urlscan.io logo urlscan.io
SecurityTrails logo

prosgagneursturf.fi4s.net Open in urlscan Pro
80.80.233.53  Public Scan

Go To Rescan Add Verdict Report
URL: http://prosgagneursturf.fi4s.net/index.php
Submission: On September 18 via manual from SN — Scanned from DE
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 9 IPs in 4 countries across 10 domains to perform 23 HTTP transactions. The main IP is 80.80.233.53, located in Switzerland and belongs to SAFEHOSTNET Colocation center in Geneva, CH. The main domain is prosgagneursturf.fi4s.net.
This is the only time prosgagneursturf.fi4s.net was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
7 80.80.233.53 21217 (SAFEHOSTN...)
3 185.119.26.1 203544 (WEBDEVIIN-AS)
1 194.150.236.190 44976 (HIWIT_AS)
4 4 2606:4700:303... 13335 (CLOUDFLAR...)
2 2001:bc8:1200... 12876 (Online SAS)
1 4 2606:4700:303... 13335 (CLOUDFLAR...)
1 198.187.31.103 22612 (NAMECHEAP...)
2 2a00:1450:400... 15169 (GOOGLE)
1 2606:4700:440... 13335 (CLOUDFLAR...)
3 2a00:1450:400... 15169 (GOOGLE)
23 9
7    80.80.233.53 (Switzerland)

ASN21217 (SAFEHOSTNET Colocation center in Geneva, CH)
PTR: hosting01.services.oxito.com
prosgagneursturf.fi4s.net
3    185.119.26.1 (France)

ASN203544 (WEBDEVIIN-AS, FR)
PTR: 1.26.119.185.in-addr.arpa
payment.allopass.com
1    194.150.236.190 (France)

ASN44976 (HIWIT_AS, FR)
PTR: ns30.hiwit.net
www.kadopronos.com
4    2606:4700:3038::6815:ea1b (United States)

ASN13335 (CLOUDFLARENET, US)
img.root-top.com
2    2001:bc8:1200:1b01::1 (France)

ASN12876 (Online SAS, FR)
i.goopics.net
4    2606:4700:3034::6815:15de (United States)

ASN13335 (CLOUDFLARENET, US)
www.pronostic-facile.fr
1    198.187.31.103 (United States)

ASN22612 (NAMECHEAP-NET, US)
PTR: premium10-5.web-hosting.com
resizup.com
2    2a00:1450:4001:806::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.googletagmanager.com
1    2606:4700:440e::6812:2fe6 (United States)

ASN13335 (CLOUDFLARENET, US)
static.cloudflareinsights.com
3    2a00:1450:4001:80f::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.google-analytics.com
Apex Domain
Subdomains		 Transfer
7 fi4s.net
prosgagneursturf.fi4s.net
336 KB
4 pronostic-facile.fr
www.pronostic-facile.fr
6 KB
4 root-top.com
img.root-top.com
2 KB
3 google-analytics.com
www.google-analytics.com — Cisco Umbrella Rank: 27
40 KB
3 allopass.com
payment.allopass.com
10 KB
2 googletagmanager.com
www.googletagmanager.com — Cisco Umbrella Rank: 62
85 KB
2 goopics.net
i.goopics.net — Cisco Umbrella Rank: 133293
219 KB
1 cloudflareinsights.com
static.cloudflareinsights.com — Cisco Umbrella Rank: 1027
5 KB
1 resizup.com
resizup.com
1 kadopronos.com
www.kadopronos.com
21 KB
23 10
Domain Requested by
7 prosgagneursturf.fi4s.net prosgagneursturf.fi4s.net
4 www.pronostic-facile.fr 1 redirects prosgagneursturf.fi4s.net
www.pronostic-facile.fr
static.cloudflareinsights.com
4 img.root-top.com 4 redirects
3 www.google-analytics.com www.googletagmanager.com
www.google-analytics.com
3 payment.allopass.com prosgagneursturf.fi4s.net
payment.allopass.com
2 www.googletagmanager.com payment.allopass.com
www.pronostic-facile.fr
2 i.goopics.net prosgagneursturf.fi4s.net
1 static.cloudflareinsights.com www.pronostic-facile.fr
1 resizup.com prosgagneursturf.fi4s.net
1 www.kadopronos.com prosgagneursturf.fi4s.net
23 10

This site contains links to these domains. Also see Links.

Domain
payment.allopass.com
www.kadopronos.com
www.root-top.com
resizup.com
Subject Issuer Validity Valid
*.allopass.com
Gandi Standard SSL CA 2		 2021-10-08 -
2022-10-08		 a year crt.sh
resizup.com
ZeroSSL RSA Domain Secure Site CA		 2022-08-29 -
2022-11-27		 3 months crt.sh
*.google-analytics.com
GTS CA 1C3		 2022-08-29 -
2022-11-21		 3 months crt.sh
sni.cloudflaressl.com
Cloudflare Inc ECC CA-3		 2022-05-11 -
2023-05-11		 a year crt.sh

This page contains 2 frames:

Primary Page: http://prosgagneursturf.fi4s.net/index.php
Frame ID: 6EE9C5B3E571A4CEC6F96F82C9DD48E2
Requests: 18 HTTP requests in this frame

Frame: https://www.pronostic-facile.fr/widget/partner/quinte_result/all
Frame ID: 372DA628431C58C9AD36ADC8AAD8009E
Requests: 5 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page Title

prosgagneursturf

Detected technologies

Overall confidence: 100%
Detected patterns
  • \.php(?:$|\?)
Overall confidence: 100%
Detected patterns
  • static\.cloudflareinsights\.com/beacon(?:\.min)?\.js
Overall confidence: 100%
Detected patterns
  • google-analytics\.com/(?:ga|urchin|analytics)\.js
Overall confidence: 100%
Detected patterns
  • googletagmanager\.com/gtm\.js
  • googletagmanager\.com/gtag/js

Page Statistics

23
Requests

52 %
HTTPS

60 %
IPv6

10
Domains

10
Subdomains

9
IPs

4
Countries

721 kB
Transfer

930 kB
Size

5
Cookies

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 3
  • http://img.root-top.com/topsite/maxigains/banner.gif HTTP 301
  • https://img.root-top.com/topsite/maxigains/banner.gif HTTP 302
  • https://i.goopics.net/PX04d.gif
Request Chain 4
  • http://www.pronostic-facile.fr/widget/partner/script/quinte_result HTTP 301
  • https://www.pronostic-facile.fr/widget/partner/script/quinte_result
Request Chain 6
  • http://img.root-top.com/topsite/kadopronos/banner.gif HTTP 301
  • https://img.root-top.com/topsite/kadopronos/banner.gif HTTP 302
  • https://i.goopics.net/LnmwA.gif

23 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Primary Request index.php
prosgagneursturf.fi4s.net/ 		5 KB
5 KB 		Document
General
Check archive.org
Download Go to
Full URL
http://prosgagneursturf.fi4s.net/index.php
Protocol
HTTP/1.1
Server
80.80.233.53 , Switzerland, ASN21217 (SAFEHOSTNET Colocation center in Geneva, CH),
Reverse DNS
hosting01.services.oxito.com
Software
Apache/2.4.6 () OpenSSL/1.0.2k-fips mod_fcgid/2.3.9 / PHP/5.5.38
Resource Hash
7b7fde1c084096fb89cc75bbae8a17f25e9d27e894a1b1f5d7180cb118f88e7a

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

Content-Type
text/html
Date
Sun, 18 Sep 2022 07:55:28 GMT
Server
Apache/2.4.6 () OpenSSL/1.0.2k-fips mod_fcgid/2.3.9
Transfer-Encoding
chunked
X-Powered-By
PHP/5.5.38
super.css
prosgagneursturf.fi4s.net/css/ 		5 KB
5 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
http://prosgagneursturf.fi4s.net/css/super.css
Requested by
Host: prosgagneursturf.fi4s.net
URL: http://prosgagneursturf.fi4s.net/index.php
Protocol
HTTP/1.1
Server
80.80.233.53 , Switzerland, ASN21217 (SAFEHOSTNET Colocation center in Geneva, CH),
Reverse DNS
hosting01.services.oxito.com
Software
Apache/2.4.6 () OpenSSL/1.0.2k-fips mod_fcgid/2.3.9 /
Resource Hash
9a3c993cad38c2a9822e8f803f0cb86c96c85b11156c62e0416c343b2a617788

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://prosgagneursturf.fi4s.net/index.php
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

Date
Sun, 18 Sep 2022 07:55:29 GMT
Last-Modified
Sun, 19 Aug 2018 07:16:21 GMT
Server
Apache/2.4.6 () OpenSSL/1.0.2k-fips mod_fcgid/2.3.9
Accept-Ranges
bytes
ETag
"12d8-573c491d51b40"
Content-Length
4824
Content-Type
text/css
checkout.apu
payment.allopass.com/buy/ 		11 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://payment.allopass.com/buy/checkout.apu?ids=349346&idd=1528476&lang=fr
Requested by
Host: prosgagneursturf.fi4s.net
URL: http://prosgagneursturf.fi4s.net/index.php
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
185.119.26.1 , France, ASN203544 (WEBDEVIIN-AS, FR),
Reverse DNS
1.26.119.185.in-addr.arpa
Software
Apache /
Resource Hash
57ef70a4a7993c9861c692d062e4b91dbac1120911e77b59f4b1fafa238ca17e

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://prosgagneursturf.fi4s.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

Pragma
no-cache
Date
Sun, 18 Sep 2022 07:55:29 GMT
Content-Encoding
gzip
Server
Apache
Vary
Accept-Encoding
P3P
CP='NON NID OTPa OUR NOR' policy-ref='http://payment.allopass.com/info/p3p/policy-references.xml'
Cache-Control
no-store, no-cache, must-revalidate, post-check=0, pre-check=0
Connection
close
Content-Type
text/html
Content-Length
2962
Expires
Thu, 19 Nov 1981 08:52:00 GMT
logo.gif
www.kadopronos.com/ 		21 KB
21 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
http://www.kadopronos.com/logo.gif
Requested by
Host: prosgagneursturf.fi4s.net
URL: http://prosgagneursturf.fi4s.net/index.php
Protocol
HTTP/1.1
Server
194.150.236.190 , France, ASN44976 (HIWIT_AS, FR),
Reverse DNS
ns30.hiwit.net
Software
Apache /
Resource Hash
ccbbbd90275e710d90aef52a56eae643a1f37efd6152467a3087947470d49616

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://prosgagneursturf.fi4s.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

Date
Sun, 18 Sep 2022 07:55:29 GMT
Last-Modified
Thu, 03 May 2018 10:09:50 GMT
Server
Apache
ETag
"9797a3-5338-56b4a67655780"
Vary
Host
Content-Type
image/gif
Connection
Keep-Alive
Accept-Ranges
bytes
Keep-Alive
timeout=10, max=100
Content-Length
21304
PX04d.gif
i.goopics.net/
Redirect Chain
  • http://img.root-top.com/topsite/maxigains/banner.gif
  • https://img.root-top.com/topsite/maxigains/banner.gif
  • https://i.goopics.net/PX04d.gif
204 KB
205 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://i.goopics.net/PX04d.gif
Requested by
Host: prosgagneursturf.fi4s.net
URL: http://prosgagneursturf.fi4s.net/index.php
Protocol
H2
Server
2001:bc8:1200:1b01::1 , France, ASN12876 (Online SAS, FR),
Reverse DNS
Software
nginx/1.18.0 /
Resource Hash
7047a1c38d5aa14077198535062c8294a3fadc721030cb5c3d154fc988a4a431

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://prosgagneursturf.fi4s.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date
Sun, 18 Sep 2022 07:55:29 GMT
x-openstack-request-id
tx35cb5fdda52945658599f-0063084969
last-modified
Sun, 21 Nov 2021 03:46:46 GMT
server
nginx/1.18.0
x-iplb-request-id
339F9F8C:819C_5762BBC9:01BB_63084969_12FF26ED:21F6
etag
e4ac032f30bdaf9cf751eae5b786cfe1
x-iplb-instance
42086
x-object-meta-mtime
1594275471
access-control-allow-origin
*
x-timestamp
1637466405.26519
x-cache-status
HIT
accept-ranges
bytes
content-type
image/gif
content-length
208871
x-trans-id
tx35cb5fdda52945658599f-0063084969

Redirect headers

date
Sun, 18 Sep 2022 07:55:29 GMT
cf-cache-status
BYPASS
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=4S85Uc%2FuiSA740JSMo2Oz8C%2FXXKC%2FGHn%2Bw4D3B778RW5B0VbOfPwvJqFi%2BQDPWuMCUcGKB7nN8BhcAmfZQyCS80ArPl9skuxriuU%2BHe060m4HM7yX9mVX1sYGvcRrzQPEWC2Gi%2FgahjuM%2FhTrVef"}],"group":"cf-nel","max_age":604800}
content-type
text/html; charset=iso-8859-1
location
https://i.goopics.net/PX04d.gif
cf-ray
74c8850699ce9be2-FRA
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
quinte_result
www.pronostic-facile.fr/widget/partner/script/
Redirect Chain
  • http://www.pronostic-facile.fr/widget/partner/script/quinte_result
  • https://www.pronostic-facile.fr/widget/partner/script/quinte_result
250 B
843 B 		Script
General
Check archive.org
Download Go to
Full URL
https://www.pronostic-facile.fr/widget/partner/script/quinte_result
Requested by
Host: prosgagneursturf.fi4s.net
URL: http://prosgagneursturf.fi4s.net/index.php
Protocol
H2
Server
2606:4700:3034::6815:15de , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
384c8c2d901082eaea218d5e823a419e423c429e294879ed95621d0f0f947919

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://prosgagneursturf.fi4s.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

x-runtime
1
date
Sun, 18 Sep 2022 07:55:29 GMT
content-encoding
br
cf-cache-status
DYNAMIC
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=hDMcr%2FIvZdgo%2FjkPTUYlZAf6GAuFUwobEBjyz3BFCfqiheFnKnDrDHCr6gpmy78ejZ8s7buOP0nWvcjRnRgIuZjXw9uThzxIB6zMUODvwsx1xi%2BbotqAvmR3QqzX6KCDe0NYzLEFdGTNWpgEA3%2BAY3%2BmfzEmuA%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
text/html; charset=utf-8
cache-control
private, max-age=0, must-revalidate
cf-ray
74c885063d749273-FRA
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400

Redirect headers

Date
Sun, 18 Sep 2022 07:55:29 GMT
CF-Cache-Status
DYNAMIC
NEL
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Server
cloudflare
Transfer-Encoding
chunked
Report-To
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=kk%2FJ19814ETlRD7oDS35b1ERZF3CjYTfTbmp27hTh0VaNWce19r0Kfn5UyUaGa9pEyR0FOloqmXOXJ7dGAwA3BB4YfvqyaNjyrgsiJ430Qp531qhHIPkM5X6x7O0lY3C16%2FieyMZWCwrDN2ve17jCFOco8UXxw%3D%3D"}],"group":"cf-nel","max_age":604800}
Content-Type
text/html
Location
https://www.pronostic-facile.fr/widget/partner/script/quinte_result
Connection
keep-alive
CF-RAY
74c885059eee9bf8-FRA
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
ok.jpg
resizup.com/images/2017/07/22/ 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://resizup.com/images/2017/07/22/ok.jpg
Requested by
Host: prosgagneursturf.fi4s.net
URL: http://prosgagneursturf.fi4s.net/index.php
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
198.187.31.103 , United States, ASN22612 (NAMECHEAP-NET, US),
Reverse DNS
premium10-5.web-hosting.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://prosgagneursturf.fi4s.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers
LnmwA.gif
i.goopics.net/
Redirect Chain
  • http://img.root-top.com/topsite/kadopronos/banner.gif
  • https://img.root-top.com/topsite/kadopronos/banner.gif
  • https://i.goopics.net/LnmwA.gif
14 KB
14 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://i.goopics.net/LnmwA.gif
Requested by
Host: prosgagneursturf.fi4s.net
URL: http://prosgagneursturf.fi4s.net/index.php
Protocol
H2
Server
2001:bc8:1200:1b01::1 , France, ASN12876 (Online SAS, FR),
Reverse DNS
Software
nginx/1.18.0 /
Resource Hash
cf1cc11c728c992b102d06d1c56550ee351d7ee9e277a855ec63e7f675e3f495

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://prosgagneursturf.fi4s.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date
Sun, 18 Sep 2022 07:55:29 GMT
x-openstack-request-id
tx87eee453a08243bda3b82-0063084a4c
last-modified
Sun, 21 Nov 2021 01:23:57 GMT
server
nginx/1.18.0
x-iplb-request-id
339F9F8C:B0FC_3626E64B:01BB_63084A4C_1308FAA5:268FB
etag
48ec6f5f876a893e45d2a0283bb15f10
x-iplb-instance
33617
x-object-meta-mtime
1594675026
access-control-allow-origin
*
x-timestamp
1637457836.47758
x-cache-status
HIT
accept-ranges
bytes
content-type
image/gif
content-length
14129
x-trans-id
tx87eee453a08243bda3b82-0063084a4c

Redirect headers

date
Sun, 18 Sep 2022 07:55:29 GMT
cf-cache-status
BYPASS
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=HDWWlmYc25w3HBwXRuiXDk%2BMRxRBvdiD5SGDLxvaQ3U9wHvRHaiI9KqwXm4f91QAECnHK06nRry993HPv%2B2ERS3O0%2BvS60REobkAZUsWSCy4zFJBrBWJ%2FlEj902dQI%2BCEsr6uSL1DWgwG492LIKF"}],"group":"cf-nel","max_age":604800}
content-type
text/html; charset=iso-8859-1
location
https://i.goopics.net/LnmwA.gif
cf-ray
74c8850699cf9be2-FRA
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
ok.jpg
prosgagneursturf.fi4s.net/image/ 		66 KB
66 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
http://prosgagneursturf.fi4s.net/image/ok.jpg
Requested by
Host: prosgagneursturf.fi4s.net
URL: http://prosgagneursturf.fi4s.net/css/super.css
Protocol
HTTP/1.1
Server
80.80.233.53 , Switzerland, ASN21217 (SAFEHOSTNET Colocation center in Geneva, CH),
Reverse DNS
hosting01.services.oxito.com
Software
Apache/2.4.6 () OpenSSL/1.0.2k-fips mod_fcgid/2.3.9 /
Resource Hash
3270901aa47df15e51c241e1f1e4c6993d22cff56f1d728d0618edf5ba430c07

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://prosgagneursturf.fi4s.net/css/super.css
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

Date
Sun, 18 Sep 2022 07:55:29 GMT
Last-Modified
Sun, 19 Aug 2018 07:16:18 GMT
Server
Apache/2.4.6 () OpenSSL/1.0.2k-fips mod_fcgid/2.3.9
Accept-Ranges
bytes
ETag
"10866-573c491a75480"
Content-Length
67686
Content-Type
image/jpeg
menu.png
prosgagneursturf.fi4s.net/image/ 		14 KB
14 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
http://prosgagneursturf.fi4s.net/image/menu.png
Requested by
Host: prosgagneursturf.fi4s.net
URL: http://prosgagneursturf.fi4s.net/css/super.css
Protocol
HTTP/1.1
Server
80.80.233.53 , Switzerland, ASN21217 (SAFEHOSTNET Colocation center in Geneva, CH),
Reverse DNS
hosting01.services.oxito.com
Software
Apache/2.4.6 () OpenSSL/1.0.2k-fips mod_fcgid/2.3.9 /
Resource Hash
f31d6c83200f0f2f1d58d35c083e6f5bda5222d7f4d68122280980364885bfd5

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://prosgagneursturf.fi4s.net/css/super.css
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

Date
Sun, 18 Sep 2022 07:55:29 GMT
Last-Modified
Sun, 19 Aug 2018 07:16:17 GMT
Server
Apache/2.4.6 () OpenSSL/1.0.2k-fips mod_fcgid/2.3.9
Accept-Ranges
bytes
ETag
"387f-573c491981240"
Content-Length
14463
Content-Type
image/png
banniere.png
prosgagneursturf.fi4s.net/banniere/ 		186 KB
186 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
http://prosgagneursturf.fi4s.net/banniere/banniere.png
Requested by
Host: prosgagneursturf.fi4s.net
URL: http://prosgagneursturf.fi4s.net/css/super.css
Protocol
HTTP/1.1
Server
80.80.233.53 , Switzerland, ASN21217 (SAFEHOSTNET Colocation center in Geneva, CH),
Reverse DNS
hosting01.services.oxito.com
Software
Apache/2.4.6 () OpenSSL/1.0.2k-fips mod_fcgid/2.3.9 /
Resource Hash
09423457f31953968ce72643b67e874443ffdd7628a3ad1e7e89a9b373897f7b

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://prosgagneursturf.fi4s.net/css/super.css
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

Date
Sun, 18 Sep 2022 07:55:29 GMT
Last-Modified
Sun, 19 Aug 2018 07:16:28 GMT
Server
Apache/2.4.6 () OpenSSL/1.0.2k-fips mod_fcgid/2.3.9
Accept-Ranges
bytes
ETag
"2e758-573c4923feb00"
Content-Length
190296
Content-Type
image/png
gtm.js
www.googletagmanager.com/ 		112 KB
44 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtm.js?id=GTM-NHFGDSD
Requested by
Host: payment.allopass.com
URL: https://payment.allopass.com/buy/checkout.apu?ids=349346&idd=1528476&lang=fr
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:806::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
db342bde9c3a0228add427f9c639f74bfe69fbd15dd4249b3b45c85350ecb629
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://prosgagneursturf.fi4s.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date
Sun, 18 Sep 2022 07:55:30 GMT
content-encoding
br
vary
Accept-Encoding
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
44148
x-xss-protection
0
last-modified
Sun, 18 Sep 2022 06:00:00 GMT
server
Google Tag Manager
strict-transport-security
max-age=31536000; includeSubDomains
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
access-control-allow-headers
Cache-Control
expires
Sun, 18 Sep 2022 07:55:30 GMT
buy-button.css
payment.allopass.com/static/css/ 		2 KB
830 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://payment.allopass.com/static/css/buy-button.css?1
Requested by
Host: payment.allopass.com
URL: https://payment.allopass.com/buy/checkout.apu?ids=349346&idd=1528476&lang=fr
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
185.119.26.1 , France, ASN203544 (WEBDEVIIN-AS, FR),
Reverse DNS
1.26.119.185.in-addr.arpa
Software
Apache /
Resource Hash
95eb15e76b752a9c78d6281cd3b7c43a8fbc2931783edf3bf3703af55eff06e2

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://prosgagneursturf.fi4s.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

Date
Sun, 18 Sep 2022 07:55:30 GMT
Content-Encoding
gzip
Last-Modified
Tue, 16 Nov 2021 13:36:55 GMT
Server
Apache
ETag
"232e2-69a-5d0e804cbabc0"
Vary
Accept-Encoding
Content-Type
text/css
Connection
close
Accept-Ranges
bytes
Content-Length
546
162x56.png
payment.allopass.com/static/buy/button/fr/ 		6 KB
6 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://payment.allopass.com/static/buy/button/fr/162x56.png
Requested by
Host: prosgagneursturf.fi4s.net
URL: http://prosgagneursturf.fi4s.net/index.php
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
185.119.26.1 , France, ASN203544 (WEBDEVIIN-AS, FR),
Reverse DNS
1.26.119.185.in-addr.arpa
Software
Apache /
Resource Hash
7dd9659e56e92abc376e04d427903b2cfca1d52d854d38e35fefa4cf9e7fd9db

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://prosgagneursturf.fi4s.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

Date
Sun, 18 Sep 2022 07:55:30 GMT
Last-Modified
Tue, 16 Nov 2021 13:36:55 GMT
Server
Apache
ETag
"216d9-1688-5d0e804cbabc0"
Content-Type
image/png
Connection
close
Accept-Ranges
bytes
Content-Length
5768
all
www.pronostic-facile.fr/widget/partner/quinte_result/ Frame 372D 		8 KB
4 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://www.pronostic-facile.fr/widget/partner/quinte_result/all
Requested by
Host: www.pronostic-facile.fr
URL: http://www.pronostic-facile.fr/widget/partner/script/quinte_result
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3034::6815:15de , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
0e87d15ebb416dd97d216f5c2c49f53b1dff750fb3f9d2d0ebdc74e6ef10970b

Request headers

Referer
http://prosgagneursturf.fi4s.net/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
cache-control
private, max-age=0, must-revalidate
cf-cache-status
DYNAMIC
cf-ray
74c8850c8d6d9273-FRA
content-encoding
br
content-type
text/html; charset=utf-8
date
Sun, 18 Sep 2022 07:55:30 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=1wfCdGnzKMUEZctl4wvcQoALofuyC7odxvefAUQRiZwttl1cFAx98JYQCEJzqoD8tkWhHQNjn16rUbfqEMHv83BrNR9Rol3GoUoWM0BocgvauCaqCeCXVWIFhU2CAISY0XenJ9AX5KMml5aZqbFMV%2BjtNOXxVA%3D%3D"}],"group":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
x-runtime
1
menu.gif
prosgagneursturf.fi4s.net/image/ 		212 B
212 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
http://prosgagneursturf.fi4s.net/image/menu.gif
Requested by
Host: prosgagneursturf.fi4s.net
URL: http://prosgagneursturf.fi4s.net/css/super.css
Protocol
HTTP/1.1
Server
80.80.233.53 , Switzerland, ASN21217 (SAFEHOSTNET Colocation center in Geneva, CH),
Reverse DNS
hosting01.services.oxito.com
Software
Apache/2.4.6 () OpenSSL/1.0.2k-fips mod_fcgid/2.3.9 /
Resource Hash
97c84afc67d8ee2eef503b8cc34da2f23b4199340ae49c4ad5bef668087e68d0

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://prosgagneursturf.fi4s.net/css/super.css
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

Date
Sun, 18 Sep 2022 07:55:30 GMT
Server
Apache/2.4.6 () OpenSSL/1.0.2k-fips mod_fcgid/2.3.9
Content-Length
212
Content-Type
text/html; charset=iso-8859-1
IMPF.png
prosgagneursturf.fi4s.net/image/ 		59 KB
59 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
http://prosgagneursturf.fi4s.net/image/IMPF.png
Requested by
Host: prosgagneursturf.fi4s.net
URL: http://prosgagneursturf.fi4s.net/index.php
Protocol
HTTP/1.1
Server
80.80.233.53 , Switzerland, ASN21217 (SAFEHOSTNET Colocation center in Geneva, CH),
Reverse DNS
hosting01.services.oxito.com
Software
Apache/2.4.6 () OpenSSL/1.0.2k-fips mod_fcgid/2.3.9 /
Resource Hash
b2a9e2875a44f7a64db494a1db72f157304d1193406bbc537ba0aa35703d0647

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://prosgagneursturf.fi4s.net/index.php
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

Date
Sun, 18 Sep 2022 07:55:30 GMT
Last-Modified
Sun, 19 Aug 2018 07:16:16 GMT
Server
Apache/2.4.6 () OpenSSL/1.0.2k-fips mod_fcgid/2.3.9
Accept-Ranges
bytes
ETag
"ebe7-573c49188d000"
Content-Length
60391
Content-Type
image/png
js
www.googletagmanager.com/gtag/ Frame 372D 		106 KB
41 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtag/js?id=UA-630351-12
Requested by
Host: www.pronostic-facile.fr
URL: https://www.pronostic-facile.fr/widget/partner/quinte_result/all
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:806::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
7da3c0f0af97b43771bdf4cc0dc82c67203c3c435b7c4c21033936851cca1860
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.pronostic-facile.fr/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date
Sun, 18 Sep 2022 07:55:30 GMT
content-encoding
br
vary
Accept-Encoding
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42344
x-xss-protection
0
last-modified
Sun, 18 Sep 2022 06:00:00 GMT
server
Google Tag Manager
strict-transport-security
max-age=31536000; includeSubDomains
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
access-control-allow-headers
Cache-Control
expires
Sun, 18 Sep 2022 07:55:30 GMT
v652eace1692a40cfa3763df669d7439c1639079717194
static.cloudflareinsights.com/beacon.min.js/ Frame 372D 		14 KB
5 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.cloudflareinsights.com/beacon.min.js/v652eace1692a40cfa3763df669d7439c1639079717194
Requested by
Host: www.pronostic-facile.fr
URL: https://www.pronostic-facile.fr/widget/partner/quinte_result/all
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:440e::6812:2fe6 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
fd0a1ac929c11b08e819fe4b0a18c5574012c44f09de8987c6be99a0f055a505

Request headers

Referer
https://www.pronostic-facile.fr/
Origin
https://www.pronostic-facile.fr
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date
Sun, 18 Sep 2022 07:55:30 GMT
content-encoding
gzip
last-modified
Thu, 09 Dec 2021 19:55:17 GMT
server
cloudflare
etag
W/2021.12.0
vary
Accept-Encoding
content-type
text/javascript;charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=86400
cross-origin-resource-policy
cross-origin
cf-ray
74c8850d4e9f8ffe-FRA
analytics.js
www.google-analytics.com/ 		49 KB
20 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/analytics.js
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-NHFGDSD
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80f::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
a1925038db769477ab74b4df34350c35688a795bb718727b0f4292a4a78a6210
Security Headers
Name Value
Strict-Transport-Security max-age=10886400; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://prosgagneursturf.fi4s.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

strict-transport-security
max-age=10886400; includeSubDomains; preload
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Wed, 13 Apr 2022 21:02:38 GMT
server
Golfe2
age
3210
date
Sun, 18 Sep 2022 07:02:00 GMT
vary
Accept-Encoding
content-type
text/javascript
cache-control
public, max-age=7200
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
20006
expires
Sun, 18 Sep 2022 09:02:00 GMT
analytics.js
www.google-analytics.com/ Frame 372D 		49 KB
20 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/analytics.js
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=UA-630351-12
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80f::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
a1925038db769477ab74b4df34350c35688a795bb718727b0f4292a4a78a6210
Security Headers
Name Value
Strict-Transport-Security max-age=10886400; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.pronostic-facile.fr/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

strict-transport-security
max-age=10886400; includeSubDomains; preload
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Wed, 13 Apr 2022 21:02:38 GMT
server
Golfe2
age
3210
date
Sun, 18 Sep 2022 07:02:00 GMT
vary
Accept-Encoding
content-type
text/javascript
cache-control
public, max-age=7200
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
20006
expires
Sun, 18 Sep 2022 09:02:00 GMT
collect
www.google-analytics.com/j/ 		1 B
21 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/j/collect?v=1&_v=j96&a=130216028&t=pageview&_s=1&dl=http%3A%2F%2Fprosgagneursturf.fi4s.net%2Findex.php&ul=en-us&de=UTF-8&dt=prosgagneursturf&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=YEBAAEABAAAAAC~&jid=785611882&gjid=65687894&cid=823670897.1663487731&tid=UA-135619294-1&_gid=415408558.1663487731&_r=1&gtm=2wg9e0NHFGDSD&cd1=ALS-LIBS-CHECKOUT-15&cd2=1528476&cd3=349346&cd4=(not%20set)&cd5=classic&z=1910499095
Requested by
Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80f::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
http://prosgagneursturf.fi4s.net/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Sun, 18 Sep 2022 07:55:30 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
http://prosgagneursturf.fi4s.net
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
1
expires
Fri, 01 Jan 1990 00:00:00 GMT
rum
www.pronostic-facile.fr/cdn-cgi/ Frame 372D 		0
208 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://www.pronostic-facile.fr/cdn-cgi/rum?
Requested by
Host: static.cloudflareinsights.com
URL: https://static.cloudflareinsights.com/beacon.min.js/v652eace1692a40cfa3763df669d7439c1639079717194
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3034::6815:15de , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options DENY

Request headers

Referer
https://www.pronostic-facile.fr/widget/partner/quinte_result/all
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36
content-type
application/json

Response headers

date
Sun, 18 Sep 2022 07:55:30 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cloudflare
x-frame-options
DENY
access-control-allow-methods
POST,OPTIONS
content-type
text/plain
access-control-allow-origin
https://www.pronostic-facile.fr
access-control-max-age
86400
access-control-allow-credentials
true
cf-ray
74c8850e0e6b9bf8-FRA
vary
Origin

Verdicts & Comments Add Verdict or Comment

24 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| 0 object| onbeforeinput object| oncontextlost object| oncontextrestored function| structuredClone object| launchQueue object| onbeforematch object| navigation object| headID object| cssNode function| allopassButtons number| alreadyrunflag undefined| proto undefined| contentloadtag number| _timer object| dataLayer object| elts object| google_tag_manager object| google_tag_data string| GoogleAnalyticsObject function| ga object| gaplugins object| gaGlobal object| gaData

5 Cookies

Domain/Path Name / Value
payment.allopass.com/ Name: ShopSessionId
Value: ca8a95a8-2c06-4ec2-83e2-6fc948fe6b39
.allopass.com/ Name: AP_CUSK
Value: 3586510882
.fi4s.net/ Name: _ga
Value: GA1.2.823670897.1663487731
.fi4s.net/ Name: _gid
Value: GA1.2.415408558.1663487731
.fi4s.net/ Name: _gat_UA-135619294-1
Value: 1

2 Console Messages

Source Level URL
Text
network error URL: https://resizup.com/images/2017/07/22/ok.jpg
Message:
Failed to load resource: the server responded with a status of 404 ()
network error URL: http://prosgagneursturf.fi4s.net/image/menu.gif
Message:
Failed to load resource: the server responded with a status of 404 (Not Found)

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

i.goopics.net
img.root-top.com
payment.allopass.com
prosgagneursturf.fi4s.net
resizup.com
static.cloudflareinsights.com
www.google-analytics.com
www.googletagmanager.com
www.kadopronos.com
www.pronostic-facile.fr
185.119.26.1
194.150.236.190
198.187.31.103
2001:bc8:1200:1b01::1
2606:4700:3034::6815:15de
2606:4700:3038::6815:ea1b
2606:4700:440e::6812:2fe6
2a00:1450:4001:806::2008
2a00:1450:4001:80f::200e
80.80.233.53
09423457f31953968ce72643b67e874443ffdd7628a3ad1e7e89a9b373897f7b
0e87d15ebb416dd97d216f5c2c49f53b1dff750fb3f9d2d0ebdc74e6ef10970b
3270901aa47df15e51c241e1f1e4c6993d22cff56f1d728d0618edf5ba430c07
384c8c2d901082eaea218d5e823a419e423c429e294879ed95621d0f0f947919
57ef70a4a7993c9861c692d062e4b91dbac1120911e77b59f4b1fafa238ca17e
6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b
7047a1c38d5aa14077198535062c8294a3fadc721030cb5c3d154fc988a4a431
7b7fde1c084096fb89cc75bbae8a17f25e9d27e894a1b1f5d7180cb118f88e7a
7da3c0f0af97b43771bdf4cc0dc82c67203c3c435b7c4c21033936851cca1860
7dd9659e56e92abc376e04d427903b2cfca1d52d854d38e35fefa4cf9e7fd9db
95eb15e76b752a9c78d6281cd3b7c43a8fbc2931783edf3bf3703af55eff06e2
97c84afc67d8ee2eef503b8cc34da2f23b4199340ae49c4ad5bef668087e68d0
9a3c993cad38c2a9822e8f803f0cb86c96c85b11156c62e0416c343b2a617788
a1925038db769477ab74b4df34350c35688a795bb718727b0f4292a4a78a6210
b2a9e2875a44f7a64db494a1db72f157304d1193406bbc537ba0aa35703d0647
ccbbbd90275e710d90aef52a56eae643a1f37efd6152467a3087947470d49616
cf1cc11c728c992b102d06d1c56550ee351d7ee9e277a855ec63e7f675e3f495
db342bde9c3a0228add427f9c639f74bfe69fbd15dd4249b3b45c85350ecb629
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
f31d6c83200f0f2f1d58d35c083e6f5bda5222d7f4d68122280980364885bfd5
fd0a1ac929c11b08e819fe4b0a18c5574012c44f09de8987c6be99a0f055a505