urlscan.io logo urlscan.io
SecurityTrails logo

actiongain.fi4s.net Open in urlscan Pro
80.80.233.53  Public Scan

Go To Rescan Add Verdict Report
URL: http://actiongain.fi4s.net/
Submission: On July 01 via manual from ML — Scanned from DE
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 12 IPs in 5 countries across 13 domains to perform 52 HTTP transactions. The main IP is 80.80.233.53, located in Granges, Switzerland and belongs to SAFEHOSTNET Colocation center in Geneva, CH. The main domain is actiongain.fi4s.net.
This is the only time actiongain.fi4s.net was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
8 80.80.233.53 21217 (SAFEHOSTN...)
1 2a00:1450:400... 15169 (GOOGLE)
1 194.0.255.28 8218 (NEO-ASN l...)
4 4 2606:4700:303... 13335 (CLOUDFLAR...)
2 2001:bc8:1200... 12876 (Online SAS)
1 91.216.107.79 210403 (LWS)
2 8 2606:4700:303... 13335 (CLOUDFLAR...)
1 94.125.60.197 14537 (CL-1379-1...)
22 185.119.26.1 203544 (WEBDEVIIN-AS)
3 2a00:1450:400... 15169 (GOOGLE)
2 2606:4700:440... 13335 (CLOUDFLAR...)
3 2a00:1450:400... 15169 (GOOGLE)
2 52.52.238.226 16509 (AMAZON-02)
52 12
8    80.80.233.53 (Granges, Switzerland)

ASN21217 (SAFEHOSTNET Colocation center in Geneva, CH)
PTR: hosting01.services.oxito.com
actiongain.fi4s.net
1    2a00:1450:4001:82b::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
4.bp.blogspot.com
1    194.0.255.28 (France)

ASN8218 (NEO-ASN legacy Neotelecoms, FR)
PTR: srv28.bdmultimedia.fr
script.starpass.fr
4    2606:4700:3038::6815:ea1a (United States)

ASN13335 (CLOUDFLARENET, US)
img.root-top.com
2    2001:bc8:1200:1b01::1 (France)

ASN12876 (Online SAS, FR)
i.goopics.net
1    91.216.107.79 (France)

ASN210403 (LWS, FR)
maxigainpmu.com
8    2606:4700:3034::ac43:c8d8 (United States)

ASN13335 (CLOUDFLARENET, US)
www.pronostic-facile.fr
1    94.125.60.197 (Isle Of Man)

ASN14537 (CL-1379-14537, US)
www.zeturf.fr
22    185.119.26.1 (France)

ASN203544 (WEBDEVIIN-AS, FR)
PTR: 1.26.119.185.in-addr.arpa
payment.allopass.com
3    2a00:1450:4001:831::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.googletagmanager.com
2    2606:4700:440e::ac40:9c1a (United States)

ASN13335 (CLOUDFLARENET, US)
static.cloudflareinsights.com
3    2a00:1450:4001:829::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.google-analytics.com
2    52.52.238.226 (San Jose, United States)

ASN16509 (AMAZON-02, US)
PTR: ec2-52-52-238-226.us-west-1.compute.amazonaws.com
gmu-apps.com
Apex Domain
Subdomains		 Transfer
22 allopass.com
payment.allopass.com
215 KB
8 pronostic-facile.fr
www.pronostic-facile.fr
11 KB
8 fi4s.net
actiongain.fi4s.net
420 KB
4 root-top.com
img.root-top.com
2 KB
3 google-analytics.com
www.google-analytics.com — Cisco Umbrella Rank: 49
59 KB
3 googletagmanager.com
www.googletagmanager.com — Cisco Umbrella Rank: 89
119 KB
2 gmu-apps.com
gmu-apps.com
6 KB
2 cloudflareinsights.com
static.cloudflareinsights.com — Cisco Umbrella Rank: 1325
10 KB
2 goopics.net
i.goopics.net — Cisco Umbrella Rank: 293840
219 KB
1 zeturf.fr
www.zeturf.fr
1 maxigainpmu.com
maxigainpmu.com
367 KB
1 starpass.fr
script.starpass.fr
286 B
1 blogspot.com
4.bp.blogspot.com — Cisco Umbrella Rank: 12431
565 KB
52 13
Domain Requested by
22 payment.allopass.com actiongain.fi4s.net
payment.allopass.com
8 www.pronostic-facile.fr 2 redirects actiongain.fi4s.net
www.pronostic-facile.fr
static.cloudflareinsights.com
8 actiongain.fi4s.net actiongain.fi4s.net
4 img.root-top.com 4 redirects
3 www.google-analytics.com www.googletagmanager.com
3 www.googletagmanager.com www.pronostic-facile.fr
payment.allopass.com
2 gmu-apps.com payment.allopass.com
actiongain.fi4s.net
2 static.cloudflareinsights.com www.pronostic-facile.fr
2 i.goopics.net actiongain.fi4s.net
1 www.zeturf.fr actiongain.fi4s.net
1 maxigainpmu.com actiongain.fi4s.net
1 script.starpass.fr actiongain.fi4s.net
1 4.bp.blogspot.com actiongain.fi4s.net
52 13

This site contains links to these domains. Also see Links.

Domain
www.whatsapp.com
www.root-top.com
maxigainpmu.com
www.joueurs-info-service.fr
Subject Issuer Validity Valid
script.starpass.fr
ZeroSSL RSA Domain Secure Site CA		 2022-05-24 -
2022-08-22		 3 months crt.sh
www.zeturf.fr
Thawte EV RSA CA 2018		 2021-09-10 -
2022-10-11		 a year crt.sh
*.allopass.com
Gandi Standard SSL CA 2		 2021-10-08 -
2022-10-08		 a year crt.sh
sni.cloudflaressl.com
Cloudflare Inc ECC CA-3		 2022-05-11 -
2023-05-11		 a year crt.sh
*.google-analytics.com
GTS CA 1C3		 2022-06-06 -
2022-08-29		 3 months crt.sh
gmu-apps.com
Amazon		 2022-01-31 -
2023-03-01		 a year crt.sh

This page contains 4 frames:

Primary Page: http://actiongain.fi4s.net/
Frame ID: 3C1C810C983F9803BE804CF450E1D4F8
Requests: 16 HTTP requests in this frame

Frame: https://payment.allopass.com/buy/buy.apu?ids=349104&idd=1527576
Frame ID: 94A19D44366CD32A0663AC077A7F1139
Requests: 26 HTTP requests in this frame

Frame: https://www.pronostic-facile.fr/widget/partner/quinte_result/all
Frame ID: B31C14D56963F1BC9FA17EF44565B881
Requests: 5 HTTP requests in this frame

Frame: https://www.pronostic-facile.fr/widget/partner/quinte_runners/all
Frame ID: 8406CB5CB13C70C46C22CCCD59B0FF40
Requests: 5 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page Title

.::ACTIONGAIN::.

Detected technologies

Overall confidence: 100%
Detected patterns
  • static\.cloudflareinsights\.com/beacon(?:\.min)?\.js
Overall confidence: 100%
Detected patterns
  • fingerprint(\d)?(?:\.min)?\.js
Overall confidence: 100%
Detected patterns
  • google-analytics\.com/(?:ga|urchin|analytics)\.js
Overall confidence: 100%
Detected patterns
  • googletagmanager\.com/gtm\.js
  • googletagmanager\.com/gtag/js
Overall confidence: 100%
Detected patterns
  • jquery[.-]([\d.]*\d)[^/]*\.js
  • jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

Page Statistics

52
Requests

73 %
HTTPS

54 %
IPv6

13
Domains

13
Subdomains

12
IPs

5
Countries

1990 kB
Transfer

2635 kB
Size

2
Cookies

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 4
  • http://img.root-top.com/topsite/maxigains/banner.gif HTTP 301
  • https://img.root-top.com/topsite/maxigains/banner.gif HTTP 302
  • https://i.goopics.net/PX04d.gif
Request Chain 5
  • http://img.root-top.com/topsite/kadopronos/banner.gif HTTP 301
  • https://img.root-top.com/topsite/kadopronos/banner.gif HTTP 302
  • https://i.goopics.net/LnmwA.gif
Request Chain 7
  • http://www.pronostic-facile.fr/widget/partner/script/quinte_result HTTP 301
  • https://www.pronostic-facile.fr/widget/partner/script/quinte_result
Request Chain 8
  • http://www.pronostic-facile.fr/widget/partner/script/quinte_runners HTTP 301
  • https://www.pronostic-facile.fr/widget/partner/script/quinte_runners

52 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Primary Request /
actiongain.fi4s.net/ 		5 KB
5 KB 		Document
General
Check archive.org
Download Go to
Full URL
http://actiongain.fi4s.net/
Protocol
HTTP/1.1
Server
80.80.233.53 Granges, Switzerland, ASN21217 (SAFEHOSTNET Colocation center in Geneva, CH),
Reverse DNS
hosting01.services.oxito.com
Software
Apache/2.4.6 () OpenSSL/1.0.2k-fips mod_fcgid/2.3.9 / PHP/5.5.38
Resource Hash
b9ae6807827a75820030a3577a4c3422caf19fc69602596b4210b3d3961d7f63

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

Content-Type
text/html
Date
Fri, 01 Jul 2022 11:36:19 GMT
Server
Apache/2.4.6 () OpenSSL/1.0.2k-fips mod_fcgid/2.3.9
Transfer-Encoding
chunked
X-Powered-By
PHP/5.5.38
special.css
actiongain.fi4s.net/css/ 		4 KB
4 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
http://actiongain.fi4s.net/css/special.css
Requested by
Host: actiongain.fi4s.net
URL: http://actiongain.fi4s.net/
Protocol
HTTP/1.1
Server
80.80.233.53 Granges, Switzerland, ASN21217 (SAFEHOSTNET Colocation center in Geneva, CH),
Reverse DNS
hosting01.services.oxito.com
Software
Apache/2.4.6 () OpenSSL/1.0.2k-fips mod_fcgid/2.3.9 /
Resource Hash
2bd5b9d9aaef3add6341f50a95bfa7bd96fdf477f75f3359cb5fe143f4cdbc60

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://actiongain.fi4s.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

Date
Fri, 01 Jul 2022 11:36:20 GMT
Last-Modified
Mon, 20 Apr 2020 07:04:50 GMT
Server
Apache/2.4.6 () OpenSSL/1.0.2k-fips mod_fcgid/2.3.9
Accept-Ranges
bytes
ETag
"f18-5a3b383e2df0d"
Content-Length
3864
Content-Type
text/css
unnamed%2B4.gif
4.bp.blogspot.com/-cOZS4oSALM4/W-oO0UjuEfI/AAAAAAAAABc/VoSsv1hGARgqi8S_YUeK2rJ1qobjiRZdgCK4BGAYYCw/s1600/ 		564 KB
565 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
http://4.bp.blogspot.com/-cOZS4oSALM4/W-oO0UjuEfI/AAAAAAAAABc/VoSsv1hGARgqi8S_YUeK2rJ1qobjiRZdgCK4BGAYYCw/s1600/unnamed%2B4.gif
Requested by
Host: actiongain.fi4s.net
URL: http://actiongain.fi4s.net/
Protocol
HTTP/1.1
Server
2a00:1450:4001:82b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
fife /
Resource Hash
bcf55c1566becd0358f107fc855d8669ed2092a5670719c8239eb8fbbbe7601e
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://actiongain.fi4s.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

Date
Fri, 01 Jul 2022 11:36:20 GMT
X-Content-Type-Options
nosniff
Server
fife
Age
0
ETag
"v18"
Vary
Origin
Content-Type
image/gif
Access-Control-Allow-Origin
*
Access-Control-Expose-Headers
Content-Length
Cache-Control
public, max-age=86400, no-transform
Content-Disposition
inline;filename="unnamed 4.gif"
Timing-Allow-Origin
*
Content-Length
577974
X-XSS-Protection
0
Expires
Fri, 24 Jun 2022 17:46:17 GMT
script.php
script.starpass.fr/ 		20 B
286 B 		Script
General
Check archive.org
Download Go to
Full URL
https://script.starpass.fr/script.php?idd=436057&datas=
Requested by
Host: actiongain.fi4s.net
URL: http://actiongain.fi4s.net/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
194.0.255.28 , France, ASN8218 (NEO-ASN legacy Neotelecoms, FR),
Reverse DNS
srv28.bdmultimedia.fr
Software
Apache /
Resource Hash
65e35c6ae1f74e16cbe663763323963eec7c6a22512042ab0758bd68151934a1

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://actiongain.fi4s.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

Date
Fri, 01 Jul 2022 11:35:46 GMT
Content-Encoding
gzip
Server
Apache
Vary
Accept-Encoding,User-Agent
Content-Type
text/html; charset=UTF-8
Connection
Keep-Alive
Keep-Alive
timeout=2, max=100
Content-Length
40
sct2tqqm_01.gif
actiongain.fi4s.net/image/ 		4 KB
4 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
http://actiongain.fi4s.net/image/sct2tqqm_01.gif
Requested by
Host: actiongain.fi4s.net
URL: http://actiongain.fi4s.net/
Protocol
HTTP/1.1
Server
80.80.233.53 Granges, Switzerland, ASN21217 (SAFEHOSTNET Colocation center in Geneva, CH),
Reverse DNS
hosting01.services.oxito.com
Software
Apache/2.4.6 () OpenSSL/1.0.2k-fips mod_fcgid/2.3.9 /
Resource Hash
0283a9c622051b0f52b9e239243ee53045cfa8770dacbd9918a93ce1687b6da7

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://actiongain.fi4s.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

Date
Fri, 01 Jul 2022 11:36:20 GMT
Last-Modified
Mon, 20 Apr 2020 07:04:56 GMT
Server
Apache/2.4.6 () OpenSSL/1.0.2k-fips mod_fcgid/2.3.9
Accept-Ranges
bytes
ETag
"fa2-5a3b384404157"
Content-Length
4002
Content-Type
image/gif
PX04d.gif
i.goopics.net/
Redirect Chain
  • http://img.root-top.com/topsite/maxigains/banner.gif
  • https://img.root-top.com/topsite/maxigains/banner.gif
  • https://i.goopics.net/PX04d.gif
204 KB
205 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://i.goopics.net/PX04d.gif
Requested by
Host: actiongain.fi4s.net
URL: http://actiongain.fi4s.net/
Protocol
H2
Server
2001:bc8:1200:1b01::1 , France, ASN12876 (Online SAS, FR),
Reverse DNS
Software
nginx/1.18.0 /
Resource Hash
7047a1c38d5aa14077198535062c8294a3fadc721030cb5c3d154fc988a4a431

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://actiongain.fi4s.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date
Fri, 01 Jul 2022 11:36:20 GMT
x-openstack-request-id
tx3f86f1cf3aaa4592adf37-00624df685
last-modified
Sun, 21 Nov 2021 03:46:46 GMT
server
nginx/1.18.0
x-iplb-request-id
339F9F8C:95F6_3626E64B:01BB_624DF685_8B60AD:4160
etag
e4ac032f30bdaf9cf751eae5b786cfe1
x-iplb-instance
33618
x-object-meta-mtime
1594275471
access-control-allow-origin
*
x-timestamp
1637466405.26519
x-cache-status
HIT
accept-ranges
bytes
content-type
image/gif
content-length
208871
x-trans-id
tx3f86f1cf3aaa4592adf37-00624df685

Redirect headers

date
Fri, 01 Jul 2022 11:36:20 GMT
cf-cache-status
BYPASS
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=0QMC7iVR1h9hFH3I7FokY4mUj%2FFwTzbxgp684qDnEygek1moOYg1tkhVRZufcCalLy0%2FuEoSvdchw2Y8py%2BrYEoVa2h3kvUKY50pD%2BMnJLCkJY4ERAxYBUmulvfQmMQDKmryfECQ1PsKMMIE8be5"}],"group":"cf-nel","max_age":604800}
content-type
text/html; charset=iso-8859-1
location
https://i.goopics.net/PX04d.gif
cf-ray
723ed7e7bf637549-LHR
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
LnmwA.gif
i.goopics.net/
Redirect Chain
  • http://img.root-top.com/topsite/kadopronos/banner.gif
  • https://img.root-top.com/topsite/kadopronos/banner.gif
  • https://i.goopics.net/LnmwA.gif
14 KB
14 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://i.goopics.net/LnmwA.gif
Requested by
Host: actiongain.fi4s.net
URL: http://actiongain.fi4s.net/
Protocol
H2
Server
2001:bc8:1200:1b01::1 , France, ASN12876 (Online SAS, FR),
Reverse DNS
Software
nginx/1.18.0 /
Resource Hash
cf1cc11c728c992b102d06d1c56550ee351d7ee9e277a855ec63e7f675e3f495

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://actiongain.fi4s.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date
Fri, 01 Jul 2022 11:36:20 GMT
x-openstack-request-id
txae32b9efde3c42539c812-00624df682
last-modified
Sun, 21 Nov 2021 01:23:57 GMT
server
nginx/1.18.0
x-iplb-request-id
339F9F8C:82CE_5762BBC9:01BB_624DF682_8B1C2F:457A
etag
48ec6f5f876a893e45d2a0283bb15f10
x-iplb-instance
42084
x-object-meta-mtime
1594675026
access-control-allow-origin
*
x-timestamp
1637457836.47758
x-cache-status
HIT
accept-ranges
bytes
content-type
image/gif
content-length
14129
x-trans-id
txae32b9efde3c42539c812-00624df682

Redirect headers

date
Fri, 01 Jul 2022 11:36:20 GMT
cf-cache-status
BYPASS
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=T06qVuKdqzcjEFt4F90FKqU51WxxnPJwdzCwA5GH2p8fMrMUuIeoKR%2BNK2QVQbXyYTk0gmf6R5SA%2Fx6ColWtAHLtIgYbPmB4UkVJarY%2F1pYS7ahReSLupDqfL%2BCKOQOyuC4vkV%2B1jpVgzig3CNIH"}],"group":"cf-nel","max_age":604800}
content-type
text/html; charset=iso-8859-1
location
https://i.goopics.net/LnmwA.gif
cf-ray
723ed7e7bf617549-LHR
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
maxi_ban.gif
maxigainpmu.com/ 		366 KB
367 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
http://maxigainpmu.com/maxi_ban.gif
Requested by
Host: actiongain.fi4s.net
URL: http://actiongain.fi4s.net/
Protocol
HTTP/1.1
Server
91.216.107.79 , France, ASN210403 (LWS, FR),
Reverse DNS
Software
nginx /
Resource Hash
c5a628c08f520917ae7af4095cefad04a5b8ace5b9924d1c2bd7004f76debeca

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://actiongain.fi4s.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

Date
Fri, 01 Jul 2022 11:36:20 GMT
Last-Modified
Sun, 30 Jul 2017 18:15:41 GMT
Server
nginx
ETag
"5b907-5558ce6ed305d"
Vary
Host
Content-Type
image/gif
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
375047
quinte_result
www.pronostic-facile.fr/widget/partner/script/
Redirect Chain
  • http://www.pronostic-facile.fr/widget/partner/script/quinte_result
  • https://www.pronostic-facile.fr/widget/partner/script/quinte_result
250 B
920 B 		Script
General
Check archive.org
Download Go to
Full URL
https://www.pronostic-facile.fr/widget/partner/script/quinte_result
Requested by
Host: actiongain.fi4s.net
URL: http://actiongain.fi4s.net/
Protocol
H2
Server
2606:4700:3034::ac43:c8d8 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
384c8c2d901082eaea218d5e823a419e423c429e294879ed95621d0f0f947919

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://actiongain.fi4s.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

x-runtime
1
date
Fri, 01 Jul 2022 11:36:20 GMT
content-encoding
br
cf-cache-status
DYNAMIC
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=2HdiwI6ADe34dw%2Bw37BJ0MzWR%2FntcJ%2Bv6KpxKbtJ6tKUmGX1EY08%2F4JvclTMyNIJ6fJEDujkWNotuL1l%2B4ZOmj8mZU1dvvLxZq7YZlFn%2BAeZ2OgkKDICi0ToGktQVsT8b0vGta8c05TZNiEOXPQ5TGFMsDc%2FoQ%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
text/html; charset=utf-8
cache-control
private, max-age=0, must-revalidate
cf-ray
723ed7e78ac2bbcd-FRA
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400

Redirect headers

Date
Fri, 01 Jul 2022 11:36:20 GMT
CF-Cache-Status
DYNAMIC
NEL
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Server
cloudflare
Transfer-Encoding
chunked
Report-To
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=F1j9s7hvpDB6%2B3hazr2p2Dg2GVU3fpK1UBtPqQprk1wLPRhNQlTzdgUTcgvfu6cjMPHE6FOLoZ6hJnGRWsHMpTbjBVGrLysnKKNBHPmy%2B32LXYrbLhrV8U%2BUcoR5QZkDI83yTIoiJl0o4%2F3bKISxxfhuO3wgew%3D%3D"}],"group":"cf-nel","max_age":604800}
Content-Type
text/html
Location
https://www.pronostic-facile.fr/widget/partner/script/quinte_result
Connection
keep-alive
CF-RAY
723ed7e698a491d1-FRA
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
quinte_runners
www.pronostic-facile.fr/widget/partner/script/
Redirect Chain
  • http://www.pronostic-facile.fr/widget/partner/script/quinte_runners
  • https://www.pronostic-facile.fr/widget/partner/script/quinte_runners
251 B
610 B 		Script
General
Check archive.org
Download Go to
Full URL
https://www.pronostic-facile.fr/widget/partner/script/quinte_runners
Requested by
Host: actiongain.fi4s.net
URL: http://actiongain.fi4s.net/
Protocol
H2
Server
2606:4700:3034::ac43:c8d8 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
c12334f075c3ef7a6c6fd68e3e441221457c69d7e6629fbc74d38b57c267ccd6

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://actiongain.fi4s.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

x-runtime
1
date
Fri, 01 Jul 2022 11:36:20 GMT
content-encoding
br
cf-cache-status
DYNAMIC
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=MAoYPXTajORKquoVdWluiOjxuZYCt%2Bi4yfd31bo75BmZRSdYOh4TRUMC92yeLa1eSQr%2FAIV%2B349YP8dbTnf5Thy1jI%2FEiXfkNBZ0XoiNAk1mRZ6Tv2jRq5DCn8FND%2FVWhw1Y9tS%2BczX%2Fr1L4E3xwxxChC4AFnA%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
text/html; charset=utf-8
cache-control
private, max-age=0, must-revalidate
cf-ray
723ed7e78abbbbcd-FRA
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400

Redirect headers

Date
Fri, 01 Jul 2022 11:36:20 GMT
CF-Cache-Status
DYNAMIC
NEL
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Server
cloudflare
Transfer-Encoding
chunked
Report-To
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Xopd2NikmFwImUbCJcciKWmtNEgqIXtI%2F0l4HeJhJJ%2F6zh7svud6T%2BvGLqXFRc42gXqltZRwZib6oU2%2BR%2BsipsxGlLgvcIhWD2Do3VirfntTU%2BFe7Cbu9GE3F2X4p0dd36t4Ea7xRaLFURMdDIT1cCww8zle7g%3D%3D"}],"group":"cf-nel","max_age":604800}
Content-Type
text/html
Location
https://www.pronostic-facile.fr/widget/partner/script/quinte_runners
Connection
keep-alive
CF-RAY
723ed7e6ad809b69-FRA
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
13d3c78.jpg
www.zeturf.fr/images/ 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.zeturf.fr/images/13d3c78.jpg?v337
Requested by
Host: actiongain.fi4s.net
URL: http://actiongain.fi4s.net/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
94.125.60.197 , Isle Of Man, ASN14537 (CL-1379-14537, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://actiongain.fi4s.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers
cheva.jpg
actiongain.fi4s.net/image/ 		11 KB
11 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
http://actiongain.fi4s.net/image/cheva.jpg
Requested by
Host: actiongain.fi4s.net
URL: http://actiongain.fi4s.net/css/special.css
Protocol
HTTP/1.1
Server
80.80.233.53 Granges, Switzerland, ASN21217 (SAFEHOSTNET Colocation center in Geneva, CH),
Reverse DNS
hosting01.services.oxito.com
Software
Apache/2.4.6 () OpenSSL/1.0.2k-fips mod_fcgid/2.3.9 /
Resource Hash
75dd4c06a2c439936b0d906fe91d007882736df7028c4ab0eeb53f38d0818be3

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://actiongain.fi4s.net/css/special.css
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

Date
Fri, 01 Jul 2022 11:36:20 GMT
Last-Modified
Mon, 20 Apr 2020 07:04:52 GMT
Server
Apache/2.4.6 () OpenSSL/1.0.2k-fips mod_fcgid/2.3.9
Accept-Ranges
bytes
ETag
"2b7b-5a3b384023e50"
Content-Length
11131
Content-Type
image/jpeg
nav_font.png
actiongain.fi4s.net/image/ 		3 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
http://actiongain.fi4s.net/image/nav_font.png
Requested by
Host: actiongain.fi4s.net
URL: http://actiongain.fi4s.net/css/special.css
Protocol
HTTP/1.1
Server
80.80.233.53 Granges, Switzerland, ASN21217 (SAFEHOSTNET Colocation center in Geneva, CH),
Reverse DNS
hosting01.services.oxito.com
Software
Apache/2.4.6 () OpenSSL/1.0.2k-fips mod_fcgid/2.3.9 /
Resource Hash
6f330d1ac2e5b233ced2797cf88dcd05c3866e8aeab51e374e9558fa2e7053ca

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://actiongain.fi4s.net/css/special.css
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

Date
Fri, 01 Jul 2022 11:36:20 GMT
Last-Modified
Mon, 20 Apr 2020 07:04:54 GMT
Server
Apache/2.4.6 () OpenSSL/1.0.2k-fips mod_fcgid/2.3.9
Accept-Ranges
bytes
ETag
"b6e-5a3b3841539b3"
Content-Length
2926
Content-Type
image/png
btn_font.png
actiongain.fi4s.net/bouton/ 		32 KB
32 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
http://actiongain.fi4s.net/bouton/btn_font.png
Requested by
Host: actiongain.fi4s.net
URL: http://actiongain.fi4s.net/css/special.css
Protocol
HTTP/1.1
Server
80.80.233.53 Granges, Switzerland, ASN21217 (SAFEHOSTNET Colocation center in Geneva, CH),
Reverse DNS
hosting01.services.oxito.com
Software
Apache/2.4.6 () OpenSSL/1.0.2k-fips mod_fcgid/2.3.9 /
Resource Hash
104dafce825d22b501a2094b6e027c7ee2548056c79ec341923381d360bb83e2

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://actiongain.fi4s.net/css/special.css
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

Date
Fri, 01 Jul 2022 11:36:20 GMT
Last-Modified
Mon, 20 Apr 2020 07:04:48 GMT
Server
Apache/2.4.6 () OpenSSL/1.0.2k-fips mod_fcgid/2.3.9
Accept-Ranges
bytes
ETag
"7f25-5a3b383c3dd89"
Content-Length
32549
Content-Type
image/png
headBANN.png
actiongain.fi4s.net/banniere/ 		358 KB
358 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
http://actiongain.fi4s.net/banniere/headBANN.png
Requested by
Host: actiongain.fi4s.net
URL: http://actiongain.fi4s.net/css/special.css
Protocol
HTTP/1.1
Server
80.80.233.53 Granges, Switzerland, ASN21217 (SAFEHOSTNET Colocation center in Geneva, CH),
Reverse DNS
hosting01.services.oxito.com
Software
Apache/2.4.6 () OpenSSL/1.0.2k-fips mod_fcgid/2.3.9 /
Resource Hash
479f01de8b15bd5a8b2054b10e725ad53b072eab1c724f307dffab024b1f4296

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://actiongain.fi4s.net/css/special.css
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

Date
Fri, 01 Jul 2022 11:36:20 GMT
Last-Modified
Mon, 20 Apr 2020 07:04:34 GMT
Server
Apache/2.4.6 () OpenSSL/1.0.2k-fips mod_fcgid/2.3.9
Accept-Ranges
bytes
ETag
"596e1-5a3b382ea55f1"
Content-Length
366305
Content-Type
image/png
font_aside.png
actiongain.fi4s.net/image/ 		3 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
http://actiongain.fi4s.net/image/font_aside.png
Requested by
Host: actiongain.fi4s.net
URL: http://actiongain.fi4s.net/css/special.css
Protocol
HTTP/1.1
Server
80.80.233.53 Granges, Switzerland, ASN21217 (SAFEHOSTNET Colocation center in Geneva, CH),
Reverse DNS
hosting01.services.oxito.com
Software
Apache/2.4.6 () OpenSSL/1.0.2k-fips mod_fcgid/2.3.9 /
Resource Hash
4fe0dd6ad8d0523eac3edec6ea4000f138bd9d59da425efc627d3f964fd4b7bb

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://actiongain.fi4s.net/css/special.css
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

Date
Fri, 01 Jul 2022 11:36:20 GMT
Last-Modified
Mon, 20 Apr 2020 07:04:53 GMT
Server
Apache/2.4.6 () OpenSSL/1.0.2k-fips mod_fcgid/2.3.9
Accept-Ranges
bytes
ETag
"b5f-5a3b38407acf1"
Content-Length
2911
Content-Type
image/png
buy.apu
payment.allopass.com/buy/ Frame 94A1 		13 KB
5 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://payment.allopass.com/buy/buy.apu?ids=349104&idd=1527576
Requested by
Host: actiongain.fi4s.net
URL: http://actiongain.fi4s.net/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
185.119.26.1 , France, ASN203544 (WEBDEVIIN-AS, FR),
Reverse DNS
1.26.119.185.in-addr.arpa
Software
Apache /
Resource Hash
0aa467237e7a89f49a940e398015726442bc4519b7e24fe266d9358e448ecf4c

Request headers

Referer
http://actiongain.fi4s.net/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

Cache-Control
no-store, no-cache, must-revalidate, post-check=0, pre-check=0
Connection
close
Content-Encoding
gzip
Content-Length
3975
Content-Type
text/html; charset=UTF-8
Date
Fri, 01 Jul 2022 11:36:20 GMT
Expires
Thu, 19 Nov 1981 08:52:00 GMT
P3P
CP='NON NID OTPa OUR NOR' policy-ref='http://payment.allopass.com/info/p3p/policy-references.xml'
Pragma
no-cache
Server
Apache
Vary
Accept-Encoding
all
www.pronostic-facile.fr/widget/partner/quinte_result/ Frame B31C 		8 KB
4 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://www.pronostic-facile.fr/widget/partner/quinte_result/all
Requested by
Host: www.pronostic-facile.fr
URL: http://www.pronostic-facile.fr/widget/partner/script/quinte_result
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3034::ac43:c8d8 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
0f308a51a3d2e561656d9943258e7173a5611a9257301f8860545ec5f1b49500

Request headers

Referer
http://actiongain.fi4s.net/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
cache-control
private, max-age=0, must-revalidate
cf-cache-status
DYNAMIC
cf-ray
723ed7e86c30bbcd-FRA
content-encoding
br
content-type
text/html; charset=utf-8
date
Fri, 01 Jul 2022 11:36:20 GMT
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=N%2F7sQ81PNFRyDOdVqDYepoMk8zAjr%2BKUduEOgFFJ%2FGPJ%2FUWf8EirJcwJ8mlVNr37RB6dgPo5ytcAEym6JZFwzj8Jb02UT27frXt5EjD42KKzdcJOFQni4MAKFC%2FZvhhr5xXvzLHVP6xJY6ahztf31zfgzCqUNA%3D%3D"}],"group":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
x-runtime
2
all
www.pronostic-facile.fr/widget/partner/quinte_runners/ Frame 8406 		9 KB
4 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://www.pronostic-facile.fr/widget/partner/quinte_runners/all
Requested by
Host: www.pronostic-facile.fr
URL: http://www.pronostic-facile.fr/widget/partner/script/quinte_runners
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3034::ac43:c8d8 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
46ae094badd5d08da912d04cca0fa10ed02295962158e5cab9a9409219513a56

Request headers

Referer
http://actiongain.fi4s.net/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
cache-control
private, max-age=0, must-revalidate
cf-cache-status
DYNAMIC
cf-ray
723ed7e86c31bbcd-FRA
content-encoding
br
content-type
text/html; charset=utf-8
date
Fri, 01 Jul 2022 11:36:20 GMT
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=XeYrOh9cT4qcO%2FG1yqrnNaPjpOyWpU9SNgsyAQyUjMFFeLmXJrpmZtW9RlCxQksxmgMf5rpoePM0EQYAlOU%2FAior6baMwa%2FILoOOGE8WdnArp7N3%2B9mQKQfhRZXHTjbiGAFHXhpHRu2vE9%2FIOur89kExvGnY2Q%3D%3D"}],"group":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
x-runtime
1
js
www.googletagmanager.com/gtag/ Frame B31C 		103 KB
40 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtag/js?id=UA-630351-12
Requested by
Host: www.pronostic-facile.fr
URL: https://www.pronostic-facile.fr/widget/partner/quinte_result/all
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:831::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
19322340e2475944fedf83d5b23d924b10c852a4c7bb91dc91079988d2a62ba9
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.pronostic-facile.fr/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date
Fri, 01 Jul 2022 11:36:20 GMT
content-encoding
br
vary
Accept-Encoding
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
40395
x-xss-protection
0
last-modified
Fri, 01 Jul 2022 09:00:00 GMT
server
Google Tag Manager
strict-transport-security
max-age=31536000; includeSubDomains
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
access-control-allow-headers
Cache-Control
expires
Fri, 01 Jul 2022 11:36:20 GMT
v652eace1692a40cfa3763df669d7439c1639079717194
static.cloudflareinsights.com/beacon.min.js/ Frame B31C 		14 KB
5 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.cloudflareinsights.com/beacon.min.js/v652eace1692a40cfa3763df669d7439c1639079717194
Requested by
Host: www.pronostic-facile.fr
URL: https://www.pronostic-facile.fr/widget/partner/quinte_result/all
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:440e::ac40:9c1a , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
fd0a1ac929c11b08e819fe4b0a18c5574012c44f09de8987c6be99a0f055a505

Request headers

Referer
https://www.pronostic-facile.fr/
Origin
https://www.pronostic-facile.fr
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date
Fri, 01 Jul 2022 11:36:20 GMT
content-encoding
gzip
last-modified
Thu, 09 Dec 2021 19:55:17 GMT
server
cloudflare
etag
W/2021.12.0
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
text/javascript;charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=86400
cross-origin-resource-policy
cross-origin
cf-ray
723ed7ea4cf4906a-FRA
js
www.googletagmanager.com/gtag/ Frame 8406 		103 KB
40 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtag/js?id=UA-630351-12
Requested by
Host: www.pronostic-facile.fr
URL: https://www.pronostic-facile.fr/widget/partner/quinte_runners/all
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:831::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
07725404a450462ea4a174b070540a200ec5a0d849e8045bd7dd4560c4b7d3bf
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.pronostic-facile.fr/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date
Fri, 01 Jul 2022 11:36:20 GMT
content-encoding
br
vary
Accept-Encoding
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
40397
x-xss-protection
0
last-modified
Fri, 01 Jul 2022 09:00:00 GMT
server
Google Tag Manager
strict-transport-security
max-age=31536000; includeSubDomains
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
access-control-allow-headers
Cache-Control
expires
Fri, 01 Jul 2022 11:36:20 GMT
v652eace1692a40cfa3763df669d7439c1639079717194
static.cloudflareinsights.com/beacon.min.js/ Frame 8406 		14 KB
5 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.cloudflareinsights.com/beacon.min.js/v652eace1692a40cfa3763df669d7439c1639079717194
Requested by
Host: www.pronostic-facile.fr
URL: https://www.pronostic-facile.fr/widget/partner/quinte_runners/all
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:440e::ac40:9c1a , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
fd0a1ac929c11b08e819fe4b0a18c5574012c44f09de8987c6be99a0f055a505

Request headers

Referer
https://www.pronostic-facile.fr/
Origin
https://www.pronostic-facile.fr
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date
Fri, 01 Jul 2022 11:36:20 GMT
content-encoding
gzip
last-modified
Thu, 09 Dec 2021 19:55:17 GMT
server
cloudflare
etag
W/2021.12.0
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
text/javascript;charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=86400
cross-origin-resource-policy
cross-origin
cf-ray
723ed7ea4cf7906a-FRA
analytics.js
www.google-analytics.com/ Frame B31C 		49 KB
20 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/analytics.js
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=UA-630351-12
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:829::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
a1925038db769477ab74b4df34350c35688a795bb718727b0f4292a4a78a6210
Security Headers
Name Value
Strict-Transport-Security max-age=10886400; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.pronostic-facile.fr/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

strict-transport-security
max-age=10886400; includeSubDomains; preload
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Wed, 13 Apr 2022 21:02:38 GMT
server
Golfe2
age
1892
date
Fri, 01 Jul 2022 11:04:49 GMT
vary
Accept-Encoding
content-type
text/javascript
cache-control
public, max-age=7200
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
20006
expires
Fri, 01 Jul 2022 13:04:49 GMT
rum
www.pronostic-facile.fr/cdn-cgi/ Frame B31C 		0
208 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://www.pronostic-facile.fr/cdn-cgi/rum?
Requested by
Host: static.cloudflareinsights.com
URL: https://static.cloudflareinsights.com/beacon.min.js/v652eace1692a40cfa3763df669d7439c1639079717194
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3034::ac43:c8d8 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options DENY

Request headers

Referer
https://www.pronostic-facile.fr/widget/partner/quinte_result/all
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36
content-type
application/json

Response headers

date
Fri, 01 Jul 2022 11:36:20 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cloudflare
x-frame-options
DENY
access-control-allow-methods
POST,OPTIONS
content-type
text/plain
access-control-allow-origin
https://www.pronostic-facile.fr
access-control-max-age
86400
access-control-allow-credentials
true
cf-ray
723ed7eaf86f9bda-FRA
vary
Origin
analytics.js
www.google-analytics.com/ Frame 8406 		49 KB
20 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/analytics.js
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=UA-630351-12
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:829::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
a1925038db769477ab74b4df34350c35688a795bb718727b0f4292a4a78a6210
Security Headers
Name Value
Strict-Transport-Security max-age=10886400; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.pronostic-facile.fr/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

strict-transport-security
max-age=10886400; includeSubDomains; preload
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Wed, 13 Apr 2022 21:02:38 GMT
server
Golfe2
age
1892
date
Fri, 01 Jul 2022 11:04:49 GMT
vary
Accept-Encoding
content-type
text/javascript
cache-control
public, max-age=7200
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
20006
expires
Fri, 01 Jul 2022 13:04:49 GMT
rum
www.pronostic-facile.fr/cdn-cgi/ Frame 8406 		0
172 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://www.pronostic-facile.fr/cdn-cgi/rum?
Requested by
Host: static.cloudflareinsights.com
URL: https://static.cloudflareinsights.com/beacon.min.js/v652eace1692a40cfa3763df669d7439c1639079717194
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3034::ac43:c8d8 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options DENY

Request headers

Referer
https://www.pronostic-facile.fr/widget/partner/quinte_runners/all
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36
content-type
application/json

Response headers

date
Fri, 01 Jul 2022 11:36:20 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cloudflare
x-frame-options
DENY
access-control-allow-methods
POST,OPTIONS
content-type
text/plain
access-control-allow-origin
https://www.pronostic-facile.fr
access-control-max-age
86400
access-control-allow-credentials
true
cf-ray
723ed7eb38bd9bda-FRA
vary
Origin
jBox.all.min.css
payment.allopass.com/static/css/jBox/ Frame 94A1 		16 KB
4 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://payment.allopass.com/static/css/jBox/jBox.all.min.css
Requested by
Host: payment.allopass.com
URL: https://payment.allopass.com/buy/buy.apu?ids=349104&idd=1527576
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
185.119.26.1 , France, ASN203544 (WEBDEVIIN-AS, FR),
Reverse DNS
1.26.119.185.in-addr.arpa
Software
Apache /
Resource Hash
16393c3e769e20445f7f78adf6a188dae9d932249842c1033dc2144bac1296ac

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://payment.allopass.com/buy/buy.apu?ids=349104&idd=1527576
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

Date
Fri, 01 Jul 2022 11:36:21 GMT
Content-Encoding
gzip
Last-Modified
Tue, 16 Nov 2021 13:36:55 GMT
Server
Apache
ETag
"40fd0-40d7-5d0e804cbabc0"
Vary
Accept-Encoding
Content-Type
text/css
Connection
close
Accept-Ranges
bytes
Content-Length
3631
base.css
payment.allopass.com/static/css/ Frame 94A1 		81 KB
15 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://payment.allopass.com/static/css/base.css?68
Requested by
Host: payment.allopass.com
URL: https://payment.allopass.com/buy/buy.apu?ids=349104&idd=1527576
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
185.119.26.1 , France, ASN203544 (WEBDEVIIN-AS, FR),
Reverse DNS
1.26.119.185.in-addr.arpa
Software
Apache /
Resource Hash
adfe383e215844ddafe2b7149d13c92118cc519a174bf6035494bab363034f4c

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://payment.allopass.com/buy/buy.apu?ids=349104&idd=1527576
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

Date
Fri, 01 Jul 2022 11:36:21 GMT
Content-Encoding
gzip
Last-Modified
Fri, 26 Nov 2021 09:46:13 GMT
Server
Apache
ETag
"216cc-143f2-5d1adf6294340"
Vary
Accept-Encoding
Content-Type
text/css
Connection
close
Accept-Ranges
bytes
Content-Length
14716
carousel.css
payment.allopass.com/static/css/ Frame 94A1 		21 KB
3 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://payment.allopass.com/static/css/carousel.css?68
Requested by
Host: payment.allopass.com
URL: https://payment.allopass.com/buy/buy.apu?ids=349104&idd=1527576
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
185.119.26.1 , France, ASN203544 (WEBDEVIIN-AS, FR),
Reverse DNS
1.26.119.185.in-addr.arpa
Software
Apache /
Resource Hash
1decf61f3465e4585a9a8cd868c343796bb6f43dfd1f03fa0b361dab97b4627c

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://payment.allopass.com/buy/buy.apu?ids=349104&idd=1527576
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

Date
Fri, 01 Jul 2022 11:36:21 GMT
Content-Encoding
gzip
Last-Modified
Tue, 16 Nov 2021 13:36:55 GMT
Server
Apache
ETag
"216eb-54eb-5d0e804cbabc0"
Vary
Accept-Encoding
Content-Type
text/css
Connection
close
Accept-Ranges
bytes
Content-Length
2387
jquery-1.3.2.min.js
payment.allopass.com/static/js/ext/ Frame 94A1 		56 KB
20 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://payment.allopass.com/static/js/ext/jquery-1.3.2.min.js
Requested by
Host: payment.allopass.com
URL: https://payment.allopass.com/buy/buy.apu?ids=349104&idd=1527576
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
185.119.26.1 , France, ASN203544 (WEBDEVIIN-AS, FR),
Reverse DNS
1.26.119.185.in-addr.arpa
Software
Apache /
Resource Hash
c8370a2d050359e9d505acc411e6f457a49b21360a21e6cbc9229bad3a767899

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://payment.allopass.com/buy/buy.apu?ids=349104&idd=1527576
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

Date
Fri, 01 Jul 2022 11:36:21 GMT
Content-Encoding
gzip
Last-Modified
Tue, 16 Nov 2021 13:36:55 GMT
Server
Apache
ETag
"4106c-dfa6-5d0e804cbabc0"
Vary
Accept-Encoding
Content-Type
application/javascript
Connection
close
Accept-Ranges
bytes
Content-Length
19740
jquery-1.11.3.min.js
payment.allopass.com/static/js/ext/ Frame 94A1 		94 KB
33 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://payment.allopass.com/static/js/ext/jquery-1.11.3.min.js
Requested by
Host: payment.allopass.com
URL: https://payment.allopass.com/buy/buy.apu?ids=349104&idd=1527576
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
185.119.26.1 , France, ASN203544 (WEBDEVIIN-AS, FR),
Reverse DNS
1.26.119.185.in-addr.arpa
Software
Apache /
Resource Hash
ecb916133a9376911f10bc5c659952eb0031e457f5df367cde560edbfba38fb8

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://payment.allopass.com/buy/buy.apu?ids=349104&idd=1527576
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

Date
Fri, 01 Jul 2022 11:36:21 GMT
Content-Encoding
gzip
Last-Modified
Tue, 16 Nov 2021 13:36:55 GMT
Server
Apache
ETag
"21a21-176d5-5d0e804cbabc0"
Vary
Accept-Encoding
Content-Type
application/javascript
Connection
close
Accept-Ranges
bytes
Content-Length
33279
general.js
payment.allopass.com/onetime/scripts/ Frame 94A1 		4 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://payment.allopass.com/onetime/scripts/general.js?04
Requested by
Host: payment.allopass.com
URL: https://payment.allopass.com/buy/buy.apu?ids=349104&idd=1527576
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
185.119.26.1 , France, ASN203544 (WEBDEVIIN-AS, FR),
Reverse DNS
1.26.119.185.in-addr.arpa
Software
Apache /
Resource Hash
c1893b3f02db32e36ee562842bc299d27c047656416c204667abf42f04777d2a

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://payment.allopass.com/buy/buy.apu?ids=349104&idd=1527576
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

Date
Fri, 01 Jul 2022 11:36:21 GMT
Content-Encoding
gzip
Last-Modified
Tue, 16 Nov 2021 13:36:55 GMT
Server
Apache
ETag
"23081-f37-5d0e804cbabc0"
Vary
Accept-Encoding
Content-Type
application/javascript
Connection
close
Accept-Ranges
bytes
Content-Length
1593
jBox.all.min.js
payment.allopass.com/static/js/ext/ Frame 94A1 		51 KB
13 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://payment.allopass.com/static/js/ext/jBox.all.min.js
Requested by
Host: payment.allopass.com
URL: https://payment.allopass.com/buy/buy.apu?ids=349104&idd=1527576
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
185.119.26.1 , France, ASN203544 (WEBDEVIIN-AS, FR),
Reverse DNS
1.26.119.185.in-addr.arpa
Software
Apache /
Resource Hash
d176bb09818fe74dc0e1d369c411c2e3ca68bbf64a8eb76b43ec306520229833

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://payment.allopass.com/buy/buy.apu?ids=349104&idd=1527576
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

Date
Fri, 01 Jul 2022 11:36:21 GMT
Content-Encoding
gzip
Last-Modified
Tue, 16 Nov 2021 13:36:55 GMT
Server
Apache
ETag
"4106a-cb59-5d0e804cbabc0"
Vary
Accept-Encoding
Content-Type
application/javascript
Connection
close
Accept-Ranges
bytes
Content-Length
12605
top.js
gmu-apps.com/js/ Frame 94A1 		54 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://gmu-apps.com/js/top.js
Requested by
Host: payment.allopass.com
URL: https://payment.allopass.com/buy/buy.apu?ids=349104&idd=1527576
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.52.238.226 San Jose, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-52-238-226.us-west-1.compute.amazonaws.com
Software
Apache /
Resource Hash
cdca24fd19906ad7adbf066e55d3ee87750c3901e9b5d1beb538408274d32109

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://payment.allopass.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 01 Jul 2022 11:36:21 GMT
content-encoding
gzip
last-modified
Fri, 02 Apr 2021 20:31:35 GMT
server
Apache
vary
Accept-Encoding
content-type
application/javascript
cache-control
max-age=0, no-cache, no-store, must-revalidate
accept-ranges
bytes
content-length
5772
expires
Sun, 8 Mar 1981 10:00:00 GMT
de.png
payment.allopass.com/icons/flags/24x24/ Frame 94A1 		483 B
721 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://payment.allopass.com/icons/flags/24x24/de.png
Requested by
Host: payment.allopass.com
URL: https://payment.allopass.com/buy/buy.apu?ids=349104&idd=1527576
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
185.119.26.1 , France, ASN203544 (WEBDEVIIN-AS, FR),
Reverse DNS
1.26.119.185.in-addr.arpa
Software
Apache /
Resource Hash
07cd5a4cad20604f77dced9c7d8a92ca9ae3321718e5a1935296e4d75f921a19

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://payment.allopass.com/buy/buy.apu?ids=349104&idd=1527576
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

Date
Fri, 01 Jul 2022 11:36:22 GMT
Last-Modified
Tue, 26 Nov 2019 14:39:45 GMT
Server
Apache
ETag
"2237b-1e3-59840d9ebee40"
Content-Type
image/png
Connection
close
Accept-Ranges
bytes
Content-Length
483
acte-popup.js
payment.allopass.com/static/js/ Frame 94A1 		1 KB
969 B 		Script
General
Check archive.org
Download Go to
Full URL
https://payment.allopass.com/static/js/acte-popup.js
Requested by
Host: payment.allopass.com
URL: https://payment.allopass.com/buy/buy.apu?ids=349104&idd=1527576
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
185.119.26.1 , France, ASN203544 (WEBDEVIIN-AS, FR),
Reverse DNS
1.26.119.185.in-addr.arpa
Software
Apache /
Resource Hash
8472f9d617cded83788f70cfc5d2e94838833f36bcbf7357c66dfe1a063e8f94

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://payment.allopass.com/buy/buy.apu?ids=349104&idd=1527576
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

Date
Fri, 01 Jul 2022 11:36:21 GMT
Content-Encoding
gzip
Last-Modified
Tue, 16 Nov 2021 13:36:55 GMT
Server
Apache
ETag
"21a1a-5d3-5d0e804cbabc0"
Vary
Accept-Encoding
Content-Type
application/javascript
Connection
close
Accept-Ranges
bytes
Content-Length
671
check-form.js
payment.allopass.com/onetime/scripts/ Frame 94A1 		30 KB
5 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://payment.allopass.com/onetime/scripts/check-form.js?14
Requested by
Host: payment.allopass.com
URL: https://payment.allopass.com/buy/buy.apu?ids=349104&idd=1527576
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
185.119.26.1 , France, ASN203544 (WEBDEVIIN-AS, FR),
Reverse DNS
1.26.119.185.in-addr.arpa
Software
Apache /
Resource Hash
d5d637b14a2922180e58e902672af169a4f58b76fda5dcedfce9b2133c48d74b

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://payment.allopass.com/buy/buy.apu?ids=349104&idd=1527576
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

Date
Fri, 01 Jul 2022 11:36:21 GMT
Content-Encoding
gzip
Last-Modified
Tue, 16 Nov 2021 13:36:55 GMT
Server
Apache
ETag
"3ff5d-764a-5d0e804cbabc0"
Vary
Accept-Encoding
Content-Type
application/javascript
Connection
close
Accept-Ranges
bytes
Content-Length
4732
check-codes.js
payment.allopass.com/static/js/ Frame 94A1 		2 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://payment.allopass.com/static/js/check-codes.js?01
Requested by
Host: payment.allopass.com
URL: https://payment.allopass.com/buy/buy.apu?ids=349104&idd=1527576
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
185.119.26.1 , France, ASN203544 (WEBDEVIIN-AS, FR),
Reverse DNS
1.26.119.185.in-addr.arpa
Software
Apache /
Resource Hash
29ffbeca4b528b5d132a71037a6937bd4b0a2ac8a7f47934880d24df55496a39

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://payment.allopass.com/buy/buy.apu?ids=349104&idd=1527576
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

Date
Fri, 01 Jul 2022 11:36:21 GMT
Content-Encoding
gzip
Last-Modified
Tue, 16 Nov 2021 13:36:55 GMT
Server
Apache
ETag
"21802-911-5d0e804cbabc0"
Vary
Accept-Encoding
Content-Type
application/javascript
Connection
close
Accept-Ranges
bytes
Content-Length
746
single-submit.js
payment.allopass.com/static/js/ Frame 94A1 		181 B
423 B 		Script
General
Check archive.org
Download Go to
Full URL
https://payment.allopass.com/static/js/single-submit.js?01
Requested by
Host: payment.allopass.com
URL: https://payment.allopass.com/buy/buy.apu?ids=349104&idd=1527576
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
185.119.26.1 , France, ASN203544 (WEBDEVIIN-AS, FR),
Reverse DNS
1.26.119.185.in-addr.arpa
Software
Apache /
Resource Hash
28d1876a51384c03581030e21b9cf6a355046e161c815acd6850b8e2758a17ea

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://payment.allopass.com/buy/buy.apu?ids=349104&idd=1527576
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

Date
Fri, 01 Jul 2022 11:36:21 GMT
Content-Encoding
gzip
Last-Modified
Tue, 16 Nov 2021 13:36:56 GMT
Server
Apache
ETag
"21a1e-b5-5d0e804daee00"
Vary
Accept-Encoding
Content-Type
application/javascript
Connection
close
Accept-Ranges
bytes
Content-Length
126
fingerprint2.min.js
payment.allopass.com/static/js/ext/ Frame 94A1 		33 KB
10 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://payment.allopass.com/static/js/ext/fingerprint2.min.js
Requested by
Host: payment.allopass.com
URL: https://payment.allopass.com/buy/buy.apu?ids=349104&idd=1527576
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
185.119.26.1 , France, ASN203544 (WEBDEVIIN-AS, FR),
Reverse DNS
1.26.119.185.in-addr.arpa
Software
Apache /
Resource Hash
faf063f091dd745b82f9aeb12544a10ef3ee5989078c1a90d377d863fff884c7

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://payment.allopass.com/buy/buy.apu?ids=349104&idd=1527576
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

Date
Fri, 01 Jul 2022 11:36:21 GMT
Content-Encoding
gzip
Last-Modified
Tue, 16 Nov 2021 13:36:55 GMT
Server
Apache
ETag
"41069-8432-5d0e804cbabc0"
Vary
Accept-Encoding
Content-Type
application/javascript
Connection
close
Accept-Ranges
bytes
Content-Length
10209
arrow-down.png
payment.allopass.com/static/css/images/ Frame 94A1 		315 B
553 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://payment.allopass.com/static/css/images/arrow-down.png
Requested by
Host: payment.allopass.com
URL: https://payment.allopass.com/buy/buy.apu?ids=349104&idd=1527576
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
185.119.26.1 , France, ASN203544 (WEBDEVIIN-AS, FR),
Reverse DNS
1.26.119.185.in-addr.arpa
Software
Apache /
Resource Hash
c0a130d7b90ac605b17acd40337aa673f2f6b1779801ba8ea7d894d38b87ba36

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://payment.allopass.com/buy/buy.apu?ids=349104&idd=1527576
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

Date
Fri, 01 Jul 2022 11:36:22 GMT
Last-Modified
Tue, 16 Nov 2021 13:36:55 GMT
Server
Apache
ETag
"2194f-13b-5d0e804cbabc0"
Content-Type
image/png
Connection
close
Accept-Ranges
bytes
Content-Length
315
carousel.js
payment.allopass.com/static/js/ Frame 94A1 		7 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://payment.allopass.com/static/js/carousel.js?5
Requested by
Host: payment.allopass.com
URL: https://payment.allopass.com/buy/buy.apu?ids=349104&idd=1527576
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
185.119.26.1 , France, ASN203544 (WEBDEVIIN-AS, FR),
Reverse DNS
1.26.119.185.in-addr.arpa
Software
Apache /
Resource Hash
8db08a66fc20669ae93e6d8e919f56a863ce77d3e1ea0bb97efc4c35da450435

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://payment.allopass.com/buy/buy.apu?ids=349104&idd=1527576
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

Date
Fri, 01 Jul 2022 11:36:21 GMT
Content-Encoding
gzip
Last-Modified
Tue, 16 Nov 2021 13:36:55 GMT
Server
Apache
ETag
"21801-1b55-5d0e804cbabc0"
Vary
Accept-Encoding
Content-Type
application/javascript
Connection
close
Accept-Ranges
bytes
Content-Length
1830
gtm.js
www.googletagmanager.com/ Frame 94A1 		104 KB
40 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtm.js?id=GTM-NHFGDSD
Requested by
Host: payment.allopass.com
URL: https://payment.allopass.com/buy/buy.apu?ids=349104&idd=1527576
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:831::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
f6a89234431e852c9073464a185c1eec28649ef5c908584934f30ba8c6499664
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://payment.allopass.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date
Fri, 01 Jul 2022 11:36:21 GMT
content-encoding
br
vary
Accept-Encoding
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
40680
x-xss-protection
0
last-modified
Fri, 01 Jul 2022 09:00:00 GMT
server
Google Tag Manager
strict-transport-security
max-age=31536000; includeSubDomains
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
access-control-allow-headers
Cache-Control
expires
Fri, 01 Jul 2022 11:36:21 GMT
duration.css
payment.allopass.com/static/css/ Frame 94A1 		3 KB
1 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://payment.allopass.com/static/css/duration.css
Requested by
Host: payment.allopass.com
URL: https://payment.allopass.com/static/css/base.css?68
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
185.119.26.1 , France, ASN203544 (WEBDEVIIN-AS, FR),
Reverse DNS
1.26.119.185.in-addr.arpa
Software
Apache /
Resource Hash
b88598db6441341112078d3c81ea00ddf76e566ad9c68dcfec28a4d5100ca7b8

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://payment.allopass.com/static/css/base.css?68
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

Date
Fri, 01 Jul 2022 11:36:21 GMT
Content-Encoding
gzip
Last-Modified
Tue, 16 Nov 2021 13:36:55 GMT
Server
Apache
ETag
"21906-b61-5d0e804cbabc0"
Vary
Accept-Encoding
Content-Type
text/css
Connection
close
Accept-Ranges
bytes
Content-Length
793
analytics.js
www.google-analytics.com/ Frame 94A1 		49 KB
20 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/analytics.js
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-NHFGDSD
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:829::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
a1925038db769477ab74b4df34350c35688a795bb718727b0f4292a4a78a6210
Security Headers
Name Value
Strict-Transport-Security max-age=10886400; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://payment.allopass.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

strict-transport-security
max-age=10886400; includeSubDomains; preload
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Wed, 13 Apr 2022 21:02:38 GMT
server
Golfe2
age
1893
date
Fri, 01 Jul 2022 11:04:49 GMT
vary
Accept-Encoding
content-type
text/javascript
cache-control
public, max-age=7200
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
20006
expires
Fri, 01 Jul 2022 13:04:49 GMT
secure-lock.gif
payment.allopass.com/static/css/icons/ Frame 94A1 		181 B
418 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://payment.allopass.com/static/css/icons/secure-lock.gif
Requested by
Host: payment.allopass.com
URL: https://payment.allopass.com/static/css/base.css?68
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
185.119.26.1 , France, ASN203544 (WEBDEVIIN-AS, FR),
Reverse DNS
1.26.119.185.in-addr.arpa
Software
Apache /
Resource Hash
b74d93c2e43195ed06c03dcc855663cce5faec3d82a53598eb84f0714bb5ced9

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://payment.allopass.com/static/css/base.css?68
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

Date
Fri, 01 Jul 2022 11:36:22 GMT
Last-Modified
Tue, 16 Nov 2021 13:36:55 GMT
Server
Apache
ETag
"21948-b5-5d0e804cbabc0"
Content-Type
image/gif
Connection
close
Accept-Ranges
bytes
Content-Length
181
field.png
payment.allopass.com/static/css/images/ Frame 94A1 		170 B
407 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://payment.allopass.com/static/css/images/field.png
Requested by
Host: payment.allopass.com
URL: https://payment.allopass.com/static/css/base.css?68
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
185.119.26.1 , France, ASN203544 (WEBDEVIIN-AS, FR),
Reverse DNS
1.26.119.185.in-addr.arpa
Software
Apache /
Resource Hash
7ffb9e58d885b0eaf644c52103b65f0019590149c75e77ff18f826d9bb3fa4e9

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://payment.allopass.com/static/css/base.css?68
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

Date
Fri, 01 Jul 2022 11:36:22 GMT
Last-Modified
Tue, 16 Nov 2021 13:36:55 GMT
Server
Apache
ETag
"40fab-aa-5d0e804cbabc0"
Content-Type
image/png
Connection
close
Accept-Ranges
bytes
Content-Length
170
help.png
payment.allopass.com/static/css/images/ Frame 94A1 		461 B
699 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://payment.allopass.com/static/css/images/help.png
Requested by
Host: payment.allopass.com
URL: https://payment.allopass.com/static/css/base.css?68
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
185.119.26.1 , France, ASN203544 (WEBDEVIIN-AS, FR),
Reverse DNS
1.26.119.185.in-addr.arpa
Software
Apache /
Resource Hash
79452e5c582f43e083e42df62d0226040dba90c74b3378a1ae10e60e4f258698

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://payment.allopass.com/static/css/base.css?68
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

Date
Fri, 01 Jul 2022 11:36:22 GMT
Last-Modified
Tue, 16 Nov 2021 13:36:55 GMT
Server
Apache
ETag
"21749-1cd-5d0e804cbabc0"
Content-Type
image/png
Connection
close
Accept-Ranges
bytes
Content-Length
461
logo-mobiyo-small.png
payment.allopass.com/static/css/images/ Frame 94A1 		12 KB
12 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://payment.allopass.com/static/css/images/logo-mobiyo-small.png
Requested by
Host: payment.allopass.com
URL: https://payment.allopass.com/static/css/base.css?68
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
185.119.26.1 , France, ASN203544 (WEBDEVIIN-AS, FR),
Reverse DNS
1.26.119.185.in-addr.arpa
Software
Apache /
Resource Hash
56b137612eb9e7e11421f576f02d3ea90e604fd12ab5873e6ff90aa9101e28db

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://payment.allopass.com/static/css/base.css?68
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

Date
Fri, 01 Jul 2022 11:36:22 GMT
Last-Modified
Tue, 16 Nov 2021 13:36:55 GMT
Server
Apache
ETag
"21751-2e5e-5d0e804cbabc0"
Content-Type
image/png
Connection
close
Accept-Ranges
bytes
Content-Length
11870
carousel-row-mobiyo.png
payment.allopass.com/static/css/images/ Frame 94A1 		87 KB
87 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://payment.allopass.com/static/css/images/carousel-row-mobiyo.png
Requested by
Host: payment.allopass.com
URL: https://payment.allopass.com/static/css/carousel.css?68
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
185.119.26.1 , France, ASN203544 (WEBDEVIIN-AS, FR),
Reverse DNS
1.26.119.185.in-addr.arpa
Software
Apache /
Resource Hash
5b0231eec0d06b77f534fe202e99a40e89685551d6f1afdebc3c581e3ea76a0b

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://payment.allopass.com/static/css/carousel.css?68
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

Date
Fri, 01 Jul 2022 11:36:22 GMT
Last-Modified
Tue, 16 Nov 2021 13:36:55 GMT
Server
Apache
ETag
"40fa2-15a80-5d0e804cbabc0"
Content-Type
image/png
Connection
close
Accept-Ranges
bytes
Content-Length
88704
chk.php
gmu-apps.com/ Frame 94A1 		0
94 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://gmu-apps.com/chk.php
Requested by
Host: actiongain.fi4s.net
URL: http://actiongain.fi4s.net/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.52.238.226 San Jose, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-52-238-226.us-west-1.compute.amazonaws.com
Software
Apache /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://payment.allopass.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36
Content-Type
application/x-www-form-urlencoded

Response headers

access-control-allow-origin
*
date
Fri, 01 Jul 2022 11:36:23 GMT
server
Apache
content-length
0
content-type
text/html; charset=UTF-8

Verdicts & Comments Add Verdict or Comment

9 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| 0 object| 1 object| 2 object| oncontextlost object| oncontextrestored function| structuredClone object| launchQueue object| onbeforematch object| navigation

2 Cookies

Domain/Path Name / Value
payment.allopass.com/ Name: ShopSessionId
Value: 9e572994-2897-49ae-b32b-f172574b6232
.allopass.com/ Name: AP_CUSK
Value: 3575472804

1 Console Messages

Source Level URL
Text
network error URL: https://www.zeturf.fr/images/13d3c78.jpg?v337
Message:
Failed to load resource: the server responded with a status of 404 ()

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

4.bp.blogspot.com
actiongain.fi4s.net
gmu-apps.com
i.goopics.net
img.root-top.com
maxigainpmu.com
payment.allopass.com
script.starpass.fr
static.cloudflareinsights.com
www.google-analytics.com
www.googletagmanager.com
www.pronostic-facile.fr
www.zeturf.fr
185.119.26.1
194.0.255.28
2001:bc8:1200:1b01::1
2606:4700:3034::ac43:c8d8
2606:4700:3038::6815:ea1a
2606:4700:440e::ac40:9c1a
2a00:1450:4001:829::200e
2a00:1450:4001:82b::2001
2a00:1450:4001:831::2008
52.52.238.226
80.80.233.53
91.216.107.79
94.125.60.197
0283a9c622051b0f52b9e239243ee53045cfa8770dacbd9918a93ce1687b6da7
07725404a450462ea4a174b070540a200ec5a0d849e8045bd7dd4560c4b7d3bf
07cd5a4cad20604f77dced9c7d8a92ca9ae3321718e5a1935296e4d75f921a19
0aa467237e7a89f49a940e398015726442bc4519b7e24fe266d9358e448ecf4c
0f308a51a3d2e561656d9943258e7173a5611a9257301f8860545ec5f1b49500
104dafce825d22b501a2094b6e027c7ee2548056c79ec341923381d360bb83e2
16393c3e769e20445f7f78adf6a188dae9d932249842c1033dc2144bac1296ac
19322340e2475944fedf83d5b23d924b10c852a4c7bb91dc91079988d2a62ba9
1decf61f3465e4585a9a8cd868c343796bb6f43dfd1f03fa0b361dab97b4627c
28d1876a51384c03581030e21b9cf6a355046e161c815acd6850b8e2758a17ea
29ffbeca4b528b5d132a71037a6937bd4b0a2ac8a7f47934880d24df55496a39
2bd5b9d9aaef3add6341f50a95bfa7bd96fdf477f75f3359cb5fe143f4cdbc60
384c8c2d901082eaea218d5e823a419e423c429e294879ed95621d0f0f947919
46ae094badd5d08da912d04cca0fa10ed02295962158e5cab9a9409219513a56
479f01de8b15bd5a8b2054b10e725ad53b072eab1c724f307dffab024b1f4296
4fe0dd6ad8d0523eac3edec6ea4000f138bd9d59da425efc627d3f964fd4b7bb
56b137612eb9e7e11421f576f02d3ea90e604fd12ab5873e6ff90aa9101e28db
5b0231eec0d06b77f534fe202e99a40e89685551d6f1afdebc3c581e3ea76a0b
65e35c6ae1f74e16cbe663763323963eec7c6a22512042ab0758bd68151934a1
6f330d1ac2e5b233ced2797cf88dcd05c3866e8aeab51e374e9558fa2e7053ca
7047a1c38d5aa14077198535062c8294a3fadc721030cb5c3d154fc988a4a431
75dd4c06a2c439936b0d906fe91d007882736df7028c4ab0eeb53f38d0818be3
79452e5c582f43e083e42df62d0226040dba90c74b3378a1ae10e60e4f258698
7ffb9e58d885b0eaf644c52103b65f0019590149c75e77ff18f826d9bb3fa4e9
8472f9d617cded83788f70cfc5d2e94838833f36bcbf7357c66dfe1a063e8f94
8db08a66fc20669ae93e6d8e919f56a863ce77d3e1ea0bb97efc4c35da450435
a1925038db769477ab74b4df34350c35688a795bb718727b0f4292a4a78a6210
adfe383e215844ddafe2b7149d13c92118cc519a174bf6035494bab363034f4c
b74d93c2e43195ed06c03dcc855663cce5faec3d82a53598eb84f0714bb5ced9
b88598db6441341112078d3c81ea00ddf76e566ad9c68dcfec28a4d5100ca7b8
b9ae6807827a75820030a3577a4c3422caf19fc69602596b4210b3d3961d7f63
bcf55c1566becd0358f107fc855d8669ed2092a5670719c8239eb8fbbbe7601e
c0a130d7b90ac605b17acd40337aa673f2f6b1779801ba8ea7d894d38b87ba36
c12334f075c3ef7a6c6fd68e3e441221457c69d7e6629fbc74d38b57c267ccd6
c1893b3f02db32e36ee562842bc299d27c047656416c204667abf42f04777d2a
c5a628c08f520917ae7af4095cefad04a5b8ace5b9924d1c2bd7004f76debeca
c8370a2d050359e9d505acc411e6f457a49b21360a21e6cbc9229bad3a767899
cdca24fd19906ad7adbf066e55d3ee87750c3901e9b5d1beb538408274d32109
cf1cc11c728c992b102d06d1c56550ee351d7ee9e277a855ec63e7f675e3f495
d176bb09818fe74dc0e1d369c411c2e3ca68bbf64a8eb76b43ec306520229833
d5d637b14a2922180e58e902672af169a4f58b76fda5dcedfce9b2133c48d74b
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
ecb916133a9376911f10bc5c659952eb0031e457f5df367cde560edbfba38fb8
f6a89234431e852c9073464a185c1eec28649ef5c908584934f30ba8c6499664
faf063f091dd745b82f9aeb12544a10ef3ee5989078c1a90d377d863fff884c7
fd0a1ac929c11b08e819fe4b0a18c5574012c44f09de8987c6be99a0f055a505