio.fi4s.net
URL: http://emergencetrio.fi4s.net/css/special.css
Protocol
HTTP/1.1
Server
80.80.233.53 Granges, Switzerland, ASN21217 (SAFEHOSTNET Colocation center in Geneva, CH),
Reverse DNS
hosting01.services.oxito.com
Software
Apache/2.4.6 () OpenSSL/1.0.2k-fips mod_fcgid/2.3.9 /
Resource Hash
348d8d4f1383bc320c4f88092e590f39c49458a2d5fa71443bbbc6c658468c52

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://emergencetrio.fi4s.net/css/special.css
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

Date
Fri, 01 Jul 2022 21:20:24 GMT
Last-Modified
Tue, 07 Apr 2020 07:39:30 GMT
Server
Apache/2.4.6 () OpenSSL/1.0.2k-fips mod_fcgid/2.3.9
Accept-Ranges
bytes
ETag
"2a82-5a2ae7bebe2a1"
Content-Length
10882
Content-Type
image/gif
all
www.pronostic-facile.fr/widget/partner/quinte_result/ Frame 9C0B 		9 KB
4 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://www.pronostic-facile.fr/widget/partner/quinte_result/all
Requested by
Host: www.pronostic-facile.fr
URL: http://www.pronostic-facile.fr/widget/partner/script/quinte_result
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3034::6815:15de , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
adca414a3a1920e3c6f609cfaa3701341cfa386d34f9a181467bedd402fd1da0

Request headers

Referer
http://emergencetrio.fi4s.net/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
cache-control
private, max-age=0, must-revalidate
cf-cache-status
DYNAMIC
cf-ray
72422f7a8ab13752-MXP
content-encoding
br
content-type
text/html; charset=utf-8
date
Fri, 01 Jul 2022 21:20:24 GMT
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=IWlgD0waqMSlsnI2fqAQWyeEP7U%2Blae5vHCTA%2FbomF%2F%2FoY4pvCkyyESf1ybw2hn8PzaSv%2B1PTvu3e%2B381MwE2YtStQdBQLYG0Rah1OVvfiWOZP1fobYD6%2FWXBQHZH3Uu6G15eRnbDVuYVMvGtoTOdtyzYoxQfQ%3D%3D"}],"group":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
x-runtime
1
all
www.pronostic-facile.fr/widget/partner/quinte_runners/ Frame 67B4 		9 KB
4 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://www.pronostic-facile.fr/widget/partner/quinte_runners/all
Requested by
Host: www.pronostic-facile.fr
URL: http://www.pronostic-facile.fr/widget/partner/script/quinte_runners
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3034::6815:15de , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
32a9faeb58d0c780a08d315ecf3bc95092af24ba55939307daa5fb89fa89c232

Request headers

Referer
http://emergencetrio.fi4s.net/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
cache-control
private, max-age=0, must-revalidate
cf-cache-status
DYNAMIC
cf-ray
72422f7ac990baee-MXP
content-encoding
br
content-type
text/html; charset=utf-8
date
Fri, 01 Jul 2022 21:20:24 GMT
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=9Ll98O3LmNtTR22LW%2B%2Fe4cFZiNYfFwLFSEdVMcgUqLJNrH54EmcaVaLXPOp6v8ecr8baZdlnRn1ytVER1NPlPYun2W0IKx7CHlbXCYJCnWnPsFbvNXglQxU6J4%2BpCTdVu%2FbMs7WKiN14AzmkX7qjWXllUV0StA%3D%3D"}],"group":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
x-runtime
1
js
www.googletagmanager.com/gtag/ Frame 9C0B 		103 KB
40 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtag/js?id=UA-630351-12
Requested by
Host: www.pronostic-facile.fr
URL: https://www.pronostic-facile.fr/widget/partner/quinte_result/all
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80f::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
bbafe816e950127e0578bf55c718857fa4b646a9f91958caa90db4ae1328e0a5
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.pronostic-facile.fr/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date
Fri, 01 Jul 2022 21:20:24 GMT
content-encoding
br
vary
Accept-Encoding
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
40397
x-xss-protection
0
last-modified
Fri, 01 Jul 2022 21:00:00 GMT
server
Google Tag Manager
strict-transport-security
max-age=31536000; includeSubDomains
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
access-control-allow-headers
Cache-Control
expires
Fri, 01 Jul 2022 21:20:24 GMT
v652eace1692a40cfa3763df669d7439c1639079717194
static.cloudflareinsights.com/beacon.min.js/ Frame 9C0B 		14 KB
5 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.cloudflareinsights.com/beacon.min.js/v652eace1692a40cfa3763df669d7439c1639079717194
Requested by
Host: www.pronostic-facile.fr
URL: https://www.pronostic-facile.fr/widget/partner/quinte_result/all
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:440e::ac40:9c1a , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
fd0a1ac929c11b08e819fe4b0a18c5574012c44f09de8987c6be99a0f055a505

Request headers

Referer
https://www.pronostic-facile.fr/
Origin
https://www.pronostic-facile.fr
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date
Fri, 01 Jul 2022 21:20:24 GMT
content-encoding
gzip
last-modified
Thu, 09 Dec 2021 19:55:17 GMT
server
cloudflare
etag
W/2021.12.0
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
text/javascript;charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=86400
cross-origin-resource-policy
cross-origin
cf-ray
72422f7b18d001e7-ZRH
analytics.js
www.google-analytics.com/ Frame 9C0B 		49 KB
20 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/analytics.js
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=UA-630351-12
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82a::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
a1925038db769477ab74b4df34350c35688a795bb718727b0f4292a4a78a6210
Security Headers
Name Value
Strict-Transport-Security max-age=10886400; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.pronostic-facile.fr/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

strict-transport-security
max-age=10886400; includeSubDomains; preload
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Wed, 13 Apr 2022 21:02:38 GMT
server
Golfe2
age
935
date
Fri, 01 Jul 2022 21:04:49 GMT
vary
Accept-Encoding
content-type
text/javascript
cache-control
public, max-age=7200
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
20006
expires
Fri, 01 Jul 2022 23:04:49 GMT
js
www.googletagmanager.com/gtag/ Frame 67B4 		103 KB
39 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtag/js?id=UA-630351-12
Requested by
Host: www.pronostic-facile.fr
URL: https://www.pronostic-facile.fr/widget/partner/quinte_runners/all
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80f::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
a5186bd801207b527517a89aebff4f5df3eb3cd592773f4eb8b92a9aff07edd2
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.pronostic-facile.fr/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date
Fri, 01 Jul 2022 21:20:24 GMT
content-encoding
br
vary
Accept-Encoding
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
40395
x-xss-protection
0
last-modified
Fri, 01 Jul 2022 21:00:00 GMT
server
Google Tag Manager
strict-transport-security
max-age=31536000; includeSubDomains
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
access-control-allow-headers
Cache-Control
expires
Fri, 01 Jul 2022 21:20:24 GMT
v652eace1692a40cfa3763df669d7439c1639079717194
static.cloudflareinsights.com/beacon.min.js/ Frame 67B4 		14 KB
5 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.cloudflareinsights.com/beacon.min.js/v652eace1692a40cfa3763df669d7439c1639079717194
Requested by
Host: www.pronostic-facile.fr
URL: https://www.pronostic-facile.fr/widget/partner/quinte_runners/all
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:440e::ac40:9c1a , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
fd0a1ac929c11b08e819fe4b0a18c5574012c44f09de8987c6be99a0f055a505

Request headers

Referer
https://www.pronostic-facile.fr/
Origin
https://www.pronostic-facile.fr
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date
Fri, 01 Jul 2022 21:20:24 GMT
content-encoding
gzip
last-modified
Thu, 09 Dec 2021 19:55:17 GMT
server
cloudflare
etag
W/2021.12.0
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
text/javascript;charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=86400
cross-origin-resource-policy
cross-origin
cf-ray
72422f7b695201e7-ZRH
rum
www.pronostic-facile.fr/cdn-cgi/ Frame 9C0B 		0
172 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://www.pronostic-facile.fr/cdn-cgi/rum?
Requested by
Host: static.cloudflareinsights.com
URL: https://static.cloudflareinsights.com/beacon.min.js/v652eace1692a40cfa3763df669d7439c1639079717194
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3034::6815:15de , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options DENY

Request headers

Referer
https://www.pronostic-facile.fr/widget/partner/quinte_result/all
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36
content-type
application/json

Response headers

date
Fri, 01 Jul 2022 21:20:24 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cloudflare
x-frame-options
DENY
access-control-allow-methods
POST,OPTIONS
content-type
text/plain
access-control-allow-origin
https://www.pronostic-facile.fr
access-control-max-age
86400
access-control-allow-credentials
true
cf-ray
72422f7b9ad8baee-MXP
vary
Origin
analytics.js
www.google-analytics.com/ Frame 67B4 		49 KB
20 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/analytics.js
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=UA-630351-12
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82a::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
a1925038db769477ab74b4df34350c35688a795bb718727b0f4292a4a78a6210
Security Headers
Name Value
Strict-Transport-Security max-age=10886400; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.pronostic-facile.fr/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

strict-transport-security
max-age=10886400; includeSubDomains; preload
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Wed, 13 Apr 2022 21:02:38 GMT
server
Golfe2
age
935
date
Fri, 01 Jul 2022 21:04:49 GMT
vary
Accept-Encoding
content-type
text/javascript
cache-control
public, max-age=7200
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
20006
expires
Fri, 01 Jul 2022 23:04:49 GMT
rum
www.pronostic-facile.fr/cdn-cgi/ Frame 67B4 		0
172 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://www.pronostic-facile.fr/cdn-cgi/rum?
Requested by
Host: static.cloudflareinsights.com
URL: https://static.cloudflareinsights.com/beacon.min.js/v652eace1692a40cfa3763df669d7439c1639079717194
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3034::6815:15de , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options DENY

Request headers

Referer
https://www.pronostic-facile.fr/widget/partner/quinte_runners/all
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36
content-type
application/json

Response headers

date
Fri, 01 Jul 2022 21:20:24 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cloudflare
x-frame-options
DENY
access-control-allow-methods
POST,OPTIONS
content-type
text/plain
access-control-allow-origin
https://www.pronostic-facile.fr
access-control-max-age
86400
access-control-allow-credentials
true
cf-ray
72422f7beb56baee-MXP
vary
Origin

Verdicts & Comments Add Verdict or Comment

8 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| 0 object| 1 object| oncontextlost object| oncontextrestored function| structuredClone object| launchQueue object| onbeforematch object| navigation

0 Cookies

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

emergencetrio.fi4s.net
i.goopics.net
img.root-top.com
maxigainpmu.com
static.cloudflareinsights.com
www.google-analytics.com
www.googletagmanager.com
www.kadopronos.com
www.pronostic-facile.fr
194.150.236.190
2001:bc8:1200:1b01::1
2606:4700:3034::6815:15de
2606:4700:3038::6815:ea1b
2606:4700:440e::ac40:9c1a
2a00:1450:4001:80f::2008
2a00:1450:4001:82a::200e
80.80.233.53
91.216.107.79
104dafce825d22b501a2094b6e027c7ee2548056c79ec341923381d360bb83e2
32a9faeb58d0c780a08d315ecf3bc95092af24ba55939307daa5fb89fa89c232
348d8d4f1383bc320c4f88092e590f39c49458a2d5fa71443bbbc6c658468c52
384c8c2d901082eaea218d5e823a419e423c429e294879ed95621d0f0f947919
7047a1c38d5aa14077198535062c8294a3fadc721030cb5c3d154fc988a4a431
7b1b3324ca40e17567050e9d686fa9e0efc81dcb569b0754517ba9b60bb532ad
850d78ee97ca795d18847816cd22feaa53c4ec0bbb7b2809ef1c183e38d4356b
95a444fc03f71cf90c6fc9d03d63fdc7c20f74539ceb918e60312df2b251e4f8
a1925038db769477ab74b4df34350c35688a795bb718727b0f4292a4a78a6210
a5186bd801207b527517a89aebff4f5df3eb3cd592773f4eb8b92a9aff07edd2
ab7f52decc0296848548b03611c401692c564dec9b63982e719e95fea83a28a4
adca414a3a1920e3c6f609cfaa3701341cfa386d34f9a181467bedd402fd1da0
bbafe816e950127e0578bf55c718857fa4b646a9f91958caa90db4ae1328e0a5
c12334f075c3ef7a6c6fd68e3e441221457c69d7e6629fbc74d38b57c267ccd6
c5a628c08f520917ae7af4095cefad04a5b8ace5b9924d1c2bd7004f76debeca
ccbbbd90275e710d90aef52a56eae643a1f37efd6152467a3087947470d49616
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e5ebd07720c31a6e76e1d4a214ec28889ceaeb334c424ce85b90a474718ce7c2
ecc430d828b57817d53476d40473da851974fb71ddaa26e4276e90649338ea95
fd0a1ac929c11b08e819fe4b0a18c5574012c44f09de8987c6be99a0f055a505