banco3.onlc.fr Open in urlscan Pro
2606:4700:20::ac43:48cb Public Scan

Go To Rescan
Add Verdict Report

URL:
https://banco3.onlc.fr/
Submission: On December 30 via manual (December 30th 2023, 12:18:57 pm UTC) from MA — Scanned from FR

Summary HTTP 60 Redirects Links 6 Behaviour Indicators

Summary

This website contacted 14 IPs in 3 countries across 13 domains to perform 60 HTTP transactions. The main IP is 2606:4700:20::ac43:48cb, located in United States and belongs to CLOUDFLARENET, US. The main domain is banco3.onlc.fr.
TLS certificate: Issued by Cloudflare Inc ECC CA-3 on April 15th 2023. Valid for: a year.

This is the only time banco3.onlc.fr was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
1	2606:4700:20:... 2606:4700:20::ac43:48cb	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	2a00:1450:400... 2a00:1450:4001:80e::200a	15169 (GOOGLE) (GOOGLE)
3	2606:4700::68... 2606:4700::6811:190e	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	45.58.124.226 45.58.124.226	23470 (RELIABLESITE) (RELIABLESITE)
11	2a02:4780:27:... 2a02:4780:27:1147:0:2471:9b8b:2	47583 (AS-HOSTINGER) (AS-HOSTINGER)
18	185.119.26.1 185.119.26.1	203544 (WEBDEVIIN-AS) (WEBDEVIIN-AS)
2	2606:4700:20:... 2606:4700:20::681a:6a2	13335 (CLOUDFLAR...) (CLOUDFLARENET)
2	2606:4700::68... 2606:4700::6810:5514	13335 (CLOUDFLAR...) (CLOUDFLARENET)
9	2606:4700:303... 2606:4700:3031::ac43:b060	13335 (CLOUDFLAR...) (CLOUDFLARENET)
2	54.219.2.218 54.219.2.218	16509 (AMAZON-02) (AMAZON-02)
6	2a00:1450:400... 2a00:1450:4001:80f::2008	15169 (GOOGLE) (GOOGLE)
2	2606:4700::68... 2606:4700::6810:3865	13335 (CLOUDFLAR...) (CLOUDFLARENET)
2	2a00:1450:400... 2a00:1450:4001:82a::200e	15169 (GOOGLE) (GOOGLE)
60	14

1 2606:4700:20::ac43:48cb (United States)

ASN13335 (CLOUDFLARENET, US)

banco3.onlc.fr	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:80e::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

ajax.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2606:4700::6811:190e (United States)

ASN13335 (CLOUDFLARENET, US)

cdnjs.cloudflare.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 45.58.124.226 (Piscataway, United States)

ASN23470 (RELIABLESITE, US)
PTR: s11.flagcounter.com

s10.flagcounter.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

11 2a02:4780:27:1147:0:2471:9b8b:2 (Paris, France)

ASN47583 (AS-HOSTINGER, CY)

francecourses.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

18 185.119.26.1 (France)

ASN203544 (WEBDEVIIN-AS, FR)
PTR: 1.26.119.185.in-addr.arpa

payment.allopass.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2606:4700:20::681a:6a2 (United States)

ASN13335 (CLOUDFLARENET, US)

static.onlc.eu	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2606:4700::6810:5514 (United States)

ASN13335 (CLOUDFLARENET, US)

cdn.jsdelivr.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

9 2606:4700:3031::ac43:b060 (United States)

ASN13335 (CLOUDFLARENET, US)

www.pronostic-facile.fr	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
cdn1.pronostic-facile.fr	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 54.219.2.218 (San Jose, United States)

ASN16509 (AMAZON-02, US)
PTR: ec2-54-219-2-218.us-west-1.compute.amazonaws.com

gmu-apps.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 2a00:1450:4001:80f::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.googletagmanager.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2606:4700::6810:3865 (United States)

ASN13335 (CLOUDFLARENET, US)

static.cloudflareinsights.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:82a::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
18	allopass.com payment.allopass.com	311 KB
11	francecourses.com francecourses.com	2 MB
9	pronostic-facile.fr www.pronostic-facile.fr cdn1.pronostic-facile.fr	22 KB
6	googletagmanager.com www.googletagmanager.com — Cisco Umbrella Rank: 36	449 KB
3	cloudflare.com cdnjs.cloudflare.com — Cisco Umbrella Rank: 204	45 KB
2	google-analytics.com www.google-analytics.com — Cisco Umbrella Rank: 27	41 KB
2	cloudflareinsights.com static.cloudflareinsights.com — Cisco Umbrella Rank: 864	14 KB
2	gmu-apps.com gmu-apps.com	6 KB
2	jsdelivr.net cdn.jsdelivr.net — Cisco Umbrella Rank: 313	57 KB
2	onlc.eu static.onlc.eu	68 KB
1	flagcounter.com s10.flagcounter.com — Cisco Umbrella Rank: 889265	82 KB
1	googleapis.com ajax.googleapis.com — Cisco Umbrella Rank: 340	93 KB
1	onlc.fr banco3.onlc.fr	4 KB
60	13

	Domain	Requested by
18	payment.allopass.com	banco3.onlc.fr payment.allopass.com
11	francecourses.com	banco3.onlc.fr francecourses.com
8	www.pronostic-facile.fr	francecourses.com www.pronostic-facile.fr static.cloudflareinsights.com
6	www.googletagmanager.com	payment.allopass.com www.pronostic-facile.fr www.googletagmanager.com
3	cdnjs.cloudflare.com	banco3.onlc.fr francecourses.com
2	www.google-analytics.com	www.googletagmanager.com
2	static.cloudflareinsights.com	www.pronostic-facile.fr
2	gmu-apps.com	payment.allopass.com banco3.onlc.fr
2	cdn.jsdelivr.net	francecourses.com
2	static.onlc.eu	banco3.onlc.fr
1	cdn1.pronostic-facile.fr	www.pronostic-facile.fr
1	s10.flagcounter.com	banco3.onlc.fr
1	ajax.googleapis.com	banco3.onlc.fr
1	banco3.onlc.fr
60	14

This site contains links to these domains. Also see Links.

Domain
vu.fr
www.francecourses.com
info.flagcounter.com
ai.onlinecreation.pro
www.onlinecreation.me

Subject Issuer	Validity	Valid
sni.cloudflaressl.com Cloudflare Inc ECC CA-3	`2023-04-15` - `2024-04-14`	a year	crt.sh
upload.video.google.com GTS CA 1C3	`2023-11-20` - `2024-02-12`	3 months	crt.sh
s06.flagcounter.com R3	`2023-12-18` - `2024-03-17`	3 months	crt.sh
francecourses.com R3	`2023-11-10` - `2024-02-08`	3 months	crt.sh
*.allopass.com Sectigo RSA Domain Validation Secure Server CA	`2023-10-06` - `2024-10-07`	a year	crt.sh
pronostic-facile.fr GTS CA 1P5	`2023-12-03` - `2024-03-02`	3 months	crt.sh
gmu-apps.com Amazon RSA 2048 M02	`2023-12-02` - `2024-12-30`	a year	crt.sh
*.google-analytics.com GTS CA 1C3	`2023-11-20` - `2024-02-12`	3 months	crt.sh

This page contains 5 frames:

Primary Page: https://banco3.onlc.fr/
Frame ID: 8DBE2DC09956F12C73FA5676FEBE68F7
Requests: 7 HTTP requests in this frame

Frame: https://francecourses.com/
Frame ID: D765488F3D8E9CDE52F941171093F617
Requests: 16 HTTP requests in this frame

Frame: https://payment.allopass.com/buy/buy.apu?ids=299326&idd=1275257
Frame ID: 4B39872298BB3A1E6AA73C5C1C98D0A9
Requests: 22 HTTP requests in this frame

Frame: https://www.pronostic-facile.fr/widget/beausoleil/quinte_infos/all
Frame ID: 697BE5DAE7BAF6D2E9E3A2784BC18679
Requests: 7 HTTP requests in this frame

Frame: https://www.pronostic-facile.fr/widget/partner/feed/all
Frame ID: E2EE5C54DE6E7E71B550046262324B2C
Requests: 9 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

Accueil - BANCO4

Detected technologies

Bootstrap (Web Frameworks) Expand

Overall confidence: 100%
Detected patterns

bootstrap(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)[^>]*?(?:\.min)?\.js

Cloudflare Browser Insights (Analytics) Expand

Overall confidence: 100%
Detected patterns

static\.cloudflareinsights\.com/beacon(?:\.min)?\.js

FingerprintJS (JavaScript libraries) Expand

Overall confidence: 100%
Detected patterns

fingerprint(\d)?(?:\.min)?\.js

Google Analytics (Analytics) Expand

Overall confidence: 100%
Detected patterns

google-analytics\.com/(?:ga|urchin|analytics)\.js

Google Tag Manager (Tag Managers) Expand

Overall confidence: 100%
Detected patterns

googletagmanager\.com/gtm\.js
googletagmanager\.com/gtag/js

jQuery (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

jquery[.-]([\d.]*\d)[^/]*\.js
/([\d.]+)/jquery(?:\.min)?\.js
jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

jsDelivr (CDN) Expand

Overall confidence: 100%
Detected patterns

//cdn\.jsdelivr\.net/

Page Statistics

60
Requests

100 %
HTTPS

77 %
IPv6

13
Domains

14
Subdomains

14
IPs

3
Countries

2744 kB
Transfer

4390 kB
Size

3
Cookies

6 Outgoing links

These are links going to different origins than the main page.

URL: http://vu.fr/gutD
Title: CHAT HIPPIQUE 1

Search URL Search Domain Scan URL

URL: http://www.francecourses.com/
Title: CHAT HIPPIQUE 2

Search URL Search Domain Scan URL

URL: http://info.flagcounter.com/rsen

Search URL Search Domain Scan URL

URL: https://ai.onlinecreation.pro/
Title: Publicité servant à financer l'hébergement de ce site 🤖 Une Intelligence Artificielle français intelligente facile à utiliser qui ridiculise les autres IA ! 🇫🇷 Découvrez AI•, votre assistant d'automatisation de texte et d'images! Laissez l'intelligence artificielle transformer vos idées en réalités visuelles. Pas besoin d'être un expert, AI• est à la portée de tous. Commencez dès maintenant!

Search URL Search Domain Scan URL

URL: https://www.onlinecreation.me/?p=banco3NDD
Title: Site créé gratuitement grâce à OnlineCreation.me

Search URL Search Domain Scan URL

URL: https://www.onlinecreation.me/mentionslegalessites.php?NomSite=banco3NDD
Title: Tous droits réservés

Search URL Search Domain Scan URL

Redirected requests

There were HTTP redirect chains for the following requests:

60 HTTP transactions
1 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2 200 Primary Request / Show response
banco3.onlc.fr/ 9 KB
4 KB 116ms
64ms Document
text/html 2606:4700:20::ac43:48cb
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://banco3.onlc.fr/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::ac43:48cb , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: a9eccfd8fa2dc13ea8cc64cb51317ab17db1c0c28dda4f67bfd8f480750d1b2c

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36
accept-language: fr-FR,fr;q=0.9

Response headers

access-control-allow-origin: https://www.onlinecreation.me
alt-svc: h3=":443"; ma=86400
cache-control: no-store, no-cache, must-revalidate
cf-cache-status: DYNAMIC
cf-ray: 83da3a56ef7b019a-CDG
content-encoding: br
content-type: text/html; charset=utf-8
date: Sat, 30 Dec 2023 12:18:52 GMT
expires: Thu, 19 Nov 1981 08:52:00 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
p3p: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
pragma: no-cache
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=ngLAqq%2BJhV99K%2B5eIoQ2Ej4gjZqMQGw7tpUFYYCFL3mMfjy2j9RvLQZ%2BaVjBMgd%2Fxv3MoPwf0CKwmvyKQ9iRZvgBfM8QWw3y8FADtxZs5AzyLEEBZh6f0YfGr4AMNZ9PCljePonpPToqWnut"}],"group":"cf-nel","max_age":604800}
server: cloudflare

GET
H2 200 jquery.min.js Show response
ajax.googleapis.com/ajax/libs/jquery/1.7.2/ 93 KB
93 KB 81ms
25ms Script
text/javascript 2a00:1450:4001:80e::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://ajax.googleapis.com/ajax/libs/jquery/1.7.2/jquery.min.js

Requested by

Host: banco3.onlc.fr
URL: https://banco3.onlc.fr/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80e::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

47b68dce8cb6805ad5b3ea4d27af92a241f4e29a5c12a274c852e4346a0500b4

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://banco3.onlc.fr/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Wed, 27 Dec 2023 14:13:33 GMT
x-content-type-options: nosniff
age: 252319
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/hosted-libraries-pushers
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 94840
x-xss-protection: 0
last-modified: Tue, 03 Mar 2020 19:15:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="hosted-libraries-pushers"
vary: Accept-Encoding
report-to: {"group":"hosted-libraries-pushers","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/hosted-libraries-pushers"}]}
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=31536000, stale-while-revalidate=2592000
accept-ranges: bytes
timing-allow-origin: *
expires: Thu, 26 Dec 2024 14:13:33 GMT

GET
H2 200 mediaelementplayer.min.css
cdnjs.cloudflare.com/ajax/libs/mediaelement/2.9.5/ 17 KB
3 KB 155ms
118ms Stylesheet
text/css 2606:4700::6811:190e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdnjs.cloudflare.com/ajax/libs/mediaelement/2.9.5/mediaelementplayer.min.css

Requested by

Host: banco3.onlc.fr
URL: https://banco3.onlc.fr/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6811:190e , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

a3ecfe4da73d3f04f54aca493982a068a9e328942a64100bfc976cbae9cafb10

Security Headers

Name	Value
Strict-Transport-Security	max-age=15780000
X-Content-Type-Options	nosniff

Request headers

Referer
Origin: https://banco3.onlc.fr
accept-language: fr-FR,fr;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Sat, 30 Dec 2023 12:18:52 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=15780000
age: 2619359
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 2265
last-modified: Mon, 04 May 2020 16:13:19 GMT
server: cloudflare
cf-cdnjs-via: cfworker/kv
etag: "5eb03f1f-4392"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=6LXhkdLzAgxhh9pFcsLKDbIBfoYiJkJmVLVa%2B95my3FQJwbwf9D0aP07SwPYeKVpfiSnwUS5AWC8JXyPYirHvRWSOEB8zFRRrAGHqWD96l1QRH2OL4AYu1vjzlNo5VNwWq8YvKN2ttQI%2BzUrIIVYYK%2FI"}],"group":"cf-nel","max_age":604800}
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: public, max-age=30672000
accept-ranges: bytes
timing-allow-origin: *
cf-ray: 83da3a578d0e3cf3-CDG
expires: Thu, 19 Dec 2024 12:18:52 GMT

GET
H2 200 mediaelement-and-player.min.js Show response
cdnjs.cloudflare.com/ajax/libs/mediaelement/2.9.5/ 61 KB
15 KB 65ms
28ms Script
application/javascript 2606:4700::6811:190e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdnjs.cloudflare.com/ajax/libs/mediaelement/2.9.5/mediaelement-and-player.min.js

Requested by

Host: banco3.onlc.fr
URL: https://banco3.onlc.fr/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6811:190e , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

c190fd4534143b46005a1fb176e61c80c6dc36b7893ba45f2d5480217dfcb8c3

Security Headers

Name	Value
Strict-Transport-Security	max-age=15780000
X-Content-Type-Options	nosniff

Request headers

Referer
Origin: https://banco3.onlc.fr
accept-language: fr-FR,fr;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Sat, 30 Dec 2023 12:18:52 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=15780000
age: 2801282
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 15089
last-modified: Mon, 04 May 2020 16:13:19 GMT
server: cloudflare
cf-cdnjs-via: cfworker/kv
etag: "5eb03f1f-f42f"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=loTS5mcbSM%2FQxMxiPoj1CyrJwHnb7OqLZSwZafkjLQjeityS5jot8Ip0AIClBRkjXmbEOnCf1MUQpeiXxwm%2FTn4eRBAutt8QkOnYM%2FHlUQx2zvtyobDiqrazvisGm2QQZ%2FLR2KY7%2FpEQCxg%2Fl4QjqrsO"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: public, max-age=30672000
accept-ranges: bytes
timing-allow-origin: *
cf-ray: 83da3a579d0f3cf3-CDG
expires: Thu, 19 Dec 2024 12:18:52 GMT

GET
H/1.1 200
OK /
s10.flagcounter.com/map/rsen/size_s/txt_000000/border_CCCCCC/pageviews_1/viewers_0/flags_0/ 82 KB
82 KB 692ms
116ms Image
image/png 45.58.124.226
RELIABLESITE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://s10.flagcounter.com/map/rsen/size_s/txt_000000/border_CCCCCC/pageviews_1/viewers_0/flags_0/
Requested by: Host: banco3.onlc.fr
URL: https://banco3.onlc.fr/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 45.58.124.226 Piscataway, United States, ASN23470 (RELIABLESITE, US),
Reverse DNS: s11.flagcounter.com
Software: Apache/2.4.6 (CentOS) OpenSSL/1.0.2k-fips /
Resource Hash: c754af3cd8119f8d1ffb464c92c63cf0857116b9b29f776e0c7c75975daaff56

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://banco3.onlc.fr/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

Pragma: no-cache
Date: Sat, 30 Dec 2023 12:18:53 GMT
Cache-control: no-cache
Server: Apache/2.4.6 (CentOS) OpenSSL/1.0.2k-fips
Connection: close
Transfer-Encoding: chunked
Content-Type: image/png

GET
H2 200 / Show response
francecourses.com/ Frame D765 21 KB
5 KB 152ms
71ms Document
text/html 2a02:4780:27:1147:0:2471:9b8b:2
AS-HOSTINGER

General

Check archive.org

Show headers Download Go to

Full URL

https://francecourses.com/

Requested by

Host: banco3.onlc.fr
URL: https://banco3.onlc.fr/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:4780:27:1147:0:2471:9b8b:2 Paris, France, ASN47583 (AS-HOSTINGER, CY),

Reverse DNS

Software

LiteSpeed / PHP/8.1.24

Resource Hash

743134f8f91c971afca51ec4c6e1f9aeca2b4fcbda3abc08b9dba066548e83dc

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests

Request headers

Referer: https://banco3.onlc.fr/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36
accept-language: fr-FR,fr;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000, h3-29=":443"; ma=2592000, h3-Q050=":443"; ma=2592000, h3-Q046=":443"; ma=2592000, h3-Q043=":443"; ma=2592000, quic=":443"; ma=2592000; v="43,46"
cache-control: no-cache, private
content-encoding: br
content-length: 4565
content-security-policy: upgrade-insecure-requests
content-type: text/html; charset=UTF-8
date: Sat, 30 Dec 2023 12:18:52 GMT
platform: hostinger
server: LiteSpeed
vary: Accept-Encoding
x-powered-by: PHP/8.1.24

GET
H/1.1 200
OK buy.apu Show response
payment.allopass.com/buy/ Frame 4B39 9 KB
4 KB 295ms
95ms Document
text/html 185.119.26.1
WEBDEVIIN-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://payment.allopass.com/buy/buy.apu?ids=299326&idd=1275257
Requested by: Host: banco3.onlc.fr
URL: https://banco3.onlc.fr/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 185.119.26.1 , France, ASN203544 (WEBDEVIIN-AS, FR),
Reverse DNS: 1.26.119.185.in-addr.arpa
Software: Apache /
Resource Hash: aef0d8a3945d74c152b0cb8916bc02d36617abe6b94a8077ad5d9133bb34d7da

Request headers

Referer: https://banco3.onlc.fr/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36
accept-language: fr-FR,fr;q=0.9

Response headers

Access-Control-Allow-Origin: *
Cache-Control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
Connection: close
Content-Encoding: gzip
Content-Length: 3180
Content-Type: text/html; charset=UTF-8
Date: Sat, 30 Dec 2023 12:18:53 GMT
Expires: Thu, 19 Nov 1981 08:52:00 GMT
P3P: CP='NON NID OTPa OUR NOR' policy-ref='http://payment.allopass.com/info/p3p/policy-references.xml'
Pragma: no-cache
Server: Apache
Vary: Accept-Encoding

GET
H2 200 head.jpg
static.onlc.eu/designs/piano/ 38 KB
38 KB 138ms
57ms Image
image/jpeg 2606:4700:20::681a:6a2
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://static.onlc.eu/designs/piano/head.jpg
Requested by: Host: banco3.onlc.fr
URL: https://banco3.onlc.fr/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:6a2 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 178f8ce68c079d701fb2d8e636b6c0ce046c1ad7f7294d22398a8d374de0c50c

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://banco3.onlc.fr/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Sat, 30 Dec 2023 12:18:52 GMT
cf-cache-status: MISS
last-modified: Fri, 29 Sep 2006 06:21:11 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
etag: "1774917336"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=xVwy6cWGWL9THPb8XWbDp3bDAi4X3jA1Q19oNFAdruWOJBVyTbm2kIAHxkr0vjqPmoYRwmkEI%2BrlUSw94zVAshM4Qt%2B%2BcdfTLpd%2FnzcOHzjIv2bSl2mjceD1aAEaj5etJLWku5rBmq28Fl1w"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
access-control-allow-origin: *
cache-control: max-age=31536000
accept-ranges: bytes
cf-ray: 83da3a58cc956f10-CDG
alt-svc: h3=":443"; ma=86400
content-length: 38586

GET
H2 200 ligne.gif
static.onlc.eu/designs/piano/ 29 KB
30 KB 149ms
68ms Image
image/gif 2606:4700:20::681a:6a2
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://static.onlc.eu/designs/piano/ligne.gif
Requested by: Host: banco3.onlc.fr
URL: https://banco3.onlc.fr/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:6a2 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 7183a05060f815ad74aab94bc85e6d98cb03491fac64c7f96523628074074312

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://banco3.onlc.fr/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Sat, 30 Dec 2023 12:18:52 GMT
cf-cache-status: MISS
last-modified: Fri, 29 Sep 2006 06:21:11 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
etag: "1610864344"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=8bbO6SnC%2B3EVcYuu%2BUq2DOIEM%2FsRRun6IMl2Nco4WpuHodrncR%2FOo66fVwAMMD0ACSDN%2FsDfjWizpjLIDFgGAgagywD1SCncsqWOwjNkbPIf1UuP7yZxpPQ8BcbyPdVplBBOTBUT6QFr7gG1"}],"group":"cf-nel","max_age":604800}
content-type: image/gif
access-control-allow-origin: *
cache-control: max-age=31536000
accept-ranges: bytes
cf-ray: 83da3a58cc936f10-CDG
alt-svc: h3=":443"; ma=86400
content-length: 30084

GET
H2 200 jquery.min.js Show response
cdnjs.cloudflare.com/ajax/libs/jquery/3.7.0/ Frame D765 85 KB
27 KB 24ms
23ms Script
application/javascript 2606:4700::6811:190e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdnjs.cloudflare.com/ajax/libs/jquery/3.7.0/jquery.min.js

Requested by

Host: francecourses.com
URL: https://francecourses.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6811:190e , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

d8f9afbf492e4c139e9d2bcb9ba6ef7c14921eb509fb703bc7a3f911b774eff8

Security Headers

Name	Value
Strict-Transport-Security	max-age=15780000
X-Content-Type-Options	nosniff

Request headers

Referer
Origin: https://francecourses.com
accept-language: fr-FR,fr;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Sat, 30 Dec 2023 12:18:53 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=15780000
age: 2623204
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 27437
last-modified: Tue, 01 Aug 2023 17:19:50 GMT
server: cloudflare
cf-cdnjs-via: cfworker/kv
etag: "64c93eb6-6b2d"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=PO4eVYvcUnMSmk4ybIcrVTB8xfxXtJVi8x4ONde1fXdH9QBWr6h8t7Hewl1h5HEN%2BeRY4sEo4m7KQHFwkTOez9yQ2likZ%2FIq%2FzD8WFpTTZbszT52VT0hs5xtQw7JxLGXPUcyikgWI%2B8vUz6OlcSf54di"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: public, max-age=30672000
accept-ranges: bytes
timing-allow-origin: *
cf-ray: 83da3a593e633cf3-CDG
expires: Thu, 19 Dec 2024 12:18:52 GMT

GET
H2 200 bootstrap.min.css
cdn.jsdelivr.net/npm/bootstrap@5.3.1/dist/css/ Frame D765 227 KB
33 KB 83ms
31ms Stylesheet
text/css 2606:4700::6810:5514
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.jsdelivr.net/npm/bootstrap@5.3.1/dist/css/bootstrap.min.css

Requested by

Host: francecourses.com
URL: https://francecourses.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6810:5514 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

d939d21f27010c09b6c2966681d8b4cfcd64ca418f240922518f967fded16ef6

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://francecourses.com/
Origin: https://francecourses.com
accept-language: fr-FR,fr;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Sat, 30 Dec 2023 12:18:53 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
age: 5120331
x-jsd-version: 5.3.1
content-encoding: br
x-cache: HIT, HIT
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
x-served-by: cache-fra-eddf8230044-FRA, cache-lcy-eglc8600024-LCY
x-jsd-version-type: version
server: cloudflare
etag: W/"38d97-sT73BUPXDB7H/dVqXrydfWQCOFE"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=38lql3Df0XKNBf8Lp7jlY9gwdzqLcDzcaLaWYOUWkyVfGh1RQL2zl5npFzBJ%2FLxPLodxoEnzY3rvu6sAFewZomJcnEFghFXc8WG3bg7qERZG7uBRawqoyZipo7N4LyWKye69aA0fWi6Y8h2jrQs%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/css; charset=utf-8
access-control-allow-origin: *
access-control-expose-headers: *
cache-control: public, max-age=31536000, s-maxage=31536000, immutable
timing-allow-origin: *
cf-ray: 83da3a598abbd502-CDG

GET
H2 200 allopass.png
francecourses.com/assets/img/ Frame D765 34 KB
34 KB 19ms
18ms Image
image/png 2a02:4780:27:1147:0:2471:9b8b:2
AS-HOSTINGER

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://francecourses.com/assets/img/allopass.png

Requested by

Host: francecourses.com
URL: https://francecourses.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:4780:27:1147:0:2471:9b8b:2 Paris, France, ASN47583 (AS-HOSTINGER, CY),

Reverse DNS

Software

LiteSpeed /

Resource Hash

49d27f3ea606ba1b50258dd4b6fe16e83f1b9c5f7a0fae518398149aee2ae043

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://francecourses.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Sat, 30 Dec 2023 12:18:52 GMT
content-security-policy: upgrade-insecure-requests
last-modified: Mon, 27 Nov 2023 23:20:58 GMT
server: LiteSpeed
etag: "86b3-6565245a-397253f83d227154;;;"
content-type: image/png
cache-control: public, max-age=604800
accept-ranges: bytes
platform: hostinger
content-length: 34483
expires: Sat, 06 Jan 2024 12:18:52 GMT

GET
H2 200 OM.png
francecourses.com/assets/img/ Frame D765 171 KB
172 KB 37ms
36ms Image
image/png 2a02:4780:27:1147:0:2471:9b8b:2
AS-HOSTINGER

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://francecourses.com/assets/img/OM.png

Requested by

Host: francecourses.com
URL: https://francecourses.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:4780:27:1147:0:2471:9b8b:2 Paris, France, ASN47583 (AS-HOSTINGER, CY),

Reverse DNS

Software

LiteSpeed /

Resource Hash

2a6bffd614771fc60619abe7e7f1ccebe3d1434e83abe9947821edb5a588e786

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://francecourses.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Sat, 30 Dec 2023 12:18:52 GMT
content-security-policy: upgrade-insecure-requests
last-modified: Wed, 22 Nov 2023 07:31:24 GMT
server: LiteSpeed
etag: "2adfb-655dae4c-2de26ce9cfda8af9;;;"
content-type: image/png
cache-control: public, max-age=604800
accept-ranges: bytes
platform: hostinger
content-length: 175611
expires: Sat, 06 Jan 2024 12:18:52 GMT

GET
H2 200 Wave.jpg
francecourses.com/assets/img/ Frame D765 7 KB
7 KB 39ms
37ms Image
image/jpeg 2a02:4780:27:1147:0:2471:9b8b:2
AS-HOSTINGER

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://francecourses.com/assets/img/Wave.jpg

Requested by

Host: francecourses.com
URL: https://francecourses.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:4780:27:1147:0:2471:9b8b:2 Paris, France, ASN47583 (AS-HOSTINGER, CY),

Reverse DNS

Software

LiteSpeed /

Resource Hash

4104a267c7a5a5f95617a0161dc278892d36b6a603fd10314b5629a436f7f37f

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://francecourses.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Sat, 30 Dec 2023 12:18:53 GMT
content-security-policy: upgrade-insecure-requests
last-modified: Wed, 22 Nov 2023 07:31:24 GMT
server: LiteSpeed
etag: "1b95-655dae4c-1c49731926e276f7;;;"
content-type: image/jpeg
cache-control: public, max-age=604800
accept-ranges: bytes
platform: hostinger
content-length: 7061
expires: Sat, 06 Jan 2024 12:18:53 GMT

GET
H2 200 MoovMoney.png
francecourses.com/assets/img/ Frame D765 5 KB
6 KB 39ms
38ms Image
image/png 2a02:4780:27:1147:0:2471:9b8b:2
AS-HOSTINGER

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://francecourses.com/assets/img/MoovMoney.png

Requested by

Host: francecourses.com
URL: https://francecourses.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:4780:27:1147:0:2471:9b8b:2 Paris, France, ASN47583 (AS-HOSTINGER, CY),

Reverse DNS

Software

LiteSpeed /

Resource Hash

ec1e78be371a37bb7191514684de498dfffa760040f873fcb380484873d84392

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://francecourses.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Sat, 30 Dec 2023 12:18:53 GMT
content-security-policy: upgrade-insecure-requests
last-modified: Wed, 22 Nov 2023 07:31:24 GMT
server: LiteSpeed
etag: "15d8-655dae4c-768486ce4cf959a1;;;"
content-type: image/png
cache-control: public, max-age=604800
accept-ranges: bytes
platform: hostinger
content-length: 5592
expires: Sat, 06 Jan 2024 12:18:53 GMT

GET
H2 200 MoneyGram.jpg
francecourses.com/assets/img/ Frame D765 42 KB
42 KB 39ms
38ms Image
image/jpeg 2a02:4780:27:1147:0:2471:9b8b:2
AS-HOSTINGER

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://francecourses.com/assets/img/MoneyGram.jpg

Requested by

Host: francecourses.com
URL: https://francecourses.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:4780:27:1147:0:2471:9b8b:2 Paris, France, ASN47583 (AS-HOSTINGER, CY),

Reverse DNS

Software

LiteSpeed /

Resource Hash

0ae51d165e857dcaf5457e5b59239fd1adf09bcb58deb336a4704853272f8fb1

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://francecourses.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Sat, 30 Dec 2023 12:18:53 GMT
content-security-policy: upgrade-insecure-requests
last-modified: Wed, 22 Nov 2023 07:31:24 GMT
server: LiteSpeed
etag: "a6c3-655dae4c-aaf0d07ad7f27525;;;"
content-type: image/jpeg
cache-control: public, max-age=604800
accept-ranges: bytes
platform: hostinger
content-length: 42691
expires: Sat, 06 Jan 2024 12:18:53 GMT

GET
H2 200 ExpressUnion.png
francecourses.com/assets/img/ Frame D765 3 KB
3 KB 38ms
37ms Image
image/png 2a02:4780:27:1147:0:2471:9b8b:2
AS-HOSTINGER

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://francecourses.com/assets/img/ExpressUnion.png

Requested by

Host: francecourses.com
URL: https://francecourses.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:4780:27:1147:0:2471:9b8b:2 Paris, France, ASN47583 (AS-HOSTINGER, CY),

Reverse DNS

Software

LiteSpeed /

Resource Hash

2d0d688227d7a366fbe9b7c56a889cc66784190277581f52a7e82bc2996c1d1d

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://francecourses.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Sat, 30 Dec 2023 12:18:53 GMT
content-security-policy: upgrade-insecure-requests
last-modified: Wed, 22 Nov 2023 07:31:24 GMT
server: LiteSpeed
etag: "ce9-655dae4c-5a37cbc3a1cc536b;;;"
content-type: image/png
cache-control: public, max-age=604800
accept-ranges: bytes
platform: hostinger
content-length: 3305
expires: Sat, 06 Jan 2024 12:18:53 GMT

GET
H2 200 Ria.png
francecourses.com/assets/img/ Frame D765 5 KB
5 KB 38ms
38ms Image
image/png 2a02:4780:27:1147:0:2471:9b8b:2
AS-HOSTINGER

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://francecourses.com/assets/img/Ria.png

Requested by

Host: francecourses.com
URL: https://francecourses.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:4780:27:1147:0:2471:9b8b:2 Paris, France, ASN47583 (AS-HOSTINGER, CY),

Reverse DNS

Software

LiteSpeed /

Resource Hash

52ed3db08547075f5bba86c1ddb148bc3b0953fa2b1d3e564d1988a369736974

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://francecourses.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Sat, 30 Dec 2023 12:18:53 GMT
content-security-policy: upgrade-insecure-requests
last-modified: Wed, 22 Nov 2023 07:31:24 GMT
server: LiteSpeed
etag: "123f-655dae4c-21087063f5d2714c;;;"
content-type: image/png
cache-control: public, max-age=604800
accept-ranges: bytes
platform: hostinger
content-length: 4671
expires: Sat, 06 Jan 2024 12:18:53 GMT

GET
H2 200 WesternUnion.png
francecourses.com/assets/img/ Frame D765 8 KB
9 KB 38ms
38ms Image
image/png 2a02:4780:27:1147:0:2471:9b8b:2
AS-HOSTINGER

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://francecourses.com/assets/img/WesternUnion.png

Requested by

Host: francecourses.com
URL: https://francecourses.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:4780:27:1147:0:2471:9b8b:2 Paris, France, ASN47583 (AS-HOSTINGER, CY),

Reverse DNS

Software

LiteSpeed /

Resource Hash

5544764b0ce3f547366a931223094c6c1ed1d340e9abb5fb1d4789f44c02a472

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://francecourses.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Sat, 30 Dec 2023 12:18:53 GMT
content-security-policy: upgrade-insecure-requests
last-modified: Wed, 22 Nov 2023 07:31:24 GMT
server: LiteSpeed
etag: "21cd-655dae4c-b5eee505622772d9;;;"
content-type: image/png
cache-control: public, max-age=604800
accept-ranges: bytes
platform: hostinger
content-length: 8653
expires: Sat, 06 Jan 2024 12:18:53 GMT

GET
H2 200 quinte_infos Show response
www.pronostic-facile.fr/widget/beausoleil/script/ Frame D765 252 B
811 B 99ms
46ms Script
text/html 2606:4700:3031::ac43:b060
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://www.pronostic-facile.fr/widget/beausoleil/script/quinte_infos
Requested by: Host: francecourses.com
URL: https://francecourses.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3031::ac43:b060 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 5ecb9fa015efa552725f2848be3041a9efca1ae5854c0694ba9cc468e84f972d

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://francecourses.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

x-runtime: 1
date: Sat, 30 Dec 2023 12:18:53 GMT
content-encoding: br
cf-cache-status: DYNAMIC
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=fAh3jNN5yF0TKzS11qCsB1ku6itsNSGYgb7zDLhIwqRVjSEfGHd%2FAo7himulWgRL60UY%2F51BILAJS3W46aB2a39xLggPu%2BXHtU5t7N2mOyDInKcs5%2BZx4wbNdbLrnTFrVN2awpaEgscXNgIemKKfFjauEMeUNA%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/html; charset=utf-8
cache-control: private, max-age=0, must-revalidate
cf-ray: 83da3a59cfe06f34-CDG
alt-svc: h3=":443"; ma=86400

GET
H2 200 feed Show response
www.pronostic-facile.fr/widget/partner/script/ Frame D765 241 B
600 B 148ms
94ms Script
text/html 2606:4700:3031::ac43:b060
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://www.pronostic-facile.fr/widget/partner/script/feed
Requested by: Host: francecourses.com
URL: https://francecourses.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3031::ac43:b060 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 513cec403f6af81be17808ef9b227d5ea5a3ffa19eb5bcf72b035b5f3d802a25

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://francecourses.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

x-runtime: 1
date: Sat, 30 Dec 2023 12:18:53 GMT
content-encoding: br
cf-cache-status: DYNAMIC
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=30dGN6gDbwv0qx4PUKWXxbQBWqFuhP5ckqAnUH4rVIzwr4EMoBAXisNF3d9Meyka9wDwBPWWUSK6LEMf87FKjZmR%2BBUi6XomGk7o%2B4iQHrC%2BkU4fiz3HbFa2bDr%2FTveKRmZDM0VrRte7v2MrJS4Lfe26DmuWEA%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/html; charset=utf-8
cache-control: private, max-age=0, must-revalidate
cf-ray: 83da3a59cfe16f34-CDG
alt-svc: h3=":443"; ma=86400

GET
H2 200 bootstrap.bundle.min.js Show response
cdn.jsdelivr.net/npm/bootstrap@5.3.1/dist/js/ Frame D765 79 KB
24 KB 51ms
33ms Script
application/javascript 2606:4700::6810:5514
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.jsdelivr.net/npm/bootstrap@5.3.1/dist/js/bootstrap.bundle.min.js

Requested by

Host: francecourses.com
URL: https://francecourses.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6810:5514 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

d2ea6c1e0cabca20d18e924b25a1cd0187c38ba7c33f60ab06e1b0402b9bcdb5

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://francecourses.com/
Origin: https://francecourses.com
accept-language: fr-FR,fr;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Sat, 30 Dec 2023 12:18:53 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
age: 5208093
x-jsd-version: 5.3.1
content-encoding: br
x-cache: HIT
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
x-served-by: cache-fra-eddf8230064-FRA
x-jsd-version-type: version
server: cloudflare
etag: W/"13b1c-zlT4XyePvNXLIpL5wYbu32PNz4g"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=%2B%2BVzUh%2BkJ%2BBMGjVfpJ0hpvzGvB3bst4sfOOsFk7fisGJcl5P1%2FwqJevP91AFkYeC2Bgo6fqd2vMyQyPf%2Bb4899rWfLqcYerlHtbpP4zc%2BK5dKlx3yk5Qq34J9JxsBTlHobGa7lg0L2klpZ0rHdQ%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
access-control-expose-headers: *
cache-control: public, max-age=31536000, s-maxage=31536000, immutable
timing-allow-origin: *
cf-ray: 83da3a598abdd502-CDG

GET
H2 200 horse-3880449_1920.jpg
francecourses.com/assets/img/hero-carousel/ Frame D765 740 KB
740 KB 18ms
18ms Image
image/jpeg 2a02:4780:27:1147:0:2471:9b8b:2
AS-HOSTINGER

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://francecourses.com/assets/img/hero-carousel/horse-3880449_1920.jpg

Requested by

Host: francecourses.com
URL: https://francecourses.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:4780:27:1147:0:2471:9b8b:2 Paris, France, ASN47583 (AS-HOSTINGER, CY),

Reverse DNS

Software

LiteSpeed /

Resource Hash

ca9db144acb25acb923cacb7e0224040e5baa5e442e9a16982acb16187bfde36

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://francecourses.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Sat, 30 Dec 2023 12:18:53 GMT
content-security-policy: upgrade-insecure-requests
last-modified: Mon, 11 Sep 2023 19:26:21 GMT
server: LiteSpeed
etag: "b8f0c-64ff69dd-4ea79a12837920f;;;"
content-type: image/jpeg
cache-control: public, max-age=604800
accept-ranges: bytes
platform: hostinger
content-length: 757516
expires: Sat, 06 Jan 2024 12:18:53 GMT

GET
H2 200 horses-380402_1920.jpg
francecourses.com/assets/img/hero-carousel/ Frame D765 530 KB
530 KB 18ms
18ms Image
image/jpeg 2a02:4780:27:1147:0:2471:9b8b:2
AS-HOSTINGER

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://francecourses.com/assets/img/hero-carousel/horses-380402_1920.jpg

Requested by

Host: francecourses.com
URL: https://francecourses.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:4780:27:1147:0:2471:9b8b:2 Paris, France, ASN47583 (AS-HOSTINGER, CY),

Reverse DNS

Software

LiteSpeed /

Resource Hash

87f94d1c864f64f059185532d5c13dc78fa80c920ed41e0530c53285d49cd0bb

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://francecourses.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Sat, 30 Dec 2023 12:18:53 GMT
content-security-policy: upgrade-insecure-requests
last-modified: Mon, 11 Sep 2023 19:26:21 GMT
server: LiteSpeed
etag: "8483c-64ff69dd-6a540a83961f04b7;;;"
content-type: image/jpeg
cache-control: public, max-age=604800
accept-ranges: bytes
platform: hostinger
content-length: 542780
expires: Sat, 06 Jan 2024 12:18:53 GMT

GET
H2 200 all Show response
www.pronostic-facile.fr/widget/beausoleil/quinte_infos/ Frame 697B 8 KB
4 KB 47ms
47ms Document
text/html 2606:4700:3031::ac43:b060
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://www.pronostic-facile.fr/widget/beausoleil/quinte_infos/all
Requested by: Host: www.pronostic-facile.fr
URL: https://www.pronostic-facile.fr/widget/beausoleil/script/quinte_infos
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3031::ac43:b060 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 3e708dbf912331c069cc4c7ee2230e3d95802dbf55f458a6c6a4445afe676f2b

Request headers

Referer: https://francecourses.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36
accept-language: fr-FR,fr;q=0.9

Response headers

alt-svc: h3=":443"; ma=86400
cache-control: private, max-age=0, must-revalidate
cf-cache-status: DYNAMIC
cf-ray: 83da3a5a18366f34-CDG
content-encoding: br
content-type: text/html; charset=utf-8
date: Sat, 30 Dec 2023 12:18:53 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=YMz6TQfkIPxLEJlMfiaumLstVMTxZtXpfxaER%2B1uFwEQ%2FH6tF5CwlCYwjdkEo7mPM9RNUiYIEH18tQF7v1lfmJH4D1MZoWTwIFWMUt%2B8CujrMafZOZMzmWs7D35unrUtlyuvXVEChHvXT1wc2qKCvAVRFrnd6w%3D%3D"}],"group":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
x-runtime: 2

GET
H/1.1 200
OK jBox.all.min.css
payment.allopass.com/static/css/jBox/ Frame 4B39 16 KB
4 KB 57ms
21ms Stylesheet
text/css 185.119.26.1
WEBDEVIIN-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://payment.allopass.com/static/css/jBox/jBox.all.min.css
Requested by: Host: payment.allopass.com
URL: https://payment.allopass.com/buy/buy.apu?ids=299326&idd=1275257
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 185.119.26.1 , France, ASN203544 (WEBDEVIIN-AS, FR),
Reverse DNS: 1.26.119.185.in-addr.arpa
Software: Apache /
Resource Hash: 16393c3e769e20445f7f78adf6a188dae9d932249842c1033dc2144bac1296ac

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://payment.allopass.com/buy/buy.apu?ids=299326&idd=1275257
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

Date: Sat, 30 Dec 2023 12:18:53 GMT
Content-Encoding: gzip
Last-Modified: Mon, 21 Aug 2023 10:50:27 GMT
Server: Apache
ETag: "21985-40d7-6036ca56d02c0"
Vary: Accept-Encoding
Content-Type: text/css
Connection: close
Accept-Ranges: bytes
Content-Length: 3631

GET
H/1.1 200
OK base.css
payment.allopass.com/static/css/ Frame 4B39 81 KB
15 KB 58ms
23ms Stylesheet
text/css 185.119.26.1
WEBDEVIIN-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://payment.allopass.com/static/css/base.css?68
Requested by: Host: payment.allopass.com
URL: https://payment.allopass.com/buy/buy.apu?ids=299326&idd=1275257
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 185.119.26.1 , France, ASN203544 (WEBDEVIIN-AS, FR),
Reverse DNS: 1.26.119.185.in-addr.arpa
Software: Apache /
Resource Hash: 3975eb898756e296608f964f0fe799ecf25bbf79467666a3c3218dad3db1de6e

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://payment.allopass.com/buy/buy.apu?ids=299326&idd=1275257
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

Date: Sat, 30 Dec 2023 12:18:53 GMT
Content-Encoding: gzip
Last-Modified: Mon, 21 Aug 2023 10:50:27 GMT
Server: Apache
ETag: "216e7-143f2-6036ca56d02c0"
Vary: Accept-Encoding
Content-Type: text/css
Connection: close
Accept-Ranges: bytes
Content-Length: 14739

GET
H/1.1 200
OK carousel.css
payment.allopass.com/static/css/ Frame 4B39 21 KB
3 KB 55ms
20ms Stylesheet
text/css 185.119.26.1
WEBDEVIIN-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://payment.allopass.com/static/css/carousel.css?68
Requested by: Host: payment.allopass.com
URL: https://payment.allopass.com/buy/buy.apu?ids=299326&idd=1275257
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 185.119.26.1 , France, ASN203544 (WEBDEVIIN-AS, FR),
Reverse DNS: 1.26.119.185.in-addr.arpa
Software: Apache /
Resource Hash: 1decf61f3465e4585a9a8cd868c343796bb6f43dfd1f03fa0b361dab97b4627c

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://payment.allopass.com/buy/buy.apu?ids=299326&idd=1275257
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

Date: Sat, 30 Dec 2023 12:18:53 GMT
Content-Encoding: gzip
Last-Modified: Mon, 21 Aug 2023 10:50:27 GMT
Server: Apache
ETag: "40f4e-54eb-6036ca56d02c0"
Vary: Accept-Encoding
Content-Type: text/css
Connection: close
Accept-Ranges: bytes
Content-Length: 2387

GET
H/1.1 200
OK jquery-1.3.2.min.js Show response
payment.allopass.com/static/js/ext/ Frame 4B39 56 KB
20 KB 59ms
23ms Script
application/javascript 185.119.26.1
WEBDEVIIN-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://payment.allopass.com/static/js/ext/jquery-1.3.2.min.js
Requested by: Host: payment.allopass.com
URL: https://payment.allopass.com/buy/buy.apu?ids=299326&idd=1275257
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 185.119.26.1 , France, ASN203544 (WEBDEVIIN-AS, FR),
Reverse DNS: 1.26.119.185.in-addr.arpa
Software: Apache /
Resource Hash: c8370a2d050359e9d505acc411e6f457a49b21360a21e6cbc9229bad3a767899

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://payment.allopass.com/buy/buy.apu?ids=299326&idd=1275257
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

Date: Sat, 30 Dec 2023 12:18:53 GMT
Content-Encoding: gzip
Last-Modified: Mon, 21 Aug 2023 10:50:27 GMT
Server: Apache
ETag: "21722-dfa6-6036ca56d02c0"
Vary: Accept-Encoding
Content-Type: application/javascript
Connection: close
Accept-Ranges: bytes
Content-Length: 19740

GET
H/1.1 200
OK jquery-1.11.3.min.js Show response
payment.allopass.com/static/js/ext/ Frame 4B39 94 KB
33 KB 60ms
25ms Script
application/javascript 185.119.26.1
WEBDEVIIN-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://payment.allopass.com/static/js/ext/jquery-1.11.3.min.js
Requested by: Host: payment.allopass.com
URL: https://payment.allopass.com/buy/buy.apu?ids=299326&idd=1275257
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 185.119.26.1 , France, ASN203544 (WEBDEVIIN-AS, FR),
Reverse DNS: 1.26.119.185.in-addr.arpa
Software: Apache /
Resource Hash: ecb916133a9376911f10bc5c659952eb0031e457f5df367cde560edbfba38fb8

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://payment.allopass.com/buy/buy.apu?ids=299326&idd=1275257
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

Date: Sat, 30 Dec 2023 12:18:53 GMT
Content-Encoding: gzip
Last-Modified: Mon, 21 Aug 2023 10:50:27 GMT
Server: Apache
ETag: "21806-176d5-6036ca56d02c0"
Vary: Accept-Encoding
Content-Type: application/javascript
Connection: close
Accept-Ranges: bytes
Content-Length: 33279

GET
H/1.1 200
OK general.js Show response
payment.allopass.com/onetime/scripts/ Frame 4B39 4 KB
2 KB 57ms
21ms Script
application/javascript 185.119.26.1
WEBDEVIIN-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://payment.allopass.com/onetime/scripts/general.js?04
Requested by: Host: payment.allopass.com
URL: https://payment.allopass.com/buy/buy.apu?ids=299326&idd=1275257
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 185.119.26.1 , France, ASN203544 (WEBDEVIIN-AS, FR),
Reverse DNS: 1.26.119.185.in-addr.arpa
Software: Apache /
Resource Hash: c1893b3f02db32e36ee562842bc299d27c047656416c204667abf42f04777d2a

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://payment.allopass.com/buy/buy.apu?ids=299326&idd=1275257
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

Date: Sat, 30 Dec 2023 12:18:53 GMT
Content-Encoding: gzip
Last-Modified: Mon, 21 Aug 2023 10:50:26 GMT
Server: Apache
ETag: "20915-f37-6036ca55dc080"
Vary: Accept-Encoding
Content-Type: application/javascript
Connection: close
Accept-Ranges: bytes
Content-Length: 1593

GET
H/1.1 200
OK jBox.all.min.js Show response
payment.allopass.com/static/js/ext/ Frame 4B39 51 KB
13 KB 118ms
21ms Script
application/javascript 185.119.26.1
WEBDEVIIN-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://payment.allopass.com/static/js/ext/jBox.all.min.js
Requested by: Host: payment.allopass.com
URL: https://payment.allopass.com/buy/buy.apu?ids=299326&idd=1275257
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 185.119.26.1 , France, ASN203544 (WEBDEVIIN-AS, FR),
Reverse DNS: 1.26.119.185.in-addr.arpa
Software: Apache /
Resource Hash: d176bb09818fe74dc0e1d369c411c2e3ca68bbf64a8eb76b43ec306520229833

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://payment.allopass.com/buy/buy.apu?ids=299326&idd=1275257
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

Date: Sat, 30 Dec 2023 12:18:53 GMT
Content-Encoding: gzip
Last-Modified: Mon, 21 Aug 2023 10:50:27 GMT
Server: Apache
ETag: "2171f-cb59-6036ca56d02c0"
Vary: Accept-Encoding
Content-Type: application/javascript
Connection: close
Accept-Ranges: bytes
Content-Length: 12605

GET
H2 200 top.js Show response
gmu-apps.com/js/ Frame 4B39 54 KB
6 KB 698ms
164ms Script
application/javascript 54.219.2.218
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://gmu-apps.com/js/top.js
Requested by: Host: payment.allopass.com
URL: https://payment.allopass.com/buy/buy.apu?ids=299326&idd=1275257
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 54.219.2.218 San Jose, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-54-219-2-218.us-west-1.compute.amazonaws.com
Software: Apache /
Resource Hash: cdca24fd19906ad7adbf066e55d3ee87750c3901e9b5d1beb538408274d32109

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://payment.allopass.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 30 Dec 2023 12:18:53 GMT
content-encoding: gzip
last-modified: Fri, 02 Apr 2021 20:31:35 GMT
server: Apache
vary: Accept-Encoding
content-type: application/javascript
cache-control: max-age=0, no-cache, no-store, must-revalidate
accept-ranges: bytes
content-length: 5772
expires: Sun, 8 Mar 1981 10:00:00 GMT

GET
H/1.1 200
OK fr.png
payment.allopass.com/icons/flags/24x24/ Frame 4B39 536 B
774 B 55ms
19ms Image
image/png 185.119.26.1
WEBDEVIIN-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://payment.allopass.com/icons/flags/24x24/fr.png
Requested by: Host: payment.allopass.com
URL: https://payment.allopass.com/buy/buy.apu?ids=299326&idd=1275257
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 185.119.26.1 , France, ASN203544 (WEBDEVIIN-AS, FR),
Reverse DNS: 1.26.119.185.in-addr.arpa
Software: Apache /
Resource Hash: 54df4beda3ad05d5c621511ff15b2882588ff457e36132035d5f21fb29f2a750

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://payment.allopass.com/buy/buy.apu?ids=299326&idd=1275257
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

Date: Sat, 30 Dec 2023 12:18:53 GMT
Last-Modified: Tue, 26 Nov 2019 14:39:45 GMT
Server: Apache
ETag: "22c1e-218-59840d9ebee40"
Content-Type: image/png
Connection: close
Accept-Ranges: bytes
Content-Length: 536

GET
H/1.1 200
OK check-codes.js Show response
payment.allopass.com/static/js/ Frame 4B39 2 KB
1 KB 56ms
20ms Script
application/javascript 185.119.26.1
WEBDEVIIN-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://payment.allopass.com/static/js/check-codes.js?01
Requested by: Host: payment.allopass.com
URL: https://payment.allopass.com/buy/buy.apu?ids=299326&idd=1275257
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 185.119.26.1 , France, ASN203544 (WEBDEVIIN-AS, FR),
Reverse DNS: 1.26.119.185.in-addr.arpa
Software: Apache /
Resource Hash: 97a9de3830f4bd7bcb7cf4805dbdcf1f4c6e843fcd4a814c6a5d7bc2b11fee1a

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://payment.allopass.com/buy/buy.apu?ids=299326&idd=1275257
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

Date: Sat, 30 Dec 2023 12:18:53 GMT
Content-Encoding: gzip
Last-Modified: Mon, 21 Aug 2023 10:50:27 GMT
Server: Apache
ETag: "21a1b-9d7-6036ca56d02c0"
Vary: Accept-Encoding
Content-Type: application/javascript
Connection: close
Accept-Ranges: bytes
Content-Length: 795

GET
H/1.1 200
OK fingerprint2.min.js Show response
payment.allopass.com/static/js/ext/ Frame 4B39 33 KB
10 KB 72ms
21ms Script
application/javascript 185.119.26.1
WEBDEVIIN-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://payment.allopass.com/static/js/ext/fingerprint2.min.js
Requested by: Host: payment.allopass.com
URL: https://payment.allopass.com/buy/buy.apu?ids=299326&idd=1275257
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 185.119.26.1 , France, ASN203544 (WEBDEVIIN-AS, FR),
Reverse DNS: 1.26.119.185.in-addr.arpa
Software: Apache /
Resource Hash: faf063f091dd745b82f9aeb12544a10ef3ee5989078c1a90d377d863fff884c7

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://payment.allopass.com/buy/buy.apu?ids=299326&idd=1275257
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

Date: Sat, 30 Dec 2023 12:18:53 GMT
Content-Encoding: gzip
Last-Modified: Mon, 21 Aug 2023 10:50:27 GMT
Server: Apache
ETag: "41068-8432-6036ca56d02c0"
Vary: Accept-Encoding
Content-Type: application/javascript
Connection: close
Accept-Ranges: bytes
Content-Length: 10209

GET
H/1.1 200
OK arrow-down.png
payment.allopass.com/static/css/images/ Frame 4B39 315 B
553 B 55ms
19ms Image
image/png 185.119.26.1
WEBDEVIIN-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://payment.allopass.com/static/css/images/arrow-down.png
Requested by: Host: payment.allopass.com
URL: https://payment.allopass.com/buy/buy.apu?ids=299326&idd=1275257
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 185.119.26.1 , France, ASN203544 (WEBDEVIIN-AS, FR),
Reverse DNS: 1.26.119.185.in-addr.arpa
Software: Apache /
Resource Hash: c0a130d7b90ac605b17acd40337aa673f2f6b1779801ba8ea7d894d38b87ba36

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://payment.allopass.com/buy/buy.apu?ids=299326&idd=1275257
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

Date: Sat, 30 Dec 2023 12:18:53 GMT
Last-Modified: Mon, 21 Aug 2023 10:50:27 GMT
Server: Apache
ETag: "21648-13b-6036ca56d02c0"
Content-Type: image/png
Connection: close
Accept-Ranges: bytes
Content-Length: 315

GET
H/1.1 200
OK carousel.js Show response
payment.allopass.com/static/js/ Frame 4B39 7 KB
2 KB 55ms
20ms Script
application/javascript 185.119.26.1
WEBDEVIIN-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://payment.allopass.com/static/js/carousel.js?5
Requested by: Host: payment.allopass.com
URL: https://payment.allopass.com/buy/buy.apu?ids=299326&idd=1275257
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 185.119.26.1 , France, ASN203544 (WEBDEVIIN-AS, FR),
Reverse DNS: 1.26.119.185.in-addr.arpa
Software: Apache /
Resource Hash: 8db08a66fc20669ae93e6d8e919f56a863ce77d3e1ea0bb97efc4c35da450435

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://payment.allopass.com/buy/buy.apu?ids=299326&idd=1275257
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

Date: Sat, 30 Dec 2023 12:18:53 GMT
Content-Encoding: gzip
Last-Modified: Mon, 21 Aug 2023 10:50:27 GMT
Server: Apache
ETag: "21a1a-1b55-6036ca56d02c0"
Vary: Accept-Encoding
Content-Type: application/javascript
Connection: close
Accept-Ranges: bytes
Content-Length: 1830

GET
H2 200 gtm.js Show response
www.googletagmanager.com/ Frame 4B39 165 KB
60 KB 33ms
33ms Script
application/javascript 2a00:1450:4001:80f::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtm.js?id=GTM-NVK252XV

Requested by

Host: payment.allopass.com
URL: https://payment.allopass.com/buy/buy.apu?ids=299326&idd=1275257

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80f::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

fb8d00527dd2f164cdeedebb56d3d05b3c830b2518f319511068f42decfaaa0c

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://payment.allopass.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Sat, 30 Dec 2023 12:18:53 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 61201
x-xss-protection: 0
last-modified: Sat, 30 Dec 2023 12:00:00 GMT
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Sat, 30 Dec 2023 12:18:53 GMT

GET
H3 200 all Show response
www.pronostic-facile.fr/widget/partner/feed/ Frame E2EE 16 KB
6 KB 98ms
98ms Document
text/html 2606:4700:3031::ac43:b060
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://www.pronostic-facile.fr/widget/partner/feed/all
Requested by: Host: www.pronostic-facile.fr
URL: https://www.pronostic-facile.fr/widget/partner/script/feed
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3031::ac43:b060 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 18c41b5e6ce8bd7d67e819079a11906f871e8fbe15e79f66f9169a41aa8c23bd

Request headers

Referer: https://francecourses.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36
accept-language: fr-FR,fr;q=0.9

Response headers

alt-svc: h3=":443"; ma=86400
cache-control: private, max-age=0, must-revalidate
cf-cache-status: DYNAMIC
cf-ray: 83da3a5a6dcb0490-CDG
content-encoding: br
content-type: text/html; charset=utf-8
date: Sat, 30 Dec 2023 12:18:53 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
priority: u=0,i
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=7n%2FWpNrPv10RCnaZ3vA3V5zNpd9wA27yjmsBqfY1KIHVNaJSVBNeZ7cL8sxbnNg9PR7KQq%2BOHo6cTKsMhSJjfXZQuFN5XKCCwzsxn6Hx%2F%2B7ofOn9u2BNr2QdX%2BULCk7loOJ%2Bd2LWF94wYtS%2Bq4SvcNS2ehwImA%3D%3D"}],"group":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
x-runtime: 1

GET
H3 200 rocket-loader.min.js Show response
www.pronostic-facile.fr/cdn-cgi/scripts/7d0fa10a/cloudflare-static/ Frame 697B 12 KB
4 KB 20ms
20ms Script
application/javascript 2606:4700:3031::ac43:b060
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.pronostic-facile.fr/cdn-cgi/scripts/7d0fa10a/cloudflare-static/rocket-loader.min.js

Requested by

Host: www.pronostic-facile.fr
URL: https://www.pronostic-facile.fr/widget/beausoleil/quinte_infos/all

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:3031::ac43:b060 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

ccf00d1923b0131a10e0c6d26f95e5dee6ebf8621a27e83c5a2f68a2e0093142

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	DENY

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://www.pronostic-facile.fr/widget/beausoleil/quinte_infos/all
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Sat, 30 Dec 2023 12:18:53 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Tue, 19 Dec 2023 14:09:38 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
etag: W/"6581a422-302c"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=yjYk8WhXobgJjD7zkdevqlIENDOiB4HnDev%2Bg4UCDjUIu3NyZrfSh85z8%2FC4je6SBHj6vsr5VUeMViVNGvi6rF6K1Di1kza6PBT1P6zqriqPrhrgAEnj%2FeVlwVF2olLTqoI31eDTlW5baOM4NzOaVRH8qAKYOw%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
x-frame-options: DENY
cache-control: max-age=172800, public
cf-ray: 83da3a5a6dcc0490-CDG
expires: Mon, 01 Jan 2024 12:18:53 GMT

GET
H2 200 v84a3a4012de94ce1a686ba8c167c359c1696973893317 Show response
static.cloudflareinsights.com/beacon.min.js/ Frame 697B 20 KB
7 KB 84ms
45ms Script
text/javascript 2606:4700::6810:3865
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://static.cloudflareinsights.com/beacon.min.js/v84a3a4012de94ce1a686ba8c167c359c1696973893317
Requested by: Host: www.pronostic-facile.fr
URL: https://www.pronostic-facile.fr/widget/beausoleil/quinte_infos/all
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6810:3865 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 6153d13804862b0fc1c016cf1129f34cb7c6185f2cf4bf1a3a862eecdab50101

Request headers

Referer: https://www.pronostic-facile.fr/
Origin: https://www.pronostic-facile.fr
accept-language: fr-FR,fr;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Sat, 30 Dec 2023 12:18:53 GMT
content-encoding: gzip
last-modified: Tue, 10 Oct 2023 21:38:13 GMT
server: cloudflare
etag: W/"2023.10.0"
vary: Accept-Encoding
content-type: text/javascript;charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=86400
cross-origin-resource-policy: cross-origin
cf-ray: 83da3a5a9aab0286-CDG

GET
H2 200 js Show response
www.googletagmanager.com/gtag/ Frame 697B 186 KB
67 KB 131ms
74ms Script
application/javascript 2a00:1450:4001:80f::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=UA-630351-12

Requested by

Host: www.pronostic-facile.fr
URL: https://www.pronostic-facile.fr/cdn-cgi/scripts/7d0fa10a/cloudflare-static/rocket-loader.min.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80f::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

fbc2bea74fc17a747d3de16e4d679660e26d41f1100676a4027b1fcbae8d3238

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://www.pronostic-facile.fr/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Sat, 30 Dec 2023 12:18:53 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 68930
x-xss-protection: 0
last-modified: Sat, 30 Dec 2023 12:00:00 GMT
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Sat, 30 Dec 2023 12:18:53 GMT

GET
H/1.1 200
OK duration.css
payment.allopass.com/static/css/ Frame 4B39 3 KB
1 KB 35ms
20ms Stylesheet
text/css 185.119.26.1
WEBDEVIIN-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://payment.allopass.com/static/css/duration.css
Requested by: Host: payment.allopass.com
URL: https://payment.allopass.com/static/css/base.css?68
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 185.119.26.1 , France, ASN203544 (WEBDEVIIN-AS, FR),
Reverse DNS: 1.26.119.185.in-addr.arpa
Software: Apache /
Resource Hash: b88598db6441341112078d3c81ea00ddf76e566ad9c68dcfec28a4d5100ca7b8

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://payment.allopass.com/static/css/base.css?68
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

Date: Sat, 30 Dec 2023 12:18:53 GMT
Content-Encoding: gzip
Last-Modified: Mon, 21 Aug 2023 10:50:27 GMT
Server: Apache
ETag: "40f4f-b61-6036ca56d02c0"
Vary: Accept-Encoding
Content-Type: text/css
Connection: close
Accept-Ranges: bytes
Content-Length: 793

POST
H3 204 rum Show response
www.pronostic-facile.fr/cdn-cgi/ Frame 697B 0
147 B 21ms
21ms XHR
text/plain 2606:4700:3031::ac43:b060
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.pronostic-facile.fr/cdn-cgi/rum?

Requested by

Host: static.cloudflareinsights.com
URL: https://static.cloudflareinsights.com/beacon.min.js/v84a3a4012de94ce1a686ba8c167c359c1696973893317

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:3031::ac43:b060 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	DENY

Request headers

Referer: https://www.pronostic-facile.fr/widget/beausoleil/quinte_infos/all
accept-language: fr-FR,fr;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36
content-type: application/json

Response headers

date: Sat, 30 Dec 2023 12:18:53 GMT
x-content-type-options: nosniff
server: cloudflare
vary: Origin
access-control-max-age: 86400
access-control-allow-methods: POST,OPTIONS
access-control-allow-origin: https://www.pronostic-facile.fr
x-frame-options: DENY
access-control-allow-credentials: true
cf-ray: 83da3a5aee600490-CDG

GET
H2 200 rss-fp-1612893811.png
cdn1.pronostic-facile.fr/images/icones/16x16/ Frame E2EE 739 B
1 KB 47ms
26ms Image
image/png 2606:4700:3031::ac43:b060
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn1.pronostic-facile.fr/images/icones/16x16/rss-fp-1612893811.png
Requested by: Host: www.pronostic-facile.fr
URL: https://www.pronostic-facile.fr/widget/partner/feed/all
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3031::ac43:b060 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 33a9e139005456be86ff3edf316e2efbb38e5f8819a6a515feb8fb2d6cba36ee

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://www.pronostic-facile.fr/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Sat, 30 Dec 2023 12:18:53 GMT
via: 1.1 9345c53751ebf7e0c92c0f6e01b1dcb8.cloudfront.net (CloudFront)
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-amz-cf-pop: CDG52-P5
age: 3769398
x-cache: Hit from cloudfront
alt-svc: h3=":443"; ma=86400
content-length: 739
last-modified: Tue, 09 Feb 2021 18:03:31 GMT
server: cloudflare
etag: "6022ce73-2e3"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=o%2FPKWCxME7wFC44KPL5qGpmVVlYACkdlSF6uMeqDgKFIq3adgKXvcI7bUBvBaKcu%2Fy94WcLIH15cENscT7d7NVE6QKf4I6HsuDZcZg1VnS7oCwd%2BC3gCj8crdvA5lRXMZSZuGAme1tsB4Q%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=315360000
accept-ranges: bytes
cf-ray: 83da3a5b49a06f34-CDG
x-amz-cf-id: WYYQ7KC1FCUP6R1uNn-xu5REQKbDNplBGiP0P5c37skAKS1r6KSmVQ==
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H3 200 rocket-loader.min.js Show response
www.pronostic-facile.fr/cdn-cgi/scripts/7d0fa10a/cloudflare-static/ Frame E2EE 12 KB
4 KB 20ms
20ms Script
application/javascript 2606:4700:3031::ac43:b060
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.pronostic-facile.fr/cdn-cgi/scripts/7d0fa10a/cloudflare-static/rocket-loader.min.js

Requested by

Host: www.pronostic-facile.fr
URL: https://www.pronostic-facile.fr/widget/partner/feed/all

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:3031::ac43:b060 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

ccf00d1923b0131a10e0c6d26f95e5dee6ebf8621a27e83c5a2f68a2e0093142

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	DENY

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://www.pronostic-facile.fr/widget/partner/feed/all
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Sat, 30 Dec 2023 12:18:53 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Tue, 19 Dec 2023 14:09:38 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
etag: W/"6581a422-302c"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=y3pyw%2BYBVkpnbHOawIgu8g9rKlRXiJ54Myke1KhQZY63SaWJfJGWXAeZjRLwkNl1XH%2FWo%2FeEyTivby0rOzL9XznKFuS2ludZ6e7K22wLAhWY8HKK1V7gKgaYO50b3ui%2F95hH8gnIf8G3pZSyx2xahMHujd4D3w%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
x-frame-options: DENY
cache-control: max-age=172800, public
cf-ray: 83da3a5b2eb40490-CDG
expires: Mon, 01 Jan 2024 12:18:53 GMT

GET
H2 200 v84a3a4012de94ce1a686ba8c167c359c1696973893317 Show response
static.cloudflareinsights.com/beacon.min.js/ Frame E2EE 20 KB
7 KB 57ms
56ms Script
text/javascript 2606:4700::6810:3865
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://static.cloudflareinsights.com/beacon.min.js/v84a3a4012de94ce1a686ba8c167c359c1696973893317
Requested by: Host: www.pronostic-facile.fr
URL: https://www.pronostic-facile.fr/widget/partner/feed/all
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6810:3865 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 6153d13804862b0fc1c016cf1129f34cb7c6185f2cf4bf1a3a862eecdab50101

Request headers

Referer: https://www.pronostic-facile.fr/
Origin: https://www.pronostic-facile.fr
accept-language: fr-FR,fr;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Sat, 30 Dec 2023 12:18:53 GMT
content-encoding: gzip
last-modified: Tue, 10 Oct 2023 21:38:13 GMT
server: cloudflare
etag: W/"2023.10.0"
vary: Accept-Encoding
content-type: text/javascript;charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=86400
cross-origin-resource-policy: cross-origin
cf-ray: 83da3a5b2b230286-CDG

GET
DATA 200
OK truncated
/ Frame E2EE 1 KB
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: cc1f17eb97dc9ae2e869982ff18c92729195281f5b6b685128e10778b24e73a3

Request headers

accept-language: fr-FR,fr;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

Content-Type: image/png

GET
H2 200 js Show response
www.googletagmanager.com/gtag/ Frame E2EE 186 KB
67 KB 38ms
38ms Script
application/javascript 2a00:1450:4001:80f::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=UA-630351-12

Requested by

Host: www.pronostic-facile.fr
URL: https://www.pronostic-facile.fr/cdn-cgi/scripts/7d0fa10a/cloudflare-static/rocket-loader.min.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80f::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

79463398f700ae455cd633cacd8f5328bee52657ddb052b242d96a00fb96b5e0

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://www.pronostic-facile.fr/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Sat, 30 Dec 2023 12:18:53 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 68933
x-xss-protection: 0
last-modified: Sat, 30 Dec 2023 12:00:00 GMT
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Sat, 30 Dec 2023 12:18:53 GMT

GET
H2 200 js Show response
www.googletagmanager.com/gtag/ Frame 697B 225 KB
80 KB 40ms
39ms Script
application/javascript 2a00:1450:4001:80f::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=G-PEY0K16Y5K&l=dataLayer&cx=c

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=UA-630351-12

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80f::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

3ed80230c99e78970e2d9b103242463b155c31f9237b47b9e25096b23c7f4fb7

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://www.pronostic-facile.fr/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Sat, 30 Dec 2023 12:18:53 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
access-control-allow-headers: Cache-Control
content-length: 81392
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires: Sat, 30 Dec 2023 12:18:53 GMT

GET
H2 200 analytics.js Show response
www.google-analytics.com/ Frame 697B 52 KB
21 KB 80ms
24ms Script
text/javascript 2a00:1450:4001:82a::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/analytics.js

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=UA-630351-12

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82a::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

de36e50194320a7d3ef1ace9bd34a875a8bd458b253c061979dd628e9bf49afd

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://www.pronostic-facile.fr/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

strict-transport-security: max-age=10886400; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
date: Sat, 30 Dec 2023 11:48:17 GMT
last-modified: Tue, 12 Dec 2023 18:09:08 GMT
server: Golfe2
age: 1836
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=7200
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 20994
expires: Sat, 30 Dec 2023 13:48:17 GMT

POST
H3 204 rum Show response
www.pronostic-facile.fr/cdn-cgi/ Frame E2EE 0
147 B 19ms
19ms XHR
text/plain 2606:4700:3031::ac43:b060
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.pronostic-facile.fr/cdn-cgi/rum?

Requested by

Host: static.cloudflareinsights.com
URL: https://static.cloudflareinsights.com/beacon.min.js/v84a3a4012de94ce1a686ba8c167c359c1696973893317

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:3031::ac43:b060 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	DENY

Request headers

Referer: https://www.pronostic-facile.fr/widget/partner/feed/all
accept-language: fr-FR,fr;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36
content-type: application/json

Response headers

date: Sat, 30 Dec 2023 12:18:53 GMT
x-content-type-options: nosniff
server: cloudflare
vary: Origin
access-control-max-age: 86400
access-control-allow-methods: POST,OPTIONS
access-control-allow-origin: https://www.pronostic-facile.fr
x-frame-options: DENY
access-control-allow-credentials: true
cf-ray: 83da3a5b9f270490-CDG

GET
H3 200 js Show response
www.googletagmanager.com/gtag/ Frame E2EE 225 KB
80 KB 38ms
38ms Script
application/javascript 2a00:1450:4001:80f::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=G-PEY0K16Y5K&l=dataLayer&cx=c

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=UA-630351-12

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

9888c455cf2d308bf556bbf0d0cc33455bfd97f3797e49702e9eeab60f5b697d

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://www.pronostic-facile.fr/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Sat, 30 Dec 2023 12:18:53 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
access-control-allow-headers: Cache-Control
content-length: 81392
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires: Sat, 30 Dec 2023 12:18:53 GMT

GET
H2 200 analytics.js Show response
www.google-analytics.com/ Frame E2EE 52 KB
21 KB 71ms
33ms Script
text/javascript 2a00:1450:4001:82a::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/analytics.js

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=UA-630351-12

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82a::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

de36e50194320a7d3ef1ace9bd34a875a8bd458b253c061979dd628e9bf49afd

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://www.pronostic-facile.fr/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

strict-transport-security: max-age=10886400; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
date: Sat, 30 Dec 2023 11:48:17 GMT
last-modified: Tue, 12 Dec 2023 18:09:08 GMT
server: Golfe2
age: 1836
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=7200
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 20994
expires: Sat, 30 Dec 2023 13:48:17 GMT

GET
H/1.1 200
OK secure-lock.gif
payment.allopass.com/static/css/icons/ Frame 4B39 181 B
418 B 56ms
19ms Image
image/gif 185.119.26.1
WEBDEVIIN-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://payment.allopass.com/static/css/icons/secure-lock.gif
Requested by: Host: payment.allopass.com
URL: https://payment.allopass.com/static/css/base.css?68
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 185.119.26.1 , France, ASN203544 (WEBDEVIIN-AS, FR),
Reverse DNS: 1.26.119.185.in-addr.arpa
Software: Apache /
Resource Hash: b74d93c2e43195ed06c03dcc855663cce5faec3d82a53598eb84f0714bb5ced9

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://payment.allopass.com/static/css/base.css?68
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

Date: Sat, 30 Dec 2023 12:18:53 GMT
Last-Modified: Mon, 21 Aug 2023 10:50:27 GMT
Server: Apache
ETag: "40f91-b5-6036ca56d02c0"
Content-Type: image/gif
Connection: close
Accept-Ranges: bytes
Content-Length: 181

GET
H/1.1 200
OK field.png
payment.allopass.com/static/css/images/ Frame 4B39 170 B
407 B 128ms
79ms Image
image/png 185.119.26.1
WEBDEVIIN-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://payment.allopass.com/static/css/images/field.png
Requested by: Host: payment.allopass.com
URL: https://payment.allopass.com/static/css/base.css?68
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 185.119.26.1 , France, ASN203544 (WEBDEVIIN-AS, FR),
Reverse DNS: 1.26.119.185.in-addr.arpa
Software: Apache /
Resource Hash: 7ffb9e58d885b0eaf644c52103b65f0019590149c75e77ff18f826d9bb3fa4e9

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://payment.allopass.com/static/css/base.css?68
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

Date: Sat, 30 Dec 2023 12:18:53 GMT
Last-Modified: Mon, 21 Aug 2023 10:50:27 GMT
Server: Apache
ETag: "2165b-aa-6036ca56d02c0"
Content-Type: image/png
Connection: close
Accept-Ranges: bytes
Content-Length: 170

GET
H/1.1 200
OK allopass-logo-small.svg
payment.allopass.com/static/css/images/ Frame 4B39 116 KB
116 KB 121ms
74ms Image
image/svg+xml 185.119.26.1
WEBDEVIIN-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://payment.allopass.com/static/css/images/allopass-logo-small.svg
Requested by: Host: payment.allopass.com
URL: https://payment.allopass.com/static/css/base.css?68
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 185.119.26.1 , France, ASN203544 (WEBDEVIIN-AS, FR),
Reverse DNS: 1.26.119.185.in-addr.arpa
Software: Apache /
Resource Hash: a82d1b3a85473bad87120c7d6b42782c0b5132e88feab8d6bd22a65ac85f70d4

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://payment.allopass.com/static/css/base.css?68
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

Date: Sat, 30 Dec 2023 12:18:53 GMT
Last-Modified: Mon, 21 Aug 2023 10:50:27 GMT
Server: Apache
ETag: "21732-1cf64-6036ca56d02c0"
Content-Type: image/svg+xml
Connection: close
Accept-Ranges: bytes
Content-Length: 118628

GET
H/1.1 200
OK carousel-row-mobiyo.png
payment.allopass.com/static/css/images/ Frame 4B39 87 KB
87 KB 122ms
75ms Image
image/png 185.119.26.1
WEBDEVIIN-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://payment.allopass.com/static/css/images/carousel-row-mobiyo.png
Requested by: Host: payment.allopass.com
URL: https://payment.allopass.com/static/css/carousel.css?68
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 185.119.26.1 , France, ASN203544 (WEBDEVIIN-AS, FR),
Reverse DNS: 1.26.119.185.in-addr.arpa
Software: Apache /
Resource Hash: 5b0231eec0d06b77f534fe202e99a40e89685551d6f1afdebc3c581e3ea76a0b

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://payment.allopass.com/static/css/carousel.css?68
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

Date: Sat, 30 Dec 2023 12:18:53 GMT
Last-Modified: Mon, 21 Aug 2023 10:50:27 GMT
Server: Apache
ETag: "40fa1-15a80-6036ca56d02c0"
Content-Type: image/png
Connection: close
Accept-Ranges: bytes
Content-Length: 88704

GET
H3 200 destination Show response
www.googletagmanager.com/gtag/ Frame 4B39 289 KB
94 KB 89ms
88ms Script
application/javascript 2a00:1450:4001:80f::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/destination?id=G-QG320G96PZ&l=dataLayer&cx=c

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-NVK252XV

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

182bb9e2f35779a634652d0c99f706d6e196283ca92cf6147a63a40a54afcef0

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://payment.allopass.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Sat, 30 Dec 2023 12:18:53 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
access-control-allow-headers: Cache-Control
content-length: 96690
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires: Sat, 30 Dec 2023 12:18:53 GMT

POST
H2 200 chk.php Show response
gmu-apps.com/ Frame 4B39 0
94 B 482ms
169ms XHR
text/html 54.219.2.218
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://gmu-apps.com/chk.php
Requested by: Host: banco3.onlc.fr
URL: https://banco3.onlc.fr/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 54.219.2.218 San Jose, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-54-219-2-218.us-west-1.compute.amazonaws.com
Software: Apache /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://payment.allopass.com/
accept-language: fr-FR,fr;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36
Content-Type: application/x-www-form-urlencoded

Response headers

access-control-allow-origin: *
date: Sat, 30 Dec 2023 12:18:54 GMT
server: Apache
content-length: 0
content-type: text/html; charset=UTF-8

Verdicts & Comments Add Verdict or Comment

12 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

3 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
banco3.onlc.fr/	1970-01-20 17:19:34	Name: PHPSESSID Value: auk9sti7lu3ro8hkfmocuh6i08
payment.allopass.com/	1969-12-31 23:59:59	Name: ShopSessionId Value: 4bfc413a-861c-4815-bd16-aba68933dbf2
.allopass.com/	1970-01-21 02:04:34	Name: AP_CUSK Value: 3638704502

2 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
security	warning	URL: https://banco3.onlc.fr/ Message: Mixed Content: The page at 'https://banco3.onlc.fr/' was loaded over HTTPS, but requested an insecure element 'http://s10.flagcounter.com/map/rsen/size_s/txt_000000/border_CCCCCC/pageviews_1/viewers_0/flags_0/'. This request was automatically upgraded to HTTPS, For more information see https://blog.chromium.org/2019/10/no-more-mixed-messages-about-https.html
security	warning	URL: https://banco3.onlc.fr/(Line 130) Message: Mixed Content: The page at 'https://banco3.onlc.fr/' was loaded over HTTPS, but requested an insecure element 'http://s10.flagcounter.com/map/rsen/size_s/txt_000000/border_CCCCCC/pageviews_1/viewers_0/flags_0/'. This request was automatically upgraded to HTTPS, For more information see https://blog.chromium.org/2019/10/no-more-mixed-messages-about-https.html

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

ajax.googleapis.com
banco3.onlc.fr
cdn.jsdelivr.net
cdn1.pronostic-facile.fr
cdnjs.cloudflare.com
francecourses.com
gmu-apps.com
payment.allopass.com
s10.flagcounter.com
static.cloudflareinsights.com
static.onlc.eu
www.google-analytics.com
www.googletagmanager.com
www.pronostic-facile.fr
185.119.26.1
2606:4700:20::681a:6a2
2606:4700:20::ac43:48cb
2606:4700:3031::ac43:b060
2606:4700::6810:3865
2606:4700::6810:5514
2606:4700::6811:190e
2a00:1450:4001:80e::200a
2a00:1450:4001:80f::2008
2a00:1450:4001:82a::200e
2a02:4780:27:1147:0:2471:9b8b:2
45.58.124.226
54.219.2.218
0ae51d165e857dcaf5457e5b59239fd1adf09bcb58deb336a4704853272f8fb1
16393c3e769e20445f7f78adf6a188dae9d932249842c1033dc2144bac1296ac
178f8ce68c079d701fb2d8e636b6c0ce046c1ad7f7294d22398a8d374de0c50c
182bb9e2f35779a634652d0c99f706d6e196283ca92cf6147a63a40a54afcef0
18c41b5e6ce8bd7d67e819079a11906f871e8fbe15e79f66f9169a41aa8c23bd
1decf61f3465e4585a9a8cd868c343796bb6f43dfd1f03fa0b361dab97b4627c
2a6bffd614771fc60619abe7e7f1ccebe3d1434e83abe9947821edb5a588e786
2d0d688227d7a366fbe9b7c56a889cc66784190277581f52a7e82bc2996c1d1d
33a9e139005456be86ff3edf316e2efbb38e5f8819a6a515feb8fb2d6cba36ee
3975eb898756e296608f964f0fe799ecf25bbf79467666a3c3218dad3db1de6e
3e708dbf912331c069cc4c7ee2230e3d95802dbf55f458a6c6a4445afe676f2b
3ed80230c99e78970e2d9b103242463b155c31f9237b47b9e25096b23c7f4fb7
4104a267c7a5a5f95617a0161dc278892d36b6a603fd10314b5629a436f7f37f
47b68dce8cb6805ad5b3ea4d27af92a241f4e29a5c12a274c852e4346a0500b4
49d27f3ea606ba1b50258dd4b6fe16e83f1b9c5f7a0fae518398149aee2ae043
513cec403f6af81be17808ef9b227d5ea5a3ffa19eb5bcf72b035b5f3d802a25
52ed3db08547075f5bba86c1ddb148bc3b0953fa2b1d3e564d1988a369736974
54df4beda3ad05d5c621511ff15b2882588ff457e36132035d5f21fb29f2a750
5544764b0ce3f547366a931223094c6c1ed1d340e9abb5fb1d4789f44c02a472
5b0231eec0d06b77f534fe202e99a40e89685551d6f1afdebc3c581e3ea76a0b
5ecb9fa015efa552725f2848be3041a9efca1ae5854c0694ba9cc468e84f972d
6153d13804862b0fc1c016cf1129f34cb7c6185f2cf4bf1a3a862eecdab50101
7183a05060f815ad74aab94bc85e6d98cb03491fac64c7f96523628074074312
743134f8f91c971afca51ec4c6e1f9aeca2b4fcbda3abc08b9dba066548e83dc
79463398f700ae455cd633cacd8f5328bee52657ddb052b242d96a00fb96b5e0
7ffb9e58d885b0eaf644c52103b65f0019590149c75e77ff18f826d9bb3fa4e9
87f94d1c864f64f059185532d5c13dc78fa80c920ed41e0530c53285d49cd0bb
8db08a66fc20669ae93e6d8e919f56a863ce77d3e1ea0bb97efc4c35da450435
97a9de3830f4bd7bcb7cf4805dbdcf1f4c6e843fcd4a814c6a5d7bc2b11fee1a
9888c455cf2d308bf556bbf0d0cc33455bfd97f3797e49702e9eeab60f5b697d
a3ecfe4da73d3f04f54aca493982a068a9e328942a64100bfc976cbae9cafb10
a82d1b3a85473bad87120c7d6b42782c0b5132e88feab8d6bd22a65ac85f70d4
a9eccfd8fa2dc13ea8cc64cb51317ab17db1c0c28dda4f67bfd8f480750d1b2c
aef0d8a3945d74c152b0cb8916bc02d36617abe6b94a8077ad5d9133bb34d7da
b74d93c2e43195ed06c03dcc855663cce5faec3d82a53598eb84f0714bb5ced9
b88598db6441341112078d3c81ea00ddf76e566ad9c68dcfec28a4d5100ca7b8
c0a130d7b90ac605b17acd40337aa673f2f6b1779801ba8ea7d894d38b87ba36
c1893b3f02db32e36ee562842bc299d27c047656416c204667abf42f04777d2a
c190fd4534143b46005a1fb176e61c80c6dc36b7893ba45f2d5480217dfcb8c3
c754af3cd8119f8d1ffb464c92c63cf0857116b9b29f776e0c7c75975daaff56
c8370a2d050359e9d505acc411e6f457a49b21360a21e6cbc9229bad3a767899
ca9db144acb25acb923cacb7e0224040e5baa5e442e9a16982acb16187bfde36
cc1f17eb97dc9ae2e869982ff18c92729195281f5b6b685128e10778b24e73a3
ccf00d1923b0131a10e0c6d26f95e5dee6ebf8621a27e83c5a2f68a2e0093142
cdca24fd19906ad7adbf066e55d3ee87750c3901e9b5d1beb538408274d32109
d176bb09818fe74dc0e1d369c411c2e3ca68bbf64a8eb76b43ec306520229833
d2ea6c1e0cabca20d18e924b25a1cd0187c38ba7c33f60ab06e1b0402b9bcdb5
d8f9afbf492e4c139e9d2bcb9ba6ef7c14921eb509fb703bc7a3f911b774eff8
d939d21f27010c09b6c2966681d8b4cfcd64ca418f240922518f967fded16ef6
de36e50194320a7d3ef1ace9bd34a875a8bd458b253c061979dd628e9bf49afd
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
ec1e78be371a37bb7191514684de498dfffa760040f873fcb380484873d84392
ecb916133a9376911f10bc5c659952eb0031e457f5df367cde560edbfba38fb8
faf063f091dd745b82f9aeb12544a10ef3ee5989078c1a90d377d863fff884c7
fb8d00527dd2f164cdeedebb56d3d05b3c830b2518f319511068f42decfaaa0c
fbc2bea74fc17a747d3de16e4d679660e26d41f1100676a4027b1fcbae8d3238

banco3.onlc.fr Open in urlscan Pro 2606:4700:20::ac43:48cb Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Detected technologies

Page Statistics

60 Requests

100 %HTTPS

77 %IPv6

13 Domains

14 Subdomains

14 IPs

3 Countries

2744 kBTransfer

4390 kBSize

3 Cookies

6 Outgoing links

Redirected requests

60 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 1 data transactions

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

banco3.onlc.fr Open in urlscan Pro
2606:4700:20::ac43:48cb Public Scan

Screenshot
Live screenshot

Full Image

60
Requests

100 %
HTTPS

77 %
IPv6

13
Domains

14
Subdomains

14
IPs

3
Countries

2744 kB
Transfer

4390 kB
Size

3
Cookies

60 HTTP transactions
1 data transactions