www.kangaroturf.c4s.online Open in urlscan Pro
2001:41d0:301::20 Public Scan

Go To Rescan
Add Verdict Report

URL:
http://www.kangaroturf.c4s.online/
Submission: On November 28 via manual (November 28th 2023, 8:14:27 pm UTC) from MA — Scanned from FR

Summary HTTP 39 Redirects Links 34 Behaviour Indicators

Summary

This website contacted 13 IPs in 3 countries across 10 domains to perform 39 HTTP transactions. The main IP is 2001:41d0:301::20, located in France and belongs to OVH, FR. The main domain is www.kangaroturf.c4s.online.

This is the only time www.kangaroturf.c4s.online was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
9	2001:41d0:301... 2001:41d0:301::20	16276 (OVH) (OVH)
5	2606:4700:303... 2606:4700:3038::6815:ea1b	13335 (CLOUDFLAR...) (CLOUDFLARENET)
3 3	2606:4700:303... 2606:4700:3038::6815:ea1a	13335 (CLOUDFLAR...) (CLOUDFLARENET)
4	46.105.57.169 46.105.57.169	16276 (OVH) (OVH)
2 4	194.150.236.236 194.150.236.236	44976 (HIWIT_AS) (HIWIT_AS)
3 6	2001:41d0:301... 2001:41d0:301::28	16276 (OVH) (OVH)
1	2a00:1450:400... 2a00:1450:4001:82f::2001	15169 (GOOGLE) (GOOGLE)
8	151.101.1.21 151.101.1.21	54113 (FASTLY) (FASTLY)
2	2a00:1450:400... 2a00:1450:4001:827::200e	15169 (GOOGLE) (GOOGLE)
2	192.229.221.25 192.229.221.25	15133 (EDGECAST) (EDGECAST)
1	151.101.129.35 151.101.129.35	54113 (FASTLY) (FASTLY)
1	2a00:1450:400... 2a00:1450:4001:810::2008	15169 (GOOGLE) (GOOGLE)
1	2001:4860:480... 2001:4860:4802:32::36	15169 (GOOGLE) (GOOGLE)
39	13

9 2001:41d0:301::20 (France)

ASN16276 (OVH, FR)

www.kangaroturf.c4s.online	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
kangaroturf.c4s.online	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
www.mini-turf.c4s.online	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
www.erfolg.c4s.online	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 2606:4700:3038::6815:ea1b (United States)

ASN13335 (CLOUDFLARENET, US)

img.root-top.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2606:4700:3038::6815:ea1a (United States) 3 redirects

ASN13335 (CLOUDFLARENET, US)

img.root-top.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 46.105.57.169 (France)

ASN16276 (OVH, FR)
PTR: cluster020.hosting.ovh.net

pronosgratuit.lachezvos.pro	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
www.extra-derby.c4s.online	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 194.150.236.236 (France) 2 redirects

ASN44976 (HIWIT_AS, FR)
PTR: ns76.hiwit.net

www.ogalopcourse.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 2001:41d0:301::28 (France) 3 redirects

ASN16276 (OVH, FR)

www.dueldescracks.siteneti.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
jeuxsurs.siteneti.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:82f::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

blogger.googleusercontent.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

8 151.101.1.21 (United States)

ASN54113 (FASTLY, US)

www.paypal.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:827::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 192.229.221.25 (United States)

ASN15133 (EDGECAST, US)

www.paypalobjects.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 151.101.129.35 (United States)

ASN54113 (FASTLY, US)

t.paypal.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:810::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.googletagmanager.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2001:4860:4802:32::36 (United States)

ASN15169 (GOOGLE, US)

region1.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
10	c4s.online www.kangaroturf.c4s.online kangaroturf.c4s.online www.mini-turf.c4s.online www.erfolg.c4s.online www.extra-derby.c4s.online	1 MB
9	paypal.com www.paypal.com — Cisco Umbrella Rank: 2811 t.paypal.com — Cisco Umbrella Rank: 3468	271 KB
8	root-top.com 3 redirects img.root-top.com	25 KB
6	siteneti.net 3 redirects www.dueldescracks.siteneti.net jeuxsurs.siteneti.net	384 KB
4	ogalopcourse.com 2 redirects www.ogalopcourse.com	16 KB
3	google-analytics.com www.google-analytics.com — Cisco Umbrella Rank: 27 region1.google-analytics.com — Cisco Umbrella Rank: 2462	21 KB
3	lachezvos.pro pronosgratuit.lachezvos.pro	242 KB
2	paypalobjects.com www.paypalobjects.com — Cisco Umbrella Rank: 2612	2 KB
1	googletagmanager.com www.googletagmanager.com — Cisco Umbrella Rank: 35	80 KB
1	googleusercontent.com blogger.googleusercontent.com — Cisco Umbrella Rank: 12682	5 KB
39	10

	Domain	Requested by
8	www.paypal.com	www.kangaroturf.c4s.online www.paypal.com
8	img.root-top.com	3 redirects www.kangaroturf.c4s.online
4	jeuxsurs.siteneti.net	2 redirects www.kangaroturf.c4s.online
4	www.ogalopcourse.com	2 redirects www.kangaroturf.c4s.online
4	www.kangaroturf.c4s.online	www.kangaroturf.c4s.online
3	kangaroturf.c4s.online	www.kangaroturf.c4s.online
3	pronosgratuit.lachezvos.pro	www.kangaroturf.c4s.online
2	www.paypalobjects.com	www.kangaroturf.c4s.online
2	www.google-analytics.com	www.kangaroturf.c4s.online www.google-analytics.com
2	www.dueldescracks.siteneti.net	1 redirects www.kangaroturf.c4s.online
1	region1.google-analytics.com	www.googletagmanager.com
1	www.googletagmanager.com	www.google-analytics.com
1	t.paypal.com	www.kangaroturf.c4s.online
1	www.extra-derby.c4s.online	www.kangaroturf.c4s.online
1	www.erfolg.c4s.online	www.kangaroturf.c4s.online
1	www.mini-turf.c4s.online	www.kangaroturf.c4s.online
1	blogger.googleusercontent.com	www.kangaroturf.c4s.online
39	17

This site contains links to these domains. Also see Links.

Domain
pmupourtous.blogspot.com
www.root-top.com
lepronoenor.blogspot.com
www.ogalopcourse.com
www.expertduturf.net
www.lemagicienduturf.siteneti.net
www.dueldescracks.siteneti.net
www.100pour100tierce-sur.com
www.expertduturf.com
www.ivressedesgains.siteneti.net
www.mini-turf.c4s.online
www.erfolg.c4s.online
www.extra-derby.c4s.online
jeuxsurs.siteneti.net
www.snap-turf.lachezvos.pro
www.prin-turf.lachezvos.pro
www.kriturf.lachezvos.pro
www.stephturf.lachezvos.pro
www.echo-pmu.lachezvos.pro
www.six-partants.c4s.online
www.turfpatron.lachezvos.pro
www.tourdegarde.c4s.online
www.herosturf.c4s.online
www.a-turf.lachezvos.pro
www.espace-turf.c4s.online
www.chevalvictoire.lachezvos.pro
racemastery.blogspot.com
www.goldenturf.lachezvos.pro
progrespmu.blogspot.com

Subject Issuer	Validity	Valid
root-top.com E1	`2023-10-30` - `2024-01-28`	3 months	crt.sh
*.googleusercontent.com GTS CA 1C3	`2023-10-23` - `2024-01-15`	3 months	crt.sh
www.paypal.com DigiCert SHA2 Extended Validation Server CA	`2023-10-13` - `2024-08-20`	10 months	crt.sh
*.google-analytics.com GTS CA 1C3	`2023-10-23` - `2024-01-15`	3 months	crt.sh
t.paypal.com DigiCert SHA2 Extended Validation Server CA	`2023-09-21` - `2024-10-21`	a year	crt.sh

This page contains 3 frames:

Primary Page: http://www.kangaroturf.c4s.online/
Frame ID: 2746E42DD8272A3C46CFD4E07BF7BB53
Requests: 32 HTTP requests in this frame

Frame: https://www.paypal.com/smart/buttons?style.label=paypal&style.layout=vertical&style.color=gold&style.shape=rect&style.tagline=false&style.menuPlacement=below&sdkVersion=5.0.410&components.0=buttons&locale.country=US&locale.lang=en&sdkMeta=eyJ1cmwiOiJodHRwczovL3d3dy5wYXlwYWwuY29tL3Nkay9qcz9jbGllbnQtaWQ9QVhXUGxqU1JfVjIxUXBfVnZFeVg0Z2x3R0U0WnBUb1hMbWVGYURDZEhMcTJaQVBsUno1aXNGVE9sRWJQal85bllabUdMbGlUVWtUYldscmQmZW5hYmxlLWZ1bmRpbmc9dmVubW8mY3VycmVuY3k9VVNEIiwiYXR0cnMiOnsiZGF0YS1zZGstaW50ZWdyYXRpb24tc291cmNlIjoiYnV0dG9uLWZhY3RvcnkiLCJkYXRhLXVpZCI6InVpZF96aHV1bGxtaWxmaXVtY3djamhsZHpyb215bW91eHIifX0&clientID=AXWPljSR_V21Qp_VvEyX4glwGE4ZpToXLmeFaDCdHLq2ZAPlRz5isFTOlEbPj_9nYZmGLliTUkTbWlrd&sdkCorrelationID=f459704fa2a5b&storageID=uid_f0f784c292_mja6mtq6mjm&sessionID=uid_0a0188e3ba_mja6mtq6mjm&buttonSessionID=uid_301b94b706_mja6mtq6mjm&env=production&buttonSize=huge&fundingEligibility=eyJwYXlwYWwiOnsiZWxpZ2libGUiOnRydWUsInZhdWx0YWJsZSI6ZmFsc2V9LCJwYXlsYXRlciI6eyJlbGlnaWJsZSI6ZmFsc2UsInZhdWx0YWJsZSI6ZmFsc2UsInByb2R1Y3RzIjp7InBheUluMyI6eyJlbGlnaWJsZSI6ZmFsc2UsInZhcmlhbnQiOm51bGx9LCJwYXlJbjQiOnsiZWxpZ2libGUiOmZhbHNlLCJ2YXJpYW50IjpudWxsfSwicGF5bGF0ZXIiOnsiZWxpZ2libGUiOmZhbHNlLCJ2YXJpYW50IjpudWxsfX19LCJjYXJkIjp7ImVsaWdpYmxlIjp0cnVlLCJicmFuZGVkIjp0cnVlLCJpbnN0YWxsbWVudHMiOmZhbHNlLCJ2ZW5kb3JzIjp7InZpc2EiOnsiZWxpZ2libGUiOnRydWUsInZhdWx0YWJsZSI6dHJ1ZX0sIm1hc3RlcmNhcmQiOnsiZWxpZ2libGUiOnRydWUsInZhdWx0YWJsZSI6dHJ1ZX0sImFtZXgiOnsiZWxpZ2libGUiOnRydWUsInZhdWx0YWJsZSI6dHJ1ZX0sImRpc2NvdmVyIjp7ImVsaWdpYmxlIjpmYWxzZSwidmF1bHRhYmxlIjp0cnVlfSwiaGlwZXIiOnsiZWxpZ2libGUiOmZhbHNlLCJ2YXVsdGFibGUiOmZhbHNlfSwiZWxvIjp7ImVsaWdpYmxlIjpmYWxzZSwidmF1bHRhYmxlIjp0cnVlfSwiamNiIjp7ImVsaWdpYmxlIjpmYWxzZSwidmF1bHRhYmxlIjp0cnVlfX0sImd1ZXN0RW5hYmxlZCI6ZmFsc2V9LCJ2ZW5tbyI6eyJlbGlnaWJsZSI6ZmFsc2UsInZhdWx0YWJsZSI6ZmFsc2V9LCJpdGF1Ijp7ImVsaWdpYmxlIjpmYWxzZX0sImNyZWRpdCI6eyJlbGlnaWJsZSI6ZmFsc2V9LCJhcHBsZXBheSI6eyJlbGlnaWJsZSI6ZmFsc2V9LCJzZXBhIjp7ImVsaWdpYmxlIjpmYWxzZX0sImlkZWFsIjp7ImVsaWdpYmxlIjpmYWxzZX0sImJhbmNvbnRhY3QiOnsiZWxpZ2libGUiOmZhbHNlfSwiZ2lyb3BheSI6eyJlbGlnaWJsZSI6ZmFsc2V9LCJlcHMiOnsiZWxpZ2libGUiOmZhbHNlfSwic29mb3J0Ijp7ImVsaWdpYmxlIjpmYWxzZX0sIm15YmFuayI6eyJlbGlnaWJsZSI6ZmFsc2V9LCJwMjQiOnsiZWxpZ2libGUiOmZhbHNlfSwid2VjaGF0cGF5Ijp7ImVsaWdpYmxlIjpmYWxzZX0sInBheXUiOnsiZWxpZ2libGUiOmZhbHNlfSwiYmxpayI6eyJlbGlnaWJsZSI6ZmFsc2V9LCJ0cnVzdGx5Ijp7ImVsaWdpYmxlIjpmYWxzZX0sIm94eG8iOnsiZWxpZ2libGUiOmZhbHNlfSwiYm9sZXRvIjp7ImVsaWdpYmxlIjpmYWxzZX0sImJvbGV0b2JhbmNhcmlvIjp7ImVsaWdpYmxlIjpmYWxzZX0sIm1lcmNhZG9wYWdvIjp7ImVsaWdpYmxlIjpmYWxzZX0sIm11bHRpYmFuY28iOnsiZWxpZ2libGUiOmZhbHNlfSwic2F0aXNwYXkiOnsiZWxpZ2libGUiOmZhbHNlfSwicGFpZHkiOnsiZWxpZ2libGUiOmZhbHNlfX0&platform=desktop&experiment.enableVenmo=false&flow=purchase&currency=USD&intent=capture&commit=true&vault=false&enableFunding.0=venmo&renderedButtons.0=paypal&renderedButtons.1=card&debug=false&applePaySupport=false&supportsPopups=true&supportedNativeBrowser=false&allowBillingPayments=true&disableSetCookie=true&experimentation.experience=107634&experimentation.treatment=137602
Frame ID: D3B632795AD1340A7DDDBD6E0025F224
Requests: 6 HTTP requests in this frame

Frame: https://www.paypalobjects.com/js-sdk-logos/2.2.7/paypal-blue.svg
Frame ID: 4C4D0FC0D208DD4493A0C47D1107BA78
Requests: 2 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

Gratuit KANGARO-TURF

Detected technologies

PayPal (Payment Processors) Expand

Overall confidence: 100%
Detected patterns

paypalobjects\.com

Google Analytics (Analytics) Expand

Overall confidence: 100%
Detected patterns

google-analytics\.com/(?:ga|urchin|analytics)\.js

Google Tag Manager (Tag Managers) Expand

Overall confidence: 100%
Detected patterns

googletagmanager\.com/gtag/js

Page Statistics

39
Requests

46 %
HTTPS

62 %
IPv6

10
Domains

17
Subdomains

13
IPs

3
Countries

2444 kB
Transfer

3360 kB
Size

8
Cookies

34 Outgoing links

These are links going to different origins than the main page.

URL: https://pmupourtous.blogspot.com/

Search URL Search Domain Scan URL

URL: http://www.root-top.com/topsite/topgenie/in.php?ID=30

Search URL Search Domain Scan URL

URL: http://www.root-top.com/topsite/topturfjs/in.php?ID=1683

Search URL Search Domain Scan URL

URL: http://www.root-top.com/topsite/exelturf/in.php?ID=365

Search URL Search Domain Scan URL

URL: http://www.root-top.com/topsite/pmuchampion/in.php?ID=152

Search URL Search Domain Scan URL

URL: http://www.root-top.com/topsite/astropmu/in.php?ID=164

Search URL Search Domain Scan URL

URL: https://lepronoenor.blogspot.com/

Search URL Search Domain Scan URL

URL: http://www.ogalopcourse.com//vote.php?id=1799

Search URL Search Domain Scan URL

URL: https://www.expertduturf.net/

Search URL Search Domain Scan URL

URL: http://www.lemagicienduturf.siteneti.net/

Search URL Search Domain Scan URL

URL: http://www.dueldescracks.siteneti.net/

Search URL Search Domain Scan URL

URL: https://www.100pour100tierce-sur.com/

Search URL Search Domain Scan URL

URL: https://www.expertduturf.com/

Search URL Search Domain Scan URL

URL: http://www.ivressedesgains.siteneti.net/

Search URL Search Domain Scan URL

URL: http://www.mini-turf.c4s.online/

Search URL Search Domain Scan URL

URL: http://www.root-top.com/topsite/pmuchampion

Search URL Search Domain Scan URL

URL: http://www.erfolg.c4s.online/

Search URL Search Domain Scan URL

URL: http://www.extra-derby.c4s.online/

Search URL Search Domain Scan URL

URL: http://jeuxsurs.siteneti.net/

Search URL Search Domain Scan URL

URL: http://www.snap-turf.lachezvos.pro/index.php
Title: Snap-turf

Search URL Search Domain Scan URL

URL: http://www.prin-turf.lachezvos.pro/index.php
Title: Prin-turf

Search URL Search Domain Scan URL

URL: http://www.kriturf.lachezvos.pro/
Title: Kriturf

Search URL Search Domain Scan URL

URL: http://www.stephturf.lachezvos.pro/
Title: Stephturf

Search URL Search Domain Scan URL

URL: http://www.echo-pmu.lachezvos.pro/
Title: Echo-Pmu

Search URL Search Domain Scan URL

URL: http://www.six-partants.c4s.online/index.php
Title: Six-partants

Search URL Search Domain Scan URL

URL: http://www.turfpatron.lachezvos.pro/index.php
Title: Turf-Patron

Search URL Search Domain Scan URL

URL: http://www.tourdegarde.c4s.online/index.php
Title: Tourdegarde

Search URL Search Domain Scan URL

URL: http://www.herosturf.c4s.online/
Title: Heros-turf

Search URL Search Domain Scan URL

URL: http://www.a-turf.lachezvos.pro/
Title: A-TURF

Search URL Search Domain Scan URL

URL: http://www.espace-turf.c4s.online/
Title: Espaceturf

Search URL Search Domain Scan URL

URL: http://www.chevalvictoire.lachezvos.pro/
Title: Chevalvictoire

Search URL Search Domain Scan URL

URL: https://racemastery.blogspot.com/
Title: Racemastery

Search URL Search Domain Scan URL

URL: http://www.goldenturf.lachezvos.pro/index.php
Title: Goldenturf

Search URL Search Domain Scan URL

URL: https://progrespmu.blogspot.com/

Search URL Search Domain Scan URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 3

http://img.root-top.com/topsite/topturfjs/banner.gif HTTP 301
https://img.root-top.com/topsite/topturfjs/banner.gif

Request Chain 4

http://img.root-top.com/topsite/exelturf/banner.gif HTTP 301
https://img.root-top.com/topsite/exelturf/banner.gif

Request Chain 5

http://img.root-top.com/topsite/pmuchampion/banner.gif HTTP 301
https://img.root-top.com/topsite/pmuchampion/banner.gif

Request Chain 8

http://www.ogalopcourse.com//logo.gif HTTP 301
https://www.ogalopcourse.com/logo.gif

Request Chain 11

http://www.dueldescracks.siteneti.net/dueldescracks.gif HTTP 301
https://www.dueldescracks.siteneti.net/dueldescracks.gif

Request Chain 17

http://jeuxsurs.siteneti.net/image/PMUCH.gif HTTP 301
https://jeuxsurs.siteneti.net/image/PMUCH.gif

Request Chain 20

http://jeuxsurs.siteneti.net/banniere/JEUXSUR.png HTTP 301
https://jeuxsurs.siteneti.net/banniere/JEUXSUR.png

Request Chain 21

http://www.ogalopcourse.com/img/new.gif HTTP 301
https://www.ogalopcourse.com/img/new.gif

39 HTTP transactions
2 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H/1.1 200
OK Primary Request / Show response
www.kangaroturf.c4s.online/ 15 KB
4 KB 67ms
19ms Document
text/html 2001:41d0:301::20
OVH

General

Check archive.org

Show headers Download Go to

Full URL: http://www.kangaroturf.c4s.online/
Protocol: HTTP/1.1
Server: 2001:41d0:301::20 , France, ASN16276 (OVH, FR),
Reverse DNS
Software: Apache / PHP/5.6
Resource Hash: 83b249213dd7b5e675b83f86d8fc3f1f048f569ad8353029b84c4712d28b6f1e

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36
accept-language: fr-FR,fr;q=0.9

Response headers

content-encoding: gzip
content-type: text/html; charset=UTF-8
date: Tue, 28 Nov 2023 20:14:22 GMT
server: Apache
transfer-encoding: chunked
vary: Accept-Encoding
x-iplb-instance: 52188
x-iplb-request-id: 200141D0000D364D0000000000000004:C2F2_200141D0030100000000000000000020:0050_65664A1E_16FF0:7C7D
x-powered-by: PHP/5.6

GET
H/1.1 200
OK jeux.css
www.kangaroturf.c4s.online/css/ 5 KB
2 KB 18ms
18ms Stylesheet
text/css 2001:41d0:301::20
OVH

General

Check archive.org

Show headers Download Go to

Full URL: http://www.kangaroturf.c4s.online/css/jeux.css
Requested by: Host: www.kangaroturf.c4s.online
URL: http://www.kangaroturf.c4s.online/
Protocol: HTTP/1.1
Server: 2001:41d0:301::20 , France, ASN16276 (OVH, FR),
Reverse DNS
Software: Apache /
Resource Hash: 9ed611de5fc0d2fed1f7bc62b26d8fd283ea878f2aee9794d06e17a781c6f1ec

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: http://www.kangaroturf.c4s.online/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Tue, 28 Nov 2023 20:14:22 GMT
content-encoding: gzip
last-modified: Sat, 15 Jul 2023 10:10:26 GMT
server: Apache
x-iplb-request-id: 200141D0000D364D0000000000000004:C2F2_200141D0030100000000000000000020:0050_65664A1E_16FF6:7C7D
x-iplb-instance: 52188
vary: Accept-Encoding
content-type: text/css
cache-control: max-age=900
accept-ranges: bytes
content-length: 1233
expires: Tue, 28 Nov 2023 20:29:22 GMT

GET
H/1.1 200
OK pmupourtous1.gif
www.kangaroturf.c4s.online/image/ 86 KB
87 KB 30ms
16ms Image
image/gif 2001:41d0:301::20
OVH

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://www.kangaroturf.c4s.online/image/pmupourtous1.gif
Requested by: Host: www.kangaroturf.c4s.online
URL: http://www.kangaroturf.c4s.online/
Protocol: HTTP/1.1
Server: 2001:41d0:301::20 , France, ASN16276 (OVH, FR),
Reverse DNS
Software: Apache /
Resource Hash: a5c520394981f9feb8b34b17aa3d020f61cc7f5cb706d57939bcd1b4d3ab0cbc

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: http://www.kangaroturf.c4s.online/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Tue, 28 Nov 2023 20:14:22 GMT
last-modified: Tue, 25 Jul 2023 14:51:01 GMT
server: Apache
x-iplb-request-id: 200141D0000D364D0000000000000004:C2F4_200141D0030100000000000000000020:0050_65664A1E_11C03:16E0
x-iplb-instance: 52166
content-type: image/gif
cache-control: max-age=900
accept-ranges: bytes
content-length: 88415
expires: Tue, 28 Nov 2023 20:29:22 GMT

GET
H2 200 banner.gif
img.root-top.com/topsite/topgenie/ 4 KB
5 KB 97ms
31ms Image
image/png 2606:4700:3038::6815:ea1b
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://img.root-top.com/topsite/topgenie/banner.gif
Requested by: Host: www.kangaroturf.c4s.online
URL: http://www.kangaroturf.c4s.online/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3038::6815:ea1b , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 597b8d67ab1ae1248dc69b6ef66b49d95eedc1ab74ae74234d86e3668d72e58e

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: http://www.kangaroturf.c4s.online/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Tue, 28 Nov 2023 20:14:23 GMT
cf-cache-status: HIT
last-modified: Tue, 29 Nov 2022 12:52:50 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
age: 1697626
etag: "1229025579"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=ELTfNew4y1zXTbi3jMzJdSgri7KNKQTP666%2F4Mgh8Eey81xVLWZgGr0GsYtqvDm5U01raAuOpzCkqCgaMdJj517XqIMhLaQL8minQYb1KZS3iB8DTNzMrCL6sLdbsuoGVyrMwBUkLkkGpA3XQ%2F5k"}],"group":"cf-nel","max_age":604800}
content-type: image/png
cache-control: max-age=2678400
accept-ranges: bytes
cf-ray: 82d546e1e8a502b9-CDG
alt-svc: h3=":443"; ma=86400
content-length: 4424

GET
H2

200

banner.gif
img.root-top.com/topsite/topturfjs/
Redirect Chain

http://img.root-top.com/topsite/topturfjs/banner.gif
https://img.root-top.com/topsite/topturfjs/banner.gif

4 KB
5 KB

28ms
28ms

Image
image/png

2606:4700:3038::6815:ea1b
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://img.root-top.com/topsite/topturfjs/banner.gif
Requested by: Host: www.kangaroturf.c4s.online
URL: http://www.kangaroturf.c4s.online/
Protocol: H2
Server: 2606:4700:3038::6815:ea1b , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 597b8d67ab1ae1248dc69b6ef66b49d95eedc1ab74ae74234d86e3668d72e58e

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: http://www.kangaroturf.c4s.online/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Tue, 28 Nov 2023 20:14:23 GMT
cf-cache-status: HIT
last-modified: Tue, 29 Nov 2022 12:52:50 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
age: 1526316
etag: "1229025579"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=%2FuAyBuiX669Ntk9EVzycbxrKFgrgb7quNapmUMd8wRBmKtLHCx2IaIDH5r7fL8konE9E2f0VLz6UVArYOSlmMpCOS0DEI%2FNA9fHcpiPRPh%2BroWImbOCctKrYQfy1j%2FE3w%2FiB%2BczXOsCElCSwDc3V"}],"group":"cf-nel","max_age":604800}
content-type: image/png
cache-control: max-age=2678400
accept-ranges: bytes
cf-ray: 82d546e2292002b9-CDG
alt-svc: h3=":443"; ma=86400
content-length: 4424

Redirect headers

Date: Tue, 28 Nov 2023 20:14:23 GMT
CF-Cache-Status: EXPIRED
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Server: cloudflare
Vary: Accept-Encoding
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=EsGx4cCJwi7ines58f49gXW%2BQBkgIql7QNzBvkg4JxlryGo10YrWR0Wn0jptPGmCpey8aOL92v5iAXhM6R6hWZMJDP5Nk%2FpYjGVKPeTaFaVqBNpaSh7flxkN4nhNvIICdcxUGHPW7bumnuzI8MSX"}],"group":"cf-nel","max_age":604800}
Location: https://img.root-top.com/topsite/topturfjs/banner.gif
Cache-Control: max-age=14400
Connection: keep-alive
CF-RAY: 82d546e1cfc87010-CDG
alt-svc: h3=":443"; ma=86400
Content-Length: 0

GET
H2

200

banner.gif
img.root-top.com/topsite/exelturf/
Redirect Chain

http://img.root-top.com/topsite/exelturf/banner.gif
https://img.root-top.com/topsite/exelturf/banner.gif

4 KB
5 KB

29ms
29ms

Image
image/png

2606:4700:3038::6815:ea1b
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://img.root-top.com/topsite/exelturf/banner.gif
Requested by: Host: www.kangaroturf.c4s.online
URL: http://www.kangaroturf.c4s.online/
Protocol: H2
Server: 2606:4700:3038::6815:ea1b , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 597b8d67ab1ae1248dc69b6ef66b49d95eedc1ab74ae74234d86e3668d72e58e

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: http://www.kangaroturf.c4s.online/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Tue, 28 Nov 2023 20:14:23 GMT
cf-cache-status: HIT
last-modified: Tue, 29 Nov 2022 12:52:50 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
age: 1701401
etag: "1229025579"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=SDNVsvidWkKUZNWELNIpp05Gw9gQbE4nLvHnS0%2BJCG0zSc%2BVoBySvZ38pChqtVSYBWhqwtMeCnLfDV35%2BE6gBFk%2B%2FpOY7%2BgWGu6Yh5IbtJ4u078hune6pVBMWh6Im0SswGhfX%2F53Y1yu45gI58Rk"}],"group":"cf-nel","max_age":604800}
content-type: image/png
cache-control: max-age=2678400
accept-ranges: bytes
cf-ray: 82d546e2191502b9-CDG
alt-svc: h3=":443"; ma=86400
content-length: 4424

Redirect headers

Date: Tue, 28 Nov 2023 20:14:23 GMT
CF-Cache-Status: EXPIRED
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Server: cloudflare
Vary: Accept-Encoding
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=IXEBdQepOoC9%2FtD4xQckCzBkWyI%2BRKE2M6MTAX5gRZJ0iEhGKrWGKwJJZvAylwHNpQKAbiiEsYM4S8GitQd8JAsWhRrn6gbi8r8vPKAtmMxV6TktslewU8%2Fy%2FrkVh4h1nQA0q%2FbzI2kLdZviAyur"}],"group":"cf-nel","max_age":604800}
Location: https://img.root-top.com/topsite/exelturf/banner.gif
Cache-Control: max-age=14400
Connection: keep-alive
CF-RAY: 82d546e1c8896f2a-CDG
alt-svc: h3=":443"; ma=86400
Content-Length: 0

GET
H2

200

banner.gif
img.root-top.com/topsite/pmuchampion/
Redirect Chain

http://img.root-top.com/topsite/pmuchampion/banner.gif
https://img.root-top.com/topsite/pmuchampion/banner.gif

4 KB
5 KB

29ms
28ms

Image
image/png

2606:4700:3038::6815:ea1b
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://img.root-top.com/topsite/pmuchampion/banner.gif
Requested by: Host: www.kangaroturf.c4s.online
URL: http://www.kangaroturf.c4s.online/
Protocol: H2
Server: 2606:4700:3038::6815:ea1b , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 597b8d67ab1ae1248dc69b6ef66b49d95eedc1ab74ae74234d86e3668d72e58e

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: http://www.kangaroturf.c4s.online/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Tue, 28 Nov 2023 20:14:23 GMT
cf-cache-status: HIT
last-modified: Tue, 29 Nov 2022 12:52:50 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
age: 1609416
etag: "1229025579"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=oZ7btDhoF9wpQ%2FrwCSwcxtAYqRs6AB605%2FLAOKaJ2WQDyOfisbMO88jTSEt2p1yXuLEHWzTsPB4O43neRXIODDpiS426prfeK9iVFtN0lYctHgX5NORcDF8mpeJS1UC3dNl7W9clWqDFYPMYja4C"}],"group":"cf-nel","max_age":604800}
content-type: image/png
cache-control: max-age=2678400
accept-ranges: bytes
cf-ray: 82d546e218f602b9-CDG
alt-svc: h3=":443"; ma=86400
content-length: 4424

Redirect headers

Date: Tue, 28 Nov 2023 20:14:23 GMT
CF-Cache-Status: HIT
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Server: cloudflare
Age: 88
Vary: Accept-Encoding
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Hr6eFnp3uFcYlMiU6vaK8ChzKjN6hLDcuNRXiubDrqnVADV1G9GZWCA8F%2FaFt6oPlXNfJ444r8k8W%2FQEANygibXXbAaObkjZwJIjAsMLxa8KiJP1RCZeSeD1HqabGg%2B6csljDmp7k7NwIuK1qlDh"}],"group":"cf-nel","max_age":604800}
Location: https://img.root-top.com/topsite/pmuchampion/banner.gif
Cache-Control: max-age=14400
Connection: keep-alive
CF-RAY: 82d546e1d83d99aa-CDG
alt-svc: h3=":443"; ma=86400
Content-Length: 0

GET
H2 200 banner.gif
img.root-top.com/topsite/astropmu/ 4 KB
5 KB 75ms
29ms Image
image/png 2606:4700:3038::6815:ea1b
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://img.root-top.com/topsite/astropmu/banner.gif
Requested by: Host: www.kangaroturf.c4s.online
URL: http://www.kangaroturf.c4s.online/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3038::6815:ea1b , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 597b8d67ab1ae1248dc69b6ef66b49d95eedc1ab74ae74234d86e3668d72e58e

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: http://www.kangaroturf.c4s.online/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Tue, 28 Nov 2023 20:14:23 GMT
cf-cache-status: HIT
last-modified: Tue, 29 Nov 2022 12:52:50 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
age: 1348091
etag: "1229025579"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=wgN1WluRROgiKhtsU86DOPLtCNsmSQ13Dq4S%2FD9izLWOi94NtSjrb5kvhOr3ssuzCbog4ZLeRZMrzF82qiRhROk8dj6I3pkT8RGmyOBJ2Ne9%2FwIblIeZ%2F4B9daD1XszL0yllKMuiaxi7k8xVZJJ%2B"}],"group":"cf-nel","max_age":604800}
content-type: image/png
cache-control: max-age=2678400
accept-ranges: bytes
cf-ray: 82d546e1e8a802b9-CDG
alt-svc: h3=":443"; ma=86400
content-length: 4424

GET
H/1.1 200
OK logo_peor.gif
pronosgratuit.lachezvos.pro/image/ 166 KB
166 KB 100ms
17ms Image
image/gif 46.105.57.169
OVH

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://pronosgratuit.lachezvos.pro/image/logo_peor.gif
Requested by: Host: www.kangaroturf.c4s.online
URL: http://www.kangaroturf.c4s.online/
Protocol: HTTP/1.1
Server: 46.105.57.169 , France, ASN16276 (OVH, FR),
Reverse DNS: cluster020.hosting.ovh.net
Software: Apache /
Resource Hash: 19cab9b05742333a97c7a11aa1d7781ed65150def8e7049fca21005eff5072d6

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: http://www.kangaroturf.c4s.online/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Tue, 28 Nov 2023 20:14:23 GMT
last-modified: Mon, 17 Jul 2023 19:10:07 GMT
server: Apache
x-iplb-request-id: B22190B1:A0F6_2E6939A9:0050_65664A1F_290E4:3821
x-iplb-instance: 52131
content-type: image/gif
cache-control: max-age=900
accept-ranges: bytes
content-length: 169885
expires: Tue, 28 Nov 2023 20:29:23 GMT

GET
H/1.1

200
OK

logo.gif
www.ogalopcourse.com/
Redirect Chain

http://www.ogalopcourse.com//logo.gif
https://www.ogalopcourse.com/logo.gif

12 KB
12 KB

106ms
25ms

Image
image/gif

194.150.236.236
HIWIT_AS

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.ogalopcourse.com/logo.gif

Requested by

Host: www.kangaroturf.c4s.online
URL: http://www.kangaroturf.c4s.online/

Protocol

HTTP/1.1

Server

194.150.236.236 , France, ASN44976 (HIWIT_AS, FR),

Reverse DNS

ns76.hiwit.net

Software

Apache /

Resource Hash

dd112777fc359a6685659e7c18782167c3995a9d75f5d5a39a4098bf36ad11a2

Security Headers

Name	Value
Strict-Transport-Security	max-age=15768000

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: http://www.kangaroturf.c4s.online/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

Date: Tue, 28 Nov 2023 20:14:23 GMT
Strict-Transport-Security: max-age=15768000
Last-Modified: Sun, 07 Aug 2022 16:40:22 GMT
Server: Apache
ETag: "28e945b-2f72-5e5a95af82980"
Vary: Host
Content-Type: image/gif
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=15, max=100
Content-Length: 12146

Redirect headers

Date: Tue, 28 Nov 2023 20:14:23 GMT
X-Pad: avoid browser bug
Server: Apache
Content-Type: text/html; charset=iso-8859-1
Location: https://www.ogalopcourse.com/logo.gif
Connection: Keep-Alive
Keep-Alive: timeout=15, max=100
Content-Length: 245

GET
H/1.1 200
OK expertduturf.gif
kangaroturf.c4s.online/image/ 26 KB
26 KB 50ms
17ms Image
image/gif 2001:41d0:301::20
OVH

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://kangaroturf.c4s.online/image/expertduturf.gif
Requested by: Host: www.kangaroturf.c4s.online
URL: http://www.kangaroturf.c4s.online/
Protocol: HTTP/1.1
Server: 2001:41d0:301::20 , France, ASN16276 (OVH, FR),
Reverse DNS
Software: Apache /
Resource Hash: 5eab03e0bb9a776cffe4e912fc45550c384c2ad112b48b331dddd43a0303022a

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: http://www.kangaroturf.c4s.online/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Tue, 28 Nov 2023 20:14:23 GMT
last-modified: Mon, 13 Mar 2023 12:22:16 GMT
server: Apache
x-iplb-request-id: 200141D0000D364D0000000000000004:C2FE_200141D0030100000000000000000020:0050_65664A1F_1700F:7C7D
x-iplb-instance: 52188
content-type: image/gif
cache-control: max-age=900
accept-ranges: bytes
content-length: 26267
expires: Tue, 28 Nov 2023 20:29:23 GMT

GET
H/1.1 200
OK lemagicienduturf.gif
kangaroturf.c4s.online/image/ 53 KB
53 KB 45ms
17ms Image
image/gif 2001:41d0:301::20
OVH

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://kangaroturf.c4s.online/image/lemagicienduturf.gif
Requested by: Host: www.kangaroturf.c4s.online
URL: http://www.kangaroturf.c4s.online/
Protocol: HTTP/1.1
Server: 2001:41d0:301::20 , France, ASN16276 (OVH, FR),
Reverse DNS
Software: Apache /
Resource Hash: 23118bf6eebbbc12d6544b73bf5fcb46ff0290e3b6afa5c1e332ae186b7ee56b

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: http://www.kangaroturf.c4s.online/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Tue, 28 Nov 2023 20:14:23 GMT
last-modified: Thu, 06 Apr 2023 19:59:42 GMT
server: Apache
x-iplb-request-id: 200141D0000D364D0000000000000004:C304_200141D0030100000000000000000020:0050_65664A1F_3404C:1F57
x-iplb-instance: 52150
content-type: image/gif
cache-control: max-age=900
accept-ranges: bytes
content-length: 54195
expires: Tue, 28 Nov 2023 20:29:23 GMT

GET
H2

200

dueldescracks.gif
www.dueldescracks.siteneti.net/
Redirect Chain

http://www.dueldescracks.siteneti.net/dueldescracks.gif
https://www.dueldescracks.siteneti.net/dueldescracks.gif

36 KB
36 KB

50ms
15ms

Image
image/gif

2001:41d0:301::28
OVH

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.dueldescracks.siteneti.net/dueldescracks.gif
Requested by: Host: www.kangaroturf.c4s.online
URL: http://www.kangaroturf.c4s.online/
Protocol: H2
Server: 2001:41d0:301::28 , France, ASN16276 (OVH, FR),
Reverse DNS
Software: Apache /
Resource Hash: 359a7a4381cf4c25ffb63b281e93b98b7f43d664dbc00e12cc3a065596e95516

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: http://www.kangaroturf.c4s.online/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Tue, 28 Nov 2023 20:14:23 GMT
last-modified: Thu, 06 Apr 2023 18:29:01 GMT
server: Apache
content-type: image/gif
cache-control: max-age=900
accept-ranges: bytes
content-length: 36694
expires: Tue, 28 Nov 2023 20:29:23 GMT

Redirect headers

location: https://www.dueldescracks.siteneti.net/dueldescracks.gif
date: Tue, 28 Nov 2023 20:14:23 GMT
server: Apache
x-iplb-request-id: 200141D0000D364D0000000000000004:C9DC_200141D0030100000000000000000028:0050_65664A1F_32D1:270B
content-length: 264
x-iplb-instance: 52413
content-type: text/html; charset=iso-8859-1

GET
H/1.1 200
OK gas3_9032206.gif
pronosgratuit.lachezvos.pro/image/ 59 KB
59 KB 94ms
16ms Image
image/gif 46.105.57.169
OVH

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://pronosgratuit.lachezvos.pro/image/gas3_9032206.gif
Requested by: Host: www.kangaroturf.c4s.online
URL: http://www.kangaroturf.c4s.online/
Protocol: HTTP/1.1
Server: 46.105.57.169 , France, ASN16276 (OVH, FR),
Reverse DNS: cluster020.hosting.ovh.net
Software: Apache /
Resource Hash: c02dc92bd9d9da2fc29ffd574dc9013bd9f4026756d11f20719042482a41f722

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: http://www.kangaroturf.c4s.online/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Tue, 28 Nov 2023 20:14:23 GMT
last-modified: Mon, 17 Jul 2023 19:10:03 GMT
server: Apache
x-iplb-request-id: B22190B1:A102_2E6939A9:0050_65664A1F_290E5:3821
x-iplb-instance: 52131
content-type: image/gif
cache-control: max-age=900
accept-ranges: bytes
content-length: 59931
expires: Tue, 28 Nov 2023 20:29:23 GMT

GET
H2 200 LOGO%20EXPERT.gif
blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEiwZSQvG2ic5jGZ88h6w1rE46nI9P1eLlI9eoqqvr6ExzKUnmxkQHZXqQ2X5d_pDpLP_-GOI-S4WkPlF8GhpZ4T5W-AtwWPQB2crhXuDAK-oi_enF6yxKuqVolCDDSyAVqv1VQgLiSYNevAsWJ6... 5 KB
5 KB 273ms
199ms Image
image/gif 2a00:1450:4001:82f::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEiwZSQvG2ic5jGZ88h6w1rE46nI9P1eLlI9eoqqvr6ExzKUnmxkQHZXqQ2X5d_pDpLP_-GOI-S4WkPlF8GhpZ4T5W-AtwWPQB2crhXuDAK-oi_enF6yxKuqVolCDDSyAVqv1VQgLiSYNevAsWJ6bR4YUN6g-Frb3VDR-FlZ2Y4iBNuhj-b4Z7q3cwCuNLE/w92-h70/LOGO%20EXPERT.gif

Requested by

Host: www.kangaroturf.c4s.online
URL: http://www.kangaroturf.c4s.online/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

fife /

Resource Hash

e492b9ebe9cbcd1ea08ab40d9c93f0c458a4fbbc2743695a31c409872dd80182

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: http://www.kangaroturf.c4s.online/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Tue, 28 Nov 2023 20:14:23 GMT
x-content-type-options: nosniff
server: fife
etag: "v371"
vary: Origin
content-type: image/gif
access-control-expose-headers: Content-Length
cache-control: public, max-age=86400, no-transform
content-disposition: inline;filename="LOGO EXPERT.gif"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 5309
x-xss-protection: 0
expires: Wed, 29 Nov 2023 20:14:23 GMT

GET
H2 200 js Show response
www.paypal.com/sdk/ 291 KB
79 KB 91ms
47ms Script
application/javascript 151.101.1.21
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://www.paypal.com/sdk/js?client-id=AXWPljSR_V21Qp_VvEyX4glwGE4ZpToXLmeFaDCdHLq2ZAPlRz5isFTOlEbPj_9nYZmGLliTUkTbWlrd&enable-funding=venmo&currency=USD

Requested by

Host: www.kangaroturf.c4s.online
URL: http://www.kangaroturf.c4s.online/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.101.1.21 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Resource Hash

3d768920d90dd3a65c0fe3030973dfc6d1dd50c85a6a4b54b68de1488a10ea1c

Security Headers

Name	Value
Content-Security-Policy	default-src 'self' https://.paypal.com https://.paypalobjects.com; connect-src 'self' https://.paypal.com https://.paypalobjects.com https://.qualtrics.com; frame-src 'self' https://.paypal.com https://.paypalobjects.com https://.qualtrics.com; script-src 'nonce-4JJNNIZfErTJvSES3IXoWkGs7ng88XIYjy8VbaqhDwAjoRNH' 'self' https://.paypal.com https://.paypalobjects.com 'unsafe-inline'; style-src 'nonce-4JJNNIZfErTJvSES3IXoWkGs7ng88XIYjy8VbaqhDwAjoRNH' 'self' https://.paypal.com https://.paypalobjects.com 'unsafe-inline'; object-src 'none'; img-src https: data:; form-action 'self' https://.paypal.com; base-uri 'self' https://.paypal.com; upgrade-insecure-requests;; report-uri https://www.paypal.com/csplog/api/log/csp
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: http://www.kangaroturf.c4s.online/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

content-security-policy: default-src 'self' https://*.paypal.com https://*.paypalobjects.com; connect-src 'self' https://*.paypal.com https://*.paypalobjects.com https://*.qualtrics.com; frame-src 'self' https://*.paypal.com https://*.paypalobjects.com https://*.qualtrics.com; script-src 'nonce-4JJNNIZfErTJvSES3IXoWkGs7ng88XIYjy8VbaqhDwAjoRNH' 'self' https://*.paypal.com https://*.paypalobjects.com 'unsafe-inline'; style-src 'nonce-4JJNNIZfErTJvSES3IXoWkGs7ng88XIYjy8VbaqhDwAjoRNH' 'self' https://*.paypal.com https://*.paypalobjects.com 'unsafe-inline'; object-src 'none'; img-src https: data:; form-action 'self' https://*.paypal.com; base-uri 'self' https://*.paypal.com; upgrade-insecure-requests;; report-uri https://www.paypal.com/csplog/api/log/csp
content-encoding: gzip
x-content-type-options: nosniff
disable-set-cookie: true
via: 1.1 varnish, 1.1 varnish, 1.1 varnish
date: Tue, 28 Nov 2023 20:14:23 GMT
age: 51
strict-transport-security: max-age=63072000; includeSubDomains; preload
x-cache: HIT, MISS, MISS
p3p: true
paypal-debug-id: f6752069a0224
server-timing: "traceparent;desc="00-0000000000000000000f6752069a0224-5474e08fc7bfa079-01"";content-encoding;desc="gzip",x-cdn;desc="fastly"
dc: ccg11-origin-www-1.paypal.com
content-length: 79338
x-xss-protection: 1; mode=block
x-served-by: cache-lhr7376-LHR, cache-lcy-eglc8600078-LCY, cache-lcy-eglc8600078-LCY
accept-ch: sec-ch-ua-full, sec-ch-ua-arch, sec-ch-ua-model, sec-ch-ua-platform-version, sec-ch-ua-full-version, sec-ch-ua-full-version-list, sec-ch-ua-bitness, sec-ch-ua-wow64
traceparent: 00-0000000000000000000f6752069a0224-4efde7b8c28b17d8-01
x-timer: S1701202463.027896,VS0,VE26
etag: W/"135ea-Oi5fV8WJ1yklu+PpJCbtp+BTrSA"
x-frame-options: SAMEORIGIN
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
access-control-expose-headers: Server-Timing
cache-control: public, max-age=3600, s-maxage=10800
origin-trial: AlIogV3KFtnbfVCyl9Z2NprE7FD8PYCt+TQiYdE3ppeJjJ0xJKcthYwOxXpRCNopxVWdOIENMcNSvQCGAmj0fw0AAAB2eyJvcmlnaW4iOiJodHRwczovL3BheXBhbC5jb206NDQzIiwiZmVhdHVyZSI6IlNlbmRGdWxsVXNlckFnZW50QWZ0ZXJSZWR1Y3Rpb24iLCJleHBpcnkiOjE2ODQ4ODYzOTksImlzU3ViZG9tYWluIjp0cnVlfQ==
permissions-policy: ch-ua-platform-version=(self "https://c.paypal.com"),ch-ua-arch=(self "https://c.paypal.com"),ch-ua-wow64=(self "https://c.paypal.com"),ch-ua-model=(self "https://c.paypal.com"),ch-ua-bitness=(self "https://c.paypal.com"),ch-ua-full-version=(self "https://c.paypal.com"),ch-ua-full-version-list=(self "https://c.paypal.com")
accept-ranges: bytes
x-cache-hits: 1, 0, 0

GET
H/1.1 200
OK ivressedesgains.gif
kangaroturf.c4s.online/image/ 100 KB
100 KB 44ms
16ms Image
image/gif 2001:41d0:301::20
OVH

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://kangaroturf.c4s.online/image/ivressedesgains.gif
Requested by: Host: www.kangaroturf.c4s.online
URL: http://www.kangaroturf.c4s.online/
Protocol: HTTP/1.1
Server: 2001:41d0:301::20 , France, ASN16276 (OVH, FR),
Reverse DNS
Software: Apache /
Resource Hash: df71cf0774d4371a24620b26bc37304db8f4e58a0ce1204be218d49c00bbaca8

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: http://www.kangaroturf.c4s.online/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Tue, 28 Nov 2023 20:14:23 GMT
last-modified: Thu, 20 Apr 2023 08:56:24 GMT
server: Apache
x-iplb-request-id: 200141D0000D364D0000000000000004:C312_200141D0030100000000000000000020:0050_65664A1F_290D0:3821
x-iplb-instance: 52131
content-type: image/gif
cache-control: max-age=900
accept-ranges: bytes
content-length: 102417
expires: Tue, 28 Nov 2023 20:29:23 GMT

GET
H/1.1 200
OK mini%20turf.jpg
www.mini-turf.c4s.online/banniere/ 278 KB
278 KB 52ms
17ms Image
image/jpeg 2001:41d0:301::20
OVH

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://www.mini-turf.c4s.online/banniere/mini%20turf.jpg
Requested by: Host: www.kangaroturf.c4s.online
URL: http://www.kangaroturf.c4s.online/
Protocol: HTTP/1.1
Server: 2001:41d0:301::20 , France, ASN16276 (OVH, FR),
Reverse DNS
Software: Apache /
Resource Hash: 3b4d7c223f67b89c4d51f5a523f1e27b78bd5f559a7f7042309fe97f43085c8b

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: http://www.kangaroturf.c4s.online/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Tue, 28 Nov 2023 20:14:23 GMT
last-modified: Thu, 29 Mar 2018 09:10:41 GMT
server: Apache
x-iplb-request-id: 200141D0000D364D0000000000000004:C31A_200141D0030100000000000000000020:0050_65664A1F_11C23:16E0
x-iplb-instance: 52166
content-type: image/jpeg
cache-control: max-age=900
accept-ranges: bytes
content-length: 284220
expires: Tue, 28 Nov 2023 20:29:23 GMT

GET
H2

200

PMUCH.gif
jeuxsurs.siteneti.net/image/
Redirect Chain

http://jeuxsurs.siteneti.net/image/PMUCH.gif
https://jeuxsurs.siteneti.net/image/PMUCH.gif

37 KB
37 KB

42ms
28ms

Image
image/gif

2001:41d0:301::28
OVH

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://jeuxsurs.siteneti.net/image/PMUCH.gif
Requested by: Host: www.kangaroturf.c4s.online
URL: http://www.kangaroturf.c4s.online/
Protocol: H2
Server: 2001:41d0:301::28 , France, ASN16276 (OVH, FR),
Reverse DNS
Software: Apache /
Resource Hash: 853003068526c8290a08b44e300be0151e9e9a433699d18f436fcbf0e07ae9ae

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: http://www.kangaroturf.c4s.online/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Tue, 28 Nov 2023 20:14:23 GMT
last-modified: Sat, 30 Nov 2019 14:57:16 GMT
server: Apache
content-type: image/gif
cache-control: max-age=900
accept-ranges: bytes
content-length: 37913
expires: Tue, 28 Nov 2023 20:29:23 GMT

Redirect headers

location: https://jeuxsurs.siteneti.net/image/PMUCH.gif
date: Tue, 28 Nov 2023 20:14:23 GMT
server: Apache
x-iplb-request-id: 200141D0000D364D0000000000000004:C9E0_200141D0030100000000000000000028:0050_65664A1F_2054F:6D29
content-length: 253
x-iplb-instance: 52473
content-type: text/html; charset=iso-8859-1

GET
H/1.1 200
OK erfolg.png
www.erfolg.c4s.online/banniere/ 305 KB
306 KB 57ms
17ms Image
image/png 2001:41d0:301::20
OVH

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://www.erfolg.c4s.online/banniere/erfolg.png
Requested by: Host: www.kangaroturf.c4s.online
URL: http://www.kangaroturf.c4s.online/
Protocol: HTTP/1.1
Server: 2001:41d0:301::20 , France, ASN16276 (OVH, FR),
Reverse DNS
Software: Apache /
Resource Hash: 284477d57113b864ab1c02e58d2f616555afa49abc77f7641d941d78eb38f853

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: http://www.kangaroturf.c4s.online/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Tue, 28 Nov 2023 20:14:23 GMT
last-modified: Sun, 15 Jul 2018 17:37:22 GMT
server: Apache
x-iplb-request-id: 200141D0000D364D0000000000000004:C31E_200141D0030100000000000000000020:0050_65664A1F_11C27:16E0
x-iplb-instance: 52166
content-type: image/png
cache-control: max-age=900
accept-ranges: bytes
content-length: 312534
expires: Tue, 28 Nov 2023 20:29:23 GMT

GET
H/1.1 200
OK Extra%20derby.gif
www.extra-derby.c4s.online/banniere/ 204 KB
204 KB 49ms
15ms Image
image/gif 46.105.57.169
OVH

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://www.extra-derby.c4s.online/banniere/Extra%20derby.gif
Requested by: Host: www.kangaroturf.c4s.online
URL: http://www.kangaroturf.c4s.online/
Protocol: HTTP/1.1
Server: 46.105.57.169 , France, ASN16276 (OVH, FR),
Reverse DNS: cluster020.hosting.ovh.net
Software: Apache /
Resource Hash: 09800505d37a8c898f371e77d71724667a748de947a00292cb4c92bf4ae754de

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: http://www.kangaroturf.c4s.online/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Tue, 28 Nov 2023 20:14:23 GMT
last-modified: Thu, 17 Nov 2016 17:50:38 GMT
server: Apache
x-iplb-request-id: B22190B1:A0F2_2E6939A9:0050_65664A1F_3405C:1F57
x-iplb-instance: 52150
content-type: image/gif
cache-control: max-age=900
accept-ranges: bytes
content-length: 208675
expires: Tue, 28 Nov 2023 20:29:23 GMT

GET
H2

200

JEUXSUR.png
jeuxsurs.siteneti.net/banniere/
Redirect Chain

http://jeuxsurs.siteneti.net/banniere/JEUXSUR.png
https://jeuxsurs.siteneti.net/banniere/JEUXSUR.png

309 KB
309 KB

31ms
30ms

Image
image/png

2001:41d0:301::28
OVH

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://jeuxsurs.siteneti.net/banniere/JEUXSUR.png
Requested by: Host: www.kangaroturf.c4s.online
URL: http://www.kangaroturf.c4s.online/
Protocol: H2
Server: 2001:41d0:301::28 , France, ASN16276 (OVH, FR),
Reverse DNS
Software: Apache /
Resource Hash: 5ec1d1f767b7a3a3e6964755ea526e1657576b5a7c8d968a9208ffd6b1333786

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: http://www.kangaroturf.c4s.online/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Tue, 28 Nov 2023 20:14:23 GMT
last-modified: Sat, 30 Nov 2019 14:56:59 GMT
server: Apache
content-type: image/png
cache-control: max-age=900
accept-ranges: bytes
content-length: 316336
expires: Tue, 28 Nov 2023 20:29:23 GMT

Redirect headers

location: https://jeuxsurs.siteneti.net/banniere/JEUXSUR.png
date: Tue, 28 Nov 2023 20:14:23 GMT
server: Apache
x-iplb-request-id: 200141D0000D364D0000000000000004:C9EE_200141D0030100000000000000000028:0050_65664A1F_EABD1:236C
content-length: 258
x-iplb-instance: 52396
content-type: text/html; charset=iso-8859-1

GET
H/1.1

200
OK

new.gif
www.ogalopcourse.com/img/
Redirect Chain

http://www.ogalopcourse.com/img/new.gif
https://www.ogalopcourse.com/img/new.gif

3 KB
3 KB

91ms
25ms

Image
image/gif

194.150.236.236
HIWIT_AS

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.ogalopcourse.com/img/new.gif

Requested by

Host: www.kangaroturf.c4s.online
URL: http://www.kangaroturf.c4s.online/

Protocol

HTTP/1.1

Server

194.150.236.236 , France, ASN44976 (HIWIT_AS, FR),

Reverse DNS

ns76.hiwit.net

Software

Apache /

Resource Hash

f94d68bd074ac3a9138d954a5ba91b444aeef97de2d067c636da0579cda3668e

Security Headers

Name	Value
Strict-Transport-Security	max-age=15768000

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: http://www.kangaroturf.c4s.online/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

Date: Tue, 28 Nov 2023 20:14:23 GMT
Strict-Transport-Security: max-age=15768000
Last-Modified: Sun, 07 Aug 2022 16:40:35 GMT
Server: Apache
ETag: "28e95eb-a52-5e5a95bbe86c0"
Vary: Host
Content-Type: image/gif
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=15, max=99
Content-Length: 2642

Redirect headers

Location: https://www.ogalopcourse.com/img/new.gif
Date: Tue, 28 Nov 2023 20:14:23 GMT
Server: Apache
Connection: Keep-Alive
Keep-Alive: timeout=15, max=99
Content-Length: 248
Content-Type: text/html; charset=iso-8859-1

GET
H/1.1 200
OK PROGRES2.gif
pronosgratuit.lachezvos.pro/image/ 17 KB
17 KB 29ms
15ms Image
image/gif 46.105.57.169
OVH

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://pronosgratuit.lachezvos.pro/image/PROGRES2.gif
Requested by: Host: www.kangaroturf.c4s.online
URL: http://www.kangaroturf.c4s.online/
Protocol: HTTP/1.1
Server: 46.105.57.169 , France, ASN16276 (OVH, FR),
Reverse DNS: cluster020.hosting.ovh.net
Software: Apache /
Resource Hash: 09f778ac84dee43a19529ff738b8c9e5d2f7e9e7fa8bb34d8f1628d8f10b3cf8

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: http://www.kangaroturf.c4s.online/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Tue, 28 Nov 2023 20:14:23 GMT
last-modified: Thu, 20 Jul 2023 10:50:07 GMT
server: Apache
x-iplb-request-id: B22190B1:A110_2E6939A9:0050_65664A1F_11C32:16E0
x-iplb-instance: 52166
content-type: image/gif
cache-control: max-age=900
accept-ranges: bytes
content-length: 16950
expires: Tue, 28 Nov 2023 20:29:23 GMT

GET
H2 200 analytics.js Show response
www.google-analytics.com/ 52 KB
21 KB 86ms
26ms Script
text/javascript 2a00:1450:4001:827::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/analytics.js

Requested by

Host: www.kangaroturf.c4s.online
URL: http://www.kangaroturf.c4s.online/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:827::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

de36e50194320a7d3ef1ace9bd34a875a8bd458b253c061979dd628e9bf49afd

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: http://www.kangaroturf.c4s.online/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

strict-transport-security: max-age=10886400; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
date: Tue, 28 Nov 2023 19:49:38 GMT
last-modified: Mon, 12 Jun 2023 18:23:07 GMT
server: Golfe2
age: 1485
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=7200
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 20994
expires: Tue, 28 Nov 2023 21:49:38 GMT

GET
H/1.1 200
OK kangaro%20turf.png
www.kangaroturf.c4s.online/banniere/ 340 KB
340 KB 16ms
16ms Image
image/png 2001:41d0:301::20
OVH

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://www.kangaroturf.c4s.online/banniere/kangaro%20turf.png
Requested by: Host: www.kangaroturf.c4s.online
URL: http://www.kangaroturf.c4s.online/css/jeux.css
Protocol: HTTP/1.1
Server: 2001:41d0:301::20 , France, ASN16276 (OVH, FR),
Reverse DNS
Software: Apache /
Resource Hash: 132c512a566d83d6fe75b3388231eb3e9191a65d3e6ad9dc0279d5702c2e7a59

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: http://www.kangaroturf.c4s.online/css/jeux.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Tue, 28 Nov 2023 20:14:22 GMT
last-modified: Sat, 06 Apr 2019 08:44:13 GMT
server: Apache
x-iplb-request-id: 200141D0000D364D0000000000000004:C2F2_200141D0030100000000000000000020:0050_65664A1E_16FFF:7C7D
x-iplb-instance: 52188
content-type: image/png
cache-control: max-age=900
accept-ranges: bytes
content-length: 348249
expires: Tue, 28 Nov 2023 20:29:22 GMT

GET
H2 200 pptm.js Show response
www.paypal.com/tagmanager/ 12 KB
5 KB 25ms
24ms Script
application/x-javascript 151.101.1.21
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://www.paypal.com/tagmanager/pptm.js?id=www.kangaroturf.c4s.online&t=xo&v=5.0.410&source=payments_sdk&client_id=AXWPljSR_V21Qp_VvEyX4glwGE4ZpToXLmeFaDCdHLq2ZAPlRz5isFTOlEbPj_9nYZmGLliTUkTbWlrd&disableSetCookie=true&vault=false

Requested by

Host: www.paypal.com
URL: https://www.paypal.com/sdk/js?client-id=AXWPljSR_V21Qp_VvEyX4glwGE4ZpToXLmeFaDCdHLq2ZAPlRz5isFTOlEbPj_9nYZmGLliTUkTbWlrd&enable-funding=venmo&currency=USD

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.101.1.21 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Resource Hash

7b43cb1814ca80746730f4207edcd1175bb5e95baf32398cfa5c891cb06713d7

Security Headers

Name	Value
Content-Security-Policy	default-src 'self' https://.paypal.com https://.paypalobjects.com 'unsafe-inline'; script-src 'nonce-l38YjxWuawI2g+qbh69et4dVU7uUQWRx6/NxOEoj2gJzeVqz' 'self' https://.paypal.com https://.paypalobjects.com 'unsafe-inline'; img-src * data:; object-src 'none'; font-src 'self' https://.paypalobjects.com https://.paypal.com; connect-src 'self' https://.paypal.com https://.paypalobjects.com https://nexus.ensighten.com https://.google-analytics.com 'unsafe-inline' https://.qualtrics.com; form-action 'self' https://.paypal.com; base-uri 'self' https://.paypal.com; upgrade-insecure-requests;; report-uri https://www.paypal.com/csplog/api/log/csp; frame-src 'self' https://.paypal.com https://.paypalobjects.com 'unsafe-inline' https://*.qualtrics.com;
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: http://www.kangaroturf.c4s.online/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

content-security-policy: default-src 'self' https://*.paypal.com https://*.paypalobjects.com 'unsafe-inline'; script-src 'nonce-l38YjxWuawI2g+qbh69et4dVU7uUQWRx6/NxOEoj2gJzeVqz' 'self' https://*.paypal.com https://*.paypalobjects.com 'unsafe-inline'; img-src * data:; object-src 'none'; font-src 'self' https://*.paypalobjects.com https://*.paypal.com; connect-src 'self' https://*.paypal.com https://*.paypalobjects.com https://nexus.ensighten.com https://*.google-analytics.com 'unsafe-inline' https://*.qualtrics.com; form-action 'self' https://*.paypal.com; base-uri 'self' https://*.paypal.com; upgrade-insecure-requests;; report-uri https://www.paypal.com/csplog/api/log/csp; frame-src 'self' https://*.paypal.com https://*.paypalobjects.com 'unsafe-inline' https://*.qualtrics.com;
content-encoding: gzip
x-content-type-options: nosniff
date: Tue, 28 Nov 2023 20:14:23 GMT
via: 1.1 varnish, 1.1 varnish, 1.1 varnish
strict-transport-security: max-age=63072000; includeSubDomains; preload
age: 2035
x-cache: MISS, HIT, MISS
paypal-debug-id: f9900012e84a8
server-timing: content-encoding;desc="gzip",x-cdn;desc="fastly"
dc: ccg11-origin-www-1.paypal.com
content-length: 4338
x-xss-protection: 1; mode=block
x-served-by: cache-lhr7369-LHR, cache-lcy-eglc8600078-LCY, cache-lcy-eglc8600078-LCY
accept-ch: sec-ch-ua-full, sec-ch-ua-arch, sec-ch-ua-model, sec-ch-ua-platform-version, sec-ch-ua-full-version, sec-ch-ua-full-version-list, sec-ch-ua-bitness, sec-ch-ua-wow64
traceparent: 00-0000000000000000000f9900012e84a8-2c36c127e4b32c43-01
x-timer: S1701202463.107147,VS0,VE6
etag: W/"2f8b-lWMMAqH5NWBufCerdpb7DcGAARo"
x-frame-options: SAMEORIGIN
vary: Accept-Encoding
content-type: application/x-javascript; charset=utf-8
cache-control: public, max-age=3600
origin-trial: AlIogV3KFtnbfVCyl9Z2NprE7FD8PYCt+TQiYdE3ppeJjJ0xJKcthYwOxXpRCNopxVWdOIENMcNSvQCGAmj0fw0AAAB2eyJvcmlnaW4iOiJodHRwczovL3BheXBhbC5jb206NDQzIiwiZmVhdHVyZSI6IlNlbmRGdWxsVXNlckFnZW50QWZ0ZXJSZWR1Y3Rpb24iLCJleHBpcnkiOjE2ODQ4ODYzOTksImlzU3ViZG9tYWluIjp0cnVlfQ==
permissions-policy: ch-ua-platform-version=(self "https://c.paypal.com"),ch-ua-arch=(self "https://c.paypal.com"),ch-ua-wow64=(self "https://c.paypal.com"),ch-ua-model=(self "https://c.paypal.com"),ch-ua-bitness=(self "https://c.paypal.com"),ch-ua-full-version=(self "https://c.paypal.com"),ch-ua-full-version-list=(self "https://c.paypal.com")
accept-ranges: bytes
x-cache-hits: 0, 1, 0

GET
H2 200 buttons Show response
www.paypal.com/smart/ Frame D3B6 407 KB
104 KB 397ms
396ms Document
text/html 151.101.1.21
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://www.paypal.com/smart/buttons?style.label=paypal&style.layout=vertical&style.color=gold&style.shape=rect&style.tagline=false&style.menuPlacement=below&sdkVersion=5.0.410&components.0=buttons&locale.country=US&locale.lang=en&sdkMeta=eyJ1cmwiOiJodHRwczovL3d3dy5wYXlwYWwuY29tL3Nkay9qcz9jbGllbnQtaWQ9QVhXUGxqU1JfVjIxUXBfVnZFeVg0Z2x3R0U0WnBUb1hMbWVGYURDZEhMcTJaQVBsUno1aXNGVE9sRWJQal85bllabUdMbGlUVWtUYldscmQmZW5hYmxlLWZ1bmRpbmc9dmVubW8mY3VycmVuY3k9VVNEIiwiYXR0cnMiOnsiZGF0YS1zZGstaW50ZWdyYXRpb24tc291cmNlIjoiYnV0dG9uLWZhY3RvcnkiLCJkYXRhLXVpZCI6InVpZF96aHV1bGxtaWxmaXVtY3djamhsZHpyb215bW91eHIifX0&clientID=AXWPljSR_V21Qp_VvEyX4glwGE4ZpToXLmeFaDCdHLq2ZAPlRz5isFTOlEbPj_9nYZmGLliTUkTbWlrd&sdkCorrelationID=f459704fa2a5b&storageID=uid_f0f784c292_mja6mtq6mjm&sessionID=uid_0a0188e3ba_mja6mtq6mjm&buttonSessionID=uid_301b94b706_mja6mtq6mjm&env=production&buttonSize=huge&fundingEligibility=eyJwYXlwYWwiOnsiZWxpZ2libGUiOnRydWUsInZhdWx0YWJsZSI6ZmFsc2V9LCJwYXlsYXRlciI6eyJlbGlnaWJsZSI6ZmFsc2UsInZhdWx0YWJsZSI6ZmFsc2UsInByb2R1Y3RzIjp7InBheUluMyI6eyJlbGlnaWJsZSI6ZmFsc2UsInZhcmlhbnQiOm51bGx9LCJwYXlJbjQiOnsiZWxpZ2libGUiOmZhbHNlLCJ2YXJpYW50IjpudWxsfSwicGF5bGF0ZXIiOnsiZWxpZ2libGUiOmZhbHNlLCJ2YXJpYW50IjpudWxsfX19LCJjYXJkIjp7ImVsaWdpYmxlIjp0cnVlLCJicmFuZGVkIjp0cnVlLCJpbnN0YWxsbWVudHMiOmZhbHNlLCJ2ZW5kb3JzIjp7InZpc2EiOnsiZWxpZ2libGUiOnRydWUsInZhdWx0YWJsZSI6dHJ1ZX0sIm1hc3RlcmNhcmQiOnsiZWxpZ2libGUiOnRydWUsInZhdWx0YWJsZSI6dHJ1ZX0sImFtZXgiOnsiZWxpZ2libGUiOnRydWUsInZhdWx0YWJsZSI6dHJ1ZX0sImRpc2NvdmVyIjp7ImVsaWdpYmxlIjpmYWxzZSwidmF1bHRhYmxlIjp0cnVlfSwiaGlwZXIiOnsiZWxpZ2libGUiOmZhbHNlLCJ2YXVsdGFibGUiOmZhbHNlfSwiZWxvIjp7ImVsaWdpYmxlIjpmYWxzZSwidmF1bHRhYmxlIjp0cnVlfSwiamNiIjp7ImVsaWdpYmxlIjpmYWxzZSwidmF1bHRhYmxlIjp0cnVlfX0sImd1ZXN0RW5hYmxlZCI6ZmFsc2V9LCJ2ZW5tbyI6eyJlbGlnaWJsZSI6ZmFsc2UsInZhdWx0YWJsZSI6ZmFsc2V9LCJpdGF1Ijp7ImVsaWdpYmxlIjpmYWxzZX0sImNyZWRpdCI6eyJlbGlnaWJsZSI6ZmFsc2V9LCJhcHBsZXBheSI6eyJlbGlnaWJsZSI6ZmFsc2V9LCJzZXBhIjp7ImVsaWdpYmxlIjpmYWxzZX0sImlkZWFsIjp7ImVsaWdpYmxlIjpmYWxzZX0sImJhbmNvbnRhY3QiOnsiZWxpZ2libGUiOmZhbHNlfSwiZ2lyb3BheSI6eyJlbGlnaWJsZSI6ZmFsc2V9LCJlcHMiOnsiZWxpZ2libGUiOmZhbHNlfSwic29mb3J0Ijp7ImVsaWdpYmxlIjpmYWxzZX0sIm15YmFuayI6eyJlbGlnaWJsZSI6ZmFsc2V9LCJwMjQiOnsiZWxpZ2libGUiOmZhbHNlfSwid2VjaGF0cGF5Ijp7ImVsaWdpYmxlIjpmYWxzZX0sInBheXUiOnsiZWxpZ2libGUiOmZhbHNlfSwiYmxpayI6eyJlbGlnaWJsZSI6ZmFsc2V9LCJ0cnVzdGx5Ijp7ImVsaWdpYmxlIjpmYWxzZX0sIm94eG8iOnsiZWxpZ2libGUiOmZhbHNlfSwiYm9sZXRvIjp7ImVsaWdpYmxlIjpmYWxzZX0sImJvbGV0b2JhbmNhcmlvIjp7ImVsaWdpYmxlIjpmYWxzZX0sIm1lcmNhZG9wYWdvIjp7ImVsaWdpYmxlIjpmYWxzZX0sIm11bHRpYmFuY28iOnsiZWxpZ2libGUiOmZhbHNlfSwic2F0aXNwYXkiOnsiZWxpZ2libGUiOmZhbHNlfSwicGFpZHkiOnsiZWxpZ2libGUiOmZhbHNlfX0&platform=desktop&experiment.enableVenmo=false&flow=purchase&currency=USD&intent=capture&commit=true&vault=false&enableFunding.0=venmo&renderedButtons.0=paypal&renderedButtons.1=card&debug=false&applePaySupport=false&supportsPopups=true&supportedNativeBrowser=false&allowBillingPayments=true&disableSetCookie=true&experimentation.experience=107634&experimentation.treatment=137602

Requested by

Host: www.paypal.com
URL: https://www.paypal.com/sdk/js?client-id=AXWPljSR_V21Qp_VvEyX4glwGE4ZpToXLmeFaDCdHLq2ZAPlRz5isFTOlEbPj_9nYZmGLliTUkTbWlrd&enable-funding=venmo&currency=USD

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.101.1.21 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Resource Hash

9a98b88df5efd5383b488095bc1d93c2e83d7b7a01b000b6d506b73863d75b6f

Security Headers

Name	Value
Content-Security-Policy	form-action 'self' https://.paypal.com https://.cardinalcommerce.com; default-src 'self' https://.paypal.com https://.paypalobjects.com; connect-src 'self' https://.paypal.com: https://.paypalobjects.com https://.googleapis.com https://.firebaseio.com wss://.firebaseio.com https://api2.amplitude.com http://127.0.0.1:* https://.qualtrics.com; frame-src 'self' https://.paypal.com:* https://.paypalobjects.com https://.cardinalcommerce.com https://.firebaseapp.com https://.qualtrics.com; script-src 'self' https://.paypal.com: https://.paypalobjects.com 'unsafe-inline' 'unsafe-eval' https://apis.google.com; style-src 'self' https://.paypal.com:* https://.paypalobjects.com 'unsafe-inline'; font-src 'self' https://.paypal.com https://.paypalobjects.com data:; object-src 'none'; img-src https: data:; base-uri 'self' https://.paypal.com; upgrade-insecure-requests;; report-uri https://www.paypal.com/csplog/api/log/csp
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: http://www.kangaroturf.c4s.online/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36
accept-language: fr-FR,fr;q=0.9

Response headers

accept-ch: sec-ch-ua-full, sec-ch-ua-arch, sec-ch-ua-model, sec-ch-ua-platform-version, sec-ch-ua-full-version, sec-ch-ua-full-version-list, sec-ch-ua-bitness, sec-ch-ua-wow64
accept-ranges: bytes
access-control-expose-headers: Server-Timing
cache-control: max-age=0, no-cache, no-store, must-revalidate
content-disposition: inline
content-encoding: gzip
content-security-policy: form-action 'self' https://*.paypal.com https://*.cardinalcommerce.com; default-src 'self' https://*.paypal.com https://*.paypalobjects.com; connect-src 'self' https://*.paypal.com:* https://*.paypalobjects.com https://*.googleapis.com https://*.firebaseio.com wss://*.firebaseio.com https://api2.amplitude.com http://127.0.0.1:* https://*.qualtrics.com; frame-src 'self' https://*.paypal.com:* https://*.paypalobjects.com https://*.cardinalcommerce.com https://*.firebaseapp.com https://*.qualtrics.com; script-src 'self' https://*.paypal.com:* https://*.paypalobjects.com 'unsafe-inline' 'unsafe-eval' https://apis.google.com; style-src 'self' https://*.paypal.com:* https://*.paypalobjects.com 'unsafe-inline'; font-src 'self' https://*.paypal.com https://*.paypalobjects.com data:; object-src 'none'; img-src https: data:; base-uri 'self' https://*.paypal.com; upgrade-insecure-requests;; report-uri https://www.paypal.com/csplog/api/log/csp
content-type: text/html; charset=utf-8
date: Tue, 28 Nov 2023 20:14:23 GMT
dc: ccg11-origin-www-1.paypal.com
etag: W/"65b41-d5aB2XSzEzlFwG0sQk1IofeMelY"
origin-trial: AlIogV3KFtnbfVCyl9Z2NprE7FD8PYCt+TQiYdE3ppeJjJ0xJKcthYwOxXpRCNopxVWdOIENMcNSvQCGAmj0fw0AAAB2eyJvcmlnaW4iOiJodHRwczovL3BheXBhbC5jb206NDQzIiwiZmVhdHVyZSI6IlNlbmRGdWxsVXNlckFnZW50QWZ0ZXJSZWR1Y3Rpb24iLCJleHBpcnkiOjE2ODQ4ODYzOTksImlzU3ViZG9tYWluIjp0cnVlfQ==
p3p: true
paypal-debug-id: f484987d02933
permissions-policy: ch-ua-platform-version=(self "https://c.paypal.com"),ch-ua-arch=(self "https://c.paypal.com"),ch-ua-wow64=(self "https://c.paypal.com"),ch-ua-model=(self "https://c.paypal.com"),ch-ua-bitness=(self "https://c.paypal.com"),ch-ua-full-version=(self "https://c.paypal.com"),ch-ua-full-version-list=(self "https://c.paypal.com")
server-timing: "traceparent;desc="00-0000000000000000000f484987d02933-3c88ff7eb7f36d24-01"";content-encoding;desc="gzip",x-cdn;desc="fastly"
strict-transport-security: max-age=63072000; includeSubDomains; preload
traceparent: 00-0000000000000000000f484987d02933-55336fc1313a890f-01
vary: Accept-Encoding
via: 1.1 varnish, 1.1 varnish, 1.1 varnish
x-cache: MISS, MISS, MISS
x-cache-hits: 0, 0, 0
x-content-type-options: nosniff
x-csrf-jwt: __blank__
x-served-by: cache-lhr7358-LHR, cache-lcy-eglc8600078-LCY, cache-lcy-eglc8600078-LCY
x-timer: S1701202463.145908,VS0,VE378
x-xss-protection: 1; mode=block

GET
H2 200 paypal-blue.svg
www.paypalobjects.com/js-sdk-logos/2.2.7/ Frame 4C4D 3 KB
2 KB 95ms
24ms Image
image/svg+xml 192.229.221.25
EDGECAST

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.paypalobjects.com/js-sdk-logos/2.2.7/paypal-blue.svg

Requested by

Host: www.kangaroturf.c4s.online
URL: http://www.kangaroturf.c4s.online/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

192.229.221.25 , United States, ASN15133 (EDGECAST, US),

Reverse DNS

Software

ECAcc (paa/6F05) /

Resource Hash

25b02175cc0a4e36fda24db4b7de40009feb7b31f18fe3c77423a2169929b94b

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: fr-FR,fr;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Tue, 28 Nov 2023 20:14:23 GMT
content-encoding: gzip
x-content-type-options: nosniff
strict-transport-security: max-age=63072000; includeSubDomains; preload
x-cache: HIT
paypal-debug-id: 1867a673a7a0f
dc: ccg11-origin-www-1.paypal.com
content-length: 1217
last-modified: Tue, 04 Apr 2023 21:46:19 GMT
server: ECAcc (paa/6F05)
traceparent: 00-00000000000000000001867a673a7a0f-f3dfb61d7baab926-01
etag: W/"642c9aab-cc2"
vary: Accept-Encoding
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: s-maxage=31536000, public,max-age=3600
accept-ranges: bytes
timing-allow-origin: https://www.paypal.com,https://www.sandbox.paypal.com
expires: Tue, 28 Nov 2023 21:14:23 GMT

GET
H2 200 card-white.svg
www.paypalobjects.com/js-sdk-logos/2.2.7/ Frame 4C4D 1 KB
761 B 96ms
26ms Image
image/svg+xml 192.229.221.25
EDGECAST

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.paypalobjects.com/js-sdk-logos/2.2.7/card-white.svg

Requested by

Host: www.kangaroturf.c4s.online
URL: http://www.kangaroturf.c4s.online/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

192.229.221.25 , United States, ASN15133 (EDGECAST, US),

Reverse DNS

Software

ECAcc (paa/6F71) /

Resource Hash

1c4c2e6fd8a12889bc2ab350338566579ae079850e59701c8bf55ba52abd4d6b

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: fr-FR,fr;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Tue, 28 Nov 2023 20:14:23 GMT
content-encoding: gzip
x-content-type-options: nosniff
strict-transport-security: max-age=63072000; includeSubDomains; preload
x-cache: HIT
paypal-debug-id: 1d478ed69fe51
dc: ccg11-origin-www-1.paypal.com
content-length: 637
last-modified: Tue, 04 Apr 2023 21:46:19 GMT
server: ECAcc (paa/6F71)
traceparent: 00-00000000000000000001d478ed69fe51-f4a949f38f31de5d-01
etag: W/"642c9aab-54e"
vary: Accept-Encoding
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: s-maxage=31536000, public,max-age=3600
accept-ranges: bytes
timing-allow-origin: https://www.paypal.com,https://www.sandbox.paypal.com
expires: Tue, 28 Nov 2023 21:14:23 GMT

GET
H2 200 ts
t.paypal.com/ 42 B
544 B 270ms
225ms Image
image/gif 151.101.129.35
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://t.paypal.com/ts?pgrp=muse%3Ageneric%3Aanalytics%3A%3Amerchant&page=muse%3Ageneric%3Aanalytics%3A%3Amerchant%3A%3A%3A&tsrce=tagmanagernodeweb&comp=tagmanagernodeweb&sub_component=analytics&s=ci&fltp=analytics-generic&pt=Gratuit%20KANGARO-TURF&dh=1200&dw=1600&bh=1200&bw=1600&cd=24&sh=1200&sw=1600&v=NA&pl=pdf&rosetta_language=en-US%2Cen&e=im&t=1701202463160&g=-60&completeurl=http%3A%2F%2Fwww.kangaroturf.c4s.online%2F&sinfo=%7B%22partners%22%3A%7B%22ecwid%22%3A%7B%7D%2C%22bigCommerce%22%3A%7B%7D%2C%22shopify%22%3A%7B%7D%2C%22wix%22%3A%7B%7D%2C%22bigCartel%22%3A%7B%7D%7D%7D&disableSetCookie=true

Requested by

Host: www.kangaroturf.c4s.online
URL: http://www.kangaroturf.c4s.online/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.101.129.35 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Resource Hash

6d8ba81d1b60a18707722a1f2b62dad48a6acced95a1933f49a68b5016620b93

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: http://www.kangaroturf.c4s.online/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

x-cache-hits: 0, 0
date: Tue, 28 Nov 2023 20:14:23 GMT
via: 1.1 varnish, 1.1 varnish
strict-transport-security: max-age=63072000; includeSubDomains; preload
x-cache: MISS, MISS
p3p: CP="CAO IND OUR SAM UNI STA COR COM"
paypal-debug-id: 144ff24f481fa
server-timing: content-encoding;desc="",x-cdn;desc="fastly"
x-served-by: cache-lhr7389-LHR, cache-lcy-eglc8600072-LCY
pragma: no-cache
correlation-id: 144ff24f481fa
traceparent: 00-0000000000000000000144ff24f481fa-e51582636c476929-01
x-timer: S1701202463.213168,VS0,VE207
vary: Accept-Encoding
content-type: image/gif
cache-control: max-age=0, no-cache, no-store, must-revalidate
accept-ranges: bytes
timing-allow-origin: *
expires: Tue, 28 Nov 2023 20:14:23 GMT

POST
H2 200 collect Show response
www.google-analytics.com/j/ 15 B
228 B 36ms
36ms XHR
text/plain 2a00:1450:4001:827::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/j/collect?v=1&_v=j101&a=1391820287&t=pageview&_s=1&dl=http%3A%2F%2Fwww.kangaroturf.c4s.online%2F&ul=en-us&de=UTF-8&dt=Gratuit%20KANGARO-TURF&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=IEBAAEABAAAAACAAI~&jid=205528724&gjid=1312639776&cid=1260597941.1701202463&tid=UA-86810374-1&_gid=433260390.1701202463&_r=1&_slc=1&z=2146396108

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:827::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

b60c71b98dbb4ab180c55a78ff2394f96ef77648368d6d3e8301c15bd69289e4

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: http://www.kangaroturf.c4s.online/
accept-language: fr-FR,fr;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Tue, 28 Nov 2023 20:14:23 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: http://www.kangaroturf.c4s.online
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 15
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 js Show response
www.googletagmanager.com/gtag/ 221 KB
80 KB 101ms
42ms Script
application/javascript 2a00:1450:4001:810::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=G-G8VKCZ1Q8K&cx=c&_slc=1

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:810::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

17aa74cda6ce3f26d7a57ee83c280627d5df204e78f0a630658fea420571a71e

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: http://www.kangaroturf.c4s.online/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Tue, 28 Nov 2023 20:14:23 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
access-control-allow-headers: Cache-Control
content-length: 81037
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires: Tue, 28 Nov 2023 20:14:23 GMT

POST
H2 204 collect
region1.google-analytics.com/g/ 0
261 B 69ms
25ms Ping
text/plain 2001:4860:4802:32::36
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://region1.google-analytics.com/g/collect?v=2&tid=G-G8VKCZ1Q8K&gtm=45je3b81v9107633184&_p=1701202463230&gcd=11l1l1l1l2&dma_cps=sypham&dma=1&ul=en-us&sr=1600x1200&cid=1260597941.1701202463&_eu=ABAI&_s=1&dl=http%3A%2F%2Fwww.kangaroturf.c4s.online%2F&dt=Gratuit%20KANGARO-TURF&sid=1701202463&sct=1&seg=0&en=page_view&_fv=1&_ss=1&_ee=1&tfd=524
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-G8VKCZ1Q8K&cx=c&_slc=1
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2001:4860:4802:32::36 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: http://www.kangaroturf.c4s.online/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 28 Nov 2023 20:14:23 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: http://www.kangaroturf.c4s.online
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 js Show response
www.paypal.com/sdk/ Frame D3B6 291 KB
79 KB 29ms
29ms Script
application/javascript 151.101.1.21
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://www.paypal.com/sdk/js?client-id=AXWPljSR_V21Qp_VvEyX4glwGE4ZpToXLmeFaDCdHLq2ZAPlRz5isFTOlEbPj_9nYZmGLliTUkTbWlrd&enable-funding=venmo&currency=USD

Requested by

Host: www.paypal.com
URL: https://www.paypal.com/smart/buttons?style.label=paypal&style.layout=vertical&style.color=gold&style.shape=rect&style.tagline=false&style.menuPlacement=below&sdkVersion=5.0.410&components.0=buttons&locale.country=US&locale.lang=en&sdkMeta=eyJ1cmwiOiJodHRwczovL3d3dy5wYXlwYWwuY29tL3Nkay9qcz9jbGllbnQtaWQ9QVhXUGxqU1JfVjIxUXBfVnZFeVg0Z2x3R0U0WnBUb1hMbWVGYURDZEhMcTJaQVBsUno1aXNGVE9sRWJQal85bllabUdMbGlUVWtUYldscmQmZW5hYmxlLWZ1bmRpbmc9dmVubW8mY3VycmVuY3k9VVNEIiwiYXR0cnMiOnsiZGF0YS1zZGstaW50ZWdyYXRpb24tc291cmNlIjoiYnV0dG9uLWZhY3RvcnkiLCJkYXRhLXVpZCI6InVpZF96aHV1bGxtaWxmaXVtY3djamhsZHpyb215bW91eHIifX0&clientID=AXWPljSR_V21Qp_VvEyX4glwGE4ZpToXLmeFaDCdHLq2ZAPlRz5isFTOlEbPj_9nYZmGLliTUkTbWlrd&sdkCorrelationID=f459704fa2a5b&storageID=uid_f0f784c292_mja6mtq6mjm&sessionID=uid_0a0188e3ba_mja6mtq6mjm&buttonSessionID=uid_301b94b706_mja6mtq6mjm&env=production&buttonSize=huge&fundingEligibility=eyJwYXlwYWwiOnsiZWxpZ2libGUiOnRydWUsInZhdWx0YWJsZSI6ZmFsc2V9LCJwYXlsYXRlciI6eyJlbGlnaWJsZSI6ZmFsc2UsInZhdWx0YWJsZSI6ZmFsc2UsInByb2R1Y3RzIjp7InBheUluMyI6eyJlbGlnaWJsZSI6ZmFsc2UsInZhcmlhbnQiOm51bGx9LCJwYXlJbjQiOnsiZWxpZ2libGUiOmZhbHNlLCJ2YXJpYW50IjpudWxsfSwicGF5bGF0ZXIiOnsiZWxpZ2libGUiOmZhbHNlLCJ2YXJpYW50IjpudWxsfX19LCJjYXJkIjp7ImVsaWdpYmxlIjp0cnVlLCJicmFuZGVkIjp0cnVlLCJpbnN0YWxsbWVudHMiOmZhbHNlLCJ2ZW5kb3JzIjp7InZpc2EiOnsiZWxpZ2libGUiOnRydWUsInZhdWx0YWJsZSI6dHJ1ZX0sIm1hc3RlcmNhcmQiOnsiZWxpZ2libGUiOnRydWUsInZhdWx0YWJsZSI6dHJ1ZX0sImFtZXgiOnsiZWxpZ2libGUiOnRydWUsInZhdWx0YWJsZSI6dHJ1ZX0sImRpc2NvdmVyIjp7ImVsaWdpYmxlIjpmYWxzZSwidmF1bHRhYmxlIjp0cnVlfSwiaGlwZXIiOnsiZWxpZ2libGUiOmZhbHNlLCJ2YXVsdGFibGUiOmZhbHNlfSwiZWxvIjp7ImVsaWdpYmxlIjpmYWxzZSwidmF1bHRhYmxlIjp0cnVlfSwiamNiIjp7ImVsaWdpYmxlIjpmYWxzZSwidmF1bHRhYmxlIjp0cnVlfX0sImd1ZXN0RW5hYmxlZCI6ZmFsc2V9LCJ2ZW5tbyI6eyJlbGlnaWJsZSI6ZmFsc2UsInZhdWx0YWJsZSI6ZmFsc2V9LCJpdGF1Ijp7ImVsaWdpYmxlIjpmYWxzZX0sImNyZWRpdCI6eyJlbGlnaWJsZSI6ZmFsc2V9LCJhcHBsZXBheSI6eyJlbGlnaWJsZSI6ZmFsc2V9LCJzZXBhIjp7ImVsaWdpYmxlIjpmYWxzZX0sImlkZWFsIjp7ImVsaWdpYmxlIjpmYWxzZX0sImJhbmNvbnRhY3QiOnsiZWxpZ2libGUiOmZhbHNlfSwiZ2lyb3BheSI6eyJlbGlnaWJsZSI6ZmFsc2V9LCJlcHMiOnsiZWxpZ2libGUiOmZhbHNlfSwic29mb3J0Ijp7ImVsaWdpYmxlIjpmYWxzZX0sIm15YmFuayI6eyJlbGlnaWJsZSI6ZmFsc2V9LCJwMjQiOnsiZWxpZ2libGUiOmZhbHNlfSwid2VjaGF0cGF5Ijp7ImVsaWdpYmxlIjpmYWxzZX0sInBheXUiOnsiZWxpZ2libGUiOmZhbHNlfSwiYmxpayI6eyJlbGlnaWJsZSI6ZmFsc2V9LCJ0cnVzdGx5Ijp7ImVsaWdpYmxlIjpmYWxzZX0sIm94eG8iOnsiZWxpZ2libGUiOmZhbHNlfSwiYm9sZXRvIjp7ImVsaWdpYmxlIjpmYWxzZX0sImJvbGV0b2JhbmNhcmlvIjp7ImVsaWdpYmxlIjpmYWxzZX0sIm1lcmNhZG9wYWdvIjp7ImVsaWdpYmxlIjpmYWxzZX0sIm11bHRpYmFuY28iOnsiZWxpZ2libGUiOmZhbHNlfSwic2F0aXNwYXkiOnsiZWxpZ2libGUiOmZhbHNlfSwicGFpZHkiOnsiZWxpZ2libGUiOmZhbHNlfX0&platform=desktop&experiment.enableVenmo=false&flow=purchase&currency=USD&intent=capture&commit=true&vault=false&enableFunding.0=venmo&renderedButtons.0=paypal&renderedButtons.1=card&debug=false&applePaySupport=false&supportsPopups=true&supportedNativeBrowser=false&allowBillingPayments=true&disableSetCookie=true&experimentation.experience=107634&experimentation.treatment=137602

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.101.1.21 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Resource Hash

3d768920d90dd3a65c0fe3030973dfc6d1dd50c85a6a4b54b68de1488a10ea1c

Security Headers

Name	Value
Content-Security-Policy	default-src 'self' https://.paypal.com https://.paypalobjects.com; connect-src 'self' https://.paypal.com https://.paypalobjects.com https://.qualtrics.com; frame-src 'self' https://.paypal.com https://.paypalobjects.com https://.qualtrics.com; script-src 'nonce-4JJNNIZfErTJvSES3IXoWkGs7ng88XIYjy8VbaqhDwAjoRNH' 'self' https://.paypal.com https://.paypalobjects.com 'unsafe-inline'; style-src 'nonce-4JJNNIZfErTJvSES3IXoWkGs7ng88XIYjy8VbaqhDwAjoRNH' 'self' https://.paypal.com https://.paypalobjects.com 'unsafe-inline'; object-src 'none'; img-src https: data:; form-action 'self' https://.paypal.com; base-uri 'self' https://.paypal.com; upgrade-insecure-requests;; report-uri https://www.paypal.com/csplog/api/log/csp
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://www.paypal.com/smart/buttons?style.label=paypal&style.layout=vertical&style.color=gold&style.shape=rect&style.tagline=false&style.menuPlacement=below&sdkVersion=5.0.410&components.0=buttons&locale.country=US&locale.lang=en&sdkMeta=eyJ1cmwiOiJodHRwczovL3d3dy5wYXlwYWwuY29tL3Nkay9qcz9jbGllbnQtaWQ9QVhXUGxqU1JfVjIxUXBfVnZFeVg0Z2x3R0U0WnBUb1hMbWVGYURDZEhMcTJaQVBsUno1aXNGVE9sRWJQal85bllabUdMbGlUVWtUYldscmQmZW5hYmxlLWZ1bmRpbmc9dmVubW8mY3VycmVuY3k9VVNEIiwiYXR0cnMiOnsiZGF0YS1zZGstaW50ZWdyYXRpb24tc291cmNlIjoiYnV0dG9uLWZhY3RvcnkiLCJkYXRhLXVpZCI6InVpZF96aHV1bGxtaWxmaXVtY3djamhsZHpyb215bW91eHIifX0&clientID=AXWPljSR_V21Qp_VvEyX4glwGE4ZpToXLmeFaDCdHLq2ZAPlRz5isFTOlEbPj_9nYZmGLliTUkTbWlrd&sdkCorrelationID=f459704fa2a5b&storageID=uid_f0f784c292_mja6mtq6mjm&sessionID=uid_0a0188e3ba_mja6mtq6mjm&buttonSessionID=uid_301b94b706_mja6mtq6mjm&env=production&buttonSize=huge&fundingEligibility=eyJwYXlwYWwiOnsiZWxpZ2libGUiOnRydWUsInZhdWx0YWJsZSI6ZmFsc2V9LCJwYXlsYXRlciI6eyJlbGlnaWJsZSI6ZmFsc2UsInZhdWx0YWJsZSI6ZmFsc2UsInByb2R1Y3RzIjp7InBheUluMyI6eyJlbGlnaWJsZSI6ZmFsc2UsInZhcmlhbnQiOm51bGx9LCJwYXlJbjQiOnsiZWxpZ2libGUiOmZhbHNlLCJ2YXJpYW50IjpudWxsfSwicGF5bGF0ZXIiOnsiZWxpZ2libGUiOmZhbHNlLCJ2YXJpYW50IjpudWxsfX19LCJjYXJkIjp7ImVsaWdpYmxlIjp0cnVlLCJicmFuZGVkIjp0cnVlLCJpbnN0YWxsbWVudHMiOmZhbHNlLCJ2ZW5kb3JzIjp7InZpc2EiOnsiZWxpZ2libGUiOnRydWUsInZhdWx0YWJsZSI6dHJ1ZX0sIm1hc3RlcmNhcmQiOnsiZWxpZ2libGUiOnRydWUsInZhdWx0YWJsZSI6dHJ1ZX0sImFtZXgiOnsiZWxpZ2libGUiOnRydWUsInZhdWx0YWJsZSI6dHJ1ZX0sImRpc2NvdmVyIjp7ImVsaWdpYmxlIjpmYWxzZSwidmF1bHRhYmxlIjp0cnVlfSwiaGlwZXIiOnsiZWxpZ2libGUiOmZhbHNlLCJ2YXVsdGFibGUiOmZhbHNlfSwiZWxvIjp7ImVsaWdpYmxlIjpmYWxzZSwidmF1bHRhYmxlIjp0cnVlfSwiamNiIjp7ImVsaWdpYmxlIjpmYWxzZSwidmF1bHRhYmxlIjp0cnVlfX0sImd1ZXN0RW5hYmxlZCI6ZmFsc2V9LCJ2ZW5tbyI6eyJlbGlnaWJsZSI6ZmFsc2UsInZhdWx0YWJsZSI6ZmFsc2V9LCJpdGF1Ijp7ImVsaWdpYmxlIjpmYWxzZX0sImNyZWRpdCI6eyJlbGlnaWJsZSI6ZmFsc2V9LCJhcHBsZXBheSI6eyJlbGlnaWJsZSI6ZmFsc2V9LCJzZXBhIjp7ImVsaWdpYmxlIjpmYWxzZX0sImlkZWFsIjp7ImVsaWdpYmxlIjpmYWxzZX0sImJhbmNvbnRhY3QiOnsiZWxpZ2libGUiOmZhbHNlfSwiZ2lyb3BheSI6eyJlbGlnaWJsZSI6ZmFsc2V9LCJlcHMiOnsiZWxpZ2libGUiOmZhbHNlfSwic29mb3J0Ijp7ImVsaWdpYmxlIjpmYWxzZX0sIm15YmFuayI6eyJlbGlnaWJsZSI6ZmFsc2V9LCJwMjQiOnsiZWxpZ2libGUiOmZhbHNlfSwid2VjaGF0cGF5Ijp7ImVsaWdpYmxlIjpmYWxzZX0sInBheXUiOnsiZWxpZ2libGUiOmZhbHNlfSwiYmxpayI6eyJlbGlnaWJsZSI6ZmFsc2V9LCJ0cnVzdGx5Ijp7ImVsaWdpYmxlIjpmYWxzZX0sIm94eG8iOnsiZWxpZ2libGUiOmZhbHNlfSwiYm9sZXRvIjp7ImVsaWdpYmxlIjpmYWxzZX0sImJvbGV0b2JhbmNhcmlvIjp7ImVsaWdpYmxlIjpmYWxzZX0sIm1lcmNhZG9wYWdvIjp7ImVsaWdpYmxlIjpmYWxzZX0sIm11bHRpYmFuY28iOnsiZWxpZ2libGUiOmZhbHNlfSwic2F0aXNwYXkiOnsiZWxpZ2libGUiOmZhbHNlfSwicGFpZHkiOnsiZWxpZ2libGUiOmZhbHNlfX0&platform=desktop&experiment.enableVenmo=false&flow=purchase&currency=USD&intent=capture&commit=true&vault=false&enableFunding.0=venmo&renderedButtons.0=paypal&renderedButtons.1=card&debug=false&applePaySupport=false&supportsPopups=true&supportedNativeBrowser=false&allowBillingPayments=true&disableSetCookie=true&experimentation.experience=107634&experimentation.treatment=137602
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

content-security-policy: default-src 'self' https://*.paypal.com https://*.paypalobjects.com; connect-src 'self' https://*.paypal.com https://*.paypalobjects.com https://*.qualtrics.com; frame-src 'self' https://*.paypal.com https://*.paypalobjects.com https://*.qualtrics.com; script-src 'nonce-4JJNNIZfErTJvSES3IXoWkGs7ng88XIYjy8VbaqhDwAjoRNH' 'self' https://*.paypal.com https://*.paypalobjects.com 'unsafe-inline'; style-src 'nonce-4JJNNIZfErTJvSES3IXoWkGs7ng88XIYjy8VbaqhDwAjoRNH' 'self' https://*.paypal.com https://*.paypalobjects.com 'unsafe-inline'; object-src 'none'; img-src https: data:; form-action 'self' https://*.paypal.com; base-uri 'self' https://*.paypal.com; upgrade-insecure-requests;; report-uri https://www.paypal.com/csplog/api/log/csp
content-encoding: gzip
x-content-type-options: nosniff
disable-set-cookie: true
via: 1.1 varnish, 1.1 varnish, 1.1 varnish
date: Tue, 28 Nov 2023 20:14:23 GMT
age: 52
strict-transport-security: max-age=63072000; includeSubDomains; preload
x-cache: HIT, HIT, MISS
p3p: true
paypal-debug-id: f6752069a0224
server-timing: "traceparent;desc="00-0000000000000000000f6752069a0224-5474e08fc7bfa079-01"";content-encoding;desc="gzip",x-cdn;desc="fastly"
dc: ccg11-origin-www-1.paypal.com
content-length: 79338
x-xss-protection: 1; mode=block
x-served-by: cache-lhr7376-LHR, cache-lcy-eglc8600078-LCY, cache-lcy-eglc8600078-LCY
accept-ch: sec-ch-ua-full, sec-ch-ua-arch, sec-ch-ua-model, sec-ch-ua-platform-version, sec-ch-ua-full-version, sec-ch-ua-full-version-list, sec-ch-ua-bitness, sec-ch-ua-wow64
traceparent: 00-0000000000000000000f6752069a0224-4efde7b8c28b17d8-01
x-timer: S1701202464.549561,VS0,VE10
etag: W/"135ea-Oi5fV8WJ1yklu+PpJCbtp+BTrSA"
x-frame-options: SAMEORIGIN
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
access-control-expose-headers: Server-Timing
cache-control: public, max-age=3600, s-maxage=10800
origin-trial: AlIogV3KFtnbfVCyl9Z2NprE7FD8PYCt+TQiYdE3ppeJjJ0xJKcthYwOxXpRCNopxVWdOIENMcNSvQCGAmj0fw0AAAB2eyJvcmlnaW4iOiJodHRwczovL3BheXBhbC5jb206NDQzIiwiZmVhdHVyZSI6IlNlbmRGdWxsVXNlckFnZW50QWZ0ZXJSZWR1Y3Rpb24iLCJleHBpcnkiOjE2ODQ4ODYzOTksImlzU3ViZG9tYWluIjp0cnVlfQ==
permissions-policy: ch-ua-platform-version=(self "https://c.paypal.com"),ch-ua-arch=(self "https://c.paypal.com"),ch-ua-wow64=(self "https://c.paypal.com"),ch-ua-model=(self "https://c.paypal.com"),ch-ua-bitness=(self "https://c.paypal.com"),ch-ua-full-version=(self "https://c.paypal.com"),ch-ua-full-version-list=(self "https://c.paypal.com")
accept-ranges: bytes
x-cache-hits: 1, 1, 0

GET
DATA 200
OK truncated
/ Frame D3B6 3 KB
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 25b02175cc0a4e36fda24db4b7de40009feb7b31f18fe3c77423a2169929b94b

Request headers

accept-language: fr-FR,fr;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
DATA 200
OK truncated
/ Frame D3B6 1 KB
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 1c4c2e6fd8a12889bc2ab350338566579ae079850e59701c8bf55ba52abd4d6b

Request headers

accept-language: fr-FR,fr;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

Content-Type: image/svg+xml

POST
H2 200 logger Show response
www.paypal.com/xoplatform/logger/api/ Frame D3B6 1 KB
1 KB 217ms
217ms XHR
application/json 151.101.1.21
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://www.paypal.com/xoplatform/logger/api/logger?disableSetCookie=true

Requested by

Host: www.paypal.com
URL: https://www.paypal.com/sdk/js?client-id=AXWPljSR_V21Qp_VvEyX4glwGE4ZpToXLmeFaDCdHLq2ZAPlRz5isFTOlEbPj_9nYZmGLliTUkTbWlrd&enable-funding=venmo&currency=USD

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.101.1.21 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Resource Hash

f6020b4b9a607d69e67a51cab89ab8352653be44d770c82873b17cff64d296d5

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept: application/json
Referer: https://www.paypal.com/smart/buttons?style.label=paypal&style.layout=vertical&style.color=gold&style.shape=rect&style.tagline=false&style.menuPlacement=below&sdkVersion=5.0.410&components.0=buttons&locale.country=US&locale.lang=en&sdkMeta=eyJ1cmwiOiJodHRwczovL3d3dy5wYXlwYWwuY29tL3Nkay9qcz9jbGllbnQtaWQ9QVhXUGxqU1JfVjIxUXBfVnZFeVg0Z2x3R0U0WnBUb1hMbWVGYURDZEhMcTJaQVBsUno1aXNGVE9sRWJQal85bllabUdMbGlUVWtUYldscmQmZW5hYmxlLWZ1bmRpbmc9dmVubW8mY3VycmVuY3k9VVNEIiwiYXR0cnMiOnsiZGF0YS1zZGstaW50ZWdyYXRpb24tc291cmNlIjoiYnV0dG9uLWZhY3RvcnkiLCJkYXRhLXVpZCI6InVpZF96aHV1bGxtaWxmaXVtY3djamhsZHpyb215bW91eHIifX0&clientID=AXWPljSR_V21Qp_VvEyX4glwGE4ZpToXLmeFaDCdHLq2ZAPlRz5isFTOlEbPj_9nYZmGLliTUkTbWlrd&sdkCorrelationID=f459704fa2a5b&storageID=uid_f0f784c292_mja6mtq6mjm&sessionID=uid_0a0188e3ba_mja6mtq6mjm&buttonSessionID=uid_301b94b706_mja6mtq6mjm&env=production&buttonSize=huge&fundingEligibility=eyJwYXlwYWwiOnsiZWxpZ2libGUiOnRydWUsInZhdWx0YWJsZSI6ZmFsc2V9LCJwYXlsYXRlciI6eyJlbGlnaWJsZSI6ZmFsc2UsInZhdWx0YWJsZSI6ZmFsc2UsInByb2R1Y3RzIjp7InBheUluMyI6eyJlbGlnaWJsZSI6ZmFsc2UsInZhcmlhbnQiOm51bGx9LCJwYXlJbjQiOnsiZWxpZ2libGUiOmZhbHNlLCJ2YXJpYW50IjpudWxsfSwicGF5bGF0ZXIiOnsiZWxpZ2libGUiOmZhbHNlLCJ2YXJpYW50IjpudWxsfX19LCJjYXJkIjp7ImVsaWdpYmxlIjp0cnVlLCJicmFuZGVkIjp0cnVlLCJpbnN0YWxsbWVudHMiOmZhbHNlLCJ2ZW5kb3JzIjp7InZpc2EiOnsiZWxpZ2libGUiOnRydWUsInZhdWx0YWJsZSI6dHJ1ZX0sIm1hc3RlcmNhcmQiOnsiZWxpZ2libGUiOnRydWUsInZhdWx0YWJsZSI6dHJ1ZX0sImFtZXgiOnsiZWxpZ2libGUiOnRydWUsInZhdWx0YWJsZSI6dHJ1ZX0sImRpc2NvdmVyIjp7ImVsaWdpYmxlIjpmYWxzZSwidmF1bHRhYmxlIjp0cnVlfSwiaGlwZXIiOnsiZWxpZ2libGUiOmZhbHNlLCJ2YXVsdGFibGUiOmZhbHNlfSwiZWxvIjp7ImVsaWdpYmxlIjpmYWxzZSwidmF1bHRhYmxlIjp0cnVlfSwiamNiIjp7ImVsaWdpYmxlIjpmYWxzZSwidmF1bHRhYmxlIjp0cnVlfX0sImd1ZXN0RW5hYmxlZCI6ZmFsc2V9LCJ2ZW5tbyI6eyJlbGlnaWJsZSI6ZmFsc2UsInZhdWx0YWJsZSI6ZmFsc2V9LCJpdGF1Ijp7ImVsaWdpYmxlIjpmYWxzZX0sImNyZWRpdCI6eyJlbGlnaWJsZSI6ZmFsc2V9LCJhcHBsZXBheSI6eyJlbGlnaWJsZSI6ZmFsc2V9LCJzZXBhIjp7ImVsaWdpYmxlIjpmYWxzZX0sImlkZWFsIjp7ImVsaWdpYmxlIjpmYWxzZX0sImJhbmNvbnRhY3QiOnsiZWxpZ2libGUiOmZhbHNlfSwiZ2lyb3BheSI6eyJlbGlnaWJsZSI6ZmFsc2V9LCJlcHMiOnsiZWxpZ2libGUiOmZhbHNlfSwic29mb3J0Ijp7ImVsaWdpYmxlIjpmYWxzZX0sIm15YmFuayI6eyJlbGlnaWJsZSI6ZmFsc2V9LCJwMjQiOnsiZWxpZ2libGUiOmZhbHNlfSwid2VjaGF0cGF5Ijp7ImVsaWdpYmxlIjpmYWxzZX0sInBheXUiOnsiZWxpZ2libGUiOmZhbHNlfSwiYmxpayI6eyJlbGlnaWJsZSI6ZmFsc2V9LCJ0cnVzdGx5Ijp7ImVsaWdpYmxlIjpmYWxzZX0sIm94eG8iOnsiZWxpZ2libGUiOmZhbHNlfSwiYm9sZXRvIjp7ImVsaWdpYmxlIjpmYWxzZX0sImJvbGV0b2JhbmNhcmlvIjp7ImVsaWdpYmxlIjpmYWxzZX0sIm1lcmNhZG9wYWdvIjp7ImVsaWdpYmxlIjpmYWxzZX0sIm11bHRpYmFuY28iOnsiZWxpZ2libGUiOmZhbHNlfSwic2F0aXNwYXkiOnsiZWxpZ2libGUiOmZhbHNlfSwicGFpZHkiOnsiZWxpZ2libGUiOmZhbHNlfX0&platform=desktop&experiment.enableVenmo=false&flow=purchase&currency=USD&intent=capture&commit=true&vault=false&enableFunding.0=venmo&renderedButtons.0=paypal&renderedButtons.1=card&debug=false&applePaySupport=false&supportsPopups=true&supportedNativeBrowser=false&allowBillingPayments=true&disableSetCookie=true&experimentation.experience=107634&experimentation.treatment=137602
accept-language: fr-FR,fr;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36
content-type: application/json

Response headers

date: Tue, 28 Nov 2023 20:14:23 GMT
via: 1.1 varnish, 1.1 varnish, 1.1 varnish
x-content-type-options: nosniff
strict-transport-security: max-age=63072000; includeSubDomains; preload
content-encoding: br
x-cache: MISS, MISS, MISS
paypal-debug-id: f98099747b9c8
server-timing: content-encoding;desc="br",x-cdn;desc="fastly"
dc: ccg11-origin-www-1.paypal.com
x-served-by: cache-lhr7321-LHR, cache-lcy-eglc8600078-LCY, cache-lcy-eglc8600078-LCY
accept-ch: sec-ch-ua-full, sec-ch-ua-arch, sec-ch-ua-model, sec-ch-ua-platform-version, sec-ch-ua-full-version, sec-ch-ua-full-version-list, sec-ch-ua-bitness, sec-ch-ua-wow64
traceparent: 00-0000000000000000000f98099747b9c8-efa775c253041026-01
x-timer: S1701202464.747976,VS0,VE198
etag: W/"402-0FwrSvYUhhmNc08FBtuMHIcs4Yk"
vary: Accept-Encoding
content-type: application/json; charset=utf-8
access-control-allow-origin: https://www.paypal.com
cache-control: max-age=0, no-cache, no-store, must-revalidate
access-control-allow-credentials: true
origin-trial: AlIogV3KFtnbfVCyl9Z2NprE7FD8PYCt+TQiYdE3ppeJjJ0xJKcthYwOxXpRCNopxVWdOIENMcNSvQCGAmj0fw0AAAB2eyJvcmlnaW4iOiJodHRwczovL3BheXBhbC5jb206NDQzIiwiZmVhdHVyZSI6IlNlbmRGdWxsVXNlckFnZW50QWZ0ZXJSZWR1Y3Rpb24iLCJleHBpcnkiOjE2ODQ4ODYzOTksImlzU3ViZG9tYWluIjp0cnVlfQ==
permissions-policy: ch-ua-platform-version=(self "https://c.paypal.com"),ch-ua-arch=(self "https://c.paypal.com"),ch-ua-wow64=(self "https://c.paypal.com"),ch-ua-model=(self "https://c.paypal.com"),ch-ua-bitness=(self "https://c.paypal.com"),ch-ua-full-version=(self "https://c.paypal.com"),ch-ua-full-version-list=(self "https://c.paypal.com")
accept-ranges: none
x-cache-hits: 0, 0, 0

OPTIONS
H2 200 logger
www.paypal.com/xoplatform/logger/api/ Frame 0
0 243ms
205ms Preflight 151.101.1.21
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://www.paypal.com/xoplatform/logger/api/logger?disableSetCookie=true

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.101.1.21 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Accept: */*
Access-Control-Request-Headers: content-type
Access-Control-Request-Method: POST
Origin: http://www.kangaroturf.c4s.online
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

accept-ch: sec-ch-ua-full, sec-ch-ua-arch, sec-ch-ua-model, sec-ch-ua-platform-version, sec-ch-ua-full-version, sec-ch-ua-full-version-list, sec-ch-ua-bitness, sec-ch-ua-wow64
accept-ranges: bytes
access-control-allow-credentials: true
access-control-allow-headers: content-type
access-control-allow-methods: POST
access-control-allow-origin: http://www.kangaroturf.c4s.online
cache-control: max-age=0, no-cache, no-store, must-revalidate
content-length: 0
date: Tue, 28 Nov 2023 20:14:23 GMT
dc: ccg11-origin-www-1.paypal.com
origin-trial: AlIogV3KFtnbfVCyl9Z2NprE7FD8PYCt+TQiYdE3ppeJjJ0xJKcthYwOxXpRCNopxVWdOIENMcNSvQCGAmj0fw0AAAB2eyJvcmlnaW4iOiJodHRwczovL3BheXBhbC5jb206NDQzIiwiZmVhdHVyZSI6IlNlbmRGdWxsVXNlckFnZW50QWZ0ZXJSZWR1Y3Rpb24iLCJleHBpcnkiOjE2ODQ4ODYzOTksImlzU3ViZG9tYWluIjp0cnVlfQ==
paypal-debug-id: f98099786be76
permissions-policy: ch-ua-platform-version=(self "https://c.paypal.com"),ch-ua-arch=(self "https://c.paypal.com"),ch-ua-wow64=(self "https://c.paypal.com"),ch-ua-model=(self "https://c.paypal.com"),ch-ua-bitness=(self "https://c.paypal.com"),ch-ua-full-version=(self "https://c.paypal.com"),ch-ua-full-version-list=(self "https://c.paypal.com")
server-timing: content-encoding;desc="",x-cdn;desc="fastly"
strict-transport-security: max-age=63072000; includeSubDomains; preload
traceparent: 00-0000000000000000000f98099786be76-e98f9046a0104b49-01
via: 1.1 varnish, 1.1 varnish, 1.1 varnish
x-cache: MISS, MISS, MISS
x-cache-hits: 0, 0, 0
x-content-type-options: nosniff
x-served-by: cache-lhr7353-LHR, cache-lcy-eglc8600064-LCY, cache-lcy-eglc8600064-LCY
x-timer: S1701202464.786549,VS0,VE187

POST
H2 200 logger Show response
www.paypal.com/xoplatform/logger/api/ 1014 B
947 B 220ms
220ms XHR
application/json 151.101.1.21
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://www.paypal.com/xoplatform/logger/api/logger?disableSetCookie=true

Requested by

Host: www.paypal.com
URL: https://www.paypal.com/sdk/js?client-id=AXWPljSR_V21Qp_VvEyX4glwGE4ZpToXLmeFaDCdHLq2ZAPlRz5isFTOlEbPj_9nYZmGLliTUkTbWlrd&enable-funding=venmo&currency=USD

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.101.1.21 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Resource Hash

4998d0dff6542657339a2f17afb1da25d469ffdc3bbbc98933396c3821b6854a

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept: application/json
Referer: http://www.kangaroturf.c4s.online/
accept-language: fr-FR,fr;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36
content-type: application/json

Response headers

date: Tue, 28 Nov 2023 20:14:24 GMT
via: 1.1 varnish, 1.1 varnish, 1.1 varnish
x-content-type-options: nosniff
strict-transport-security: max-age=63072000; includeSubDomains; preload
content-encoding: br
x-cache: MISS, MISS, MISS
paypal-debug-id: f980997fc1831
server-timing: content-encoding;desc="br",x-cdn;desc="fastly"
dc: ccg11-origin-www-1.paypal.com
x-served-by: cache-lhr7361-LHR, cache-lcy-eglc8600064-LCY, cache-lcy-eglc8600064-LCY
accept-ch: sec-ch-ua-full, sec-ch-ua-arch, sec-ch-ua-model, sec-ch-ua-platform-version, sec-ch-ua-full-version, sec-ch-ua-full-version-list, sec-ch-ua-bitness, sec-ch-ua-wow64
traceparent: 00-0000000000000000000f980997fc1831-2d2a24e7bb71ebd5-01
x-timer: S1701202464.995605,VS0,VE195
etag: W/"3f6-Qb4Ra61AHGZW2fHVxNGdDrdK8Vo"
vary: Accept-Encoding
content-type: application/json; charset=utf-8
access-control-allow-origin: http://www.kangaroturf.c4s.online
cache-control: max-age=0, no-cache, no-store, must-revalidate
access-control-allow-credentials: true
origin-trial: AlIogV3KFtnbfVCyl9Z2NprE7FD8PYCt+TQiYdE3ppeJjJ0xJKcthYwOxXpRCNopxVWdOIENMcNSvQCGAmj0fw0AAAB2eyJvcmlnaW4iOiJodHRwczovL3BheXBhbC5jb206NDQzIiwiZmVhdHVyZSI6IlNlbmRGdWxsVXNlckFnZW50QWZ0ZXJSZWR1Y3Rpb24iLCJleHBpcnkiOjE2ODQ4ODYzOTksImlzU3ViZG9tYWluIjp0cnVlfQ==
permissions-policy: ch-ua-platform-version=(self "https://c.paypal.com"),ch-ua-arch=(self "https://c.paypal.com"),ch-ua-wow64=(self "https://c.paypal.com"),ch-ua-model=(self "https://c.paypal.com"),ch-ua-bitness=(self "https://c.paypal.com"),ch-ua-full-version=(self "https://c.paypal.com"),ch-ua-full-version-list=(self "https://c.paypal.com")
accept-ranges: none
x-cache-hits: 0, 0, 0

POST
H2 200 logger
www.paypal.com/xoplatform/logger/api/ Frame D3B6 1 KB
1 KB 247ms
246ms Ping
application/json 151.101.1.21
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://www.paypal.com/xoplatform/logger/api/logger?disableSetCookie=true

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.101.1.21 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Resource Hash

5a55ce36f0803e5b0dd403e48009e9114a7509e8cdbb66b7e09ee7b96af38e5d

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.paypal.com/smart/buttons?style.label=paypal&style.layout=vertical&style.color=gold&style.shape=rect&style.tagline=false&style.menuPlacement=below&sdkVersion=5.0.410&components.0=buttons&locale.country=US&locale.lang=en&sdkMeta=eyJ1cmwiOiJodHRwczovL3d3dy5wYXlwYWwuY29tL3Nkay9qcz9jbGllbnQtaWQ9QVhXUGxqU1JfVjIxUXBfVnZFeVg0Z2x3R0U0WnBUb1hMbWVGYURDZEhMcTJaQVBsUno1aXNGVE9sRWJQal85bllabUdMbGlUVWtUYldscmQmZW5hYmxlLWZ1bmRpbmc9dmVubW8mY3VycmVuY3k9VVNEIiwiYXR0cnMiOnsiZGF0YS1zZGstaW50ZWdyYXRpb24tc291cmNlIjoiYnV0dG9uLWZhY3RvcnkiLCJkYXRhLXVpZCI6InVpZF96aHV1bGxtaWxmaXVtY3djamhsZHpyb215bW91eHIifX0&clientID=AXWPljSR_V21Qp_VvEyX4glwGE4ZpToXLmeFaDCdHLq2ZAPlRz5isFTOlEbPj_9nYZmGLliTUkTbWlrd&sdkCorrelationID=f459704fa2a5b&storageID=uid_f0f784c292_mja6mtq6mjm&sessionID=uid_0a0188e3ba_mja6mtq6mjm&buttonSessionID=uid_301b94b706_mja6mtq6mjm&env=production&buttonSize=huge&fundingEligibility=eyJwYXlwYWwiOnsiZWxpZ2libGUiOnRydWUsInZhdWx0YWJsZSI6ZmFsc2V9LCJwYXlsYXRlciI6eyJlbGlnaWJsZSI6ZmFsc2UsInZhdWx0YWJsZSI6ZmFsc2UsInByb2R1Y3RzIjp7InBheUluMyI6eyJlbGlnaWJsZSI6ZmFsc2UsInZhcmlhbnQiOm51bGx9LCJwYXlJbjQiOnsiZWxpZ2libGUiOmZhbHNlLCJ2YXJpYW50IjpudWxsfSwicGF5bGF0ZXIiOnsiZWxpZ2libGUiOmZhbHNlLCJ2YXJpYW50IjpudWxsfX19LCJjYXJkIjp7ImVsaWdpYmxlIjp0cnVlLCJicmFuZGVkIjp0cnVlLCJpbnN0YWxsbWVudHMiOmZhbHNlLCJ2ZW5kb3JzIjp7InZpc2EiOnsiZWxpZ2libGUiOnRydWUsInZhdWx0YWJsZSI6dHJ1ZX0sIm1hc3RlcmNhcmQiOnsiZWxpZ2libGUiOnRydWUsInZhdWx0YWJsZSI6dHJ1ZX0sImFtZXgiOnsiZWxpZ2libGUiOnRydWUsInZhdWx0YWJsZSI6dHJ1ZX0sImRpc2NvdmVyIjp7ImVsaWdpYmxlIjpmYWxzZSwidmF1bHRhYmxlIjp0cnVlfSwiaGlwZXIiOnsiZWxpZ2libGUiOmZhbHNlLCJ2YXVsdGFibGUiOmZhbHNlfSwiZWxvIjp7ImVsaWdpYmxlIjpmYWxzZSwidmF1bHRhYmxlIjp0cnVlfSwiamNiIjp7ImVsaWdpYmxlIjpmYWxzZSwidmF1bHRhYmxlIjp0cnVlfX0sImd1ZXN0RW5hYmxlZCI6ZmFsc2V9LCJ2ZW5tbyI6eyJlbGlnaWJsZSI6ZmFsc2UsInZhdWx0YWJsZSI6ZmFsc2V9LCJpdGF1Ijp7ImVsaWdpYmxlIjpmYWxzZX0sImNyZWRpdCI6eyJlbGlnaWJsZSI6ZmFsc2V9LCJhcHBsZXBheSI6eyJlbGlnaWJsZSI6ZmFsc2V9LCJzZXBhIjp7ImVsaWdpYmxlIjpmYWxzZX0sImlkZWFsIjp7ImVsaWdpYmxlIjpmYWxzZX0sImJhbmNvbnRhY3QiOnsiZWxpZ2libGUiOmZhbHNlfSwiZ2lyb3BheSI6eyJlbGlnaWJsZSI6ZmFsc2V9LCJlcHMiOnsiZWxpZ2libGUiOmZhbHNlfSwic29mb3J0Ijp7ImVsaWdpYmxlIjpmYWxzZX0sIm15YmFuayI6eyJlbGlnaWJsZSI6ZmFsc2V9LCJwMjQiOnsiZWxpZ2libGUiOmZhbHNlfSwid2VjaGF0cGF5Ijp7ImVsaWdpYmxlIjpmYWxzZX0sInBheXUiOnsiZWxpZ2libGUiOmZhbHNlfSwiYmxpayI6eyJlbGlnaWJsZSI6ZmFsc2V9LCJ0cnVzdGx5Ijp7ImVsaWdpYmxlIjpmYWxzZX0sIm94eG8iOnsiZWxpZ2libGUiOmZhbHNlfSwiYm9sZXRvIjp7ImVsaWdpYmxlIjpmYWxzZX0sImJvbGV0b2JhbmNhcmlvIjp7ImVsaWdpYmxlIjpmYWxzZX0sIm1lcmNhZG9wYWdvIjp7ImVsaWdpYmxlIjpmYWxzZX0sIm11bHRpYmFuY28iOnsiZWxpZ2libGUiOmZhbHNlfSwic2F0aXNwYXkiOnsiZWxpZ2libGUiOmZhbHNlfSwicGFpZHkiOnsiZWxpZ2libGUiOmZhbHNlfX0&platform=desktop&experiment.enableVenmo=false&flow=purchase&currency=USD&intent=capture&commit=true&vault=false&enableFunding.0=venmo&renderedButtons.0=paypal&renderedButtons.1=card&debug=false&applePaySupport=false&supportsPopups=true&supportedNativeBrowser=false&allowBillingPayments=true&disableSetCookie=true&experimentation.experience=107634&experimentation.treatment=137602
accept-language: fr-FR,fr;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36
Content-Type: application/json

Response headers

date: Tue, 28 Nov 2023 20:14:23 GMT
via: 1.1 varnish, 1.1 varnish, 1.1 varnish
x-content-type-options: nosniff
strict-transport-security: max-age=63072000; includeSubDomains; preload
content-encoding: br
x-cache: MISS, MISS, MISS
paypal-debug-id: f98099759f5d8
server-timing: content-encoding;desc="br",x-cdn;desc="fastly"
dc: ccg11-origin-www-1.paypal.com
x-served-by: cache-lhr7379-LHR, cache-lcy-eglc8600078-LCY, cache-lcy-eglc8600078-LCY
accept-ch: sec-ch-ua-full, sec-ch-ua-arch, sec-ch-ua-model, sec-ch-ua-platform-version, sec-ch-ua-full-version, sec-ch-ua-full-version-list, sec-ch-ua-bitness, sec-ch-ua-wow64
traceparent: 00-0000000000000000000f98099759f5d8-35b9eb974ef34cfc-01
x-timer: S1701202464.764963,VS0,VE221
etag: W/"402-nlhkbJ9/WypFHFqW63ntI4pa40w"
vary: Accept-Encoding
content-type: application/json; charset=utf-8
access-control-allow-origin: https://www.paypal.com
cache-control: max-age=0, no-cache, no-store, must-revalidate
access-control-allow-credentials: true
origin-trial: AlIogV3KFtnbfVCyl9Z2NprE7FD8PYCt+TQiYdE3ppeJjJ0xJKcthYwOxXpRCNopxVWdOIENMcNSvQCGAmj0fw0AAAB2eyJvcmlnaW4iOiJodHRwczovL3BheXBhbC5jb206NDQzIiwiZmVhdHVyZSI6IlNlbmRGdWxsVXNlckFnZW50QWZ0ZXJSZWR1Y3Rpb24iLCJleHBpcnkiOjE2ODQ4ODYzOTksImlzU3ViZG9tYWluIjp0cnVlfQ==
permissions-policy: ch-ua-platform-version=(self "https://c.paypal.com"),ch-ua-arch=(self "https://c.paypal.com"),ch-ua-wow64=(self "https://c.paypal.com"),ch-ua-model=(self "https://c.paypal.com"),ch-ua-bitness=(self "https://c.paypal.com"),ch-ua-full-version=(self "https://c.paypal.com"),ch-ua-full-version-list=(self "https://c.paypal.com")
accept-ranges: none
x-cache-hits: 0, 0, 0

Verdicts & Comments Add Verdict or Comment

15 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

8 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
.c4s.online/	1970-01-21 02:09:22	Name: _ga Value: GA1.2.1260597941.1701202463
.c4s.online/	1970-01-20 16:34:48	Name: _gid Value: GA1.2.433260390.1701202463
.c4s.online/	1970-01-20 16:33:22	Name: _gat Value: 1
.c4s.online/	1970-01-21 02:09:22	Name: _ga_G8VKCZ1Q8K Value: GS1.2.1701202463.1.0.1701202463.0.0.0
.paypal.com/	1970-01-20 16:37:41	Name: tsrce Value: smartcomponentnodeweb
.paypal.com/	1970-01-20 16:33:24	Name: l7_az Value: dcg15.slc
.paypal.com/	1970-01-21 02:09:22	Name: ts Value: vreXpYrS%3D1795896863%26vteXpYrS%3D1701204263%26vr%3D17918a0318c0a55218b5041cfaea1206%26vt%3D17918a0318c0a55218b5041cfaea1205%26vtyp%3Dnew
.paypal.com/	1970-01-21 02:09:22	Name: ts_c Value: vr%3D17918a0318c0a55218b5041cfaea1206%26vt%3D17918a0318c0a55218b5041cfaea1205

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

blogger.googleusercontent.com
img.root-top.com
jeuxsurs.siteneti.net
kangaroturf.c4s.online
pronosgratuit.lachezvos.pro
region1.google-analytics.com
t.paypal.com
www.dueldescracks.siteneti.net
www.erfolg.c4s.online
www.extra-derby.c4s.online
www.google-analytics.com
www.googletagmanager.com
www.kangaroturf.c4s.online
www.mini-turf.c4s.online
www.ogalopcourse.com
www.paypal.com
www.paypalobjects.com
151.101.1.21
151.101.129.35
192.229.221.25
194.150.236.236
2001:41d0:301::20
2001:41d0:301::28
2001:4860:4802:32::36
2606:4700:3038::6815:ea1a
2606:4700:3038::6815:ea1b
2a00:1450:4001:810::2008
2a00:1450:4001:827::200e
2a00:1450:4001:82f::2001
46.105.57.169
09800505d37a8c898f371e77d71724667a748de947a00292cb4c92bf4ae754de
09f778ac84dee43a19529ff738b8c9e5d2f7e9e7fa8bb34d8f1628d8f10b3cf8
132c512a566d83d6fe75b3388231eb3e9191a65d3e6ad9dc0279d5702c2e7a59
17aa74cda6ce3f26d7a57ee83c280627d5df204e78f0a630658fea420571a71e
19cab9b05742333a97c7a11aa1d7781ed65150def8e7049fca21005eff5072d6
1c4c2e6fd8a12889bc2ab350338566579ae079850e59701c8bf55ba52abd4d6b
23118bf6eebbbc12d6544b73bf5fcb46ff0290e3b6afa5c1e332ae186b7ee56b
25b02175cc0a4e36fda24db4b7de40009feb7b31f18fe3c77423a2169929b94b
284477d57113b864ab1c02e58d2f616555afa49abc77f7641d941d78eb38f853
359a7a4381cf4c25ffb63b281e93b98b7f43d664dbc00e12cc3a065596e95516
3b4d7c223f67b89c4d51f5a523f1e27b78bd5f559a7f7042309fe97f43085c8b
3d768920d90dd3a65c0fe3030973dfc6d1dd50c85a6a4b54b68de1488a10ea1c
4998d0dff6542657339a2f17afb1da25d469ffdc3bbbc98933396c3821b6854a
597b8d67ab1ae1248dc69b6ef66b49d95eedc1ab74ae74234d86e3668d72e58e
5a55ce36f0803e5b0dd403e48009e9114a7509e8cdbb66b7e09ee7b96af38e5d
5eab03e0bb9a776cffe4e912fc45550c384c2ad112b48b331dddd43a0303022a
5ec1d1f767b7a3a3e6964755ea526e1657576b5a7c8d968a9208ffd6b1333786
6d8ba81d1b60a18707722a1f2b62dad48a6acced95a1933f49a68b5016620b93
7b43cb1814ca80746730f4207edcd1175bb5e95baf32398cfa5c891cb06713d7
83b249213dd7b5e675b83f86d8fc3f1f048f569ad8353029b84c4712d28b6f1e
853003068526c8290a08b44e300be0151e9e9a433699d18f436fcbf0e07ae9ae
9a98b88df5efd5383b488095bc1d93c2e83d7b7a01b000b6d506b73863d75b6f
9ed611de5fc0d2fed1f7bc62b26d8fd283ea878f2aee9794d06e17a781c6f1ec
a5c520394981f9feb8b34b17aa3d020f61cc7f5cb706d57939bcd1b4d3ab0cbc
b60c71b98dbb4ab180c55a78ff2394f96ef77648368d6d3e8301c15bd69289e4
c02dc92bd9d9da2fc29ffd574dc9013bd9f4026756d11f20719042482a41f722
dd112777fc359a6685659e7c18782167c3995a9d75f5d5a39a4098bf36ad11a2
de36e50194320a7d3ef1ace9bd34a875a8bd458b253c061979dd628e9bf49afd
df71cf0774d4371a24620b26bc37304db8f4e58a0ce1204be218d49c00bbaca8
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e492b9ebe9cbcd1ea08ab40d9c93f0c458a4fbbc2743695a31c409872dd80182
f6020b4b9a607d69e67a51cab89ab8352653be44d770c82873b17cff64d296d5
f94d68bd074ac3a9138d954a5ba91b444aeef97de2d067c636da0579cda3668e

www.kangaroturf.c4s.online Open in urlscan Pro 2001:41d0:301::20 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Detected technologies

Page Statistics

39 Requests

46 %HTTPS

62 %IPv6

10 Domains

17 Subdomains

13 IPs

3 Countries

2444 kBTransfer

3360 kBSize

8 Cookies

34 Outgoing links

Redirected requests

39 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 2 data transactions

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

www.kangaroturf.c4s.online Open in urlscan Pro
2001:41d0:301::20 Public Scan

Screenshot
Live screenshot

Full Image

39
Requests

46 %
HTTPS

62 %
IPv6

10
Domains

17
Subdomains

13
IPs

3
Countries

2444 kB
Transfer

3360 kB
Size

8
Cookies

39 HTTP transactions
2 data transactions