www.toyo-turf.lachezvos.pro Open in urlscan Pro
2001:41d0:301::20 Public Scan

Go To Rescan
Add Verdict Report

URL:
http://www.toyo-turf.lachezvos.pro/
Submission: On January 21 via manual (January 21st 2022, 11:34:52 pm UTC) from ML — Scanned from FR

Summary HTTP 20 Redirects Links 6 Behaviour Indicators

Summary

This website contacted 10 IPs in 3 countries across 8 domains to perform 20 HTTP transactions. The main IP is 2001:41d0:301::20, located in France and belongs to OVH, FR. The main domain is www.toyo-turf.lachezvos.pro.

This is the only time www.toyo-turf.lachezvos.pro was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
5	2001:41d0:301... 2001:41d0:301::20	16276 (OVH) (OVH)
1 3	2606:4700:303... 2606:4700:3034::6815:15de	13335 (CLOUDFLAR...) (CLOUDFLARENET)
8 8	2606:4700:303... 2606:4700:3038::6815:ea1b	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	194.150.236.236 194.150.236.236	44976 (HIWIT_AS) (HIWIT_AS)
1 2	37.59.45.66 37.59.45.66	16276 (OVH) (OVH)
1	46.105.57.169 46.105.57.169	16276 (OVH) (OVH)
1 2	37.59.53.106 37.59.53.106	16276 (OVH) (OVH)
4	185.119.26.1 185.119.26.1	203544 (WEBDEVIIN-AS) (WEBDEVIIN-AS)
2	2a00:1450:400... 2a00:1450:4001:82f::2008	15169 (GOOGLE) (GOOGLE)
3	2a00:1450:400... 2a00:1450:4001:808::200e	15169 (GOOGLE) (GOOGLE)
20	10

5 2001:41d0:301::20 (France)

ASN16276 (OVH, FR)

www.toyo-turf.lachezvos.pro	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
www.pmu-net.lachezvos.pro	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2606:4700:3034::6815:15de (United States) 1 redirects

ASN13335 (CLOUDFLARENET, US)

www.pronostic-facile.fr	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

8 2606:4700:3038::6815:ea1b (United States) 8 redirects

ASN13335 (CLOUDFLARENET, US)

img.root-top.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 194.150.236.236 (France)

ASN44976 (HIWIT_AS, FR)
PTR: ns76.hiwit.net

www.topquinte.info	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 37.59.45.66 (France) 1 redirects

ASN16276 (OVH, FR)
PTR: ns3048900.ip-37-59-45.eu

nsa39.casimages.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 46.105.57.169 (Saint-Ouen, France)

ASN16276 (OVH, FR)
PTR: cluster020.hosting.ovh.net

www.kriturf.lachezvos.pro	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 37.59.53.106 (France) 1 redirects

ASN16276 (OVH, FR)
PTR: ns3265826.ip-37-59-53.eu

nsa38.casimages.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 185.119.26.1 (France)

ASN203544 (WEBDEVIIN-AS, FR)
PTR: 1.26.119.185.in-addr.arpa

payment.allopass.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:82f::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.googletagmanager.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1450:4001:808::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
8	root-top.com 8 redirects img.root-top.com	4 KB
6	lachezvos.pro www.toyo-turf.lachezvos.pro www.pmu-net.lachezvos.pro www.kriturf.lachezvos.pro	148 KB
4	allopass.com payment.allopass.com	11 KB
4	casimages.com 2 redirects nsa39.casimages.com nsa38.casimages.com	18 KB
3	google-analytics.com www.google-analytics.com — Cisco Umbrella Rank: 42	40 KB
3	pronostic-facile.fr 1 redirects www.pronostic-facile.fr	7 KB
2	googletagmanager.com www.googletagmanager.com — Cisco Umbrella Rank: 78	73 KB
1	topquinte.info www.topquinte.info	29 KB
20	8

	Domain	Requested by
8	img.root-top.com	8 redirects
4	payment.allopass.com	www.toyo-turf.lachezvos.pro payment.allopass.com
4	www.toyo-turf.lachezvos.pro	www.toyo-turf.lachezvos.pro
3	www.google-analytics.com	www.googletagmanager.com www.google-analytics.com
3	www.pronostic-facile.fr	1 redirects www.toyo-turf.lachezvos.pro www.pronostic-facile.fr
2	www.googletagmanager.com	payment.allopass.com www.pronostic-facile.fr
2	nsa38.casimages.com	1 redirects www.toyo-turf.lachezvos.pro
2	nsa39.casimages.com	1 redirects www.toyo-turf.lachezvos.pro
1	www.kriturf.lachezvos.pro	www.toyo-turf.lachezvos.pro
1	www.topquinte.info	www.toyo-turf.lachezvos.pro
1	www.pmu-net.lachezvos.pro	www.toyo-turf.lachezvos.pro
20	11

This site contains links to these domains. Also see Links.

Domain
www.root-top.com
www.topquinte.info
payment.allopass.com

Subject Issuer	Validity	Valid
*.allopass.com Gandi Standard SSL CA 2	`2021-10-08` - `2022-10-08`	a year	crt.sh
sni.cloudflaressl.com Cloudflare Inc ECC CA-3	`2021-06-11` - `2022-06-10`	a year	crt.sh
*.google-analytics.com GTS CA 1C3	`2021-12-27` - `2022-03-21`	3 months	crt.sh

This page contains 2 frames:

Primary Page: http://www.toyo-turf.lachezvos.pro/
Frame ID: 767EFAB48E6E8BC318FBCD92C7B4CB81
Requests: 17 HTTP requests in this frame

Frame: https://www.pronostic-facile.fr/widget/papirus/pf/all
Frame ID: A9DE3F137F92CB8EF61B11312EE60449
Requests: 4 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

**Toyo-turf** Votre Site Hippique

Detected technologies

Google Analytics (Analytics) Expand

Overall confidence: 100%
Detected patterns

google-analytics\.com/(?:ga|urchin|analytics)\.js

Google Tag Manager (Tag Managers) Expand

Overall confidence: 100%
Detected patterns

googletagmanager\.com/gtm\.js
googletagmanager\.com/gtag/js

Page Statistics

20
Requests

50 %
HTTPS

50 %
IPv6

8
Domains

11
Subdomains

10
IPs

3
Countries

325 kB
Transfer

517 kB
Size

5
Cookies

6 Outgoing links

These are links going to different origins than the main page.

URL: http://www.root-top.com/topsite/pmuchampion/in.php?ID=91

Search URL Search Domain Scan URL

URL: http://www.topquinte.info/vote.php?id=35

Search URL Search Domain Scan URL

URL: http://www.root-top.com/topsite/walkerpmu/in.php?ID=51

Search URL Search Domain Scan URL

URL: http://www.root-top.com/topsite/assezdegain/in.php?ID=264

Search URL Search Domain Scan URL

URL: http://www.root-top.com/topsite/astropmu/in.php?ID=88

Search URL Search Domain Scan URL

URL: https://payment.allopass.com/buy/buy.apu?ids=345178&idd=1513443&carousel=row

Search URL Search Domain Scan URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 1

http://www.pronostic-facile.fr/widget/papirus/script/pf HTTP 301
https://www.pronostic-facile.fr/widget/papirus/script/pf

Request Chain 2

http://img.root-top.com/topsite/pmuchampion/banner.gif HTTP 301
https://img.root-top.com/topsite/pmuchampion/banner.gif HTTP 302
http://www.pmu-net.lachezvos.pro/image/pmuchmpi.gif

Request Chain 4

http://img.root-top.com/topsite/walkerpmu/banner.gif HTTP 301
https://img.root-top.com/topsite/walkerpmu/banner.gif HTTP 302
http://nsa39.casimages.com/img/2018/02/20/180220125220715231.gif HTTP 301
https://nsa39.casimages.com/img/2018/02/20/180220125220715231.gif

Request Chain 5

http://img.root-top.com/topsite/assezdegain/banner.gif HTTP 301
https://img.root-top.com/topsite/assezdegain/banner.gif HTTP 302
http://www.kriturf.lachezvos.pro/banniere/ASSEZDE%20GAIN1.gif

Request Chain 6

http://img.root-top.com/topsite/astropmu/banner.gif HTTP 301
https://img.root-top.com/topsite/astropmu/banner.gif HTTP 302
http://nsa38.casimages.com/img/2016/06/28/160628101744241252.gif HTTP 301
https://nsa38.casimages.com/img/2016/06/28/160628101744241252.gif

20 HTTP transactions
1 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H/1.1 200
OK Primary Request / Show response
www.toyo-turf.lachezvos.pro/ 4 KB
2 KB 191ms
20ms Document
text/html 2001:41d0:301::20
OVH

General

Check archive.org

Show headers Download Go to

Full URL: http://www.toyo-turf.lachezvos.pro/
Protocol: HTTP/1.1
Server: 2001:41d0:301::20 , France, ASN16276 (OVH, FR),
Reverse DNS
Software: Apache / PHP/5.6
Resource Hash: 09840f3dfc304745c038e891a902e19dece376a061ea4bdca5b4f6c7bf8df343

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Accept-Language: fr-FR,fr;q=0.9

Response headers

date: Fri, 21 Jan 2022 23:34:30 GMT
content-type: text/html; charset=UTF-8
transfer-encoding: chunked
server: Apache
x-powered-by: PHP/5.6
vary: Accept-Encoding
content-encoding: gzip
x-iplb-request-id: 200141D00008D1540000000000000012:D876_200141D0030100000000000000000020:0050_61EB4306_250F:1A1E8
x-iplb-instance: 17196

GET
H/1.1 200
OK papirus.css
www.toyo-turf.lachezvos.pro/css/ 5 KB
2 KB 17ms
16ms Stylesheet
text/css 2001:41d0:301::20
OVH

General

Check archive.org

Show headers Download Go to

Full URL: http://www.toyo-turf.lachezvos.pro/css/papirus.css
Requested by: Host: www.toyo-turf.lachezvos.pro
URL: http://www.toyo-turf.lachezvos.pro/
Protocol: HTTP/1.1
Server: 2001:41d0:301::20 , France, ASN16276 (OVH, FR),
Reverse DNS
Software: Apache /
Resource Hash: d454a244c6772318518244533b2c9c70f7fa63724ab961ff35c1204becffd5c6

Request headers

Accept-Language: fr-FR,fr;q=0.9
Referer: http://www.toyo-turf.lachezvos.pro/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Fri, 21 Jan 2022 23:34:30 GMT
content-encoding: gzip
last-modified: Sun, 03 Dec 2017 08:46:59 GMT
server: Apache
x-iplb-request-id: 200141D00008D1540000000000000012:D876_200141D0030100000000000000000020:0050_61EB4306_2511:1A1E8
x-iplb-instance: 17196
vary: Accept-Encoding
content-type: text/css
cache-control: max-age=900
accept-ranges: bytes
content-length: 1211
expires: Fri, 21 Jan 2022 23:49:30 GMT

GET
H2

200

pf Show response
www.pronostic-facile.fr/widget/papirus/script/
Redirect Chain

http://www.pronostic-facile.fr/widget/papirus/script/pf
https://www.pronostic-facile.fr/widget/papirus/script/pf

239 B
908 B

17427ms
17384ms

Script
text/html

2606:4700:3034::6815:15de
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://www.pronostic-facile.fr/widget/papirus/script/pf
Requested by: Host: www.toyo-turf.lachezvos.pro
URL: http://www.toyo-turf.lachezvos.pro/
Protocol: H2
Server: 2606:4700:3034::6815:15de , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 0ad44ed1b2c884bdf0f195bf960e01755350446c84f3cce92a087972ece33b98

Request headers

Accept-Language: fr-FR,fr;q=0.9
Referer: http://www.toyo-turf.lachezvos.pro/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

x-runtime: 1
date: Fri, 21 Jan 2022 23:34:47 GMT
content-encoding: br
cf-cache-status: DYNAMIC
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=EuTAQ%2Fiv6KvETwAjEn1kenz2KAYRpHUWMayybF49S82qtN1fMVnKWE2DKh89oAOzXYCTYlz%2FokOrvJoMQ1DGIH7o%2Bib152uHtvWPgGnpvbqQExwM%2FFPZNrf8lNRSfmPrkyLiLSRFRFpDNBtLWOJ%2BUW%2BjSUQ4Lw%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/html; charset=utf-8
cache-control: private, max-age=0, must-revalidate
cf-ray: 6d145a88e9824093-CDG
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400

Redirect headers

Date: Fri, 21 Jan 2022 23:34:30 GMT
CF-Cache-Status: DYNAMIC
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Server: cloudflare
Transfer-Encoding: chunked
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=bIpDlC0bBQRx2O7TJPwVgSd5LQsX3v9BYTP4H2fJE8EjJfO9RyUnSkq8Dn1GWPfqE1sWftE7ruCxSu%2BTRp0qNjuhjjXzOzTXzHAQjBOEMtFdP0SK5lPajqOeJWj4P8%2FvzNsAQGUjF3L26xQFg2etWPakplUu6g%3D%3D"}],"group":"cf-nel","max_age":604800}
Content-Type: text/html
location: https://www.pronostic-facile.fr/widget/papirus/script/pf
Connection: keep-alive
CF-RAY: 6d145a882bba0863-CDG
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400

GET
H/1.1

200
OK

pmuchmpi.gif
www.pmu-net.lachezvos.pro/image/
Redirect Chain

http://img.root-top.com/topsite/pmuchampion/banner.gif
https://img.root-top.com/topsite/pmuchampion/banner.gif
http://www.pmu-net.lachezvos.pro/image/pmuchmpi.gif

9 KB
9 KB

168ms
17ms

Image
image/gif

2001:41d0:301::20
OVH

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://www.pmu-net.lachezvos.pro/image/pmuchmpi.gif
Requested by: Host: www.toyo-turf.lachezvos.pro
URL: http://www.toyo-turf.lachezvos.pro/
Protocol: HTTP/1.1
Server: 2001:41d0:301::20 , France, ASN16276 (OVH, FR),
Reverse DNS
Software: Apache /
Resource Hash: aed59e8323afae6683109f7202e812c6641c3775e23aac648097cf702f462d1a

Request headers

Accept-Language: fr-FR,fr;q=0.9
Referer: http://www.toyo-turf.lachezvos.pro/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Fri, 21 Jan 2022 23:34:30 GMT
last-modified: Sun, 01 Dec 2019 13:31:47 GMT
server: Apache
x-iplb-request-id: 200141D00008D1540000000000000012:D8A2_200141D0030100000000000000000020:0050_61EB4306_5DF5:3730
x-iplb-instance: 18163
content-type: image/gif
cache-control: max-age=900
accept-ranges: bytes
content-length: 9008
expires: Fri, 21 Jan 2022 23:49:30 GMT

Redirect headers

date: Fri, 21 Jan 2022 23:34:30 GMT
cf-cache-status: BYPASS
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=tqEHMmyEwprwIksSBXV7a%2Bc3BRqRav%2FqVdJ%2Ff09MoDqpJ5mhB8VGhBGxq0SUoLOPpGoShfLYtCEE3TtHfyze7dzunukU7LIwUMa1YrDuOnbTEBBOy%2BD5JMsE4B4kzWeykqR2lUSFvfPobhqUBCAU"}],"group":"cf-nel","max_age":604800}
content-type: text/html; charset=iso-8859-1
location: http://www.pmu-net.lachezvos.pro/image/pmuchmpi.gif
cf-ray: 6d145a885f9b76a1-LHR
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400

GET
H/1.1 200
OK logo.gif
www.topquinte.info/img/ 29 KB
29 KB 372ms
20ms Image
image/gif 194.150.236.236
HIWIT_AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://www.topquinte.info/img/logo.gif
Requested by: Host: www.toyo-turf.lachezvos.pro
URL: http://www.toyo-turf.lachezvos.pro/
Protocol: HTTP/1.1
Server: 194.150.236.236 , France, ASN44976 (HIWIT_AS, FR),
Reverse DNS: ns76.hiwit.net
Software: Apache /
Resource Hash: 1359a589af7164944b6f3b1cf85fe7419a18b0874815ded09311d1a831610546

Request headers

Accept-Language: fr-FR,fr;q=0.9
Referer: http://www.toyo-turf.lachezvos.pro/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

Date: Fri, 21 Jan 2022 23:34:30 GMT
Last-Modified: Fri, 27 Aug 2021 17:53:32 GMT
Server: Apache
ETag: "25dab6b-74af-5ca8e2961df00"
Vary: Host
Content-Type: image/gif
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=15, max=100
Content-Length: 29871

GET
H/1.1

200
OK

180220125220715231.gif
nsa39.casimages.com/img/2018/02/20/
Redirect Chain

http://img.root-top.com/topsite/walkerpmu/banner.gif
https://img.root-top.com/topsite/walkerpmu/banner.gif
http://nsa39.casimages.com/img/2018/02/20/180220125220715231.gif
https://nsa39.casimages.com/img/2018/02/20/180220125220715231.gif

7 KB
7 KB

60ms
14ms

Image
image/gif

37.59.45.66
OVH

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://nsa39.casimages.com/img/2018/02/20/180220125220715231.gif

Requested by

Host: www.toyo-turf.lachezvos.pro
URL: http://www.toyo-turf.lachezvos.pro/

Protocol

HTTP/1.1

Server

37.59.45.66 , France, ASN16276 (OVH, FR),

Reverse DNS

ns3048900.ip-37-59-45.eu

Software

Apache /

Resource Hash

200f36289ec1b3eb5bd608921d3253b75cd5bc80baf5c1d349252f6cce533a7d

Security Headers

Name	Value
Strict-Transport-Security	max-age=31556926

Request headers

Accept-Language: fr-FR,fr;q=0.9
Referer: http://www.toyo-turf.lachezvos.pro/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

Date: Fri, 21 Jan 2022 23:39:20 GMT
Last-Modified: Tue, 20 Feb 2018 11:47:57 GMT
Server: Apache
ETag: "439df2c-1ab5-565a361b6d540"
Strict-Transport-Security: max-age=31556926
Content-Type: image/gif
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=100
Content-Length: 6837

Redirect headers

Location: https://nsa39.casimages.com/img/2018/02/20/180220125220715231.gif
Date: Fri, 21 Jan 2022 23:39:20 GMT
Server: Apache
Connection: Keep-Alive
Keep-Alive: timeout=5, max=100
Content-Length: 273
Content-Type: text/html; charset=iso-8859-1

GET
H/1.1

200
OK

ASSEZDE%20GAIN1.gif
www.kriturf.lachezvos.pro/banniere/
Redirect Chain

http://img.root-top.com/topsite/assezdegain/banner.gif
https://img.root-top.com/topsite/assezdegain/banner.gif
http://www.kriturf.lachezvos.pro/banniere/ASSEZDE%20GAIN1.gif

5 KB
5 KB

191ms
18ms

Image
image/gif

46.105.57.169
OVH

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://www.kriturf.lachezvos.pro/banniere/ASSEZDE%20GAIN1.gif
Requested by: Host: www.toyo-turf.lachezvos.pro
URL: http://www.toyo-turf.lachezvos.pro/
Protocol: HTTP/1.1
Server: 46.105.57.169 Saint-Ouen, France, ASN16276 (OVH, FR),
Reverse DNS: cluster020.hosting.ovh.net
Software: Apache /
Resource Hash: 7053d08a8d3f455165a518bcff1df4f603bda6f19616a0e479dbfc39989b87ad

Request headers

Accept-Language: fr-FR,fr;q=0.9
Referer: http://www.toyo-turf.lachezvos.pro/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Fri, 21 Jan 2022 23:34:30 GMT
last-modified: Fri, 03 Feb 2017 19:12:15 GMT
server: Apache
x-iplb-request-id: 253BA46B:901E_2E6939A9:0050_61EB4306_4876A:276F4
x-iplb-instance: 38228
content-type: image/gif
cache-control: max-age=900
accept-ranges: bytes
content-length: 4905
expires: Fri, 21 Jan 2022 23:49:30 GMT

Redirect headers

date: Fri, 21 Jan 2022 23:34:30 GMT
cf-cache-status: BYPASS
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=YaH4Qk3hY8tnypjQMXIKgzAQArWFhh5u%2BT0%2FU1KqMF03mCjXrfeyInY3z4ivi%2F4i5oygYU8d2F6o31D5TwFbXddYda1cDT%2BSoouXqZOimdSyl5NKRbPmaYkA5qQafjrwZjMNIM8IMXw%2FA2u3PH0m"}],"group":"cf-nel","max_age":604800}
content-type: text/html; charset=iso-8859-1
location: http://www.kriturf.lachezvos.pro/banniere/ASSEZDE%20GAIN1.gif
cf-ray: 6d145a885f9676a1-LHR
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400

GET
H/1.1

200
OK

160628101744241252.gif
nsa38.casimages.com/img/2016/06/28/
Redirect Chain

http://img.root-top.com/topsite/astropmu/banner.gif
https://img.root-top.com/topsite/astropmu/banner.gif
http://nsa38.casimages.com/img/2016/06/28/160628101744241252.gif
https://nsa38.casimages.com/img/2016/06/28/160628101744241252.gif

10 KB
10 KB

64ms
14ms

Image
image/gif

37.59.53.106
OVH

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://nsa38.casimages.com/img/2016/06/28/160628101744241252.gif

Requested by

Host: www.toyo-turf.lachezvos.pro
URL: http://www.toyo-turf.lachezvos.pro/

Protocol

HTTP/1.1

Server

37.59.53.106 , France, ASN16276 (OVH, FR),

Reverse DNS

ns3265826.ip-37-59-53.eu

Software

Apache /

Resource Hash

000127d6fa63290a03f275ce0701147e784eb23a91f5246d92fd8bcfad252b21

Security Headers

Name	Value
Strict-Transport-Security	max-age=31556926

Request headers

Accept-Language: fr-FR,fr;q=0.9
Referer: http://www.toyo-turf.lachezvos.pro/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

Date: Sat, 22 Jan 2022 00:10:24 GMT
Last-Modified: Mon, 25 Jun 2018 19:40:26 GMT
Server: Apache
ETag: "9470f7b-27c3-56f7c8d9f011a"
Strict-Transport-Security: max-age=31556926
Content-Type: image/gif
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=100
Content-Length: 10179

Redirect headers

Location: https://nsa38.casimages.com/img/2016/06/28/160628101744241252.gif
Date: Sat, 22 Jan 2022 00:10:23 GMT
Server: Apache
Connection: Keep-Alive
Keep-Alive: timeout=5, max=100
Content-Length: 273
Content-Type: text/html; charset=iso-8859-1

GET
H/1.1 200
OK checkout.apu Show response
payment.allopass.com/buy/ 11 KB
4 KB 519ms
308ms Script
text/html 185.119.26.1
WEBDEVIIN-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://payment.allopass.com/buy/checkout.apu?ids=345178&idd=1513443&lang=fr
Requested by: Host: www.toyo-turf.lachezvos.pro
URL: http://www.toyo-turf.lachezvos.pro/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 185.119.26.1 , France, ASN203544 (WEBDEVIIN-AS, FR),
Reverse DNS: 1.26.119.185.in-addr.arpa
Software: Apache /
Resource Hash: 0f9ab15e4319612e7f4d7d9c69c5b6dbc5e2e0af5dfef9081a6c8df4ad652d32

Request headers

Accept-Language: fr-FR,fr;q=0.9
Referer: http://www.toyo-turf.lachezvos.pro/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

Pragma: no-cache
Date: Fri, 21 Jan 2022 23:34:30 GMT
Content-Encoding: gzip
Server: Apache
Vary: Accept-Encoding
P3P: CP='NON NID OTPa OUR NOR' policy-ref='http://payment.allopass.com/info/p3p/policy-references.xml'
Cache-Control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
Connection: close
Content-Type: text/html
Content-Length: 2961
Expires: Thu, 19 Nov 1981 08:52:00 GMT

GET
H/1.1 200
OK 26000.gif
www.toyo-turf.lachezvos.pro/banniere/ 17 KB
18 KB 32ms
17ms Image
image/gif 2001:41d0:301::20
OVH

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://www.toyo-turf.lachezvos.pro/banniere/26000.gif
Requested by: Host: www.toyo-turf.lachezvos.pro
URL: http://www.toyo-turf.lachezvos.pro/
Protocol: HTTP/1.1
Server: 2001:41d0:301::20 , France, ASN16276 (OVH, FR),
Reverse DNS
Software: Apache /
Resource Hash: 5b3533f5ab1437ab7e5913a3d68cd2e284388147a22d2ea9346623c2a58ff936

Request headers

Accept-Language: fr-FR,fr;q=0.9
Referer: http://www.toyo-turf.lachezvos.pro/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Fri, 21 Jan 2022 23:34:30 GMT
last-modified: Sun, 03 Dec 2017 08:33:49 GMT
server: Apache
x-iplb-request-id: 200141D00008D1540000000000000012:D87A_200141D0030100000000000000000020:0050_61EB4306_41F8A:D677
x-iplb-instance: 38229
content-type: image/gif
cache-control: max-age=900
accept-ranges: bytes
content-length: 17666
expires: Fri, 21 Jan 2022 23:49:30 GMT

GET
H/1.1 200
OK Toyo%20Turf%201.jpg
www.toyo-turf.lachezvos.pro/banniere/ 112 KB
113 KB 16ms
16ms Image
image/jpeg 2001:41d0:301::20
OVH

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://www.toyo-turf.lachezvos.pro/banniere/Toyo%20Turf%201.jpg
Requested by: Host: www.toyo-turf.lachezvos.pro
URL: http://www.toyo-turf.lachezvos.pro/css/papirus.css
Protocol: HTTP/1.1
Server: 2001:41d0:301::20 , France, ASN16276 (OVH, FR),
Reverse DNS
Software: Apache /
Resource Hash: 710f3ca952d2e0cd0e388cdaab903a63868d1f31ead8b5f5fd81d358d6b6ef62

Request headers

Accept-Language: fr-FR,fr;q=0.9
Referer: http://www.toyo-turf.lachezvos.pro/css/papirus.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Fri, 21 Jan 2022 23:34:30 GMT
last-modified: Sun, 03 Dec 2017 08:33:53 GMT
server: Apache
x-iplb-request-id: 200141D00008D1540000000000000012:D876_200141D0030100000000000000000020:0050_61EB4306_2514:1A1E8
x-iplb-instance: 17196
content-type: image/jpeg
cache-control: max-age=900
accept-ranges: bytes
content-length: 114819
expires: Fri, 21 Jan 2022 23:49:30 GMT

GET
H2 200 all Show response
www.pronostic-facile.fr/widget/papirus/pf/ Frame A9DE 15 KB
6 KB 47ms
46ms Document
text/html 2606:4700:3034::6815:15de
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://www.pronostic-facile.fr/widget/papirus/pf/all
Requested by: Host: www.pronostic-facile.fr
URL: http://www.pronostic-facile.fr/widget/papirus/script/pf
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3034::6815:15de , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: f89e944a464baadf89dac8a2bd2db1801c7ab8c95b1ba7f47c788f4c445f3c81

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Accept-Language: fr-FR,fr;q=0.9
Referer: http://www.toyo-turf.lachezvos.pro/

Response headers

date: Fri, 21 Jan 2022 23:34:47 GMT
content-type: text/html; charset=utf-8
vary: Accept-Encoding
x-runtime: 1
cache-control: private, max-age=0, must-revalidate
cf-cache-status: DYNAMIC
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=VKHan%2BETjS8XCdmpHfzkOZUS4KhKtfo5pFPxfIbEMObtKB3lZdawUYV36BpKC4NBSpARclb%2F3gVMl5X3f5mde7OACXvJCqDzVTMSrjcrRwpzgwAVFRzSHkQVZPO752S8TuZMCqlFZiqNGR0kCig1cC6MmMVFWg%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 6d145af58f934093-CDG
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400

GET
H/1.1 200
OK bt_ok.gif
payment.allopass.com/imgweb/common/ 753 B
991 B 73ms
23ms Image
image/gif 185.119.26.1
WEBDEVIIN-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://payment.allopass.com/imgweb/common/bt_ok.gif
Requested by: Host: www.toyo-turf.lachezvos.pro
URL: http://www.toyo-turf.lachezvos.pro/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 185.119.26.1 , France, ASN203544 (WEBDEVIIN-AS, FR),
Reverse DNS: 1.26.119.185.in-addr.arpa
Software: Apache /
Resource Hash: d1d6b5efe0d6c2540778435a8f7873cbec1eb76a2b107370388a8806cb5dda6a

Request headers

Accept-Language: fr-FR,fr;q=0.9
Referer: http://www.toyo-turf.lachezvos.pro/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

Date: Fri, 21 Jan 2022 23:34:47 GMT
Last-Modified: Tue, 26 Nov 2019 14:39:46 GMT
Server: Apache
ETag: "22a09-2f1-59840d9fb3080"
Content-Type: image/gif
Connection: close
Accept-Ranges: bytes
Content-Length: 753

GET
H2 200 gtm.js Show response
www.googletagmanager.com/ 95 KB
37 KB 100ms
41ms Script
application/javascript 2a00:1450:4001:82f::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtm.js?id=GTM-NHFGDSD

Requested by

Host: payment.allopass.com
URL: https://payment.allopass.com/buy/checkout.apu?ids=345178&idd=1513443&lang=fr

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82f::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

fc2939b99f41672850a7d0bfd08e5ebfb90c11fa049cb24e3c5ba69eb860e848

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

Accept-Language: fr-FR,fr;q=0.9
Referer: http://www.toyo-turf.lachezvos.pro/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Fri, 21 Jan 2022 23:34:48 GMT
content-encoding: br
vary: Accept-Encoding
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 37567
x-xss-protection: 0
last-modified: Fri, 21 Jan 2022 21:00:00 GMT
server: Google Tag Manager
strict-transport-security: max-age=31536000; includeSubDomains
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Fri, 21 Jan 2022 23:34:48 GMT

GET
H/1.1 200
OK buy-button.css
payment.allopass.com/static/css/ 2 KB
830 B 56ms
23ms Stylesheet
text/css 185.119.26.1
WEBDEVIIN-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://payment.allopass.com/static/css/buy-button.css?1
Requested by: Host: payment.allopass.com
URL: https://payment.allopass.com/buy/checkout.apu?ids=345178&idd=1513443&lang=fr
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 185.119.26.1 , France, ASN203544 (WEBDEVIIN-AS, FR),
Reverse DNS: 1.26.119.185.in-addr.arpa
Software: Apache /
Resource Hash: 95eb15e76b752a9c78d6281cd3b7c43a8fbc2931783edf3bf3703af55eff06e2

Request headers

Accept-Language: fr-FR,fr;q=0.9
Referer: http://www.toyo-turf.lachezvos.pro/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

Date: Fri, 21 Jan 2022 23:34:47 GMT
Content-Encoding: gzip
Last-Modified: Tue, 16 Nov 2021 13:36:55 GMT
Server: Apache
ETag: "26782-69a-5d0e804cbabc0"
Vary: Accept-Encoding
Content-Type: text/css
Connection: close
Accept-Ranges: bytes
Content-Length: 546

GET
H/1.1 200
OK 162x56.png
payment.allopass.com/static/buy/button/fr/ 6 KB
6 KB 65ms
23ms Image
image/png 185.119.26.1
WEBDEVIIN-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://payment.allopass.com/static/buy/button/fr/162x56.png
Requested by: Host: www.toyo-turf.lachezvos.pro
URL: http://www.toyo-turf.lachezvos.pro/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 185.119.26.1 , France, ASN203544 (WEBDEVIIN-AS, FR),
Reverse DNS: 1.26.119.185.in-addr.arpa
Software: Apache /
Resource Hash: 7dd9659e56e92abc376e04d427903b2cfca1d52d854d38e35fefa4cf9e7fd9db

Request headers

Accept-Language: fr-FR,fr;q=0.9
Referer: http://www.toyo-turf.lachezvos.pro/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

Date: Fri, 21 Jan 2022 23:34:47 GMT
Last-Modified: Tue, 16 Nov 2021 13:36:55 GMT
Server: Apache
ETag: "216d9-1688-5d0e804cbabc0"
Content-Type: image/png
Connection: close
Accept-Ranges: bytes
Content-Length: 5768

GET
H2 200 js Show response
www.googletagmanager.com/gtag/ Frame A9DE 91 KB
36 KB 75ms
71ms Script
application/javascript 2a00:1450:4001:82f::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=UA-630351-12

Requested by

Host: www.pronostic-facile.fr
URL: https://www.pronostic-facile.fr/widget/papirus/pf/all

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82f::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

bb3a3554af2510e136b5c46e796ff08890408af4b052cbed101e4cc6c44898a7

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

Accept-Language: fr-FR,fr;q=0.9
Referer: https://www.pronostic-facile.fr/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Fri, 21 Jan 2022 23:34:48 GMT
content-encoding: br
vary: Accept-Encoding
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 36452
x-xss-protection: 0
last-modified: Fri, 21 Jan 2022 21:00:00 GMT
server: Google Tag Manager
strict-transport-security: max-age=31536000; includeSubDomains
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Fri, 21 Jan 2022 23:34:48 GMT

GET
DATA 200
OK truncated
/ Frame A9DE 1 KB
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: cc1f17eb97dc9ae2e869982ff18c92729195281f5b6b685128e10778b24e73a3

Request headers

Accept-Language: fr-FR,fr;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

Content-Type: image/png

GET
H2 200 analytics.js Show response
www.google-analytics.com/ 49 KB
20 KB 83ms
25ms Script
text/javascript 2a00:1450:4001:808::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/analytics.js

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-NHFGDSD

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:808::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

a1925038db769477ab74b4df34350c35688a795bb718727b0f4292a4a78a6210

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Accept-Language: fr-FR,fr;q=0.9
Referer: http://www.toyo-turf.lachezvos.pro/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

strict-transport-security: max-age=10886400; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Tue, 02 Nov 2021 17:39:06 GMT
server: Golfe2
age: 5396
date: Fri, 21 Jan 2022 22:04:52 GMT
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=7200
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 20006
expires: Sat, 22 Jan 2022 00:04:52 GMT

GET
H2 200 analytics.js Show response
www.google-analytics.com/ Frame A9DE 49 KB
20 KB 76ms
33ms Script
text/javascript 2a00:1450:4001:808::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/analytics.js

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=UA-630351-12

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:808::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

a1925038db769477ab74b4df34350c35688a795bb718727b0f4292a4a78a6210

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Accept-Language: fr-FR,fr;q=0.9
Referer: https://www.pronostic-facile.fr/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

strict-transport-security: max-age=10886400; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Tue, 02 Nov 2021 17:39:06 GMT
server: Golfe2
age: 5396
date: Fri, 21 Jan 2022 22:04:52 GMT
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=7200
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 20006
expires: Sat, 22 Jan 2022 00:04:52 GMT

POST
H3 200 collect Show response
www.google-analytics.com/j/ 1 B
21 B 75ms
37ms XHR
text/plain 2a00:1450:4001:808::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/j/collect?v=1&_v=j96&a=1011450925&t=pageview&_s=1&dl=http%3A%2F%2Fwww.toyo-turf.lachezvos.pro%2F&ul=en-us&de=UTF-8&dt=**Toyo-turf**%20Votre%20Site%20Hippique&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=YEBAAEABAAAAAC~&jid=829256959&gjid=277017403&cid=1388118919.1642808088&tid=UA-135619294-1&_gid=2019389998.1642808088&_r=1&gtm=2wg1j0NHFGDSD&cd1=ALS-LIBS-CHECKOUT-15&cd2=1513443&cd3=345178&cd4=(not%20set)&cd5=classic&z=603904128

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:808::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: http://www.toyo-turf.lachezvos.pro/
Accept-Language: fr-FR,fr;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Fri, 21 Jan 2022 23:34:48 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: http://www.toyo-turf.lachezvos.pro
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1
expires: Fri, 01 Jan 1990 00:00:00 GMT

Verdicts & Comments Add Verdict or Comment

17 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

5 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
payment.allopass.com/	1969-12-31 23:59:59	Name: ShopSessionId Value: e9640a82-c55a-4278-a4d4-d426a45c0b86
.allopass.com/	1970-01-20 09:05:44	Name: AP_CUSK Value: 3551527158
.lachezvos.pro/	1970-01-20 17:51:20	Name: _ga Value: GA1.2.1388118919.1642808088
.lachezvos.pro/	1970-01-20 00:21:34	Name: _gid Value: GA1.2.2019389998.1642808088
.lachezvos.pro/	1970-01-20 00:20:08	Name: _gat_UA-135619294-1 Value: 1

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

img.root-top.com
nsa38.casimages.com
nsa39.casimages.com
payment.allopass.com
www.google-analytics.com
www.googletagmanager.com
www.kriturf.lachezvos.pro
www.pmu-net.lachezvos.pro
www.pronostic-facile.fr
www.topquinte.info
www.toyo-turf.lachezvos.pro
185.119.26.1
194.150.236.236
2001:41d0:301::20
2606:4700:3034::6815:15de
2606:4700:3038::6815:ea1b
2a00:1450:4001:808::200e
2a00:1450:4001:82f::2008
37.59.45.66
37.59.53.106
46.105.57.169
000127d6fa63290a03f275ce0701147e784eb23a91f5246d92fd8bcfad252b21
09840f3dfc304745c038e891a902e19dece376a061ea4bdca5b4f6c7bf8df343
0ad44ed1b2c884bdf0f195bf960e01755350446c84f3cce92a087972ece33b98
0f9ab15e4319612e7f4d7d9c69c5b6dbc5e2e0af5dfef9081a6c8df4ad652d32
1359a589af7164944b6f3b1cf85fe7419a18b0874815ded09311d1a831610546
200f36289ec1b3eb5bd608921d3253b75cd5bc80baf5c1d349252f6cce533a7d
5b3533f5ab1437ab7e5913a3d68cd2e284388147a22d2ea9346623c2a58ff936
6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b
7053d08a8d3f455165a518bcff1df4f603bda6f19616a0e479dbfc39989b87ad
710f3ca952d2e0cd0e388cdaab903a63868d1f31ead8b5f5fd81d358d6b6ef62
7dd9659e56e92abc376e04d427903b2cfca1d52d854d38e35fefa4cf9e7fd9db
95eb15e76b752a9c78d6281cd3b7c43a8fbc2931783edf3bf3703af55eff06e2
a1925038db769477ab74b4df34350c35688a795bb718727b0f4292a4a78a6210
aed59e8323afae6683109f7202e812c6641c3775e23aac648097cf702f462d1a
bb3a3554af2510e136b5c46e796ff08890408af4b052cbed101e4cc6c44898a7
cc1f17eb97dc9ae2e869982ff18c92729195281f5b6b685128e10778b24e73a3
d1d6b5efe0d6c2540778435a8f7873cbec1eb76a2b107370388a8806cb5dda6a
d454a244c6772318518244533b2c9c70f7fa63724ab961ff35c1204becffd5c6
f89e944a464baadf89dac8a2bd2db1801c7ab8c95b1ba7f47c788f4c445f3c81
fc2939b99f41672850a7d0bfd08e5ebfb90c11fa049cb24e3c5ba69eb860e848

www.toyo-turf.lachezvos.pro Open in urlscan Pro 2001:41d0:301::20 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Detected technologies

Page Statistics

20 Requests

50 %HTTPS

50 %IPv6

8 Domains

11 Subdomains

10 IPs

3 Countries

325 kBTransfer

517 kBSize

5 Cookies

6 Outgoing links

Redirected requests

20 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 1 data transactions

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Verdicts & Comments Add Verdict or Comment

17 JavaScript Global Variables

5 Cookies

Indicators

www.toyo-turf.lachezvos.pro Open in urlscan Pro
2001:41d0:301::20 Public Scan

Screenshot
Live screenshot

Full Image

20
Requests

50 %
HTTPS

50 %
IPv6

8
Domains

11
Subdomains

10
IPs

3
Countries

325 kB
Transfer

517 kB
Size

5
Cookies

20 HTTP transactions
1 data transactions