URL: http://grosgain.6te.net/
Submission: On July 01 via manual from ML

Summary

This website contacted 9 IPs in 3 countries across 10 domains to perform 32 HTTP transactions. The main IP is 142.54.187.21, located in United States and belongs to NOCIX, US. The main domain is grosgain.6te.net.
This is the only time grosgain.6te.net was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
4 142.54.187.21 33387 (NOCIX)
1 194.150.236.190 44976 (HIWIT_AS)
1 194.150.236.236 44976 (HIWIT_AS)
2 2 2606:4700:303... 13335 (CLOUDFLAR...)
1 2a00:1450:400... 15169 (GOOGLE)
3 185.119.26.1 203544 (WEBDEVIIN-AS)
18 13.224.193.104 16509 (AMAZON-02)
1 72.9.150.244 30277 (DFW-DATAC...)
1 2a00:1450:400... 15169 (GOOGLE)
2 2a00:1450:400... 15169 (GOOGLE)
32 9
Domain Requested by
18 www.zone-turf.fr grosgain.6te.net
4 grosgain.6te.net grosgain.6te.net
3 payment.allopass.com grosgain.6te.net
payment.allopass.com
2 www.google-analytics.com www.googletagmanager.com
www.google-analytics.com
2 img.root-top.com 2 redirects
1 www.googletagmanager.com payment.allopass.com
1 www.freewebhostingarea.com grosgain.6te.net
1 1.bp.blogspot.com grosgain.6te.net
1 www.tresorturf.com grosgain.6te.net
1 www.turfqualite.com grosgain.6te.net
32 10
Subject Issuer Validity Valid
misc-sni.blogspot.com
GTS CA 1C3
2021-05-31 -
2021-08-23
3 months crt.sh
*.allopass.com
R3
2021-05-04 -
2021-08-02
3 months crt.sh
freewha.com
cPanel, Inc. Certification Authority
2021-05-25 -
2021-08-23
3 months crt.sh
*.google-analytics.com
GTS CA 1C3
2021-06-07 -
2021-08-30
3 months crt.sh
*.zone-turf.fr
Sectigo RSA Organization Validation Secure Server CA
2021-03-22 -
2022-03-22
a year crt.sh

This page contains 1 frames:

Primary Page: http://grosgain.6te.net/
Frame ID: 612139E786E7133690BFF5656FDE2555
Requests: 32 HTTP requests in this frame

Screenshot


Detected technologies

Overall confidence: 100%
Detected patterns
  • headers server /(?:Apache(?:$|\/([\d.]+)|[^/-])|(?:^|\b)HTTPD)/i

Overall confidence: 100%
Detected patterns
  • script /google-analytics\.com\/(?:ga|urchin|analytics)\.js/i

Page Statistics

32
Requests

78 %
HTTPS

40 %
IPv6

10
Domains

10
Subdomains

9
IPs

3
Countries

372 kB
Transfer

460 kB
Size

4
Cookies

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 4
  • http://img.root-top.com/topsite/andreturf/banner.gif HTTP 301
  • https://img.root-top.com/topsite/andreturf/banner.gif HTTP 302
  • https://1.bp.blogspot.com/-opH86gOfygg/XkEwY5zGGFI/AAAAAAAAAhY/EEJZ7wo4Lysj7ggD--RJw7QITLwwdbEaQCK4BGAYYCw/s1600/andreturf.gif

32 HTTP transactions

Resource
Path
Size
x-fer
Type
MIME-Type
Primary Request Cookie set /
grosgain.6te.net/
6 KB
6 KB
Document
General
Full URL
http://grosgain.6te.net/
Protocol
HTTP/1.1
Server
142.54.187.21 , United States, ASN33387 (NOCIX, US),
Reverse DNS
Software
Apache/2.4.48 / PHP/7.1.33
Resource Hash
32c17b0014ddd070d2499ae16c2ed3dc06813d2dc1456ca0e6038eab47718070

Request headers

Host
grosgain.6te.net
Connection
keep-alive
Pragma
no-cache
Cache-Control
no-cache
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Accept-Encoding
gzip, deflate
Accept-Language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Thu, 01 Jul 2021 19:30:08 GMT
Server
Apache/2.4.48
X-Powered-By
PHP/7.1.33
Expires
Thu, 19 Nov 1981 08:52:00 GMT
Cache-Control
no-store, no-cache, must-revalidate
Pragma
no-cache no-cache
Set-Cookie
PHPSESSID=jd8ht6m88f2f1k0gb81o5c3v9s; path=/
Upgrade
h2,h2c
Connection
Upgrade, Keep-Alive
Cache-control
no-cache
Keep-Alive
timeout=1, max=10000
Transfer-Encoding
chunked
Content-Type
text/html; charset=UTF-8
style1.css
grosgain.6te.net/styles/
7 KB
7 KB
Stylesheet
General
Full URL
http://grosgain.6te.net/styles/style1.css
Requested by
Host: grosgain.6te.net
URL: http://grosgain.6te.net/
Protocol
HTTP/1.1
Server
142.54.187.21 , United States, ASN33387 (NOCIX, US),
Reverse DNS
Software
Apache/2.4.48 /
Resource Hash
9381252750d75709b5c83db8c417183b955886ae11858a88a6db3a347a30beaa

Request headers

Pragma
no-cache
Accept-Encoding
gzip, deflate
Host
grosgain.6te.net
Accept-Language
en-US
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept
text/css,*/*;q=0.1
Referer
http://grosgain.6te.net/
Cookie
PHPSESSID=jd8ht6m88f2f1k0gb81o5c3v9s
Connection
keep-alive
Cache-Control
no-cache
Referer
http://grosgain.6te.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma
no-cache
Date
Thu, 01 Jul 2021 19:30:08 GMT
Last-Modified
Sat, 20 Jan 2018 14:24:27 GMT
Server
Apache/2.4.48
ETag
"1c48-56335f4523cc0"
Content-Type
text/css
Cache-control
no-cache
Connection
Keep-Alive
Accept-Ranges
bytes
Keep-Alive
timeout=1, max=9999
Content-Length
7240
Expires
Thu, 01 Jul 2021 19:30:08 GMT
grosgain.gif
grosgain.6te.net/images/
71 KB
71 KB
Image
General
Full URL
http://grosgain.6te.net/images/grosgain.gif
Requested by
Host: grosgain.6te.net
URL: http://grosgain.6te.net/
Protocol
HTTP/1.1
Server
142.54.187.21 , United States, ASN33387 (NOCIX, US),
Reverse DNS
Software
Apache/2.4.48 /
Resource Hash
4eafe679a3a9050bc11ae948a36fba1de46893f746c417cb547897cd01c7ec84

Request headers

Pragma
no-cache
Accept-Encoding
gzip, deflate
Host
grosgain.6te.net
Accept-Language
en-US
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept
image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
Referer
http://grosgain.6te.net/
Cookie
PHPSESSID=jd8ht6m88f2f1k0gb81o5c3v9s
Connection
keep-alive
Cache-Control
no-cache
Referer
http://grosgain.6te.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma
no-cache
Date
Thu, 01 Jul 2021 19:30:08 GMT
Last-Modified
Sat, 20 Jan 2018 14:22:17 GMT
Server
Apache/2.4.48
ETag
"11b5f-56335ec929840"
Upgrade
h2,h2c
Cache-control
no-cache
Connection
Upgrade, Keep-Alive
Accept-Ranges
bytes
Content-Type
image/gif
Keep-Alive
timeout=1, max=10000
Content-Length
72543
Expires
Thu, 01 Jul 2021 19:30:08 GMT
logo.gif
www.turfqualite.com/
14 KB
14 KB
Image
General
Full URL
http://www.turfqualite.com/logo.gif
Requested by
Host: grosgain.6te.net
URL: http://grosgain.6te.net/
Protocol
HTTP/1.1
Server
194.150.236.190 , France, ASN44976 (HIWIT_AS, FR),
Reverse DNS
ns30.hiwit.net
Software
Apache /
Resource Hash
3dea1c07fc26ce06883a4a52b9b0bff5922eb76862f08130168dfc629146a6b1

Request headers

Referer
http://grosgain.6te.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Thu, 01 Jul 2021 19:30:08 GMT
Last-Modified
Thu, 30 Aug 2018 08:02:22 GMT
Server
Apache
ETag
"ac9fcb-387b-574a27ea7bf80"
Vary
Host
Content-Type
image/gif
Connection
Keep-Alive
Accept-Ranges
bytes
Keep-Alive
timeout=10, max=100
Content-Length
14459
csoumillon.gif
www.tresorturf.com/img/logos/
123 KB
123 KB
Image
General
Full URL
http://www.tresorturf.com/img/logos/csoumillon.gif
Requested by
Host: grosgain.6te.net
URL: http://grosgain.6te.net/
Protocol
HTTP/1.1
Server
194.150.236.236 , France, ASN44976 (HIWIT_AS, FR),
Reverse DNS
ns76.hiwit.net
Software
Apache /
Resource Hash
5c0dc163ca0682764060d584c08d4ab278e2f24721e34acfa8c530353717ec64

Request headers

Referer
http://grosgain.6te.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Thu, 01 Jul 2021 19:30:08 GMT
Last-Modified
Wed, 10 Feb 2021 05:51:09 GMT
Server
Apache
ETag
"2510a0d-1ec2e-5baf4fd5bed40"
Vary
Host
Content-Type
image/gif
Connection
Keep-Alive
Accept-Ranges
bytes
Keep-Alive
timeout=15, max=100
Content-Length
125998
andreturf.gif
1.bp.blogspot.com/-opH86gOfygg/XkEwY5zGGFI/AAAAAAAAAhY/EEJZ7wo4Lysj7ggD--RJw7QITLwwdbEaQCK4BGAYYCw/s1600/
Redirect Chain
  • http://img.root-top.com/topsite/andreturf/banner.gif
  • https://img.root-top.com/topsite/andreturf/banner.gif
  • https://1.bp.blogspot.com/-opH86gOfygg/XkEwY5zGGFI/AAAAAAAAAhY/EEJZ7wo4Lysj7ggD--RJw7QITLwwdbEaQCK4BGAYYCw/s1600/andreturf.gif
25 KB
25 KB
Image
General
Full URL
https://1.bp.blogspot.com/-opH86gOfygg/XkEwY5zGGFI/AAAAAAAAAhY/EEJZ7wo4Lysj7ggD--RJw7QITLwwdbEaQCK4BGAYYCw/s1600/andreturf.gif
Requested by
Host: grosgain.6te.net
URL: http://grosgain.6te.net/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
fife /
Resource Hash
4a2585af464438cf28c1cc239db9a4cbc614297de51487e57b1d76500c203c3e
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
http://grosgain.6te.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 01 Jul 2021 19:06:08 GMT
x-content-type-options
nosniff
age
1440
content-disposition
inline;filename="andreturf.gif"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
25217
x-xss-protection
0
server
fife
etag
"v217"
vary
Origin
content-type
image/gif
access-control-allow-origin
*
access-control-expose-headers
Content-Length
cache-control
public, max-age=86400, no-transform
timing-allow-origin
*
expires
Thu, 24 Jun 2021 13:28:32 GMT

Redirect headers

date
Thu, 01 Jul 2021 19:30:08 GMT
cf-cache-status
BYPASS
nel
{"report_to":"cf-nel","max_age":604800}
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v2?s=vdKWyiXGnP2KHxrz9HqQv1JtpX9uCwi9QuDXaRQczzePI5Mzmhbbc184qo%2BZFXDAxKnh4tB8ZbsQCPuXywCReIkzlCCtsivG%2Bh2S9U4%2BqEKOjpG7mVIqxVMc%2F7zihXFHl0koZ29T6GuCaA%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
text/html; charset=iso-8859-1
location
https://1.bp.blogspot.com/-opH86gOfygg/XkEwY5zGGFI/AAAAAAAAAhY/EEJZ7wo4Lysj7ggD--RJw7QITLwwdbEaQCK4BGAYYCw/s1600/andreturf.gif
cf-ray
66820c130cd44a73-FRA
alt-svc
h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
checkout.apu
payment.allopass.com/buy/
11 KB
4 KB
Script
General
Full URL
https://payment.allopass.com/buy/checkout.apu?ids=350874&idd=1533844&lang=fr
Requested by
Host: grosgain.6te.net
URL: http://grosgain.6te.net/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
185.119.26.1 , France, ASN203544 (WEBDEVIIN-AS, FR),
Reverse DNS
1.26.119.185.in-addr.arpa
Software
Apache /
Resource Hash
6e31afa055f2a05202f9e43f9d774ea3ddf10acaabb297d39efca0abab8d294e

Request headers

Referer
http://grosgain.6te.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma
no-cache
Date
Thu, 01 Jul 2021 19:30:08 GMT
Content-Encoding
gzip
Server
Apache
Vary
Accept-Encoding
P3P
CP='NON NID OTPa OUR NOR' policy-ref='http://payment.allopass.com/info/p3p/policy-references.xml'
Cache-Control
no-store, no-cache, must-revalidate, post-check=0, pre-check=0
Connection
close
Content-Type
text/html
Content-Length
2961
Expires
Thu, 19 Nov 1981 08:52:00 GMT
abc7.jpg
grosgain.6te.net/images/
10 KB
10 KB
Image
General
Full URL
http://grosgain.6te.net/images/abc7.jpg
Requested by
Host: grosgain.6te.net
URL: http://grosgain.6te.net/
Protocol
HTTP/1.1
Server
142.54.187.21 , United States, ASN33387 (NOCIX, US),
Reverse DNS
Software
Apache/2.4.48 /
Resource Hash
0fefefff796a0f6b20733844e631a85ad18634311a708f15c66950d9f6ec70fe

Request headers

Pragma
no-cache
Accept-Encoding
gzip, deflate
Host
grosgain.6te.net
Accept-Language
en-US
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept
image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
Referer
http://grosgain.6te.net/
Cookie
PHPSESSID=jd8ht6m88f2f1k0gb81o5c3v9s
Connection
keep-alive
Cache-Control
no-cache
Referer
http://grosgain.6te.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma
no-cache
Date
Thu, 01 Jul 2021 19:30:08 GMT
Last-Modified
Sat, 20 Jan 2018 14:22:17 GMT
Server
Apache/2.4.48
ETag
"2626-56335ec929840"
Upgrade
h2,h2c
Cache-control
no-cache
Connection
Upgrade, Keep-Alive
Accept-Ranges
bytes
Content-Type
image/jpeg
Keep-Alive
timeout=1, max=10000
Content-Length
9766
Expires
Thu, 01 Jul 2021 19:30:08 GMT
module_webmaster.php
www.zone-turf.fr/module/
12 KB
2 KB
Script
General
Full URL
http://www.zone-turf.fr/module/module_webmaster.php?e=partants&f=small
Requested by
Host: grosgain.6te.net
URL: http://grosgain.6te.net/
Protocol
HTTP/1.1
Server
13.224.193.104 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-224-193-104.fra2.r.cloudfront.net
Software
Apache /
Resource Hash
06fc3f102042159f66cd757ec1fc2768c6f076bf1ff2aa20f56c034fa78fc00b

Request headers

Referer
http://grosgain.6te.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Thu, 01 Jul 2021 19:29:56 GMT
Via
1.1 varnish, 1.1 96ab38d99b79d57e5c7e9b8a07c0fad3.cloudfront.net (CloudFront)
Age
53
Transfer-Encoding
chunked
X-Cache
Hit from cloudfront
P3P
CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Connection
keep-alive
X-Cache-Hist
20
Pragma
cache
Server
Apache
Vary
Accept-Encoding
X-Varnish
1638577081 1638573153
Content-Encoding
gzip
Cache-Control
max-age=60
X-Amz-Cf-Pop
FRA2-C1
Content-Type
application/x-javascript
X-Amz-Cf-Id
ObTCER3PA1dygFhkNSRbpG9q2551ODJ6Ab9NVfB652yKdoibHyZwdQ==
Expires
Thu, 01 Jul 2021 19:30:14 GMT
poweredby.png
www.freewebhostingarea.com/images/
6 KB
6 KB
Image
General
Full URL
https://www.freewebhostingarea.com/images/poweredby.png
Requested by
Host: grosgain.6te.net
URL: http://grosgain.6te.net/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
72.9.150.244 , United States, ASN30277 (DFW-DATACENTER, US),
Reverse DNS
freewebhostingarea.com
Software
Apache /
Resource Hash
df10c5d5b81e45692a6160115a2d22fedd2316c2d8960c2ad175110325ac8905

Request headers

Referer
http://grosgain.6te.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Thu, 01 Jul 2021 19:30:08 GMT
Last-Modified
Tue, 26 Feb 2019 23:24:37 GMT
Server
Apache
Content-Type
image/png
Connection
Keep-Alive
Accept-Ranges
bytes
Keep-Alive
timeout=1, max=10000
Content-Length
6022
gtm.js
www.googletagmanager.com/
84 KB
33 KB
Script
General
Full URL
https://www.googletagmanager.com/gtm.js?id=GTM-NHFGDSD
Requested by
Host: payment.allopass.com
URL: https://payment.allopass.com/buy/checkout.apu?ids=350874&idd=1533844&lang=fr
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:810::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
96f67ee287865132c506d5788d362365af9de3f5d94a9d830efa1533cebf56fb
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

Referer
http://grosgain.6te.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 01 Jul 2021 19:30:08 GMT
content-encoding
br
vary
Accept-Encoding
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
33639
x-xss-protection
0
last-modified
Thu, 01 Jul 2021 18:40:35 GMT
server
Google Tag Manager
strict-transport-security
max-age=31536000; includeSubDomains
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
access-control-allow-headers
Cache-Control
expires
Thu, 01 Jul 2021 19:30:08 GMT
buy-button.css
payment.allopass.com/static/css/
2 KB
830 B
Stylesheet
General
Full URL
https://payment.allopass.com/static/css/buy-button.css?1
Requested by
Host: payment.allopass.com
URL: https://payment.allopass.com/buy/checkout.apu?ids=350874&idd=1533844&lang=fr
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
185.119.26.1 , France, ASN203544 (WEBDEVIIN-AS, FR),
Reverse DNS
1.26.119.185.in-addr.arpa
Software
Apache /
Resource Hash
95eb15e76b752a9c78d6281cd3b7c43a8fbc2931783edf3bf3703af55eff06e2

Request headers

Referer
http://grosgain.6te.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Thu, 01 Jul 2021 19:30:09 GMT
Content-Encoding
gzip
Last-Modified
Mon, 20 Jan 2020 15:32:43 GMT
Server
Apache
ETag
"21904-69a-59c94009dfcc0"
Vary
Accept-Encoding
Content-Type
text/css
Connection
close
Accept-Ranges
bytes
Content-Length
546
162x56.png
payment.allopass.com/static/buy/button/fr/
6 KB
6 KB
Image
General
Full URL
https://payment.allopass.com/static/buy/button/fr/162x56.png
Requested by
Host: grosgain.6te.net
URL: http://grosgain.6te.net/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
185.119.26.1 , France, ASN203544 (WEBDEVIIN-AS, FR),
Reverse DNS
1.26.119.185.in-addr.arpa
Software
Apache /
Resource Hash
7dd9659e56e92abc376e04d427903b2cfca1d52d854d38e35fefa4cf9e7fd9db

Request headers

Referer
http://grosgain.6te.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Thu, 01 Jul 2021 19:30:09 GMT
Last-Modified
Mon, 20 Jan 2020 15:32:43 GMT
Server
Apache
ETag
"40f3e-1688-59c94009dfcc0"
Content-Type
image/png
Connection
close
Accept-Ranges
bytes
Content-Length
5768
c-mediterraneo-103366.gif
www.zone-turf.fr/media/picture/casaque/
2 KB
3 KB
Image
General
Full URL
https://www.zone-turf.fr/media/picture/casaque/c-mediterraneo-103366.gif
Requested by
Host: grosgain.6te.net
URL: http://grosgain.6te.net/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.224.193.104 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-224-193-104.fra2.r.cloudfront.net
Software
Apache /
Resource Hash
3ce64483a8d15ff702f7b1b3749da63775dbbc1ff25b0e6fd64e3380b01c06d7

Request headers

Referer
http://grosgain.6te.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 01 Jul 2021 18:48:52 GMT
via
1.1 varnish, 1.1 eb83e7e264681d87a86c9b6a2159e502.cloudfront.net (CloudFront)
age
16887
x-cache
Hit from cloudfront
x-cache-hist
22
content-length
2273
last-modified
Thu, 01 Jul 2021 14:48:37 GMT
server
Apache
etag
"9d2f8b4f-8e1-5c610ef2a8d72"
x-varnish
1637806597 1636358764
cache-control
max-age=259200
x-amz-cf-pop
FRA2-C1
accept-ranges
bytes
content-type
image/gif
x-amz-cf-id
by97tQU52nsqphT8F8xHm5f2e3ye8EKCFGQ-hN2h3_cpBW2PArQ2LQ==
expires
Sun, 04 Jul 2021 14:48:42 GMT
f-wertheimer-121866.gif
www.zone-turf.fr/media/picture/casaque/
2 KB
3 KB
Image
General
Full URL
https://www.zone-turf.fr/media/picture/casaque/f-wertheimer-121866.gif
Requested by
Host: grosgain.6te.net
URL: http://grosgain.6te.net/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.224.193.104 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-224-193-104.fra2.r.cloudfront.net
Software
Apache /
Resource Hash
21b03bc7d33b9e26dbb992ae1f95cf6cb0f0e20230818fb1ca80151f9c48f7d2

Request headers

Referer
http://grosgain.6te.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 01 Jul 2021 19:01:37 GMT
via
1.1 varnish, 1.1 eb83e7e264681d87a86c9b6a2159e502.cloudfront.net (CloudFront)
last-modified
Wed, 30 Jun 2021 21:49:02 GMT
server
Apache
age
18632
etag
"9d3d5c96-95e-5c602b0d90574"
x-cache
Hit from cloudfront
x-varnish
1634364410
cache-control
max-age=259200
x-amz-cf-pop
FRA2-C1
accept-ranges
bytes
content-type
image/gif
content-length
2398
x-amz-cf-id
_QoFDqQj_NGrIvSYENcEGQm0j_Sg0DRu_hu9h2saRE4tT27MnNk0Ow==
expires
Sun, 04 Jul 2021 14:19:37 GMT
suc-alainmichel-haddad-433888.gif
www.zone-turf.fr/media/picture/casaque/
2 KB
3 KB
Image
General
Full URL
https://www.zone-turf.fr/media/picture/casaque/suc-alainmichel-haddad-433888.gif
Requested by
Host: grosgain.6te.net
URL: http://grosgain.6te.net/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.224.193.104 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-224-193-104.fra2.r.cloudfront.net
Software
Apache /
Resource Hash
909ba9c2d6ca634c7ec4803f22ce314af205ead8d9290452416a254c8dedda68

Request headers

Referer
http://grosgain.6te.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 01 Jul 2021 19:16:32 GMT
via
1.1 varnish, 1.1 eb83e7e264681d87a86c9b6a2159e502.cloudfront.net (CloudFront)
x-backend
default
age
181991
x-cache
Hit from cloudfront
content-length
2305
last-modified
Sat, 12 Jun 2021 21:53:03 GMT
server
Apache
etag
"9d5a7d6d-901-5c498a605e143"
x-varnish
1811803026 1803252616
cache-control
max-age=259200
x-amz-cf-pop
FRA2-C1
accept-ranges
bytes
content-type
image/gif
x-amz-cf-id
yQqYa_5TJ2kSVWURHeHBB5UJBSMZqYpYtR_pVtvDFjbuRWk4OiwhCQ==
expires
Fri, 02 Jul 2021 16:56:58 GMT
blank.gif
www.zone-turf.fr/media/images/
43 B
452 B
Image
General
Full URL
https://www.zone-turf.fr/media/images/blank.gif
Requested by
Host: grosgain.6te.net
URL: http://grosgain.6te.net/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.224.193.104 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-224-193-104.fra2.r.cloudfront.net
Software
Apache /
Resource Hash
1e5e009aca181390b5471d0ea0fb43ef52ab2a5cddc1f5eca3b0539fbeea5a74

Request headers

Referer
http://grosgain.6te.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 01 Jul 2021 18:54:18 GMT
via
1.1 varnish, 1.1 eb83e7e264681d87a86c9b6a2159e502.cloudfront.net (CloudFront)
age
188063
x-cache
Hit from cloudfront
x-cache-hist
324
content-length
43
last-modified
Wed, 02 Jun 2021 15:01:39 GMT
server
Apache
etag
"4145a0-2b-5c3c9bc53bac0"
x-varnish
1638324161 1623101367
cache-control
max-age=259200
x-amz-cf-pop
FRA2-C1
accept-ranges
bytes
content-type
image/gif
x-amz-cf-id
axvcNAL1jnB2GeCHlyO-6RGA1pjQun8io_GZfAJ8t4uTHtjXOV66SQ==
expires
Fri, 02 Jul 2021 15:15:46 GMT
rashit-shaykhutdinov-4493.gif
www.zone-turf.fr/media/picture/casaque/
3 KB
3 KB
Image
General
Full URL
https://www.zone-turf.fr/media/picture/casaque/rashit-shaykhutdinov-4493.gif
Requested by
Host: grosgain.6te.net
URL: http://grosgain.6te.net/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.224.193.104 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-224-193-104.fra2.r.cloudfront.net
Software
Apache /
Resource Hash
28f5600fc9c3efb75b08a587b53cc25fb110eef3e72921a4d98f59d24fdd3d10

Request headers

Referer
http://grosgain.6te.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 01 Jul 2021 19:22:39 GMT
via
1.1 varnish, 1.1 eb83e7e264681d87a86c9b6a2159e502.cloudfront.net (CloudFront)
last-modified
Wed, 30 Jun 2021 21:49:12 GMT
server
Apache
age
78048
etag
"9d3569fb-a69-5c602b167e882"
x-cache
Hit from cloudfront
x-varnish
1631876236
cache-control
max-age=259200
x-amz-cf-pop
FRA2-C1
accept-ranges
bytes
content-type
image/gif
content-length
2665
x-amz-cf-id
Z8bFmAmdtdPXGYsW_xHzLTJ_sUD4mKvu74-qhztenUZ0rJvkJWQwmQ==
expires
Sat, 03 Jul 2021 21:49:21 GMT
lars-haase-426170.gif
www.zone-turf.fr/media/picture/casaque/
2 KB
3 KB
Image
General
Full URL
https://www.zone-turf.fr/media/picture/casaque/lars-haase-426170.gif
Requested by
Host: grosgain.6te.net
URL: http://grosgain.6te.net/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.224.193.104 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-224-193-104.fra2.r.cloudfront.net
Software
Apache /
Resource Hash
2979e3b016b872d923da48bd55061f4637a0e618f26e841dcf2b739f47baaeb7

Request headers

Referer
http://grosgain.6te.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 01 Jul 2021 19:22:39 GMT
via
1.1 varnish, 1.1 eb83e7e264681d87a86c9b6a2159e502.cloudfront.net (CloudFront)
x-backend
default
age
78048
x-cache
Hit from cloudfront
content-length
2479
last-modified
Wed, 30 Jun 2021 21:49:13 GMT
server
Apache
etag
"9db2a993-9af-5c602b177cade"
x-varnish
1811392509
cache-control
max-age=259200
x-amz-cf-pop
FRA2-C1
accept-ranges
bytes
content-type
image/gif
x-amz-cf-id
szG28ay9gDrcQl7MGXYqdRioFcd-LRVRq9VhBFTl7fJeElETe5AffA==
expires
Sat, 03 Jul 2021 21:49:21 GMT
rudy-singarin-70106.gif
www.zone-turf.fr/media/picture/casaque/
2 KB
3 KB
Image
General
Full URL
https://www.zone-turf.fr/media/picture/casaque/rudy-singarin-70106.gif
Requested by
Host: grosgain.6te.net
URL: http://grosgain.6te.net/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.224.193.104 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-224-193-104.fra2.r.cloudfront.net
Software
Apache /
Resource Hash
6968413ef883e5600e22fbfef9dff2bcab902bd07d265a8d003dc5e6ac527cf0

Request headers

Referer
http://grosgain.6te.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 01 Jul 2021 19:22:39 GMT
via
1.1 varnish, 1.1 eb83e7e264681d87a86c9b6a2159e502.cloudfront.net (CloudFront)
x-backend
default
age
78048
x-cache
Hit from cloudfront
content-length
2272
last-modified
Wed, 30 Jun 2021 21:49:13 GMT
server
Apache
etag
"9d676146-8e0-5c602b178b532"
x-varnish
1811392511
cache-control
max-age=259200
x-amz-cf-pop
FRA2-C1
accept-ranges
bytes
content-type
image/gif
x-amz-cf-id
2gnXFsUXZeZkhd89e8WI23a8P-2eBVdy3IpzJjMjEQVGVeyIjrFz7g==
expires
Sat, 03 Jul 2021 21:49:21 GMT
lutz-bongen-791.gif
www.zone-turf.fr/media/picture/casaque/
2 KB
3 KB
Image
General
Full URL
https://www.zone-turf.fr/media/picture/casaque/lutz-bongen-791.gif
Requested by
Host: grosgain.6te.net
URL: http://grosgain.6te.net/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.224.193.104 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-224-193-104.fra2.r.cloudfront.net
Software
Apache /
Resource Hash
d1c706d98e8ac87cb364b18b507ac1f1f7cd6288be76fa9b1f1458e698512d5a

Request headers

Referer
http://grosgain.6te.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 01 Jul 2021 19:18:25 GMT
via
1.1 varnish, 1.1 eb83e7e264681d87a86c9b6a2159e502.cloudfront.net (CloudFront)
x-backend
default
age
78055
x-cache
Hit from cloudfront
content-length
2351
last-modified
Wed, 30 Jun 2021 21:49:13 GMT
server
Apache
etag
W/"9d341c24-92f-5c602b179f57b"
x-varnish
1811392513 1811392089
cache-control
max-age=259200
x-amz-cf-pop
FRA2-C1
accept-ranges
bytes
content-type
image/gif
x-amz-cf-id
DPWY1ODqFGP9jOyWVArqDfnZGoegpkI2l6nJ1OSc_9J899RT1tNknA==
expires
Sat, 03 Jul 2021 21:49:14 GMT
sro-leram-97627.gif
www.zone-turf.fr/media/picture/casaque/
2 KB
2 KB
Image
General
Full URL
https://www.zone-turf.fr/media/picture/casaque/sro-leram-97627.gif
Requested by
Host: grosgain.6te.net
URL: http://grosgain.6te.net/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.224.193.104 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-224-193-104.fra2.r.cloudfront.net
Software
Apache /
Resource Hash
e8ce7a12500c8889956a682c083d4da4a00b344bd729201b5bbb1e8c101ea0d9

Request headers

Referer
http://grosgain.6te.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 01 Jul 2021 19:16:31 GMT
via
1.1 varnish, 1.1 eb83e7e264681d87a86c9b6a2159e502.cloudfront.net (CloudFront)
x-backend
default
age
201233
x-cache
Hit from cloudfront
content-length
1783
last-modified
Sun, 20 Jun 2021 21:48:46 GMT
server
Apache
etag
"9d3f810a-6f7-5c53985722b32"
x-varnish
1815142822 1804112207
cache-control
max-age=259200
x-amz-cf-pop
FRA2-C1
accept-ranges
bytes
content-type
image/gif
x-amz-cf-id
iXmGM0g7LLJ7QV3zf8xtxCHrIix6VQZDuyfsiA-f92NJ78JOZM5M_Q==
expires
Fri, 02 Jul 2021 11:36:16 GMT
sparkling-star-392744.gif
www.zone-turf.fr/media/picture/casaque/
3 KB
3 KB
Image
General
Full URL
https://www.zone-turf.fr/media/picture/casaque/sparkling-star-392744.gif
Requested by
Host: grosgain.6te.net
URL: http://grosgain.6te.net/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.224.193.104 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-224-193-104.fra2.r.cloudfront.net
Software
Apache /
Resource Hash
d7a5a97927b3114954f179bd2926d9b34f0208a99989266ebdbf6627b7ab4e66

Request headers

Referer
http://grosgain.6te.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 01 Jul 2021 19:22:40 GMT
via
1.1 varnish, 1.1 eb83e7e264681d87a86c9b6a2159e502.cloudfront.net (CloudFront)
x-backend
default
age
78048
x-cache
Hit from cloudfront
content-length
2616
last-modified
Wed, 30 Jun 2021 21:49:13 GMT
server
Apache
etag
"9da9dea6-a38-5c602b17faa6d"
x-varnish
1811392516
cache-control
max-age=259200
x-amz-cf-pop
FRA2-C1
accept-ranges
bytes
content-type
image/gif
x-amz-cf-id
bYOi6xXtWbhq2fDVADl4V3vXUz9I-er26gygjv-Z4HHUBf08XJbKmw==
expires
Sat, 03 Jul 2021 21:49:21 GMT
s-steintor-61533.gif
www.zone-turf.fr/media/picture/casaque/
2 KB
3 KB
Image
General
Full URL
https://www.zone-turf.fr/media/picture/casaque/s-steintor-61533.gif
Requested by
Host: grosgain.6te.net
URL: http://grosgain.6te.net/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.224.193.104 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-224-193-104.fra2.r.cloudfront.net
Software
Apache /
Resource Hash
2778e19f42a5b9615afa7931b8e29c8059929efc3a5fb526ffce370abe3bae3d

Request headers

Referer
http://grosgain.6te.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 01 Jul 2021 18:50:26 GMT
via
1.1 varnish, 1.1 eb83e7e264681d87a86c9b6a2159e502.cloudfront.net (CloudFront)
age
16815
x-cache
Hit from cloudfront
x-cache-hist
8
content-length
2212
last-modified
Thu, 01 Jul 2021 14:49:45 GMT
server
Apache
etag
"9d003153-8a4-5c610f32af458"
x-varnish
1636850337 1636370243
cache-control
max-age=259200
x-amz-cf-pop
FRA2-C1
accept-ranges
bytes
content-type
image/gif
x-amz-cf-id
8UKz5cV4O_a_P1jHzaF1vWYS5z1DRUd9BfJVy8ISm7i3wT3uZMCBeQ==
expires
Sun, 04 Jul 2021 14:49:53 GMT
remo-sorrentino-11644.gif
www.zone-turf.fr/media/picture/casaque/
2 KB
3 KB
Image
General
Full URL
https://www.zone-turf.fr/media/picture/casaque/remo-sorrentino-11644.gif
Requested by
Host: grosgain.6te.net
URL: http://grosgain.6te.net/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.224.193.104 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-224-193-104.fra2.r.cloudfront.net
Software
Apache /
Resource Hash
660d48647ff4d1599e32b48c203b7a6342d52311a4ecd529b8b4573283dcdc4b

Request headers

Referer
http://grosgain.6te.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 01 Jul 2021 19:22:40 GMT
via
1.1 varnish, 1.1 eb83e7e264681d87a86c9b6a2159e502.cloudfront.net (CloudFront)
x-backend
default
age
78054
x-cache
Hit from cloudfront
content-length
2174
last-modified
Wed, 30 Jun 2021 21:49:13 GMT
server
Apache
etag
"9d356964-87e-5c602b181e0d2"
x-varnish
1811392521
cache-control
max-age=259200
x-amz-cf-pop
FRA2-C1
accept-ranges
bytes
content-type
image/gif
x-amz-cf-id
yljGLheni2glxMY5vWab1QoGPyu2fyp5lMZwQa5qzJVXd9jrugUX8A==
expires
Sat, 03 Jul 2021 21:49:15 GMT
b-giraudon-1552.gif
www.zone-turf.fr/media/picture/casaque/
2 KB
3 KB
Image
General
Full URL
https://www.zone-turf.fr/media/picture/casaque/b-giraudon-1552.gif
Requested by
Host: grosgain.6te.net
URL: http://grosgain.6te.net/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.224.193.104 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-224-193-104.fra2.r.cloudfront.net
Software
Apache /
Resource Hash
1ed9c66d3b3538f8549c306d23caf9e861b4629f0f606d40604978b195fd8125

Request headers

Referer
http://grosgain.6te.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 01 Jul 2021 18:48:52 GMT
via
1.1 varnish, 1.1 eb83e7e264681d87a86c9b6a2159e502.cloudfront.net (CloudFront)
x-backend
default
age
18633
x-cache
Hit from cloudfront
content-length
2528
last-modified
Wed, 30 Jun 2021 21:49:06 GMT
server
Apache
etag
"9d256b40-9e0-5c602b10d152f"
x-varnish
1814854075 1814478721
cache-control
max-age=259200
x-amz-cf-pop
FRA2-C1
accept-ranges
bytes
content-type
image/gif
x-amz-cf-id
aGKfc9C_7ZV6ff9ETD1NOhUCaPBmOYURjn9Ds4NtvEExtG9ZgEvzLQ==
expires
Sun, 04 Jul 2021 14:19:37 GMT
martial-334064.gif
www.zone-turf.fr/media/picture/casaque/
2 KB
3 KB
Image
General
Full URL
https://www.zone-turf.fr/media/picture/casaque/martial-334064.gif
Requested by
Host: grosgain.6te.net
URL: http://grosgain.6te.net/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.224.193.104 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-224-193-104.fra2.r.cloudfront.net
Software
Apache /
Resource Hash
01b3f43b931e473ba77289b08bb5b2cdbf52c78e65934cccdd6c2e04db6c0dcc

Request headers

Referer
http://grosgain.6te.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 01 Jul 2021 19:10:38 GMT
via
1.1 varnish, 1.1 eb83e7e264681d87a86c9b6a2159e502.cloudfront.net (CloudFront)
age
196651
x-cache
Hit from cloudfront
x-cache-hist
1
content-length
2527
last-modified
Sat, 05 Jun 2021 21:50:50 GMT
server
Apache
etag
"9d57bba4-9df-5c40bcd41d08c"
x-varnish
1620842990 1620407965
cache-control
max-age=259200
x-amz-cf-pop
FRA2-C1
accept-ranges
bytes
content-type
image/gif
x-amz-cf-id
iIyxRmjjkrCP7pxFmqwvd1fJtQUmzNff6TDcux9PEjmaBDaShkxunw==
expires
Fri, 02 Jul 2021 12:52:38 GMT
olivier-martinelli-1641.gif
www.zone-turf.fr/media/picture/casaque/
2 KB
3 KB
Image
General
Full URL
https://www.zone-turf.fr/media/picture/casaque/olivier-martinelli-1641.gif
Requested by
Host: grosgain.6te.net
URL: http://grosgain.6te.net/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.224.193.104 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-224-193-104.fra2.r.cloudfront.net
Software
Apache /
Resource Hash
3ed6cb26ef3b828cb3e5f7aa28a94042d277f4b7b5fc3882917a0003101f5a15

Request headers

Referer
http://grosgain.6te.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 01 Jul 2021 19:22:40 GMT
via
1.1 varnish, 1.1 eb83e7e264681d87a86c9b6a2159e502.cloudfront.net (CloudFront)
last-modified
Wed, 30 Jun 2021 21:49:15 GMT
server
Apache
age
78048
etag
"9d36cb81-8d9-5c602b193e20e"
x-cache
Hit from cloudfront
x-varnish
1631876250
cache-control
max-age=259200
x-amz-cf-pop
FRA2-C1
accept-ranges
bytes
content-type
image/gif
content-length
2265
x-amz-cf-id
fGXk6XFrs8k2HGNSG4GMVKggNTS6m0RKDzifJ3Bt-9lMAc8yzUcmvw==
expires
Sat, 03 Jul 2021 21:49:21 GMT
cwentworth-zwentworth-h-hatton-450698.gif
www.zone-turf.fr/media/picture/casaque/
2 KB
3 KB
Image
General
Full URL
https://www.zone-turf.fr/media/picture/casaque/cwentworth-zwentworth-h-hatton-450698.gif
Requested by
Host: grosgain.6te.net
URL: http://grosgain.6te.net/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.224.193.104 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-224-193-104.fra2.r.cloudfront.net
Software
Apache /
Resource Hash
65c785cd927483154bda0473377a5e206935205adeabfd40412731417fb323b8

Request headers

Referer
http://grosgain.6te.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 01 Jul 2021 19:22:40 GMT
via
1.1 varnish, 1.1 eb83e7e264681d87a86c9b6a2159e502.cloudfront.net (CloudFront)
x-backend
default
age
168147
x-cache
Hit from cloudfront
content-length
2537
last-modified
Sat, 12 Jun 2021 21:53:05 GMT
server
Apache
etag
"9da41b20-9e9-5c498a6287480"
x-varnish
1808848201 1804350893
cache-control
max-age=259200
x-amz-cf-pop
FRA2-C1
accept-ranges
bytes
content-type
image/gif
x-amz-cf-id
QCT2x4xhAE4lnfjuyzlw7ufkc5haW_9HIF4MHuKIQiiq1ebeOKnEAQ==
expires
Fri, 02 Jul 2021 20:47:42 GMT
stall-harry-173416.gif
www.zone-turf.fr/media/picture/casaque/
2 KB
3 KB
Image
General
Full URL
https://www.zone-turf.fr/media/picture/casaque/stall-harry-173416.gif
Requested by
Host: grosgain.6te.net
URL: http://grosgain.6te.net/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.224.193.104 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-224-193-104.fra2.r.cloudfront.net
Software
Apache /
Resource Hash
8a87320178bc1ccf6b171f7287a3e2a8bd33f6e685c4691083250f787f909de8

Request headers

Referer
http://grosgain.6te.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 01 Jul 2021 19:22:40 GMT
via
1.1 varnish, 1.1 eb83e7e264681d87a86c9b6a2159e502.cloudfront.net (CloudFront)
x-backend
default
age
78048
x-cache
Hit from cloudfront
content-length
2402
last-modified
Wed, 30 Jun 2021 21:49:15 GMT
server
Apache
etag
"9db5d713-962-5c602b19b7b59"
x-varnish
1811392517
cache-control
max-age=259200
x-amz-cf-pop
FRA2-C1
accept-ranges
bytes
content-type
image/gif
x-amz-cf-id
f_weM1xNFtZSXMBw0UiZCw0870o74bObrALjL-3iYQrHSfO2kNdpHQ==
expires
Sat, 03 Jul 2021 21:49:21 GMT
analytics.js
www.google-analytics.com/
48 KB
19 KB
Script
General
Full URL
https://www.google-analytics.com/analytics.js
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-NHFGDSD
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82a::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
73d6a5ea11fb7bf6e6a6ccd44b1635d52c79b0a00623d0387c9dddd4b7c68e89
Security Headers
Name Value
Strict-Transport-Security max-age=10886400; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
http://grosgain.6te.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security
max-age=10886400; includeSubDomains; preload
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Wed, 09 Jun 2021 17:36:57 GMT
server
Golfe2
age
6487
date
Thu, 01 Jul 2021 17:42:02 GMT
vary
Accept-Encoding
content-type
text/javascript
cache-control
public, max-age=7200
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
19661
expires
Thu, 01 Jul 2021 19:42:02 GMT
collect
www.google-analytics.com/j/
1 B
21 B
XHR
General
Full URL
https://www.google-analytics.com/j/collect?v=1&_v=j91&a=2131730798&t=pageview&_s=1&dl=http%3A%2F%2Fgrosgain.6te.net%2F&ul=en-us&de=UTF-8&dt=GROS%20GAIN&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=YEBAAEABAAAAAC~&jid=754793904&gjid=387393418&cid=1233521859.1625167809&tid=UA-135619294-1&_gid=32742913.1625167809&_r=1&gtm=2wg6u0NHFGDSD&cd1=ALS-LIBS-CHECKOUT-15&cd2=1533844&cd3=350874&cd4=(not%20set)&cd5=classic&z=1725650906
Requested by
Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82a::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
http://grosgain.6te.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Thu, 01 Jul 2021 19:30:09 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
http://grosgain.6te.net
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
1
expires
Fri, 01 Jan 1990 00:00:00 GMT

Verdicts & Comments Add Verdict or Comment

23 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| onbeforexrselect object| ontransitionrun object| ontransitionstart object| ontransitioncancel boolean| originAgentCluster object| trustedTypes boolean| crossOriginIsolated object| headID object| cssNode function| allopassButtons number| alreadyrunflag undefined| proto undefined| contentloadtag number| _timer object| dataLayer object| elts object| google_tag_manager object| google_tag_data string| GoogleAnalyticsObject function| ga object| gaplugins object| gaGlobal object| gaData

4 Cookies

Domain/Path Name / Value
.6te.net/ Name: _gid
Value: GA1.2.32742913.1625167809
.6te.net/ Name: _gat_UA-135619294-1
Value: 1
.6te.net/ Name: _ga
Value: GA1.2.1233521859.1625167809
grosgain.6te.net/ Name: PHPSESSID
Value: jd8ht6m88f2f1k0gb81o5c3v9s

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

1.bp.blogspot.com
grosgain.6te.net
img.root-top.com
payment.allopass.com
www.freewebhostingarea.com
www.google-analytics.com
www.googletagmanager.com
www.tresorturf.com
www.turfqualite.com
www.zone-turf.fr
13.224.193.104
142.54.187.21
185.119.26.1
194.150.236.190
194.150.236.236
2606:4700:3038::6815:ea1b
2a00:1450:4001:810::2008
2a00:1450:4001:82a::2001
2a00:1450:4001:82a::200e
72.9.150.244
01b3f43b931e473ba77289b08bb5b2cdbf52c78e65934cccdd6c2e04db6c0dcc
06fc3f102042159f66cd757ec1fc2768c6f076bf1ff2aa20f56c034fa78fc00b
0fefefff796a0f6b20733844e631a85ad18634311a708f15c66950d9f6ec70fe
1e5e009aca181390b5471d0ea0fb43ef52ab2a5cddc1f5eca3b0539fbeea5a74
1ed9c66d3b3538f8549c306d23caf9e861b4629f0f606d40604978b195fd8125
21b03bc7d33b9e26dbb992ae1f95cf6cb0f0e20230818fb1ca80151f9c48f7d2
2778e19f42a5b9615afa7931b8e29c8059929efc3a5fb526ffce370abe3bae3d
28f5600fc9c3efb75b08a587b53cc25fb110eef3e72921a4d98f59d24fdd3d10
2979e3b016b872d923da48bd55061f4637a0e618f26e841dcf2b739f47baaeb7
32c17b0014ddd070d2499ae16c2ed3dc06813d2dc1456ca0e6038eab47718070
3ce64483a8d15ff702f7b1b3749da63775dbbc1ff25b0e6fd64e3380b01c06d7
3dea1c07fc26ce06883a4a52b9b0bff5922eb76862f08130168dfc629146a6b1
3ed6cb26ef3b828cb3e5f7aa28a94042d277f4b7b5fc3882917a0003101f5a15
4a2585af464438cf28c1cc239db9a4cbc614297de51487e57b1d76500c203c3e
4eafe679a3a9050bc11ae948a36fba1de46893f746c417cb547897cd01c7ec84
5c0dc163ca0682764060d584c08d4ab278e2f24721e34acfa8c530353717ec64
65c785cd927483154bda0473377a5e206935205adeabfd40412731417fb323b8
660d48647ff4d1599e32b48c203b7a6342d52311a4ecd529b8b4573283dcdc4b
6968413ef883e5600e22fbfef9dff2bcab902bd07d265a8d003dc5e6ac527cf0
6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b
6e31afa055f2a05202f9e43f9d774ea3ddf10acaabb297d39efca0abab8d294e
73d6a5ea11fb7bf6e6a6ccd44b1635d52c79b0a00623d0387c9dddd4b7c68e89
7dd9659e56e92abc376e04d427903b2cfca1d52d854d38e35fefa4cf9e7fd9db
8a87320178bc1ccf6b171f7287a3e2a8bd33f6e685c4691083250f787f909de8
909ba9c2d6ca634c7ec4803f22ce314af205ead8d9290452416a254c8dedda68
9381252750d75709b5c83db8c417183b955886ae11858a88a6db3a347a30beaa
95eb15e76b752a9c78d6281cd3b7c43a8fbc2931783edf3bf3703af55eff06e2
96f67ee287865132c506d5788d362365af9de3f5d94a9d830efa1533cebf56fb
d1c706d98e8ac87cb364b18b507ac1f1f7cd6288be76fa9b1f1458e698512d5a
d7a5a97927b3114954f179bd2926d9b34f0208a99989266ebdbf6627b7ab4e66
df10c5d5b81e45692a6160115a2d22fedd2316c2d8960c2ad175110325ac8905
e8ce7a12500c8889956a682c083d4da4a00b344bd729201b5bbb1e8c101ea0d9