confidence-turf.turfez.net Open in urlscan Pro
185.98.131.130 Public Scan

Go To Rescan
Add Verdict Report

URL:
http://confidence-turf.turfez.net/
Submission: On April 08 via manual (April 8th 2022, 9:29:22 pm UTC) from ML — Scanned from FR

Summary HTTP 24 Redirects Links 10 Behaviour Indicators

Summary

This website contacted 8 IPs in 3 countries across 10 domains to perform 24 HTTP transactions. The main IP is 185.98.131.130, located in France and belongs to LWS, FR. The main domain is confidence-turf.turfez.net.

This is the only time confidence-turf.turfez.net was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
10	185.98.131.130 185.98.131.130	210403 (LWS) (LWS)
3	185.119.26.1 185.119.26.1	203544 (WEBDEVIIN-AS) (WEBDEVIIN-AS)
16 16	2a06:98c1:312... 2a06:98c1:3120::7	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	194.150.236.190 194.150.236.190	44976 (HIWIT_AS) (HIWIT_AS)
2 2	151.101.130.2 151.101.130.2	54113 (FASTLY) (FASTLY)
2 5	151.101.2.2 151.101.2.2	54113 (FASTLY) (FASTLY)
3	2a00:1450:400... 2a00:1450:4001:808::2001	15169 (GOOGLE) (GOOGLE)
1	212.27.63.154 212.27.63.154	12322 (PROXAD) (PROXAD)
1	2a00:1450:400... 2a00:1450:4001:810::2008	15169 (GOOGLE) (GOOGLE)
2	2a00:1450:400... 2a00:1450:4001:82f::200e	15169 (GOOGLE) (GOOGLE)
24	8

10 185.98.131.130 (France)

ASN210403 (LWS, FR)

confidence-turf.turfez.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 185.119.26.1 (France)

ASN203544 (WEBDEVIIN-AS, FR)
PTR: 1.26.119.185.in-addr.arpa

payment.allopass.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

16 2a06:98c1:3120::7 (United States) 16 redirects

ASN13335 (CLOUDFLARENET, US)

img.root-top.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 194.150.236.190 (France)

ASN44976 (HIWIT_AS, FR)
PTR: ns30.hiwit.net

www.turfsur.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 151.101.130.2 (United States) 2 redirects

ASN54113 (FASTLY, US)

u.jimdo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 151.101.2.2 (United States) 2 redirects

ASN54113 (FASTLY, US)

u.jimcdn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
image.jimcdn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1450:4001:808::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

4.bp.blogspot.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
1.bp.blogspot.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 212.27.63.154 (Bois-Colombes, France)

ASN12322 (PROXAD, FR)
PTR: perso154-g5.free.fr

lemagicienduturf.free.fr	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:810::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.googletagmanager.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:82f::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
16	root-top.com 16 redirects img.root-top.com	9 KB
10	turfez.net confidence-turf.turfez.net	2 MB
5	jimcdn.com 2 redirects u.jimcdn.com — Cisco Umbrella Rank: 76749 image.jimcdn.com — Cisco Umbrella Rank: 52571	145 KB
3	blogspot.com 4.bp.blogspot.com — Cisco Umbrella Rank: 11353 1.bp.blogspot.com — Cisco Umbrella Rank: 8645	153 KB
3	allopass.com payment.allopass.com	10 KB
2	google-analytics.com www.google-analytics.com — Cisco Umbrella Rank: 37	20 KB
2	jimdo.com 2 redirects u.jimdo.com	814 B
1	googletagmanager.com www.googletagmanager.com — Cisco Umbrella Rank: 71	38 KB
1	free.fr lemagicienduturf.free.fr	3 KB
1	turfsur.com www.turfsur.com	29 KB
24	10

	Domain	Requested by
16	img.root-top.com	16 redirects
10	confidence-turf.turfez.net	confidence-turf.turfez.net
3	image.jimcdn.com	confidence-turf.turfez.net
3	payment.allopass.com	confidence-turf.turfez.net payment.allopass.com
2	www.google-analytics.com	www.googletagmanager.com www.google-analytics.com
2	1.bp.blogspot.com	confidence-turf.turfez.net
2	u.jimcdn.com	2 redirects
2	u.jimdo.com	2 redirects
1	www.googletagmanager.com	payment.allopass.com
1	lemagicienduturf.free.fr	confidence-turf.turfez.net
1	4.bp.blogspot.com	confidence-turf.turfez.net
1	www.turfsur.com	confidence-turf.turfez.net
24	12

This site contains links to these domains. Also see Links.

Domain
www.neosurf.com
payment.allopass.com
www.root-top.com

Subject Issuer	Validity	Valid
*.allopass.com Gandi Standard SSL CA 2	`2021-10-08` - `2022-10-08`	a year	crt.sh
*.google-analytics.com GTS CA 1C3	`2022-03-21` - `2022-06-13`	3 months	crt.sh

This page contains 1 frames:

Primary Page: http://confidence-turf.turfez.net/
Frame ID: 4B80FD9F391B77EFB70A5DECFAAFCBBD
Requests: 24 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

confidence_turf

Detected technologies

Google Analytics (Analytics) Expand

Overall confidence: 100%
Detected patterns

google-analytics\.com/(?:ga|urchin|analytics)\.js

Google Tag Manager (Tag Managers) Expand

Overall confidence: 100%
Detected patterns

googletagmanager\.com/gtm\.js

Page Statistics

24
Requests

25 %
HTTPS

40 %
IPv6

10
Domains

12
Subdomains

8
IPs

3
Countries

2124 kB
Transfer

2234 kB
Size

5
Cookies

10 Outgoing links

These are links going to different origins than the main page.

URL: https://www.neosurf.com/
Title: Où acheter un code Neosurf?

Search URL Search Domain Scan URL

URL: https://payment.allopass.com/buy/buy.apu?ids=356772&idd=1555889&carousel=row

Search URL Search Domain Scan URL

URL: http://www.root-top.com/topsite/zetop/
Title: ZETOP

Search URL Search Domain Scan URL

URL: http://www.root-top.com/topsite/genialpmu/in.php?ID=132

Search URL Search Domain Scan URL

URL: http://www.root-top.com/topsite/bestpmu/in.php?ID=61

Search URL Search Domain Scan URL

URL: http://www.root-top.com/topsite/specialtqq/in.php?ID=52

Search URL Search Domain Scan URL

URL: http://www.root-top.com/topsite/topturfjs/in.php?ID=1943

Search URL Search Domain Scan URL

URL: http://www.root-top.com/topsite/exelturf/in.php?ID=532

Search URL Search Domain Scan URL

URL: http://www.root-top.com/topsite/jmpep80top/in.php?ID=1143

Search URL Search Domain Scan URL

URL: http://www.root-top.com/topsite/turfoscope/in.php?ID=668

Search URL Search Domain Scan URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 4

http://img.root-top.com/topsite/zetop/banner.gif HTTP 301
https://img.root-top.com/topsite/zetop/banner.gif HTTP 302
http://www.turfsur.com/logos_turf/zetop.gif

Request Chain 6

http://img.root-top.com/topsite/genialpmu/banner.gif HTTP 301
https://img.root-top.com/topsite/genialpmu/banner.gif HTTP 302
http://u.jimdo.com/www39/o/s2911919fcac3db41/img/ie114481cf3a5f1df/1423770519/thumb/image.gif HTTP 301
https://u.jimcdn.com/www39/o/s2911919fcac3db41/img/ie114481cf3a5f1df/1423770519/thumb/image.gif HTTP 301
https://image.jimcdn.com/app/cms/image/transf/dimension=150x150:mode=crop:format=gif/path/s2911919fcac3db41/image/ie114481cf3a5f1df/version/1423770519/image.gif

Request Chain 7

http://img.root-top.com/topsite/bestpmu/banner.gif HTTP 301
https://img.root-top.com/topsite/bestpmu/banner.gif HTTP 302
http://u.jimdo.com/www39/o/s2911919fcac3db41/img/i2025f7d7f6692e06/1423770519/thumb/image.gif HTTP 301
https://u.jimcdn.com/www39/o/s2911919fcac3db41/img/i2025f7d7f6692e06/1423770519/thumb/image.gif HTTP 301
https://image.jimcdn.com/app/cms/image/transf/dimension=150x150:mode=crop:format=gif/path/s2911919fcac3db41/image/i2025f7d7f6692e06/version/1423770519/image.gif

Request Chain 8

http://img.root-top.com/topsite/specialtqq/banner.gif HTTP 301
https://img.root-top.com/topsite/specialtqq/banner.gif HTTP 302
https://image.jimcdn.com/app/cms/image/transf/dimension=90x90:mode=crop:format=gif/path/s2911919fcac3db41/image/ic63e87e39b1d81a4/version/1423706649/image.gif

Request Chain 9

http://img.root-top.com/topsite/topturfjs/banner.gif HTTP 301
https://img.root-top.com/topsite/topturfjs/banner.gif HTTP 302
https://4.bp.blogspot.com/-9rgHikzhRtk/WaBw8I7Z2DI/AAAAAAAAEis/uMbu7FpqG1oPo5ccQXvThtIpcLRuvZW1QCLcBGAs/s1600/TOPSITE0.gif

Request Chain 10

http://img.root-top.com/topsite/exelturf/banner.gif HTTP 301
https://img.root-top.com/topsite/exelturf/banner.gif HTTP 302
http://lemagicienduturf.free.fr/images/exelturf.jpg

Request Chain 11

http://img.root-top.com/topsite/jmpep80top/banner.gif HTTP 301
https://img.root-top.com/topsite/jmpep80top/banner.gif HTTP 302
https://1.bp.blogspot.com/-HD1EPHaKRn4/YUhvACZXkII/AAAAAAAAIMo/42yXURBQz5MVFYbF6YawRzzbHCyLO6nKACLcBGAsYHQ/s0/jmpep80top.gif

Request Chain 12

http://img.root-top.com/topsite/turfoscope/banner.gif HTTP 301
https://img.root-top.com/topsite/turfoscope/banner.gif HTTP 302
https://1.bp.blogspot.com/-5FIMJcIh__M/YUmPF9304vI/AAAAAAAAIM4/Kuk0x5BUaR4D-slbz-4OWGOSz3azojDGwCLcBGAsYHQ/s0/turfoscope.gif

24 HTTP transactions
0 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H/1.1 200
OK Primary Request / Show response
confidence-turf.turfez.net/ 15 KB
3 KB 376ms
58ms Document
text/html 185.98.131.130
LWS

General

Check archive.org

Show headers Download Go to

Full URL: http://confidence-turf.turfez.net/
Protocol: HTTP/1.1
Server: 185.98.131.130 , France, ASN210403 (LWS, FR),
Reverse DNS
Software: nginx / PHP/7.3.33
Resource Hash: 563f0856b7d46a0cd90562d0c904c3dcc822ed6bfcdedc42cd40e97baac2a137

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36
accept-language: fr-FR,fr;q=0.9

Response headers

Connection: keep-alive
Content-Encoding: gzip
Content-Length: 2755
Content-Type: text/html; charset=UTF-8
Date: Fri, 08 Apr 2022 21:29:17 GMT
Server: nginx
Vary: Host,Accept-Encoding
X-Powered-By: PHP/7.3.33

GET
H/1.1 200
OK css.css
confidence-turf.turfez.net/css/ 5 KB
2 KB 28ms
28ms Stylesheet
text/css 185.98.131.130
LWS

General

Check archive.org

Show headers Download Go to

Full URL: http://confidence-turf.turfez.net/css/css.css?r=1649453357
Requested by: Host: confidence-turf.turfez.net
URL: http://confidence-turf.turfez.net/
Protocol: HTTP/1.1
Server: 185.98.131.130 , France, ASN210403 (LWS, FR),
Reverse DNS
Software: nginx /
Resource Hash: c19152e09e60c8b2e17d602803b6e6626461cc0210dcff2d41f8c6e3325890be

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: http://confidence-turf.turfez.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

Date: Fri, 08 Apr 2022 21:29:17 GMT
Content-Encoding: gzip
Last-Modified: Fri, 31 Jan 2020 00:07:55 GMT
Server: nginx
ETag: "13b5-59d645d8fbbdb-gzip"
Vary: Host,Accept-Encoding
Content-Type: text/css
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 1411

GET
H/1.1 200
OK logo.png
confidence-turf.turfez.net/img/ 27 KB
28 KB 47ms
25ms Image
image/png 185.98.131.130
LWS

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://confidence-turf.turfez.net/img/logo.png
Requested by: Host: confidence-turf.turfez.net
URL: http://confidence-turf.turfez.net/
Protocol: HTTP/1.1
Server: 185.98.131.130 , France, ASN210403 (LWS, FR),
Reverse DNS
Software: nginx /
Resource Hash: db332c9d9992da9f0e619f2a5f1d04f4e218fb6ca29e8319c3faea2ad161f09f

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: http://confidence-turf.turfez.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

Date: Fri, 08 Apr 2022 21:29:17 GMT
Last-Modified: Sat, 25 Jan 2020 19:14:07 GMT
Server: nginx
ETag: "6ddb-59cfbada96771"
Vary: Host
Content-Type: image/png
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 28123

GET
H/1.1 200
OK neos.png
confidence-turf.turfez.net/pop/ 309 KB
309 KB 48ms
25ms Image
image/png 185.98.131.130
LWS

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://confidence-turf.turfez.net/pop/neos.png
Requested by: Host: confidence-turf.turfez.net
URL: http://confidence-turf.turfez.net/
Protocol: HTTP/1.1
Server: 185.98.131.130 , France, ASN210403 (LWS, FR),
Reverse DNS
Software: nginx /
Resource Hash: 411cb84a133ae93c52c863d82440a075cd553abc63f465f7a6224da55fa80d54

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: http://confidence-turf.turfez.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

Date: Fri, 08 Apr 2022 21:29:17 GMT
Last-Modified: Sat, 25 Jan 2020 19:20:33 GMT
Server: nginx
ETag: "4d4ff-59cfbc49fb43f"
Vary: Host
Content-Type: image/png
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 316671

GET
H/1.1 200
OK checkout.apu Show response
payment.allopass.com/buy/ 11 KB
4 KB 526ms
297ms Script
text/html 185.119.26.1
WEBDEVIIN-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://payment.allopass.com/buy/checkout.apu?ids=356772&idd=1555889&lang=fr
Requested by: Host: confidence-turf.turfez.net
URL: http://confidence-turf.turfez.net/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 185.119.26.1 , France, ASN203544 (WEBDEVIIN-AS, FR),
Reverse DNS: 1.26.119.185.in-addr.arpa
Software: Apache /
Resource Hash: 2bc0314b5909daf179fade59dbb7a26e1a79eaa093a5e312b2f4ec8872334364

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: http://confidence-turf.turfez.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

Pragma: no-cache
Date: Fri, 08 Apr 2022 21:29:17 GMT
Content-Encoding: gzip
Server: Apache
Vary: Accept-Encoding
P3P: CP='NON NID OTPa OUR NOR' policy-ref='http://payment.allopass.com/info/p3p/policy-references.xml'
Cache-Control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
Connection: close
Content-Type: text/html
Content-Length: 2961
Expires: Thu, 19 Nov 1981 08:52:00 GMT

GET
H/1.1

200
OK

zetop.gif
www.turfsur.com/logos_turf/
Redirect Chain

http://img.root-top.com/topsite/zetop/banner.gif
https://img.root-top.com/topsite/zetop/banner.gif
http://www.turfsur.com/logos_turf/zetop.gif

29 KB
29 KB

288ms
19ms

Image
image/gif

194.150.236.190
HIWIT_AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://www.turfsur.com/logos_turf/zetop.gif
Requested by: Host: confidence-turf.turfez.net
URL: http://confidence-turf.turfez.net/
Protocol: HTTP/1.1
Server: 194.150.236.190 , France, ASN44976 (HIWIT_AS, FR),
Reverse DNS: ns30.hiwit.net
Software: Apache /
Resource Hash: 336baba693441e253963c7ff5fd3b30c2047f2f48d74d8624264871b42a2a0a4

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: http://confidence-turf.turfez.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

Date: Fri, 08 Apr 2022 21:29:17 GMT
Last-Modified: Mon, 05 Mar 2018 05:50:08 GMT
Server: Apache
ETag: "8789a6-749f-566a3e5ffc400"
Vary: Host
Content-Type: image/gif
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=10, max=100
Content-Length: 29855

Redirect headers

date: Fri, 08 Apr 2022 21:29:17 GMT
cf-cache-status: BYPASS
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=dzWXc7iELBPyNKThaVKTFOkzPr0dfBgON47mhm%2BhXuUDpbRfRrrl8QKHAnLNM7u3QKb%2Fu3VO6xGopuqK0cpQRAdI%2F96W4U6UHwVDF0i7zFrM5Uzb1uHZ9AymnHr601XjWJQXUWkrU%2BpQ1vFILfUW"}],"group":"cf-nel","max_age":604800}
content-type: text/html; charset=iso-8859-1
location: http://www.turfsur.com/logos_turf/zetop.gif
cf-ray: 6f8e18fb5ade088f-CDG
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400

GET
H/1.1 200
OK co.png
confidence-turf.turfez.net/img/ 28 KB
28 KB 48ms
26ms Image
image/png 185.98.131.130
LWS

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://confidence-turf.turfez.net/img/co.png
Requested by: Host: confidence-turf.turfez.net
URL: http://confidence-turf.turfez.net/
Protocol: HTTP/1.1
Server: 185.98.131.130 , France, ASN210403 (LWS, FR),
Reverse DNS
Software: nginx /
Resource Hash: 95ee986719d734c8f5a9c96961e7982f281184e9ad0438703550f05a8132a9fd

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: http://confidence-turf.turfez.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

Date: Fri, 08 Apr 2022 21:29:17 GMT
Last-Modified: Sat, 25 Jan 2020 19:13:51 GMT
Server: nginx
ETag: "70ae-59cfbacaf785a"
Vary: Host
Content-Type: image/png
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 28846

GET
H2

200

image.gif
image.jimcdn.com/app/cms/image/transf/dimension=150x150:mode=crop:format=gif/path/s2911919fcac3db41/image/ie114481cf3a5f1df/version/1423770519/
Redirect Chain

http://img.root-top.com/topsite/genialpmu/banner.gif
https://img.root-top.com/topsite/genialpmu/banner.gif
http://u.jimdo.com/www39/o/s2911919fcac3db41/img/ie114481cf3a5f1df/1423770519/thumb/image.gif
https://u.jimcdn.com/www39/o/s2911919fcac3db41/img/ie114481cf3a5f1df/1423770519/thumb/image.gif
https://image.jimcdn.com/app/cms/image/transf/dimension=150x150:mode=crop:format=gif/path/s2911919fcac3db41/image/ie114481cf3a5f1df/version/1423770519/image.gif

22 KB
22 KB

24ms
24ms

Image
image/gif

151.101.2.2
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://image.jimcdn.com/app/cms/image/transf/dimension=150x150:mode=crop:format=gif/path/s2911919fcac3db41/image/ie114481cf3a5f1df/version/1423770519/image.gif
Requested by: Host: confidence-turf.turfez.net
URL: http://confidence-turf.turfez.net/
Protocol: H2
Server: 151.101.2.2 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: Thumbor/6.1.3 /
Resource Hash: fff515f1298acbfc62459636eb5fa4c8a5b8d1b1cde15761355532c426943be7

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: http://confidence-turf.turfez.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date: Fri, 08 Apr 2022 21:29:17 GMT
via: 1.1 varnish, 1.1 varnish
age: 1880634
x-cache: HIT, HIT
x-cache-hits: 1, 1
fastly-restarts: 1
x-served-by: cache-lcy19240-LCY, cache-cdg20751-CDG
accept-ranges: bytes
server: Thumbor/6.1.3
x-timer: S1649453358.529125,VS0,VE1
etag: "00f8af1413cbebfe04ef1fae45cc06a0da4f7a51"
content-type: image/gif
access-control-allow-origin: *
cache-control: max-age=2678400,public
content-length: 22338
expires: Mon, 18 Apr 2022 03:05:23 GMT

Redirect headers

date: Fri, 08 Apr 2022 21:29:17 GMT
via: 1.1 varnish
server: nginx
age: 2106
location: https://image.jimcdn.com/app/cms/image/transf/dimension=150x150:mode=crop:format=gif/path/s2911919fcac3db41/image/ie114481cf3a5f1df/version/1423770519/image.gif
x-served-by: cache-cdg20751-CDG
x-frame-options: SAMEORIGIN
x-cache: HIT
content-type: text/html; charset=UTF-8
access-control-allow-origin: *
accept-ranges: bytes
x-timer: S1649453358.508047,VS0,VE1
content-length: 0
x-cache-hits: 1

GET
H2

200

image.gif
image.jimcdn.com/app/cms/image/transf/dimension=150x150:mode=crop:format=gif/path/s2911919fcac3db41/image/i2025f7d7f6692e06/version/1423770519/
Redirect Chain

http://img.root-top.com/topsite/bestpmu/banner.gif
https://img.root-top.com/topsite/bestpmu/banner.gif
http://u.jimdo.com/www39/o/s2911919fcac3db41/img/i2025f7d7f6692e06/1423770519/thumb/image.gif
https://u.jimcdn.com/www39/o/s2911919fcac3db41/img/i2025f7d7f6692e06/1423770519/thumb/image.gif
https://image.jimcdn.com/app/cms/image/transf/dimension=150x150:mode=crop:format=gif/path/s2911919fcac3db41/image/i2025f7d7f6692e06/version/1423770519/image.gif

76 KB
76 KB

25ms
25ms

Image
image/gif

151.101.2.2
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://image.jimcdn.com/app/cms/image/transf/dimension=150x150:mode=crop:format=gif/path/s2911919fcac3db41/image/i2025f7d7f6692e06/version/1423770519/image.gif
Requested by: Host: confidence-turf.turfez.net
URL: http://confidence-turf.turfez.net/
Protocol: H2
Server: 151.101.2.2 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: Thumbor/6.1.3 /
Resource Hash: 3d035b8a86a33a8bc7779787f61066c55b35f6f92d118180d837ebdcadbee6f9

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: http://confidence-turf.turfez.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date: Fri, 08 Apr 2022 21:29:17 GMT
via: 1.1 varnish, 1.1 varnish
age: 932980
x-cache: MISS, HIT
x-cache-hits: 0, 1
fastly-restarts: 1
x-served-by: cache-lcy19221-LCY, cache-cdg20751-CDG
accept-ranges: bytes
server: Thumbor/6.1.3
x-timer: S1649453358.528937,VS0,VE2
etag: "37087905d2ebb543e9bc7f78d835f4662a4bd8b5"
content-type: image/gif
access-control-allow-origin: *
cache-control: max-age=2678400,public
content-length: 77393
expires: Fri, 29 Apr 2022 02:19:37 GMT

Redirect headers

date: Fri, 08 Apr 2022 21:29:17 GMT
via: 1.1 varnish
server: nginx
age: 2106
location: https://image.jimcdn.com/app/cms/image/transf/dimension=150x150:mode=crop:format=gif/path/s2911919fcac3db41/image/i2025f7d7f6692e06/version/1423770519/image.gif
x-served-by: cache-cdg20751-CDG
x-frame-options: SAMEORIGIN
x-cache: HIT
content-type: text/html; charset=UTF-8
access-control-allow-origin: *
accept-ranges: bytes
x-timer: S1649453358.507949,VS0,VE1
content-length: 0
x-cache-hits: 1

GET
H2

200

image.gif
image.jimcdn.com/app/cms/image/transf/dimension=90x90:mode=crop:format=gif/path/s2911919fcac3db41/image/ic63e87e39b1d81a4/version/1423706649/
Redirect Chain

http://img.root-top.com/topsite/specialtqq/banner.gif
https://img.root-top.com/topsite/specialtqq/banner.gif
https://image.jimcdn.com/app/cms/image/transf/dimension=90x90:mode=crop:format=gif/path/s2911919fcac3db41/image/ic63e87e39b1d81a4/version/1423706649/image.gif

46 KB
46 KB

86ms
19ms

Image
image/gif

151.101.2.2
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://image.jimcdn.com/app/cms/image/transf/dimension=90x90:mode=crop:format=gif/path/s2911919fcac3db41/image/ic63e87e39b1d81a4/version/1423706649/image.gif
Requested by: Host: confidence-turf.turfez.net
URL: http://confidence-turf.turfez.net/
Protocol: H2
Server: 151.101.2.2 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: Thumbor/6.1.3 /
Resource Hash: 90ad8515f23b78a4ea93ec2996266af3d56e67d99d9d61ba6e5fc378480e7606

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: http://confidence-turf.turfez.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date: Fri, 08 Apr 2022 21:29:17 GMT
via: 1.1 varnish, 1.1 varnish
age: 1975181
x-cache: HIT, HIT
x-cache-hits: 1, 1
fastly-restarts: 1
x-served-by: cache-lcy19221-LCY, cache-cdg20751-CDG
accept-ranges: bytes
server: Thumbor/6.1.3
x-timer: S1649453357.457139,VS0,VE1
etag: "0fc8c4bf6ad10a4b2b187746f7a83c6011c2895b"
content-type: image/gif
access-control-allow-origin: *
cache-control: max-age=2678400,public
content-length: 47295
expires: Sun, 17 Apr 2022 00:49:35 GMT

Redirect headers

date: Fri, 08 Apr 2022 21:29:17 GMT
cf-cache-status: BYPASS
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=jK4LLF6r4ZGCkpxox5S2oQyHf%2FB6y1TblbYX95B%2BG8MMrA7PlyiJda%2FxWIfG0wNo12FvUSobfSvt1h%2Fb28CSyMilB3phPHeqdQUw2ne9bE%2FW1sItdFt3vWCXDVkkXcF9BpJffoUCDT4eKFNp%2FSp3"}],"group":"cf-nel","max_age":604800}
content-type: text/html; charset=iso-8859-1
location: https://image.jimcdn.com/app/cms/image/transf/dimension=90x90:mode=crop:format=gif/path/s2911919fcac3db41/image/ic63e87e39b1d81a4/version/1423706649/image.gif
cf-ray: 6f8e18fb5ae5088f-CDG
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400

GET
H2

200

TOPSITE0.gif
4.bp.blogspot.com/-9rgHikzhRtk/WaBw8I7Z2DI/AAAAAAAAEis/uMbu7FpqG1oPo5ccQXvThtIpcLRuvZW1QCLcBGAs/s1600/
Redirect Chain

http://img.root-top.com/topsite/topturfjs/banner.gif
https://img.root-top.com/topsite/topturfjs/banner.gif
https://4.bp.blogspot.com/-9rgHikzhRtk/WaBw8I7Z2DI/AAAAAAAAEis/uMbu7FpqG1oPo5ccQXvThtIpcLRuvZW1QCLcBGAs/s1600/TOPSITE0.gif

21 KB
22 KB

130ms
25ms

Image
image/gif

2a00:1450:4001:808::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://4.bp.blogspot.com/-9rgHikzhRtk/WaBw8I7Z2DI/AAAAAAAAEis/uMbu7FpqG1oPo5ccQXvThtIpcLRuvZW1QCLcBGAs/s1600/TOPSITE0.gif

Requested by

Host: confidence-turf.turfez.net
URL: http://confidence-turf.turfez.net/

Protocol

Server

2a00:1450:4001:808::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

fife /

Resource Hash

cf9ffb799d5f1da8a6cb532f4bc6e62f294d1d717dd5e6471723755d38b032a7

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: http://confidence-turf.turfez.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date: Fri, 08 Apr 2022 19:48:28 GMT
x-content-type-options: nosniff
age: 6049
content-disposition: inline;filename="TOPSITE0.gif"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 21771
x-xss-protection: 0
server: fife
etag: "v122d"
vary: Origin
content-type: image/gif
access-control-allow-origin: *
access-control-expose-headers: Content-Length
cache-control: public, max-age=86400, no-transform
timing-allow-origin: *
expires: Fri, 11 Mar 2022 08:05:26 GMT

Redirect headers

date: Fri, 08 Apr 2022 21:29:17 GMT
cf-cache-status: BYPASS
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=L%2FNQfRhxjES8zNKQAKhilLPUN4obi9P1o5o3JjDNjDfEiKcnH2Q%2BtvW3CYi5YAyttRi4LZrCc5gbdmctmTSXIfwtRSx8I57fKfP2lQ8xp%2B9NHwNL4xdQWrJ%2FbCXvaxA2tgQMly2I2SKS6qj5WLaj"}],"group":"cf-nel","max_age":604800}
content-type: text/html; charset=iso-8859-1
location: https://4.bp.blogspot.com/-9rgHikzhRtk/WaBw8I7Z2DI/AAAAAAAAEis/uMbu7FpqG1oPo5ccQXvThtIpcLRuvZW1QCLcBGAs/s1600/TOPSITE0.gif
cf-ray: 6f8e18fb5ae8088f-CDG
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400

GET
H/1.1

200
OK

exelturf.jpg
lemagicienduturf.free.fr/images/
Redirect Chain

http://img.root-top.com/topsite/exelturf/banner.gif
https://img.root-top.com/topsite/exelturf/banner.gif
http://lemagicienduturf.free.fr/images/exelturf.jpg

3 KB
3 KB

84ms
18ms

Image
image/jpeg

212.27.63.154
PROXAD

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://lemagicienduturf.free.fr/images/exelturf.jpg
Requested by: Host: confidence-turf.turfez.net
URL: http://confidence-turf.turfez.net/
Protocol: HTTP/1.1
Server: 212.27.63.154 Bois-Colombes, France, ASN12322 (PROXAD, FR),
Reverse DNS: perso154-g5.free.fr
Software: Apache/ProXad [Jan 23 2019 20:05:46] /
Resource Hash: 116d95fd87a2ff2206f3afba428f80c8b8008ec3e5696796c24b13f71ce30ad6

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: http://confidence-turf.turfez.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

Date: Fri, 08 Apr 2022 21:29:16 GMT
Last-Modified: Wed, 02 May 2018 06:53:13 GMT
Server: Apache/ProXad [Jan 23 2019 20:05:46]
ETag: "600db35e2-aa5-5ae96059"
Content-Type: image/jpeg
Connection: close
Accept-Ranges: bytes
Content-Length: 2725

Redirect headers

date: Fri, 08 Apr 2022 21:29:17 GMT
cf-cache-status: BYPASS
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=y6qdVmlk0nx%2F4HzEcrp9CQ1NXJS6QWrIJQDsQiEx1K1OdH9eKCrqSPODTc2%2Bfw95oykXWKOB2sJRXWnOAdS3a9FOF5R1Rmrdtq%2FGj6VOb%2FupI4UZP5kQu5NQEwdLSvdF4a1neTP4IHAGa378uKP3"}],"group":"cf-nel","max_age":604800}
content-type: text/html; charset=iso-8859-1
location: http://lemagicienduturf.free.fr/images/exelturf.jpg
cf-ray: 6f8e18fb5adf088f-CDG
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400

GET
H2

200

jmpep80top.gif
1.bp.blogspot.com/-HD1EPHaKRn4/YUhvACZXkII/AAAAAAAAIMo/42yXURBQz5MVFYbF6YawRzzbHCyLO6nKACLcBGAsYHQ/s0/
Redirect Chain

http://img.root-top.com/topsite/jmpep80top/banner.gif
https://img.root-top.com/topsite/jmpep80top/banner.gif
https://1.bp.blogspot.com/-HD1EPHaKRn4/YUhvACZXkII/AAAAAAAAIMo/42yXURBQz5MVFYbF6YawRzzbHCyLO6nKACLcBGAsYHQ/s0/jmpep80top.gif

45 KB
45 KB

68ms
25ms

Image
image/gif

2a00:1450:4001:808::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://1.bp.blogspot.com/-HD1EPHaKRn4/YUhvACZXkII/AAAAAAAAIMo/42yXURBQz5MVFYbF6YawRzzbHCyLO6nKACLcBGAsYHQ/s0/jmpep80top.gif

Requested by

Host: confidence-turf.turfez.net
URL: http://confidence-turf.turfez.net/

Protocol

Server

2a00:1450:4001:808::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

fife /

Resource Hash

2336c70a8df7cbd391968b95b893e1d8793762c96707fded29cd078a7a9c8ef7

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: http://confidence-turf.turfez.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date: Fri, 08 Apr 2022 21:27:36 GMT
x-content-type-options: nosniff
age: 101
content-disposition: inline;filename="jmpep80top.gif"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 46098
x-xss-protection: 0
server: fife
etag: "v20cb"
vary: Origin
content-type: image/gif
access-control-allow-origin: *
access-control-expose-headers: Content-Length
cache-control: public, max-age=86400, no-transform
timing-allow-origin: *
expires: Wed, 15 Dec 2021 12:26:32 GMT

Redirect headers

date: Fri, 08 Apr 2022 21:29:17 GMT
cf-cache-status: BYPASS
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=7arRT2M5P66apfERt79G9QGP3UlXfbR3xeGFbRPvYzWqx5q7tceR55NE7Tcu8%2BP07GOLA6o49fDGYrmmA7Xgre3BPxdBLZ%2FCi9ArZfSTcIzYEcZl%2FTX9in7jvNn7gTQXFlks9sq38%2FDXj1poCTVy"}],"group":"cf-nel","max_age":604800}
content-type: text/html; charset=iso-8859-1
location: https://1.bp.blogspot.com/-HD1EPHaKRn4/YUhvACZXkII/AAAAAAAAIMo/42yXURBQz5MVFYbF6YawRzzbHCyLO6nKACLcBGAsYHQ/s0/jmpep80top.gif
cf-ray: 6f8e18fc6c53088f-CDG
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400

GET
H2

200

turfoscope.gif
1.bp.blogspot.com/-5FIMJcIh__M/YUmPF9304vI/AAAAAAAAIM4/Kuk0x5BUaR4D-slbz-4OWGOSz3azojDGwCLcBGAsYHQ/s0/
Redirect Chain

http://img.root-top.com/topsite/turfoscope/banner.gif
https://img.root-top.com/topsite/turfoscope/banner.gif
https://1.bp.blogspot.com/-5FIMJcIh__M/YUmPF9304vI/AAAAAAAAIM4/Kuk0x5BUaR4D-slbz-4OWGOSz3azojDGwCLcBGAsYHQ/s0/turfoscope.gif

86 KB
86 KB

71ms
40ms

Image
image/gif

2a00:1450:4001:808::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://1.bp.blogspot.com/-5FIMJcIh__M/YUmPF9304vI/AAAAAAAAIM4/Kuk0x5BUaR4D-slbz-4OWGOSz3azojDGwCLcBGAsYHQ/s0/turfoscope.gif

Requested by

Host: confidence-turf.turfez.net
URL: http://confidence-turf.turfez.net/

Protocol

Server

2a00:1450:4001:808::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

fife /

Resource Hash

43b98404cbb42e02cd819051440a15c4d073d4c3ec55afcb1b7fc2fcd2155df5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: http://confidence-turf.turfez.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date: Fri, 08 Apr 2022 17:46:00 GMT
x-content-type-options: nosniff
age: 13397
content-disposition: inline;filename="turfoscope.gif"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 87766
x-xss-protection: 0
server: fife
etag: "v20cf"
vary: Origin
content-type: image/gif
access-control-allow-origin: *
access-control-expose-headers: Content-Length
cache-control: public, max-age=86400, no-transform
timing-allow-origin: *
expires: Tue, 22 Feb 2022 18:00:56 GMT

Redirect headers

date: Fri, 08 Apr 2022 21:29:17 GMT
cf-cache-status: BYPASS
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=fLR9sNSHyAHr2Uoo%2FPrBtPDMqw3OJf%2FAsg%2BCYa2sebkM9gdvCmdunNYzEHYjGsgewqmxJP9HnSV4n61NYopN5i8vcw1TAQCj%2FH4JACFCmKXYCbr5D%2B38m9vMzqwd06G9ApYOTKVIz1LWlEFupOmL"}],"group":"cf-nel","max_age":604800}
content-type: text/html; charset=iso-8859-1
location: https://1.bp.blogspot.com/-5FIMJcIh__M/YUmPF9304vI/AAAAAAAAIM4/Kuk0x5BUaR4D-slbz-4OWGOSz3azojDGwCLcBGAsYHQ/s0/turfoscope.gif
cf-ray: 6f8e18fc8c76088f-CDG
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400

GET
H/1.1 200
OK ba.png
confidence-turf.turfez.net/img/ 289 KB
289 KB 26ms
25ms Image
image/png 185.98.131.130
LWS

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://confidence-turf.turfez.net/img/ba.png
Requested by: Host: confidence-turf.turfez.net
URL: http://confidence-turf.turfez.net/css/css.css?r=1649453357
Protocol: HTTP/1.1
Server: 185.98.131.130 , France, ASN210403 (LWS, FR),
Reverse DNS
Software: nginx /
Resource Hash: 25f827edf50a6b382380fc2daa667a2c05ed78bca76de576958c5a162c53a325

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: http://confidence-turf.turfez.net/css/css.css?r=1649453357
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

Date: Fri, 08 Apr 2022 21:29:17 GMT
Last-Modified: Sat, 25 Jan 2020 19:10:45 GMT
Server: nginx
ETag: "48263-59cfba19ba689"
Vary: Host
Content-Type: image/png
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 295523

GET
H/1.1 200
OK top.png
confidence-turf.turfez.net/img/ 579 KB
579 KB 69ms
27ms Image
image/png 185.98.131.130
LWS

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://confidence-turf.turfez.net/img/top.png
Requested by: Host: confidence-turf.turfez.net
URL: http://confidence-turf.turfez.net/css/css.css?r=1649453357
Protocol: HTTP/1.1
Server: 185.98.131.130 , France, ASN210403 (LWS, FR),
Reverse DNS
Software: nginx /
Resource Hash: 1891d86399f4b33d2d87fb4c7ddcea780d1a71b1a9468887b1d30d18625b91f6

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: http://confidence-turf.turfez.net/css/css.css?r=1649453357
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

Date: Fri, 08 Apr 2022 21:29:17 GMT
Last-Modified: Sat, 25 Jan 2020 19:16:10 GMT
Server: nginx
ETag: "90aa5-59cfbb4ff1cec"
Vary: Host
Content-Type: image/png
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 592549

GET
H/1.1 200
OK Roboto-BoldCondensed.ttf
confidence-turf.turfez.net/font/ 158 KB
158 KB 50ms
28ms Font
application/font-sfnt 185.98.131.130
LWS

General

Check archive.org

Show headers Download Go to

Full URL: http://confidence-turf.turfez.net/font/Roboto-BoldCondensed.ttf
Requested by: Host: confidence-turf.turfez.net
URL: http://confidence-turf.turfez.net/css/css.css?r=1649453357
Protocol: HTTP/1.1
Server: 185.98.131.130 , France, ASN210403 (LWS, FR),
Reverse DNS
Software: nginx /
Resource Hash: 2c9245c0246a9c745793c7eaa9cc1fc964a12570009031ea0223115bec6e9426

Request headers

Referer: http://confidence-turf.turfez.net/css/css.css?r=1649453357
Origin: http://confidence-turf.turfez.net
accept-language: fr-FR,fr;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

Date: Fri, 08 Apr 2022 21:29:17 GMT
Last-Modified: Sat, 25 Jan 2020 19:09:06 GMT
Server: nginx
ETag: "2761c-59cfb9bb3c76a"
Vary: Host
Content-Type: application/font-sfnt
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 161308

GET
H/1.1 200
OK RobotoCondensed-Regular.ttf
confidence-turf.turfez.net/font/ 166 KB
167 KB 49ms
27ms Font
application/font-sfnt 185.98.131.130
LWS

General

Check archive.org

Show headers Download Go to

Full URL: http://confidence-turf.turfez.net/font/RobotoCondensed-Regular.ttf
Requested by: Host: confidence-turf.turfez.net
URL: http://confidence-turf.turfez.net/css/css.css?r=1649453357
Protocol: HTTP/1.1
Server: 185.98.131.130 , France, ASN210403 (LWS, FR),
Reverse DNS
Software: nginx /
Resource Hash: 6a2cfb7e61dd09d77526fd314b256894094f96e3a6f3149d9f8000c1132ef4b8

Request headers

Referer: http://confidence-turf.turfez.net/css/css.css?r=1649453357
Origin: http://confidence-turf.turfez.net
accept-language: fr-FR,fr;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

Date: Fri, 08 Apr 2022 21:29:17 GMT
Last-Modified: Sat, 25 Jan 2020 19:09:22 GMT
Server: nginx
ETag: "2992c-59cfb9cadb682"
Vary: Host
Content-Type: application/font-sfnt
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 170284

GET
H2 200 gtm.js Show response
www.googletagmanager.com/ 99 KB
38 KB 96ms
37ms Script
application/javascript 2a00:1450:4001:810::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtm.js?id=GTM-NHFGDSD

Requested by

Host: payment.allopass.com
URL: https://payment.allopass.com/buy/checkout.apu?ids=356772&idd=1555889&lang=fr

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:810::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

aa34ff1b6cd40c6a59884f1c29aed4aedd060a3c2aa9fe8a8b0ecf4a3a08af8a

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: http://confidence-turf.turfez.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date: Fri, 08 Apr 2022 21:29:17 GMT
content-encoding: br
vary: Accept-Encoding
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 38741
x-xss-protection: 0
last-modified: Fri, 08 Apr 2022 21:00:00 GMT
server: Google Tag Manager
strict-transport-security: max-age=31536000; includeSubDomains
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Fri, 08 Apr 2022 21:29:17 GMT

GET
H/1.1 200
OK buy-button.css
payment.allopass.com/static/css/ 2 KB
830 B 56ms
20ms Stylesheet
text/css 185.119.26.1
WEBDEVIIN-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://payment.allopass.com/static/css/buy-button.css?1
Requested by: Host: payment.allopass.com
URL: https://payment.allopass.com/buy/checkout.apu?ids=356772&idd=1555889&lang=fr
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 185.119.26.1 , France, ASN203544 (WEBDEVIIN-AS, FR),
Reverse DNS: 1.26.119.185.in-addr.arpa
Software: Apache /
Resource Hash: 95eb15e76b752a9c78d6281cd3b7c43a8fbc2931783edf3bf3703af55eff06e2

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: http://confidence-turf.turfez.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

Date: Fri, 08 Apr 2022 21:29:17 GMT
Content-Encoding: gzip
Last-Modified: Tue, 16 Nov 2021 13:36:55 GMT
Server: Apache
ETag: "4215b-69a-5d0e804cbabc0"
Vary: Accept-Encoding
Content-Type: text/css
Connection: close
Accept-Ranges: bytes
Content-Length: 546

GET
H/1.1 200
OK 162x56.png
payment.allopass.com/static/buy/button/fr/ 6 KB
6 KB 54ms
19ms Image
image/png 185.119.26.1
WEBDEVIIN-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://payment.allopass.com/static/buy/button/fr/162x56.png
Requested by: Host: confidence-turf.turfez.net
URL: http://confidence-turf.turfez.net/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 185.119.26.1 , France, ASN203544 (WEBDEVIIN-AS, FR),
Reverse DNS: 1.26.119.185.in-addr.arpa
Software: Apache /
Resource Hash: 7dd9659e56e92abc376e04d427903b2cfca1d52d854d38e35fefa4cf9e7fd9db

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: http://confidence-turf.turfez.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

Date: Fri, 08 Apr 2022 21:29:17 GMT
Last-Modified: Tue, 16 Nov 2021 13:36:55 GMT
Server: Apache
ETag: "216d9-1688-5d0e804cbabc0"
Content-Type: image/png
Connection: close
Accept-Ranges: bytes
Content-Length: 5768

GET
H/1.1 200
OK RobotoCondensed-Light.ttf
confidence-turf.turfez.net/font/ 164 KB
164 KB 29ms
29ms Font
application/font-sfnt 185.98.131.130
LWS

General

Check archive.org

Show headers Download Go to

Full URL: http://confidence-turf.turfez.net/font/RobotoCondensed-Light.ttf
Requested by: Host: confidence-turf.turfez.net
URL: http://confidence-turf.turfez.net/css/css.css?r=1649453357
Protocol: HTTP/1.1
Server: 185.98.131.130 , France, ASN210403 (LWS, FR),
Reverse DNS
Software: nginx /
Resource Hash: b766b29053df4c6bfedbdf3cc33284717f835cdf6ca8d137c5106cee9dba68d3

Request headers

Referer: http://confidence-turf.turfez.net/css/css.css?r=1649453357
Origin: http://confidence-turf.turfez.net
accept-language: fr-FR,fr;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

Date: Fri, 08 Apr 2022 21:29:17 GMT
Last-Modified: Sat, 25 Jan 2020 19:13:56 GMT
Server: nginx
ETag: "29044-59cfbacf9cf38"
Vary: Host
Content-Type: application/font-sfnt
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 168004

GET
H2 200 analytics.js Show response
www.google-analytics.com/ 49 KB
20 KB 83ms
25ms Script
text/javascript 2a00:1450:4001:82f::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/analytics.js

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-NHFGDSD

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82f::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

a1925038db769477ab74b4df34350c35688a795bb718727b0f4292a4a78a6210

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: http://confidence-turf.turfez.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

strict-transport-security: max-age=10886400; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Tue, 02 Nov 2021 17:39:06 GMT
server: Golfe2
age: 6867
date: Fri, 08 Apr 2022 19:34:50 GMT
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=7200
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 20006
expires: Fri, 08 Apr 2022 21:34:50 GMT

POST
H3 200 collect Show response
www.google-analytics.com/j/ 1 B
21 B 65ms
32ms XHR
text/plain 2a00:1450:4001:82f::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/j/collect?v=1&_v=j96&a=244508533&t=pageview&_s=1&dl=http%3A%2F%2Fconfidence-turf.turfez.net%2F&ul=en-us&de=UTF-8&dt=confidence_turf&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=YEBAAEABAAAAAC~&jid=950496219&gjid=1606451667&cid=1700732132.1649453358&tid=UA-135619294-1&_gid=1366338922.1649453358&_r=1&gtm=2wg3u0NHFGDSD&cd1=ALS-LIBS-CHECKOUT-15&cd2=1555889&cd3=356772&cd4=(not%20set)&cd5=classic&z=497063324

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82f::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: http://confidence-turf.turfez.net/
accept-language: fr-FR,fr;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Fri, 08 Apr 2022 21:29:18 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: http://confidence-turf.turfez.net
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1
expires: Fri, 01 Jan 1990 00:00:00 GMT

Verdicts & Comments Add Verdict or Comment

19 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

5 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
payment.allopass.com/	1969-12-31 23:59:59	Name: ShopSessionId Value: 828a6826-c8bf-40b2-aa2f-24b3ace44e3b
.allopass.com/	1970-01-20 10:56:29	Name: AP_CUSK Value: 3562969713
.turfez.net/	1970-01-20 19:42:05	Name: _ga Value: GA1.2.1700732132.1649453358
.turfez.net/	1970-01-20 02:12:19	Name: _gid Value: GA1.2.1366338922.1649453358
.turfez.net/	1970-01-20 02:10:53	Name: _gat_UA-135619294-1 Value: 1

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

1.bp.blogspot.com
4.bp.blogspot.com
confidence-turf.turfez.net
image.jimcdn.com
img.root-top.com
lemagicienduturf.free.fr
payment.allopass.com
u.jimcdn.com
u.jimdo.com
www.google-analytics.com
www.googletagmanager.com
www.turfsur.com
151.101.130.2
151.101.2.2
185.119.26.1
185.98.131.130
194.150.236.190
212.27.63.154
2a00:1450:4001:808::2001
2a00:1450:4001:810::2008
2a00:1450:4001:82f::200e
2a06:98c1:3120::7
116d95fd87a2ff2206f3afba428f80c8b8008ec3e5696796c24b13f71ce30ad6
1891d86399f4b33d2d87fb4c7ddcea780d1a71b1a9468887b1d30d18625b91f6
2336c70a8df7cbd391968b95b893e1d8793762c96707fded29cd078a7a9c8ef7
25f827edf50a6b382380fc2daa667a2c05ed78bca76de576958c5a162c53a325
2bc0314b5909daf179fade59dbb7a26e1a79eaa093a5e312b2f4ec8872334364
2c9245c0246a9c745793c7eaa9cc1fc964a12570009031ea0223115bec6e9426
336baba693441e253963c7ff5fd3b30c2047f2f48d74d8624264871b42a2a0a4
3d035b8a86a33a8bc7779787f61066c55b35f6f92d118180d837ebdcadbee6f9
411cb84a133ae93c52c863d82440a075cd553abc63f465f7a6224da55fa80d54
43b98404cbb42e02cd819051440a15c4d073d4c3ec55afcb1b7fc2fcd2155df5
563f0856b7d46a0cd90562d0c904c3dcc822ed6bfcdedc42cd40e97baac2a137
6a2cfb7e61dd09d77526fd314b256894094f96e3a6f3149d9f8000c1132ef4b8
6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b
7dd9659e56e92abc376e04d427903b2cfca1d52d854d38e35fefa4cf9e7fd9db
90ad8515f23b78a4ea93ec2996266af3d56e67d99d9d61ba6e5fc378480e7606
95eb15e76b752a9c78d6281cd3b7c43a8fbc2931783edf3bf3703af55eff06e2
95ee986719d734c8f5a9c96961e7982f281184e9ad0438703550f05a8132a9fd
a1925038db769477ab74b4df34350c35688a795bb718727b0f4292a4a78a6210
aa34ff1b6cd40c6a59884f1c29aed4aedd060a3c2aa9fe8a8b0ecf4a3a08af8a
b766b29053df4c6bfedbdf3cc33284717f835cdf6ca8d137c5106cee9dba68d3
c19152e09e60c8b2e17d602803b6e6626461cc0210dcff2d41f8c6e3325890be
cf9ffb799d5f1da8a6cb532f4bc6e62f294d1d717dd5e6471723755d38b032a7
db332c9d9992da9f0e619f2a5f1d04f4e218fb6ca29e8319c3faea2ad161f09f
fff515f1298acbfc62459636eb5fa4c8a5b8d1b1cde15761355532c426943be7

confidence-turf.turfez.net Open in urlscan Pro 185.98.131.130 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Detected technologies

Page Statistics

24 Requests

25 %HTTPS

40 %IPv6

10 Domains

12 Subdomains

8 IPs

3 Countries

2124 kBTransfer

2234 kBSize

5 Cookies

10 Outgoing links

Redirected requests

24 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 0 data transactions

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Verdicts & Comments Add Verdict or Comment

19 JavaScript Global Variables

5 Cookies

confidence-turf.turfez.net Open in urlscan Pro
185.98.131.130 Public Scan

Screenshot
Live screenshot

Full Image

24
Requests

25 %
HTTPS

40 %
IPv6

10
Domains

12
Subdomains

8
IPs

3
Countries

2124 kB
Transfer

2234 kB
Size

5
Cookies

24 HTTP transactions
0 data transactions