urlscan.io logo urlscan.io
SecurityTrails logo

www.pmuparfait.ht.cx Open in urlscan Pro
5.135.149.81  Public Scan

Go To Rescan Add Verdict Report
URL: http://www.pmuparfait.ht.cx/
Submission: On March 22 via manual from BF — Scanned from FR
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 10 IPs in 4 countries across 12 domains to perform 54 HTTP transactions. The main IP is 5.135.149.81, located in France and belongs to OVH, FR. The main domain is www.pmuparfait.ht.cx.
This is the only time www.pmuparfait.ht.cx was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
10 5.135.149.81 16276 (OVH)
7 194.150.236.179 44976 (HIWIT_AS)
6 2a00:1450:400... 15169 (GOOGLE)
1 194.150.236.236 44976 (HIWIT_AS)
19 185.119.26.1 203544 (WEBDEVIIN-AS)
1 1 2a02:26f0:470... 20940 (AKAMAI-ASN1)
1 2a02:26f0:470... 20940 (AKAMAI-ASN1)
2 54.67.110.253 16509 (AMAZON-02)
2 2a00:1450:400... 15169 (GOOGLE)
3 2a00:1450:400... 15169 (GOOGLE)
54 10
10    5.135.149.81 (France)

ASN16276 (OVH, FR)
PTR: web3.venez.net
www.pmuparfait.ht.cx
www.venez.fr
7    194.150.236.179 (France)

ASN44976 (HIWIT_AS, FR)
PTR: ns19.hiwit.net
www.bazireturf.com
6    2a00:1450:4001:830::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
pagead2.googlesyndication.com
1    194.150.236.236 (France)

ASN44976 (HIWIT_AS, FR)
PTR: ns76.hiwit.net
www.tresorturf.com
19    185.119.26.1 (France)

ASN203544 (WEBDEVIIN-AS, FR)
PTR: 1.26.119.185.in-addr.arpa
payment.allopass.com
1    2a02:26f0:4700::210:229 (Prague, Czech Republic)

ASN20940 (AKAMAI-ASN1, NL)
www.lexpress.fr
1    2a02:26f0:4700::210:222 (Prague, Czech Republic)

ASN20940 (AKAMAI-ASN1, NL)
www.lexpress.fr
2    54.67.110.253 (San Jose, United States)

ASN16509 (AMAZON-02, US)
PTR: ec2-54-67-110-253.us-west-1.compute.amazonaws.com
gmu-apps.com
2    2a00:1450:4001:806::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.googletagmanager.com
3    2a00:1450:4001:80e::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
tpc.googlesyndication.com
Apex Domain
Subdomains		 Transfer
19 allopass.com
payment.allopass.com
398 KB
9 googlesyndication.com
pagead2.googlesyndication.com — Cisco Umbrella Rank: 143
tpc.googlesyndication.com — Cisco Umbrella Rank: 204
232 KB
7 venez.fr
www.venez.fr
9 KB
7 bazireturf.com
www.bazireturf.com
207 KB
3 ht.cx
www.pmuparfait.ht.cx
3 KB
2 googletagmanager.com
www.googletagmanager.com — Cisco Umbrella Rank: 114
164 KB
2 gmu-apps.com
gmu-apps.com
6 KB
2 lexpress.fr
www.lexpress.fr — Cisco Umbrella Rank: 490370
438 B
1 tresorturf.com
www.tresorturf.com
7 KB
0 pariturf.info Failed
www.pariturf.info Failed
0 genhit.com Failed
jmbazire.genhit.com Failed
0 duvaldestin.com Failed
www.duvaldestin.com Failed
54 12
Domain Requested by
19 payment.allopass.com www.bazireturf.com
payment.allopass.com
7 www.venez.fr www.pmuparfait.ht.cx
www.venez.fr
7 www.bazireturf.com www.pmuparfait.ht.cx
www.bazireturf.com
6 pagead2.googlesyndication.com www.pmuparfait.ht.cx
pagead2.googlesyndication.com
tpc.googlesyndication.com
3 tpc.googlesyndication.com pagead2.googlesyndication.com
tpc.googlesyndication.com
www.pmuparfait.ht.cx
3 www.pmuparfait.ht.cx www.pmuparfait.ht.cx
2 www.googletagmanager.com payment.allopass.com
www.googletagmanager.com
2 gmu-apps.com payment.allopass.com
www.pmuparfait.ht.cx
2 www.lexpress.fr 1 redirects www.bazireturf.com
1 www.tresorturf.com www.bazireturf.com
0 www.pariturf.info Failed www.bazireturf.com
0 jmbazire.genhit.com Failed www.bazireturf.com
0 www.duvaldestin.com Failed www.bazireturf.com
54 13

This site contains no links.

Subject Issuer Validity Valid
venez.fr
R3		 2024-02-26 -
2024-05-26		 3 months crt.sh
*.allopass.com
Sectigo RSA Domain Validation Secure Server CA		 2023-10-06 -
2024-10-07		 a year crt.sh
*.g.doubleclick.net
GTS CA 1C3		 2024-02-26 -
2024-05-20		 3 months crt.sh
gmu-apps.com
Amazon RSA 2048 M02		 2023-12-02 -
2024-12-30		 a year crt.sh
*.google-analytics.com
GTS CA 1C3		 2024-02-26 -
2024-05-20		 3 months crt.sh
tpc.googlesyndication.com
GTS CA 1C3		 2024-02-26 -
2024-05-20		 3 months crt.sh

This page contains 8 frames:

Primary Page: http://www.pmuparfait.ht.cx/
Frame ID: A10E154ADBDAAC1461BF71CCF7496EEF
Requests: 1 HTTP requests in this frame

Frame: http://www.pmuparfait.ht.cx/barre-pmuparfait.ht.cx.html
Frame ID: DB726ED25A2F557DC406911C035E044D
Requests: 9 HTTP requests in this frame

Frame: http://www.bazireturf.com/turf/pmuparfait/
Frame ID: C03F4E885255542282797FA3018BC38B
Requests: 12 HTTP requests in this frame

Frame: http://www.pmuparfait.ht.cx/stats-pmuparfait.ht.cx.html
Frame ID: 48A138EBDE136972F9BD4CDD1EC54FA4
Requests: 1 HTTP requests in this frame

Frame: https://payment.allopass.com/buy/buy.apu?ids=321957&idd=1407670
Frame ID: F2392A056BE7D045297BA36599794795
Requests: 23 HTTP requests in this frame

Frame: https://www.venez.fr/alternate-barre.htm
Frame ID: 532099AFCD1ECDBFBCEF5DE83AA57E22
Requests: 4 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/pagead/ads?ltd_cs=1&client=ca-pub-5203714787387788&output=html&h=90&slotname=4563536207&adk=2647235303&adf=3604715433&pi=t.ma~as.4563536207&w=970&format=970x90&url=http%3A%2F%2Fwww.pmuparfait.ht.cx%2F&wgl=1&dt=1711098927643&bpp=4&bdt=343&idt=222&shv=r20240320&mjsv=m202403180101&ptt=9&saldr=aa&correlator=1239810798091&frm=23&ife=1&pv=2&ga_vid=2140338823.1711098928&ga_sid=1711098928&ga_hid=1866254090&ga_fc=0&nhd=1&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&adx=20&ady=0&biw=1600&bih=1200&isw=1600&ish=90&ifk=4110708187&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759842%2C31081575%2C31081794%2C44795922%2C95322329%2C95322399&oid=2&pvsid=2667476507156639&tmod=177675421&uas=0&nvt=1&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C90&vis=1&rsz=o%7Co%7CaeE%7C&abl=NA&pfx=0&fu=4&bc=23&bz=1&ifi=1&uci=1.jrs1ttdo6cl9&fsb=1&dtd=239
Frame ID: 602A9B45A85BAE9B4C0AF7595E7CB0D6
Requests: 1 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Frame ID: D03309C843664D729E09AC6F035F8106
Requests: 3 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page Title

PMUPARFAIT

Detected technologies

Overall confidence: 100%
Detected patterns
  • fingerprint(\d)?(?:\.min)?\.js
Overall confidence: 100%
Detected patterns
  • googlesyndication\.com/
Overall confidence: 100%
Detected patterns
  • googletagmanager\.com/gtm\.js
Overall confidence: 100%
Detected patterns
  • jquery[.-]([\d.]*\d)[^/]*\.js
  • jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

Page Statistics

54
Requests

70 %
HTTPS

50 %
IPv6

12
Domains

13
Subdomains

10
IPs

4
Countries

1027 kB
Transfer

2067 kB
Size

3
Cookies

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 13
  • http://www.lexpress.fr/pictures/483/247546_des-billets-de-banque-de-500-200-et-100-euros.jpg HTTP 301
  • https://www.lexpress.fr/pictures/483/247546_des-billets-de-banque-de-500-200-et-100-euros.jpg

54 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Primary Request /
www.pmuparfait.ht.cx/ 		3 KB
1 KB 		Document
General
Check archive.org
Download Go to
Full URL
http://www.pmuparfait.ht.cx/
Protocol
HTTP/1.1
Server
5.135.149.81 , France, ASN16276 (OVH, FR),
Reverse DNS
web3.venez.net
Software
Apache /
Resource Hash
fbb07cf3a933eee4f565c96c916479bfcf2b1e93edce9063528de331118d0303

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36
accept-language
fr-FR,fr;q=0.9

Response headers

Connection
Keep-Alive
Content-Encoding
gzip
Content-Length
1093
Content-Type
text/html; charset=iso-8859-1
Date
Fri, 22 Mar 2024 09:15:26 GMT
Keep-Alive
timeout=5, max=100
Server
Apache
Vary
Accept-Encoding
barre-pmuparfait.ht.cx.html
www.pmuparfait.ht.cx/ Frame DB72 		3 KB
2 KB 		Document
General
Check archive.org
Download Go to
Full URL
http://www.pmuparfait.ht.cx/barre-pmuparfait.ht.cx.html
Requested by
Host: www.pmuparfait.ht.cx
URL: http://www.pmuparfait.ht.cx/
Protocol
HTTP/1.1
Server
5.135.149.81 , France, ASN16276 (OVH, FR),
Reverse DNS
web3.venez.net
Software
Apache /
Resource Hash
033e863b5e21da2a5ba0ed66de50b6224551b33ea6f3960e7b846ef2bd100864

Request headers

Referer
http://www.pmuparfait.ht.cx/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36
accept-language
fr-FR,fr;q=0.9

Response headers

Cache-Control
no-store, no-cache, must-revalidate post-check=0, pre-check=0
Connection
Keep-Alive
Content-Encoding
gzip
Content-Length
1456
Content-Type
text/html; charset=ISO-8859-1
Date
Fri, 22 Mar 2024 09:15:26 GMT
Expires
Fri, 22 Mar 2024 09:15:26 GMT
Keep-Alive
timeout=5, max=99
Last-Modified
Fri, 22 Mar 2024 09:15:26 GMT
Pragma
no-cache
Server
Apache
Vary
Accept-Encoding
/
www.bazireturf.com/turf/pmuparfait/ Frame C03F 		9 KB
9 KB 		Document
General
Check archive.org
Download Go to
Full URL
http://www.bazireturf.com/turf/pmuparfait/
Requested by
Host: www.pmuparfait.ht.cx
URL: http://www.pmuparfait.ht.cx/
Protocol
HTTP/1.1
Server
194.150.236.179 , France, ASN44976 (HIWIT_AS, FR),
Reverse DNS
ns19.hiwit.net
Software
Apache /
Resource Hash
d1ada044d0730b2dbe0402c35079840717e7f490c5517b2c0b38913ae0c0825a

Request headers

Referer
http://www.pmuparfait.ht.cx/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36
accept-language
fr-FR,fr;q=0.9

Response headers

Connection
Keep-Alive
Content-Type
text/html
Date
Fri, 22 Mar 2024 09:15:27 GMT
Keep-Alive
timeout=15, max=100
Server
Apache
Transfer-Encoding
chunked
Vary
Host
stats-pmuparfait.ht.cx.html
www.pmuparfait.ht.cx/ Frame 48A1 		0
192 B 		Document
General
Check archive.org
Download Go to
Full URL
http://www.pmuparfait.ht.cx/stats-pmuparfait.ht.cx.html
Requested by
Host: www.pmuparfait.ht.cx
URL: http://www.pmuparfait.ht.cx/
Protocol
HTTP/1.1
Server
5.135.149.81 , France, ASN16276 (OVH, FR),
Reverse DNS
web3.venez.net
Software
Apache /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
http://www.pmuparfait.ht.cx/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36
accept-language
fr-FR,fr;q=0.9

Response headers

Connection
Keep-Alive
Content-Length
0
Content-Type
text/html; charset=iso-8859-1
Date
Fri, 22 Mar 2024 09:15:26 GMT
Keep-Alive
timeout=5, max=100
Server
Apache
site.js
www.venez.fr/js/ Frame DB72 		2 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.venez.fr/js/site.js?www.venez.fr
Requested by
Host: www.pmuparfait.ht.cx
URL: http://www.pmuparfait.ht.cx/barre-pmuparfait.ht.cx.html
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
5.135.149.81 , France, ASN16276 (OVH, FR),
Reverse DNS
web3.venez.net
Software
Apache /
Resource Hash
0c91a24c2deb753c963c48cd9c3e5d16ee96128b30bce193c4324e121728c306

Request headers

accept-language
fr-FR,fr;q=0.9
Referer
http://www.pmuparfait.ht.cx/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

Date
Fri, 22 Mar 2024 09:15:27 GMT
Content-Encoding
gzip
Last-Modified
Fri, 22 Mar 2024 09:15:27 GMT
Server
Apache
Vary
Accept-Encoding
Content-Type
application/javascript
Cache-Control
public, max-age=604800
Connection
Keep-Alive
Keep-Alive
timeout=5, max=100
Content-Length
1023
Expires
Fri, 29 Mar 2024 09:15:27 GMT
separateur90.gif
www.venez.fr/images/ Frame DB72 		82 B
388 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.venez.fr/images/separateur90.gif
Requested by
Host: www.pmuparfait.ht.cx
URL: http://www.pmuparfait.ht.cx/barre-pmuparfait.ht.cx.html
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
5.135.149.81 , France, ASN16276 (OVH, FR),
Reverse DNS
web3.venez.net
Software
Apache /
Resource Hash
3289fc83b622ca0a13683fa81b006a05de135d1938744d6e30e5c9be2f2d782a

Request headers

accept-language
fr-FR,fr;q=0.9
Referer
http://www.pmuparfait.ht.cx/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

Date
Fri, 22 Mar 2024 09:15:27 GMT
Last-Modified
Thu, 15 Nov 2018 22:11:22 GMT
Server
Apache
ETag
"52-57abb54b25680"
Content-Type
image/gif
Cache-Control
max-age=604800, public
Connection
Keep-Alive
Accept-Ranges
bytes
Keep-Alive
timeout=5, max=100
Content-Length
82
adsbygoogle.js
pagead2.googlesyndication.com/pagead/js/ Frame DB72 		145 KB
53 KB 		Script
General
Check archive.org
Download Go to
Full URL
http://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js
Requested by
Host: www.pmuparfait.ht.cx
URL: http://www.pmuparfait.ht.cx/barre-pmuparfait.ht.cx.html
Protocol
HTTP/1.1
Server
2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
8733d968683059cfbd14d751162fa63029dfe3e990a78642486f2e7ab4dc6837
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
fr-FR,fr;q=0.9
Referer
http://www.pmuparfait.ht.cx/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

Date
Fri, 22 Mar 2024 09:15:27 GMT
Content-Encoding
gzip
X-Content-Type-Options
nosniff
P3P
policyref="http://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
Cross-Origin-Resource-Policy
cross-origin
Content-Disposition
attachment; filename="f.txt"
Content-Length
54043
X-XSS-Protection
0
Server
cafe
ETag
6132981182971978906
Vary
Accept-Encoding
Content-Type
text/javascript; charset=UTF-8
Access-Control-Allow-Origin
*
Cache-Control
private, max-age=3600, stale-while-revalidate=3600
Timing-Allow-Origin
*
Link
<https://googleads.g.doubleclick.net>; rel="preconnect"; crossorigin
Expires
Fri, 22 Mar 2024 09:15:27 GMT
head.jpg
www.bazireturf.com/turf/pmuparfait/ Frame C03F 		40 KB
40 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
http://www.bazireturf.com/turf/pmuparfait/head.jpg
Requested by
Host: www.bazireturf.com
URL: http://www.bazireturf.com/turf/pmuparfait/
Protocol
HTTP/1.1
Server
194.150.236.179 , France, ASN44976 (HIWIT_AS, FR),
Reverse DNS
ns19.hiwit.net
Software
Apache /
Resource Hash
c4a07b2c63ada528a7d8fcd01141b48a06ca4c11da87ffe6eadf84eed37eb4a0

Request headers

accept-language
fr-FR,fr;q=0.9
Referer
http://www.bazireturf.com/turf/pmuparfait/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

Date
Fri, 22 Mar 2024 09:15:27 GMT
Last-Modified
Wed, 30 Nov 2016 07:12:39 GMT
Server
Apache
ETag
"169e290-a0d5-5427f6e1987c0"
Vary
Host
Content-Type
image/jpeg
Connection
Keep-Alive
Accept-Ranges
bytes
Keep-Alive
timeout=15, max=99
Content-Length
41173
logo.gif
www.duvaldestin.com/ Frame C03F 		0
0
logo.gif
www.bazireturf.com/img/ Frame C03F 		19 KB
19 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
http://www.bazireturf.com/img/logo.gif
Requested by
Host: www.bazireturf.com
URL: http://www.bazireturf.com/turf/pmuparfait/
Protocol
HTTP/1.1
Server
194.150.236.179 , France, ASN44976 (HIWIT_AS, FR),
Reverse DNS
ns19.hiwit.net
Software
Apache /
Resource Hash
e3a0169c93ee99ee209e212f1f9b711712aa8546cd9bc4a8f4bc431df18dabde

Request headers

accept-language
fr-FR,fr;q=0.9
Referer
http://www.bazireturf.com/turf/pmuparfait/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

Date
Fri, 22 Mar 2024 09:15:27 GMT
Last-Modified
Wed, 30 Nov 2016 07:10:42 GMT
Server
Apache
ETag
"169be12-4c74-5427f67204080"
Vary
Host
Content-Type
image/gif
Connection
Keep-Alive
Accept-Ranges
bytes
Keep-Alive
timeout=15, max=100
Content-Length
19572
logo.gif
www.tresorturf.com/img/ Frame C03F 		7 KB
7 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
http://www.tresorturf.com/img/logo.gif
Requested by
Host: www.bazireturf.com
URL: http://www.bazireturf.com/turf/pmuparfait/
Protocol
HTTP/1.1
Server
194.150.236.236 , France, ASN44976 (HIWIT_AS, FR),
Reverse DNS
ns76.hiwit.net
Software
Apache /
Resource Hash
6708a8ec82fad521076f2579c9873b1335aad3bd231cdb2972ea0bfb38689d97

Request headers

accept-language
fr-FR,fr;q=0.9
Referer
http://www.bazireturf.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

Date
Fri, 22 Mar 2024 09:15:27 GMT
Last-Modified
Mon, 26 Jun 2023 01:03:21 GMT
Server
Apache
ETag
"2b6f1b3-1cc2-5fefdeaade840"
Vary
Host
Content-Type
image/gif
Connection
Keep-Alive
Accept-Ranges
bytes
Keep-Alive
timeout=15, max=100
Content-Length
7362
logo
jmbazire.genhit.com/ Frame C03F 		0
0
buy.apu
payment.allopass.com/buy/ Frame F239 		10 KB
4 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://payment.allopass.com/buy/buy.apu?ids=321957&idd=1407670
Requested by
Host: www.bazireturf.com
URL: http://www.bazireturf.com/turf/pmuparfait/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
185.119.26.1 , France, ASN203544 (WEBDEVIIN-AS, FR),
Reverse DNS
1.26.119.185.in-addr.arpa
Software
Apache /
Resource Hash
25291c187618ea3e6c52a26a94dce23b5b70f863afb97da8c312d6c0f430048c

Request headers

Referer
http://www.bazireturf.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36
accept-language
fr-FR,fr;q=0.9

Response headers

Access-Control-Allow-Origin
*
Cache-Control
no-store, no-cache, must-revalidate, post-check=0, pre-check=0
Connection
close
Content-Encoding
gzip
Content-Length
3212
Content-Type
text/html; charset=UTF-8
Date
Fri, 22 Mar 2024 09:15:27 GMT
Expires
Thu, 19 Nov 1981 08:52:00 GMT
P3P
CP='NON NID OTPa OUR NOR' policy-ref='http://payment.allopass.com/info/p3p/policy-references.xml'
Pragma
no-cache
Server
Apache
Vary
Accept-Encoding
turf.jpg
www.pariturf.info/wp-content/uploads/2008/12/ Frame C03F 		0
0
247546_des-billets-de-banque-de-500-200-et-100-euros.jpg
www.lexpress.fr/pictures/483/ Frame C03F
Redirect Chain
  • http://www.lexpress.fr/pictures/483/247546_des-billets-de-banque-de-500-200-et-100-euros.jpg
  • https://www.lexpress.fr/pictures/483/247546_des-billets-de-banque-de-500-200-et-100-euros.jpg
0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.lexpress.fr/pictures/483/247546_des-billets-de-banque-de-500-200-et-100-euros.jpg
Requested by
Host: www.bazireturf.com
URL: http://www.bazireturf.com/turf/pmuparfait/
Protocol
H2
Server
2a02:26f0:4700::210:222 Prague, Czech Republic, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
fr-FR,fr;q=0.9
Referer
http://www.bazireturf.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

Redirect headers

Akamai-True-TTL
-1
Date
Fri, 22 Mar 2024 09:15:27 GMT
Content-Security-Policy
upgrade-insecure-requests
Server
AkamaiGHost
x-arc-request-id
0.25021002.1711098927.8bc864a
Location
https://www.lexpress.fr/pictures/483/247546_des-billets-de-banque-de-500-200-et-100-euros.jpg
Cache-Control
private, max-age=60
Connection
keep-alive
Content-Length
0
Expires
Fri, 22 Mar 2024 09:16:27 GMT
arp.png
www.bazireturf.com/turf/pmuparfait/ Frame C03F 		29 KB
29 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
http://www.bazireturf.com/turf/pmuparfait/arp.png
Requested by
Host: www.bazireturf.com
URL: http://www.bazireturf.com/turf/pmuparfait/
Protocol
HTTP/1.1
Server
194.150.236.179 , France, ASN44976 (HIWIT_AS, FR),
Reverse DNS
ns19.hiwit.net
Software
Apache /
Resource Hash
0dde7e295d86838adc5345f2ba9a53f6066c9140630437da9a6f5a693b2eef07

Request headers

accept-language
fr-FR,fr;q=0.9
Referer
http://www.bazireturf.com/turf/pmuparfait/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

Date
Fri, 22 Mar 2024 09:15:27 GMT
Last-Modified
Wed, 30 Nov 2016 07:12:32 GMT
Server
Apache
ETag
"169e289-73d7-5427f6daeb800"
Vary
Host
Content-Type
image/png
Connection
Keep-Alive
Accept-Ranges
bytes
Keep-Alive
timeout=15, max=100
Content-Length
29655
h2.png
www.bazireturf.com/turf/pmuparfait/ Frame C03F 		36 KB
36 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
http://www.bazireturf.com/turf/pmuparfait/h2.png
Requested by
Host: www.bazireturf.com
URL: http://www.bazireturf.com/turf/pmuparfait/
Protocol
HTTP/1.1
Server
194.150.236.179 , France, ASN44976 (HIWIT_AS, FR),
Reverse DNS
ns19.hiwit.net
Software
Apache /
Resource Hash
29ccac1ac24bd5b69df39e975080564a703236c8a3a7a1ca7501058798de188e

Request headers

accept-language
fr-FR,fr;q=0.9
Referer
http://www.bazireturf.com/turf/pmuparfait/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

Date
Fri, 22 Mar 2024 09:15:27 GMT
Last-Modified
Wed, 30 Nov 2016 07:12:37 GMT
Server
Apache
ETag
"169e28e-8f3a-5427f6dfb0340"
Vary
Host
Content-Type
image/png
Connection
Keep-Alive
Accept-Ranges
bytes
Keep-Alive
timeout=15, max=99
Content-Length
36666
menu.png
www.bazireturf.com/turf/pmuparfait/ Frame C03F 		35 KB
36 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
http://www.bazireturf.com/turf/pmuparfait/menu.png
Requested by
Host: www.bazireturf.com
URL: http://www.bazireturf.com/turf/pmuparfait/
Protocol
HTTP/1.1
Server
194.150.236.179 , France, ASN44976 (HIWIT_AS, FR),
Reverse DNS
ns19.hiwit.net
Software
Apache /
Resource Hash
5ad22114c09f306850072abf395b8fd95b7f00bb7fe946efdf6eea24cce91ce1

Request headers

accept-language
fr-FR,fr;q=0.9
Referer
http://www.bazireturf.com/turf/pmuparfait/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

Date
Fri, 22 Mar 2024 09:15:27 GMT
Last-Modified
Wed, 30 Nov 2016 07:12:41 GMT
Server
Apache
ETag
"169e292-8d6f-5427f6e380c40"
Vary
Host
Content-Type
image/png
Connection
Keep-Alive
Accept-Ranges
bytes
Keep-Alive
timeout=15, max=98
Content-Length
36207
date.png
www.bazireturf.com/turf/pmuparfait/ Frame C03F 		37 KB
37 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
http://www.bazireturf.com/turf/pmuparfait/date.png
Requested by
Host: www.bazireturf.com
URL: http://www.bazireturf.com/turf/pmuparfait/
Protocol
HTTP/1.1
Server
194.150.236.179 , France, ASN44976 (HIWIT_AS, FR),
Reverse DNS
ns19.hiwit.net
Software
Apache /
Resource Hash
7db690b9943ae41e0f5b5d97e7013f7324b9fdd26ea63269e15b59a65056aa1b

Request headers

accept-language
fr-FR,fr;q=0.9
Referer
http://www.bazireturf.com/turf/pmuparfait/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

Date
Fri, 22 Mar 2024 09:15:27 GMT
Last-Modified
Wed, 30 Nov 2016 07:12:35 GMT
Server
Apache
ETag
"169e28c-9267-5427f6ddc7ec0"
Vary
Host
Content-Type
image/png
Connection
Keep-Alive
Accept-Ranges
bytes
Keep-Alive
timeout=15, max=99
Content-Length
37479
alternate-barre.htm
www.venez.fr/ Frame 5320 		2 KB
1 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://www.venez.fr/alternate-barre.htm
Requested by
Host: www.pmuparfait.ht.cx
URL: http://www.pmuparfait.ht.cx/barre-pmuparfait.ht.cx.html
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
5.135.149.81 , France, ASN16276 (OVH, FR),
Reverse DNS
web3.venez.net
Software
Apache /
Resource Hash
b87f66e31e319b3806104dd2a89ec09836e8296a6969819956ef70dc5c3ed4fe

Request headers

Referer
http://www.pmuparfait.ht.cx/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36
accept-language
fr-FR,fr;q=0.9

Response headers

Connection
Keep-Alive
Content-Encoding
gzip
Content-Length
848
Content-Type
text/html; charset=iso-8859-1
Date
Fri, 22 Mar 2024 09:15:27 GMT
Keep-Alive
timeout=5, max=99
Server
Apache
Vary
Accept-Encoding
barre90.gif
www.venez.fr/images/ Frame DB72 		110 B
416 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.venez.fr/images/barre90.gif
Requested by
Host: www.pmuparfait.ht.cx
URL: http://www.pmuparfait.ht.cx/barre-pmuparfait.ht.cx.html
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
5.135.149.81 , France, ASN16276 (OVH, FR),
Reverse DNS
web3.venez.net
Software
Apache /
Resource Hash
49d4ba84e10d9d1f2a83956dde4f20625fd11efc01f60a3a4552a9e09a05a74f

Request headers

accept-language
fr-FR,fr;q=0.9
Referer
http://www.pmuparfait.ht.cx/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

Date
Fri, 22 Mar 2024 09:15:27 GMT
Last-Modified
Thu, 15 Nov 2018 22:06:23 GMT
Server
Apache
ETag
"6e-57abb42dff5c0"
Content-Type
image/gif
Cache-Control
max-age=604800, public
Connection
Keep-Alive
Accept-Ranges
bytes
Keep-Alive
timeout=5, max=99
Content-Length
110
120x60.gif
www.venez.fr/images/ Frame 5320 		4 KB
4 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.venez.fr/images/120x60.gif
Requested by
Host: www.venez.fr
URL: https://www.venez.fr/alternate-barre.htm
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
5.135.149.81 , France, ASN16276 (OVH, FR),
Reverse DNS
web3.venez.net
Software
Apache /
Resource Hash
7dc792d48132ff15a9ad8c11a139bf26f8e13aa3df30a71582ae406ddffdab4f

Request headers

accept-language
fr-FR,fr;q=0.9
Referer
https://www.venez.fr/alternate-barre.htm
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

Date
Fri, 22 Mar 2024 09:15:27 GMT
Last-Modified
Wed, 02 Mar 2011 00:16:24 GMT
Server
Apache
ETag
"f4c-49d74d2b9c600"
Content-Type
image/gif
Cache-Control
max-age=604800, public
Connection
Keep-Alive
Accept-Ranges
bytes
Keep-Alive
timeout=5, max=98
Content-Length
3916
site.js
www.venez.fr/js/ Frame 5320 		2 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.venez.fr/js/site.js?www.venez.fr
Requested by
Host: www.venez.fr
URL: https://www.venez.fr/alternate-barre.htm
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
5.135.149.81 , France, ASN16276 (OVH, FR),
Reverse DNS
web3.venez.net
Software
Apache /
Resource Hash
0c91a24c2deb753c963c48cd9c3e5d16ee96128b30bce193c4324e121728c306

Request headers

accept-language
fr-FR,fr;q=0.9
Referer
https://www.venez.fr/alternate-barre.htm
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

Date
Fri, 22 Mar 2024 09:15:27 GMT
Content-Encoding
gzip
Last-Modified
Fri, 22 Mar 2024 09:15:27 GMT
Server
Apache
Vary
Accept-Encoding
Content-Type
application/javascript
Cache-Control
public, max-age=604800
Connection
Keep-Alive
Keep-Alive
timeout=5, max=98
Content-Length
1023
Expires
Fri, 29 Mar 2024 09:15:27 GMT
barre90.gif
www.venez.fr/images/ Frame 5320 		110 B
417 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.venez.fr/images/barre90.gif
Requested by
Host: www.venez.fr
URL: https://www.venez.fr/alternate-barre.htm
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
5.135.149.81 , France, ASN16276 (OVH, FR),
Reverse DNS
web3.venez.net
Software
Apache /
Resource Hash
49d4ba84e10d9d1f2a83956dde4f20625fd11efc01f60a3a4552a9e09a05a74f

Request headers

accept-language
fr-FR,fr;q=0.9
Referer
https://www.venez.fr/alternate-barre.htm
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

Date
Fri, 22 Mar 2024 09:15:27 GMT
Last-Modified
Thu, 15 Nov 2018 22:06:23 GMT
Server
Apache
ETag
"6e-57abb42dff5c0"
Content-Type
image/gif
Cache-Control
max-age=604800, public
Connection
Keep-Alive
Accept-Ranges
bytes
Keep-Alive
timeout=5, max=100
Content-Length
110
show_ads_impl_with_ama_fy2021.js
pagead2.googlesyndication.com/pagead/managed/js/adsense/m202403180101/ Frame DB72 		407 KB
139 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202403180101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-5203714787387788&plah=www.pmuparfait.ht.cx&aplac=true
Requested by
Host: pagead2.googlesyndication.com
URL: http://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
6d31dba77872aed625c09e0d94882985e783d826731aa68f6c923475340d159e
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
fr-FR,fr;q=0.9
Referer
http://www.pmuparfait.ht.cx/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

date
Fri, 22 Mar 2024 09:15:27 GMT
content-encoding
br
x-content-type-options
nosniff
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
141482
x-xss-protection
0
server
cafe
etag
1678747286424672515
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
cache-control
private, max-age=3600, stale-while-revalidate=3600
timing-allow-origin
*
expires
Fri, 22 Mar 2024 09:15:27 GMT
jBox.all.min.css
payment.allopass.com/static/css/jBox/ Frame F239 		16 KB
4 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://payment.allopass.com/static/css/jBox/jBox.all.min.css
Requested by
Host: payment.allopass.com
URL: https://payment.allopass.com/buy/buy.apu?ids=321957&idd=1407670
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
185.119.26.1 , France, ASN203544 (WEBDEVIIN-AS, FR),
Reverse DNS
1.26.119.185.in-addr.arpa
Software
Apache /
Resource Hash
16393c3e769e20445f7f78adf6a188dae9d932249842c1033dc2144bac1296ac

Request headers

accept-language
fr-FR,fr;q=0.9
Referer
https://payment.allopass.com/buy/buy.apu?ids=321957&idd=1407670
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

Date
Fri, 22 Mar 2024 09:15:27 GMT
Content-Encoding
gzip
Last-Modified
Mon, 21 Aug 2023 10:50:27 GMT
Server
Apache
ETag
"2176b-40d7-6036ca56d02c0"
Vary
Accept-Encoding
Content-Type
text/css
Connection
close
Accept-Ranges
bytes
Content-Length
3631
base.css
payment.allopass.com/static/css/ Frame F239 		81 KB
15 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://payment.allopass.com/static/css/base.css?68
Requested by
Host: payment.allopass.com
URL: https://payment.allopass.com/buy/buy.apu?ids=321957&idd=1407670
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
185.119.26.1 , France, ASN203544 (WEBDEVIIN-AS, FR),
Reverse DNS
1.26.119.185.in-addr.arpa
Software
Apache /
Resource Hash
3975eb898756e296608f964f0fe799ecf25bbf79467666a3c3218dad3db1de6e

Request headers

accept-language
fr-FR,fr;q=0.9
Referer
https://payment.allopass.com/buy/buy.apu?ids=321957&idd=1407670
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

Date
Fri, 22 Mar 2024 09:15:27 GMT
Content-Encoding
gzip
Last-Modified
Mon, 21 Aug 2023 10:50:27 GMT
Server
Apache
ETag
"21901-143f2-6036ca56d02c0"
Vary
Accept-Encoding
Content-Type
text/css
Connection
close
Accept-Ranges
bytes
Content-Length
14739
carousel.css
payment.allopass.com/static/css/ Frame F239 		21 KB
3 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://payment.allopass.com/static/css/carousel.css?68
Requested by
Host: payment.allopass.com
URL: https://payment.allopass.com/buy/buy.apu?ids=321957&idd=1407670
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
185.119.26.1 , France, ASN203544 (WEBDEVIIN-AS, FR),
Reverse DNS
1.26.119.185.in-addr.arpa
Software
Apache /
Resource Hash
1decf61f3465e4585a9a8cd868c343796bb6f43dfd1f03fa0b361dab97b4627c

Request headers

accept-language
fr-FR,fr;q=0.9
Referer
https://payment.allopass.com/buy/buy.apu?ids=321957&idd=1407670
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

Date
Fri, 22 Mar 2024 09:15:27 GMT
Content-Encoding
gzip
Last-Modified
Mon, 21 Aug 2023 10:50:27 GMT
Server
Apache
ETag
"215fe-54eb-6036ca56d02c0"
Vary
Accept-Encoding
Content-Type
text/css
Connection
close
Accept-Ranges
bytes
Content-Length
2387
jquery-1.3.2.min.js
payment.allopass.com/static/js/ext/ Frame F239 		56 KB
20 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://payment.allopass.com/static/js/ext/jquery-1.3.2.min.js
Requested by
Host: payment.allopass.com
URL: https://payment.allopass.com/buy/buy.apu?ids=321957&idd=1407670
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
185.119.26.1 , France, ASN203544 (WEBDEVIIN-AS, FR),
Reverse DNS
1.26.119.185.in-addr.arpa
Software
Apache /
Resource Hash
c8370a2d050359e9d505acc411e6f457a49b21360a21e6cbc9229bad3a767899

Request headers

accept-language
fr-FR,fr;q=0.9
Referer
https://payment.allopass.com/buy/buy.apu?ids=321957&idd=1407670
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

Date
Fri, 22 Mar 2024 09:15:27 GMT
Content-Encoding
gzip
Last-Modified
Mon, 21 Aug 2023 10:50:27 GMT
Server
Apache
ETag
"4106b-dfa6-6036ca56d02c0"
Vary
Accept-Encoding
Content-Type
application/javascript
Connection
close
Accept-Ranges
bytes
Content-Length
19740
jquery-1.11.3.min.js
payment.allopass.com/static/js/ext/ Frame F239 		94 KB
33 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://payment.allopass.com/static/js/ext/jquery-1.11.3.min.js
Requested by
Host: payment.allopass.com
URL: https://payment.allopass.com/buy/buy.apu?ids=321957&idd=1407670
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
185.119.26.1 , France, ASN203544 (WEBDEVIIN-AS, FR),
Reverse DNS
1.26.119.185.in-addr.arpa
Software
Apache /
Resource Hash
ecb916133a9376911f10bc5c659952eb0031e457f5df367cde560edbfba38fb8

Request headers

accept-language
fr-FR,fr;q=0.9
Referer
https://payment.allopass.com/buy/buy.apu?ids=321957&idd=1407670
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

Date
Fri, 22 Mar 2024 09:15:27 GMT
Content-Encoding
gzip
Last-Modified
Mon, 21 Aug 2023 10:50:27 GMT
Server
Apache
ETag
"21a20-176d5-6036ca56d02c0"
Vary
Accept-Encoding
Content-Type
application/javascript
Connection
close
Accept-Ranges
bytes
Content-Length
33279
general.js
payment.allopass.com/onetime/scripts/ Frame F239 		4 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://payment.allopass.com/onetime/scripts/general.js?04
Requested by
Host: payment.allopass.com
URL: https://payment.allopass.com/buy/buy.apu?ids=321957&idd=1407670
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
185.119.26.1 , France, ASN203544 (WEBDEVIIN-AS, FR),
Reverse DNS
1.26.119.185.in-addr.arpa
Software
Apache /
Resource Hash
c1893b3f02db32e36ee562842bc299d27c047656416c204667abf42f04777d2a

Request headers

accept-language
fr-FR,fr;q=0.9
Referer
https://payment.allopass.com/buy/buy.apu?ids=321957&idd=1407670
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

Date
Fri, 22 Mar 2024 09:15:27 GMT
Content-Encoding
gzip
Last-Modified
Mon, 21 Aug 2023 10:50:26 GMT
Server
Apache
ETag
"2090b-f37-6036ca55dc080"
Vary
Accept-Encoding
Content-Type
application/javascript
Connection
close
Accept-Ranges
bytes
Content-Length
1593
jBox.all.min.js
payment.allopass.com/static/js/ext/ Frame F239 		51 KB
13 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://payment.allopass.com/static/js/ext/jBox.all.min.js
Requested by
Host: payment.allopass.com
URL: https://payment.allopass.com/buy/buy.apu?ids=321957&idd=1407670
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
185.119.26.1 , France, ASN203544 (WEBDEVIIN-AS, FR),
Reverse DNS
1.26.119.185.in-addr.arpa
Software
Apache /
Resource Hash
d176bb09818fe74dc0e1d369c411c2e3ca68bbf64a8eb76b43ec306520229833

Request headers

accept-language
fr-FR,fr;q=0.9
Referer
https://payment.allopass.com/buy/buy.apu?ids=321957&idd=1407670
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

Date
Fri, 22 Mar 2024 09:15:27 GMT
Content-Encoding
gzip
Last-Modified
Mon, 21 Aug 2023 10:50:27 GMT
Server
Apache
ETag
"41069-cb59-6036ca56d02c0"
Vary
Accept-Encoding
Content-Type
application/javascript
Connection
close
Accept-Ranges
bytes
Content-Length
12605
top.js
gmu-apps.com/js/ Frame F239 		54 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://gmu-apps.com/js/top.js
Requested by
Host: payment.allopass.com
URL: https://payment.allopass.com/buy/buy.apu?ids=321957&idd=1407670
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.67.110.253 San Jose, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-54-67-110-253.us-west-1.compute.amazonaws.com
Software
Apache /
Resource Hash
cdca24fd19906ad7adbf066e55d3ee87750c3901e9b5d1beb538408274d32109

Request headers

accept-language
fr-FR,fr;q=0.9
Referer
https://payment.allopass.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 22 Mar 2024 09:15:28 GMT
content-encoding
gzip
last-modified
Fri, 02 Apr 2021 20:31:35 GMT
server
Apache
vary
Accept-Encoding
content-type
application/javascript
cache-control
max-age=0, no-cache, no-store, must-revalidate
accept-ranges
bytes
content-length
5772
expires
Sun, 8 Mar 1981 10:00:00 GMT
fr.png
payment.allopass.com/icons/flags/24x24/ Frame F239 		536 B
774 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://payment.allopass.com/icons/flags/24x24/fr.png
Requested by
Host: payment.allopass.com
URL: https://payment.allopass.com/buy/buy.apu?ids=321957&idd=1407670
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
185.119.26.1 , France, ASN203544 (WEBDEVIIN-AS, FR),
Reverse DNS
1.26.119.185.in-addr.arpa
Software
Apache /
Resource Hash
54df4beda3ad05d5c621511ff15b2882588ff457e36132035d5f21fb29f2a750

Request headers

accept-language
fr-FR,fr;q=0.9
Referer
https://payment.allopass.com/buy/buy.apu?ids=321957&idd=1407670
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

Date
Fri, 22 Mar 2024 09:15:28 GMT
Last-Modified
Tue, 26 Nov 2019 14:39:45 GMT
Server
Apache
ETag
"42c49-218-59840d9ebee40"
Content-Type
image/png
Connection
close
Accept-Ranges
bytes
Content-Length
536
check-codes.js
payment.allopass.com/static/js/ Frame F239 		2 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://payment.allopass.com/static/js/check-codes.js?01
Requested by
Host: payment.allopass.com
URL: https://payment.allopass.com/buy/buy.apu?ids=321957&idd=1407670
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
185.119.26.1 , France, ASN203544 (WEBDEVIIN-AS, FR),
Reverse DNS
1.26.119.185.in-addr.arpa
Software
Apache /
Resource Hash
97a9de3830f4bd7bcb7cf4805dbdcf1f4c6e843fcd4a814c6a5d7bc2b11fee1a

Request headers

accept-language
fr-FR,fr;q=0.9
Referer
https://payment.allopass.com/buy/buy.apu?ids=321957&idd=1407670
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

Date
Fri, 22 Mar 2024 09:15:27 GMT
Content-Encoding
gzip
Last-Modified
Mon, 21 Aug 2023 10:50:27 GMT
Server
Apache
ETag
"21801-9d7-6036ca56d02c0"
Vary
Accept-Encoding
Content-Type
application/javascript
Connection
close
Accept-Ranges
bytes
Content-Length
795
fingerprint2.min.js
payment.allopass.com/static/js/ext/ Frame F239 		33 KB
10 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://payment.allopass.com/static/js/ext/fingerprint2.min.js
Requested by
Host: payment.allopass.com
URL: https://payment.allopass.com/buy/buy.apu?ids=321957&idd=1407670
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
185.119.26.1 , France, ASN203544 (WEBDEVIIN-AS, FR),
Reverse DNS
1.26.119.185.in-addr.arpa
Software
Apache /
Resource Hash
faf063f091dd745b82f9aeb12544a10ef3ee5989078c1a90d377d863fff884c7

Request headers

accept-language
fr-FR,fr;q=0.9
Referer
https://payment.allopass.com/buy/buy.apu?ids=321957&idd=1407670
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

Date
Fri, 22 Mar 2024 09:15:28 GMT
Content-Encoding
gzip
Last-Modified
Mon, 21 Aug 2023 10:50:27 GMT
Server
Apache
ETag
"21a1e-8432-6036ca56d02c0"
Vary
Accept-Encoding
Content-Type
application/javascript
Connection
close
Accept-Ranges
bytes
Content-Length
10209
arrow-down.png
payment.allopass.com/static/css/images/ Frame F239 		315 B
553 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://payment.allopass.com/static/css/images/arrow-down.png
Requested by
Host: payment.allopass.com
URL: https://payment.allopass.com/buy/buy.apu?ids=321957&idd=1407670
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
185.119.26.1 , France, ASN203544 (WEBDEVIIN-AS, FR),
Reverse DNS
1.26.119.185.in-addr.arpa
Software
Apache /
Resource Hash
c0a130d7b90ac605b17acd40337aa673f2f6b1779801ba8ea7d894d38b87ba36

Request headers

accept-language
fr-FR,fr;q=0.9
Referer
https://payment.allopass.com/buy/buy.apu?ids=321957&idd=1407670
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

Date
Fri, 22 Mar 2024 09:15:28 GMT
Last-Modified
Mon, 21 Aug 2023 10:50:27 GMT
Server
Apache
ETag
"21648-13b-6036ca56d02c0"
Content-Type
image/png
Connection
close
Accept-Ranges
bytes
Content-Length
315
carousel.js
payment.allopass.com/static/js/ Frame F239 		7 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://payment.allopass.com/static/js/carousel.js?5
Requested by
Host: payment.allopass.com
URL: https://payment.allopass.com/buy/buy.apu?ids=321957&idd=1407670
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
185.119.26.1 , France, ASN203544 (WEBDEVIIN-AS, FR),
Reverse DNS
1.26.119.185.in-addr.arpa
Software
Apache /
Resource Hash
8db08a66fc20669ae93e6d8e919f56a863ce77d3e1ea0bb97efc4c35da450435

Request headers

accept-language
fr-FR,fr;q=0.9
Referer
https://payment.allopass.com/buy/buy.apu?ids=321957&idd=1407670
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

Date
Fri, 22 Mar 2024 09:15:28 GMT
Content-Encoding
gzip
Last-Modified
Mon, 21 Aug 2023 10:50:27 GMT
Server
Apache
ETag
"21800-1b55-6036ca56d02c0"
Vary
Accept-Encoding
Content-Type
application/javascript
Connection
close
Accept-Ranges
bytes
Content-Length
1830
gtm.js
www.googletagmanager.com/ Frame F239 		174 KB
64 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtm.js?id=GTM-NVK252XV
Requested by
Host: payment.allopass.com
URL: https://payment.allopass.com/buy/buy.apu?ids=321957&idd=1407670
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:806::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
d24b6d24ae71ef20dbebb772f0b70e91bc29876acfa192e87032d83845f57e19
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

accept-language
fr-FR,fr;q=0.9
Referer
https://payment.allopass.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

date
Fri, 22 Mar 2024 09:15:28 GMT
content-encoding
br
strict-transport-security
max-age=31536000; includeSubDomains
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
64797
x-xss-protection
0
last-modified
Fri, 22 Mar 2024 09:00:00 GMT
server
Google Tag Manager
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
access-control-allow-headers
Cache-Control
expires
Fri, 22 Mar 2024 09:15:28 GMT
ads
pagead2.googlesyndication.com/pagead/ Frame 602A 		569 B
386 B 		Document
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/ads?ltd_cs=1&client=ca-pub-5203714787387788&output=html&h=90&slotname=4563536207&adk=2647235303&adf=3604715433&pi=t.ma~as.4563536207&w=970&format=970x90&url=http%3A%2F%2Fwww.pmuparfait.ht.cx%2F&wgl=1&dt=1711098927643&bpp=4&bdt=343&idt=222&shv=r20240320&mjsv=m202403180101&ptt=9&saldr=aa&correlator=1239810798091&frm=23&ife=1&pv=2&ga_vid=2140338823.1711098928&ga_sid=1711098928&ga_hid=1866254090&ga_fc=0&nhd=1&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&adx=20&ady=0&biw=1600&bih=1200&isw=1600&ish=90&ifk=4110708187&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759842%2C31081575%2C31081794%2C44795922%2C95322329%2C95322399&oid=2&pvsid=2667476507156639&tmod=177675421&uas=0&nvt=1&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C90&vis=1&rsz=o%7Co%7CaeE%7C&abl=NA&pfx=0&fu=4&bc=23&bz=1&ifi=1&uci=1.jrs1ttdo6cl9&fsb=1&dtd=239
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202403180101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-5203714787387788&plah=www.pmuparfait.ht.cx&aplac=true
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
0e8ed161c3d205bdde764c1b59a8e950cfb58020a13cf6ef4f22b7da65af02d3
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
http://www.pmuparfait.ht.cx/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36
accept-language
fr-FR,fr;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-encoding
br
content-length
301
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Fri, 22 Mar 2024 09:15:28 GMT
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
server
cafe
timing-allow-origin
*
x-content-type-options
nosniff
x-xss-protection
0
duration.css
payment.allopass.com/static/css/ Frame F239 		3 KB
1 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://payment.allopass.com/static/css/duration.css
Requested by
Host: payment.allopass.com
URL: https://payment.allopass.com/static/css/base.css?68
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
185.119.26.1 , France, ASN203544 (WEBDEVIIN-AS, FR),
Reverse DNS
1.26.119.185.in-addr.arpa
Software
Apache /
Resource Hash
b88598db6441341112078d3c81ea00ddf76e566ad9c68dcfec28a4d5100ca7b8

Request headers

accept-language
fr-FR,fr;q=0.9
Referer
https://payment.allopass.com/static/css/base.css?68
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

Date
Fri, 22 Mar 2024 09:15:27 GMT
Content-Encoding
gzip
Last-Modified
Mon, 21 Aug 2023 10:50:27 GMT
Server
Apache
ETag
"215ff-b61-6036ca56d02c0"
Vary
Accept-Encoding
Content-Type
text/css
Connection
close
Accept-Ranges
bytes
Content-Length
793
sodar
pagead2.googlesyndication.com/getconfig/ Frame DB72 		16 KB
12 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gda&tv=r20240320&st=env
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202403180101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-5203714787387788&plah=www.pmuparfait.ht.cx&aplac=true
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ea9ba104cbb54a88b7825f40c81e0ff063a6febe4d03ced933adef1f21d7de49
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
fr-FR,fr;q=0.9
Referer
http://www.pmuparfait.ht.cx/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

date
Fri, 22 Mar 2024 09:15:28 GMT
content-encoding
br
x-content-type-options
nosniff
server
cafe
content-type
application/json; charset=UTF-8
access-control-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
12369
x-xss-protection
0
sodar2.js
tpc.googlesyndication.com/sodar/ Frame DB72 		17 KB
7 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/sodar2.js
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202403180101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-5203714787387788&plah=www.pmuparfait.ht.cx&aplac=true
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80e::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
fr-FR,fr;q=0.9
Referer
http://www.pmuparfait.ht.cx/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

date
Fri, 22 Mar 2024 09:15:28 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
6386
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
etag
"1637097310169751"
vary
Accept-Encoding
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
expires
Fri, 22 Mar 2024 09:15:28 GMT
runner.html
tpc.googlesyndication.com/sodar/sodar2/225/ Frame D033 		13 KB
5 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80e::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
http://www.pmuparfait.ht.cx/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36
accept-language
fr-FR,fr;q=0.9

Response headers

accept-ranges
bytes
age
1186
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, max-age=31536000
content-encoding
gzip
content-length
5046
content-type
text/html
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy
cross-origin
date
Fri, 22 Mar 2024 08:55:42 GMT
expires
Sat, 22 Mar 2025 08:55:42 GMT
last-modified
Mon, 21 Jun 2021 20:47:05 GMT
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server
sffe
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
secure-lock.gif
payment.allopass.com/static/css/icons/ Frame F239 		181 B
418 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://payment.allopass.com/static/css/icons/secure-lock.gif
Requested by
Host: payment.allopass.com
URL: https://payment.allopass.com/static/css/base.css?68
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
185.119.26.1 , France, ASN203544 (WEBDEVIIN-AS, FR),
Reverse DNS
1.26.119.185.in-addr.arpa
Software
Apache /
Resource Hash
b74d93c2e43195ed06c03dcc855663cce5faec3d82a53598eb84f0714bb5ced9

Request headers

accept-language
fr-FR,fr;q=0.9
Referer
https://payment.allopass.com/static/css/base.css?68
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

Date
Fri, 22 Mar 2024 09:15:29 GMT
Last-Modified
Mon, 21 Aug 2023 10:50:27 GMT
Server
Apache
ETag
"21947-b5-6036ca56d02c0"
Content-Type
image/gif
Connection
close
Accept-Ranges
bytes
Content-Length
181
field.png
payment.allopass.com/static/css/images/ Frame F239 		170 B
407 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://payment.allopass.com/static/css/images/field.png
Requested by
Host: payment.allopass.com
URL: https://payment.allopass.com/static/css/base.css?68
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
185.119.26.1 , France, ASN203544 (WEBDEVIIN-AS, FR),
Reverse DNS
1.26.119.185.in-addr.arpa
Software
Apache /
Resource Hash
7ffb9e58d885b0eaf644c52103b65f0019590149c75e77ff18f826d9bb3fa4e9

Request headers

accept-language
fr-FR,fr;q=0.9
Referer
https://payment.allopass.com/static/css/base.css?68
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

Date
Fri, 22 Mar 2024 09:15:29 GMT
Last-Modified
Mon, 21 Aug 2023 10:50:27 GMT
Server
Apache
ETag
"2165b-aa-6036ca56d02c0"
Content-Type
image/png
Connection
close
Accept-Ranges
bytes
Content-Length
170
ClgGLJT-anMFFp_jPcSPgTpNjWBfoBtPLqdYJvwYrrQ.js
pagead2.googlesyndication.com/bg/ Frame D033 		40 KB
16 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/bg/ClgGLJT-anMFFp_jPcSPgTpNjWBfoBtPLqdYJvwYrrQ.js
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
0a58062c94fe6a7305169fe33dc48f813a4d8d605fa01b4f2ea75826fc18aeb4
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
fr-FR,fr;q=0.9
Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

date
Thu, 21 Mar 2024 12:05:14 GMT
content-encoding
br
x-content-type-options
nosniff
age
76215
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
15865
x-xss-protection
0
last-modified
Thu, 14 Mar 2024 15:48:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="botguard-scs"
vary
Accept-Encoding
report-to
{"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Fri, 21 Mar 2025 12:05:14 GMT
allopass-logo-small.svg
payment.allopass.com/static/css/images/ Frame F239 		116 KB
116 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://payment.allopass.com/static/css/images/allopass-logo-small.svg
Requested by
Host: payment.allopass.com
URL: https://payment.allopass.com/static/css/base.css?68
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
185.119.26.1 , France, ASN203544 (WEBDEVIIN-AS, FR),
Reverse DNS
1.26.119.185.in-addr.arpa
Software
Apache /
Resource Hash
a82d1b3a85473bad87120c7d6b42782c0b5132e88feab8d6bd22a65ac85f70d4

Request headers

accept-language
fr-FR,fr;q=0.9
Referer
https://payment.allopass.com/static/css/base.css?68
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

Date
Fri, 22 Mar 2024 09:15:29 GMT
Last-Modified
Mon, 21 Aug 2023 10:50:27 GMT
Server
Apache
ETag
"40f96-1cf64-6036ca56d02c0"
Content-Type
image/svg+xml
Connection
close
Accept-Ranges
bytes
Content-Length
118628
carousel-row-mobiyo.png
payment.allopass.com/static/css/images/ Frame F239 		87 KB
87 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://payment.allopass.com/static/css/images/carousel-row-mobiyo.png
Requested by
Host: payment.allopass.com
URL: https://payment.allopass.com/static/css/carousel.css?68
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
185.119.26.1 , France, ASN203544 (WEBDEVIIN-AS, FR),
Reverse DNS
1.26.119.185.in-addr.arpa
Software
Apache /
Resource Hash
5b0231eec0d06b77f534fe202e99a40e89685551d6f1afdebc3c581e3ea76a0b

Request headers

accept-language
fr-FR,fr;q=0.9
Referer
https://payment.allopass.com/static/css/carousel.css?68
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

Date
Fri, 22 Mar 2024 09:15:29 GMT
Last-Modified
Mon, 21 Aug 2023 10:50:27 GMT
Server
Apache
ETag
"21957-15a80-6036ca56d02c0"
Content-Type
image/png
Connection
close
Accept-Ranges
bytes
Content-Length
88704
carousel-row.png
payment.allopass.com/static/css/images/ Frame F239 		87 KB
87 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://payment.allopass.com/static/css/images/carousel-row.png
Requested by
Host: payment.allopass.com
URL: https://payment.allopass.com/static/css/carousel.css?68
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
185.119.26.1 , France, ASN203544 (WEBDEVIIN-AS, FR),
Reverse DNS
1.26.119.185.in-addr.arpa
Software
Apache /
Resource Hash
3826392fad8affe0e8f105c96299f4b3550fdd588c90603a12cc3db9b8e529c0

Request headers

accept-language
fr-FR,fr;q=0.9
Referer
https://payment.allopass.com/static/css/carousel.css?68
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

Date
Fri, 22 Mar 2024 09:15:29 GMT
Last-Modified
Mon, 21 Aug 2023 10:50:27 GMT
Server
Apache
ETag
"2173e-15c04-6036ca56d02c0"
Content-Type
image/png
Connection
close
Accept-Ranges
bytes
Content-Length
89092
destination
www.googletagmanager.com/gtag/ Frame F239 		305 KB
101 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtag/destination?id=G-QG320G96PZ&l=dataLayer&cx=c
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-NVK252XV
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:806::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
6e5aa4889334c5b4bc0cf76a7db171823d40a012d638f93a7885ed09134b4bef
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

accept-language
fr-FR,fr;q=0.9
Referer
https://payment.allopass.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

date
Fri, 22 Mar 2024 09:15:29 GMT
content-encoding
br
strict-transport-security
max-age=31536000; includeSubDomains
server
Google Tag Manager
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
access-control-allow-headers
Cache-Control
content-length
102779
x-xss-protection
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires
Fri, 22 Mar 2024 09:15:29 GMT
generate_204
tpc.googlesyndication.com/ Frame D033 		0
10 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/generate_204?UGMhLA
Requested by
Host: www.pmuparfait.ht.cx
URL: http://www.pmuparfait.ht.cx/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80e::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
fr-FR,fr;q=0.9
Referer
https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

date
Fri, 22 Mar 2024 09:15:29 GMT
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
chk.php
gmu-apps.com/ Frame F239 		0
94 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://gmu-apps.com/chk.php
Requested by
Host: www.pmuparfait.ht.cx
URL: http://www.pmuparfait.ht.cx/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.67.110.253 San Jose, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-54-67-110-253.us-west-1.compute.amazonaws.com
Software
Apache /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://payment.allopass.com/
accept-language
fr-FR,fr;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36
Content-Type
application/x-www-form-urlencoded

Response headers

access-control-allow-origin
*
date
Fri, 22 Mar 2024 09:15:30 GMT
server
Apache
content-length
0
content-type
text/html; charset=UTF-8
sodar
pagead2.googlesyndication.com/pagead/ Frame DB72 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&t=2&li=gda_r20240320&jk=2667476507156639&bg=!X1ylXBPNAAZaswqNerM7ADQBe5WfOIX9RNrW_dntaZfG0E5IIuWCZHDJb78lvcuj-CYdrtndp6ShNBxKD61Wcb59oOpYAgAAAP5SAAAAA2gBB34ANWXAqbzS43NjDoRRdTd8XywgN2w9tQjXxx9SnB_UcrgMbjzTpSYjMyY27qLAGiC18S_xgKnzmQKG2QOoP5rL4K_K8E_t-v4oOLiDod0sYk8IIbzGEqjnV1FcbolmYAVflvOn9Giq5LWv122pZyBvIG-8zkiFf9MCMDbm180WPq3jn6LhrGQr2MKjxGyHdg6O1eo6yrBswh5beyUPyKTLwpl4EGKrO-Uu86EA_TCENxFr_Fhc756LKJ1X5Dcwk0mC7ovMxpsC3riFpJFbUaG1mN2R2XAgMx1_CnMddnQYV_9jn6IWbCtXNB2c9FpPzeO1--5xygoyPxHKbmmbAN9SWN3EMXMvQZwf46N74n13ZAKTOP66Byig5qBc0NfFWfm_FNPZeMt75YnzcW6BbpSGHbAc3UzX-xgLT_2OG4YB0_90kyA3huJYmrsFDMbqHwIxxU3AXEFkN3axFLWE5wotdPCG02q8hLoHqPaz1F6msuL-g89NfN_iQDXbLKIWos_IWZ_LtOFdx0xsyizDoMylvBZbG_UEOqhxIk38y9O26ouwuJAYKaVdj9WEys7U9m18EejVZ3ZMc3ODre82qtRZntnoR1ND3Pk027q1P7Zw4jxQxI_YsWeTlWHjHXia2D6IDF1DAwghQ1_7q39t-oHh-mhvCdrnmSuybCaqIxFMdrFqzigMJTxL488ZSZNfEaAMDzjqvwjJCF7NfsKZKlRKMzJgigA7FqFL8gr6JIV5QY0CVq2Fbf9AhVtOV5WlxRPekTX_eELgdF6lCxkE4RCmurubZIiroOKc5jFAs-5GmF9htCM-zhfy7po3Qv_LSAKn3I1mJ1A6_U4OXu9NgQ2x7NELC4-cGqdN1VoeeEt4NDAsGtO9o-shtgJlCWBbIhcx-ssrF7_oAwvyKH2gZLsHpEC-iJmG107X86KSJUQoCA
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
fr-FR,fr;q=0.9
Referer
http://www.pmuparfait.ht.cx/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain
www.duvaldestin.com
URL
http://www.duvaldestin.com/logo.gif
Domain
jmbazire.genhit.com
URL
http://jmbazire.genhit.com/logo
Domain
www.pariturf.info
URL
http://www.pariturf.info/wp-content/uploads/2008/12/turf.jpg

Verdicts & Comments Add Verdict or Comment

7 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| 0 object| 1 object| 2 object| google_reactive_ads_global_state object| google_ad_modifications number| google_global_correlator object| google_prev_clients

3 Cookies

Domain/Path Name / Value
payment.allopass.com/ Name: ShopSessionId
Value: 0e1ed615-03c3-4c06-beb9-a004d71811cd
.allopass.com/ Name: AP_CUSK
Value: 3647074121
.ht.cx/ Name: __eoi
Value: ID=b975fd2cad318878:T=1711098927:RT=1711098927:S=AA-AfjYzwFqMfRoldgQ8wdYLDgvA

44 Console Messages

Source Level URL
Text
network error URL: http://jmbazire.genhit.com/logo
Message:
Failed to load resource: net::ERR_NAME_NOT_RESOLVED
network error URL: http://www.duvaldestin.com/logo.gif
Message:
Failed to load resource: net::ERR_NAME_NOT_RESOLVED
network error URL: http://www.pariturf.info/wp-content/uploads/2008/12/turf.jpg
Message:
Failed to load resource: net::ERR_NAME_NOT_RESOLVED
other warning URL: http://www.pmuparfait.ht.cx/
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: http://www.pmuparfait.ht.cx/
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
network error URL: https://www.lexpress.fr/pictures/483/247546_des-billets-de-banque-de-500-200-et-100-euros.jpg
Message:
Failed to load resource: the server responded with a status of 404 ()
other warning URL: http://www.pmuparfait.ht.cx/
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: http://www.pmuparfait.ht.cx/
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: http://www.pmuparfait.ht.cx/
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: http://www.pmuparfait.ht.cx/
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: http://www.pmuparfait.ht.cx/
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: http://www.pmuparfait.ht.cx/
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: http://www.pmuparfait.ht.cx/
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: http://www.pmuparfait.ht.cx/
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: http://www.pmuparfait.ht.cx/
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: http://www.pmuparfait.ht.cx/
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: http://www.pmuparfait.ht.cx/
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: http://www.pmuparfait.ht.cx/
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: http://www.pmuparfait.ht.cx/
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: http://www.pmuparfait.ht.cx/
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: http://www.pmuparfait.ht.cx/
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: http://www.pmuparfait.ht.cx/
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: http://www.pmuparfait.ht.cx/
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: http://www.pmuparfait.ht.cx/
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: http://www.pmuparfait.ht.cx/
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: http://www.pmuparfait.ht.cx/
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: http://www.pmuparfait.ht.cx/
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: http://www.pmuparfait.ht.cx/
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: http://www.pmuparfait.ht.cx/
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: http://www.pmuparfait.ht.cx/
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: http://www.pmuparfait.ht.cx/
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: http://www.pmuparfait.ht.cx/
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: http://www.pmuparfait.ht.cx/
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: http://www.pmuparfait.ht.cx/
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: http://www.pmuparfait.ht.cx/
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: http://www.pmuparfait.ht.cx/
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: http://www.pmuparfait.ht.cx/
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: http://www.pmuparfait.ht.cx/
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: http://www.pmuparfait.ht.cx/
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: http://www.pmuparfait.ht.cx/
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: http://www.pmuparfait.ht.cx/
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: http://www.pmuparfait.ht.cx/
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: http://www.pmuparfait.ht.cx/
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: http://www.pmuparfait.ht.cx/
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

gmu-apps.com
jmbazire.genhit.com
pagead2.googlesyndication.com
payment.allopass.com
tpc.googlesyndication.com
www.bazireturf.com
www.duvaldestin.com
www.googletagmanager.com
www.lexpress.fr
www.pariturf.info
www.pmuparfait.ht.cx
www.tresorturf.com
www.venez.fr
jmbazire.genhit.com
www.duvaldestin.com
www.pariturf.info
185.119.26.1
194.150.236.179
194.150.236.236
2a00:1450:4001:806::2008
2a00:1450:4001:80e::2001
2a00:1450:4001:830::2002
2a02:26f0:4700::210:222
2a02:26f0:4700::210:229
5.135.149.81
54.67.110.253
033e863b5e21da2a5ba0ed66de50b6224551b33ea6f3960e7b846ef2bd100864
0a58062c94fe6a7305169fe33dc48f813a4d8d605fa01b4f2ea75826fc18aeb4
0c91a24c2deb753c963c48cd9c3e5d16ee96128b30bce193c4324e121728c306
0dde7e295d86838adc5345f2ba9a53f6066c9140630437da9a6f5a693b2eef07
0e8ed161c3d205bdde764c1b59a8e950cfb58020a13cf6ef4f22b7da65af02d3
16393c3e769e20445f7f78adf6a188dae9d932249842c1033dc2144bac1296ac
1decf61f3465e4585a9a8cd868c343796bb6f43dfd1f03fa0b361dab97b4627c
25291c187618ea3e6c52a26a94dce23b5b70f863afb97da8c312d6c0f430048c
29ccac1ac24bd5b69df39e975080564a703236c8a3a7a1ca7501058798de188e
3289fc83b622ca0a13683fa81b006a05de135d1938744d6e30e5c9be2f2d782a
3826392fad8affe0e8f105c96299f4b3550fdd588c90603a12cc3db9b8e529c0
3975eb898756e296608f964f0fe799ecf25bbf79467666a3c3218dad3db1de6e
49d4ba84e10d9d1f2a83956dde4f20625fd11efc01f60a3a4552a9e09a05a74f
54df4beda3ad05d5c621511ff15b2882588ff457e36132035d5f21fb29f2a750
55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a
5ad22114c09f306850072abf395b8fd95b7f00bb7fe946efdf6eea24cce91ce1
5b0231eec0d06b77f534fe202e99a40e89685551d6f1afdebc3c581e3ea76a0b
61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb
6708a8ec82fad521076f2579c9873b1335aad3bd231cdb2972ea0bfb38689d97
6d31dba77872aed625c09e0d94882985e783d826731aa68f6c923475340d159e
6e5aa4889334c5b4bc0cf76a7db171823d40a012d638f93a7885ed09134b4bef
7db690b9943ae41e0f5b5d97e7013f7324b9fdd26ea63269e15b59a65056aa1b
7dc792d48132ff15a9ad8c11a139bf26f8e13aa3df30a71582ae406ddffdab4f
7ffb9e58d885b0eaf644c52103b65f0019590149c75e77ff18f826d9bb3fa4e9
8733d968683059cfbd14d751162fa63029dfe3e990a78642486f2e7ab4dc6837
8db08a66fc20669ae93e6d8e919f56a863ce77d3e1ea0bb97efc4c35da450435
97a9de3830f4bd7bcb7cf4805dbdcf1f4c6e843fcd4a814c6a5d7bc2b11fee1a
a82d1b3a85473bad87120c7d6b42782c0b5132e88feab8d6bd22a65ac85f70d4
b74d93c2e43195ed06c03dcc855663cce5faec3d82a53598eb84f0714bb5ced9
b87f66e31e319b3806104dd2a89ec09836e8296a6969819956ef70dc5c3ed4fe
b88598db6441341112078d3c81ea00ddf76e566ad9c68dcfec28a4d5100ca7b8
c0a130d7b90ac605b17acd40337aa673f2f6b1779801ba8ea7d894d38b87ba36
c1893b3f02db32e36ee562842bc299d27c047656416c204667abf42f04777d2a
c4a07b2c63ada528a7d8fcd01141b48a06ca4c11da87ffe6eadf84eed37eb4a0
c8370a2d050359e9d505acc411e6f457a49b21360a21e6cbc9229bad3a767899
cdca24fd19906ad7adbf066e55d3ee87750c3901e9b5d1beb538408274d32109
d176bb09818fe74dc0e1d369c411c2e3ca68bbf64a8eb76b43ec306520229833
d1ada044d0730b2dbe0402c35079840717e7f490c5517b2c0b38913ae0c0825a
d24b6d24ae71ef20dbebb772f0b70e91bc29876acfa192e87032d83845f57e19
e3a0169c93ee99ee209e212f1f9b711712aa8546cd9bc4a8f4bc431df18dabde
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
ea9ba104cbb54a88b7825f40c81e0ff063a6febe4d03ced933adef1f21d7de49
ecb916133a9376911f10bc5c659952eb0031e457f5df367cde560edbfba38fb8
faf063f091dd745b82f9aeb12544a10ef3ee5989078c1a90d377d863fff884c7
fbb07cf3a933eee4f565c96c916479bfcf2b1e93edce9063528de331118d0303