Submitted URL: https://clubinho.xalingo.com.br/resources/marara/paiement/
Effective URL: https://clubinho.xalingo.com.br/resources/marara/paiement/app/user.php
Submission: On April 18 via manual from FR — Scanned from FR

Summary

This website contacted 2 IPs in 2 countries across 2 domains to perform 17 HTTP transactions. The main IP is 177.12.168.108, located in Curitiba, Brazil and belongs to Cyberweb Networks Ltda, BR. The main domain is clubinho.xalingo.com.br.
TLS certificate: Issued by RapidSSL TLS RSA CA G1 on May 8th 2023. Valid for: a year.
This is the only time clubinho.xalingo.com.br was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
2 5 177.12.168.108 28299 (Cyberweb ...)
14 2405:cc00:200... 9471 (ONATI-AS-...)
17 2
Apex Domain
Subdomains
Transfer
14 mararapaiement.pf
secure.mararapaiement.pf
1 MB
5 xalingo.com.br
clubinho.xalingo.com.br
13 KB
17 2
Domain Requested by
14 secure.mararapaiement.pf clubinho.xalingo.com.br
5 clubinho.xalingo.com.br 2 redirects secure.mararapaiement.pf
17 2

This site contains links to these domains. Also see Links.

Domain
www.mararapaiement.pf
Subject Issuer Validity Valid
clubinho.xalingo.com.br
RapidSSL TLS RSA CA G1
2023-05-08 -
2024-05-07
a year crt.sh
secure.mararapaiement.pf
Go Daddy Secure Certificate Authority - G2
2023-07-29 -
2024-07-28
a year crt.sh

This page contains 1 frames:

Primary Page: https://clubinho.xalingo.com.br/resources/marara/paiement/app/user.php
Frame ID: 49D574E1C2892A28F27E49D725422F0B
Requests: 17 HTTP requests in this frame

Screenshot

Page Title

Marara Paiement

Page URL History Show full URLs

  1. https://clubinho.xalingo.com.br/resources/marara/paiement/ HTTP 302
    https://clubinho.xalingo.com.br/resources/marara/paiement/app/index.php HTTP 302
    https://clubinho.xalingo.com.br/resources/marara/paiement/app/user.php Page URL

Detected technologies

Overall confidence: 100%
Detected patterns
  • \.php(?:$|\?)

Overall confidence: 100%
Detected patterns
  • <link[^>]* href=[^>]*?bootstrap(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)[^>]*?(?:\.min)?\.css
  • bootstrap(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)[^>]*?(?:\.min)?\.js

Overall confidence: 100%
Detected patterns
  • <link[^>]+href="[^>]*bootstrap-table(?:\.min)?\.css

Overall confidence: 100%
Detected patterns
  • jquery[.-]([\d.]*\d)[^/]*\.js
  • jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

Page Statistics

17
Requests

100 %
HTTPS

50 %
IPv6

2
Domains

2
Subdomains

2
IPs

2
Countries

1249 kB
Transfer

1474 kB
Size

1
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. https://clubinho.xalingo.com.br/resources/marara/paiement/ HTTP 302
    https://clubinho.xalingo.com.br/resources/marara/paiement/app/index.php HTTP 302
    https://clubinho.xalingo.com.br/resources/marara/paiement/app/user.php Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

17 HTTP transactions

Resource
Path
Size
x-fer
Type
MIME-Type
Primary Request user.php
clubinho.xalingo.com.br/resources/marara/paiement/app/
Redirect Chain
  • https://clubinho.xalingo.com.br/resources/marara/paiement/
  • https://clubinho.xalingo.com.br/resources/marara/paiement/app/index.php
  • https://clubinho.xalingo.com.br/resources/marara/paiement/app/user.php
12 KB
12 KB
Document
General
Full URL
https://clubinho.xalingo.com.br/resources/marara/paiement/app/user.php
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
177.12.168.108 Curitiba, Brazil, ASN28299 (Cyberweb Networks Ltda, BR),
Reverse DNS
web-ded-349155a.kinghost.net
Software
Apache /
Resource Hash
e24261371cecac4fcc4f8d7edeeebd544e760ea85ab1373f841e4037793a9b33

Request headers

Accept-Language
fr-FR,fr;q=0.9;q=0.9
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
sec-ch-ua-mobile
?0
sec-ch-ua-platform
"Win32"

Response headers

cache-control
no-store, no-cache, must-revalidate
content-type
text/html; charset=iso-8859-1
date
Thu, 18 Apr 2024 20:31:26 GMT
expires
Thu, 19 Nov 1981 08:52:00 GMT
pragma
no-cache
server
Apache

Redirect headers

content-length
0
content-type
text/html; charset=iso-8859-1
date
Thu, 18 Apr 2024 20:31:26 GMT
location
user.php
server
Apache
bootstrap.min.css
secure.mararapaiement.pf/static/bootstrap-4.3.1-dist/css/
152 KB
24 KB
Stylesheet
General
Full URL
https://secure.mararapaiement.pf/static/bootstrap-4.3.1-dist/css/bootstrap.min.css
Requested by
Host: clubinho.xalingo.com.br
URL: https://clubinho.xalingo.com.br/resources/marara/paiement/app/user.php
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2405:cc00:2000:100:202:3:238:85 , French Polynesia, ASN9471 (ONATI-AS-AP ONATI, PF),
Reverse DNS
Software
nginx /
Resource Hash
60b19e5da6a9234ff9220668a5ec1125c157a268513256188ee80f2d2c8d8d36
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 1; mode=block

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://clubinho.xalingo.com.br/
Accept-Language
fr-FR,fr;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Thu, 18 Apr 2024 20:31:29 GMT
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Fri, 12 Apr 2024 00:28:17 GMT
server
nginx
x-frame-options
DENY
content-security-policy-report-only
default-src 'none'; connect-src 'self'; script-src 'self' 'report-sample'; font-src 'self' fonts.gstatic.com; img-src 'self' fonts.gstatic.com data: https:; style-src 'self' 'unsafe-inline' 'report-sample';base-uri 'self';form-action 'self' https://secure.mararapaiement.pf;report-uri https://report-uri.opt.pf/api/40/security/?sentry_key=24611d78f03a440a8e7a6f60cecba030&sentry_environment=secure.mararapaiement.pf
content-type
text/css; charset=UTF-8
cache-control
max-age=3600
x-xss-protection
1; mode=block
expires
Thu, 18 Apr 2024 21:31:29 GMT
bootstrap-table.min.css
secure.mararapaiement.pf/static/bootstrap-table-1.15.5/
9 KB
3 KB
Stylesheet
General
Full URL
https://secure.mararapaiement.pf/static/bootstrap-table-1.15.5/bootstrap-table.min.css
Requested by
Host: clubinho.xalingo.com.br
URL: https://clubinho.xalingo.com.br/resources/marara/paiement/app/user.php
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2405:cc00:2000:100:202:3:238:85 , French Polynesia, ASN9471 (ONATI-AS-AP ONATI, PF),
Reverse DNS
Software
nginx /
Resource Hash
a24f774cf02714869b9141992756b753ec53c862b52083f5fc5a5ab8020a128e
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 1; mode=block

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://clubinho.xalingo.com.br/
Accept-Language
fr-FR,fr;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Thu, 18 Apr 2024 20:31:29 GMT
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Fri, 12 Apr 2024 00:28:17 GMT
server
nginx
x-frame-options
DENY
content-security-policy-report-only
default-src 'none'; connect-src 'self'; script-src 'self' 'report-sample'; font-src 'self' fonts.gstatic.com; img-src 'self' fonts.gstatic.com data: https:; style-src 'self' 'unsafe-inline' 'report-sample';base-uri 'self';form-action 'self' https://secure.mararapaiement.pf;report-uri https://report-uri.opt.pf/api/40/security/?sentry_key=24611d78f03a440a8e7a6f60cecba030&sentry_environment=secure.mararapaiement.pf
content-type
text/css; charset=UTF-8
cache-control
max-age=3600
x-xss-protection
1; mode=block
expires
Thu, 18 Apr 2024 21:31:29 GMT
marara_paiment-236x115.jpg
secure.mararapaiement.pf/static/img/
35 KB
35 KB
Image
General
Full URL
https://secure.mararapaiement.pf/static/img/marara_paiment-236x115.jpg
Requested by
Host: clubinho.xalingo.com.br
URL: https://clubinho.xalingo.com.br/resources/marara/paiement/app/user.php
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2405:cc00:2000:100:202:3:238:85 , French Polynesia, ASN9471 (ONATI-AS-AP ONATI, PF),
Reverse DNS
Software
nginx /
Resource Hash
894906804db202ce73339f3272bcbd9ddb9ee46b54a44c15a68d6f1f20d590d9
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 1; mode=block

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://clubinho.xalingo.com.br/
Accept-Language
fr-FR,fr;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Thu, 18 Apr 2024 20:31:29 GMT
x-content-type-options
nosniff
last-modified
Fri, 12 Apr 2024 00:28:17 GMT
server
nginx
x-frame-options
DENY
content-security-policy-report-only
default-src 'none'; connect-src 'self'; script-src 'self' 'report-sample'; font-src 'self' fonts.gstatic.com; img-src 'self' fonts.gstatic.com data: https:; style-src 'self' 'unsafe-inline' 'report-sample';base-uri 'self';form-action 'self' https://secure.mararapaiement.pf;report-uri https://report-uri.opt.pf/api/40/security/?sentry_key=24611d78f03a440a8e7a6f60cecba030&sentry_environment=secure.mararapaiement.pf
content-type
image/jpeg
cache-control
max-age=3600
content-length
35588
x-xss-protection
1; mode=block
expires
Thu, 18 Apr 2024 21:31:29 GMT
question-circle.png
secure.mararapaiement.pf/static/img/
1 KB
2 KB
Image
General
Full URL
https://secure.mararapaiement.pf/static/img/question-circle.png
Requested by
Host: clubinho.xalingo.com.br
URL: https://clubinho.xalingo.com.br/resources/marara/paiement/app/user.php
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2405:cc00:2000:100:202:3:238:85 , French Polynesia, ASN9471 (ONATI-AS-AP ONATI, PF),
Reverse DNS
Software
nginx /
Resource Hash
63a545f566fc8bdc8788f2e2d7a9b575678e71e6ecae15a7a441a0a166967116
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 1; mode=block

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://clubinho.xalingo.com.br/
Accept-Language
fr-FR,fr;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Thu, 18 Apr 2024 20:31:29 GMT
x-content-type-options
nosniff
last-modified
Fri, 12 Apr 2024 00:28:17 GMT
server
nginx
x-frame-options
DENY
content-security-policy-report-only
default-src 'none'; connect-src 'self'; script-src 'self' 'report-sample'; font-src 'self' fonts.gstatic.com; img-src 'self' fonts.gstatic.com data: https:; style-src 'self' 'unsafe-inline' 'report-sample';base-uri 'self';form-action 'self' https://secure.mararapaiement.pf;report-uri https://report-uri.opt.pf/api/40/security/?sentry_key=24611d78f03a440a8e7a6f60cecba030&sentry_environment=secure.mararapaiement.pf
content-type
image/png
cache-control
max-age=3600
content-length
1483
x-xss-protection
1; mode=block
expires
Thu, 18 Apr 2024 21:31:29 GMT
globe-light.png
secure.mararapaiement.pf/static/img/
512 B
1 KB
Image
General
Full URL
https://secure.mararapaiement.pf/static/img/globe-light.png
Requested by
Host: clubinho.xalingo.com.br
URL: https://clubinho.xalingo.com.br/resources/marara/paiement/app/user.php
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2405:cc00:2000:100:202:3:238:85 , French Polynesia, ASN9471 (ONATI-AS-AP ONATI, PF),
Reverse DNS
Software
nginx /
Resource Hash
b0ddbcd377adf86e713bad514cb54d8fbd5f7acc735640c1fa06ef26e33d9703
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 1; mode=block

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://clubinho.xalingo.com.br/
Accept-Language
fr-FR,fr;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Thu, 18 Apr 2024 20:31:29 GMT
x-content-type-options
nosniff
last-modified
Fri, 12 Apr 2024 00:28:17 GMT
server
nginx
x-frame-options
DENY
content-security-policy-report-only
default-src 'none'; connect-src 'self'; script-src 'self' 'report-sample'; font-src 'self' fonts.gstatic.com; img-src 'self' fonts.gstatic.com data: https:; style-src 'self' 'unsafe-inline' 'report-sample';base-uri 'self';form-action 'self' https://secure.mararapaiement.pf;report-uri https://report-uri.opt.pf/api/40/security/?sentry_key=24611d78f03a440a8e7a6f60cecba030&sentry_environment=secure.mararapaiement.pf
content-type
image/png
cache-control
max-age=3600
content-length
512
x-xss-protection
1; mode=block
expires
Thu, 18 Apr 2024 21:31:29 GMT
lock-alt-regular.png
secure.mararapaiement.pf/static/img/
323 B
875 B
Image
General
Full URL
https://secure.mararapaiement.pf/static/img/lock-alt-regular.png
Requested by
Host: clubinho.xalingo.com.br
URL: https://clubinho.xalingo.com.br/resources/marara/paiement/app/user.php
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2405:cc00:2000:100:202:3:238:85 , French Polynesia, ASN9471 (ONATI-AS-AP ONATI, PF),
Reverse DNS
Software
nginx /
Resource Hash
845b274ef1bed86e5cf6f459f0aaa54b52255cc96d38dcfd4492cd915f5dd4cd
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 1; mode=block

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://clubinho.xalingo.com.br/
Accept-Language
fr-FR,fr;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Thu, 18 Apr 2024 20:31:29 GMT
x-content-type-options
nosniff
last-modified
Fri, 12 Apr 2024 00:28:17 GMT
server
nginx
x-frame-options
DENY
content-security-policy-report-only
default-src 'none'; connect-src 'self'; script-src 'self' 'report-sample'; font-src 'self' fonts.gstatic.com; img-src 'self' fonts.gstatic.com data: https:; style-src 'self' 'unsafe-inline' 'report-sample';base-uri 'self';form-action 'self' https://secure.mararapaiement.pf;report-uri https://report-uri.opt.pf/api/40/security/?sentry_key=24611d78f03a440a8e7a6f60cecba030&sentry_environment=secure.mararapaiement.pf
content-type
image/png
cache-control
max-age=3600
content-length
323
x-xss-protection
1; mode=block
expires
Thu, 18 Apr 2024 21:31:29 GMT
logos_mobile.png
secure.mararapaiement.pf/static/img/
28 KB
28 KB
Image
General
Full URL
https://secure.mararapaiement.pf/static/img/logos_mobile.png
Requested by
Host: clubinho.xalingo.com.br
URL: https://clubinho.xalingo.com.br/resources/marara/paiement/app/user.php
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2405:cc00:2000:100:202:3:238:85 , French Polynesia, ASN9471 (ONATI-AS-AP ONATI, PF),
Reverse DNS
Software
nginx /
Resource Hash
0756de1ed424638378e0a7181147b63a537b680f508ef91eeca7343696fd8782
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 1; mode=block

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://clubinho.xalingo.com.br/
Accept-Language
fr-FR,fr;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Thu, 18 Apr 2024 20:31:29 GMT
x-content-type-options
nosniff
last-modified
Fri, 12 Apr 2024 00:28:17 GMT
server
nginx
x-frame-options
DENY
content-security-policy-report-only
default-src 'none'; connect-src 'self'; script-src 'self' 'report-sample'; font-src 'self' fonts.gstatic.com; img-src 'self' fonts.gstatic.com data: https:; style-src 'self' 'unsafe-inline' 'report-sample';base-uri 'self';form-action 'self' https://secure.mararapaiement.pf;report-uri https://report-uri.opt.pf/api/40/security/?sentry_key=24611d78f03a440a8e7a6f60cecba030&sentry_environment=secure.mararapaiement.pf
content-type
image/png
cache-control
max-age=3600
content-length
28510
x-xss-protection
1; mode=block
expires
Thu, 18 Apr 2024 21:31:29 GMT
un.png
secure.mararapaiement.pf/static/img/
5 KB
5 KB
Image
General
Full URL
https://secure.mararapaiement.pf/static/img/un.png
Requested by
Host: clubinho.xalingo.com.br
URL: https://clubinho.xalingo.com.br/resources/marara/paiement/app/user.php
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2405:cc00:2000:100:202:3:238:85 , French Polynesia, ASN9471 (ONATI-AS-AP ONATI, PF),
Reverse DNS
Software
nginx /
Resource Hash
dfecedc7150fdb7a8c3c69f47da56ac1d21527af35343e17bea3fc96190f609e
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 1; mode=block

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://clubinho.xalingo.com.br/
Accept-Language
fr-FR,fr;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Thu, 18 Apr 2024 20:31:29 GMT
x-content-type-options
nosniff
last-modified
Fri, 12 Apr 2024 00:28:17 GMT
server
nginx
x-frame-options
DENY
content-security-policy-report-only
default-src 'none'; connect-src 'self'; script-src 'self' 'report-sample'; font-src 'self' fonts.gstatic.com; img-src 'self' fonts.gstatic.com data: https:; style-src 'self' 'unsafe-inline' 'report-sample';base-uri 'self';form-action 'self' https://secure.mararapaiement.pf;report-uri https://report-uri.opt.pf/api/40/security/?sentry_key=24611d78f03a440a8e7a6f60cecba030&sentry_environment=secure.mararapaiement.pf
content-type
image/png
cache-control
max-age=3600
content-length
4782
x-xss-protection
1; mode=block
expires
Thu, 18 Apr 2024 21:31:29 GMT
deux.png
secure.mararapaiement.pf/static/img/
8 KB
9 KB
Image
General
Full URL
https://secure.mararapaiement.pf/static/img/deux.png
Requested by
Host: clubinho.xalingo.com.br
URL: https://clubinho.xalingo.com.br/resources/marara/paiement/app/user.php
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2405:cc00:2000:100:202:3:238:85 , French Polynesia, ASN9471 (ONATI-AS-AP ONATI, PF),
Reverse DNS
Software
nginx /
Resource Hash
126a659b7a65ee727b932a4125e3167142a7b62791a05135d5f77bef77d39fe2
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 1; mode=block

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://clubinho.xalingo.com.br/
Accept-Language
fr-FR,fr;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Thu, 18 Apr 2024 20:31:29 GMT
x-content-type-options
nosniff
last-modified
Fri, 12 Apr 2024 00:28:17 GMT
server
nginx
x-frame-options
DENY
content-security-policy-report-only
default-src 'none'; connect-src 'self'; script-src 'self' 'report-sample'; font-src 'self' fonts.gstatic.com; img-src 'self' fonts.gstatic.com data: https:; style-src 'self' 'unsafe-inline' 'report-sample';base-uri 'self';form-action 'self' https://secure.mararapaiement.pf;report-uri https://report-uri.opt.pf/api/40/security/?sentry_key=24611d78f03a440a8e7a6f60cecba030&sentry_environment=secure.mararapaiement.pf
content-type
image/png
cache-control
max-age=3600
content-length
8470
x-xss-protection
1; mode=block
expires
Thu, 18 Apr 2024 21:31:29 GMT
jquery-3.4.1.min.js
secure.mararapaiement.pf/static/js/
86 KB
31 KB
Script
General
Full URL
https://secure.mararapaiement.pf/static/js/jquery-3.4.1.min.js
Requested by
Host: clubinho.xalingo.com.br
URL: https://clubinho.xalingo.com.br/resources/marara/paiement/app/user.php
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2405:cc00:2000:100:202:3:238:85 , French Polynesia, ASN9471 (ONATI-AS-AP ONATI, PF),
Reverse DNS
Software
nginx /
Resource Hash
0925e8ad7bd971391a8b1e98be8e87a6971919eb5b60c196485941c3c1df089a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 1; mode=block

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://clubinho.xalingo.com.br/
Accept-Language
fr-FR,fr;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Thu, 18 Apr 2024 20:31:29 GMT
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Fri, 12 Apr 2024 00:28:17 GMT
server
nginx
x-frame-options
DENY
content-security-policy-report-only
default-src 'none'; connect-src 'self'; script-src 'self' 'report-sample'; font-src 'self' fonts.gstatic.com; img-src 'self' fonts.gstatic.com data: https:; style-src 'self' 'unsafe-inline' 'report-sample';base-uri 'self';form-action 'self' https://secure.mararapaiement.pf;report-uri https://report-uri.opt.pf/api/40/security/?sentry_key=24611d78f03a440a8e7a6f60cecba030&sentry_environment=secure.mararapaiement.pf
content-type
application/javascript
cache-control
max-age=3600
x-xss-protection
1; mode=block
expires
Thu, 18 Apr 2024 21:31:29 GMT
bootstrap.min.js
secure.mararapaiement.pf/static/bootstrap-4.3.1-dist/js/
57 KB
16 KB
Script
General
Full URL
https://secure.mararapaiement.pf/static/bootstrap-4.3.1-dist/js/bootstrap.min.js
Requested by
Host: clubinho.xalingo.com.br
URL: https://clubinho.xalingo.com.br/resources/marara/paiement/app/user.php
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2405:cc00:2000:100:202:3:238:85 , French Polynesia, ASN9471 (ONATI-AS-AP ONATI, PF),
Reverse DNS
Software
nginx /
Resource Hash
0a34a87842c539c1f4feec56bba982fd596b73500046a6e6fe38a22260c6577b
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 1; mode=block

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://clubinho.xalingo.com.br/
Accept-Language
fr-FR,fr;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Thu, 18 Apr 2024 20:31:29 GMT
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Fri, 12 Apr 2024 00:28:17 GMT
server
nginx
x-frame-options
DENY
content-security-policy-report-only
default-src 'none'; connect-src 'self'; script-src 'self' 'report-sample'; font-src 'self' fonts.gstatic.com; img-src 'self' fonts.gstatic.com data: https:; style-src 'self' 'unsafe-inline' 'report-sample';base-uri 'self';form-action 'self' https://secure.mararapaiement.pf;report-uri https://report-uri.opt.pf/api/40/security/?sentry_key=24611d78f03a440a8e7a6f60cecba030&sentry_environment=secure.mararapaiement.pf
content-type
application/javascript
cache-control
max-age=3600
x-xss-protection
1; mode=block
expires
Thu, 18 Apr 2024 21:31:29 GMT
13-01-OPT-19918.jpg
secure.mararapaiement.pf/static/img/
1 MB
1 MB
Image
General
Full URL
https://secure.mararapaiement.pf/static/img/13-01-OPT-19918.jpg
Requested by
Host: clubinho.xalingo.com.br
URL: https://clubinho.xalingo.com.br/resources/marara/paiement/app/user.php
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2405:cc00:2000:100:202:3:238:85 , French Polynesia, ASN9471 (ONATI-AS-AP ONATI, PF),
Reverse DNS
Software
nginx /
Resource Hash
f324d92c2ed329478dc774a727a056eee97ee7dcc6a88075a5c9dac2ae5284a7
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 1; mode=block

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://clubinho.xalingo.com.br/
Accept-Language
fr-FR,fr;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Thu, 18 Apr 2024 20:31:30 GMT
x-content-type-options
nosniff
last-modified
Fri, 12 Apr 2024 00:28:17 GMT
server
nginx
x-frame-options
DENY
content-security-policy-report-only
default-src 'none'; connect-src 'self'; script-src 'self' 'report-sample'; font-src 'self' fonts.gstatic.com; img-src 'self' fonts.gstatic.com data: https:; style-src 'self' 'unsafe-inline' 'report-sample';base-uri 'self';form-action 'self' https://secure.mararapaiement.pf;report-uri https://report-uri.opt.pf/api/40/security/?sentry_key=24611d78f03a440a8e7a6f60cecba030&sentry_environment=secure.mararapaiement.pf
content-type
image/jpeg
cache-control
max-age=3600
content-length
1105027
x-xss-protection
1; mode=block
expires
Thu, 18 Apr 2024 21:31:30 GMT
favicon3.png
secure.mararapaiement.pf/static/img/
818 B
1 KB
Other
General
Full URL
https://secure.mararapaiement.pf/static/img/favicon3.png
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2405:cc00:2000:100:202:3:238:85 , French Polynesia, ASN9471 (ONATI-AS-AP ONATI, PF),
Reverse DNS
Software
nginx /
Resource Hash
f9215fa66a9496b2a7316bb027951147348ee7fdd5bef27b4107701ef20638c4
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 1; mode=block

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://clubinho.xalingo.com.br/
Accept-Language
fr-FR,fr;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Thu, 18 Apr 2024 20:31:31 GMT
x-content-type-options
nosniff
last-modified
Fri, 12 Apr 2024 00:28:17 GMT
server
nginx
x-frame-options
DENY
content-security-policy-report-only
default-src 'none'; connect-src 'self'; script-src 'self' 'report-sample'; font-src 'self' fonts.gstatic.com; img-src 'self' fonts.gstatic.com data: https:; style-src 'self' 'unsafe-inline' 'report-sample';base-uri 'self';form-action 'self' https://secure.mararapaiement.pf;report-uri https://report-uri.opt.pf/api/40/security/?sentry_key=24611d78f03a440a8e7a6f60cecba030&sentry_environment=secure.mararapaiement.pf
content-type
image/png
cache-control
max-age=3600
content-length
818
x-xss-protection
1; mode=block
expires
Thu, 18 Apr 2024 21:31:31 GMT
favicon3.png
secure.mararapaiement.pf/static/img/
818 B
0
Other
General
Full URL
https://secure.mararapaiement.pf/static/img/favicon3.png
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2405:cc00:2000:100:202:3:238:85 , French Polynesia, ASN9471 (ONATI-AS-AP ONATI, PF),
Reverse DNS
Software
nginx /
Resource Hash
f9215fa66a9496b2a7316bb027951147348ee7fdd5bef27b4107701ef20638c4
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 1; mode=block

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://clubinho.xalingo.com.br/
Accept-Language
fr-FR,fr;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Thu, 18 Apr 2024 20:31:31 GMT
x-content-type-options
nosniff
last-modified
Fri, 12 Apr 2024 00:28:17 GMT
server
nginx
x-frame-options
DENY
content-security-policy-report-only
default-src 'none'; connect-src 'self'; script-src 'self' 'report-sample'; font-src 'self' fonts.gstatic.com; img-src 'self' fonts.gstatic.com data: https:; style-src 'self' 'unsafe-inline' 'report-sample';base-uri 'self';form-action 'self' https://secure.mararapaiement.pf;report-uri https://report-uri.opt.pf/api/40/security/?sentry_key=24611d78f03a440a8e7a6f60cecba030&sentry_environment=secure.mararapaiement.pf
content-type
image/png
cache-control
max-age=3600
content-length
818
x-xss-protection
1; mode=block
expires
Thu, 18 Apr 2024 21:31:31 GMT
fetch.php
clubinho.xalingo.com.br/resources/marara/paiement/panel/
1 B
86 B
XHR
General
Full URL
https://clubinho.xalingo.com.br/resources/marara/paiement/panel/fetch.php
Requested by
Host: secure.mararapaiement.pf
URL: https://secure.mararapaiement.pf/static/js/jquery-3.4.1.min.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
177.12.168.108 Curitiba, Brazil, ASN28299 (Cyberweb Networks Ltda, BR),
Reverse DNS
web-ded-349155a.kinghost.net
Software
Apache /
Resource Hash
5feceb66ffc86f38d952786c6d696c79c2dbc239dd4e91b46729d73a27fb57e9

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Accept-Language
fr-FR,fr;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
Content-Type
application/x-www-form-urlencoded; charset=UTF-8
Accept
*/*
Referer
https://clubinho.xalingo.com.br/resources/marara/paiement/app/user.php
X-Requested-With
XMLHttpRequest
sec-ch-ua-platform
"Win32"

Response headers

content-type
text/html; charset=iso-8859-1
date
Thu, 18 Apr 2024 20:31:33 GMT
server
Apache
fetch.php
clubinho.xalingo.com.br/resources/marara/paiement/panel/
1 B
46 B
XHR
General
Full URL
https://clubinho.xalingo.com.br/resources/marara/paiement/panel/fetch.php
Requested by
Host: secure.mararapaiement.pf
URL: https://secure.mararapaiement.pf/static/js/jquery-3.4.1.min.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
177.12.168.108 Curitiba, Brazil, ASN28299 (Cyberweb Networks Ltda, BR),
Reverse DNS
web-ded-349155a.kinghost.net
Software
Apache /
Resource Hash
5feceb66ffc86f38d952786c6d696c79c2dbc239dd4e91b46729d73a27fb57e9

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Accept-Language
fr-FR,fr;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
Content-Type
application/x-www-form-urlencoded; charset=UTF-8
Accept
*/*
Referer
https://clubinho.xalingo.com.br/resources/marara/paiement/app/user.php
X-Requested-With
XMLHttpRequest
sec-ch-ua-platform
"Win32"

Response headers

content-type
text/html; charset=iso-8859-1
date
Thu, 18 Apr 2024 20:31:34 GMT
server
Apache

Verdicts & Comments Add Verdict or Comment

4 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

function| $ function| jQuery object| bootstrap string| cd

1 Cookies

Domain/Path Name / Value
clubinho.xalingo.com.br/ Name: PHPSESSID
Value: 70b578f4bf04a367a7dde3bd51f626ed

1 Console Messages

Source Level URL
Text
recommendation verbose URL: https://clubinho.xalingo.com.br/resources/marara/paiement/app/user.php
Message:
[DOM] Input elements should have autocomplete attributes (suggested: "current-password"): (More info: https://goo.gl/9p2vKq) %o