urlscan.io logo urlscan.io
SecurityTrails logo

maxigainpmu.com Open in urlscan Pro
91.216.107.79  Public Scan

Go To Rescan Add Verdict Report
URL: https://maxigainpmu.com/maxigain_abonnement.php
Submission: On March 01 via manual from SN — Scanned from FR
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 16 IPs in 3 countries across 21 domains to perform 70 HTTP transactions. The main IP is 91.216.107.79, located in France and belongs to LWS, FR. The main domain is maxigainpmu.com.
TLS certificate: Issued by R3 on February 4th 2023. Valid for: 3 months.
This is the only time maxigainpmu.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
22 91.216.107.79 210403 (LWS)
2 198.187.31.103 22612 (NAMECHEAP...)
2 4 2606:4700:303... 13335 (CLOUDFLAR...)
2 2001:bc8:1200... 12876 (Online SAS)
1 194.150.236.190 44976 (HIWIT_AS)
1 5.196.45.21 16276 (OVH)
1 2 54.37.56.116 16276 (OVH)
1 2 46.105.249.222 16276 (OVH)
3 2a06:98c1:312... 13335 (CLOUDFLAR...)
18 185.119.26.1 203544 (WEBDEVIIN-AS)
1 2a00:1450:400... 15169 (GOOGLE)
2 13.56.219.150 16509 (AMAZON-02)
1 2a00:1450:400... 15169 (GOOGLE)
5 151.101.194.137 54113 (FASTLY)
1 162.247.241.14 23467 (NEWRELIC-...)
70 16
22    91.216.107.79 (France)

ASN210403 (LWS, FR)
maxigainpmu.com
2    198.187.31.103 (United States)

ASN22612 (NAMECHEAP-NET, US)
PTR: premium10-5.web-hosting.com
www.resizup.com
4    2606:4700:3038::6815:ea1b (United States)

ASN13335 (CLOUDFLARENET, US)
img.root-top.com
2    2001:bc8:1200:1b01::1 (France)

ASN12876 (Online SAS, FR)
i.goopics.net
1    194.150.236.190 (France)

ASN44976 (HIWIT_AS, FR)
PTR: ns30.hiwit.net
www.kadopronos.com
1    5.196.45.21 (Criquebeuf-la-Campagne, France)

ASN16276 (OVH, FR)
PTR: ip21.ip-5-196-45.eu
www.legagnant.com
2    54.37.56.116 (France)

ASN16276 (OVH, FR)
PTR: ip116.ip-54-37-56.eu
www.ajoutezvotresite.com
2    46.105.249.222 (France)

ASN16276 (OVH, FR)
PTR: ip222.ip-46-105-249.eu
www.classement.pro
3    2a06:98c1:3120::c (United States)

ASN13335 (CLOUDFLARENET, US)
www.roboroscope-turf.fr
18    185.119.26.1 (France)

ASN203544 (WEBDEVIIN-AS, FR)
PTR: 1.26.119.185.in-addr.arpa
payment.allopass.com
1    2a00:1450:400d:80e::2008 (Ireland)

ASN15169 (GOOGLE, US)
www.googletagmanager.com
2    13.56.219.150 (San Jose, United States)

ASN16509 (AMAZON-02, US)
PTR: ec2-13-56-219-150.us-west-1.compute.amazonaws.com
gmu-apps.com
1    2a00:1450:400d:806::200e (Ireland)

ASN15169 (GOOGLE, US)
www.google-analytics.com
5    151.101.194.137 (United States)

ASN54113 (FASTLY, US)
js-agent.newrelic.com
1    162.247.241.14 (Apex, United States)

ASN23467 (NEWRELIC-AS-1, US)
bam.nr-data.net
Domain Requested by
22 maxigainpmu.com maxigainpmu.com
18 payment.allopass.com maxigainpmu.com
payment.allopass.com
5 js-agent.newrelic.com payment.allopass.com
4 img.root-top.com 2 redirects maxigainpmu.com
3 www.roboroscope-turf.fr maxigainpmu.com
2 gmu-apps.com payment.allopass.com
maxigainpmu.com
2 www.classement.pro 1 redirects maxigainpmu.com
2 www.ajoutezvotresite.com 1 redirects maxigainpmu.com
2 i.goopics.net maxigainpmu.com
2 www.resizup.com maxigainpmu.com
1 bam.nr-data.net js-agent.newrelic.com
1 www.google-analytics.com www.googletagmanager.com
1 www.googletagmanager.com payment.allopass.com
1 www.legagnant.com maxigainpmu.com
1 www.kadopronos.com maxigainpmu.com
0 www.widgeo.net Failed maxigainpmu.com
0 www.pronostic-facile.fr Failed maxigainpmu.com
0 lemagicienduturf.free.fr Failed maxigainpmu.com
0 www.auplod.com Failed maxigainpmu.com
0 www.rapidoweb.free.fr Failed maxigainpmu.com
0 images-pmu.hol.es Failed maxigainpmu.com
0 benturf.com Failed maxigainpmu.com
70 22
Subject Issuer Validity Valid
maxigainpmu.com
R3		 2023-02-04 -
2023-05-05		 3 months crt.sh
resizup.com
Sectigo RSA Domain Validation Secure Server CA		 2022-11-28 -
2023-11-28		 a year crt.sh
sni.cloudflaressl.com
Cloudflare Inc ECC CA-3		 2022-06-06 -
2023-06-05		 a year crt.sh
kadopronos.com
R3		 2023-02-13 -
2023-05-14		 3 months crt.sh
legagnant.com
R3		 2023-01-12 -
2023-04-12		 3 months crt.sh
*.allopass.com
Sectigo RSA Domain Validation Secure Server CA		 2022-10-07 -
2023-10-07		 a year crt.sh
*.google-analytics.com
GTS CA 1C3		 2023-02-08 -
2023-05-03		 3 months crt.sh
gmu-apps.com
Amazon RSA 2048 M01		 2023-02-10 -
2024-01-30		 a year crt.sh
js-agent.newrelic.com
GlobalSign Atlas R3 DV TLS CA 2022 Q2		 2022-07-10 -
2023-08-11		 a year crt.sh
*.nr-data.net
DigiCert TLS RSA SHA256 2020 CA1		 2022-11-18 -
2023-12-19		 a year crt.sh

This page contains 2 frames:

Primary Page: https://maxigainpmu.com/maxigain_abonnement.php
Frame ID: 2C782BF8FA075623E8A713E342333F28
Requests: 42 HTTP requests in this frame

Frame: https://payment.allopass.com/buy/buy.apu?ids=354074&idd=1545532
Frame ID: 27AD6A1E0832519C86BA9D6131447D7F
Requests: 28 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page Title

maxigainpmu

Detected technologies

Overall confidence: 100%
Detected patterns
  • /wp-(?:content|includes)/
Overall confidence: 100%
Detected patterns
  • \.php(?:$|\?)
Overall confidence: 100%
Detected patterns
  • fingerprint(\d)?(?:\.min)?\.js
Overall confidence: 100%
Detected patterns
  • google-analytics\.com/(?:ga|urchin|analytics)\.js
Overall confidence: 100%
Detected patterns
  • googletagmanager\.com/gtm\.js
Overall confidence: 100%
Detected patterns
  • jquery[.-]([\d.]*\d)[^/]*\.js
  • jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

Page Statistics

70
Requests

84 %
HTTPS

33 %
IPv6

21
Domains

22
Subdomains

16
IPs

3
Countries

2748 kB
Transfer

3304 kB
Size

3
Cookies

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 9
  • https://img.root-top.com/topsite/kadopronos/banner.gif HTTP 302
  • https://i.goopics.net/LnmwA.gif
Request Chain 11
  • https://img.root-top.com/topsite/maxigains/banner.gif HTTP 302
  • https://i.goopics.net/PX04d.gif
Request Chain 15
  • https://www.ajoutezvotresite.com/button.php?u=maxigainpmu HTTP 302
  • https://www.ajoutezvotresite.com/images/button2.gif
Request Chain 17
  • https://www.classement.pro/button.php?u=maxigainpmu&buttontype=static HTTP 302
  • https://www.classement.pro/images/button.gif
Request Chain 23
  • https://img.root-top.com/topsite/exelturf/banner.gif HTTP 302
  • https://lemagicienduturf.free.fr/images/exelturf.jpg

70 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Primary Request maxigain_abonnement.php
maxigainpmu.com/ 		13 KB
4 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://maxigainpmu.com/maxigain_abonnement.php
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
91.216.107.79 , France, ASN210403 (LWS, FR),
Reverse DNS
Software
nginx / PHP/5.6.40
Resource Hash
00082986c795016e29267aa88bd228dfaf6d68d60fe9f09f80024b7cd9796e62

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36
accept-language
fr-FR,fr;q=0.9

Response headers

cache-control
no-store, no-cache, must-revalidate, post-check=0, pre-check=0
content-encoding
br
content-length
3605
content-type
text/html; charset=UTF-8
date
Wed, 01 Mar 2023 11:08:33 GMT
expires
Thu, 19 Nov 1981 08:52:00 GMT
pragma
no-cache
server
nginx
vary
Accept-Encoding
x-powered-by
PHP/5.6.40
css.css
maxigainpmu.com/css/ 		10 KB
2 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://maxigainpmu.com/css/css.css
Requested by
Host: maxigainpmu.com
URL: https://maxigainpmu.com/maxigain_abonnement.php
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
91.216.107.79 , France, ASN210403 (LWS, FR),
Reverse DNS
Software
nginx /
Resource Hash
79672c76e95d72f61220bbdc006493172a17a533982efcaaaeb667a92ed4c076

Request headers

accept-language
fr-FR,fr;q=0.9
Referer
https://maxigainpmu.com/maxigain_abonnement.php
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date
Wed, 01 Mar 2023 11:08:33 GMT
content-encoding
br
last-modified
Wed, 02 Aug 2017 20:46:37 GMT
server
nginx
etag
"284b-555cb5c365d05-br"
vary
Accept-Encoding
content-type
text/css
accept-ranges
bytes
content-length
1874
lock.png
maxigainpmu.com/img/ 		362 B
497 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://maxigainpmu.com/img/lock.png
Requested by
Host: maxigainpmu.com
URL: https://maxigainpmu.com/maxigain_abonnement.php
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
91.216.107.79 , France, ASN210403 (LWS, FR),
Reverse DNS
Software
nginx /
Resource Hash
a00c7e7d968d40c0ebfdc1d6feadf84db47747dd631bde6b22a2e7318dbc26ad

Request headers

accept-language
fr-FR,fr;q=0.9
Referer
https://maxigainpmu.com/maxigain_abonnement.php
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date
Wed, 01 Mar 2023 11:08:33 GMT
last-modified
Sun, 30 Jul 2017 18:16:49 GMT
server
nginx
accept-ranges
bytes
etag
"16a-5558ceafeb545"
content-length
362
content-type
image/png
logo.png
maxigainpmu.com/img/ 		53 KB
53 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://maxigainpmu.com/img/logo.png
Requested by
Host: maxigainpmu.com
URL: https://maxigainpmu.com/maxigain_abonnement.php
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
91.216.107.79 , France, ASN210403 (LWS, FR),
Reverse DNS
Software
nginx /
Resource Hash
8a051a3fb46cc9c481524b845fc219d8e39620d6abf9c21008ba8e7349af2a07

Request headers

accept-language
fr-FR,fr;q=0.9
Referer
https://maxigainpmu.com/maxigain_abonnement.php
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date
Wed, 01 Mar 2023 11:08:33 GMT
last-modified
Sun, 30 Jul 2017 18:16:51 GMT
server
nginx
accept-ranges
bytes
etag
"d50d-5558ceb17a415"
content-length
54541
content-type
image/png
maxigain.gif
maxigainpmu.com/ 		416 KB
417 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://maxigainpmu.com/maxigain.gif
Requested by
Host: maxigainpmu.com
URL: https://maxigainpmu.com/maxigain_abonnement.php
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
91.216.107.79 , France, ASN210403 (LWS, FR),
Reverse DNS
Software
nginx /
Resource Hash
81f073b99a782a5eebcded1f5c69d36297e50eefe3f7f46a3c43bab96804e93c

Request headers

accept-language
fr-FR,fr;q=0.9
Referer
https://maxigainpmu.com/maxigain_abonnement.php
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date
Wed, 01 Mar 2023 11:08:33 GMT
last-modified
Sun, 30 Jul 2017 18:15:45 GMT
server
nginx
accept-ranges
bytes
etag
"680a4-5558ce723a9ad"
content-length
426148
content-type
image/gif
zeturf.jpg
maxigainpmu.com/img/ 		9 KB
9 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://maxigainpmu.com/img/zeturf.jpg
Requested by
Host: maxigainpmu.com
URL: https://maxigainpmu.com/maxigain_abonnement.php
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
91.216.107.79 , France, ASN210403 (LWS, FR),
Reverse DNS
Software
nginx /
Resource Hash
8e26ac0c23d9ca30d34ee60f78cf88636f6f5cd92dcf45d0d87f9f7fb815e309

Request headers

accept-language
fr-FR,fr;q=0.9
Referer
https://maxigainpmu.com/maxigain_abonnement.php
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date
Wed, 01 Mar 2023 11:08:33 GMT
last-modified
Wed, 02 Aug 2017 20:09:45 GMT
server
nginx
accept-ranges
bytes
etag
"24a9-555cad8600aff"
content-length
9385
content-type
image/jpeg
pub.png
maxigainpmu.com/img/ 		124 KB
124 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://maxigainpmu.com/img/pub.png
Requested by
Host: maxigainpmu.com
URL: https://maxigainpmu.com/maxigain_abonnement.php
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
91.216.107.79 , France, ASN210403 (LWS, FR),
Reverse DNS
Software
nginx /
Resource Hash
648d002916d0209ee12ace793d518b7ff15b0267490e4e5fd3ee04722a47ee98

Request headers

accept-language
fr-FR,fr;q=0.9
Referer
https://maxigainpmu.com/maxigain_abonnement.php
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date
Wed, 01 Mar 2023 11:08:33 GMT
last-modified
Sun, 30 Jul 2017 18:17:00 GMT
server
nginx
accept-ranges
bytes
etag
"1ee95-5558ceba257e5"
content-length
126613
content-type
image/png
benturf.gif
benturf.com/ 		0
0
couplec.png
www.resizup.com/images/2017/10/30/ 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.resizup.com/images/2017/10/30/couplec.png
Requested by
Host: maxigainpmu.com
URL: https://maxigainpmu.com/maxigain_abonnement.php
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
198.187.31.103 , United States, ASN22612 (NAMECHEAP-NET, US),
Reverse DNS
premium10-5.web-hosting.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
fr-FR,fr;q=0.9
Referer
https://maxigainpmu.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers
headBANN.png
www.resizup.com/images/2017/10/08/ 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.resizup.com/images/2017/10/08/headBANN.png
Requested by
Host: maxigainpmu.com
URL: https://maxigainpmu.com/maxigain_abonnement.php
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
198.187.31.103 , United States, ASN22612 (NAMECHEAP-NET, US),
Reverse DNS
premium10-5.web-hosting.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
fr-FR,fr;q=0.9
Referer
https://maxigainpmu.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers
LnmwA.gif
i.goopics.net/
Redirect Chain
  • https://img.root-top.com/topsite/kadopronos/banner.gif
  • https://i.goopics.net/LnmwA.gif
14 KB
14 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://i.goopics.net/LnmwA.gif
Requested by
Host: maxigainpmu.com
URL: https://maxigainpmu.com/maxigain_abonnement.php
Protocol
H2
Server
2001:bc8:1200:1b01::1 , France, ASN12876 (Online SAS, FR),
Reverse DNS
Software
nginx/1.18.0 /
Resource Hash
cf1cc11c728c992b102d06d1c56550ee351d7ee9e277a855ec63e7f675e3f495

Request headers

accept-language
fr-FR,fr;q=0.9
Referer
https://maxigainpmu.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date
Wed, 01 Mar 2023 11:08:33 GMT
x-openstack-request-id
tx45cc65be2f9a418787953-0063fa9118
last-modified
Sun, 21 Nov 2021 01:23:57 GMT
server
nginx/1.18.0
x-iplb-request-id
339F9F8C:E32A_3626E64B:01BB_63FA9118_266B0F5:219B1
etag
48ec6f5f876a893e45d2a0283bb15f10
x-iplb-instance
12308
x-cache-status
HIT
x-object-meta-mtime
1594675026
content-type
image/gif
access-control-allow-origin
*
x-timestamp
1637457836.47758
accept-ranges
bytes
content-length
14129
x-trans-id
tx45cc65be2f9a418787953-0063fa9118

Redirect headers

date
Wed, 01 Mar 2023 11:08:33 GMT
cf-cache-status
BYPASS
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Hxf7JJKJBXr4pZGxGf55nSNUiuLnzGqWTUA%2FUg%2ByX721zlp3iU3v9ggGGtTnE7y%2Brpj%2BahxoZ%2B982AEvGR0x92FUe5s3tGu42hDgq9RpEzI7Dfm%2FzxWyAlcMNVBi2Xo5m8i8GLL1i6vb4D2sRwGY"}],"group":"cf-nel","max_age":604800}
content-type
text/html; charset=UTF-8
location
https://i.goopics.net/LnmwA.gif
cf-ray
7a10f156696df14c-CDG
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
banner.gif
img.root-top.com/topsite/baseturf/ 		20 KB
20 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://img.root-top.com/topsite/baseturf/banner.gif
Requested by
Host: maxigainpmu.com
URL: https://maxigainpmu.com/maxigain_abonnement.php
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3038::6815:ea1b , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
0fa5936c50ffea51d18470af0069b4e79c3b43c337185611e775a6a7133e6a12

Request headers

accept-language
fr-FR,fr;q=0.9
Referer
https://maxigainpmu.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date
Wed, 01 Mar 2023 11:08:33 GMT
cf-cache-status
HIT
last-modified
Mon, 27 Feb 2023 14:13:21 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
age
161712
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=0TXrvAhySKXsL5i%2FIgI%2B58BeGx4sWO5LOLUBJXVhIkK%2FoGXBP63ngsK2xI76ZQNTFlFyVOIIwaTm%2FXN0ti3Og0qIj9E680ttu8jhNLh2Flkxdji63FgIj6c4jQDrhJBnqplkxhHUDqz5xhy6vn9w"}],"group":"cf-nel","max_age":604800}
content-type
image/gif
cache-control
max-age=14400, must-revalidate
accept-ranges
bytes
cf-ray
7a10f156696ff14c-CDG
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
20473
expires
Thu, 02 Mar 2023 14:13:21 GMT
PX04d.gif
i.goopics.net/
Redirect Chain
  • https://img.root-top.com/topsite/maxigains/banner.gif
  • https://i.goopics.net/PX04d.gif
204 KB
205 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://i.goopics.net/PX04d.gif
Requested by
Host: maxigainpmu.com
URL: https://maxigainpmu.com/maxigain_abonnement.php
Protocol
H2
Server
2001:bc8:1200:1b01::1 , France, ASN12876 (Online SAS, FR),
Reverse DNS
Software
nginx/1.18.0 /
Resource Hash
7047a1c38d5aa14077198535062c8294a3fadc721030cb5c3d154fc988a4a431

Request headers

accept-language
fr-FR,fr;q=0.9
Referer
https://maxigainpmu.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date
Wed, 01 Mar 2023 11:08:33 GMT
x-openstack-request-id
txf3a6ca282fa54208a6da4-0063fae3b2
last-modified
Sun, 21 Nov 2021 03:46:46 GMT
server
nginx/1.18.0
x-iplb-request-id
339F9F8C:81EA_5762BBC9:01BB_63FAE3B2_2903B9C:1E6B8
etag
e4ac032f30bdaf9cf751eae5b786cfe1
x-iplb-instance
42085
x-cache-status
HIT
x-object-meta-mtime
1594275471
content-type
image/gif
access-control-allow-origin
*
x-timestamp
1637466405.26519
accept-ranges
bytes
content-length
208871
x-trans-id
txf3a6ca282fa54208a6da4-0063fae3b2

Redirect headers

date
Wed, 01 Mar 2023 11:08:33 GMT
cf-cache-status
BYPASS
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=n3lKLGqWjKEwrZ%2F9w%2F0KlI0w7pI7p8CeszTgtCw03CjmrgslDHMO3PUqRWHzhmyVB%2FvuQ3c7REiSUzSxdWsrIw86lyDjwoy4NpQweFhG4%2FC5jAr16aZpWyK1fsSpmSH6AKFmIGlr83iNlki4Ax%2BV"}],"group":"cf-nel","max_age":604800}
content-type
text/html; charset=UTF-8
location
https://i.goopics.net/PX04d.gif
cf-ray
7a10f1566970f14c-CDG
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
e4da3b7fbbce2345d7772b0674a318d5_90x60.gif
images-pmu.hol.es/gallery_gen/ 		0
0
logo.gif
www.kadopronos.com/ 		21 KB
21 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.kadopronos.com/logo.gif
Requested by
Host: maxigainpmu.com
URL: https://maxigainpmu.com/maxigain_abonnement.php
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
194.150.236.190 , France, ASN44976 (HIWIT_AS, FR),
Reverse DNS
ns30.hiwit.net
Software
Apache /
Resource Hash
ccbbbd90275e710d90aef52a56eae643a1f37efd6152467a3087947470d49616
Security Headers
Name Value
Strict-Transport-Security max-age=15768000

Request headers

accept-language
fr-FR,fr;q=0.9
Referer
https://maxigainpmu.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

Date
Wed, 01 Mar 2023 11:08:33 GMT
Strict-Transport-Security
max-age=15768000
Last-Modified
Thu, 03 May 2018 10:09:50 GMT
Server
Apache
ETag
"9797a3-5338-56b4a67655780"
Vary
Host
Content-Type
image/gif
Connection
Keep-Alive
Accept-Ranges
bytes
Keep-Alive
timeout=10, max=100
Content-Length
21304
pv80.png
www.legagnant.com/ 		2 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.legagnant.com/pv80.png
Requested by
Host: maxigainpmu.com
URL: https://maxigainpmu.com/maxigain_abonnement.php
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
5.196.45.21 Criquebeuf-la-Campagne, France, ASN16276 (OVH, FR),
Reverse DNS
ip21.ip-5-196-45.eu
Software
Apache / PleskLin
Resource Hash
aa44d4366254f3abf48736409d8e5a68db425ea8411e03ffefcbb23f8093501d
Security Headers
Name Value
Strict-Transport-Security max-age=300; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

accept-language
fr-FR,fr;q=0.9
Referer
https://maxigainpmu.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

Date
Wed, 01 Mar 2023 11:08:33 GMT
Strict-Transport-Security
max-age=300; includeSubDomains; preload
X-Content-Type-Options
nosniff
Last-Modified
Wed, 10 Oct 2018 12:03:42 GMT
Server
Apache
X-Powered-By
PleskLin
Vary
User-Agent
Content-Type
image/png
Cache-Control
max-age=3024000, public
Connection
keep-alive, Keep-Alive
Accept-Ranges
bytes
Keep-Alive
timeout=5, max=100
Content-Length
2124
X-XSS-Protection
1; mode=block
Expires
Wed, 05 Apr 2023 11:08:33 GMT
button2.gif
www.ajoutezvotresite.com/images/
Redirect Chain
  • https://www.ajoutezvotresite.com/button.php?u=maxigainpmu
  • https://www.ajoutezvotresite.com/images/button2.gif
829 B
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.ajoutezvotresite.com/images/button2.gif
Requested by
Host: maxigainpmu.com
URL: https://maxigainpmu.com/maxigain_abonnement.php
Protocol
HTTP/1.1
Server
54.37.56.116 , France, ASN16276 (OVH, FR),
Reverse DNS
ip116.ip-54-37-56.eu
Software
Apache / PleskLin
Resource Hash
93f4f2e78870a1e1da1d5891afe1215857b0ba31124e06da83de52ac24f5eaa1

Request headers

accept-language
fr-FR,fr;q=0.9
Referer
https://maxigainpmu.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

Date
Wed, 01 Mar 2023 11:08:33 GMT
Last-Modified
Mon, 01 May 2017 04:30:20 GMT
Server
Apache
ETag
"33d-54e6ee18c5872"
X-Powered-By
PleskLin
Content-Type
image/gif
Cache-Control
max-age=2592000
Connection
Keep-Alive
Accept-Ranges
bytes
Keep-Alive
timeout=5, max=99
Content-Length
829
Expires
Fri, 31 Mar 2023 11:08:33 GMT

Redirect headers

Date
Wed, 01 Mar 2023 11:08:33 GMT
Server
Apache
X-Powered-By
PHP/5.5.38, PleskLin
Content-Type
text/html
Location
https://www.ajoutezvotresite.com/images/button2.gif
Cache-Control
max-age=0
Connection
Keep-Alive
Keep-Alive
timeout=5, max=100
Content-Length
0
Expires
Wed, 01 Mar 2023 11:08:33 GMT
rapidobouton.gif
www.rapidoweb.free.fr/images/ 		0
0
button.gif
www.classement.pro/images/
Redirect Chain
  • https://www.classement.pro/button.php?u=maxigainpmu&buttontype=static
  • https://www.classement.pro/images/button.gif
3 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.classement.pro/images/button.gif
Requested by
Host: maxigainpmu.com
URL: https://maxigainpmu.com/maxigain_abonnement.php
Protocol
HTTP/1.1
Server
46.105.249.222 , France, ASN16276 (OVH, FR),
Reverse DNS
ip222.ip-46-105-249.eu
Software
Apache / PleskLin
Resource Hash
c7b51b192c60e9a6a8b9187ef89ac37f6ab24ab65719f552f93e133421eab391

Request headers

accept-language
fr-FR,fr;q=0.9
Referer
https://maxigainpmu.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

Date
Wed, 01 Mar 2023 11:08:33 GMT
Last-Modified
Thu, 29 Aug 2013 23:48:42 GMT
Server
Apache
X-Powered-By
PleskLin
Content-Type
image/gif
Cache-Control
max-age=2592000
Connection
Keep-Alive
Accept-Ranges
bytes
Keep-Alive
timeout=5, max=99
Content-Length
2703
Expires
Fri, 31 Mar 2023 11:08:33 GMT

Redirect headers

Date
Wed, 01 Mar 2023 11:08:33 GMT
Server
Apache
X-Powered-By
PHP/5.6.40, PleskLin
Transfer-Encoding
chunked
Content-Type
text/html; charset=UTF-8
Location
https://www.classement.pro/images/button.gif
Cache-Control
max-age=0
Connection
Keep-Alive
Keep-Alive
timeout=5, max=100
Expires
Wed, 01 Mar 2023 11:08:33 GMT
banner.gif
img.root-top.com/topsite/maxilitop/ 		2 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://img.root-top.com/topsite/maxilitop/banner.gif
Requested by
Host: maxigainpmu.com
URL: https://maxigainpmu.com/maxigain_abonnement.php
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3038::6815:ea1b , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
a2975c1126cf4227f4d669a7dd65c8d453c14f19650ad685c72c8bd9f098430e

Request headers

accept-language
fr-FR,fr;q=0.9
Referer
https://maxigainpmu.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date
Wed, 01 Mar 2023 11:08:33 GMT
cf-cache-status
HIT
last-modified
Mon, 27 Feb 2023 17:46:48 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
age
148905
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=s7%2BmoIJXAqZEuZlFK0pz86tgetUzH4ADjYhcrwsF9YI9pB9S4NnVnWo8ZG%2F50MjZPCm6JwiOvVeUqXOJnQc%2B8HGxaxOQsQoLfLFxAjSXh9fc3H7i6ZEnZxtZCZKQMdB%2FFTVxKzFNWqB38lj93SSI"}],"group":"cf-nel","max_age":604800}
content-type
image/gif
cache-control
max-age=14400, must-revalidate
accept-ranges
bytes
cf-ray
7a10f1566971f14c-CDG
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
1970
expires
Thu, 02 Mar 2023 17:46:48 GMT
logo-coupl%C3%A9.gif
www.roboroscope-turf.fr/wp-content/uploads/2018/02/ 		132 KB
133 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.roboroscope-turf.fr/wp-content/uploads/2018/02/logo-coupl%C3%A9.gif
Requested by
Host: maxigainpmu.com
URL: https://maxigainpmu.com/maxigain_abonnement.php
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a06:98c1:3120::c , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
8f579d79e76de2299de1a649568f2963a99c2adf0576793c34843b641c0ca14d

Request headers

accept-language
fr-FR,fr;q=0.9
Referer
https://maxigainpmu.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date
Wed, 01 Mar 2023 11:08:33 GMT
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
1949064
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
135535
last-modified
Sat, 17 Feb 2018 17:38:30 GMT
server
cloudflare
etag
"5a886896-2116f"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=ASNqjNltL1lBohYKm3d%2FCxWPFShTrH6jwNEttrDhoBXabf6fxJ3EbJ9qltm5R%2FaGxjdLH4A5c2NZCF8i9emoI27vd%2BCHg1NZmaYN81UU4BNeSTVlcO04LQuzXMwEkEo2FPZWUcRMuehaiSuV4Y91mG7x6xxK3g%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/gif
cache-control
max-age=315360000
accept-ranges
bytes
cf-ray
7a10f156b881f1a0-CDG
expires
Thu, 31 Dec 2037 23:55:55 GMT
opaudla5821.gif
www.auplod.com/u/ 		0
0
logo-pour-triangle-90x60.gif
www.roboroscope-turf.fr/wp-content/uploads/2018/03/ 		41 KB
42 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.roboroscope-turf.fr/wp-content/uploads/2018/03/logo-pour-triangle-90x60.gif
Requested by
Host: maxigainpmu.com
URL: https://maxigainpmu.com/maxigain_abonnement.php
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a06:98c1:3120::c , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
014b19e05084b96ca3290f91682467fea01ed9904003b0c4c6e4ca1bb8c6f190

Request headers

accept-language
fr-FR,fr;q=0.9
Referer
https://maxigainpmu.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date
Wed, 01 Mar 2023 11:08:33 GMT
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
9336596
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
41974
last-modified
Sun, 25 Mar 2018 08:49:05 GMT
server
cloudflare
etag
"5ab76281-a3f6"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=d%2FSYE6kBHGS5w5ledYrVGATiBD%2B%2FIUm25MX469U21h3LBECT29e0A0T7IwXbZwDPmP5puujOO16Zb4S66cPQxyD5YAs%2FoVUbocZerUBnGmAUhP7XlzmUomtDnpPmXdKqPXhHzJs6I3zQRxWbiL05LM7AQvqQeA%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/gif
cache-control
max-age=315360000
accept-ranges
bytes
cf-ray
7a10f156b884f1a0-CDG
expires
Thu, 31 Dec 2037 23:55:55 GMT
gifrovorosco.gif
www.roboroscope-turf.fr/wp-content/uploads/2017/11/ 		284 KB
285 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.roboroscope-turf.fr/wp-content/uploads/2017/11/gifrovorosco.gif
Requested by
Host: maxigainpmu.com
URL: https://maxigainpmu.com/maxigain_abonnement.php
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a06:98c1:3120::c , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
f1c2e968e6f6d9498f088e890f1fc34226d2fb4183bf4aa118efcc2e9c1fe81e

Request headers

accept-language
fr-FR,fr;q=0.9
Referer
https://maxigainpmu.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date
Wed, 01 Mar 2023 11:08:33 GMT
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
9336630
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
290775
last-modified
Tue, 28 Nov 2017 07:53:07 GMT
server
cloudflare
etag
"5a1d15e3-46fd7"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Pca8FQ0UTo5dEZtnOrvyh6u3RaC3hDOhvH9dMuYBeaM1ImX6yR%2FKOp9sgXd78rceKSbW6E3jXKYDptNpVB3NlNlfq1spiZ8O%2FvAzXMO27ycvADP6ntSFG%2B7EM5lkLoBJMYRsPnh7WFo%2FpI2jSfoOFkyLO8PKHw%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/gif
cache-control
max-age=315360000
accept-ranges
bytes
cf-ray
7a10f156b885f1a0-CDG
expires
Thu, 31 Dec 2037 23:55:55 GMT
exelturf.jpg
lemagicienduturf.free.fr/images/
Redirect Chain
  • https://img.root-top.com/topsite/exelturf/banner.gif
  • https://lemagicienduturf.free.fr/images/exelturf.jpg
0
0
big.png
maxigainpmu.com/img/ 		148 KB
148 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://maxigainpmu.com/img/big.png
Requested by
Host: maxigainpmu.com
URL: https://maxigainpmu.com/maxigain_abonnement.php
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
91.216.107.79 , France, ASN210403 (LWS, FR),
Reverse DNS
Software
nginx /
Resource Hash
d32ac7b199d3f45a4e0b305ac0b5d6c8cb82c023ac979dfc9d21e970a74195f9

Request headers

accept-language
fr-FR,fr;q=0.9
Referer
https://maxigainpmu.com/maxigain_abonnement.php
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date
Wed, 01 Mar 2023 11:08:33 GMT
last-modified
Sun, 30 Jul 2017 18:16:47 GMT
server
nginx
accept-ranges
bytes
etag
"24ec8-5558cead36b3d"
content-length
151240
content-type
image/png
logof.png
maxigainpmu.com/img/ 		50 KB
50 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://maxigainpmu.com/img/logof.png
Requested by
Host: maxigainpmu.com
URL: https://maxigainpmu.com/maxigain_abonnement.php
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
91.216.107.79 , France, ASN210403 (LWS, FR),
Reverse DNS
Software
nginx /
Resource Hash
a65d0f989345ddf6e66ada05733d935459d9ff259f8c4a5457bc2d81aec8130c

Request headers

accept-language
fr-FR,fr;q=0.9
Referer
https://maxigainpmu.com/maxigain_abonnement.php
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date
Wed, 01 Mar 2023 11:08:33 GMT
last-modified
Sun, 30 Jul 2017 18:16:52 GMT
server
nginx
accept-ranges
bytes
etag
"c63f-5558ceb23488d"
content-length
50751
content-type
image/png
jou.png
maxigainpmu.com/img/ 		9 KB
9 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://maxigainpmu.com/img/jou.png
Requested by
Host: maxigainpmu.com
URL: https://maxigainpmu.com/maxigain_abonnement.php
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
91.216.107.79 , France, ASN210403 (LWS, FR),
Reverse DNS
Software
nginx /
Resource Hash
ad99a41248b8306a3fb236a481293a11026aa682101e3a35c05920ea7b3db31f

Request headers

accept-language
fr-FR,fr;q=0.9
Referer
https://maxigainpmu.com/maxigain_abonnement.php
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date
Wed, 01 Mar 2023 11:08:33 GMT
last-modified
Sun, 30 Jul 2017 18:16:48 GMT
server
nginx
accept-ranges
bytes
etag
"228a-5558ceaf051ad"
content-length
8842
content-type
image/png
iso.png
maxigainpmu.com/img/ 		14 KB
14 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://maxigainpmu.com/img/iso.png
Requested by
Host: maxigainpmu.com
URL: https://maxigainpmu.com/maxigain_abonnement.php
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
91.216.107.79 , France, ASN210403 (LWS, FR),
Reverse DNS
Software
nginx /
Resource Hash
a78f0807c54a423e48b04e42fe4b12953cf65b7c31410c4eb4adb3f5986965a0

Request headers

accept-language
fr-FR,fr;q=0.9
Referer
https://maxigainpmu.com/maxigain_abonnement.php
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date
Wed, 01 Mar 2023 11:08:33 GMT
last-modified
Sun, 30 Jul 2017 18:16:48 GMT
server
nginx
accept-ranges
bytes
etag
"36a1-5558ceae9b645"
content-length
13985
content-type
image/png
jquery.js
maxigainpmu.com/ 		94 KB
32 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://maxigainpmu.com/jquery.js
Requested by
Host: maxigainpmu.com
URL: https://maxigainpmu.com/maxigain_abonnement.php
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
91.216.107.79 , France, ASN210403 (LWS, FR),
Reverse DNS
Software
nginx /
Resource Hash
2e945ebcd9b955e7c543ba4ad41e8f7779a077b482a0207db74bd6ded2021d17

Request headers

accept-language
fr-FR,fr;q=0.9
Referer
https://maxigainpmu.com/maxigain_abonnement.php
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date
Wed, 01 Mar 2023 11:08:33 GMT
content-encoding
br
last-modified
Sun, 30 Jul 2017 18:15:42 GMT
server
nginx
etag
"1787c-5558ce6f82cdd-br"
vary
Accept-Encoding
content-type
application/javascript
accept-ranges
bytes
content-length
32446
cycle.js
maxigainpmu.com/ 		51 KB
13 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://maxigainpmu.com/cycle.js
Requested by
Host: maxigainpmu.com
URL: https://maxigainpmu.com/maxigain_abonnement.php
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
91.216.107.79 , France, ASN210403 (LWS, FR),
Reverse DNS
Software
nginx /
Resource Hash
58b44d975e1e1f0664d0fb8ab5b2918d08e9497324a021aa93de5894cdb586d4

Request headers

accept-language
fr-FR,fr;q=0.9
Referer
https://maxigainpmu.com/maxigain_abonnement.php
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date
Wed, 01 Mar 2023 11:08:33 GMT
content-encoding
br
last-modified
Fri, 04 Aug 2017 16:41:17 GMT
server
nginx
etag
"cb3b-555f02a892f03-br"
vary
Accept-Encoding
content-type
application/javascript
accept-ranges
bytes
content-length
13051
pf
www.pronostic-facile.fr/widget/ok/script/ 		0
0
geocompteur.php
www.widgeo.net/geocompteur/ 		0
0
buy.apu
payment.allopass.com/buy/ Frame 27AD 		42 KB
15 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://payment.allopass.com/buy/buy.apu?ids=354074&idd=1545532
Requested by
Host: maxigainpmu.com
URL: https://maxigainpmu.com/maxigain_abonnement.php
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
185.119.26.1 , France, ASN203544 (WEBDEVIIN-AS, FR),
Reverse DNS
1.26.119.185.in-addr.arpa
Software
Apache /
Resource Hash
7539a5a6538b5c1413d82407654fdbe30756a903f854fa9181c568ccacc89bf1

Request headers

Referer
https://maxigainpmu.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36
accept-language
fr-FR,fr;q=0.9

Response headers

Access-Control-Allow-Origin
*
Cache-Control
no-store, no-cache, must-revalidate, post-check=0, pre-check=0
Connection
close
Content-Encoding
gzip
Content-Length
15128
Content-Type
text/html; charset=UTF-8
Date
Wed, 01 Mar 2023 11:08:33 GMT
Expires
Thu, 19 Nov 1981 08:52:00 GMT
P3P
CP='NON NID OTPa OUR NOR' policy-ref='http://payment.allopass.com/info/p3p/policy-references.xml'
Pragma
no-cache
Server
Apache
Vary
Accept-Encoding
dot.png
maxigainpmu.com/img/ 		151 B
285 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://maxigainpmu.com/img/dot.png
Requested by
Host: maxigainpmu.com
URL: https://maxigainpmu.com/css/css.css
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
91.216.107.79 , France, ASN210403 (LWS, FR),
Reverse DNS
Software
nginx /
Resource Hash
5284eb8f4d465624f93c9b275598d6c40fdf1c5bd0f16e00e8e6b6271df6d6d1

Request headers

accept-language
fr-FR,fr;q=0.9
Referer
https://maxigainpmu.com/css/css.css
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date
Wed, 01 Mar 2023 11:08:33 GMT
last-modified
Sun, 30 Jul 2017 18:16:47 GMT
server
nginx
accept-ranges
bytes
etag
"97-5558ceadd2f3d"
content-length
151
content-type
image/png
bg_header.png
maxigainpmu.com/img/ 		217 B
351 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://maxigainpmu.com/img/bg_header.png
Requested by
Host: maxigainpmu.com
URL: https://maxigainpmu.com/css/css.css
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
91.216.107.79 , France, ASN210403 (LWS, FR),
Reverse DNS
Software
nginx /
Resource Hash
d3fadcd059e6f6f178d8369604f6b36d807033665bd7cf64223549a3a8ef412d

Request headers

accept-language
fr-FR,fr;q=0.9
Referer
https://maxigainpmu.com/css/css.css
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date
Wed, 01 Mar 2023 11:08:33 GMT
last-modified
Sun, 30 Jul 2017 18:16:39 GMT
server
nginx
accept-ranges
bytes
etag
"d9-5558cea62abf5"
content-length
217
content-type
image/png
bantop.png
maxigainpmu.com/img/ 		191 KB
191 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://maxigainpmu.com/img/bantop.png
Requested by
Host: maxigainpmu.com
URL: https://maxigainpmu.com/css/css.css
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
91.216.107.79 , France, ASN210403 (LWS, FR),
Reverse DNS
Software
nginx /
Resource Hash
ad6b4196ec351f7d989496e6231f43c90e137460d77cd4ae69889ef590ae6052

Request headers

accept-language
fr-FR,fr;q=0.9
Referer
https://maxigainpmu.com/css/css.css
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date
Wed, 01 Mar 2023 11:08:33 GMT
last-modified
Sun, 30 Jul 2017 18:16:35 GMT
server
nginx
accept-ranges
bytes
etag
"2fc97-5558cea20c0f5"
content-length
195735
content-type
image/png
menu.png
maxigainpmu.com/img/ 		147 B
282 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://maxigainpmu.com/img/menu.png
Requested by
Host: maxigainpmu.com
URL: https://maxigainpmu.com/css/css.css
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
91.216.107.79 , France, ASN210403 (LWS, FR),
Reverse DNS
Software
nginx /
Resource Hash
859c0836c058a9b113285ec361bd4abab916a47ae071bef84be582f0786701b0

Request headers

accept-language
fr-FR,fr;q=0.9
Referer
https://maxigainpmu.com/css/css.css
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date
Wed, 01 Mar 2023 11:08:33 GMT
last-modified
Sun, 30 Jul 2017 18:16:53 GMT
server
nginx
accept-ranges
bytes
etag
"93-5558ceb382465"
content-length
147
content-type
image/png
seek.png
maxigainpmu.com/img/ 		420 B
554 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://maxigainpmu.com/img/seek.png
Requested by
Host: maxigainpmu.com
URL: https://maxigainpmu.com/css/css.css
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
91.216.107.79 , France, ASN210403 (LWS, FR),
Reverse DNS
Software
nginx /
Resource Hash
14b197120dd63916a03fec50918a75357c1b0aae1cb1aec37dfd10819521b868

Request headers

accept-language
fr-FR,fr;q=0.9
Referer
https://maxigainpmu.com/css/css.css
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date
Wed, 01 Mar 2023 11:08:33 GMT
last-modified
Sun, 30 Jul 2017 18:17:01 GMT
server
nginx
accept-ranges
bytes
etag
"1a4-5558ceba9f51d"
content-length
420
content-type
image/png
but.png
maxigainpmu.com/img/ 		306 B
441 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://maxigainpmu.com/img/but.png
Requested by
Host: maxigainpmu.com
URL: https://maxigainpmu.com/css/css.css
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
91.216.107.79 , France, ASN210403 (LWS, FR),
Reverse DNS
Software
nginx /
Resource Hash
19388fd44335144d5b7f8af11a4be748cc8e681196f2c83ea5074398eb72b148

Request headers

accept-language
fr-FR,fr;q=0.9
Referer
https://maxigainpmu.com/css/css.css
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date
Wed, 01 Mar 2023 11:08:33 GMT
last-modified
Sun, 30 Jul 2017 18:16:45 GMT
server
nginx
accept-ranges
bytes
etag
"132-5558ceac2ec95"
content-length
306
content-type
image/png
corbel.ttf
maxigainpmu.com/font/ 		256 KB
257 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://maxigainpmu.com/font/corbel.ttf
Requested by
Host: maxigainpmu.com
URL: https://maxigainpmu.com/css/css.css
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
91.216.107.79 , France, ASN210403 (LWS, FR),
Reverse DNS
Software
nginx /
Resource Hash
f0caadc6fa7ab406d822923b9200be08c20de9224707a646481036cc7d61bdee

Request headers

Referer
https://maxigainpmu.com/css/css.css
Origin
https://maxigainpmu.com
accept-language
fr-FR,fr;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date
Wed, 01 Mar 2023 11:08:33 GMT
last-modified
Sun, 30 Jul 2017 18:16:45 GMT
server
nginx
accept-ranges
bytes
etag
"40090-5558ceab41f85"
content-length
262288
content-type
font/ttf
Cairo-Black.ttf
maxigainpmu.com/font/ 		171 KB
172 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://maxigainpmu.com/font/Cairo-Black.ttf
Requested by
Host: maxigainpmu.com
URL: https://maxigainpmu.com/css/css.css
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
91.216.107.79 , France, ASN210403 (LWS, FR),
Reverse DNS
Software
nginx /
Resource Hash
a12c5642cc69f452821efbf682d83fcece1a361ae64c1568b2604869c19b23f2

Request headers

Referer
https://maxigainpmu.com/css/css.css
Origin
https://maxigainpmu.com
accept-language
fr-FR,fr;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date
Wed, 01 Mar 2023 11:08:33 GMT
last-modified
Sun, 30 Jul 2017 18:15:54 GMT
server
nginx
accept-ranges
bytes
etag
"2ad84-5558ce7b844a5"
content-length
175492
content-type
font/ttf
bantop2.png
maxigainpmu.com/img/ 		118 KB
118 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://maxigainpmu.com/img/bantop2.png
Requested by
Host: maxigainpmu.com
URL: https://maxigainpmu.com/css/css.css
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
91.216.107.79 , France, ASN210403 (LWS, FR),
Reverse DNS
Software
nginx /
Resource Hash
28f6f55353d53469a669bdf8ac53f2bc72e72ebd9a379f6766c48fc73aa33af2

Request headers

accept-language
fr-FR,fr;q=0.9
Referer
https://maxigainpmu.com/css/css.css
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date
Wed, 01 Mar 2023 11:08:33 GMT
last-modified
Sun, 30 Jul 2017 18:16:38 GMT
server
nginx
accept-ranges
bytes
etag
"1d726-5558cea4c39dd"
content-length
120614
content-type
image/png
gtm.js
www.googletagmanager.com/ Frame 27AD 		117 KB
45 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtm.js?id=GTM-NHFGDSD
Requested by
Host: payment.allopass.com
URL: https://payment.allopass.com/buy/buy.apu?ids=354074&idd=1545532
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:400d:80e::2008 , Ireland, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
e78b7925f50c79c64a77c60282cf4c219651979ce023c6431702d9a7eb8c90af
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

accept-language
fr-FR,fr;q=0.9
Referer
https://payment.allopass.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date
Wed, 01 Mar 2023 11:08:34 GMT
content-encoding
br
strict-transport-security
max-age=31536000; includeSubDomains
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
46179
x-xss-protection
0
last-modified
Wed, 01 Mar 2023 09:00:00 GMT
server
Google Tag Manager
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
access-control-allow-headers
Cache-Control
expires
Wed, 01 Mar 2023 11:08:34 GMT
jBox.all.min.css
payment.allopass.com/static/css/jBox/ Frame 27AD 		16 KB
4 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://payment.allopass.com/static/css/jBox/jBox.all.min.css
Requested by
Host: payment.allopass.com
URL: https://payment.allopass.com/buy/buy.apu?ids=354074&idd=1545532
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
185.119.26.1 , France, ASN203544 (WEBDEVIIN-AS, FR),
Reverse DNS
1.26.119.185.in-addr.arpa
Software
Apache /
Resource Hash
16393c3e769e20445f7f78adf6a188dae9d932249842c1033dc2144bac1296ac

Request headers

accept-language
fr-FR,fr;q=0.9
Referer
https://payment.allopass.com/buy/buy.apu?ids=354074&idd=1545532
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

Date
Wed, 01 Mar 2023 11:08:34 GMT
Content-Encoding
gzip
Last-Modified
Tue, 16 Nov 2021 13:36:55 GMT
Server
Apache
ETag
"21680-40d7-5d0e804cbabc0"
Vary
Accept-Encoding
Content-Type
text/css
Connection
close
Accept-Ranges
bytes
Content-Length
3631
base.css
payment.allopass.com/static/css/ Frame 27AD 		81 KB
15 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://payment.allopass.com/static/css/base.css?68
Requested by
Host: payment.allopass.com
URL: https://payment.allopass.com/buy/buy.apu?ids=354074&idd=1545532
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
185.119.26.1 , France, ASN203544 (WEBDEVIIN-AS, FR),
Reverse DNS
1.26.119.185.in-addr.arpa
Software
Apache /
Resource Hash
3975eb898756e296608f964f0fe799ecf25bbf79467666a3c3218dad3db1de6e

Request headers

accept-language
fr-FR,fr;q=0.9
Referer
https://payment.allopass.com/buy/buy.apu?ids=354074&idd=1545532
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

Date
Wed, 01 Mar 2023 11:08:34 GMT
Content-Encoding
gzip
Last-Modified
Wed, 18 Jan 2023 10:36:14 GMT
Server
Apache
ETag
"235e8-143f2-5f28762b3a380"
Vary
Accept-Encoding
Content-Type
text/css
Connection
close
Accept-Ranges
bytes
Content-Length
14739
carousel.css
payment.allopass.com/static/css/ Frame 27AD 		21 KB
3 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://payment.allopass.com/static/css/carousel.css?68
Requested by
Host: payment.allopass.com
URL: https://payment.allopass.com/buy/buy.apu?ids=354074&idd=1545532
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
185.119.26.1 , France, ASN203544 (WEBDEVIIN-AS, FR),
Reverse DNS
1.26.119.185.in-addr.arpa
Software
Apache /
Resource Hash
1decf61f3465e4585a9a8cd868c343796bb6f43dfd1f03fa0b361dab97b4627c

Request headers

accept-language
fr-FR,fr;q=0.9
Referer
https://payment.allopass.com/buy/buy.apu?ids=354074&idd=1545532
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

Date
Wed, 01 Mar 2023 11:08:34 GMT
Content-Encoding
gzip
Last-Modified
Tue, 16 Nov 2021 13:36:55 GMT
Server
Apache
ETag
"40f4f-54eb-5d0e804cbabc0"
Vary
Accept-Encoding
Content-Type
text/css
Connection
close
Accept-Ranges
bytes
Content-Length
2387
jquery-1.3.2.min.js
payment.allopass.com/static/js/ext/ Frame 27AD 		56 KB
20 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://payment.allopass.com/static/js/ext/jquery-1.3.2.min.js
Requested by
Host: payment.allopass.com
URL: https://payment.allopass.com/buy/buy.apu?ids=354074&idd=1545532
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
185.119.26.1 , France, ASN203544 (WEBDEVIIN-AS, FR),
Reverse DNS
1.26.119.185.in-addr.arpa
Software
Apache /
Resource Hash
c8370a2d050359e9d505acc411e6f457a49b21360a21e6cbc9229bad3a767899

Request headers

accept-language
fr-FR,fr;q=0.9
Referer
https://payment.allopass.com/buy/buy.apu?ids=354074&idd=1545532
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

Date
Wed, 01 Mar 2023 11:08:34 GMT
Content-Encoding
gzip
Last-Modified
Tue, 16 Nov 2021 13:36:55 GMT
Server
Apache
ETag
"21808-dfa6-5d0e804cbabc0"
Vary
Accept-Encoding
Content-Type
application/javascript
Connection
close
Accept-Ranges
bytes
Content-Length
19740
jquery-1.11.3.min.js
payment.allopass.com/static/js/ext/ Frame 27AD 		94 KB
33 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://payment.allopass.com/static/js/ext/jquery-1.11.3.min.js
Requested by
Host: payment.allopass.com
URL: https://payment.allopass.com/buy/buy.apu?ids=354074&idd=1545532
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
185.119.26.1 , France, ASN203544 (WEBDEVIIN-AS, FR),
Reverse DNS
1.26.119.185.in-addr.arpa
Software
Apache /
Resource Hash
ecb916133a9376911f10bc5c659952eb0031e457f5df367cde560edbfba38fb8

Request headers

accept-language
fr-FR,fr;q=0.9
Referer
https://payment.allopass.com/buy/buy.apu?ids=354074&idd=1545532
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

Date
Wed, 01 Mar 2023 11:08:34 GMT
Content-Encoding
gzip
Last-Modified
Tue, 16 Nov 2021 13:36:55 GMT
Server
Apache
ETag
"21a21-176d5-5d0e804cbabc0"
Vary
Accept-Encoding
Content-Type
application/javascript
Connection
close
Accept-Ranges
bytes
Content-Length
33279
general.js
payment.allopass.com/onetime/scripts/ Frame 27AD 		4 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://payment.allopass.com/onetime/scripts/general.js?04
Requested by
Host: payment.allopass.com
URL: https://payment.allopass.com/buy/buy.apu?ids=354074&idd=1545532
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
185.119.26.1 , France, ASN203544 (WEBDEVIIN-AS, FR),
Reverse DNS
1.26.119.185.in-addr.arpa
Software
Apache /
Resource Hash
c1893b3f02db32e36ee562842bc299d27c047656416c204667abf42f04777d2a

Request headers

accept-language
fr-FR,fr;q=0.9
Referer
https://payment.allopass.com/buy/buy.apu?ids=354074&idd=1545532
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

Date
Wed, 01 Mar 2023 11:08:34 GMT
Content-Encoding
gzip
Last-Modified
Tue, 16 Nov 2021 13:36:55 GMT
Server
Apache
ETag
"3f9b6-f37-5d0e804cbabc0"
Vary
Accept-Encoding
Content-Type
application/javascript
Connection
close
Accept-Ranges
bytes
Content-Length
1593
jBox.all.min.js
payment.allopass.com/static/js/ext/ Frame 27AD 		51 KB
13 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://payment.allopass.com/static/js/ext/jBox.all.min.js
Requested by
Host: payment.allopass.com
URL: https://payment.allopass.com/buy/buy.apu?ids=354074&idd=1545532
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
185.119.26.1 , France, ASN203544 (WEBDEVIIN-AS, FR),
Reverse DNS
1.26.119.185.in-addr.arpa
Software
Apache /
Resource Hash
d176bb09818fe74dc0e1d369c411c2e3ca68bbf64a8eb76b43ec306520229833

Request headers

accept-language
fr-FR,fr;q=0.9
Referer
https://payment.allopass.com/buy/buy.apu?ids=354074&idd=1545532
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

Date
Wed, 01 Mar 2023 11:08:34 GMT
Content-Encoding
gzip
Last-Modified
Tue, 16 Nov 2021 13:36:55 GMT
Server
Apache
ETag
"21721-cb59-5d0e804cbabc0"
Vary
Accept-Encoding
Content-Type
application/javascript
Connection
close
Accept-Ranges
bytes
Content-Length
12605
top.js
gmu-apps.com/js/ Frame 27AD 		54 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://gmu-apps.com/js/top.js
Requested by
Host: payment.allopass.com
URL: https://payment.allopass.com/buy/buy.apu?ids=354074&idd=1545532
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
13.56.219.150 San Jose, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-13-56-219-150.us-west-1.compute.amazonaws.com
Software
Apache /
Resource Hash
cdca24fd19906ad7adbf066e55d3ee87750c3901e9b5d1beb538408274d32109

Request headers

accept-language
fr-FR,fr;q=0.9
Referer
https://payment.allopass.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 01 Mar 2023 11:08:35 GMT
content-encoding
gzip
last-modified
Fri, 02 Apr 2021 20:31:35 GMT
server
Apache
vary
Accept-Encoding
content-type
application/javascript
cache-control
max-age=0, no-cache, no-store, must-revalidate
accept-ranges
bytes
content-length
5772
expires
Sun, 8 Mar 1981 10:00:00 GMT
fr.png
payment.allopass.com/icons/flags/24x24/ Frame 27AD 		536 B
774 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://payment.allopass.com/icons/flags/24x24/fr.png
Requested by
Host: payment.allopass.com
URL: https://payment.allopass.com/buy/buy.apu?ids=354074&idd=1545532
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
185.119.26.1 , France, ASN203544 (WEBDEVIIN-AS, FR),
Reverse DNS
1.26.119.185.in-addr.arpa
Software
Apache /
Resource Hash
54df4beda3ad05d5c621511ff15b2882588ff457e36132035d5f21fb29f2a750

Request headers

accept-language
fr-FR,fr;q=0.9
Referer
https://payment.allopass.com/buy/buy.apu?ids=354074&idd=1545532
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

Date
Wed, 01 Mar 2023 11:08:34 GMT
Last-Modified
Tue, 26 Nov 2019 14:39:45 GMT
Server
Apache
ETag
"22e62-218-59840d9ebee40"
Content-Type
image/png
Connection
close
Accept-Ranges
bytes
Content-Length
536
check-codes.js
payment.allopass.com/static/js/ Frame 27AD 		2 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://payment.allopass.com/static/js/check-codes.js?01
Requested by
Host: payment.allopass.com
URL: https://payment.allopass.com/buy/buy.apu?ids=354074&idd=1545532
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
185.119.26.1 , France, ASN203544 (WEBDEVIIN-AS, FR),
Reverse DNS
1.26.119.185.in-addr.arpa
Software
Apache /
Resource Hash
97a9de3830f4bd7bcb7cf4805dbdcf1f4c6e843fcd4a814c6a5d7bc2b11fee1a

Request headers

accept-language
fr-FR,fr;q=0.9
Referer
https://payment.allopass.com/buy/buy.apu?ids=354074&idd=1545532
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

Date
Wed, 01 Mar 2023 11:08:34 GMT
Content-Encoding
gzip
Last-Modified
Fri, 29 Jul 2022 07:06:45 GMT
Server
Apache
ETag
"24c89-9d7-5e4ec4afc0b40"
Vary
Accept-Encoding
Content-Type
application/javascript
Connection
close
Accept-Ranges
bytes
Content-Length
795
fingerprint2.min.js
payment.allopass.com/static/js/ext/ Frame 27AD 		33 KB
10 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://payment.allopass.com/static/js/ext/fingerprint2.min.js
Requested by
Host: payment.allopass.com
URL: https://payment.allopass.com/buy/buy.apu?ids=354074&idd=1545532
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
185.119.26.1 , France, ASN203544 (WEBDEVIIN-AS, FR),
Reverse DNS
1.26.119.185.in-addr.arpa
Software
Apache /
Resource Hash
faf063f091dd745b82f9aeb12544a10ef3ee5989078c1a90d377d863fff884c7

Request headers

accept-language
fr-FR,fr;q=0.9
Referer
https://payment.allopass.com/buy/buy.apu?ids=354074&idd=1545532
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

Date
Wed, 01 Mar 2023 11:08:34 GMT
Content-Encoding
gzip
Last-Modified
Tue, 16 Nov 2021 13:36:55 GMT
Server
Apache
ETag
"21a1f-8432-5d0e804cbabc0"
Vary
Accept-Encoding
Content-Type
application/javascript
Connection
close
Accept-Ranges
bytes
Content-Length
10209
arrow-down.png
payment.allopass.com/static/css/images/ Frame 27AD 		315 B
553 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://payment.allopass.com/static/css/images/arrow-down.png
Requested by
Host: payment.allopass.com
URL: https://payment.allopass.com/buy/buy.apu?ids=354074&idd=1545532
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
185.119.26.1 , France, ASN203544 (WEBDEVIIN-AS, FR),
Reverse DNS
1.26.119.185.in-addr.arpa
Software
Apache /
Resource Hash
c0a130d7b90ac605b17acd40337aa673f2f6b1779801ba8ea7d894d38b87ba36

Request headers

accept-language
fr-FR,fr;q=0.9
Referer
https://payment.allopass.com/buy/buy.apu?ids=354074&idd=1545532
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

Date
Wed, 01 Mar 2023 11:08:34 GMT
Last-Modified
Tue, 16 Nov 2021 13:36:55 GMT
Server
Apache
ETag
"40f99-13b-5d0e804cbabc0"
Content-Type
image/png
Connection
close
Accept-Ranges
bytes
Content-Length
315
carousel.js
payment.allopass.com/static/js/ Frame 27AD 		7 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://payment.allopass.com/static/js/carousel.js?5
Requested by
Host: payment.allopass.com
URL: https://payment.allopass.com/buy/buy.apu?ids=354074&idd=1545532
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
185.119.26.1 , France, ASN203544 (WEBDEVIIN-AS, FR),
Reverse DNS
1.26.119.185.in-addr.arpa
Software
Apache /
Resource Hash
8db08a66fc20669ae93e6d8e919f56a863ce77d3e1ea0bb97efc4c35da450435

Request headers

accept-language
fr-FR,fr;q=0.9
Referer
https://payment.allopass.com/buy/buy.apu?ids=354074&idd=1545532
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

Date
Wed, 01 Mar 2023 11:08:34 GMT
Content-Encoding
gzip
Last-Modified
Tue, 16 Nov 2021 13:36:55 GMT
Server
Apache
ETag
"21801-1b55-5d0e804cbabc0"
Vary
Accept-Encoding
Content-Type
application/javascript
Connection
close
Accept-Ranges
bytes
Content-Length
1830
duration.css
payment.allopass.com/static/css/ Frame 27AD 		3 KB
1 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://payment.allopass.com/static/css/duration.css
Requested by
Host: payment.allopass.com
URL: https://payment.allopass.com/static/css/base.css?68
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
185.119.26.1 , France, ASN203544 (WEBDEVIIN-AS, FR),
Reverse DNS
1.26.119.185.in-addr.arpa
Software
Apache /
Resource Hash
b88598db6441341112078d3c81ea00ddf76e566ad9c68dcfec28a4d5100ca7b8

Request headers

accept-language
fr-FR,fr;q=0.9
Referer
https://payment.allopass.com/static/css/base.css?68
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

Date
Wed, 01 Mar 2023 11:08:34 GMT
Content-Encoding
gzip
Last-Modified
Tue, 16 Nov 2021 13:36:55 GMT
Server
Apache
ETag
"21906-b61-5d0e804cbabc0"
Vary
Accept-Encoding
Content-Type
text/css
Connection
close
Accept-Ranges
bytes
Content-Length
793
analytics.js
www.google-analytics.com/ Frame 27AD 		49 KB
20 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/analytics.js
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-NHFGDSD
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:400d:806::200e , Ireland, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
5971b095cff574a66d35ada016d4c077c86e2dea62e9c0f14cf7c94b258619de
Security Headers
Name Value
Strict-Transport-Security max-age=10886400; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
fr-FR,fr;q=0.9
Referer
https://payment.allopass.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

strict-transport-security
max-age=10886400; includeSubDomains; preload
content-encoding
gzip
x-content-type-options
nosniff
date
Wed, 01 Mar 2023 09:12:18 GMT
last-modified
Tue, 10 Jan 2023 21:29:14 GMT
server
Golfe2
age
6977
vary
Accept-Encoding
content-type
text/javascript
cache-control
public, max-age=7200
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
20085
expires
Wed, 01 Mar 2023 11:12:18 GMT
secure-lock.gif
payment.allopass.com/static/css/icons/ Frame 27AD 		181 B
418 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://payment.allopass.com/static/css/icons/secure-lock.gif
Requested by
Host: payment.allopass.com
URL: https://payment.allopass.com/static/css/base.css?68
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
185.119.26.1 , France, ASN203544 (WEBDEVIIN-AS, FR),
Reverse DNS
1.26.119.185.in-addr.arpa
Software
Apache /
Resource Hash
b74d93c2e43195ed06c03dcc855663cce5faec3d82a53598eb84f0714bb5ced9

Request headers

accept-language
fr-FR,fr;q=0.9
Referer
https://payment.allopass.com/static/css/base.css?68
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

Date
Wed, 01 Mar 2023 11:08:35 GMT
Last-Modified
Tue, 16 Nov 2021 13:36:55 GMT
Server
Apache
ETag
"21642-b5-5d0e804cbabc0"
Content-Type
image/gif
Connection
close
Accept-Ranges
bytes
Content-Length
181
field.png
payment.allopass.com/static/css/images/ Frame 27AD 		170 B
407 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://payment.allopass.com/static/css/images/field.png
Requested by
Host: payment.allopass.com
URL: https://payment.allopass.com/static/css/base.css?68
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
185.119.26.1 , France, ASN203544 (WEBDEVIIN-AS, FR),
Reverse DNS
1.26.119.185.in-addr.arpa
Software
Apache /
Resource Hash
7ffb9e58d885b0eaf644c52103b65f0019590149c75e77ff18f826d9bb3fa4e9

Request headers

accept-language
fr-FR,fr;q=0.9
Referer
https://payment.allopass.com/static/css/base.css?68
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

Date
Wed, 01 Mar 2023 11:08:35 GMT
Last-Modified
Tue, 16 Nov 2021 13:36:55 GMT
Server
Apache
ETag
"40fab-aa-5d0e804cbabc0"
Content-Type
image/png
Connection
close
Accept-Ranges
bytes
Content-Length
170
allopass-logo-small.svg
payment.allopass.com/static/css/images/ Frame 27AD 		116 KB
116 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://payment.allopass.com/static/css/images/allopass-logo-small.svg
Requested by
Host: payment.allopass.com
URL: https://payment.allopass.com/static/css/base.css?68
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
185.119.26.1 , France, ASN203544 (WEBDEVIIN-AS, FR),
Reverse DNS
1.26.119.185.in-addr.arpa
Software
Apache /
Resource Hash
a82d1b3a85473bad87120c7d6b42782c0b5132e88feab8d6bd22a65ac85f70d4

Request headers

accept-language
fr-FR,fr;q=0.9
Referer
https://payment.allopass.com/static/css/base.css?68
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

Date
Wed, 01 Mar 2023 11:08:35 GMT
Last-Modified
Wed, 18 Jan 2023 10:16:55 GMT
Server
Apache
ETag
"235ec-1cf64-5f2871d9eb3c0"
Content-Type
image/svg+xml
Connection
close
Accept-Ranges
bytes
Content-Length
118628
carousel-row-mobiyo.png
payment.allopass.com/static/css/images/ Frame 27AD 		87 KB
87 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://payment.allopass.com/static/css/images/carousel-row-mobiyo.png
Requested by
Host: payment.allopass.com
URL: https://payment.allopass.com/static/css/carousel.css?68
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
185.119.26.1 , France, ASN203544 (WEBDEVIIN-AS, FR),
Reverse DNS
1.26.119.185.in-addr.arpa
Software
Apache /
Resource Hash
5b0231eec0d06b77f534fe202e99a40e89685551d6f1afdebc3c581e3ea76a0b

Request headers

accept-language
fr-FR,fr;q=0.9
Referer
https://payment.allopass.com/static/css/carousel.css?68
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

Date
Wed, 01 Mar 2023 11:08:35 GMT
Last-Modified
Tue, 16 Nov 2021 13:36:55 GMT
Server
Apache
ETag
"2173e-15a80-5d0e804cbabc0"
Content-Type
image/png
Connection
close
Accept-Ranges
bytes
Content-Length
88704
692.215647de-1223.js
js-agent.newrelic.com/ Frame 27AD 		2 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://js-agent.newrelic.com/692.215647de-1223.js
Requested by
Host: payment.allopass.com
URL: https://payment.allopass.com/buy/buy.apu?ids=354074&idd=1545532
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.194.137 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
a757f891e9f4a002a7aecb7fcf4e1d74e3e43cc2dc74c3a1fe3812fe7c9a3545

Request headers

accept-language
fr-FR,fr;q=0.9
Referer
https://payment.allopass.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

x-amz-version-id
I.n_PBR7fU5g2cmlAwgMlzr4Oik5bP_f
content-encoding
gzip
via
1.1 varnish
date
Wed, 01 Mar 2023 11:08:35 GMT
x-amz-request-id
ZQ5155VQD2PR4MXE
x-amz-server-side-encryption
AES256
x-cache
HIT
cross-origin-resource-policy
cross-origin
content-length
1087
x-amz-id-2
nhKfUrAcziqLfmDIeQJy0QonM0wRMBYu+SxUbF/Biv8FOMfIp7yplVPtl06T/f1ezY4ESVVzMP0=
x-served-by
cache-cdg20770-CDG
last-modified
Fri, 27 Jan 2023 21:42:05 GMT
server
AmazonS3
x-timer
S1677668915.492445,VS0,VE0
etag
"2a9c8457fef96067bf92a4ec54fb10b8"
vary
Accept-Encoding
content-type
application/javascript
access-control-allow-origin
*
cache-control
public, max-age=7200, stale-if-error=604800
accept-ranges
bytes
x-cache-hits
11
779.215647de-1223.js
js-agent.newrelic.com/ Frame 27AD 		8 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://js-agent.newrelic.com/779.215647de-1223.js
Requested by
Host: payment.allopass.com
URL: https://payment.allopass.com/buy/buy.apu?ids=354074&idd=1545532
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.194.137 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
226b38d4dd6197b2d2989ef529f69e83ee3ff816b601033ee5ad3ba07fa76307

Request headers

accept-language
fr-FR,fr;q=0.9
Referer
https://payment.allopass.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

x-amz-version-id
d0hMUd3mWD9ItciiSIXCSy8OWToOTtsf
content-encoding
gzip
via
1.1 varnish
date
Wed, 01 Mar 2023 11:08:35 GMT
x-amz-request-id
ZQ53DTYB55DY4BWJ
x-amz-server-side-encryption
AES256
x-cache
HIT
cross-origin-resource-policy
cross-origin
content-length
3516
x-amz-id-2
fIUXMJOL0Xr/bNodP6a4cFBcn5r5fn9LP9lD8rY3MSXILj07rlnxUAgPYXbZ+oxU7JSpKf2148U=
x-served-by
cache-cdg20770-CDG
last-modified
Fri, 27 Jan 2023 21:42:05 GMT
server
AmazonS3
x-timer
S1677668915.492714,VS0,VE0
etag
"1f9dc6167676d6db728e844d20a97ad5"
vary
Accept-Encoding
content-type
application/javascript
access-control-allow-origin
*
cache-control
public, max-age=7200, stale-if-error=604800
accept-ranges
bytes
x-cache-hits
11
823.215647de-1223.js
js-agent.newrelic.com/ Frame 27AD 		3 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://js-agent.newrelic.com/823.215647de-1223.js
Requested by
Host: payment.allopass.com
URL: https://payment.allopass.com/buy/buy.apu?ids=354074&idd=1545532
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.194.137 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
cf2b7b8c9c5756454079e4eb012128b38f569bcc9d32a5b895df5396ae5052b2

Request headers

accept-language
fr-FR,fr;q=0.9
Referer
https://payment.allopass.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

x-amz-version-id
W2tA0gkaWp6JlPnYeFhc2plzNBl_myPN
content-encoding
gzip
via
1.1 varnish
date
Wed, 01 Mar 2023 11:08:35 GMT
x-amz-request-id
ZQ52HBA416TDM4MB
x-amz-server-side-encryption
AES256
x-cache
HIT
cross-origin-resource-policy
cross-origin
content-length
1365
x-amz-id-2
22eys94EavY1TUDpmXZhl/EzLjBipMTtBjWaACsAidsL1hvASnMhca5Ii0KPpV7p3f+tq07RPx0=
x-served-by
cache-cdg20770-CDG
last-modified
Fri, 27 Jan 2023 21:42:05 GMT
server
AmazonS3
x-timer
S1677668915.492685,VS0,VE0
etag
"ce7762cf4b6665f79c15503dbccd6c68"
vary
Accept-Encoding
content-type
application/javascript
access-control-allow-origin
*
cache-control
public, max-age=7200, stale-if-error=604800
accept-ranges
bytes
x-cache-hits
10
785.215647de-1223.js
js-agent.newrelic.com/ Frame 27AD 		5 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://js-agent.newrelic.com/785.215647de-1223.js
Requested by
Host: payment.allopass.com
URL: https://payment.allopass.com/buy/buy.apu?ids=354074&idd=1545532
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.194.137 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
e87e201d3ac066d6522dc7a17d02df52163ae9e47173244f017d23476f9e1eda

Request headers

accept-language
fr-FR,fr;q=0.9
Referer
https://payment.allopass.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

x-amz-version-id
24gfKeCbKAAA6djjTUpWk6gRfGGq6MlZ
content-encoding
gzip
via
1.1 varnish
date
Wed, 01 Mar 2023 11:08:35 GMT
x-amz-request-id
ZQ5D4NXMF72Q6990
x-amz-server-side-encryption
AES256
x-cache
HIT
cross-origin-resource-policy
cross-origin
content-length
2103
x-amz-id-2
bTHp+XP4NlaFzoEQcacjDxiJGSAsTrsd0Zcp0kmxnjTbNLdfokesiqDLyz0tQhayfPdEuTLoHJ4=
x-served-by
cache-cdg20770-CDG
last-modified
Fri, 27 Jan 2023 21:42:05 GMT
server
AmazonS3
x-timer
S1677668915.492643,VS0,VE0
etag
"85340359c90104ea511047eb2b57ebb5"
vary
Accept-Encoding
content-type
application/javascript
access-control-allow-origin
*
cache-control
public, max-age=7200, stale-if-error=604800
accept-ranges
bytes
x-cache-hits
11
325.215647de-1223.js
js-agent.newrelic.com/ Frame 27AD 		1 KB
990 B 		Script
General
Check archive.org
Download Go to
Full URL
https://js-agent.newrelic.com/325.215647de-1223.js
Requested by
Host: payment.allopass.com
URL: https://payment.allopass.com/buy/buy.apu?ids=354074&idd=1545532
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.194.137 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
b1ffa703af97cbc8af57a71d2ba52caf7f68d6d34b50190aa9b7d0cb53233e9a

Request headers

accept-language
fr-FR,fr;q=0.9
Referer
https://payment.allopass.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

x-amz-version-id
TZXfN40R6cv9QsF3fTfxRxppzwQ_LugL
content-encoding
gzip
via
1.1 varnish
date
Wed, 01 Mar 2023 11:08:35 GMT
x-amz-request-id
ZQ5B4GJ8R9Y5AVPB
x-amz-server-side-encryption
AES256
x-cache
HIT
cross-origin-resource-policy
cross-origin
content-length
560
x-amz-id-2
tY7oA0TIA7H5hSkBtgcS81qXAcDmZemdGpmzFe6wftOMjw+7LoQVlS5ObHQL1P/TWbL7WJekpTI=
x-served-by
cache-cdg20770-CDG
last-modified
Fri, 27 Jan 2023 21:42:05 GMT
server
AmazonS3
x-timer
S1677668915.492888,VS0,VE0
etag
"8bfb1318203f2143642fa7f2620e90b9"
vary
Accept-Encoding
content-type
application/javascript
access-control-allow-origin
*
cache-control
public, max-age=7200, stale-if-error=604800
accept-ranges
bytes
x-cache-hits
11
e3f8586304
bam.nr-data.net/1/ Frame 27AD 		49 B
532 B 		Script
General
Check archive.org
Download Go to
Full URL
https://bam.nr-data.net/1/e3f8586304?a=98090635&v=1223.PROD&to=NV0ANxMCXxBTW0FfWAwXNxEITFMWSxdXQ05MWRIW&rst=1948&ck=0&s=bad60ce20ab361e5&ref=https://payment.allopass.com/buy/buy.apu&ap=633&be=1085&fe=777&dc=720&perf=%7B%22timing%22:%7B%22of%22:1677668913572,%22n%22:0,%22f%22:3,%22dn%22:4,%22dne%22:298,%22c%22:298,%22s%22:316,%22ce%22:392,%22rq%22:399,%22rp%22:1059,%22rpe%22:1081,%22dl%22:1061,%22di%22:1805,%22ds%22:1805,%22de%22:1814,%22dc%22:1861,%22l%22:1861,%22le%22:1863%7D,%22navigation%22:%7B%7D%7D&fp=1759&fcp=1759&at=GRoDQVsYTB4%3D&jsonp=NREUM.setToken
Requested by
Host: js-agent.newrelic.com
URL: https://js-agent.newrelic.com/692.215647de-1223.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
162.247.241.14 Apex, United States, ASN23467 (NEWRELIC-AS-1, US),
Reverse DNS
Software
cloudflare /
Resource Hash
dac715f087720dd7ff7067f5d2ec1988851fa93140ae8a9cbfaa15659dd7fd82

Request headers

accept-language
fr-FR,fr;q=0.9
Referer
https://payment.allopass.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

Date
Wed, 01 Mar 2023 11:08:35 GMT
Content-Encoding
gzip
CF-Cache-Status
DYNAMIC
Server
cloudflare
Transfer-Encoding
chunked
access-control-allow-methods
GET, POST, PUT, HEAD, OPTIONS
Content-Type
text/javascript
Access-Control-Allow-Origin
*
Vary
Accept-Encoding
access-control-allow-credentials
true
Cross-Origin-Resource-Policy
cross-origin
Connection
keep-alive
CF-Ray
7a10f162aa62d68a-CDG
chk.php
gmu-apps.com/ Frame 27AD 		0
94 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://gmu-apps.com/chk.php
Requested by
Host: maxigainpmu.com
URL: https://maxigainpmu.com/maxigain_abonnement.php
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
13.56.219.150 San Jose, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-13-56-219-150.us-west-1.compute.amazonaws.com
Software
Apache /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://payment.allopass.com/
accept-language
fr-FR,fr;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36
Content-Type
application/x-www-form-urlencoded

Response headers

access-control-allow-origin
*
date
Wed, 01 Mar 2023 11:08:36 GMT
server
Apache
content-length
0
content-type
text/html; charset=UTF-8

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain
benturf.com
URL
https://benturf.com/benturf.gif
Domain
images-pmu.hol.es
URL
https://images-pmu.hol.es/gallery_gen/e4da3b7fbbce2345d7772b0674a318d5_90x60.gif
Domain
www.rapidoweb.free.fr
URL
https://www.rapidoweb.free.fr/images/rapidobouton.gif
Domain
www.auplod.com
URL
https://www.auplod.com/u/opaudla5821.gif
Domain
lemagicienduturf.free.fr
URL
https://lemagicienduturf.free.fr/images/exelturf.jpg
Domain
www.pronostic-facile.fr
URL
http://www.pronostic-facile.fr/widget/ok/script/pf
Domain
www.widgeo.net
URL
http://www.widgeo.net/geocompteur/geocompteur.php?c=geoall2&id=%EF%BB%BF1502120776895&adult=0&cat=&size=&fonce=&claire=&idec=2588149050

Verdicts & Comments Add Verdict or Comment

4 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| 0 boolean| credentialless function| $ function| jQuery

3 Cookies

Domain/Path Name / Value
maxigainpmu.com/ Name: PHPSESSID
Value: ov5a2gsg4npe37jip8i1oe1157
payment.allopass.com/ Name: ShopSessionId
Value: 5e99b4a7-8a88-42ba-9c1f-c9c4eec2f581
.allopass.com/ Name: AP_CUSK
Value: 3607970740

27 Console Messages

Source Level URL
Text
security warning URL: https://maxigainpmu.com/maxigain_abonnement.php
Message:
Mixed Content: The page at 'https://maxigainpmu.com/maxigain_abonnement.php' was loaded over HTTPS, but requested an insecure element 'http://benturf.com/benturf.gif'. This request was automatically upgraded to HTTPS, For more information see https://blog.chromium.org/2019/10/no-more-mixed-messages-about-https.html
security warning URL: https://maxigainpmu.com/maxigain_abonnement.php
Message:
Mixed Content: The page at 'https://maxigainpmu.com/maxigain_abonnement.php' was loaded over HTTPS, but requested an insecure element 'http://img.root-top.com/topsite/kadopronos/banner.gif'. This request was automatically upgraded to HTTPS, For more information see https://blog.chromium.org/2019/10/no-more-mixed-messages-about-https.html
security warning URL: https://maxigainpmu.com/maxigain_abonnement.php
Message:
Mixed Content: The page at 'https://maxigainpmu.com/maxigain_abonnement.php' was loaded over HTTPS, but requested an insecure element 'http://img.root-top.com/topsite/baseturf/banner.gif'. This request was automatically upgraded to HTTPS, For more information see https://blog.chromium.org/2019/10/no-more-mixed-messages-about-https.html
security warning URL: https://maxigainpmu.com/maxigain_abonnement.php
Message:
Mixed Content: The page at 'https://maxigainpmu.com/maxigain_abonnement.php' was loaded over HTTPS, but requested an insecure element 'http://img.root-top.com/topsite/maxigains/banner.gif'. This request was automatically upgraded to HTTPS, For more information see https://blog.chromium.org/2019/10/no-more-mixed-messages-about-https.html
security warning URL: https://maxigainpmu.com/maxigain_abonnement.php
Message:
Mixed Content: The page at 'https://maxigainpmu.com/maxigain_abonnement.php' was loaded over HTTPS, but requested an insecure element 'http://images-pmu.hol.es/gallery_gen/e4da3b7fbbce2345d7772b0674a318d5_90x60.gif'. This request was automatically upgraded to HTTPS, For more information see https://blog.chromium.org/2019/10/no-more-mixed-messages-about-https.html
security warning URL: https://maxigainpmu.com/maxigain_abonnement.php
Message:
Mixed Content: The page at 'https://maxigainpmu.com/maxigain_abonnement.php' was loaded over HTTPS, but requested an insecure element 'http://www.kadopronos.com/logo.gif'. This request was automatically upgraded to HTTPS, For more information see https://blog.chromium.org/2019/10/no-more-mixed-messages-about-https.html
security warning URL: https://maxigainpmu.com/maxigain_abonnement.php
Message:
Mixed Content: The page at 'https://maxigainpmu.com/maxigain_abonnement.php' was loaded over HTTPS, but requested an insecure element 'http://www.rapidoweb.free.fr/images/rapidobouton.gif'. This request was automatically upgraded to HTTPS, For more information see https://blog.chromium.org/2019/10/no-more-mixed-messages-about-https.html
security warning URL: https://maxigainpmu.com/maxigain_abonnement.php
Message:
Mixed Content: The page at 'https://maxigainpmu.com/maxigain_abonnement.php' was loaded over HTTPS, but requested an insecure element 'http://img.root-top.com/topsite/maxilitop/banner.gif'. This request was automatically upgraded to HTTPS, For more information see https://blog.chromium.org/2019/10/no-more-mixed-messages-about-https.html
security warning URL: https://maxigainpmu.com/maxigain_abonnement.php
Message:
Mixed Content: The page at 'https://maxigainpmu.com/maxigain_abonnement.php' was loaded over HTTPS, but requested an insecure element 'http://www.auplod.com/u/opaudla5821.gif'. This request was automatically upgraded to HTTPS, For more information see https://blog.chromium.org/2019/10/no-more-mixed-messages-about-https.html
security warning URL: https://maxigainpmu.com/maxigain_abonnement.php
Message:
Mixed Content: The page at 'https://maxigainpmu.com/maxigain_abonnement.php' was loaded over HTTPS, but requested an insecure element 'http://img.root-top.com/topsite/exelturf/banner.gif'. This request was automatically upgraded to HTTPS, For more information see https://blog.chromium.org/2019/10/no-more-mixed-messages-about-https.html
security error URL: https://maxigainpmu.com/maxigain_abonnement.php
Message:
Mixed Content: The page at 'https://maxigainpmu.com/maxigain_abonnement.php' was loaded over HTTPS, but requested an insecure script 'http://www.pronostic-facile.fr/widget/ok/script/pf'. This request has been blocked; the content must be served over HTTPS.
security error URL: https://maxigainpmu.com/maxigain_abonnement.php
Message:
Mixed Content: The page at 'https://maxigainpmu.com/maxigain_abonnement.php' was loaded over HTTPS, but requested an insecure script 'http://www.widgeo.net/geocompteur/geocompteur.php?c=geoall2&id=%EF%BB%BF1502120776895&adult=0&cat=&size=&fonce=&claire=&idec=2588149050'. This request has been blocked; the content must be served over HTTPS.
security warning URL: https://maxigainpmu.com/maxigain_abonnement.php(Line 129)
Message:
Mixed Content: The page at 'https://maxigainpmu.com/maxigain_abonnement.php' was loaded over HTTPS, but requested an insecure element 'http://benturf.com/benturf.gif'. This request was automatically upgraded to HTTPS, For more information see https://blog.chromium.org/2019/10/no-more-mixed-messages-about-https.html
security warning URL: https://maxigainpmu.com/maxigain_abonnement.php(Line 129)
Message:
Mixed Content: The page at 'https://maxigainpmu.com/maxigain_abonnement.php' was loaded over HTTPS, but requested an insecure element 'http://img.root-top.com/topsite/kadopronos/banner.gif'. This request was automatically upgraded to HTTPS, For more information see https://blog.chromium.org/2019/10/no-more-mixed-messages-about-https.html
security warning URL: https://maxigainpmu.com/maxigain_abonnement.php(Line 129)
Message:
Mixed Content: The page at 'https://maxigainpmu.com/maxigain_abonnement.php' was loaded over HTTPS, but requested an insecure element 'http://img.root-top.com/topsite/baseturf/banner.gif'. This request was automatically upgraded to HTTPS, For more information see https://blog.chromium.org/2019/10/no-more-mixed-messages-about-https.html
security warning URL: https://maxigainpmu.com/maxigain_abonnement.php(Line 174)
Message:
Mixed Content: The page at 'https://maxigainpmu.com/maxigain_abonnement.php' was loaded over HTTPS, but requested an insecure element 'http://img.root-top.com/topsite/maxigains/banner.gif'. This request was automatically upgraded to HTTPS, For more information see https://blog.chromium.org/2019/10/no-more-mixed-messages-about-https.html
security warning URL: https://maxigainpmu.com/maxigain_abonnement.php(Line 174)
Message:
Mixed Content: The page at 'https://maxigainpmu.com/maxigain_abonnement.php' was loaded over HTTPS, but requested an insecure element 'http://images-pmu.hol.es/gallery_gen/e4da3b7fbbce2345d7772b0674a318d5_90x60.gif'. This request was automatically upgraded to HTTPS, For more information see https://blog.chromium.org/2019/10/no-more-mixed-messages-about-https.html
security warning URL: https://maxigainpmu.com/maxigain_abonnement.php(Line 174)
Message:
Mixed Content: The page at 'https://maxigainpmu.com/maxigain_abonnement.php' was loaded over HTTPS, but requested an insecure element 'http://www.kadopronos.com/logo.gif'. This request was automatically upgraded to HTTPS, For more information see https://blog.chromium.org/2019/10/no-more-mixed-messages-about-https.html
security warning URL: https://maxigainpmu.com/maxigain_abonnement.php(Line 174)
Message:
Mixed Content: The page at 'https://maxigainpmu.com/maxigain_abonnement.php' was loaded over HTTPS, but requested an insecure element 'http://www.rapidoweb.free.fr/images/rapidobouton.gif'. This request was automatically upgraded to HTTPS, For more information see https://blog.chromium.org/2019/10/no-more-mixed-messages-about-https.html
security warning URL: https://maxigainpmu.com/maxigain_abonnement.php(Line 174)
Message:
Mixed Content: The page at 'https://maxigainpmu.com/maxigain_abonnement.php' was loaded over HTTPS, but requested an insecure element 'http://img.root-top.com/topsite/maxilitop/banner.gif'. This request was automatically upgraded to HTTPS, For more information see https://blog.chromium.org/2019/10/no-more-mixed-messages-about-https.html
security warning URL: https://maxigainpmu.com/maxigain_abonnement.php(Line 174)
Message:
Mixed Content: The page at 'https://maxigainpmu.com/maxigain_abonnement.php' was loaded over HTTPS, but requested an insecure element 'http://www.auplod.com/u/opaudla5821.gif'. This request was automatically upgraded to HTTPS, For more information see https://blog.chromium.org/2019/10/no-more-mixed-messages-about-https.html
security warning URL: https://maxigainpmu.com/maxigain_abonnement.php(Line 174)
Message:
Mixed Content: The page at 'https://maxigainpmu.com/maxigain_abonnement.php' was loaded over HTTPS, but requested an insecure element 'http://img.root-top.com/topsite/exelturf/banner.gif'. This request was automatically upgraded to HTTPS, For more information see https://blog.chromium.org/2019/10/no-more-mixed-messages-about-https.html
network error URL: https://images-pmu.hol.es/gallery_gen/e4da3b7fbbce2345d7772b0674a318d5_90x60.gif
Message:
Failed to load resource: net::ERR_NAME_NOT_RESOLVED
network error URL: https://www.auplod.com/u/opaudla5821.gif
Message:
Failed to load resource: net::ERR_NAME_NOT_RESOLVED
network error URL: https://benturf.com/benturf.gif
Message:
Failed to load resource: net::ERR_CONNECTION_REFUSED
network error URL: https://www.resizup.com/images/2017/10/30/couplec.png
Message:
Failed to load resource: the server responded with a status of 404 ()
network error URL: https://www.resizup.com/images/2017/10/08/headBANN.png
Message:
Failed to load resource: the server responded with a status of 404 ()

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

bam.nr-data.net
benturf.com
gmu-apps.com
i.goopics.net
images-pmu.hol.es
img.root-top.com
js-agent.newrelic.com
lemagicienduturf.free.fr
maxigainpmu.com
payment.allopass.com
www.ajoutezvotresite.com
www.auplod.com
www.classement.pro
www.google-analytics.com
www.googletagmanager.com
www.kadopronos.com
www.legagnant.com
www.pronostic-facile.fr
www.rapidoweb.free.fr
www.resizup.com
www.roboroscope-turf.fr
www.widgeo.net
benturf.com
images-pmu.hol.es
lemagicienduturf.free.fr
www.auplod.com
www.pronostic-facile.fr
www.rapidoweb.free.fr
www.widgeo.net
13.56.219.150
151.101.194.137
162.247.241.14
185.119.26.1
194.150.236.190
198.187.31.103
2001:bc8:1200:1b01::1
2606:4700:3038::6815:ea1b
2a00:1450:400d:806::200e
2a00:1450:400d:80e::2008
2a06:98c1:3120::c
46.105.249.222
5.196.45.21
54.37.56.116
91.216.107.79
00082986c795016e29267aa88bd228dfaf6d68d60fe9f09f80024b7cd9796e62
014b19e05084b96ca3290f91682467fea01ed9904003b0c4c6e4ca1bb8c6f190
0fa5936c50ffea51d18470af0069b4e79c3b43c337185611e775a6a7133e6a12
14b197120dd63916a03fec50918a75357c1b0aae1cb1aec37dfd10819521b868
16393c3e769e20445f7f78adf6a188dae9d932249842c1033dc2144bac1296ac
19388fd44335144d5b7f8af11a4be748cc8e681196f2c83ea5074398eb72b148
1decf61f3465e4585a9a8cd868c343796bb6f43dfd1f03fa0b361dab97b4627c
226b38d4dd6197b2d2989ef529f69e83ee3ff816b601033ee5ad3ba07fa76307
28f6f55353d53469a669bdf8ac53f2bc72e72ebd9a379f6766c48fc73aa33af2
2e945ebcd9b955e7c543ba4ad41e8f7779a077b482a0207db74bd6ded2021d17
3975eb898756e296608f964f0fe799ecf25bbf79467666a3c3218dad3db1de6e
5284eb8f4d465624f93c9b275598d6c40fdf1c5bd0f16e00e8e6b6271df6d6d1
54df4beda3ad05d5c621511ff15b2882588ff457e36132035d5f21fb29f2a750
58b44d975e1e1f0664d0fb8ab5b2918d08e9497324a021aa93de5894cdb586d4
5971b095cff574a66d35ada016d4c077c86e2dea62e9c0f14cf7c94b258619de
5b0231eec0d06b77f534fe202e99a40e89685551d6f1afdebc3c581e3ea76a0b
648d002916d0209ee12ace793d518b7ff15b0267490e4e5fd3ee04722a47ee98
7047a1c38d5aa14077198535062c8294a3fadc721030cb5c3d154fc988a4a431
7539a5a6538b5c1413d82407654fdbe30756a903f854fa9181c568ccacc89bf1
79672c76e95d72f61220bbdc006493172a17a533982efcaaaeb667a92ed4c076
7ffb9e58d885b0eaf644c52103b65f0019590149c75e77ff18f826d9bb3fa4e9
81f073b99a782a5eebcded1f5c69d36297e50eefe3f7f46a3c43bab96804e93c
859c0836c058a9b113285ec361bd4abab916a47ae071bef84be582f0786701b0
8a051a3fb46cc9c481524b845fc219d8e39620d6abf9c21008ba8e7349af2a07
8db08a66fc20669ae93e6d8e919f56a863ce77d3e1ea0bb97efc4c35da450435
8e26ac0c23d9ca30d34ee60f78cf88636f6f5cd92dcf45d0d87f9f7fb815e309
8f579d79e76de2299de1a649568f2963a99c2adf0576793c34843b641c0ca14d
93f4f2e78870a1e1da1d5891afe1215857b0ba31124e06da83de52ac24f5eaa1
97a9de3830f4bd7bcb7cf4805dbdcf1f4c6e843fcd4a814c6a5d7bc2b11fee1a
a00c7e7d968d40c0ebfdc1d6feadf84db47747dd631bde6b22a2e7318dbc26ad
a12c5642cc69f452821efbf682d83fcece1a361ae64c1568b2604869c19b23f2
a2975c1126cf4227f4d669a7dd65c8d453c14f19650ad685c72c8bd9f098430e
a65d0f989345ddf6e66ada05733d935459d9ff259f8c4a5457bc2d81aec8130c
a757f891e9f4a002a7aecb7fcf4e1d74e3e43cc2dc74c3a1fe3812fe7c9a3545
a78f0807c54a423e48b04e42fe4b12953cf65b7c31410c4eb4adb3f5986965a0
a82d1b3a85473bad87120c7d6b42782c0b5132e88feab8d6bd22a65ac85f70d4
aa44d4366254f3abf48736409d8e5a68db425ea8411e03ffefcbb23f8093501d
ad6b4196ec351f7d989496e6231f43c90e137460d77cd4ae69889ef590ae6052
ad99a41248b8306a3fb236a481293a11026aa682101e3a35c05920ea7b3db31f
b1ffa703af97cbc8af57a71d2ba52caf7f68d6d34b50190aa9b7d0cb53233e9a
b74d93c2e43195ed06c03dcc855663cce5faec3d82a53598eb84f0714bb5ced9
b88598db6441341112078d3c81ea00ddf76e566ad9c68dcfec28a4d5100ca7b8
c0a130d7b90ac605b17acd40337aa673f2f6b1779801ba8ea7d894d38b87ba36
c1893b3f02db32e36ee562842bc299d27c047656416c204667abf42f04777d2a
c7b51b192c60e9a6a8b9187ef89ac37f6ab24ab65719f552f93e133421eab391
c8370a2d050359e9d505acc411e6f457a49b21360a21e6cbc9229bad3a767899
ccbbbd90275e710d90aef52a56eae643a1f37efd6152467a3087947470d49616
cdca24fd19906ad7adbf066e55d3ee87750c3901e9b5d1beb538408274d32109
cf1cc11c728c992b102d06d1c56550ee351d7ee9e277a855ec63e7f675e3f495
cf2b7b8c9c5756454079e4eb012128b38f569bcc9d32a5b895df5396ae5052b2
d176bb09818fe74dc0e1d369c411c2e3ca68bbf64a8eb76b43ec306520229833
d32ac7b199d3f45a4e0b305ac0b5d6c8cb82c023ac979dfc9d21e970a74195f9
d3fadcd059e6f6f178d8369604f6b36d807033665bd7cf64223549a3a8ef412d
dac715f087720dd7ff7067f5d2ec1988851fa93140ae8a9cbfaa15659dd7fd82
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e78b7925f50c79c64a77c60282cf4c219651979ce023c6431702d9a7eb8c90af
e87e201d3ac066d6522dc7a17d02df52163ae9e47173244f017d23476f9e1eda
ecb916133a9376911f10bc5c659952eb0031e457f5df367cde560edbfba38fb8
f0caadc6fa7ab406d822923b9200be08c20de9224707a646481036cc7d61bdee
f1c2e968e6f6d9498f088e890f1fc34226d2fb4183bf4aa118efcc2e9c1fe81e
faf063f091dd745b82f9aeb12544a10ef3ee5989078c1a90d377d863fff884c7