urlscan.io logo urlscan.io
SecurityTrails logo

lesavantduturf.xp3.biz Open in urlscan Pro
142.54.187.21  Public Scan

Go To Rescan Add Verdict Report
URL: http://lesavantduturf.xp3.biz/
Submission: On December 11 via manual from BF — Scanned from DE
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 8 IPs in 3 countries across 9 domains to perform 15 HTTP transactions. The main IP is 142.54.187.21, located in United States and belongs to NOCIX, US. The main domain is lesavantduturf.xp3.biz.
This is the only time lesavantduturf.xp3.biz was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
5 142.54.187.21 33387 (NOCIX)
1 194.150.236.190 44976 (HIWIT_AS)
1 194.150.236.236 44976 (HIWIT_AS)
1 1 2606:4700:303... 13335 (CLOUDFLAR...)
1 1 2606:4700:303... 13335 (CLOUDFLAR...)
1 2a00:1450:400... 15169 (GOOGLE)
3 185.119.26.1 203544 (WEBDEVIIN-AS)
1 72.9.150.244 30277 (DFW-DATAC...)
1 2a00:1450:400... 15169 (GOOGLE)
2 2a00:1450:400... 15169 (GOOGLE)
15 8
5    142.54.187.21 (United States)

ASN33387 (NOCIX, US)
lesavantduturf.xp3.biz
1    194.150.236.190 (France)

ASN44976 (HIWIT_AS, FR)
PTR: ns30.hiwit.net
www.turfqualite.com
1    194.150.236.236 (France)

ASN44976 (HIWIT_AS, FR)
PTR: ns76.hiwit.net
www.tresorturf.com
1    2606:4700:3038::6815:ea1a (United States)

ASN13335 (CLOUDFLARENET, US)
img.root-top.com
1    2606:4700:3038::6815:ea1b (United States)

ASN13335 (CLOUDFLARENET, US)
img.root-top.com
1    2a00:1450:4001:801::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
1.bp.blogspot.com
3    185.119.26.1 (France)

ASN203544 (WEBDEVIIN-AS, FR)
PTR: 1.26.119.185.in-addr.arpa
payment.allopass.com
1    72.9.150.244 (United States)

ASN30277 (DFW-DATACENTER, US)
PTR: freewebhostingarea.com
www.freewebhostingarea.com
1    2a00:1450:4001:830::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.googletagmanager.com
2    2a00:1450:4001:80e::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.google-analytics.com
Domain Requested by
5 lesavantduturf.xp3.biz lesavantduturf.xp3.biz
3 payment.allopass.com lesavantduturf.xp3.biz
payment.allopass.com
2 www.google-analytics.com www.googletagmanager.com
www.google-analytics.com
2 img.root-top.com 2 redirects
1 www.googletagmanager.com payment.allopass.com
1 www.freewebhostingarea.com lesavantduturf.xp3.biz
1 1.bp.blogspot.com lesavantduturf.xp3.biz
1 www.tresorturf.com lesavantduturf.xp3.biz
1 www.turfqualite.com lesavantduturf.xp3.biz
15 9

This site contains links to these domains. Also see Links.

Domain
www.turfqualite.com
www.root-top.com
payment.allopass.com
www.freewebhostingarea.com
Subject Issuer Validity Valid
*.allopass.com
Sectigo RSA Domain Validation Secure Server CA		 2022-10-07 -
2023-10-07		 a year crt.sh
freewha.com
cPanel, Inc. Certification Authority		 2022-10-01 -
2022-12-30		 3 months crt.sh
*.google-analytics.com
GTS CA 1C3		 2022-11-07 -
2023-01-30		 3 months crt.sh

This page contains 1 frames:

Primary Page: http://lesavantduturf.xp3.biz/
Frame ID: A9FEEBCC1CA524534D26AA41CB7B5028
Requests: 15 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page Title

SAVANT TURF

Detected technologies

Overall confidence: 100%
Detected patterns
  • google-analytics\.com/(?:ga|urchin|analytics)\.js
Overall confidence: 100%
Detected patterns
  • googletagmanager\.com/gtm\.js

Page Statistics

15
Requests

47 %
HTTPS

50 %
IPv6

9
Domains

9
Subdomains

8
IPs

3
Countries

623 kB
Transfer

727 kB
Size

6
Cookies

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 4
  • http://img.root-top.com/topsite/andreturf/banner.gif HTTP 301
  • https://img.root-top.com/topsite/andreturf/banner.gif HTTP 302
  • https://1.bp.blogspot.com/-opH86gOfygg/XkEwY5zGGFI/AAAAAAAAAhY/EEJZ7wo4Lysj7ggD--RJw7QITLwwdbEaQCK4BGAYYCw/s1600/andreturf.gif

15 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Primary Request /
lesavantduturf.xp3.biz/ 		21 KB
22 KB 		Document
General
Check archive.org
Download Go to
Full URL
http://lesavantduturf.xp3.biz/
Protocol
HTTP/1.1
Server
142.54.187.21 , United States, ASN33387 (NOCIX, US),
Reverse DNS
Software
Apache/2.4.51 / PHP/7.1.33
Resource Hash
565e4e9671be6ce87c5a711f0ca22ae7bf01b8e5b96281f6ea964bdd260f1d59

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

Cache-Control
no-store, no-cache, must-revalidate
Cache-control
no-cache
Connection
Upgrade, Keep-Alive
Content-Type
text/html; charset=UTF-8
Date
Sun, 11 Dec 2022 19:29:40 GMT
Expires
Thu, 19 Nov 1981 08:52:00 GMT
Keep-Alive
timeout=1, max=10000
Pragma
no-cache no-cache
Server
Apache/2.4.51
Transfer-Encoding
chunked
Upgrade
h2,h2c
X-Powered-By
PHP/7.1.33
style1.css
lesavantduturf.xp3.biz/styles/ 		7 KB
8 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
http://lesavantduturf.xp3.biz/styles/style1.css
Requested by
Host: lesavantduturf.xp3.biz
URL: http://lesavantduturf.xp3.biz/
Protocol
HTTP/1.1
Server
142.54.187.21 , United States, ASN33387 (NOCIX, US),
Reverse DNS
Software
Apache/2.4.51 /
Resource Hash
0cc1eb59d241de80c9601ef104f1dc36eb3620689254b57ebe57db51637208b0

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://lesavantduturf.xp3.biz/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

Pragma
no-cache
Date
Sun, 11 Dec 2022 19:29:41 GMT
Last-Modified
Tue, 09 Jan 2018 17:49:39 GMT
Server
Apache/2.4.51
ETag
"1d8f-5625b89eb52c0"
Upgrade
h2,h2c
Content-Type
text/css
Cache-control
no-cache
Connection
Upgrade, Keep-Alive
Accept-Ranges
bytes
Keep-Alive
timeout=1, max=10000
Content-Length
7567
Expires
Sun, 11 Dec 2022 19:29:41 GMT
lesavantduturf.png
lesavantduturf.xp3.biz/images/ 		301 KB
301 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
http://lesavantduturf.xp3.biz/images/lesavantduturf.png
Requested by
Host: lesavantduturf.xp3.biz
URL: http://lesavantduturf.xp3.biz/
Protocol
HTTP/1.1
Server
142.54.187.21 , United States, ASN33387 (NOCIX, US),
Reverse DNS
Software
Apache/2.4.51 /
Resource Hash
34b36be4f1342e741fa10c84be7a0457c39f8de5b5b41b2a8a2634322cb844be

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://lesavantduturf.xp3.biz/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

Pragma
no-cache
Date
Sun, 11 Dec 2022 19:29:41 GMT
Last-Modified
Tue, 09 Jan 2018 17:49:39 GMT
Server
Apache/2.4.51
ETag
"4b40e-5625b89eb52c0"
Upgrade
h2,h2c
Content-Type
image/png
Cache-control
no-cache
Connection
Upgrade, Keep-Alive
Accept-Ranges
bytes
Keep-Alive
timeout=1, max=10000
Content-Length
308238
Expires
Sun, 11 Dec 2022 19:29:41 GMT
logo.gif
www.turfqualite.com/ 		14 KB
14 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
http://www.turfqualite.com/logo.gif
Requested by
Host: lesavantduturf.xp3.biz
URL: http://lesavantduturf.xp3.biz/
Protocol
HTTP/1.1
Server
194.150.236.190 , France, ASN44976 (HIWIT_AS, FR),
Reverse DNS
ns30.hiwit.net
Software
Apache /
Resource Hash
3dea1c07fc26ce06883a4a52b9b0bff5922eb76862f08130168dfc629146a6b1

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://lesavantduturf.xp3.biz/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

Date
Sun, 11 Dec 2022 19:29:41 GMT
Last-Modified
Thu, 30 Aug 2018 08:02:22 GMT
Server
Apache
ETag
"ac9fcb-387b-574a27ea7bf80"
Vary
Host
Content-Type
image/gif
Connection
Keep-Alive
Accept-Ranges
bytes
Keep-Alive
timeout=10, max=100
Content-Length
14459
csoumillon.gif
www.tresorturf.com/img/logos/ 		123 KB
123 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
http://www.tresorturf.com/img/logos/csoumillon.gif
Requested by
Host: lesavantduturf.xp3.biz
URL: http://lesavantduturf.xp3.biz/
Protocol
HTTP/1.1
Server
194.150.236.236 , France, ASN44976 (HIWIT_AS, FR),
Reverse DNS
ns76.hiwit.net
Software
Apache /
Resource Hash
5c0dc163ca0682764060d584c08d4ab278e2f24721e34acfa8c530353717ec64

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://lesavantduturf.xp3.biz/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

Date
Sun, 11 Dec 2022 19:29:41 GMT
Last-Modified
Wed, 10 Feb 2021 05:51:09 GMT
Server
Apache
ETag
"2510a0d-1ec2e-5baf4fd5bed40"
Vary
Host
Content-Type
image/gif
Connection
Keep-Alive
Accept-Ranges
bytes
Keep-Alive
timeout=15, max=100
Content-Length
125998
andreturf.gif
1.bp.blogspot.com/-opH86gOfygg/XkEwY5zGGFI/AAAAAAAAAhY/EEJZ7wo4Lysj7ggD--RJw7QITLwwdbEaQCK4BGAYYCw/s1600/
Redirect Chain
  • http://img.root-top.com/topsite/andreturf/banner.gif
  • https://img.root-top.com/topsite/andreturf/banner.gif
  • https://1.bp.blogspot.com/-opH86gOfygg/XkEwY5zGGFI/AAAAAAAAAhY/EEJZ7wo4Lysj7ggD--RJw7QITLwwdbEaQCK4BGAYYCw/s1600/andreturf.gif
25 KB
25 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://1.bp.blogspot.com/-opH86gOfygg/XkEwY5zGGFI/AAAAAAAAAhY/EEJZ7wo4Lysj7ggD--RJw7QITLwwdbEaQCK4BGAYYCw/s1600/andreturf.gif
Requested by
Host: lesavantduturf.xp3.biz
URL: http://lesavantduturf.xp3.biz/
Protocol
H2
Server
2a00:1450:4001:801::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
fife /
Resource Hash
4a2585af464438cf28c1cc239db9a4cbc614297de51487e57b1d76500c203c3e
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://lesavantduturf.xp3.biz/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

date
Sun, 11 Dec 2022 19:29:41 GMT
x-content-type-options
nosniff
age
0
content-disposition
inline;filename="andreturf.gif"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
25217
x-xss-protection
0
server
fife
etag
"v217"
vary
Origin
content-type
image/gif
access-control-allow-origin
*
access-control-expose-headers
Content-Length
cache-control
public, max-age=86400, no-transform
timing-allow-origin
*
expires
Fri, 02 Dec 2022 21:06:13 GMT

Redirect headers

date
Sun, 11 Dec 2022 19:29:41 GMT
cf-cache-status
BYPASS
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=ujeqVTTXE1Lqzu4ovY%2FQgImSypgStjCWbUBeiCSLCNLymRTQKoak%2Bx8l40RkApP4DOxvlpWuRDKWK8DUkt9bAvmT2E9m7fpJjQaGZVJhSqIU0q8mMDmrcNox5s9yuFSfewgQsbnfJiq13BHbZC6u"}],"group":"cf-nel","max_age":604800}
content-type
text/html; charset=ISO-8859-1
location
https://1.bp.blogspot.com/-opH86gOfygg/XkEwY5zGGFI/AAAAAAAAAhY/EEJZ7wo4Lysj7ggD--RJw7QITLwwdbEaQCK4BGAYYCw/s1600/andreturf.gif
cf-ray
7780a1687e35b7cd-AMS
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
s78.jpg
lesavantduturf.xp3.biz/images/ 		20 KB
21 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
http://lesavantduturf.xp3.biz/images/s78.jpg
Requested by
Host: lesavantduturf.xp3.biz
URL: http://lesavantduturf.xp3.biz/
Protocol
HTTP/1.1
Server
142.54.187.21 , United States, ASN33387 (NOCIX, US),
Reverse DNS
Software
Apache/2.4.51 /
Resource Hash
12dc914b48d229775aa78f079a5afbc97c600a95a5fe66699cadacd823b62f6a

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://lesavantduturf.xp3.biz/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

Pragma
no-cache
Date
Sun, 11 Dec 2022 19:29:41 GMT
Last-Modified
Tue, 09 Jan 2018 17:49:39 GMT
Server
Apache/2.4.51
ETag
"50ab-5625b89eb52c0"
Content-Type
image/jpeg
Cache-control
no-cache
Connection
Keep-Alive
Accept-Ranges
bytes
Keep-Alive
timeout=1, max=9999
Content-Length
20651
Expires
Sun, 11 Dec 2022 19:29:41 GMT
checkout.apu
payment.allopass.com/buy/ 		11 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://payment.allopass.com/buy/checkout.apu?ids=350910&idd=1533987&lang=fr
Requested by
Host: lesavantduturf.xp3.biz
URL: http://lesavantduturf.xp3.biz/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
185.119.26.1 , France, ASN203544 (WEBDEVIIN-AS, FR),
Reverse DNS
1.26.119.185.in-addr.arpa
Software
Apache /
Resource Hash
81701bf2b5ecb05a851740d711f77f2abedc3bbbab61d447f2ad5ce1f1ad800c

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://lesavantduturf.xp3.biz/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

Pragma
no-cache
Date
Sun, 11 Dec 2022 19:29:41 GMT
Content-Encoding
gzip
Server
Apache
Vary
Accept-Encoding
P3P
CP='NON NID OTPa OUR NOR' policy-ref='http://payment.allopass.com/info/p3p/policy-references.xml'
Content-Type
text/html
Cache-Control
no-store, no-cache, must-revalidate, post-check=0, pre-check=0
Connection
close
Content-Length
2960
Expires
Thu, 19 Nov 1981 08:52:00 GMT
s55.jpg
lesavantduturf.xp3.biz/images/ 		28 KB
28 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
http://lesavantduturf.xp3.biz/images/s55.jpg
Requested by
Host: lesavantduturf.xp3.biz
URL: http://lesavantduturf.xp3.biz/
Protocol
HTTP/1.1
Server
142.54.187.21 , United States, ASN33387 (NOCIX, US),
Reverse DNS
Software
Apache/2.4.51 /
Resource Hash
9bb1e5a1343eb65a598ac26199ed439626752709db38343fd7a6aa8791337104

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://lesavantduturf.xp3.biz/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

Pragma
no-cache
Date
Sun, 11 Dec 2022 19:29:41 GMT
Last-Modified
Tue, 09 Jan 2018 17:49:39 GMT
Server
Apache/2.4.51
ETag
"6f54-5625b89eb52c0"
Content-Type
image/jpeg
Cache-control
no-cache
Connection
Keep-Alive
Accept-Ranges
bytes
Keep-Alive
timeout=1, max=9999
Content-Length
28500
Expires
Sun, 11 Dec 2022 19:29:41 GMT
poweredby.png
www.freewebhostingarea.com/images/ 		6 KB
6 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.freewebhostingarea.com/images/poweredby.png
Requested by
Host: lesavantduturf.xp3.biz
URL: http://lesavantduturf.xp3.biz/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
72.9.150.244 , United States, ASN30277 (DFW-DATACENTER, US),
Reverse DNS
freewebhostingarea.com
Software
Apache /
Resource Hash
df10c5d5b81e45692a6160115a2d22fedd2316c2d8960c2ad175110325ac8905

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://lesavantduturf.xp3.biz/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

Date
Sun, 11 Dec 2022 19:29:41 GMT
Last-Modified
Tue, 26 Feb 2019 23:24:37 GMT
Server
Apache
Content-Type
image/png
Connection
Keep-Alive
Accept-Ranges
bytes
Keep-Alive
timeout=1, max=10000
Content-Length
6022
gtm.js
www.googletagmanager.com/ 		115 KB
45 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtm.js?id=GTM-NHFGDSD
Requested by
Host: payment.allopass.com
URL: https://payment.allopass.com/buy/checkout.apu?ids=350910&idd=1533987&lang=fr
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:830::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
64c2007647f8afca1a9cebec99ecc1dc84a18a6ed0a6d5e90f11dcb46f2cf217
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://lesavantduturf.xp3.biz/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

date
Sun, 11 Dec 2022 19:29:41 GMT
content-encoding
br
strict-transport-security
max-age=31536000; includeSubDomains
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
45418
x-xss-protection
0
last-modified
Sun, 11 Dec 2022 18:00:00 GMT
server
Google Tag Manager
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
access-control-allow-headers
Cache-Control
expires
Sun, 11 Dec 2022 19:29:41 GMT
buy-button.css
payment.allopass.com/static/css/ 		2 KB
830 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://payment.allopass.com/static/css/buy-button.css?1
Requested by
Host: payment.allopass.com
URL: https://payment.allopass.com/buy/checkout.apu?ids=350910&idd=1533987&lang=fr
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
185.119.26.1 , France, ASN203544 (WEBDEVIIN-AS, FR),
Reverse DNS
1.26.119.185.in-addr.arpa
Software
Apache /
Resource Hash
95eb15e76b752a9c78d6281cd3b7c43a8fbc2931783edf3bf3703af55eff06e2

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://lesavantduturf.xp3.biz/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

Date
Sun, 11 Dec 2022 19:29:41 GMT
Content-Encoding
gzip
Last-Modified
Tue, 16 Nov 2021 13:36:55 GMT
Server
Apache
ETag
"232e2-69a-5d0e804cbabc0"
Vary
Accept-Encoding
Content-Type
text/css
Connection
close
Accept-Ranges
bytes
Content-Length
546
162x56.png
payment.allopass.com/static/buy/button/fr/ 		6 KB
6 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://payment.allopass.com/static/buy/button/fr/162x56.png
Requested by
Host: lesavantduturf.xp3.biz
URL: http://lesavantduturf.xp3.biz/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
185.119.26.1 , France, ASN203544 (WEBDEVIIN-AS, FR),
Reverse DNS
1.26.119.185.in-addr.arpa
Software
Apache /
Resource Hash
7dd9659e56e92abc376e04d427903b2cfca1d52d854d38e35fefa4cf9e7fd9db

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://lesavantduturf.xp3.biz/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

Date
Sun, 11 Dec 2022 19:29:41 GMT
Last-Modified
Tue, 16 Nov 2021 13:36:55 GMT
Server
Apache
ETag
"215ef-1688-5d0e804cbabc0"
Content-Type
image/png
Connection
close
Accept-Ranges
bytes
Content-Length
5768
analytics.js
www.google-analytics.com/ 		49 KB
20 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/analytics.js
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-NHFGDSD
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80e::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
b42e4a056cb5b80c5a315040826866445ec9332f0749e184509ab2d9d3b86719
Security Headers
Name Value
Strict-Transport-Security max-age=10886400; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://lesavantduturf.xp3.biz/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

strict-transport-security
max-age=10886400; includeSubDomains; preload
content-encoding
gzip
x-content-type-options
nosniff
date
Sun, 11 Dec 2022 19:24:40 GMT
last-modified
Tue, 27 Sep 2022 22:01:05 GMT
server
Golfe2
age
302
vary
Accept-Encoding
content-type
text/javascript
cache-control
public, max-age=7200
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
20039
expires
Sun, 11 Dec 2022 21:24:40 GMT
collect
www.google-analytics.com/j/ 		1 B
211 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/j/collect?v=1&_v=j98&a=1267721832&t=pageview&_s=1&dl=http%3A%2F%2Flesavantduturf.xp3.biz%2F&ul=en-us&de=UTF-8&dt=SAVANT%20TURF&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=YEBAAEABAAAAACAAI~&jid=854437989&gjid=553785776&cid=986078720.1670786982&tid=UA-135619294-1&_gid=1162226818.1670786982&_r=1&gtm=2wgbu0NHFGDSD&cd1=ALS-LIBS-CHECKOUT-15&cd2=1533987&cd3=350910&cd4=(not%20set)&cd5=classic&z=754912464
Requested by
Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80e::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
http://lesavantduturf.xp3.biz/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Sun, 11 Dec 2022 19:29:42 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
http://lesavantduturf.xp3.biz
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
1
expires
Fri, 01 Jan 1990 00:00:00 GMT

Verdicts & Comments Add Verdict or Comment

17 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| oncontentvisibilityautostatechange object| headID object| cssNode function| allopassButtons number| alreadyrunflag undefined| proto undefined| contentloadtag number| _timer object| dataLayer object| elts object| google_tag_manager object| google_tag_data string| GoogleAnalyticsObject function| ga object| gaplugins object| gaGlobal object| gaData

6 Cookies

Domain/Path Name / Value
lesavantduturf.xp3.biz/ Name: PHPSESSID
Value: 48ap84nsdhar015v7v628vpf9r
payment.allopass.com/ Name: ShopSessionId
Value: 41262416-a473-4151-948e-d47038c1e57a
.allopass.com/ Name: AP_CUSK
Value: 3598322919
.xp3.biz/ Name: _ga
Value: GA1.2.986078720.1670786982
.xp3.biz/ Name: _gid
Value: GA1.2.1162226818.1670786982
.xp3.biz/ Name: _gat_UA-135619294-1
Value: 1

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

1.bp.blogspot.com
img.root-top.com
lesavantduturf.xp3.biz
payment.allopass.com
www.freewebhostingarea.com
www.google-analytics.com
www.googletagmanager.com
www.tresorturf.com
www.turfqualite.com
142.54.187.21
185.119.26.1
194.150.236.190
194.150.236.236
2606:4700:3038::6815:ea1a
2606:4700:3038::6815:ea1b
2a00:1450:4001:801::2001
2a00:1450:4001:80e::200e
2a00:1450:4001:830::2008
72.9.150.244
0cc1eb59d241de80c9601ef104f1dc36eb3620689254b57ebe57db51637208b0
12dc914b48d229775aa78f079a5afbc97c600a95a5fe66699cadacd823b62f6a
34b36be4f1342e741fa10c84be7a0457c39f8de5b5b41b2a8a2634322cb844be
3dea1c07fc26ce06883a4a52b9b0bff5922eb76862f08130168dfc629146a6b1
4a2585af464438cf28c1cc239db9a4cbc614297de51487e57b1d76500c203c3e
565e4e9671be6ce87c5a711f0ca22ae7bf01b8e5b96281f6ea964bdd260f1d59
5c0dc163ca0682764060d584c08d4ab278e2f24721e34acfa8c530353717ec64
64c2007647f8afca1a9cebec99ecc1dc84a18a6ed0a6d5e90f11dcb46f2cf217
6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b
7dd9659e56e92abc376e04d427903b2cfca1d52d854d38e35fefa4cf9e7fd9db
81701bf2b5ecb05a851740d711f77f2abedc3bbbab61d447f2ad5ce1f1ad800c
95eb15e76b752a9c78d6281cd3b7c43a8fbc2931783edf3bf3703af55eff06e2
9bb1e5a1343eb65a598ac26199ed439626752709db38343fd7a6aa8791337104
b42e4a056cb5b80c5a315040826866445ec9332f0749e184509ab2d9d3b86719
df10c5d5b81e45692a6160115a2d22fedd2316c2d8960c2ad175110325ac8905