www.confidencescourses.com Open in urlscan Pro
194.150.236.165 Public Scan

Go To Rescan
Add Verdict Report

URL:
https://www.confidencescourses.com/index.php?la_page_demandee=pronostics_du_jour/
Submission: On March 12 via manual (March 12th 2022, 7:38:51 pm UTC) from BF — Scanned from FR

Summary HTTP 43 Redirects Links 24 Behaviour Indicators

Summary

This website contacted 10 IPs in 3 countries across 17 domains to perform 43 HTTP transactions. The main IP is 194.150.236.165, located in France and belongs to HIWIT_AS, FR. The main domain is www.confidencescourses.com.
TLS certificate: Issued by R3 on February 6th 2022. Valid for: 3 months.

This is the only time www.confidencescourses.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
8	194.150.236.165 194.150.236.165	44976 (HIWIT_AS) (HIWIT_AS)
19	185.119.26.1 185.119.26.1	203544 (WEBDEVIIN-AS) (WEBDEVIIN-AS)
6	194.150.236.236 194.150.236.236	44976 (HIWIT_AS) (HIWIT_AS)
1	142.250.185.225 142.250.185.225	15169 (GOOGLE) (GOOGLE)
2 5	194.150.236.190 194.150.236.190	44976 (HIWIT_AS) (HIWIT_AS)
1 2	188.114.96.7 188.114.96.7	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	194.150.236.5 194.150.236.5	44976 (HIWIT_AS) (HIWIT_AS)
2	54.241.227.114 54.241.227.114	16509 (AMAZON-02) (AMAZON-02)
1	172.217.16.136 172.217.16.136	15169 (GOOGLE) (GOOGLE)
1	142.250.185.142 142.250.185.142	15169 (GOOGLE) (GOOGLE)
43	10

8 194.150.236.165 (France)

ASN44976 (HIWIT_AS, FR)
PTR: ns5.hiwit.net

www.confidencescourses.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
www.tagalataturf.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
www.levainqueur.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

19 185.119.26.1 (France)

ASN203544 (WEBDEVIIN-AS, FR)
PTR: 1.26.119.185.in-addr.arpa

payment.allopass.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 194.150.236.236 (France)

ASN44976 (HIWIT_AS, FR)
PTR: ns76.hiwit.net

www.biltoturf.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
www.millionturf.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
www.edenturf.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 142.250.185.225 (United States)

ASN15169 (GOOGLE, US)
PTR: fra16s53-in-f1.1e100.net

lh3.googleusercontent.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 194.150.236.190 (France) 2 redirects

ASN44976 (HIWIT_AS, FR)
PTR: ns30.hiwit.net

www.top-pmu.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
zetop.info	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
www.zetop.info	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
www.turfsur.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
www.snprono.powa.fr	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 188.114.96.7 (Medellín, Colombia) 1 redirects

ASN13335 (CLOUDFLARENET, US)

img.root-top.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 194.150.236.5 (France)

ASN44976 (HIWIT_AS, FR)
PTR: ns.allo-heberge.com

ns.allo-heberge.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 54.241.227.114 (San Jose, United States)

ASN16509 (AMAZON-02, US)
PTR: ec2-54-241-227-114.us-west-1.compute.amazonaws.com

gmu-apps.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 172.217.16.136 (United States)

ASN15169 (GOOGLE, US)
PTR: fra15s46-in-f8.1e100.net

www.googletagmanager.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 142.250.185.142 (United States)

ASN15169 (GOOGLE, US)
PTR: fra16s50-in-f14.1e100.net

www.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
19	allopass.com payment.allopass.com	294 KB
6	confidencescourses.com www.confidencescourses.com	1 MB
3	millionturf.com www.millionturf.com	99 KB
2	gmu-apps.com gmu-apps.com	6 KB
2	root-top.com 1 redirects img.root-top.com	5 KB
2	zetop.info 1 redirects zetop.info www.zetop.info	11 KB
2	biltoturf.com www.biltoturf.com	83 KB
1	google-analytics.com www.google-analytics.com — Cisco Umbrella Rank: 31	20 KB
1	googletagmanager.com www.googletagmanager.com — Cisco Umbrella Rank: 54	37 KB
1	allo-heberge.com ns.allo-heberge.com
1	powa.fr 1 redirects www.snprono.powa.fr	282 B
1	turfsur.com www.turfsur.com	12 KB
1	levainqueur.com www.levainqueur.com	28 KB
1	tagalataturf.com www.tagalataturf.com	6 KB
1	top-pmu.com www.top-pmu.com	13 KB
1	googleusercontent.com lh3.googleusercontent.com — Cisco Umbrella Rank: 49	55 KB
1	edenturf.com www.edenturf.com	19 KB
43	17

	Domain	Requested by
19	payment.allopass.com	www.confidencescourses.com payment.allopass.com
6	www.confidencescourses.com	www.confidencescourses.com
3	www.millionturf.com	www.confidencescourses.com
2	gmu-apps.com	payment.allopass.com www.confidencescourses.com
2	img.root-top.com	1 redirects www.confidencescourses.com
2	www.biltoturf.com	www.confidencescourses.com
1	www.google-analytics.com	www.googletagmanager.com
1	www.googletagmanager.com	payment.allopass.com
1	ns.allo-heberge.com	www.confidencescourses.com
1	www.snprono.powa.fr	1 redirects
1	www.turfsur.com	www.confidencescourses.com
1	www.levainqueur.com	www.confidencescourses.com
1	www.zetop.info	www.confidencescourses.com
1	zetop.info	1 redirects
1	www.tagalataturf.com	www.confidencescourses.com
1	www.top-pmu.com	www.confidencescourses.com
1	lh3.googleusercontent.com	www.confidencescourses.com
1	www.edenturf.com	www.confidencescourses.com
43	18

This site contains links to these domains. Also see Links.

Domain
www.europeturf.com
www.expressturf.net
www.gainsturf.com
www.genyturf.net
www.goldenturf.net
www.tagalataturf.com
lespecialistedutierce.blogspot.com
repereduturf.blogspot.com
quinte-magic.blogspot.com
course-original.blogspot.com
bonuspecial.blogspot.com
eruditcourse.blogspot.com
www.quinte-magic.com
turforiginal-vip.blogspot.com
basefiable.blogspot.com
www.biltoturf.com
pronosprecis.blogspot.com
yvancourse.blogspot.com
www.zetop.info
www.levainqueur.com
www.turfsur.com
www.root-top.com

Subject Issuer	Validity	Valid
confidencescourses.com R3	`2022-02-06` - `2022-05-07`	3 months	crt.sh
*.allopass.com Gandi Standard SSL CA 2	`2021-10-08` - `2022-10-08`	a year	crt.sh
biltoturf.com R3	`2022-02-18` - `2022-05-19`	3 months	crt.sh
millionturf.com R3	`2022-02-02` - `2022-05-03`	3 months	crt.sh
edenturf.com R3	`2022-02-18` - `2022-05-19`	3 months	crt.sh
*.googleusercontent.com GTS CA 1C3	`2022-02-17` - `2022-05-12`	3 months	crt.sh
top-pmu.com R3	`2022-02-04` - `2022-05-05`	3 months	crt.sh
tagalataturf.com R3	`2022-02-06` - `2022-05-07`	3 months	crt.sh
levainqueur.com R3	`2022-02-06` - `2022-05-07`	3 months	crt.sh
turfsur.com R3	`2022-02-04` - `2022-05-05`	3 months	crt.sh
sni.cloudflaressl.com Cloudflare Inc ECC CA-3	`2021-07-03` - `2022-07-02`	a year	crt.sh
gmu-apps.com Amazon	`2022-01-31` - `2023-03-01`	a year	crt.sh
*.google-analytics.com GTS CA 1C3	`2022-02-17` - `2022-05-12`	3 months	crt.sh

This page contains 2 frames:

Primary Page: https://www.confidencescourses.com/index.php?la_page_demandee=pronostics_du_jour/
Frame ID: 7B9CAF2198FA0BA6E53ACEA4B70A88D3
Requests: 20 HTTP requests in this frame

Frame: https://payment.allopass.com/buy/buy.apu?ids=351086&idd=1553509
Frame ID: 1C34DEFC21EEB2693A72AA94D68D00AC
Requests: 23 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

CONFIDENCES COURSESUntitled Document

Detected technologies

PHP (Programming Languages) Expand

Overall confidence: 100%
Detected patterns

\.php(?:$|\?)

FingerprintJS (JavaScript libraries) Expand

Overall confidence: 100%
Detected patterns

fingerprint(\d)?(?:\.min)?\.js

Google Analytics (Analytics) Expand

Overall confidence: 100%
Detected patterns

google-analytics\.com/(?:ga|urchin|analytics)\.js

Google Tag Manager (Tag Managers) Expand

Overall confidence: 100%
Detected patterns

googletagmanager\.com/gtm\.js

jQuery (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

jquery[.-]([\d.]*\d)[^/]*\.js
jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

Page Statistics

43
Requests

95 %
HTTPS

0 %
IPv6

17
Domains

18
Subdomains

10
IPs

3
Countries

1755 kB
Transfer

2153 kB
Size

3
Cookies

24 Outgoing links

These are links going to different origins than the main page.

URL: http://www.europeturf.com/
Title: EuropeTurf

Search URL Search Domain Scan URL

URL: http://www.expressturf.net/
Title: ExpressTurf

Search URL Search Domain Scan URL

URL: http://www.gainsturf.com/
Title: GainsTurf

Search URL Search Domain Scan URL

URL: http://www.genyturf.net/
Title: GenyTurf

Search URL Search Domain Scan URL

URL: http://www.goldenturf.net/
Title: GoldenTurf

Search URL Search Domain Scan URL

URL: http://www.tagalataturf.com/
Title: TagalataTurf

Search URL Search Domain Scan URL

URL: https://lespecialistedutierce.blogspot.com/
Title: LeSpecialisteduTierce

Search URL Search Domain Scan URL

URL: https://repereduturf.blogspot.com/
Title: RepereduTurf

Search URL Search Domain Scan URL

URL: https://quinte-magic.blogspot.com/
Title: QuinteMagic

Search URL Search Domain Scan URL

URL: https://course-original.blogspot.com/
Title: CourseOriginal

Search URL Search Domain Scan URL

URL: https://bonuspecial.blogspot.com/
Title: BonuSpecial

Search URL Search Domain Scan URL

URL: https://eruditcourse.blogspot.com/
Title: EruditCourse

Search URL Search Domain Scan URL

URL: https://www.quinte-magic.com/

Search URL Search Domain Scan URL

URL: https://turforiginal-vip.blogspot.com/

Search URL Search Domain Scan URL

URL: https://basefiable.blogspot.com/

Search URL Search Domain Scan URL

URL: http://www.biltoturf.com/

Search URL Search Domain Scan URL

URL: http://pronosprecis.blogspot.com/

Search URL Search Domain Scan URL

URL: http://yvancourse.blogspot.com/

Search URL Search Domain Scan URL

URL: http://www.biltoturf.com/vote.php?id=110

Search URL Search Domain Scan URL

URL: http://www.zetop.info/vote.php?id=178

Search URL Search Domain Scan URL

URL: http://www.levainqueur.com/vote.php?id=172

Search URL Search Domain Scan URL

URL: http://www.turfsur.com/topsite/vote.php?id=886

Search URL Search Domain Scan URL

URL: http://www.root-top.com/topsite/secreturf/in.php?ID=204

Search URL Search Domain Scan URL

URL: http://www.root-top.com/topsite/turfplus/in.php?ID=557

Search URL Search Domain Scan URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 15

https://zetop.info/img/logo_zetop.gif HTTP 301
https://www.zetop.info/img/logo_zetop.gif

Request Chain 18

https://img.root-top.com/topsite/secreturf/banner.gif HTTP 302
https://www.snprono.powa.fr/secreturf.gif HTTP 302
https://ns.allo-heberge.com/

43 HTTP transactions
0 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H/1.1 200
OK Primary Request index.php Show response
www.confidencescourses.com/ 16 KB
16 KB 162ms
87ms Document
text/html 194.150.236.165
HIWIT_AS

General

Check archive.org

Show headers Download Go to

Full URL

https://www.confidencescourses.com/index.php?la_page_demandee=pronostics_du_jour/

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

194.150.236.165 , France, ASN44976 (HIWIT_AS, FR),

Reverse DNS

ns5.hiwit.net

Software

Apache /

Resource Hash

ec76dea602d465249a0adb0ab881a20786313966892873f858154b1328ca1c8e

Security Headers

Name	Value
Strict-Transport-Security	max-age=15768000

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Accept-Language: fr-FR,fr;q=0.9

Response headers

Date: Sat, 12 Mar 2022 19:38:45 GMT
Server: Apache
Expires: Thu, 19 Nov 1981 08:52:00 GMT
Cache-Control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
Pragma: no-cache
Strict-Transport-Security: max-age=15768000
Vary: Host
Keep-Alive: timeout=15, max=100
Connection: Keep-Alive
Transfer-Encoding: chunked
Content-Type: text/html

GET
H/1.1 200
OK head.jpg
www.confidencescourses.com/ 58 KB
58 KB 21ms
18ms Image
image/jpeg 194.150.236.165
HIWIT_AS

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.confidencescourses.com/head.jpg

Requested by

Host: www.confidencescourses.com
URL: https://www.confidencescourses.com/index.php?la_page_demandee=pronostics_du_jour/

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

194.150.236.165 , France, ASN44976 (HIWIT_AS, FR),

Reverse DNS

ns5.hiwit.net

Software

Apache /

Resource Hash

a9ff537d881c618b1a89e3caa40fb54cf54c7807abf37887c7cd5053c3cbb442

Security Headers

Name	Value
Strict-Transport-Security	max-age=15768000

Request headers

Accept-Language: fr-FR,fr;q=0.9
Referer: https://www.confidencescourses.com/index.php?la_page_demandee=pronostics_du_jour/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Date: Sat, 12 Mar 2022 19:38:46 GMT
Last-Modified: Tue, 12 Jan 2016 08:50:32 GMT
Server: Apache
ETag: "17e6b59-e7ec-5291f256a4600"
Vary: Host
Content-Type: image/jpeg
Connection: Keep-Alive
Strict-Transport-Security: max-age=15768000
Accept-Ranges: bytes
Keep-Alive: timeout=15, max=99
Content-Length: 59372

GET
H/1.1 200
OK diapo.gif
www.confidencescourses.com/ 375 KB
376 KB 54ms
20ms Image
image/gif 194.150.236.165
HIWIT_AS

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.confidencescourses.com/diapo.gif

Requested by

Host: www.confidencescourses.com
URL: https://www.confidencescourses.com/index.php?la_page_demandee=pronostics_du_jour/

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

194.150.236.165 , France, ASN44976 (HIWIT_AS, FR),

Reverse DNS

ns5.hiwit.net

Software

Apache /

Resource Hash

376297fb4552940ad33a55d2dac1dc81654c5eb5ad355f856d9ce7c97a9aa285

Security Headers

Name	Value
Strict-Transport-Security	max-age=15768000

Request headers

Accept-Language: fr-FR,fr;q=0.9
Referer: https://www.confidencescourses.com/index.php?la_page_demandee=pronostics_du_jour/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Date: Sat, 12 Mar 2022 19:38:46 GMT
Last-Modified: Tue, 12 Jan 2016 08:50:18 GMT
Server: Apache
ETag: "17e6b49-5dd57-5291f2494a680"
Vary: Host
Content-Type: image/gif
Connection: Keep-Alive
Strict-Transport-Security: max-age=15768000
Accept-Ranges: bytes
Keep-Alive: timeout=15, max=100
Content-Length: 384343

GET
H/1.1 200
OK img1.jpg
www.confidencescourses.com/ 100 KB
100 KB 52ms
18ms Image
image/jpeg 194.150.236.165
HIWIT_AS

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.confidencescourses.com/img1.jpg

Requested by

Host: www.confidencescourses.com
URL: https://www.confidencescourses.com/index.php?la_page_demandee=pronostics_du_jour/

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

194.150.236.165 , France, ASN44976 (HIWIT_AS, FR),

Reverse DNS

ns5.hiwit.net

Software

Apache /

Resource Hash

544350db3c92d22d0be34cae63d5ef64e2304ee943959297ee777626359c64b0

Security Headers

Name	Value
Strict-Transport-Security	max-age=15768000

Request headers

Accept-Language: fr-FR,fr;q=0.9
Referer: https://www.confidencescourses.com/index.php?la_page_demandee=pronostics_du_jour/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Date: Sat, 12 Mar 2022 19:38:46 GMT
Last-Modified: Sat, 21 Mar 2020 12:02:09 GMT
Server: Apache
ETag: "17e6b5b-19074-5a15c2be45240"
Vary: Host
Content-Type: image/jpeg
Connection: Keep-Alive
Strict-Transport-Security: max-age=15768000
Accept-Ranges: bytes
Keep-Alive: timeout=15, max=100
Content-Length: 102516

GET
H/1.1 200
OK arriere-plan-1.jpg
www.confidencescourses.com/ 487 KB
488 KB 52ms
19ms Image
image/jpeg 194.150.236.165
HIWIT_AS

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.confidencescourses.com/arriere-plan-1.jpg

Requested by

Host: www.confidencescourses.com
URL: https://www.confidencescourses.com/index.php?la_page_demandee=pronostics_du_jour/

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

194.150.236.165 , France, ASN44976 (HIWIT_AS, FR),

Reverse DNS

ns5.hiwit.net

Software

Apache /

Resource Hash

86717ee9b44cbb4a42372ec7d062f97e3e89d2ee3c0382764e8ee54abe266427

Security Headers

Name	Value
Strict-Transport-Security	max-age=15768000

Request headers

Accept-Language: fr-FR,fr;q=0.9
Referer: https://www.confidencescourses.com/index.php?la_page_demandee=pronostics_du_jour/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Date: Sat, 12 Mar 2022 19:38:46 GMT
Last-Modified: Sat, 21 Mar 2020 12:02:10 GMT
Server: Apache
ETag: "17e6b7c-79d41-5a15c2bf39480"
Vary: Host
Content-Type: image/jpeg
Connection: Keep-Alive
Strict-Transport-Security: max-age=15768000
Accept-Ranges: bytes
Keep-Alive: timeout=15, max=100
Content-Length: 499009

GET
H/1.1 200
OK tarpmenu.png
www.confidencescourses.com/ 29 KB
29 KB 51ms
20ms Image
image/png 194.150.236.165
HIWIT_AS

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.confidencescourses.com/tarpmenu.png

Requested by

Host: www.confidencescourses.com
URL: https://www.confidencescourses.com/index.php?la_page_demandee=pronostics_du_jour/

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

194.150.236.165 , France, ASN44976 (HIWIT_AS, FR),

Reverse DNS

ns5.hiwit.net

Software

Apache /

Resource Hash

e015316158b9f23e0a8e73f84f6e7711561ea6183846d837e6cc47082dfce79b

Security Headers

Name	Value
Strict-Transport-Security	max-age=15768000

Request headers

Accept-Language: fr-FR,fr;q=0.9
Referer: https://www.confidencescourses.com/index.php?la_page_demandee=pronostics_du_jour/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Date: Sat, 12 Mar 2022 19:38:46 GMT
Last-Modified: Tue, 12 Jan 2016 08:50:36 GMT
Server: Apache
ETag: "17e6b5e-73b9-5291f25a74f00"
Vary: Host
Content-Type: image/png
Connection: Keep-Alive
Strict-Transport-Security: max-age=15768000
Accept-Ranges: bytes
Keep-Alive: timeout=15, max=100
Content-Length: 29625

GET
H/1.1 200
OK buy.apu Show response
payment.allopass.com/buy/ Frame 1C34 9 KB
4 KB 814ms
729ms Document
text/html 185.119.26.1
WEBDEVIIN-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://payment.allopass.com/buy/buy.apu?ids=351086&idd=1553509
Requested by: Host: www.confidencescourses.com
URL: https://www.confidencescourses.com/index.php?la_page_demandee=pronostics_du_jour/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 185.119.26.1 , France, ASN203544 (WEBDEVIIN-AS, FR),
Reverse DNS: 1.26.119.185.in-addr.arpa
Software: Apache /
Resource Hash: 7cd8df09cacc309ff94cb22d35319ad4605ee0766c53e0daafac266904bf28fe

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Accept-Language: fr-FR,fr;q=0.9
Referer: https://www.confidencescourses.com/

Response headers

Date: Sat, 12 Mar 2022 19:38:46 GMT
Server: Apache
P3P: CP='NON NID OTPa OUR NOR' policy-ref='http://payment.allopass.com/info/p3p/policy-references.xml'
Expires: Thu, 19 Nov 1981 08:52:00 GMT
Cache-Control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
Pragma: no-cache
Vary: Accept-Encoding
Content-Encoding: gzip
Content-Length: 3166
Connection: close
Content-Type: text/html; charset=UTF-8

GET
H/1.1 200
OK quintemagic2.gif
www.biltoturf.com/logos/ 77 KB
77 KB 73ms
18ms Image
image/gif 194.150.236.236
HIWIT_AS

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.biltoturf.com/logos/quintemagic2.gif

Requested by

Host: www.confidencescourses.com
URL: https://www.confidencescourses.com/index.php?la_page_demandee=pronostics_du_jour/

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

194.150.236.236 , France, ASN44976 (HIWIT_AS, FR),

Reverse DNS

ns76.hiwit.net

Software

Apache /

Resource Hash

336e041b7c299275c3ec89cc251c339ea2ec1870b70dc4ef25ba308e972be005

Security Headers

Name	Value
Strict-Transport-Security	max-age=15768000

Request headers

Accept-Language: fr-FR,fr;q=0.9
Referer: https://www.confidencescourses.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Date: Sat, 12 Mar 2022 19:38:46 GMT
Last-Modified: Fri, 23 Jul 2021 06:24:29 GMT
Server: Apache
ETag: "25a38b7-13493-5c7c474b3a140"
Vary: Host
Content-Type: image/gif
Connection: Keep-Alive
Strict-Transport-Security: max-age=15768000
Accept-Ranges: bytes
Keep-Alive: timeout=15, max=100
Content-Length: 78995

GET
H/1.1 200
OK turforiginal.gif
www.millionturf.com/logos/ 24 KB
24 KB 90ms
17ms Image
image/gif 194.150.236.236
HIWIT_AS

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.millionturf.com/logos/turforiginal.gif

Requested by

Host: www.confidencescourses.com
URL: https://www.confidencescourses.com/index.php?la_page_demandee=pronostics_du_jour/

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

194.150.236.236 , France, ASN44976 (HIWIT_AS, FR),

Reverse DNS

ns76.hiwit.net

Software

Apache /

Resource Hash

26f6a960d44093f8a56e95f2ed3ddd6d4526a86a3ce7dde31957b2cd21d887ff

Security Headers

Name	Value
Strict-Transport-Security	max-age=15768000

Request headers

Accept-Language: fr-FR,fr;q=0.9
Referer: https://www.confidencescourses.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Date: Sat, 12 Mar 2022 19:38:46 GMT
Last-Modified: Tue, 08 Dec 2020 22:22:02 GMT
Server: Apache
ETag: "2503e01-60ad-5b5fb5f30b680"
Vary: Host
Content-Type: image/gif
Connection: Keep-Alive
Strict-Transport-Security: max-age=15768000
Accept-Ranges: bytes
Keep-Alive: timeout=15, max=100
Content-Length: 24749

GET
H/1.1 200
OK basefiable.gif
www.edenturf.com/logos/ 19 KB
19 KB 97ms
17ms Image
image/gif 194.150.236.236
HIWIT_AS

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.edenturf.com/logos/basefiable.gif

Requested by

Host: www.confidencescourses.com
URL: https://www.confidencescourses.com/index.php?la_page_demandee=pronostics_du_jour/

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

194.150.236.236 , France, ASN44976 (HIWIT_AS, FR),

Reverse DNS

ns76.hiwit.net

Software

Apache /

Resource Hash

08b5e4d50214e7ca9bc15081dce99c60e1d14c9361b755c01f7ddb990e63cfa0

Security Headers

Name	Value
Strict-Transport-Security	max-age=15768000

Request headers

Accept-Language: fr-FR,fr;q=0.9
Referer: https://www.confidencescourses.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Date: Sat, 12 Mar 2022 19:38:46 GMT
Last-Modified: Sat, 24 Apr 2021 09:20:00 GMT
Server: Apache
ETag: "2564158-4a3c-5c0b46aae3000"
Vary: Host
Content-Type: image/gif
Connection: Keep-Alive
Strict-Transport-Security: max-age=15768000
Accept-Ranges: bytes
Keep-Alive: timeout=15, max=100
Content-Length: 19004

GET
H/1.1 200
OK repereduturf.gif
www.millionturf.com/logos/ 37 KB
38 KB 90ms
18ms Image
image/gif 194.150.236.236
HIWIT_AS

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.millionturf.com/logos/repereduturf.gif

Requested by

Host: www.confidencescourses.com
URL: https://www.confidencescourses.com/index.php?la_page_demandee=pronostics_du_jour/

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

194.150.236.236 , France, ASN44976 (HIWIT_AS, FR),

Reverse DNS

ns76.hiwit.net

Software

Apache /

Resource Hash

c5c9a5a94fa9ebeb507e638c9d38de8052004fbc169af4d12b8df7856c7e723a

Security Headers

Name	Value
Strict-Transport-Security	max-age=15768000

Request headers

Accept-Language: fr-FR,fr;q=0.9
Referer: https://www.confidencescourses.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Date: Sat, 12 Mar 2022 19:38:46 GMT
Last-Modified: Tue, 08 Dec 2020 22:22:01 GMT
Server: Apache
ETag: "2503e00-94c6-5b5fb5f217440"
Vary: Host
Content-Type: image/gif
Connection: Keep-Alive
Strict-Transport-Security: max-age=15768000
Accept-Ranges: bytes
Keep-Alive: timeout=15, max=100
Content-Length: 38086

GET
H/1.1 200
OK logo.gif
www.biltoturf.com/ 6 KB
6 KB 71ms
17ms Image
image/gif 194.150.236.236
HIWIT_AS

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.biltoturf.com/logo.gif

Requested by

Host: www.confidencescourses.com
URL: https://www.confidencescourses.com/index.php?la_page_demandee=pronostics_du_jour/

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

194.150.236.236 , France, ASN44976 (HIWIT_AS, FR),

Reverse DNS

ns76.hiwit.net

Software

Apache /

Resource Hash

ead7dff95228a235e92f3cc50bcd67d3e448ccb40cee683514504e8a59aa8f30

Security Headers

Name	Value
Strict-Transport-Security	max-age=15768000

Request headers

Accept-Language: fr-FR,fr;q=0.9
Referer: https://www.confidencescourses.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Date: Sat, 12 Mar 2022 19:38:46 GMT
Last-Modified: Sat, 24 Apr 2021 03:49:26 GMT
Server: Apache
ETag: "2563ddd-165f-5c0afcc7b5d80"
Vary: Host
Content-Type: image/gif
Connection: Keep-Alive
Strict-Transport-Security: max-age=15768000
Accept-Ranges: bytes
Keep-Alive: timeout=15, max=100
Content-Length: 5727

GET
H2 200 eyvRee-kKGXm3mX3TpqIv3xM_1zP4OeWaB_VjX0zUMUtCmAGVzEMaiAt22QDY7VGPX94tw-kXe23xR2Q1tAYlQ=s0-d
lh3.googleusercontent.com/proxy/ 54 KB
55 KB 105ms
40ms Image
image/gif 142.250.185.225
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://lh3.googleusercontent.com/proxy/eyvRee-kKGXm3mX3TpqIv3xM_1zP4OeWaB_VjX0zUMUtCmAGVzEMaiAt22QDY7VGPX94tw-kXe23xR2Q1tAYlQ=s0-d

Requested by

Host: www.confidencescourses.com
URL: https://www.confidencescourses.com/index.php?la_page_demandee=pronostics_du_jour/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.185.225 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s53-in-f1.1e100.net

Software

fife /

Resource Hash

d34f74572cee188679df482fb9091d4f1e9cdccccd64ba6e0373c937655e8575

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: fr-FR,fr;q=0.9
Referer: https://www.confidencescourses.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Sat, 12 Mar 2022 19:38:46 GMT
x-content-type-options: nosniff
server: fife
vary: Origin
content-type: image/gif
access-control-allow-origin: *
access-control-expose-headers: Content-Length
cache-control: public, max-age=86400, no-transform
content-disposition: attachment;filename="unnamed.gif"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 55459
x-xss-protection: 0
expires: Sun, 13 Mar 2022 19:38:46 GMT

GET
H/1.1 200
OK yvancourse.gif
www.top-pmu.com/img4/ 12 KB
13 KB 92ms
19ms Image
image/gif 194.150.236.190
HIWIT_AS

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.top-pmu.com/img4/yvancourse.gif

Requested by

Host: www.confidencescourses.com
URL: https://www.confidencescourses.com/index.php?la_page_demandee=pronostics_du_jour/

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

194.150.236.190 , France, ASN44976 (HIWIT_AS, FR),

Reverse DNS

ns30.hiwit.net

Software

Apache /

Resource Hash

a7731ee7cfa2ad38d60f11179a45fc2d197dbccfd4225015e2d9e30493742786

Security Headers

Name	Value
Strict-Transport-Security	max-age=15768000

Request headers

Accept-Language: fr-FR,fr;q=0.9
Referer: https://www.confidencescourses.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Date: Sat, 12 Mar 2022 19:38:46 GMT
Last-Modified: Fri, 30 Aug 2019 09:32:31 GMT
Server: Apache
ETag: "da23e5-318b-591524d2269c0"
Vary: Host
Content-Type: image/gif
Connection: Keep-Alive
Strict-Transport-Security: max-age=15768000
Accept-Ranges: bytes
Keep-Alive: timeout=10, max=100
Content-Length: 12683

GET
H/1.1 200
OK eruditcourse.gif
www.millionturf.com/logos/ 37 KB
37 KB 89ms
17ms Image
image/gif 194.150.236.236
HIWIT_AS

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.millionturf.com/logos/eruditcourse.gif

Requested by

Host: www.confidencescourses.com
URL: https://www.confidencescourses.com/index.php?la_page_demandee=pronostics_du_jour/

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

194.150.236.236 , France, ASN44976 (HIWIT_AS, FR),

Reverse DNS

ns76.hiwit.net

Software

Apache /

Resource Hash

e189ef6e53952ebf92b6801670b38a15b6ad733c499de8f6bd9607b801963726

Security Headers

Name	Value
Strict-Transport-Security	max-age=15768000

Request headers

Accept-Language: fr-FR,fr;q=0.9
Referer: https://www.confidencescourses.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Date: Sat, 12 Mar 2022 19:38:46 GMT
Last-Modified: Tue, 08 Dec 2020 22:22:00 GMT
Server: Apache
ETag: "2503dfe-921a-5b5fb5f123200"
Vary: Host
Content-Type: image/gif
Connection: Keep-Alive
Strict-Transport-Security: max-age=15768000
Accept-Ranges: bytes
Keep-Alive: timeout=15, max=100
Content-Length: 37402

GET
H/1.1 200
OK logobilto.gif
www.tagalataturf.com/ 6 KB
6 KB 98ms
20ms Image
image/gif 194.150.236.165
HIWIT_AS

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.tagalataturf.com/logobilto.gif

Requested by

Host: www.confidencescourses.com
URL: https://www.confidencescourses.com/index.php?la_page_demandee=pronostics_du_jour/

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

194.150.236.165 , France, ASN44976 (HIWIT_AS, FR),

Reverse DNS

ns5.hiwit.net

Software

Apache /

Resource Hash

ead7dff95228a235e92f3cc50bcd67d3e448ccb40cee683514504e8a59aa8f30

Security Headers

Name	Value
Strict-Transport-Security	max-age=15768000

Request headers

Accept-Language: fr-FR,fr;q=0.9
Referer: https://www.confidencescourses.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Date: Sat, 12 Mar 2022 19:38:46 GMT
Last-Modified: Fri, 20 Mar 2020 14:45:42 GMT
Server: Apache
ETag: "759e7f-165f-5a14a56f37180"
Vary: Host
Content-Type: image/gif
Connection: Keep-Alive
Strict-Transport-Security: max-age=15768000
Accept-Ranges: bytes
Keep-Alive: timeout=15, max=100
Content-Length: 5727

GET
H/1.1

200
OK

logo_zetop.gif
www.zetop.info/img/
Redirect Chain

https://zetop.info/img/logo_zetop.gif
https://www.zetop.info/img/logo_zetop.gif

11 KB
11 KB

299ms
18ms

Image
image/gif

194.150.236.190
HIWIT_AS

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.zetop.info/img/logo_zetop.gif

Requested by

Host: www.confidencescourses.com
URL: https://www.confidencescourses.com/index.php?la_page_demandee=pronostics_du_jour/

Protocol

HTTP/1.1

Server

194.150.236.190 , France, ASN44976 (HIWIT_AS, FR),

Reverse DNS

ns30.hiwit.net

Software

Apache /

Resource Hash

7c9a501ff24c88a1c67c41a92315b5c7b94e19bed6381da81631f691e501a8be

Security Headers

Name	Value
Strict-Transport-Security	max-age=15768000

Request headers

Accept-Language: fr-FR,fr;q=0.9
Referer: https://www.confidencescourses.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Date: Sat, 12 Mar 2022 19:38:46 GMT
Last-Modified: Thu, 06 Jun 2013 09:17:28 GMT
Server: Apache
ETag: "64570c-2ac9-4de78c87e3a00"
Vary: Host
Content-Type: image/gif
Connection: Keep-Alive
Strict-Transport-Security: max-age=15768000
Accept-Ranges: bytes
Keep-Alive: timeout=10, max=100
Content-Length: 10953

Redirect headers

Date: Sat, 12 Mar 2022 19:38:46 GMT
Server: Apache
Strict-Transport-Security: max-age=15768000
Content-Type: text/html; charset=iso-8859-1
Location: https://www.zetop.info/img/logo_zetop.gif
Connection: Keep-Alive
Keep-Alive: timeout=10, max=100
Content-Length: 249

GET
H/1.1 200
OK logo.gif
www.levainqueur.com/ 28 KB
28 KB 78ms
20ms Image
image/gif 194.150.236.165
HIWIT_AS

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.levainqueur.com/logo.gif

Requested by

Host: www.confidencescourses.com
URL: https://www.confidencescourses.com/index.php?la_page_demandee=pronostics_du_jour/

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

194.150.236.165 , France, ASN44976 (HIWIT_AS, FR),

Reverse DNS

ns5.hiwit.net

Software

Apache /

Resource Hash

6270f4fc23be1ddceb334705172b0470d61d28d201fcc23402dbdc8bac85bdc7

Security Headers

Name	Value
Strict-Transport-Security	max-age=15768000

Request headers

Accept-Language: fr-FR,fr;q=0.9
Referer: https://www.confidencescourses.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Date: Sat, 12 Mar 2022 19:38:46 GMT
Last-Modified: Tue, 13 Oct 2015 12:36:31 GMT
Server: Apache
ETag: "e76ccd-70a5-521fbb20911c0"
Vary: Host
Content-Type: image/gif
Connection: Keep-Alive
Strict-Transport-Security: max-age=15768000
Accept-Ranges: bytes
Keep-Alive: timeout=15, max=100
Content-Length: 28837

GET
H/1.1 200
OK logo.gif
www.turfsur.com/img/ 11 KB
12 KB 72ms
17ms Image
image/gif 194.150.236.190
HIWIT_AS

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.turfsur.com/img/logo.gif

Requested by

Host: www.confidencescourses.com
URL: https://www.confidencescourses.com/index.php?la_page_demandee=pronostics_du_jour/

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

194.150.236.190 , France, ASN44976 (HIWIT_AS, FR),

Reverse DNS

ns30.hiwit.net

Software

Apache /

Resource Hash

9bd0c1e96f9d3b63b53ba8c355ada916479d8815034cab0aad1540c3c602d896

Security Headers

Name	Value
Strict-Transport-Security	max-age=15768000

Request headers

Accept-Language: fr-FR,fr;q=0.9
Referer: https://www.confidencescourses.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Date: Sat, 12 Mar 2022 19:38:46 GMT
Last-Modified: Mon, 05 Mar 2018 05:51:23 GMT
Server: Apache
ETag: "878aad-2cb9-566a3ea782cc0"
Vary: Host
Content-Type: image/gif
Connection: Keep-Alive
Strict-Transport-Security: max-age=15768000
Accept-Ranges: bytes
Keep-Alive: timeout=10, max=100
Content-Length: 11449

GET
H/1.1

200
OK

/
ns.allo-heberge.com/
Redirect Chain

https://img.root-top.com/topsite/secreturf/banner.gif
https://www.snprono.powa.fr/secreturf.gif
https://ns.allo-heberge.com/

0
0

75ms
17ms

Image
text/html

194.150.236.5
HIWIT_AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ns.allo-heberge.com/
Requested by: Host: www.confidencescourses.com
URL: https://www.confidencescourses.com/index.php?la_page_demandee=pronostics_du_jour/
Protocol: HTTP/1.1
Server: 194.150.236.5 , France, ASN44976 (HIWIT_AS, FR),
Reverse DNS: ns.allo-heberge.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: fr-FR,fr;q=0.9
Referer: https://www.confidencescourses.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Redirect headers

Date: Sat, 12 Mar 2022 19:38:46 GMT
Server: Apache
Strict-Transport-Security: max-age=15768000
Content-Type: text/html; charset=iso-8859-1
Location: http://ns.allo-heberge.com/
Connection: Keep-Alive
Keep-Alive: timeout=10, max=100
Content-Length: 211

GET
H2 200 banner.gif
img.root-top.com/topsite/turfplus/ 4 KB
4 KB 73ms
25ms Image
image/png 188.114.96.7
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://img.root-top.com/topsite/turfplus/banner.gif
Requested by: Host: www.confidencescourses.com
URL: https://www.confidencescourses.com/index.php?la_page_demandee=pronostics_du_jour/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 188.114.96.7 Medellín, Colombia, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: c89138fe4d60f677872fa14679dd7d6807b9f614bd62beb3ffc112f082442b8d

Request headers

Accept-Language: fr-FR,fr;q=0.9
Referer: https://www.confidencescourses.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Sat, 12 Mar 2022 19:38:46 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 2881
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 3872
last-modified: Wed, 14 Sep 2011 18:49:04 GMT
server: cloudflare
etag: "510718442"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=3nxpFNbA%2F4Hc8AtQxiONZpHP8dobsmD1YFs8uloRbhIIM2i6CjVXnzYw%2FuJ2yxtSIUAtuqQrqxL9yzId%2B7fzcR16cbhvbyqKO5wc1NEjpZeJjrhkFzCKsgzuPgZdRK9jis8E"}],"group":"cf-nel","max_age":604800}
content-type: image/png
cache-control: max-age=2678400
accept-ranges: bytes
cf-ray: 6eaefdf6584a99f3-CDG
expires: Mon, 16 Aug 2021 22:46:50 GMT

GET
H/1.1 200
OK jBox.all.min.css
payment.allopass.com/static/css/jBox/ Frame 1C34 16 KB
4 KB 52ms
18ms Stylesheet
text/css 185.119.26.1
WEBDEVIIN-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://payment.allopass.com/static/css/jBox/jBox.all.min.css
Requested by: Host: payment.allopass.com
URL: https://payment.allopass.com/buy/buy.apu?ids=351086&idd=1553509
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 185.119.26.1 , France, ASN203544 (WEBDEVIIN-AS, FR),
Reverse DNS: 1.26.119.185.in-addr.arpa
Software: Apache /
Resource Hash: 16393c3e769e20445f7f78adf6a188dae9d932249842c1033dc2144bac1296ac

Request headers

Accept-Language: fr-FR,fr;q=0.9
Referer: https://payment.allopass.com/buy/buy.apu?ids=351086&idd=1553509
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Date: Sat, 12 Mar 2022 19:38:46 GMT
Content-Encoding: gzip
Last-Modified: Tue, 16 Nov 2021 13:36:55 GMT
Server: Apache
ETag: "21986-40d7-5d0e804cbabc0"
Vary: Accept-Encoding
Content-Type: text/css
Connection: close
Accept-Ranges: bytes
Content-Length: 3631

GET
H/1.1 200
OK base.css
payment.allopass.com/static/css/ Frame 1C34 81 KB
15 KB 55ms
21ms Stylesheet
text/css 185.119.26.1
WEBDEVIIN-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://payment.allopass.com/static/css/base.css?68
Requested by: Host: payment.allopass.com
URL: https://payment.allopass.com/buy/buy.apu?ids=351086&idd=1553509
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 185.119.26.1 , France, ASN203544 (WEBDEVIIN-AS, FR),
Reverse DNS: 1.26.119.185.in-addr.arpa
Software: Apache /
Resource Hash: adfe383e215844ddafe2b7149d13c92118cc519a174bf6035494bab363034f4c

Request headers

Accept-Language: fr-FR,fr;q=0.9
Referer: https://payment.allopass.com/buy/buy.apu?ids=351086&idd=1553509
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Date: Sat, 12 Mar 2022 19:38:46 GMT
Content-Encoding: gzip
Last-Modified: Fri, 26 Nov 2021 09:46:13 GMT
Server: Apache
ETag: "40f30-143f2-5d1adf6294340"
Vary: Accept-Encoding
Content-Type: text/css
Connection: close
Accept-Ranges: bytes
Content-Length: 14716

GET
H/1.1 200
OK carousel.css
payment.allopass.com/static/css/ Frame 1C34 21 KB
3 KB 53ms
19ms Stylesheet
text/css 185.119.26.1
WEBDEVIIN-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://payment.allopass.com/static/css/carousel.css?68
Requested by: Host: payment.allopass.com
URL: https://payment.allopass.com/buy/buy.apu?ids=351086&idd=1553509
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 185.119.26.1 , France, ASN203544 (WEBDEVIIN-AS, FR),
Reverse DNS: 1.26.119.185.in-addr.arpa
Software: Apache /
Resource Hash: 1decf61f3465e4585a9a8cd868c343796bb6f43dfd1f03fa0b361dab97b4627c

Request headers

Accept-Language: fr-FR,fr;q=0.9
Referer: https://payment.allopass.com/buy/buy.apu?ids=351086&idd=1553509
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Date: Sat, 12 Mar 2022 19:38:46 GMT
Content-Encoding: gzip
Last-Modified: Tue, 16 Nov 2021 13:36:55 GMT
Server: Apache
ETag: "216eb-54eb-5d0e804cbabc0"
Vary: Accept-Encoding
Content-Type: text/css
Connection: close
Accept-Ranges: bytes
Content-Length: 2387

GET
H/1.1 200
OK jquery-1.3.2.min.js Show response
payment.allopass.com/static/js/ext/ Frame 1C34 56 KB
20 KB 55ms
21ms Script
application/javascript 185.119.26.1
WEBDEVIIN-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://payment.allopass.com/static/js/ext/jquery-1.3.2.min.js
Requested by: Host: payment.allopass.com
URL: https://payment.allopass.com/buy/buy.apu?ids=351086&idd=1553509
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 185.119.26.1 , France, ASN203544 (WEBDEVIIN-AS, FR),
Reverse DNS: 1.26.119.185.in-addr.arpa
Software: Apache /
Resource Hash: c8370a2d050359e9d505acc411e6f457a49b21360a21e6cbc9229bad3a767899

Request headers

Accept-Language: fr-FR,fr;q=0.9
Referer: https://payment.allopass.com/buy/buy.apu?ids=351086&idd=1553509
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Date: Sat, 12 Mar 2022 19:38:46 GMT
Content-Encoding: gzip
Last-Modified: Tue, 16 Nov 2021 13:36:55 GMT
Server: Apache
ETag: "4106c-dfa6-5d0e804cbabc0"
Vary: Accept-Encoding
Content-Type: application/javascript
Connection: close
Accept-Ranges: bytes
Content-Length: 19740

GET
H/1.1 200
OK jquery-1.11.3.min.js Show response
payment.allopass.com/static/js/ext/ Frame 1C34 94 KB
33 KB 58ms
23ms Script
application/javascript 185.119.26.1
WEBDEVIIN-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://payment.allopass.com/static/js/ext/jquery-1.11.3.min.js
Requested by: Host: payment.allopass.com
URL: https://payment.allopass.com/buy/buy.apu?ids=351086&idd=1553509
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 185.119.26.1 , France, ASN203544 (WEBDEVIIN-AS, FR),
Reverse DNS: 1.26.119.185.in-addr.arpa
Software: Apache /
Resource Hash: ecb916133a9376911f10bc5c659952eb0031e457f5df367cde560edbfba38fb8

Request headers

Accept-Language: fr-FR,fr;q=0.9
Referer: https://payment.allopass.com/buy/buy.apu?ids=351086&idd=1553509
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Date: Sat, 12 Mar 2022 19:38:46 GMT
Content-Encoding: gzip
Last-Modified: Tue, 16 Nov 2021 13:36:55 GMT
Server: Apache
ETag: "21807-176d5-5d0e804cbabc0"
Vary: Accept-Encoding
Content-Type: application/javascript
Connection: close
Accept-Ranges: bytes
Content-Length: 33279

GET
H/1.1 200
OK general.js Show response
payment.allopass.com/onetime/scripts/ Frame 1C34 4 KB
2 KB 52ms
18ms Script
application/javascript 185.119.26.1
WEBDEVIIN-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://payment.allopass.com/onetime/scripts/general.js?04
Requested by: Host: payment.allopass.com
URL: https://payment.allopass.com/buy/buy.apu?ids=351086&idd=1553509
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 185.119.26.1 , France, ASN203544 (WEBDEVIIN-AS, FR),
Reverse DNS: 1.26.119.185.in-addr.arpa
Software: Apache /
Resource Hash: c1893b3f02db32e36ee562842bc299d27c047656416c204667abf42f04777d2a

Request headers

Accept-Language: fr-FR,fr;q=0.9
Referer: https://payment.allopass.com/buy/buy.apu?ids=351086&idd=1553509
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Date: Sat, 12 Mar 2022 19:38:46 GMT
Content-Encoding: gzip
Last-Modified: Tue, 16 Nov 2021 13:36:55 GMT
Server: Apache
ETag: "23081-f37-5d0e804cbabc0"
Vary: Accept-Encoding
Content-Type: application/javascript
Connection: close
Accept-Ranges: bytes
Content-Length: 1593

GET
H/1.1 200
OK jBox.all.min.js Show response
payment.allopass.com/static/js/ext/ Frame 1C34 51 KB
13 KB 125ms
20ms Script
application/javascript 185.119.26.1
WEBDEVIIN-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://payment.allopass.com/static/js/ext/jBox.all.min.js
Requested by: Host: payment.allopass.com
URL: https://payment.allopass.com/buy/buy.apu?ids=351086&idd=1553509
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 185.119.26.1 , France, ASN203544 (WEBDEVIIN-AS, FR),
Reverse DNS: 1.26.119.185.in-addr.arpa
Software: Apache /
Resource Hash: d176bb09818fe74dc0e1d369c411c2e3ca68bbf64a8eb76b43ec306520229833

Request headers

Accept-Language: fr-FR,fr;q=0.9
Referer: https://payment.allopass.com/buy/buy.apu?ids=351086&idd=1553509
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Date: Sat, 12 Mar 2022 19:38:46 GMT
Content-Encoding: gzip
Last-Modified: Tue, 16 Nov 2021 13:36:55 GMT
Server: Apache
ETag: "4106a-cb59-5d0e804cbabc0"
Vary: Accept-Encoding
Content-Type: application/javascript
Connection: close
Accept-Ranges: bytes
Content-Length: 12605

GET
H2 200 top.js Show response
gmu-apps.com/js/ Frame 1C34 54 KB
6 KB 476ms
157ms Script
application/javascript 54.241.227.114
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://gmu-apps.com/js/top.js
Requested by: Host: payment.allopass.com
URL: https://payment.allopass.com/buy/buy.apu?ids=351086&idd=1553509
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 54.241.227.114 San Jose, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-54-241-227-114.us-west-1.compute.amazonaws.com
Software: Apache /
Resource Hash: cdca24fd19906ad7adbf066e55d3ee87750c3901e9b5d1beb538408274d32109

Request headers

Accept-Language: fr-FR,fr;q=0.9
Referer: https://payment.allopass.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 12 Mar 2022 19:38:47 GMT
content-encoding: gzip
last-modified: Fri, 02 Apr 2021 20:31:35 GMT
server: Apache
vary: Accept-Encoding
content-type: application/javascript
cache-control: max-age=0, no-cache, no-store, must-revalidate
accept-ranges: bytes
content-length: 5772
expires: Sun, 8 Mar 1981 10:00:00 GMT

GET
H/1.1 200
OK fr.png
payment.allopass.com/icons/flags/24x24/ Frame 1C34 536 B
774 B 52ms
18ms Image
image/png 185.119.26.1
WEBDEVIIN-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://payment.allopass.com/icons/flags/24x24/fr.png
Requested by: Host: payment.allopass.com
URL: https://payment.allopass.com/buy/buy.apu?ids=351086&idd=1553509
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 185.119.26.1 , France, ASN203544 (WEBDEVIIN-AS, FR),
Reverse DNS: 1.26.119.185.in-addr.arpa
Software: Apache /
Resource Hash: 54df4beda3ad05d5c621511ff15b2882588ff457e36132035d5f21fb29f2a750

Request headers

Accept-Language: fr-FR,fr;q=0.9
Referer: https://payment.allopass.com/buy/buy.apu?ids=351086&idd=1553509
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Date: Sat, 12 Mar 2022 19:38:47 GMT
Last-Modified: Tue, 26 Nov 2019 14:39:45 GMT
Server: Apache
ETag: "2238c-218-59840d9ebee40"
Content-Type: image/png
Connection: close
Accept-Ranges: bytes
Content-Length: 536

GET
H/1.1 200
OK check-codes.js Show response
payment.allopass.com/static/js/ Frame 1C34 2 KB
1 KB 53ms
18ms Script
application/javascript 185.119.26.1
WEBDEVIIN-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://payment.allopass.com/static/js/check-codes.js?01
Requested by: Host: payment.allopass.com
URL: https://payment.allopass.com/buy/buy.apu?ids=351086&idd=1553509
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 185.119.26.1 , France, ASN203544 (WEBDEVIIN-AS, FR),
Reverse DNS: 1.26.119.185.in-addr.arpa
Software: Apache /
Resource Hash: 29ffbeca4b528b5d132a71037a6937bd4b0a2ac8a7f47934880d24df55496a39

Request headers

Accept-Language: fr-FR,fr;q=0.9
Referer: https://payment.allopass.com/buy/buy.apu?ids=351086&idd=1553509
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Date: Sat, 12 Mar 2022 19:38:47 GMT
Content-Encoding: gzip
Last-Modified: Tue, 16 Nov 2021 13:36:55 GMT
Server: Apache
ETag: "21802-911-5d0e804cbabc0"
Vary: Accept-Encoding
Content-Type: application/javascript
Connection: close
Accept-Ranges: bytes
Content-Length: 746

GET
H/1.1 200
OK fingerprint2.min.js Show response
payment.allopass.com/static/js/ext/ Frame 1C34 33 KB
10 KB 54ms
20ms Script
application/javascript 185.119.26.1
WEBDEVIIN-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://payment.allopass.com/static/js/ext/fingerprint2.min.js
Requested by: Host: payment.allopass.com
URL: https://payment.allopass.com/buy/buy.apu?ids=351086&idd=1553509
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 185.119.26.1 , France, ASN203544 (WEBDEVIIN-AS, FR),
Reverse DNS: 1.26.119.185.in-addr.arpa
Software: Apache /
Resource Hash: faf063f091dd745b82f9aeb12544a10ef3ee5989078c1a90d377d863fff884c7

Request headers

Accept-Language: fr-FR,fr;q=0.9
Referer: https://payment.allopass.com/buy/buy.apu?ids=351086&idd=1553509
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Date: Sat, 12 Mar 2022 19:38:47 GMT
Content-Encoding: gzip
Last-Modified: Tue, 16 Nov 2021 13:36:55 GMT
Server: Apache
ETag: "21a1f-8432-5d0e804cbabc0"
Vary: Accept-Encoding
Content-Type: application/javascript
Connection: close
Accept-Ranges: bytes
Content-Length: 10209

GET
H/1.1 200
OK arrow-down.png
payment.allopass.com/static/css/images/ Frame 1C34 315 B
553 B 52ms
18ms Image
image/png 185.119.26.1
WEBDEVIIN-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://payment.allopass.com/static/css/images/arrow-down.png
Requested by: Host: payment.allopass.com
URL: https://payment.allopass.com/buy/buy.apu?ids=351086&idd=1553509
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 185.119.26.1 , France, ASN203544 (WEBDEVIIN-AS, FR),
Reverse DNS: 1.26.119.185.in-addr.arpa
Software: Apache /
Resource Hash: c0a130d7b90ac605b17acd40337aa673f2f6b1779801ba8ea7d894d38b87ba36

Request headers

Accept-Language: fr-FR,fr;q=0.9
Referer: https://payment.allopass.com/buy/buy.apu?ids=351086&idd=1553509
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Date: Sat, 12 Mar 2022 19:38:47 GMT
Last-Modified: Tue, 16 Nov 2021 13:36:55 GMT
Server: Apache
ETag: "2194f-13b-5d0e804cbabc0"
Content-Type: image/png
Connection: close
Accept-Ranges: bytes
Content-Length: 315

GET
H/1.1 200
OK carousel.js Show response
payment.allopass.com/static/js/ Frame 1C34 7 KB
2 KB 53ms
18ms Script
application/javascript 185.119.26.1
WEBDEVIIN-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://payment.allopass.com/static/js/carousel.js?5
Requested by: Host: payment.allopass.com
URL: https://payment.allopass.com/buy/buy.apu?ids=351086&idd=1553509
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 185.119.26.1 , France, ASN203544 (WEBDEVIIN-AS, FR),
Reverse DNS: 1.26.119.185.in-addr.arpa
Software: Apache /
Resource Hash: 8db08a66fc20669ae93e6d8e919f56a863ce77d3e1ea0bb97efc4c35da450435

Request headers

Accept-Language: fr-FR,fr;q=0.9
Referer: https://payment.allopass.com/buy/buy.apu?ids=351086&idd=1553509
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Date: Sat, 12 Mar 2022 19:38:47 GMT
Content-Encoding: gzip
Last-Modified: Tue, 16 Nov 2021 13:36:55 GMT
Server: Apache
ETag: "21801-1b55-5d0e804cbabc0"
Vary: Accept-Encoding
Content-Type: application/javascript
Connection: close
Accept-Ranges: bytes
Content-Length: 1830

GET
H2 200 gtm.js Show response
www.googletagmanager.com/ Frame 1C34 95 KB
37 KB 98ms
36ms Script
application/javascript 172.217.16.136
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtm.js?id=GTM-NHFGDSD

Requested by

Host: payment.allopass.com
URL: https://payment.allopass.com/buy/buy.apu?ids=351086&idd=1553509

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.217.16.136 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra15s46-in-f8.1e100.net

Software

Google Tag Manager /

Resource Hash

3d2b5cdf68b50567dc13d747a33a825a248bcd440ced5746030163f109555c82

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

Accept-Language: fr-FR,fr;q=0.9
Referer: https://payment.allopass.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Sat, 12 Mar 2022 19:38:47 GMT
content-encoding: br
vary: Accept-Encoding
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 37763
x-xss-protection: 0
last-modified: Sat, 12 Mar 2022 18:00:00 GMT
server: Google Tag Manager
strict-transport-security: max-age=31536000; includeSubDomains
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Sat, 12 Mar 2022 19:38:47 GMT

GET
H/1.1 200
OK duration.css
payment.allopass.com/static/css/ Frame 1C34 3 KB
1 KB 31ms
18ms Stylesheet
text/css 185.119.26.1
WEBDEVIIN-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://payment.allopass.com/static/css/duration.css
Requested by: Host: payment.allopass.com
URL: https://payment.allopass.com/static/css/base.css?68
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 185.119.26.1 , France, ASN203544 (WEBDEVIIN-AS, FR),
Reverse DNS: 1.26.119.185.in-addr.arpa
Software: Apache /
Resource Hash: b88598db6441341112078d3c81ea00ddf76e566ad9c68dcfec28a4d5100ca7b8

Request headers

Accept-Language: fr-FR,fr;q=0.9
Referer: https://payment.allopass.com/static/css/base.css?68
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Date: Sat, 12 Mar 2022 19:38:46 GMT
Content-Encoding: gzip
Last-Modified: Tue, 16 Nov 2021 13:36:55 GMT
Server: Apache
ETag: "21906-b61-5d0e804cbabc0"
Vary: Accept-Encoding
Content-Type: text/css
Connection: close
Accept-Ranges: bytes
Content-Length: 793

GET
H2 200 analytics.js Show response
www.google-analytics.com/ Frame 1C34 49 KB
20 KB 91ms
29ms Script
text/javascript 142.250.185.142
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/analytics.js

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-NHFGDSD

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.185.142 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s50-in-f14.1e100.net

Software

Golfe2 /

Resource Hash

a1925038db769477ab74b4df34350c35688a795bb718727b0f4292a4a78a6210

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Accept-Language: fr-FR,fr;q=0.9
Referer: https://payment.allopass.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

strict-transport-security: max-age=10886400; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Tue, 02 Nov 2021 17:39:06 GMT
server: Golfe2
age: 234
date: Sat, 12 Mar 2022 19:34:53 GMT
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=7200
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 20006
expires: Sat, 12 Mar 2022 21:34:53 GMT

GET
H/1.1 200
OK secure-lock.gif
payment.allopass.com/static/css/icons/ Frame 1C34 181 B
418 B 52ms
18ms Image
image/gif 185.119.26.1
WEBDEVIIN-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://payment.allopass.com/static/css/icons/secure-lock.gif
Requested by: Host: payment.allopass.com
URL: https://payment.allopass.com/static/css/base.css?68
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 185.119.26.1 , France, ASN203544 (WEBDEVIIN-AS, FR),
Reverse DNS: 1.26.119.185.in-addr.arpa
Software: Apache /
Resource Hash: b74d93c2e43195ed06c03dcc855663cce5faec3d82a53598eb84f0714bb5ced9

Request headers

Accept-Language: fr-FR,fr;q=0.9
Referer: https://payment.allopass.com/static/css/base.css?68
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Date: Sat, 12 Mar 2022 19:38:47 GMT
Last-Modified: Tue, 16 Nov 2021 13:36:55 GMT
Server: Apache
ETag: "40f92-b5-5d0e804cbabc0"
Content-Type: image/gif
Connection: close
Accept-Ranges: bytes
Content-Length: 181

GET
H/1.1 200
OK field.png
payment.allopass.com/static/css/images/ Frame 1C34 170 B
407 B 52ms
18ms Image
image/png 185.119.26.1
WEBDEVIIN-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://payment.allopass.com/static/css/images/field.png
Requested by: Host: payment.allopass.com
URL: https://payment.allopass.com/static/css/base.css?68
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 185.119.26.1 , France, ASN203544 (WEBDEVIIN-AS, FR),
Reverse DNS: 1.26.119.185.in-addr.arpa
Software: Apache /
Resource Hash: 7ffb9e58d885b0eaf644c52103b65f0019590149c75e77ff18f826d9bb3fa4e9

Request headers

Accept-Language: fr-FR,fr;q=0.9
Referer: https://payment.allopass.com/static/css/base.css?68
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Date: Sat, 12 Mar 2022 19:38:47 GMT
Last-Modified: Tue, 16 Nov 2021 13:36:55 GMT
Server: Apache
ETag: "21748-aa-5d0e804cbabc0"
Content-Type: image/png
Connection: close
Accept-Ranges: bytes
Content-Length: 170

GET
H/1.1 200
OK logo-mobiyo-small.png
payment.allopass.com/static/css/images/ Frame 1C34 12 KB
12 KB 52ms
18ms Image
image/png 185.119.26.1
WEBDEVIIN-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://payment.allopass.com/static/css/images/logo-mobiyo-small.png
Requested by: Host: payment.allopass.com
URL: https://payment.allopass.com/static/css/base.css?68
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 185.119.26.1 , France, ASN203544 (WEBDEVIIN-AS, FR),
Reverse DNS: 1.26.119.185.in-addr.arpa
Software: Apache /
Resource Hash: 56b137612eb9e7e11421f576f02d3ea90e604fd12ab5873e6ff90aa9101e28db

Request headers

Accept-Language: fr-FR,fr;q=0.9
Referer: https://payment.allopass.com/static/css/base.css?68
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Date: Sat, 12 Mar 2022 19:38:47 GMT
Last-Modified: Tue, 16 Nov 2021 13:36:55 GMT
Server: Apache
ETag: "2196b-2e5e-5d0e804cbabc0"
Content-Type: image/png
Connection: close
Accept-Ranges: bytes
Content-Length: 11870

GET
H/1.1 200
OK carousel-row-mobiyo.png
payment.allopass.com/static/css/images/ Frame 1C34 87 KB
87 KB 51ms
18ms Image
image/png 185.119.26.1
WEBDEVIIN-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://payment.allopass.com/static/css/images/carousel-row-mobiyo.png
Requested by: Host: payment.allopass.com
URL: https://payment.allopass.com/static/css/carousel.css?68
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 185.119.26.1 , France, ASN203544 (WEBDEVIIN-AS, FR),
Reverse DNS: 1.26.119.185.in-addr.arpa
Software: Apache /
Resource Hash: 5b0231eec0d06b77f534fe202e99a40e89685551d6f1afdebc3c581e3ea76a0b

Request headers

Accept-Language: fr-FR,fr;q=0.9
Referer: https://payment.allopass.com/static/css/carousel.css?68
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Date: Sat, 12 Mar 2022 19:38:47 GMT
Last-Modified: Tue, 16 Nov 2021 13:36:55 GMT
Server: Apache
ETag: "2173e-15a80-5d0e804cbabc0"
Content-Type: image/png
Connection: close
Accept-Ranges: bytes
Content-Length: 88704

GET
H/1.1 200
OK carousel-row.png
payment.allopass.com/static/css/images/ Frame 1C34 87 KB
87 KB 51ms
18ms Image
image/png 185.119.26.1
WEBDEVIIN-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://payment.allopass.com/static/css/images/carousel-row.png
Requested by: Host: payment.allopass.com
URL: https://payment.allopass.com/static/css/carousel.css?68
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 185.119.26.1 , France, ASN203544 (WEBDEVIIN-AS, FR),
Reverse DNS: 1.26.119.185.in-addr.arpa
Software: Apache /
Resource Hash: 3826392fad8affe0e8f105c96299f4b3550fdd588c90603a12cc3db9b8e529c0

Request headers

Accept-Language: fr-FR,fr;q=0.9
Referer: https://payment.allopass.com/static/css/carousel.css?68
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Date: Sat, 12 Mar 2022 19:38:47 GMT
Last-Modified: Tue, 16 Nov 2021 13:36:55 GMT
Server: Apache
ETag: "40fa3-15c04-5d0e804cbabc0"
Content-Type: image/png
Connection: close
Accept-Ranges: bytes
Content-Length: 89092

POST
H2 200 chk.php Show response
gmu-apps.com/ Frame 1C34 0
94 B 468ms
161ms XHR
text/html 54.241.227.114
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://gmu-apps.com/chk.php
Requested by: Host: www.confidencescourses.com
URL: https://www.confidencescourses.com/index.php?la_page_demandee=pronostics_du_jour/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 54.241.227.114 San Jose, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-54-241-227-114.us-west-1.compute.amazonaws.com
Software: Apache /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://payment.allopass.com/
Accept-Language: fr-FR,fr;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Content-Type: application/x-www-form-urlencoded

Response headers

access-control-allow-origin: *
date: Sat, 12 Mar 2022 19:38:48 GMT
server: Apache
content-length: 0
content-type: text/html; charset=UTF-8

Verdicts & Comments Add Verdict or Comment

4 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| 0 function| structuredClone object| oncontextlost object| oncontextrestored

3 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
www.confidencescourses.com/	1969-12-31 23:59:59	Name: PHPSESSID Value: 390e318073f1ebfe3f664130348262f0
payment.allopass.com/	1969-12-31 23:59:59	Name: ShopSessionId Value: 3dffdeb1-6e20-49e3-9a65-3cab5573f3c6
.allopass.com/	1970-01-20 10:17:29	Name: AP_CUSK Value: 3559190613

11 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
security	warning	URL: https://www.confidencescourses.com/index.php?la_page_demandee=pronostics_du_jour/ Message: Mixed Content: The page at 'https://www.confidencescourses.com/index.php?la_page_demandee=pronostics_du_jour/' was loaded over HTTPS, but requested an insecure element 'http://www.millionturf.com/logos/turforiginal.gif'. This request was automatically upgraded to HTTPS, For more information see https://blog.chromium.org/2019/10/no-more-mixed-messages-about-https.html
security	warning	URL: https://www.confidencescourses.com/index.php?la_page_demandee=pronostics_du_jour/ Message: Mixed Content: The page at 'https://www.confidencescourses.com/index.php?la_page_demandee=pronostics_du_jour/' was loaded over HTTPS, but requested an insecure element 'http://www.edenturf.com/logos/basefiable.gif'. This request was automatically upgraded to HTTPS, For more information see https://blog.chromium.org/2019/10/no-more-mixed-messages-about-https.html
security	warning	URL: https://www.confidencescourses.com/index.php?la_page_demandee=pronostics_du_jour/ Message: Mixed Content: The page at 'https://www.confidencescourses.com/index.php?la_page_demandee=pronostics_du_jour/' was loaded over HTTPS, but requested an insecure element 'http://www.millionturf.com/logos/repereduturf.gif'. This request was automatically upgraded to HTTPS, For more information see https://blog.chromium.org/2019/10/no-more-mixed-messages-about-https.html
security	warning	URL: https://www.confidencescourses.com/index.php?la_page_demandee=pronostics_du_jour/ Message: Mixed Content: The page at 'https://www.confidencescourses.com/index.php?la_page_demandee=pronostics_du_jour/' was loaded over HTTPS, but requested an insecure element 'http://www.biltoturf.com/logo.gif'. This request was automatically upgraded to HTTPS, For more information see https://blog.chromium.org/2019/10/no-more-mixed-messages-about-https.html
security	warning	URL: https://www.confidencescourses.com/index.php?la_page_demandee=pronostics_du_jour/ Message: Mixed Content: The page at 'https://www.confidencescourses.com/index.php?la_page_demandee=pronostics_du_jour/' was loaded over HTTPS, but requested an insecure element 'http://www.millionturf.com/logos/eruditcourse.gif'. This request was automatically upgraded to HTTPS, For more information see https://blog.chromium.org/2019/10/no-more-mixed-messages-about-https.html
security	warning	URL: https://www.confidencescourses.com/index.php?la_page_demandee=pronostics_du_jour/ Message: Mixed Content: The page at 'https://www.confidencescourses.com/index.php?la_page_demandee=pronostics_du_jour/' was loaded over HTTPS, but requested an insecure element 'http://www.tagalataturf.com/logobilto.gif'. This request was automatically upgraded to HTTPS, For more information see https://blog.chromium.org/2019/10/no-more-mixed-messages-about-https.html
security	warning	URL: https://www.confidencescourses.com/index.php?la_page_demandee=pronostics_du_jour/ Message: Mixed Content: The page at 'https://www.confidencescourses.com/index.php?la_page_demandee=pronostics_du_jour/' was loaded over HTTPS, but requested an insecure element 'http://zetop.info/img/logo_zetop.gif'. This request was automatically upgraded to HTTPS, For more information see https://blog.chromium.org/2019/10/no-more-mixed-messages-about-https.html
security	warning	URL: https://www.confidencescourses.com/index.php?la_page_demandee=pronostics_du_jour/ Message: Mixed Content: The page at 'https://www.confidencescourses.com/index.php?la_page_demandee=pronostics_du_jour/' was loaded over HTTPS, but requested an insecure element 'http://www.levainqueur.com/logo.gif'. This request was automatically upgraded to HTTPS, For more information see https://blog.chromium.org/2019/10/no-more-mixed-messages-about-https.html
security	warning	URL: https://www.confidencescourses.com/index.php?la_page_demandee=pronostics_du_jour/ Message: Mixed Content: The page at 'https://www.confidencescourses.com/index.php?la_page_demandee=pronostics_du_jour/' was loaded over HTTPS, but requested an insecure element 'http://www.turfsur.com/img/logo.gif'. This request was automatically upgraded to HTTPS, For more information see https://blog.chromium.org/2019/10/no-more-mixed-messages-about-https.html
security	warning	URL: https://www.confidencescourses.com/index.php?la_page_demandee=pronostics_du_jour/ Message: Mixed Content: The page at 'https://www.confidencescourses.com/index.php?la_page_demandee=pronostics_du_jour/' was loaded over HTTPS, but requested an insecure element 'http://img.root-top.com/topsite/secreturf/banner.gif'. This request was automatically upgraded to HTTPS, For more information see https://blog.chromium.org/2019/10/no-more-mixed-messages-about-https.html
security	warning	URL: https://www.confidencescourses.com/index.php?la_page_demandee=pronostics_du_jour/ Message: Mixed Content: The page at 'https://www.confidencescourses.com/index.php?la_page_demandee=pronostics_du_jour/' was loaded over HTTPS, but requested an insecure element 'http://img.root-top.com/topsite/turfplus/banner.gif'. This request was automatically upgraded to HTTPS, For more information see https://blog.chromium.org/2019/10/no-more-mixed-messages-about-https.html

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header	Value
Strict-Transport-Security	max-age=15768000

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

gmu-apps.com
img.root-top.com
lh3.googleusercontent.com
ns.allo-heberge.com
payment.allopass.com
www.biltoturf.com
www.confidencescourses.com
www.edenturf.com
www.google-analytics.com
www.googletagmanager.com
www.levainqueur.com
www.millionturf.com
www.snprono.powa.fr
www.tagalataturf.com
www.top-pmu.com
www.turfsur.com
www.zetop.info
zetop.info
142.250.185.142
142.250.185.225
172.217.16.136
185.119.26.1
188.114.96.7
194.150.236.165
194.150.236.190
194.150.236.236
194.150.236.5
54.241.227.114
08b5e4d50214e7ca9bc15081dce99c60e1d14c9361b755c01f7ddb990e63cfa0
16393c3e769e20445f7f78adf6a188dae9d932249842c1033dc2144bac1296ac
1decf61f3465e4585a9a8cd868c343796bb6f43dfd1f03fa0b361dab97b4627c
26f6a960d44093f8a56e95f2ed3ddd6d4526a86a3ce7dde31957b2cd21d887ff
29ffbeca4b528b5d132a71037a6937bd4b0a2ac8a7f47934880d24df55496a39
336e041b7c299275c3ec89cc251c339ea2ec1870b70dc4ef25ba308e972be005
376297fb4552940ad33a55d2dac1dc81654c5eb5ad355f856d9ce7c97a9aa285
3826392fad8affe0e8f105c96299f4b3550fdd588c90603a12cc3db9b8e529c0
3d2b5cdf68b50567dc13d747a33a825a248bcd440ced5746030163f109555c82
544350db3c92d22d0be34cae63d5ef64e2304ee943959297ee777626359c64b0
54df4beda3ad05d5c621511ff15b2882588ff457e36132035d5f21fb29f2a750
56b137612eb9e7e11421f576f02d3ea90e604fd12ab5873e6ff90aa9101e28db
5b0231eec0d06b77f534fe202e99a40e89685551d6f1afdebc3c581e3ea76a0b
6270f4fc23be1ddceb334705172b0470d61d28d201fcc23402dbdc8bac85bdc7
7c9a501ff24c88a1c67c41a92315b5c7b94e19bed6381da81631f691e501a8be
7cd8df09cacc309ff94cb22d35319ad4605ee0766c53e0daafac266904bf28fe
7ffb9e58d885b0eaf644c52103b65f0019590149c75e77ff18f826d9bb3fa4e9
86717ee9b44cbb4a42372ec7d062f97e3e89d2ee3c0382764e8ee54abe266427
8db08a66fc20669ae93e6d8e919f56a863ce77d3e1ea0bb97efc4c35da450435
9bd0c1e96f9d3b63b53ba8c355ada916479d8815034cab0aad1540c3c602d896
a1925038db769477ab74b4df34350c35688a795bb718727b0f4292a4a78a6210
a7731ee7cfa2ad38d60f11179a45fc2d197dbccfd4225015e2d9e30493742786
a9ff537d881c618b1a89e3caa40fb54cf54c7807abf37887c7cd5053c3cbb442
adfe383e215844ddafe2b7149d13c92118cc519a174bf6035494bab363034f4c
b74d93c2e43195ed06c03dcc855663cce5faec3d82a53598eb84f0714bb5ced9
b88598db6441341112078d3c81ea00ddf76e566ad9c68dcfec28a4d5100ca7b8
c0a130d7b90ac605b17acd40337aa673f2f6b1779801ba8ea7d894d38b87ba36
c1893b3f02db32e36ee562842bc299d27c047656416c204667abf42f04777d2a
c5c9a5a94fa9ebeb507e638c9d38de8052004fbc169af4d12b8df7856c7e723a
c8370a2d050359e9d505acc411e6f457a49b21360a21e6cbc9229bad3a767899
c89138fe4d60f677872fa14679dd7d6807b9f614bd62beb3ffc112f082442b8d
cdca24fd19906ad7adbf066e55d3ee87750c3901e9b5d1beb538408274d32109
d176bb09818fe74dc0e1d369c411c2e3ca68bbf64a8eb76b43ec306520229833
d34f74572cee188679df482fb9091d4f1e9cdccccd64ba6e0373c937655e8575
e015316158b9f23e0a8e73f84f6e7711561ea6183846d837e6cc47082dfce79b
e189ef6e53952ebf92b6801670b38a15b6ad733c499de8f6bd9607b801963726
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
ead7dff95228a235e92f3cc50bcd67d3e448ccb40cee683514504e8a59aa8f30
ec76dea602d465249a0adb0ab881a20786313966892873f858154b1328ca1c8e
ecb916133a9376911f10bc5c659952eb0031e457f5df367cde560edbfba38fb8
faf063f091dd745b82f9aeb12544a10ef3ee5989078c1a90d377d863fff884c7

www.confidencescourses.com Open in urlscan Pro 194.150.236.165 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Detected technologies

Page Statistics

43 Requests

95 %HTTPS

0 %IPv6

17 Domains

18 Subdomains

10 IPs

3 Countries

1755 kBTransfer

2153 kBSize

3 Cookies

24 Outgoing links

Redirected requests

43 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 0 data transactions

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

www.confidencescourses.com Open in urlscan Pro
194.150.236.165 Public Scan

Screenshot
Live screenshot

Full Image

43
Requests

95 %
HTTPS

0 %
IPv6

17
Domains

18
Subdomains

10
IPs

3
Countries

1755 kB
Transfer

2153 kB
Size

3
Cookies

43 HTTP transactions
0 data transactions