urlscan.io logo urlscan.io
SecurityTrails logo

www.eldorado.1s.fr Open in urlscan Pro
5.135.149.81  Public Scan

Go To Rescan Add Verdict Report
URL: http://www.eldorado.1s.fr/
Submission: On February 03 via manual from BF — Scanned from FR
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 11 IPs in 3 countries across 11 domains to perform 45 HTTP transactions. The main IP is 5.135.149.81, located in Le Chesnay, France and belongs to OVH, FR. The main domain is www.eldorado.1s.fr.
This is the only time www.eldorado.1s.fr was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
10 5.135.149.81 16276 (OVH)
11 194.150.236.165 44976 (HIWIT_AS)
6 2a00:1450:400... 15169 (GOOGLE)
1 194.150.236.166 44976 (HIWIT_AS)
4 4 2606:4700:303... 13335 (CLOUDFLAR...)
4 2606:4700:303... 13335 (CLOUDFLAR...)
4 185.119.26.1 203544 (WEBDEVIIN-AS)
1 194.0.255.28 8218 (NEO-ASN l...)
2 2a00:1450:400... 15169 (GOOGLE)
2 2a00:1450:400... 15169 (GOOGLE)
3 2a00:1450:400... 15169 (GOOGLE)
1 2a00:1450:400... 15169 (GOOGLE)
45 11
10    5.135.149.81 (Le Chesnay, France)

ASN16276 (OVH, FR)
PTR: web3.venez.net
www.eldorado.1s.fr
www.venez.fr
11    194.150.236.165 (France)

ASN44976 (HIWIT_AS, FR)
PTR: ns5.hiwit.net
www.turf.dafun.com
6    2a00:1450:4001:830::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
pagead2.googlesyndication.com
1    194.150.236.166 (France)

ASN44976 (HIWIT_AS, FR)
PTR: ns6.hiwit.net
www.turfinfos.ouba.com
4    2606:4700:3038::6815:ea1a (United States)

ASN13335 (CLOUDFLARENET, US)
img.root-top.com
4    2606:4700:3038::6815:ea1b (United States)

ASN13335 (CLOUDFLARENET, US)
img.root-top.com
4    185.119.26.1 (France)

ASN203544 (WEBDEVIIN-AS, FR)
PTR: 1.26.119.185.in-addr.arpa
payment.allopass.com
1    194.0.255.28 (France)

ASN8218 (NEO-ASN legacy Neotelecoms, FR)
PTR: srv28.bdmultimedia.fr
script.starpass.fr
2    2a00:1450:4001:811::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.googletagmanager.com
2    2a00:1450:4001:831::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
googleads.g.doubleclick.net
3    2a00:1450:4001:808::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
tpc.googlesyndication.com
1    2a00:1450:4001:830::2004 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.google.com
Apex Domain
Subdomains		 Transfer
11 dafun.com
www.turf.dafun.com
757 KB
9 googlesyndication.com
pagead2.googlesyndication.com — Cisco Umbrella Rank: 110
tpc.googlesyndication.com — Cisco Umbrella Rank: 157
231 KB
8 root-top.com
img.root-top.com
21 KB
7 venez.fr
www.venez.fr
9 KB
4 allopass.com
payment.allopass.com
11 KB
3 1s.fr
www.eldorado.1s.fr
3 KB
2 doubleclick.net
googleads.g.doubleclick.net — Cisco Umbrella Rank: 38
5 KB
2 googletagmanager.com
www.googletagmanager.com — Cisco Umbrella Rank: 37
157 KB
1 google.com
www.google.com — Cisco Umbrella Rank: 2
1 KB
1 starpass.fr
script.starpass.fr
376 B
1 ouba.com
www.turfinfos.ouba.com
6 KB
45 11
Domain Requested by
11 www.turf.dafun.com www.eldorado.1s.fr
www.turf.dafun.com
8 img.root-top.com 4 redirects www.turf.dafun.com
7 www.venez.fr www.eldorado.1s.fr
www.venez.fr
6 pagead2.googlesyndication.com www.eldorado.1s.fr
pagead2.googlesyndication.com
tpc.googlesyndication.com
4 payment.allopass.com www.turf.dafun.com
payment.allopass.com
3 tpc.googlesyndication.com pagead2.googlesyndication.com
tpc.googlesyndication.com
3 www.eldorado.1s.fr www.eldorado.1s.fr
2 googleads.g.doubleclick.net pagead2.googlesyndication.com
2 www.googletagmanager.com payment.allopass.com
www.googletagmanager.com
1 www.google.com tpc.googlesyndication.com
1 script.starpass.fr www.turf.dafun.com
1 www.turfinfos.ouba.com www.turf.dafun.com
45 12

This site contains no links.

Subject Issuer Validity Valid
venez.fr
R3		 2023-12-04 -
2024-03-03		 3 months crt.sh
*.allopass.com
Sectigo RSA Domain Validation Secure Server CA		 2023-10-06 -
2024-10-07		 a year crt.sh
script.starpass.fr
ZeroSSL RSA Domain Secure Site CA		 2024-01-11 -
2024-04-10		 3 months crt.sh
*.google-analytics.com
GTS CA 1C3		 2024-01-09 -
2024-04-02		 3 months crt.sh
*.g.doubleclick.net
GTS CA 1C3		 2024-01-09 -
2024-04-02		 3 months crt.sh
tpc.googlesyndication.com
GTS CA 1C3		 2024-01-09 -
2024-04-02		 3 months crt.sh
www.google.com
GTS CA 1C3		 2024-01-09 -
2024-04-02		 3 months crt.sh

This page contains 9 frames:

Primary Page: http://www.eldorado.1s.fr/
Frame ID: 27899449DCCB9CFB5906C97E30C3F795
Requests: 1 HTTP requests in this frame

Frame: http://www.eldorado.1s.fr/barre-eldorado.1s.fr.html
Frame ID: FA5FF73BFF9B923EDDB07FBB87BCAB14
Requests: 9 HTTP requests in this frame

Frame: http://www.turf.dafun.com/pronos/eldorado/
Frame ID: 32593ADDF763525CF58481B00FF5E16E
Requests: 23 HTTP requests in this frame

Frame: http://www.eldorado.1s.fr/stats-eldorado.1s.fr.html
Frame ID: 40E349DE59E2C1C2426388926FC72559
Requests: 1 HTTP requests in this frame

Frame: https://www.venez.fr/alternate-barre.htm
Frame ID: 111D5698B00FE838CAB27406E399A57C
Requests: 4 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/html/r20240131/r20190131/zrt_lookup_inhead_fy2021.html?hello=world
Frame ID: 33F4C34E782903B9570C9720C0824946
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5203714787387788&output=html&h=90&slotname=4563536207&adk=2647235303&adf=3604715433&pi=t.ma~as.4563536207&w=970&format=970x90&url=http%3A%2F%2Fwww.eldorado.1s.fr%2F&wgl=1&dt=1706996459618&bpp=3&bdt=318&idt=247&shv=r20240131&mjsv=m202401290101&ptt=9&saldr=aa&correlator=8274569897362&frm=23&ife=1&pv=2&ga_vid=1509317242.1706996460&ga_sid=1706996460&ga_hid=1582648563&ga_fc=0&nhd=1&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&adx=20&ady=0&biw=1600&bih=1200&isw=1600&ish=90&ifk=3809009385&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C44809004%2C31080817%2C95324154%2C95324161&oid=2&pvsid=2449212769014541&tmod=1568516736&uas=0&nvt=1&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C90&vis=1&rsz=o%7Co%7CaeE%7C&abl=NA&pfx=0&fu=4&bc=23&bz=1&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=1&uci=1.xr6klp9e08h&fsb=1&dtd=253
Frame ID: 7D0E729B06D1B2217ECFDDADAEF080AA
Requests: 1 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Frame ID: DE50962D04277FA8EA042A43A2B7C5B0
Requests: 3 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/aframe
Frame ID: AAF9BB7F77E8650E75A1141EF521A010
Requests: 2 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page Title

ELDORADO

Detected technologies

Overall confidence: 100%
Detected patterns
  • googlesyndication\.com/
Overall confidence: 100%
Detected patterns
  • googletagmanager\.com/gtm\.js

Page Statistics

45
Requests

56 %
HTTPS

58 %
IPv6

11
Domains

12
Subdomains

11
IPs

3
Countries

1200 kB
Transfer

1920 kB
Size

6
Cookies

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 9
  • http://img.root-top.com/topsite/miroirduturf/banner.gif HTTP 301
  • https://img.root-top.com/topsite/miroirduturf/banner.gif
Request Chain 10
  • http://img.root-top.com/topsite/turfgagnant/banner.gif HTTP 301
  • https://img.root-top.com/topsite/turfgagnant/banner.gif
Request Chain 11
  • http://img.root-top.com/topsite/lc13/banner.gif HTTP 301
  • https://img.root-top.com/topsite/lc13/banner.gif
Request Chain 12
  • http://img.root-top.com/topsite/bienjouer/banner.gif HTTP 301
  • https://img.root-top.com/topsite/bienjouer/banner.gif

45 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Primary Request /
www.eldorado.1s.fr/ 		3 KB
1 KB 		Document
General
Check archive.org
Download Go to
Full URL
http://www.eldorado.1s.fr/
Protocol
HTTP/1.1
Server
5.135.149.81 Le Chesnay, France, ASN16276 (OVH, FR),
Reverse DNS
web3.venez.net
Software
Apache /
Resource Hash
3e231d8b55e0d395404165858511e1d581054d0ae6599cf119c1ee5123c1b731

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36
accept-language
fr-FR,fr;q=0.9

Response headers

Connection
Keep-Alive
Content-Encoding
gzip
Content-Length
1142
Content-Type
text/html; charset=iso-8859-1
Date
Sat, 03 Feb 2024 21:40:58 GMT
Keep-Alive
timeout=5, max=100
Server
Apache
Vary
Accept-Encoding
barre-eldorado.1s.fr.html
www.eldorado.1s.fr/ Frame FA5F 		3 KB
2 KB 		Document
General
Check archive.org
Download Go to
Full URL
http://www.eldorado.1s.fr/barre-eldorado.1s.fr.html
Requested by
Host: www.eldorado.1s.fr
URL: http://www.eldorado.1s.fr/
Protocol
HTTP/1.1
Server
5.135.149.81 Le Chesnay, France, ASN16276 (OVH, FR),
Reverse DNS
web3.venez.net
Software
Apache /
Resource Hash
74c6118bbec561a3f22e28a968742efbed08965555c7282ede8dcc100bf159e9

Request headers

Referer
http://www.eldorado.1s.fr/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36
accept-language
fr-FR,fr;q=0.9

Response headers

Cache-Control
no-store, no-cache, must-revalidate post-check=0, pre-check=0
Connection
Keep-Alive
Content-Encoding
gzip
Content-Length
1554
Content-Type
text/html; charset=ISO-8859-1
Date
Sat, 03 Feb 2024 21:40:58 GMT
Expires
Sat, 03 Feb 2024 21:40:58 GMT
Keep-Alive
timeout=5, max=99
Last-Modified
Sat, 03 Feb 2024 21:40:58 GMT
Pragma
no-cache
Server
Apache
Vary
Accept-Encoding
/
www.turf.dafun.com/pronos/eldorado/ Frame 3259 		11 KB
11 KB 		Document
General
Check archive.org
Download Go to
Full URL
http://www.turf.dafun.com/pronos/eldorado/
Requested by
Host: www.eldorado.1s.fr
URL: http://www.eldorado.1s.fr/
Protocol
HTTP/1.1
Server
194.150.236.165 , France, ASN44976 (HIWIT_AS, FR),
Reverse DNS
ns5.hiwit.net
Software
Apache /
Resource Hash
7e2a686c7e3888aa0b905e942a1c021f9208c567db9de937af99c76ff14867ad

Request headers

Referer
http://www.eldorado.1s.fr/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36
accept-language
fr-FR,fr;q=0.9

Response headers

Connection
Keep-Alive
Content-Type
text/html
Date
Sat, 03 Feb 2024 21:40:59 GMT
Keep-Alive
timeout=15, max=100
Server
Apache
Transfer-Encoding
chunked
Vary
Host
stats-eldorado.1s.fr.html
www.eldorado.1s.fr/ Frame 40E3 		0
192 B 		Document
General
Check archive.org
Download Go to
Full URL
http://www.eldorado.1s.fr/stats-eldorado.1s.fr.html
Requested by
Host: www.eldorado.1s.fr
URL: http://www.eldorado.1s.fr/
Protocol
HTTP/1.1
Server
5.135.149.81 Le Chesnay, France, ASN16276 (OVH, FR),
Reverse DNS
web3.venez.net
Software
Apache /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
http://www.eldorado.1s.fr/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36
accept-language
fr-FR,fr;q=0.9

Response headers

Connection
Keep-Alive
Content-Length
0
Content-Type
text/html; charset=iso-8859-1
Date
Sat, 03 Feb 2024 21:40:58 GMT
Keep-Alive
timeout=5, max=100
Server
Apache
site.js
www.venez.fr/js/ Frame FA5F 		2 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.venez.fr/js/site.js?www.venez.fr
Requested by
Host: www.eldorado.1s.fr
URL: http://www.eldorado.1s.fr/barre-eldorado.1s.fr.html
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
5.135.149.81 Le Chesnay, France, ASN16276 (OVH, FR),
Reverse DNS
web3.venez.net
Software
Apache /
Resource Hash
0c91a24c2deb753c963c48cd9c3e5d16ee96128b30bce193c4324e121728c306

Request headers

accept-language
fr-FR,fr;q=0.9
Referer
http://www.eldorado.1s.fr/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

Date
Sat, 03 Feb 2024 21:40:58 GMT
Content-Encoding
gzip
Last-Modified
Sat, 03 Feb 2024 21:40:58 GMT
Server
Apache
Vary
Accept-Encoding
Content-Type
application/javascript
Cache-Control
public, max-age=604800
Connection
Keep-Alive
Keep-Alive
timeout=5, max=100
Content-Length
1023
Expires
Sat, 10 Feb 2024 21:40:58 GMT
separateur90.gif
www.venez.fr/images/ Frame FA5F 		82 B
388 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.venez.fr/images/separateur90.gif
Requested by
Host: www.eldorado.1s.fr
URL: http://www.eldorado.1s.fr/barre-eldorado.1s.fr.html
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
5.135.149.81 Le Chesnay, France, ASN16276 (OVH, FR),
Reverse DNS
web3.venez.net
Software
Apache /
Resource Hash
3289fc83b622ca0a13683fa81b006a05de135d1938744d6e30e5c9be2f2d782a

Request headers

accept-language
fr-FR,fr;q=0.9
Referer
http://www.eldorado.1s.fr/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

Date
Sat, 03 Feb 2024 21:40:58 GMT
Last-Modified
Thu, 15 Nov 2018 22:11:22 GMT
Server
Apache
ETag
"52-57abb54b25680"
Content-Type
image/gif
Cache-Control
max-age=604800, public
Connection
Keep-Alive
Accept-Ranges
bytes
Keep-Alive
timeout=5, max=100
Content-Length
82
adsbygoogle.js
pagead2.googlesyndication.com/pagead/js/ Frame FA5F 		146 KB
54 KB 		Script
General
Check archive.org
Download Go to
Full URL
http://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js
Requested by
Host: www.eldorado.1s.fr
URL: http://www.eldorado.1s.fr/barre-eldorado.1s.fr.html
Protocol
HTTP/1.1
Server
2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
28068736d9318e42687d103e81dbb946931a2fc07eac92b1c20753bfb80c1357
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
fr-FR,fr;q=0.9
Referer
http://www.eldorado.1s.fr/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

Date
Sat, 03 Feb 2024 21:40:59 GMT
Content-Encoding
gzip
X-Content-Type-Options
nosniff
P3P
policyref="http://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
Cross-Origin-Resource-Policy
cross-origin
Content-Disposition
attachment; filename="f.txt"
Content-Length
54452
X-XSS-Protection
0
Server
cafe
ETag
18412064175020438978
Vary
Accept-Encoding
Content-Type
text/javascript; charset=UTF-8
Access-Control-Allow-Origin
*
Cache-Control
private, max-age=3600, stale-while-revalidate=3600
Timing-Allow-Origin
*
Link
<https://googleads.g.doubleclick.net>; rel="preconnect"; crossorigin
Expires
Sat, 03 Feb 2024 21:40:59 GMT
h1.png
www.turf.dafun.com/pronos/eldorado/ Frame 3259 		31 KB
31 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
http://www.turf.dafun.com/pronos/eldorado/h1.png
Requested by
Host: www.turf.dafun.com
URL: http://www.turf.dafun.com/pronos/eldorado/
Protocol
HTTP/1.1
Server
194.150.236.165 , France, ASN44976 (HIWIT_AS, FR),
Reverse DNS
ns5.hiwit.net
Software
Apache /
Resource Hash
a8cfab6c307310ca0a66fabbc9ea8285687d4778089e3106b1434a9bf1868b60

Request headers

accept-language
fr-FR,fr;q=0.9
Referer
http://www.turf.dafun.com/pronos/eldorado/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

Date
Sat, 03 Feb 2024 21:40:59 GMT
Last-Modified
Thu, 22 Sep 2022 16:57:04 GMT
Server
Apache
ETag
"e75e85-7a48-5e946f364b800"
Vary
Host
Content-Type
image/png
Connection
Keep-Alive
Accept-Ranges
bytes
Keep-Alive
timeout=15, max=99
Content-Length
31304
head.jpg
www.turf.dafun.com/pronos/eldorado/ Frame 3259 		245 KB
246 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
http://www.turf.dafun.com/pronos/eldorado/head.jpg
Requested by
Host: www.turf.dafun.com
URL: http://www.turf.dafun.com/pronos/eldorado/
Protocol
HTTP/1.1
Server
194.150.236.165 , France, ASN44976 (HIWIT_AS, FR),
Reverse DNS
ns5.hiwit.net
Software
Apache /
Resource Hash
57913f8709a49064222528b156e05eb140892249b78881b19aba24cc31c30a84

Request headers

accept-language
fr-FR,fr;q=0.9
Referer
http://www.turf.dafun.com/pronos/eldorado/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

Date
Sat, 03 Feb 2024 21:40:59 GMT
Last-Modified
Thu, 22 Sep 2022 16:57:05 GMT
Server
Apache
ETag
"e75eb2-3d59d-5e946f373fa40"
Vary
Host
Content-Type
image/jpeg
Connection
Keep-Alive
Accept-Ranges
bytes
Keep-Alive
timeout=15, max=98
Content-Length
251293
logo.gif
www.turfinfos.ouba.com/ Frame 3259 		6 KB
6 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
http://www.turfinfos.ouba.com/logo.gif
Requested by
Host: www.turf.dafun.com
URL: http://www.turf.dafun.com/pronos/eldorado/
Protocol
HTTP/1.1
Server
194.150.236.166 , France, ASN44976 (HIWIT_AS, FR),
Reverse DNS
ns6.hiwit.net
Software
Apache /
Resource Hash
b3d1ff1c03e608adcedb1eb0620301291d21d70834b11c8e6f1d710351debd38

Request headers

accept-language
fr-FR,fr;q=0.9
Referer
http://www.turf.dafun.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

Date
Sat, 03 Feb 2024 21:40:59 GMT
Last-Modified
Tue, 12 Sep 2017 08:21:11 GMT
Server
Apache
ETag
"134e672-169d-558f9b9ceebc0"
Vary
Host
Content-Type
image/gif
Connection
Keep-Alive
Accept-Ranges
bytes
Keep-Alive
timeout=15, max=100
Content-Length
5789
banner.gif
img.root-top.com/topsite/miroirduturf/ Frame 3259
Redirect Chain
  • http://img.root-top.com/topsite/miroirduturf/banner.gif
  • https://img.root-top.com/topsite/miroirduturf/banner.gif
4 KB
5 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://img.root-top.com/topsite/miroirduturf/banner.gif
Requested by
Host: www.turf.dafun.com
URL: http://www.turf.dafun.com/pronos/eldorado/
Protocol
H2
Server
2606:4700:3038::6815:ea1b , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
597b8d67ab1ae1248dc69b6ef66b49d95eedc1ab74ae74234d86e3668d72e58e

Request headers

accept-language
fr-FR,fr;q=0.9
Referer
http://www.turf.dafun.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date
Sat, 03 Feb 2024 21:40:59 GMT
cf-cache-status
REVALIDATED
last-modified
Tue, 29 Nov 2022 12:52:50 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
etag
"1229025579"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=5lxyvK%2FfLm9ZoyUdzU%2FLede%2Ba5SLNfoA7%2B6fyWZpZXE25DCuEGQEE5%2B8kyWcBA0%2BjQIauCNPqRCGJENxRmrtlajwPIn1Edj4XLjeRywE9p%2FfZfDa8H6UAhh0enV49uuApMbkajY9FXwDJUUynwjB"}],"group":"cf-nel","max_age":604800}
content-type
image/png
cache-control
max-age=2678400
accept-ranges
bytes
cf-ray
84fdd5df7abe2a53-CDG
alt-svc
h3=":443"; ma=86400
content-length
4424

Redirect headers

Date
Sat, 03 Feb 2024 21:40:59 GMT
CF-Cache-Status
EXPIRED
NEL
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Server
cloudflare
Vary
Accept-Encoding
Report-To
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=VETPr45XR3tIIpKCsc9WZ7Gjg8qfbzYpNq51f%2F3CSaKYW1FWyCYIif%2BMbrG%2FUZdVmgyiRAL7EKmQggJxf%2B9jA7L6OZ%2BxCd6%2BPztGXSXcywrO7%2FJ4TZMaJ6C4b4MrgZhrj6nEyQWp9X3esrnCAiRz"}],"group":"cf-nel","max_age":604800}
Location
https://img.root-top.com/topsite/miroirduturf/banner.gif
Cache-Control
max-age=14400
Connection
keep-alive
CF-RAY
84fdd5defad56ed9-CDG
alt-svc
h3=":443"; ma=86400
Content-Length
0
banner.gif
img.root-top.com/topsite/turfgagnant/ Frame 3259
Redirect Chain
  • http://img.root-top.com/topsite/turfgagnant/banner.gif
  • https://img.root-top.com/topsite/turfgagnant/banner.gif
4 KB
5 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://img.root-top.com/topsite/turfgagnant/banner.gif
Requested by
Host: www.turf.dafun.com
URL: http://www.turf.dafun.com/pronos/eldorado/
Protocol
H2
Server
2606:4700:3038::6815:ea1b , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
597b8d67ab1ae1248dc69b6ef66b49d95eedc1ab74ae74234d86e3668d72e58e

Request headers

accept-language
fr-FR,fr;q=0.9
Referer
http://www.turf.dafun.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date
Sat, 03 Feb 2024 21:40:59 GMT
cf-cache-status
HIT
last-modified
Tue, 29 Nov 2022 12:52:50 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
age
2630096
etag
"1229025579"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=N%2Fieyq0fXvz3NyBITyawOOC%2FpQ1ezm6GYhhL47xtkRM3VSf1jmUPowf4m3SLB6viaDf%2FyN7zFs4CvhfPnkPGZFBOF7l0gBflTlAXq6sfD7UrPjuTwIimfdLcVvQe8wq4AlNUuqpnuOg78fIVwg2%2B"}],"group":"cf-nel","max_age":604800}
content-type
image/png
cache-control
max-age=2678400
accept-ranges
bytes
cf-ray
84fdd5df7abf2a53-CDG
alt-svc
h3=":443"; ma=86400
content-length
4424

Redirect headers

Date
Sat, 03 Feb 2024 21:40:59 GMT
CF-Cache-Status
EXPIRED
NEL
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Server
cloudflare
Vary
Accept-Encoding
Report-To
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=gOLt9RzCviiLCmiLZwvH9R%2FpYmPjYv2PARDjzYQtRyU5c7F9wLOC5U10UkqEKADaYMileEzsjWqxqpViU%2B8iOhVF3zlT1SjOPEJUiVqlQY8eeA1x1dMyq37y2KxVHQO4QdPTm9Vyf1n2oaELsFgR"}],"group":"cf-nel","max_age":604800}
Location
https://img.root-top.com/topsite/turfgagnant/banner.gif
Cache-Control
max-age=14400
Connection
keep-alive
CF-RAY
84fdd5defb97d676-CDG
alt-svc
h3=":443"; ma=86400
Content-Length
0
banner.gif
img.root-top.com/topsite/lc13/ Frame 3259
Redirect Chain
  • http://img.root-top.com/topsite/lc13/banner.gif
  • https://img.root-top.com/topsite/lc13/banner.gif
4 KB
5 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://img.root-top.com/topsite/lc13/banner.gif
Requested by
Host: www.turf.dafun.com
URL: http://www.turf.dafun.com/pronos/eldorado/
Protocol
H2
Server
2606:4700:3038::6815:ea1b , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
597b8d67ab1ae1248dc69b6ef66b49d95eedc1ab74ae74234d86e3668d72e58e

Request headers

accept-language
fr-FR,fr;q=0.9
Referer
http://www.turf.dafun.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date
Sat, 03 Feb 2024 21:40:59 GMT
cf-cache-status
REVALIDATED
last-modified
Tue, 29 Nov 2022 12:52:50 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
etag
"1229025579"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=78VJkEOVl%2B%2FSjXnoqMQMoQ83vo2FvL9DJP6TBpidt1zGdfGAvnSTZR5UkP%2BnPf6wDooVEitLqa%2BDX8LujAHonm%2BFlYAt%2F4H6i2Ua2CX%2FJ2Jm1GZntyHCyiL1MEm%2FkKNIxVoRb1AJiId3ixcOUWo4"}],"group":"cf-nel","max_age":604800}
content-type
image/png
cache-control
max-age=2678400
accept-ranges
bytes
cf-ray
84fdd5df7abd2a53-CDG
alt-svc
h3=":443"; ma=86400
content-length
4424

Redirect headers

Date
Sat, 03 Feb 2024 21:40:59 GMT
CF-Cache-Status
HIT
NEL
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Server
cloudflare
Age
612
Vary
Accept-Encoding
Report-To
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=GHnJGWrIMxuN2jJUGLWEaq7jhHkUpPPdLzLLf11RKBBVZBLZSRmx6WmYdk0AvhBrhdfRjXQ12YxYYWMm5%2BEBKgFjuuU6pJGkLoBzKcbBExMQkhcViX7j6XQ4iod0KrxCDR9zjgUzaKFd5DJaOWHS"}],"group":"cf-nel","max_age":604800}
Location
https://img.root-top.com/topsite/lc13/banner.gif
Cache-Control
max-age=14400
Connection
keep-alive
CF-RAY
84fdd5defa796fde-CDG
alt-svc
h3=":443"; ma=86400
Content-Length
0
banner.gif
img.root-top.com/topsite/bienjouer/ Frame 3259
Redirect Chain
  • http://img.root-top.com/topsite/bienjouer/banner.gif
  • https://img.root-top.com/topsite/bienjouer/banner.gif
4 KB
5 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://img.root-top.com/topsite/bienjouer/banner.gif
Requested by
Host: www.turf.dafun.com
URL: http://www.turf.dafun.com/pronos/eldorado/
Protocol
H2
Server
2606:4700:3038::6815:ea1b , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
597b8d67ab1ae1248dc69b6ef66b49d95eedc1ab74ae74234d86e3668d72e58e

Request headers

accept-language
fr-FR,fr;q=0.9
Referer
http://www.turf.dafun.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date
Sat, 03 Feb 2024 21:40:59 GMT
cf-cache-status
HIT
last-modified
Tue, 29 Nov 2022 12:52:50 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
age
430318
etag
"1229025579"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=onv4Q%2BKfF4vlRzLfJr17W2Dj%2FMou8OIcSpNu%2BByGkB%2FnugmgZvfjCg%2FlozBe5pwoM%2BVpg%2FTWKh9fHtPYepcvR5pwt9ujMgyYqmx9c4ShF%2FdSPyTOR1rxUEm7QNZ%2BC4XH%2B%2FRsRnd0QkcszTRBlutX"}],"group":"cf-nel","max_age":604800}
content-type
image/png
cache-control
max-age=2678400
accept-ranges
bytes
cf-ray
84fdd5df7abb2a53-CDG
alt-svc
h3=":443"; ma=86400
content-length
4424

Redirect headers

Date
Sat, 03 Feb 2024 21:40:59 GMT
CF-Cache-Status
HIT
NEL
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Server
cloudflare
Age
24
Vary
Accept-Encoding
Report-To
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=No%2F7iXiN9V0QcWOO%2FvOeAnaQtm%2BD5PK3fBQc%2BWxFXzmqI6pnCHNGtc9vFNOM5ZgSrq0Ec7k54RwwtBljKWR11%2FvvnRgmx98i%2B%2B1Pd0kHDaEOK7sQmwHT3pMtBx7xR0aclEbuTPvKVfV%2BgngY9oKT"}],"group":"cf-nel","max_age":604800}
Location
https://img.root-top.com/topsite/bienjouer/banner.gif
Cache-Control
max-age=14400
Connection
keep-alive
CF-RAY
84fdd5defd63d6ca-CDG
alt-svc
h3=":443"; ma=86400
Content-Length
0
eldorado.jpg
www.turf.dafun.com/pronos/eldorado/ Frame 3259 		55 KB
55 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
http://www.turf.dafun.com/pronos/eldorado/eldorado.jpg
Requested by
Host: www.turf.dafun.com
URL: http://www.turf.dafun.com/pronos/eldorado/
Protocol
HTTP/1.1
Server
194.150.236.165 , France, ASN44976 (HIWIT_AS, FR),
Reverse DNS
ns5.hiwit.net
Software
Apache /
Resource Hash
29f3ca506c51550e64acfefb8f2d3052f51e00f54807b1b79e126d1d5e66dace

Request headers

accept-language
fr-FR,fr;q=0.9
Referer
http://www.turf.dafun.com/pronos/eldorado/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

Date
Sat, 03 Feb 2024 21:40:59 GMT
Last-Modified
Thu, 22 Sep 2022 16:57:03 GMT
Server
Apache
ETag
"179a42a-dc0c-5e946f35575c0"
Vary
Host
Content-Type
image/jpeg
Connection
Keep-Alive
Accept-Ranges
bytes
Keep-Alive
timeout=15, max=99
Content-Length
56332
checkout.apu
payment.allopass.com/buy/ Frame 3259 		11 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://payment.allopass.com/buy/checkout.apu?ids=357171&idd=1558048&lang=fr
Requested by
Host: www.turf.dafun.com
URL: http://www.turf.dafun.com/pronos/eldorado/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
185.119.26.1 , France, ASN203544 (WEBDEVIIN-AS, FR),
Reverse DNS
1.26.119.185.in-addr.arpa
Software
Apache /
Resource Hash
d8b343dfc551b7ce16003de4f4ba1cd2a1e69142ce1c182be9bd98c984730b14

Request headers

accept-language
fr-FR,fr;q=0.9
Referer
http://www.turf.dafun.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

Pragma
no-cache
Date
Sat, 03 Feb 2024 21:40:59 GMT
Content-Encoding
gzip
Server
Apache
Vary
Accept-Encoding
P3P
CP='NON NID OTPa OUR NOR' policy-ref='http://payment.allopass.com/info/p3p/policy-references.xml'
Content-Type
text/html
Cache-Control
no-store, no-cache, must-revalidate, post-check=0, pre-check=0
Connection
close
Content-Length
2963
Expires
Thu, 19 Nov 1981 08:52:00 GMT
script.php
script.starpass.fr/ Frame 3259 		140 B
376 B 		Script
General
Check archive.org
Download Go to
Full URL
https://script.starpass.fr/script.php?idd=443726&datas=
Requested by
Host: www.turf.dafun.com
URL: http://www.turf.dafun.com/pronos/eldorado/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
194.0.255.28 , France, ASN8218 (NEO-ASN legacy Neotelecoms, FR),
Reverse DNS
srv28.bdmultimedia.fr
Software
Apache /
Resource Hash
507efaac16125c31d4e60f734a40af395ecc7bafca27eab017b2a75d3716a2aa

Request headers

accept-language
fr-FR,fr;q=0.9
Referer
http://www.turf.dafun.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

Date
Sat, 03 Feb 2024 21:39:57 GMT
Content-Encoding
gzip
Server
Apache
Vary
Accept-Encoding,User-Agent
Content-Type
text/html; charset=UTF-8
Connection
Keep-Alive
Keep-Alive
timeout=2, max=100
Content-Length
129
eldorado2.jpg
www.turf.dafun.com/pronos/eldorado/ Frame 3259 		69 KB
69 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
http://www.turf.dafun.com/pronos/eldorado/eldorado2.jpg
Requested by
Host: www.turf.dafun.com
URL: http://www.turf.dafun.com/pronos/eldorado/
Protocol
HTTP/1.1
Server
194.150.236.165 , France, ASN44976 (HIWIT_AS, FR),
Reverse DNS
ns5.hiwit.net
Software
Apache /
Resource Hash
0093abb8ef487d4b0f6ebf4428a10b6cbc568e3a9ee4d2c1952558058ee765bd

Request headers

accept-language
fr-FR,fr;q=0.9
Referer
http://www.turf.dafun.com/pronos/eldorado/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

Date
Sat, 03 Feb 2024 21:40:59 GMT
Last-Modified
Thu, 22 Sep 2022 16:57:03 GMT
Server
Apache
ETag
"1792061-1136d-5e946f35575c0"
Vary
Host
Content-Type
image/jpeg
Connection
Keep-Alive
Accept-Ranges
bytes
Keep-Alive
timeout=15, max=100
Content-Length
70509
h3.png
www.turf.dafun.com/pronos/eldorado/ Frame 3259 		28 KB
28 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
http://www.turf.dafun.com/pronos/eldorado/h3.png
Requested by
Host: www.turf.dafun.com
URL: http://www.turf.dafun.com/pronos/eldorado/
Protocol
HTTP/1.1
Server
194.150.236.165 , France, ASN44976 (HIWIT_AS, FR),
Reverse DNS
ns5.hiwit.net
Software
Apache /
Resource Hash
4103a48360d7ad6f3d65bb17b874666e5a0accc397cc19dde8df0fdf2bb3acdc

Request headers

accept-language
fr-FR,fr;q=0.9
Referer
http://www.turf.dafun.com/pronos/eldorado/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

Date
Sat, 03 Feb 2024 21:40:59 GMT
Last-Modified
Thu, 22 Sep 2022 16:57:04 GMT
Server
Apache
ETag
"e75e94-6e9d-5e946f364b800"
Vary
Host
Content-Type
image/png
Connection
Keep-Alive
Accept-Ranges
bytes
Keep-Alive
timeout=15, max=99
Content-Length
28317
arp.jpg
www.turf.dafun.com/pronos/eldorado/ Frame 3259 		124 KB
124 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
http://www.turf.dafun.com/pronos/eldorado/arp.jpg
Requested by
Host: www.turf.dafun.com
URL: http://www.turf.dafun.com/pronos/eldorado/
Protocol
HTTP/1.1
Server
194.150.236.165 , France, ASN44976 (HIWIT_AS, FR),
Reverse DNS
ns5.hiwit.net
Software
Apache /
Resource Hash
697fb4b156591227c75b5c3dec99208d1e32415bc194eb9fbeab4c486ec12fed

Request headers

accept-language
fr-FR,fr;q=0.9
Referer
http://www.turf.dafun.com/pronos/eldorado/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

Date
Sat, 03 Feb 2024 21:40:59 GMT
Last-Modified
Thu, 22 Sep 2022 16:57:01 GMT
Server
Apache
ETag
"179a42b-1f0c6-5e946f336f140"
Vary
Host
Content-Type
image/jpeg
Connection
Keep-Alive
Accept-Ranges
bytes
Keep-Alive
timeout=15, max=100
Content-Length
127174
h2.png
www.turf.dafun.com/pronos/eldorado/ Frame 3259 		28 KB
28 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
http://www.turf.dafun.com/pronos/eldorado/h2.png
Requested by
Host: www.turf.dafun.com
URL: http://www.turf.dafun.com/pronos/eldorado/
Protocol
HTTP/1.1
Server
194.150.236.165 , France, ASN44976 (HIWIT_AS, FR),
Reverse DNS
ns5.hiwit.net
Software
Apache /
Resource Hash
6e2e73e8db9c1a04d245326289a4315454d9491fd24f3d5977cdaee3063c2b30

Request headers

accept-language
fr-FR,fr;q=0.9
Referer
http://www.turf.dafun.com/pronos/eldorado/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

Date
Sat, 03 Feb 2024 21:40:59 GMT
Last-Modified
Thu, 22 Sep 2022 16:57:04 GMT
Server
Apache
ETag
"e75e90-6e6d-5e946f364b800"
Vary
Host
Content-Type
image/png
Connection
Keep-Alive
Accept-Ranges
bytes
Keep-Alive
timeout=15, max=100
Content-Length
28269
menu.png
www.turf.dafun.com/pronos/eldorado/ Frame 3259 		63 KB
64 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
http://www.turf.dafun.com/pronos/eldorado/menu.png
Requested by
Host: www.turf.dafun.com
URL: http://www.turf.dafun.com/pronos/eldorado/
Protocol
HTTP/1.1
Server
194.150.236.165 , France, ASN44976 (HIWIT_AS, FR),
Reverse DNS
ns5.hiwit.net
Software
Apache /
Resource Hash
d488c8743c235723e2be1e3353c95b95f17c50ea3e9ac37224246c08ee36108e

Request headers

accept-language
fr-FR,fr;q=0.9
Referer
http://www.turf.dafun.com/pronos/eldorado/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

Date
Sat, 03 Feb 2024 21:40:59 GMT
Last-Modified
Thu, 22 Sep 2022 16:57:05 GMT
Server
Apache
ETag
"e75edf-fdb5-5e946f373fa40"
Vary
Host
Content-Type
image/png
Connection
Keep-Alive
Accept-Ranges
bytes
Keep-Alive
timeout=15, max=100
Content-Length
64949
date.png
www.turf.dafun.com/pronos/eldorado/ Frame 3259 		68 KB
68 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
http://www.turf.dafun.com/pronos/eldorado/date.png
Requested by
Host: www.turf.dafun.com
URL: http://www.turf.dafun.com/pronos/eldorado/
Protocol
HTTP/1.1
Server
194.150.236.165 , France, ASN44976 (HIWIT_AS, FR),
Reverse DNS
ns5.hiwit.net
Software
Apache /
Resource Hash
822f372f184eff57c357a46c4563265507633a8b92b6544224300e21c7ba06fe

Request headers

accept-language
fr-FR,fr;q=0.9
Referer
http://www.turf.dafun.com/pronos/eldorado/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

Date
Sat, 03 Feb 2024 21:40:59 GMT
Last-Modified
Thu, 22 Sep 2022 16:57:03 GMT
Server
Apache
ETag
"e75e62-1100f-5e946f35575c0"
Vary
Host
Content-Type
image/png
Connection
Keep-Alive
Accept-Ranges
bytes
Keep-Alive
timeout=15, max=100
Content-Length
69647
alternate-barre.htm
www.venez.fr/ Frame 111D 		2 KB
1 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://www.venez.fr/alternate-barre.htm
Requested by
Host: www.eldorado.1s.fr
URL: http://www.eldorado.1s.fr/barre-eldorado.1s.fr.html
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
5.135.149.81 Le Chesnay, France, ASN16276 (OVH, FR),
Reverse DNS
web3.venez.net
Software
Apache /
Resource Hash
026ab01b634b3f73bf0a0432bfe4e6bc4f4ac95d2a996adbc9b5446f36567b0e

Request headers

Referer
http://www.eldorado.1s.fr/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36
accept-language
fr-FR,fr;q=0.9

Response headers

Connection
Keep-Alive
Content-Encoding
gzip
Content-Length
872
Content-Type
text/html; charset=iso-8859-1
Date
Sat, 03 Feb 2024 21:40:58 GMT
Keep-Alive
timeout=5, max=99
Server
Apache
Vary
Accept-Encoding
barre90.gif
www.venez.fr/images/ Frame FA5F 		110 B
416 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.venez.fr/images/barre90.gif
Requested by
Host: www.eldorado.1s.fr
URL: http://www.eldorado.1s.fr/barre-eldorado.1s.fr.html
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
5.135.149.81 Le Chesnay, France, ASN16276 (OVH, FR),
Reverse DNS
web3.venez.net
Software
Apache /
Resource Hash
49d4ba84e10d9d1f2a83956dde4f20625fd11efc01f60a3a4552a9e09a05a74f

Request headers

accept-language
fr-FR,fr;q=0.9
Referer
http://www.eldorado.1s.fr/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

Date
Sat, 03 Feb 2024 21:40:58 GMT
Last-Modified
Thu, 15 Nov 2018 22:06:23 GMT
Server
Apache
ETag
"6e-57abb42dff5c0"
Content-Type
image/gif
Cache-Control
max-age=604800, public
Connection
Keep-Alive
Accept-Ranges
bytes
Keep-Alive
timeout=5, max=99
Content-Length
110
120x60.gif
www.venez.fr/images/ Frame 111D 		4 KB
4 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.venez.fr/images/120x60.gif
Requested by
Host: www.venez.fr
URL: https://www.venez.fr/alternate-barre.htm
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
5.135.149.81 Le Chesnay, France, ASN16276 (OVH, FR),
Reverse DNS
web3.venez.net
Software
Apache /
Resource Hash
7dc792d48132ff15a9ad8c11a139bf26f8e13aa3df30a71582ae406ddffdab4f

Request headers

accept-language
fr-FR,fr;q=0.9
Referer
https://www.venez.fr/alternate-barre.htm
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

Date
Sat, 03 Feb 2024 21:40:58 GMT
Last-Modified
Wed, 02 Mar 2011 00:16:24 GMT
Server
Apache
ETag
"f4c-49d74d2b9c600"
Content-Type
image/gif
Cache-Control
max-age=604800, public
Connection
Keep-Alive
Accept-Ranges
bytes
Keep-Alive
timeout=5, max=98
Content-Length
3916
site.js
www.venez.fr/js/ Frame 111D 		2 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.venez.fr/js/site.js?www.venez.fr
Requested by
Host: www.venez.fr
URL: https://www.venez.fr/alternate-barre.htm
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
5.135.149.81 Le Chesnay, France, ASN16276 (OVH, FR),
Reverse DNS
web3.venez.net
Software
Apache /
Resource Hash
0c91a24c2deb753c963c48cd9c3e5d16ee96128b30bce193c4324e121728c306

Request headers

accept-language
fr-FR,fr;q=0.9
Referer
https://www.venez.fr/alternate-barre.htm
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

Date
Sat, 03 Feb 2024 21:40:58 GMT
Content-Encoding
gzip
Last-Modified
Sat, 03 Feb 2024 21:40:58 GMT
Server
Apache
Vary
Accept-Encoding
Content-Type
application/javascript
Cache-Control
public, max-age=604800
Connection
Keep-Alive
Keep-Alive
timeout=5, max=98
Content-Length
1023
Expires
Sat, 10 Feb 2024 21:40:58 GMT
barre90.gif
www.venez.fr/images/ Frame 111D 		110 B
416 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.venez.fr/images/barre90.gif
Requested by
Host: www.venez.fr
URL: https://www.venez.fr/alternate-barre.htm
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
5.135.149.81 Le Chesnay, France, ASN16276 (OVH, FR),
Reverse DNS
web3.venez.net
Software
Apache /
Resource Hash
49d4ba84e10d9d1f2a83956dde4f20625fd11efc01f60a3a4552a9e09a05a74f

Request headers

accept-language
fr-FR,fr;q=0.9
Referer
https://www.venez.fr/alternate-barre.htm
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

Date
Sat, 03 Feb 2024 21:40:58 GMT
Last-Modified
Thu, 15 Nov 2018 22:06:23 GMT
Server
Apache
ETag
"6e-57abb42dff5c0"
Content-Type
image/gif
Cache-Control
max-age=604800, public
Connection
Keep-Alive
Accept-Ranges
bytes
Keep-Alive
timeout=5, max=97
Content-Length
110
gtm.js
www.googletagmanager.com/ Frame 3259 		168 KB
61 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtm.js?id=GTM-NVK252XV
Requested by
Host: payment.allopass.com
URL: https://payment.allopass.com/buy/checkout.apu?ids=357171&idd=1558048&lang=fr
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:811::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
19e7adf7a473cfda0036df5177ff4fb99c9708f98d4210c823bcfa675f4cd9c0
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

accept-language
fr-FR,fr;q=0.9
Referer
http://www.turf.dafun.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date
Sat, 03 Feb 2024 21:40:59 GMT
content-encoding
br
strict-transport-security
max-age=31536000; includeSubDomains
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
62126
x-xss-protection
0
last-modified
Sat, 03 Feb 2024 21:00:00 GMT
server
Google Tag Manager
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
access-control-allow-headers
Cache-Control
expires
Sat, 03 Feb 2024 21:40:59 GMT
buy-button.css
payment.allopass.com/static/css/ Frame 3259 		2 KB
830 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://payment.allopass.com/static/css/buy-button.css?1
Requested by
Host: payment.allopass.com
URL: https://payment.allopass.com/buy/checkout.apu?ids=357171&idd=1558048&lang=fr
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
185.119.26.1 , France, ASN203544 (WEBDEVIIN-AS, FR),
Reverse DNS
1.26.119.185.in-addr.arpa
Software
Apache /
Resource Hash
95eb15e76b752a9c78d6281cd3b7c43a8fbc2931783edf3bf3703af55eff06e2

Request headers

accept-language
fr-FR,fr;q=0.9
Referer
http://www.turf.dafun.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

Date
Sat, 03 Feb 2024 21:40:59 GMT
Content-Encoding
gzip
Last-Modified
Mon, 21 Aug 2023 10:50:27 GMT
Server
Apache
ETag
"235e8-69a-6036ca56d02c0"
Vary
Accept-Encoding
Content-Type
text/css
Connection
close
Accept-Ranges
bytes
Content-Length
546
162x56.png
payment.allopass.com/static/buy/button/fr/ Frame 3259 		6 KB
6 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://payment.allopass.com/static/buy/button/fr/162x56.png
Requested by
Host: www.turf.dafun.com
URL: http://www.turf.dafun.com/pronos/eldorado/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
185.119.26.1 , France, ASN203544 (WEBDEVIIN-AS, FR),
Reverse DNS
1.26.119.185.in-addr.arpa
Software
Apache /
Resource Hash
7dd9659e56e92abc376e04d427903b2cfca1d52d854d38e35fefa4cf9e7fd9db

Request headers

accept-language
fr-FR,fr;q=0.9
Referer
http://www.turf.dafun.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

Date
Sat, 03 Feb 2024 21:40:59 GMT
Last-Modified
Mon, 21 Aug 2023 10:50:27 GMT
Server
Apache
ETag
"216d8-1688-6036ca56d02c0"
Content-Type
image/png
Connection
close
Accept-Ranges
bytes
Content-Length
5768
bt_ok.gif
payment.allopass.com/imgweb/common/ Frame 3259 		753 B
991 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://payment.allopass.com/imgweb/common/bt_ok.gif
Requested by
Host: www.turf.dafun.com
URL: http://www.turf.dafun.com/pronos/eldorado/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
185.119.26.1 , France, ASN203544 (WEBDEVIIN-AS, FR),
Reverse DNS
1.26.119.185.in-addr.arpa
Software
Apache /
Resource Hash
d1d6b5efe0d6c2540778435a8f7873cbec1eb76a2b107370388a8806cb5dda6a

Request headers

accept-language
fr-FR,fr;q=0.9
Referer
http://www.turf.dafun.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

Date
Sat, 03 Feb 2024 21:40:59 GMT
Last-Modified
Tue, 26 Nov 2019 14:39:46 GMT
Server
Apache
ETag
"22a09-2f1-59840d9fb3080"
Content-Type
image/gif
Connection
close
Accept-Ranges
bytes
Content-Length
753
arpnum.png
www.turf.dafun.com/pronos/eldorado/ Frame 3259 		32 KB
32 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
http://www.turf.dafun.com/pronos/eldorado/arpnum.png
Requested by
Host: www.turf.dafun.com
URL: http://www.turf.dafun.com/pronos/eldorado/
Protocol
HTTP/1.1
Server
194.150.236.165 , France, ASN44976 (HIWIT_AS, FR),
Reverse DNS
ns5.hiwit.net
Software
Apache /
Resource Hash
d606eef7c4d884672947a98bb478d3b2eb0baafd403ab2b7464512b495b264e1

Request headers

accept-language
fr-FR,fr;q=0.9
Referer
http://www.turf.dafun.com/pronos/eldorado/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

Date
Sat, 03 Feb 2024 21:40:59 GMT
Last-Modified
Thu, 22 Sep 2022 16:57:02 GMT
Server
Apache
ETag
"e75e56-803c-5e946f3463380"
Vary
Host
Content-Type
image/png
Connection
Keep-Alive
Accept-Ranges
bytes
Keep-Alive
timeout=15, max=98
Content-Length
32828
show_ads_impl_with_ama_fy2021.js
pagead2.googlesyndication.com/pagead/managed/js/adsense/m202401290101/ Frame FA5F 		406 KB
138 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202401290101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-5203714787387788&plah=www.eldorado.1s.fr&bust=31080817
Requested by
Host: pagead2.googlesyndication.com
URL: http://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
031500d6351944629b9e77e2101bd3132ae01ffaa6ef32d3442a0cab7e78ddd6
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
fr-FR,fr;q=0.9
Referer
http://www.eldorado.1s.fr/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date
Sat, 03 Feb 2024 21:40:59 GMT
content-encoding
br
x-content-type-options
nosniff
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
140922
x-xss-protection
0
server
cafe
etag
6131267401563275639
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
cache-control
private, max-age=3600, stale-while-revalidate=3600
timing-allow-origin
*
expires
Sat, 03 Feb 2024 21:40:59 GMT
zrt_lookup_inhead_fy2021.html
googleads.g.doubleclick.net/pagead/html/r20240131/r20190131/ Frame 33F4 		9 KB
5 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/html/r20240131/r20190131/zrt_lookup_inhead_fy2021.html?hello=world
Requested by
Host: pagead2.googlesyndication.com
URL: http://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
a4d94af534c700b4cc663a664528a8578fb4f73f09df71d98f331f70ae8f101b
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
http://www.eldorado.1s.fr/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36
accept-language
fr-FR,fr;q=0.9

Response headers

age
17047
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, max-age=1209600
content-encoding
br
content-length
4202
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Sat, 03 Feb 2024 16:56:52 GMT
etag
16527497774665505917
expires
Sat, 17 Feb 2024 16:56:52 GMT
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server
cafe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
destination
www.googletagmanager.com/gtag/ Frame 3259 		292 KB
96 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtag/destination?id=G-QG320G96PZ&l=dataLayer&cx=c
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-NVK252XV
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:811::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
fc7f2b7e00c5ef26e03a0dfa00b141f9923fe374051aaf76bb5eee2e926c135d
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

accept-language
fr-FR,fr;q=0.9
Referer
http://www.turf.dafun.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date
Sat, 03 Feb 2024 21:40:59 GMT
content-encoding
br
strict-transport-security
max-age=31536000; includeSubDomains
server
Google Tag Manager
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
access-control-allow-headers
Cache-Control
content-length
97825
x-xss-protection
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires
Sat, 03 Feb 2024 21:40:59 GMT
ads
googleads.g.doubleclick.net/pagead/ Frame 7D0E 		829 B
625 B 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5203714787387788&output=html&h=90&slotname=4563536207&adk=2647235303&adf=3604715433&pi=t.ma~as.4563536207&w=970&format=970x90&url=http%3A%2F%2Fwww.eldorado.1s.fr%2F&wgl=1&dt=1706996459618&bpp=3&bdt=318&idt=247&shv=r20240131&mjsv=m202401290101&ptt=9&saldr=aa&correlator=8274569897362&frm=23&ife=1&pv=2&ga_vid=1509317242.1706996460&ga_sid=1706996460&ga_hid=1582648563&ga_fc=0&nhd=1&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&adx=20&ady=0&biw=1600&bih=1200&isw=1600&ish=90&ifk=3809009385&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C44809004%2C31080817%2C95324154%2C95324161&oid=2&pvsid=2449212769014541&tmod=1568516736&uas=0&nvt=1&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C90&vis=1&rsz=o%7Co%7CaeE%7C&abl=NA&pfx=0&fu=4&bc=23&bz=1&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=1&uci=1.xr6klp9e08h&fsb=1&dtd=253
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202401290101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-5203714787387788&plah=www.eldorado.1s.fr&bust=31080817
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
eefa7b5365c43719920a85ec772566d436c1ebcafd50c98dcda6d46d55daed7c
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
http://www.eldorado.1s.fr/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36
accept-language
fr-FR,fr;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
private
content-encoding
br
content-length
404
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Sat, 03 Feb 2024 21:41:00 GMT
expires
Sat, 03 Feb 2024 21:41:00 GMT
observe-browsing-topics
?1
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server
cafe
timing-allow-origin
*
x-content-type-options
nosniff
x-xss-protection
0
sodar
pagead2.googlesyndication.com/getconfig/ Frame FA5F 		16 KB
12 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gda&tv=r20240131&st=env
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202401290101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-5203714787387788&plah=www.eldorado.1s.fr&bust=31080817
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
040e9068c9661b34cab1c5eafb92c2dc50a25133b58c41e61c8d5720812917c8
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
fr-FR,fr;q=0.9
Referer
http://www.eldorado.1s.fr/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date
Sat, 03 Feb 2024 21:41:00 GMT
content-encoding
br
x-content-type-options
nosniff
server
cafe
content-type
application/json; charset=UTF-8
access-control-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
12390
x-xss-protection
0
sodar2.js
tpc.googlesyndication.com/sodar/ Frame FA5F 		17 KB
7 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/sodar2.js
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202401290101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-5203714787387788&plah=www.eldorado.1s.fr&bust=31080817
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:808::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
fr-FR,fr;q=0.9
Referer
http://www.eldorado.1s.fr/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date
Sat, 03 Feb 2024 21:41:00 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
6386
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
etag
"1637097310169751"
vary
Accept-Encoding
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
expires
Sat, 03 Feb 2024 21:41:00 GMT
runner.html
tpc.googlesyndication.com/sodar/sodar2/225/ Frame DE50 		13 KB
5 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:808::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
http://www.eldorado.1s.fr/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36
accept-language
fr-FR,fr;q=0.9

Response headers

accept-ranges
bytes
age
23190
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, max-age=31536000
content-encoding
gzip
content-length
5046
content-type
text/html
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy
cross-origin
date
Sat, 03 Feb 2024 15:14:30 GMT
expires
Sun, 02 Feb 2025 15:14:30 GMT
last-modified
Mon, 21 Jun 2021 20:47:05 GMT
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server
sffe
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
aframe
www.google.com/recaptcha/api2/ Frame AAF9 		829 B
1 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://www.google.com/recaptcha/api2/aframe
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:830::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
GSE /
Resource Hash
17706adf5cb0624776a6d6fa0c4ae7e8d0d5a5978a773d0998334cffc2e1e2fd
Security Headers
Name Value
Content-Security-Policy script-src 'report-sample' 'nonce-CHOYxyy58dhLV6glgvqlvA' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
http://www.eldorado.1s.fr/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36
accept-language
fr-FR,fr;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
private, max-age=300
content-encoding
gzip
content-security-policy
script-src 'report-sample' 'nonce-CHOYxyy58dhLV6glgvqlvA' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-type
text/html; charset=utf-8
cross-origin-embedder-policy
require-corp
cross-origin-resource-policy
cross-origin
date
Sat, 03 Feb 2024 21:41:00 GMT
expires
Sat, 03 Feb 2024 21:41:00 GMT
report-to
{"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
server
GSE
x-content-type-options
nosniff
x-xss-protection
1; mode=block
IHSjRKKj3q_1Pt3c2sGWHmUCy_Bw5n5yhKh9CWyZSw4.js
pagead2.googlesyndication.com/bg/ Frame DE50 		39 KB
15 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/bg/IHSjRKKj3q_1Pt3c2sGWHmUCy_Bw5n5yhKh9CWyZSw4.js
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
2074a344a2a3deaff53edddcdac1961e6502cbf070e67e7284a87d096c994b0e
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
fr-FR,fr;q=0.9
Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date
Sat, 03 Feb 2024 10:55:41 GMT
content-encoding
br
x-content-type-options
nosniff
age
38719
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
15219
x-xss-protection
0
last-modified
Mon, 15 Jan 2024 09:58:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="botguard-scs"
vary
Accept-Encoding
report-to
{"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Sun, 02 Feb 2025 10:55:41 GMT
sodar
pagead2.googlesyndication.com/pagead/ Frame AAF9 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&li=gda_r20240131&jk=2449212769014541&rc=
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
fr-FR,fr;q=0.9
Referer
https://www.google.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers
generate_204
tpc.googlesyndication.com/ Frame DE50 		0
10 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/generate_204?syUdgA
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:808::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
fr-FR,fr;q=0.9
Referer
https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date
Sat, 03 Feb 2024 21:41:00 GMT
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
sodar
pagead2.googlesyndication.com/pagead/ Frame FA5F 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&t=2&li=gda_r20240131&jk=2449212769014541&bg=!4-Cl4K_NAAa8BdJLnAU7ADQBe5WfONktLJMnzHk68VFVRpXFh-bmpoLfp20khDWiY0aDDfUY5oAoE7dQjDVDcB_PB-faAgAAAERSAAAAAmgBB5kC6dEyXATMhlahBmtXyy-Fvf906JjlO9xA-NjGhCvw3gRCl5z7yw0hMDx7NnXLZaL27CQfeBX0cOpE9aSHMVvVPkFQPScJvGzenqEUR712NPAyIWMw_QMdQ7eVx53r-bgaenKlAAq_YvvyAnG4CYY3cpH5hsOnKbsyGecstRcxlLppwvjVa4cSZZ2E0tURmwnFlaneP6LLnkwQsiJ2iklV9AMA4hj8bz94LYeG3QIRD4HpzWAvCtOOZWFNfARymHRIGSfzBUyeLgowW-aw9mmKVM7y6DdSpX8cwuzPvTgnw0HOsrF0pDDgjoyRaoJ_VieN9ftuGhWaczN_wFLRZMFQ8VYQsp1ceOCcLPBepoxLakZ0wwzI2dLqqrtRwhC4Z4vmnSioKpB5aJwetmbSRDm61X3dO--RWAgbDk4azPc-TbcJ1_7ZMdVEfhIB_1z_lLRZCHAyRhH1Y0yvMh3OBYT53ERiU4E_hilKlExdE_tUmViyAbLVlUxJCdpgsfoCR1jQSFEaTemxWFYeNgPAQ6G2DMidCqgNzVbSPmyZG_tDRJKtCCd0RjJ7QJgnEYQFHirFhyiAMtCFgd1XoTj_XzZ60FBDIqOswkTJfONpRWQBS0XR5_sskaBrL7Wbu0sUt7WeFA7mAqXFbVfgcJxeQwosPmHYz8nYbvQqHmtWDaUMpXi2KWweN7ioPMpKf2ZBoItp7w8Pv4wqYx1_HrZ0ngllzI40AJZTAQz9V2h2joD2FTzRt9D1PSmehEq5CnhOa9PIYxRD6ozb_lhDqm_tVIitofzXsTkBFQ0an1nCTu6SC0K1c-j9zZTETHrUhuxAybeJnmmSvnAPjLCClhNF9mNTGShPxyCTiTm2tXt8e1el6wLRfzxtFERZcS5PA2e16hw8HztKgBXGs5UQRFweHZKb-LYSDnXGxO8xuHk4DH97XCarAm3TF_E4fNvQTif0jTnyJG6So7DP1CQHYEJ3_YHrEjvvJuRy0gCAzdQ
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
fr-FR,fr;q=0.9
Referer
http://www.eldorado.1s.fr/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

Verdicts & Comments Add Verdict or Comment

7 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| 0 object| 1 object| 2 object| google_reactive_ads_global_state object| google_ad_modifications number| google_global_correlator object| google_prev_clients

6 Cookies

Domain/Path Name / Value
payment.allopass.com/ Name: ShopSessionId
Value: 70cad9db-fe2f-4a1b-81a5-0b3bbfeb730a
.allopass.com/ Name: AP_CUSK
Value: 3642434958
.doubleclick.net/ Name: test_cookie
Value: CheckForPermission
.1s.fr/ Name: __gads
Value: ID=56e034dc2aaadb5b:T=1706996459:RT=1706996459:S=ALNI_MYY6l54-3ntiT9oqrxAEfu48XS94Q
.1s.fr/ Name: __gpi
Value: UID=00000d4fb8dfef84:T=1706996459:RT=1706996459:S=ALNI_MYAGqmBWGuKsWaTBxPVlqurbHtyBg
.1s.fr/ Name: __eoi
Value: ID=8c191df55ec14ace:T=1706996459:RT=1706996459:S=AA-AfjZvqQR5-5FYMohRkXNx2OFw

9 Console Messages

Source Level URL
Text
other warning URL: http://www.eldorado.1s.fr/
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: http://www.eldorado.1s.fr/
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: http://www.eldorado.1s.fr/
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: http://www.eldorado.1s.fr/
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: http://www.eldorado.1s.fr/
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: http://www.eldorado.1s.fr/
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: http://www.eldorado.1s.fr/
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: http://www.eldorado.1s.fr/
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: http://www.eldorado.1s.fr/
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

googleads.g.doubleclick.net
img.root-top.com
pagead2.googlesyndication.com
payment.allopass.com
script.starpass.fr
tpc.googlesyndication.com
www.eldorado.1s.fr
www.google.com
www.googletagmanager.com
www.turf.dafun.com
www.turfinfos.ouba.com
www.venez.fr
185.119.26.1
194.0.255.28
194.150.236.165
194.150.236.166
2606:4700:3038::6815:ea1a
2606:4700:3038::6815:ea1b
2a00:1450:4001:808::2001
2a00:1450:4001:811::2008
2a00:1450:4001:830::2002
2a00:1450:4001:830::2004
2a00:1450:4001:831::2002
5.135.149.81
0093abb8ef487d4b0f6ebf4428a10b6cbc568e3a9ee4d2c1952558058ee765bd
026ab01b634b3f73bf0a0432bfe4e6bc4f4ac95d2a996adbc9b5446f36567b0e
031500d6351944629b9e77e2101bd3132ae01ffaa6ef32d3442a0cab7e78ddd6
040e9068c9661b34cab1c5eafb92c2dc50a25133b58c41e61c8d5720812917c8
0c91a24c2deb753c963c48cd9c3e5d16ee96128b30bce193c4324e121728c306
17706adf5cb0624776a6d6fa0c4ae7e8d0d5a5978a773d0998334cffc2e1e2fd
19e7adf7a473cfda0036df5177ff4fb99c9708f98d4210c823bcfa675f4cd9c0
2074a344a2a3deaff53edddcdac1961e6502cbf070e67e7284a87d096c994b0e
28068736d9318e42687d103e81dbb946931a2fc07eac92b1c20753bfb80c1357
29f3ca506c51550e64acfefb8f2d3052f51e00f54807b1b79e126d1d5e66dace
3289fc83b622ca0a13683fa81b006a05de135d1938744d6e30e5c9be2f2d782a
3e231d8b55e0d395404165858511e1d581054d0ae6599cf119c1ee5123c1b731
4103a48360d7ad6f3d65bb17b874666e5a0accc397cc19dde8df0fdf2bb3acdc
49d4ba84e10d9d1f2a83956dde4f20625fd11efc01f60a3a4552a9e09a05a74f
507efaac16125c31d4e60f734a40af395ecc7bafca27eab017b2a75d3716a2aa
55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a
57913f8709a49064222528b156e05eb140892249b78881b19aba24cc31c30a84
597b8d67ab1ae1248dc69b6ef66b49d95eedc1ab74ae74234d86e3668d72e58e
61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb
697fb4b156591227c75b5c3dec99208d1e32415bc194eb9fbeab4c486ec12fed
6e2e73e8db9c1a04d245326289a4315454d9491fd24f3d5977cdaee3063c2b30
74c6118bbec561a3f22e28a968742efbed08965555c7282ede8dcc100bf159e9
7dc792d48132ff15a9ad8c11a139bf26f8e13aa3df30a71582ae406ddffdab4f
7dd9659e56e92abc376e04d427903b2cfca1d52d854d38e35fefa4cf9e7fd9db
7e2a686c7e3888aa0b905e942a1c021f9208c567db9de937af99c76ff14867ad
822f372f184eff57c357a46c4563265507633a8b92b6544224300e21c7ba06fe
95eb15e76b752a9c78d6281cd3b7c43a8fbc2931783edf3bf3703af55eff06e2
a4d94af534c700b4cc663a664528a8578fb4f73f09df71d98f331f70ae8f101b
a8cfab6c307310ca0a66fabbc9ea8285687d4778089e3106b1434a9bf1868b60
b3d1ff1c03e608adcedb1eb0620301291d21d70834b11c8e6f1d710351debd38
d1d6b5efe0d6c2540778435a8f7873cbec1eb76a2b107370388a8806cb5dda6a
d488c8743c235723e2be1e3353c95b95f17c50ea3e9ac37224246c08ee36108e
d606eef7c4d884672947a98bb478d3b2eb0baafd403ab2b7464512b495b264e1
d8b343dfc551b7ce16003de4f4ba1cd2a1e69142ce1c182be9bd98c984730b14
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
eefa7b5365c43719920a85ec772566d436c1ebcafd50c98dcda6d46d55daed7c
fc7f2b7e00c5ef26e03a0dfa00b141f9923fe374051aaf76bb5eee2e926c135d