www.turfenor.net Open in urlscan Pro
194.150.236.166 Public Scan

Go To Rescan
Add Verdict Report

URL:
http://www.turfenor.net/pronos/pronosimple/index.php?la_page_demandee=pronostics_du_jour
Submission: On February 17 via manual (February 17th 2021, 10:49:51 pm UTC) from MA

Summary HTTP 8 Redirects Links 1 Behaviour Indicators

Summary

This website contacted 4 IPs in 1 countries across 4 domains to perform 8 HTTP transactions. The main IP is 194.150.236.166, located in France and belongs to HIWIT_AS, FR. The main domain is www.turfenor.net.

This is the only time www.turfenor.net was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
4	194.150.236.166 194.150.236.166	44976 (HIWIT_AS) (HIWIT_AS)
2	91.198.105.123 91.198.105.123	35393 (EURO-WEB-AS) (EURO-WEB-AS)
1	185.119.26.1 185.119.26.1	203544 (WEBDEVIIN-AS) (WEBDEVIIN-AS)
1 2	95.142.165.181 95.142.165.181	203476 (GANDI-AS-...) (GANDI-AS-2 Domain name registrar - http://www.gandi.net)
8	4

4 194.150.236.166 (France)

ASN44976 (HIWIT_AS, FR)
PTR: ns6.hiwit.net

www.turfenor.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 91.198.105.123 (France)

ASN35393 (EURO-WEB-AS, FR)

www.gambling-affiliation.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
static.gambling-affiliation.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 185.119.26.1 (France)

ASN203544 (WEBDEVIIN-AS, FR)
PTR: 1.26.119.185.in-addr.arpa

payment.allopass.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 95.142.165.181 (France) 1 redirects

ASN203476 (GANDI-AS-2 Domain name registrar - http://www.gandi.net, FR)
PTR: xvm-165-181.ghst.net

www.turfcom.info	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
turfcom.info	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
4	turfenor.net www.turfenor.net	107 KB
2	turfcom.info 1 redirects www.turfcom.info turfcom.info	320 B
2	gambling-affiliation.com www.gambling-affiliation.com static.gambling-affiliation.com	21 KB
1	allopass.com payment.allopass.com	2 KB
8	4

	Domain	Requested by
4	www.turfenor.net	www.turfenor.net
1	static.gambling-affiliation.com	www.turfenor.net
1	turfcom.info	www.turfenor.net
1	www.turfcom.info	1 redirects
1	payment.allopass.com	www.turfenor.net
1	www.gambling-affiliation.com	www.turfenor.net
8	6

This site contains links to these domains. Also see Links.

Domain
www.gambling-affiliation.com

Subject Issuer	Validity	Valid
www.gambling-affiliation.com Gandi Standard SSL CA 2	`2019-11-03` - `2021-11-03`	2 years	crt.sh
*.allopass.com R3	`2021-01-03` - `2021-04-03`	3 months	crt.sh
static.gambling-affiliation.com Gandi Standard SSL CA 2	`2020-08-25` - `2021-08-27`	a year	crt.sh

This page contains 1 frames:

Primary Page: http://www.turfenor.net/pronos/pronosimple/index.php?la_page_demandee=pronostics_du_jour
Frame ID: 5D6693D1D217E66090C4779456060A65
Requests: 8 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Detected technologies

PHP (Programming Languages) Expand

Overall confidence: 100%
Detected patterns

url /\.php(?:$|\?)/i

Apache (Web Servers) Expand

Overall confidence: 100%
Detected patterns

headers server /(?:Apache(?:$|\/([\d.]+)|[^/-])|(?:^|\b)HTTPD)/i

Page Statistics

8
Requests

38 %
HTTPS

0 %
IPv6

4
Domains

6
Subdomains

4
IPs

1
Countries

129 kB
Transfer

128 kB
Size

0
Cookies

1 Outgoing links

These are links going to different origins than the main page.

URL: https://www.gambling-affiliation.com/cpc/v=zTAbrK8QTTrSsRZEudHccFV-XqQcYGss4j2jxSvkDuk_GA7331V2

Search URL Search Domain Scan URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 5

http://www.turfcom.info/wp-content/uploads/2012/08/APRH_arrivee_quinte.jpg HTTP 302
http://turfcom.info/site/index

8 HTTP transactions
0 data transactions

Method Protocol	Status	Resource Path	Size x-fer	Time Latency	Type MIME-Type	IP Location
GET H/1.1	200 OK	Primary Request index.php Show response www.turfenor.net/pronos/pronosimple/	6 KB 6 KB	129ms 114ms	Document text/html	194.150.236.166 HIWIT_AS
General Check archive.org Show headers Download Go to Full URL http://www.turfenor.net/pronos/pronosimple/index.php?la_page_demandee=pronostics_du_jour Protocol HTTP/1.1 Server 194.150.236.166 , France, ASN44976 (HIWIT_AS, FR), Reverse DNS ns6.hiwit.net Software Apache / Resource Hash `1a4067fea30a1c0676d0a02d2f44a028ad9657e99282bd7a3240937ce79177c8` Request headers Host www.turfenor.net Connection keep-alive Pragma no-cache Cache-Control no-cache Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 Accept text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,/;q=0.8,application/signed-exchange;v=b3;q=0.9 Accept-Encoding gzip, deflate Accept-Language en-US Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 Response headers Date Wed, 17 Feb 2021 22:49:34 GMT Server Apache Vary Host Keep-Alive timeout=15, max=100 Connection Keep-Alive Transfer-Encoding chunked Content-Type text/html
GET H/1.1	200 OK	head.jpg www.turfenor.net/pronos/pronosimple/	66 KB 66 KB	28ms 22ms	Image image/jpeg	194.150.236.166 HIWIT_AS
General Check archive.org Show headers Download Go to Show image Full URL http://www.turfenor.net/pronos/pronosimple/head.jpg Requested by Host: www.turfenor.net URL: http://www.turfenor.net/pronos/pronosimple/index.php?la_page_demandee=pronostics_du_jour Protocol HTTP/1.1 Server 194.150.236.166 , France, ASN44976 (HIWIT_AS, FR), Reverse DNS ns6.hiwit.net Software Apache / Resource Hash `d220dbacb1a5d27f604f632600411f2c5b5c008a48a51718c19a16da9d187989` Request headers Referer http://www.turfenor.net/pronos/pronosimple/index.php?la_page_demandee=pronostics_du_jour User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 Response headers Date Wed, 17 Feb 2021 22:49:34 GMT Last-Modified Thu, 07 May 2020 06:19:28 GMT Server Apache ETag "1a2d1bb-10703-5a508dce6fc00" Vary Host Content-Type image/jpeg Connection Keep-Alive Accept-Ranges bytes Keep-Alive timeout=15, max=99 Content-Length 67331
GET H/1.1	200 OK	logo.gif www.turfenor.net/img/	33 KB 34 KB	42ms 28ms	Image image/gif	194.150.236.166 HIWIT_AS
General Check archive.org Show headers Download Go to Show image Full URL http://www.turfenor.net/img/logo.gif Requested by Host: www.turfenor.net URL: http://www.turfenor.net/pronos/pronosimple/index.php?la_page_demandee=pronostics_du_jour Protocol HTTP/1.1 Server 194.150.236.166 , France, ASN44976 (HIWIT_AS, FR), Reverse DNS ns6.hiwit.net Software Apache / Resource Hash `aa1828a92a55f636eba6703773067593f6028eb91b0eec234a61536ed032cb51` Request headers Referer http://www.turfenor.net/pronos/pronosimple/index.php?la_page_demandee=pronostics_du_jour User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 Response headers Date Wed, 17 Feb 2021 22:49:34 GMT Last-Modified Thu, 07 May 2020 06:20:24 GMT Server Apache ETag "1a2b214-8562-5a508e03d7a00" Vary Host Content-Type image/gif Connection Keep-Alive Accept-Ranges bytes Keep-Alive timeout=15, max=100 Content-Length 34146
GET H/1.1	200 OK	v=5V9WtJZiF.ZRtNSsx2t2bA8KF9nWJTnthRxNV4eqRws_ Show response www.gambling-affiliation.com/cpm/	282 B 483 B	220ms 151ms	Script application/javascript	91.198.105.123 EURO-WEB-AS
General Check archive.org Show headers Download Go to Full URL https://www.gambling-affiliation.com/cpm/v=5V9WtJZiF.ZRtNSsx2t2bA8KF9nWJTnthRxNV4eqRws_ Requested by Host: www.turfenor.net URL: http://www.turfenor.net/pronos/pronosimple/index.php?la_page_demandee=pronostics_du_jour Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 91.198.105.123 , France, ASN35393 (EURO-WEB-AS, FR), Reverse DNS Software Apache/2.4.39 (Unix) PHP/5.6.40 / PHP/5.6.40 Resource Hash `c118f3293f71ee353e3b580674aa6ce1bbaf92c0beba838a2d5169f468bc9acd` Request headers Referer http://www.turfenor.net/pronos/pronosimple/index.php?la_page_demandee=pronostics_du_jour User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 Response headers Date Wed, 17 Feb 2021 22:49:34 GMT Server Apache/2.4.39 (Unix) PHP/5.6.40 Connection close X-Powered-By PHP/5.6.40 Content-Length 282 Content-Type application/javascript
GET H/1.1	200 OK	index.php www.turfenor.net/pronos/pronosimple/	991 B 991 B	143ms 130ms	Image text/html	194.150.236.166 HIWIT_AS
General Check archive.org Show headers Download Go to Show image Full URL http://www.turfenor.net/pronos/pronosimple/index.php?la_page_demandee=pronostics_du_jour Requested by Host: www.turfenor.net URL: http://www.turfenor.net/pronos/pronosimple/index.php?la_page_demandee=pronostics_du_jour Protocol HTTP/1.1 Server 194.150.236.166 , France, ASN44976 (HIWIT_AS, FR), Reverse DNS ns6.hiwit.net Software Apache / Resource Hash `e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855` Request headers Referer http://www.turfenor.net/pronos/pronosimple/index.php?la_page_demandee=pronostics_du_jour User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 Response headers Date Wed, 17 Feb 2021 22:49:34 GMT Vary Host Server Apache Connection Keep-Alive Keep-Alive timeout=15, max=100 Transfer-Encoding chunked Content-Type text/html
GET H/1.1	200 OK	secure.apu Show response payment.allopass.com/api/	2 KB 2 KB	129ms 38ms	Script text/javascript	185.119.26.1 WEBDEVIIN-AS
General Check archive.org Show headers Download Go to Full URL https://payment.allopass.com/api/secure.apu?ids=352104&idd=1538412 Requested by Host: www.turfenor.net URL: http://www.turfenor.net/pronos/pronosimple/index.php?la_page_demandee=pronostics_du_jour Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_256_GCM Server 185.119.26.1 , France, ASN203544 (WEBDEVIIN-AS, FR), Reverse DNS 1.26.119.185.in-addr.arpa Software Apache / Resource Hash `b79d7bab8e5b9879383513ead1cc6f63ffb24716e32c5b7c9a7781a71b7833dc` Request headers Referer http://www.turfenor.net/pronos/pronosimple/index.php?la_page_demandee=pronostics_du_jour User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 Response headers Date Wed, 17 Feb 2021 22:49:35 GMT Server Apache Connection close Content-Length 1536 X-Allopass-Token 602d9d7f11e74 Content-Type text/javascript; charset=utf-8
GET H/1.1	200 OK	index turfcom.info/site/ Redirect Chain http://www.turfcom.info/wp-content/uploads/2012/08/APRH_arrivee_quinte.jpg http://turfcom.info/site/index	0 0	64ms 30ms	Image text/html	95.142.165.181 http://www.gandi.net
General Check archive.org Show headers Download Go to Show image Full URL http://turfcom.info/site/index Requested by Host: www.turfenor.net URL: http://www.turfenor.net/pronos/pronosimple/index.php?la_page_demandee=pronostics_du_jour Protocol HTTP/1.1 Server 95.142.165.181 , France, ASN203476 (GANDI-AS-2 Domain name registrar - http://www.gandi.net, FR), Reverse DNS xvm-165-181.ghst.net Software / Resource Hash `e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855` Request headers Referer http://www.turfenor.net/pronos/pronosimple/index.php?la_page_demandee=pronostics_du_jour User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 Response headers Redirect headers Date Wed, 17 Feb 2021 22:49:35 GMT Content-Encoding gzip Server Apache/2.2.16 (Debian) X-Powered-By PHP/5.3.3-7+squeeze27 Vary Accept-Encoding Content-Type text/html Location http://turfcom.info/site/index Connection Keep-Alive Keep-Alive timeout=15, max=100 Content-Length 531
GET H/1.1	200 OK	43961.gif static.gambling-affiliation.com/uploads/ads/	21 KB 21 KB	143ms 22ms	Image image/gif	91.198.105.123 EURO-WEB-AS
General Check archive.org Show headers Download Go to Show image Full URL https://static.gambling-affiliation.com/uploads/ads/43961.gif Requested by Host: www.turfenor.net URL: http://www.turfenor.net/pronos/pronosimple/index.php?la_page_demandee=pronostics_du_jour Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 91.198.105.123 , France, ASN35393 (EURO-WEB-AS, FR), Reverse DNS Software nginx/1.15.5 / Resource Hash `05fbebcfc1762915e7dbdf1b965150eb303f3766b951301a7c4e0058ce8f2eef` Request headers Referer http://www.turfenor.net/pronos/pronosimple/index.php?la_page_demandee=pronostics_du_jour User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 Response headers Date Wed, 17 Feb 2021 22:49:35 GMT Last-Modified Thu, 02 Mar 2017 11:06:41 GMT Server nginx/1.15.5 ETag "58b7fcc1-521c" Content-Type image/gif Connection close Accept-Ranges bytes Content-Length 21020

Verdicts & Comments Add Verdict or Comment

12 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

0 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

payment.allopass.com
static.gambling-affiliation.com
turfcom.info
www.gambling-affiliation.com
www.turfcom.info
www.turfenor.net
185.119.26.1
194.150.236.166
91.198.105.123
95.142.165.181
05fbebcfc1762915e7dbdf1b965150eb303f3766b951301a7c4e0058ce8f2eef
1a4067fea30a1c0676d0a02d2f44a028ad9657e99282bd7a3240937ce79177c8
aa1828a92a55f636eba6703773067593f6028eb91b0eec234a61536ed032cb51
b79d7bab8e5b9879383513ead1cc6f63ffb24716e32c5b7c9a7781a71b7833dc
c118f3293f71ee353e3b580674aa6ce1bbaf92c0beba838a2d5169f468bc9acd
d220dbacb1a5d27f604f632600411f2c5b5c008a48a51718c19a16da9d187989
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

www.turfenor.net Open in urlscan Pro 194.150.236.166 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Detected technologies

Page Statistics

8 Requests

38 %HTTPS

0 %IPv6

4 Domains

6 Subdomains

4 IPs

1 Countries

129 kBTransfer

128 kBSize

0 Cookies

1 Outgoing links

Redirected requests

8 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 0 data transactions

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Verdicts & Comments Add Verdict or Comment

12 JavaScript Global Variables

0 Cookies

Indicators

www.turfenor.net Open in urlscan Pro
194.150.236.166 Public Scan

Screenshot
Live screenshot

Full Image

8
Requests

38 %
HTTPS

0 %
IPv6

4
Domains

6
Subdomains

4
IPs

1
Countries

129 kB
Transfer

128 kB
Size

0
Cookies

8 HTTP transactions
0 data transactions