www.gainsturf.com Open in urlscan Pro
194.150.236.165 Public Scan

Go To Rescan
Add Verdict Report

URL:
https://www.gainsturf.com/index.php?la_page_demandee=bilan_des_pronostics
Submission: On December 16 via manual (December 16th 2022, 1:12:32 am UTC) from BF — Scanned from FR

Summary HTTP 19 Redirects Links 13 Behaviour Indicators

Summary

This website contacted 6 IPs in 2 countries across 8 domains to perform 19 HTTP transactions. The main IP is 194.150.236.165, located in France and belongs to HIWIT_AS, FR. The main domain is www.gainsturf.com.
TLS certificate: Issued by R3 on December 4th 2022. Valid for: 3 months.

This is the only time www.gainsturf.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
11	194.150.236.165 194.150.236.165	44976 (HIWIT_AS) (HIWIT_AS)
1	2606:4700:303... 2606:4700:3038::6815:ea1a	13335 (CLOUDFLAR...) (CLOUDFLARENET)
3 5	194.150.236.236 194.150.236.236	44976 (HIWIT_AS) (HIWIT_AS)
3	194.150.236.5 194.150.236.5	44976 (HIWIT_AS) (HIWIT_AS)
1	51.159.101.159 51.159.101.159	12876 (Online SAS) (Online SAS)
19	6

11 194.150.236.165 (France)

ASN44976 (HIWIT_AS, FR)
PTR: ns5.hiwit.net

www.gainsturf.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
www.levainqueur.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700:3038::6815:ea1a (United States)

ASN13335 (CLOUDFLARENET, US)

img.root-top.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 194.150.236.236 (France) 3 redirects

ASN44976 (HIWIT_AS, FR)
PTR: ns76.hiwit.net

www.biltoturf.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
www.millionturf.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 194.150.236.5 (France)

ASN44976 (HIWIT_AS, FR)
PTR: ns.allo-heberge.com

ns.allo-heberge.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 51.159.101.159 (Paris, France)

ASN12876 (Online SAS, FR)
PTR: 17d9637a-13ac-43cc-99fb-9c6d17e34762.fr-par-2.baremetal.scw.cloud

static.blog4ever.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
10	gainsturf.com www.gainsturf.com	405 KB
3	allo-heberge.com ns.allo-heberge.com
3	millionturf.com 3 redirects www.millionturf.com	846 B
2	biltoturf.com www.biltoturf.com	83 KB
1	blog4ever.com static.blog4ever.com	48 KB
1	levainqueur.com www.levainqueur.com	28 KB
1	root-top.com img.root-top.com	8 KB
0	edenturf.com Failed www.edenturf.com Failed
19	8

	Domain	Requested by
10	www.gainsturf.com	www.gainsturf.com
3	ns.allo-heberge.com	www.gainsturf.com
3	www.millionturf.com	3 redirects
2	www.biltoturf.com	www.gainsturf.com
1	static.blog4ever.com	www.gainsturf.com
1	www.levainqueur.com	www.gainsturf.com
1	img.root-top.com	www.gainsturf.com
0	www.edenturf.com Failed	www.gainsturf.com
19	8

This site contains links to these domains. Also see Links.

Domain
www.confidencescourses.com
eruditcourse.blogspot.com
quinte-magic.blogspot.com
repereduturf.blogspot.com
lespecialistedutierce.blogspot.com
www.youtube.com
www.root-top.com
www.levainqueur.com
www.quinte-magic.com
www.biltoturf.com
basefiable.blogspot.com
turf-originalvip.blogspot.com
www.quintemagazineturf.com

Subject Issuer	Validity	Valid
gainsturf.com R3	`2022-12-04` - `2023-03-04`	3 months	crt.sh
sni.cloudflaressl.com Cloudflare Inc ECC CA-3	`2022-06-06` - `2023-06-05`	a year	crt.sh
levainqueur.com R3	`2022-12-04` - `2023-03-04`	3 months	crt.sh
biltoturf.com R3	`2022-10-17` - `2023-01-15`	3 months	crt.sh
static.blog4ever.com R3	`2022-11-26` - `2023-02-24`	3 months	crt.sh

This page contains 1 frames:

Primary Page: https://www.gainsturf.com/index.php?la_page_demandee=bilan_des_pronostics
Frame ID: B2D6BE9CAA72FD6E72B529D903250316
Requests: 19 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

GAINSTURFDocument sans titreDocument sans titreDocument sans titreDocument sans titreDocument sans titreDocument sans titreDocument sans titreDocument sans titreDocument sans titreDocument sans titreDocument sans titreDocument sans titreDocument sans titreDocument sans titre

Detected technologies

PHP (Programming Languages) Expand

Overall confidence: 100%
Detected patterns

\.php(?:$|\?)

Page Statistics

19
Requests

79 %
HTTPS

20 %
IPv6

8
Domains

8
Subdomains

6
IPs

2
Countries

573 kB
Transfer

567 kB
Size

1
Cookies

13 Outgoing links

These are links going to different origins than the main page.

URL: http://www.confidencescourses.com/
Title: ConfidencesCourses

Search URL Search Domain Scan URL

URL: https://eruditcourse.blogspot.com/
Title: EruditCourse

Search URL Search Domain Scan URL

URL: https://quinte-magic.blogspot.com/
Title: QuinteMagic

Search URL Search Domain Scan URL

URL: https://repereduturf.blogspot.com/
Title: RepereduTurf

Search URL Search Domain Scan URL

URL: https://lespecialistedutierce.blogspot.com/
Title: LeSpecialisteduTierce

Search URL Search Domain Scan URL

URL: https://www.youtube.com/watch?v=7UDt8gvCtQ0
Title: COMMENT GAGNER AUX COURSES

Search URL Search Domain Scan URL

URL: http://www.root-top.com/topsite/lavoyante/in.php?ID=6

Search URL Search Domain Scan URL

URL: http://www.levainqueur.com/vote.php?id=78

Search URL Search Domain Scan URL

URL: https://www.quinte-magic.com/

Search URL Search Domain Scan URL

URL: http://www.biltoturf.com/

Search URL Search Domain Scan URL

URL: https://basefiable.blogspot.com/

Search URL Search Domain Scan URL

URL: https://turf-originalvip.blogspot.com/

Search URL Search Domain Scan URL

URL: http://www.quintemagazineturf.com/

Search URL Search Domain Scan URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 11

https://www.millionturf.com/logos/eruditcourse.gif HTTP 302
https://ns.allo-heberge.com/

Request Chain 13

https://www.millionturf.com/logos/turforiginal.gif HTTP 302
https://ns.allo-heberge.com/

Request Chain 14

https://www.millionturf.com/logos/repereduturf.gif HTTP 302
https://ns.allo-heberge.com/

19 HTTP transactions
0 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H/1.1 200
OK Primary Request index.php Show response
www.gainsturf.com/ 65 KB
66 KB 164ms
67ms Document
text/html 194.150.236.165
HIWIT_AS

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gainsturf.com/index.php?la_page_demandee=bilan_des_pronostics

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

194.150.236.165 , France, ASN44976 (HIWIT_AS, FR),

Reverse DNS

ns5.hiwit.net

Software

Apache /

Resource Hash

d4a47af514364d5c8b39c8bdccc19511ad8d1fb5405206e3e7660b96a8913d8e

Security Headers

Name	Value
Strict-Transport-Security	max-age=15768000

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
accept-language: fr-FR,fr;q=0.9

Response headers

Cache-Control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
Connection: Keep-Alive
Content-Type: text/html
Date: Fri, 16 Dec 2022 01:12:26 GMT
Expires: Thu, 19 Nov 1981 08:52:00 GMT
Keep-Alive: timeout=15, max=100
Pragma: no-cache
Server: Apache
Strict-Transport-Security: max-age=15768000
Transfer-Encoding: chunked
Vary: Host

GET
H/1.1 200
OK haut.png
www.gainsturf.com/ 28 KB
28 KB 62ms
23ms Image
image/png 194.150.236.165
HIWIT_AS

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.gainsturf.com/haut.png

Requested by

Host: www.gainsturf.com
URL: https://www.gainsturf.com/index.php?la_page_demandee=bilan_des_pronostics

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

194.150.236.165 , France, ASN44976 (HIWIT_AS, FR),

Reverse DNS

ns5.hiwit.net

Software

Apache /

Resource Hash

e40ffaee6ccdb763149c3d7c22688965b465330584814b33a51ff7b67cb8b68a

Security Headers

Name	Value
Strict-Transport-Security	max-age=15768000

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://www.gainsturf.com/index.php?la_page_demandee=bilan_des_pronostics
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

Date: Fri, 16 Dec 2022 01:12:26 GMT
Strict-Transport-Security: max-age=15768000
Last-Modified: Mon, 23 Nov 2015 18:33:52 GMT
Server: Apache
ETag: "17a4971-7097-5253977832400"
Vary: Host
Content-Type: image/png
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=15, max=100
Content-Length: 28823

GET
H/1.1 200
OK head.jpg
www.gainsturf.com/ 70 KB
71 KB 60ms
20ms Image
image/jpeg 194.150.236.165
HIWIT_AS

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.gainsturf.com/head.jpg

Requested by

Host: www.gainsturf.com
URL: https://www.gainsturf.com/index.php?la_page_demandee=bilan_des_pronostics

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

194.150.236.165 , France, ASN44976 (HIWIT_AS, FR),

Reverse DNS

ns5.hiwit.net

Software

Apache /

Resource Hash

762eac3a7727b80c9ef945b3d38aab2db8b650855547a5eadd420d7e8df65dab

Security Headers

Name	Value
Strict-Transport-Security	max-age=15768000

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://www.gainsturf.com/index.php?la_page_demandee=bilan_des_pronostics
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

Date: Fri, 16 Dec 2022 01:12:26 GMT
Strict-Transport-Security: max-age=15768000
Last-Modified: Mon, 23 Nov 2015 18:33:53 GMT
Server: Apache
ETag: "17a4972-11920-5253977926640"
Vary: Host
Content-Type: image/jpeg
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=15, max=100
Content-Length: 71968

GET
H/1.1 200
OK hippo.jpg
www.gainsturf.com/ 56 KB
56 KB 60ms
21ms Image
image/jpeg 194.150.236.165
HIWIT_AS

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.gainsturf.com/hippo.jpg

Requested by

Host: www.gainsturf.com
URL: https://www.gainsturf.com/index.php?la_page_demandee=bilan_des_pronostics

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

194.150.236.165 , France, ASN44976 (HIWIT_AS, FR),

Reverse DNS

ns5.hiwit.net

Software

Apache /

Resource Hash

c4b677ba991d6464f2ae30a84b17f9738dcfcc36f441effd907fa448ae416169

Security Headers

Name	Value
Strict-Transport-Security	max-age=15768000

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://www.gainsturf.com/index.php?la_page_demandee=bilan_des_pronostics
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

Date: Fri, 16 Dec 2022 01:12:26 GMT
Strict-Transport-Security: max-age=15768000
Last-Modified: Sat, 21 Mar 2020 11:18:21 GMT
Server: Apache
ETag: "caee1d-e00c-5a15b8f403940"
Vary: Host
Content-Type: image/jpeg
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=15, max=100
Content-Length: 57356

GET
H/1.1 200
OK fond.png
www.gainsturf.com/ 28 KB
28 KB 61ms
21ms Image
image/png 194.150.236.165
HIWIT_AS

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.gainsturf.com/fond.png

Requested by

Host: www.gainsturf.com
URL: https://www.gainsturf.com/index.php?la_page_demandee=bilan_des_pronostics

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

194.150.236.165 , France, ASN44976 (HIWIT_AS, FR),

Reverse DNS

ns5.hiwit.net

Software

Apache /

Resource Hash

867c25c09f7dad9c0124458eb33bba568725ed5a14d36e37115d2641ac0fc335

Security Headers

Name	Value
Strict-Transport-Security	max-age=15768000

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://www.gainsturf.com/index.php?la_page_demandee=bilan_des_pronostics
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

Date: Fri, 16 Dec 2022 01:12:26 GMT
Strict-Transport-Security: max-age=15768000
Last-Modified: Mon, 23 Nov 2015 18:33:50 GMT
Server: Apache
ETag: "17a4970-7023-5253977649f80"
Vary: Host
Content-Type: image/png
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=15, max=100
Content-Length: 28707

GET
H/1.1 200
OK barre.png
www.gainsturf.com/ 39 KB
39 KB 62ms
22ms Image
image/png 194.150.236.165
HIWIT_AS

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.gainsturf.com/barre.png

Requested by

Host: www.gainsturf.com
URL: https://www.gainsturf.com/index.php?la_page_demandee=bilan_des_pronostics

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

194.150.236.165 , France, ASN44976 (HIWIT_AS, FR),

Reverse DNS

ns5.hiwit.net

Software

Apache /

Resource Hash

19474bc3584021e7a7ae1db226bd348a94d4ff592176097d3a4141215ea5f3a9

Security Headers

Name	Value
Strict-Transport-Security	max-age=15768000

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://www.gainsturf.com/index.php?la_page_demandee=bilan_des_pronostics
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

Date: Fri, 16 Dec 2022 01:12:26 GMT
Strict-Transport-Security: max-age=15768000
Last-Modified: Mon, 23 Nov 2015 18:33:30 GMT
Server: Apache
ETag: "17a496a-9b2a-5253976337280"
Vary: Host
Content-Type: image/png
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=15, max=100
Content-Length: 39722

GET
H/1.1 200
OK ar1.png
www.gainsturf.com/ 45 KB
46 KB 62ms
20ms Image
image/png 194.150.236.165
HIWIT_AS

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.gainsturf.com/ar1.png

Requested by

Host: www.gainsturf.com
URL: https://www.gainsturf.com/index.php?la_page_demandee=bilan_des_pronostics

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

194.150.236.165 , France, ASN44976 (HIWIT_AS, FR),

Reverse DNS

ns5.hiwit.net

Software

Apache /

Resource Hash

adccbdc428ed6600a3b4632df50de3b7b8d4f95e9f81ed8d6c0718fd380dde07

Security Headers

Name	Value
Strict-Transport-Security	max-age=15768000

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://www.gainsturf.com/index.php?la_page_demandee=bilan_des_pronostics
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

Date: Fri, 16 Dec 2022 01:12:26 GMT
Strict-Transport-Security: max-age=15768000
Last-Modified: Mon, 23 Nov 2015 18:33:14 GMT
Server: Apache
ETag: "17a4967-b56a-52539753f4e80"
Vary: Host
Content-Type: image/png
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=15, max=98
Content-Length: 46442

GET
H/1.1 200
OK arpnume.png
www.gainsturf.com/ 35 KB
35 KB 30ms
20ms Image
image/png 194.150.236.165
HIWIT_AS

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.gainsturf.com/arpnume.png

Requested by

Host: www.gainsturf.com
URL: https://www.gainsturf.com/index.php?la_page_demandee=bilan_des_pronostics

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

194.150.236.165 , France, ASN44976 (HIWIT_AS, FR),

Reverse DNS

ns5.hiwit.net

Software

Apache /

Resource Hash

f51daef4455b2a135e0cea4af3f373daaf313688bdb0c515f1ce15b17934e571

Security Headers

Name	Value
Strict-Transport-Security	max-age=15768000

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://www.gainsturf.com/index.php?la_page_demandee=bilan_des_pronostics
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

Date: Fri, 16 Dec 2022 01:12:26 GMT
Strict-Transport-Security: max-age=15768000
Last-Modified: Mon, 23 Nov 2015 18:33:19 GMT
Server: Apache
ETag: "17a4969-8bdc-52539758b99c0"
Vary: Host
Content-Type: image/png
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=15, max=99
Content-Length: 35804

GET
H2 200 banner.gif
img.root-top.com/topsite/lavoyante/ 7 KB
8 KB 83ms
38ms Image
image/gif 2606:4700:3038::6815:ea1a
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://img.root-top.com/topsite/lavoyante/banner.gif
Requested by: Host: www.gainsturf.com
URL: https://www.gainsturf.com/index.php?la_page_demandee=bilan_des_pronostics
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3038::6815:ea1a , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 9fc779b0a082059dd8e86b6a3ef673eeaf0581661b10ac531798243a68298636

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://www.gainsturf.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Fri, 16 Dec 2022 01:12:26 GMT
cf-cache-status: HIT
last-modified: Wed, 14 Dec 2022 11:43:54 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
age: 134912
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Jt0fL%2BO8woOz3vG428kW6ZfqzK7GIli2DFAnz%2FAf2VyY0YrUuVzuHai4trFI1Ls5KdZ0TTf9epyjxesPH9SExCUEXnah5fILg0B3PZyofCLYJN%2FHVWkAD7MnqWm25yqHWqiMbaOLQvuwGK5ts1a%2F"}],"group":"cf-nel","max_age":604800}
content-type: image/gif
cache-control: max-age=14400, must-revalidate
accept-ranges: bytes
cf-ray: 77a38cfeaf402155-CDG
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 7221
expires: Sat, 17 Dec 2022 11:43:54 GMT

GET
H/1.1 200
OK logo.gif
www.levainqueur.com/ 28 KB
28 KB 108ms
20ms Image
image/gif 194.150.236.165
HIWIT_AS

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.levainqueur.com/logo.gif

Requested by

Host: www.gainsturf.com
URL: https://www.gainsturf.com/index.php?la_page_demandee=bilan_des_pronostics

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

194.150.236.165 , France, ASN44976 (HIWIT_AS, FR),

Reverse DNS

ns5.hiwit.net

Software

Apache /

Resource Hash

6270f4fc23be1ddceb334705172b0470d61d28d201fcc23402dbdc8bac85bdc7

Security Headers

Name	Value
Strict-Transport-Security	max-age=15768000

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://www.gainsturf.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

Date: Fri, 16 Dec 2022 01:12:26 GMT
Strict-Transport-Security: max-age=15768000
Last-Modified: Tue, 13 Oct 2015 12:36:31 GMT
Server: Apache
ETag: "e76ccd-70a5-521fbb20911c0"
Vary: Host
Content-Type: image/gif
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=15, max=100
Content-Length: 28837

GET
H/1.1 200
OK quintemagic2.gif
www.biltoturf.com/logos/ 77 KB
77 KB 178ms
21ms Image
image/gif 194.150.236.236
HIWIT_AS

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.biltoturf.com/logos/quintemagic2.gif

Requested by

Host: www.gainsturf.com
URL: https://www.gainsturf.com/index.php?la_page_demandee=bilan_des_pronostics

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

194.150.236.236 , France, ASN44976 (HIWIT_AS, FR),

Reverse DNS

ns76.hiwit.net

Software

Apache /

Resource Hash

336e041b7c299275c3ec89cc251c339ea2ec1870b70dc4ef25ba308e972be005

Security Headers

Name	Value
Strict-Transport-Security	max-age=15768000

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://www.gainsturf.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

Date: Fri, 16 Dec 2022 01:12:26 GMT
Strict-Transport-Security: max-age=15768000
Last-Modified: Fri, 23 Jul 2021 06:24:29 GMT
Server: Apache
ETag: "25a38b7-13493-5c7c474b3a140"
Vary: Host
Content-Type: image/gif
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=15, max=100
Content-Length: 78995

GET
H/1.1 200
OK logo.gif
www.biltoturf.com/ 6 KB
6 KB 177ms
20ms Image
image/gif 194.150.236.236
HIWIT_AS

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.biltoturf.com/logo.gif

Requested by

Host: www.gainsturf.com
URL: https://www.gainsturf.com/index.php?la_page_demandee=bilan_des_pronostics

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

194.150.236.236 , France, ASN44976 (HIWIT_AS, FR),

Reverse DNS

ns76.hiwit.net

Software

Apache /

Resource Hash

ead7dff95228a235e92f3cc50bcd67d3e448ccb40cee683514504e8a59aa8f30

Security Headers

Name	Value
Strict-Transport-Security	max-age=15768000

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://www.gainsturf.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

Date: Fri, 16 Dec 2022 01:12:26 GMT
Strict-Transport-Security: max-age=15768000
Last-Modified: Sat, 24 Apr 2021 03:49:26 GMT
Server: Apache
ETag: "2563ddd-165f-5c0afcc7b5d80"
Vary: Host
Content-Type: image/gif
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=15, max=100
Content-Length: 5727

GET
H/1.1

200
OK

/
ns.allo-heberge.com/
Redirect Chain

https://www.millionturf.com/logos/eruditcourse.gif
https://ns.allo-heberge.com/

0
0

175ms
19ms

Image
text/html

194.150.236.5
HIWIT_AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ns.allo-heberge.com/
Requested by: Host: www.gainsturf.com
URL: https://www.gainsturf.com/index.php?la_page_demandee=bilan_des_pronostics
Protocol: HTTP/1.1
Server: 194.150.236.5 , France, ASN44976 (HIWIT_AS, FR),
Reverse DNS: ns.allo-heberge.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://www.gainsturf.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

Redirect headers

Date: Fri, 16 Dec 2022 01:12:26 GMT
Strict-Transport-Security: max-age=15768000
Server: Apache
Content-Type: text/html; charset=iso-8859-1
Location: http://ns.allo-heberge.com/
Connection: Keep-Alive
Keep-Alive: timeout=15, max=100
Content-Length: 211

GET basefiable.gif
www.edenturf.com/logos/ 0
0

GET
H/1.1

200
OK

/
ns.allo-heberge.com/
Redirect Chain

https://www.millionturf.com/logos/turforiginal.gif
https://ns.allo-heberge.com/

0
0

175ms
20ms

Image
text/html

194.150.236.5
HIWIT_AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ns.allo-heberge.com/
Requested by: Host: www.gainsturf.com
URL: https://www.gainsturf.com/index.php?la_page_demandee=bilan_des_pronostics
Protocol: HTTP/1.1
Server: 194.150.236.5 , France, ASN44976 (HIWIT_AS, FR),
Reverse DNS: ns.allo-heberge.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://www.gainsturf.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

Redirect headers

Date: Fri, 16 Dec 2022 01:12:26 GMT
Strict-Transport-Security: max-age=15768000
Server: Apache
Content-Type: text/html; charset=iso-8859-1
Location: http://ns.allo-heberge.com/
Connection: Keep-Alive
Keep-Alive: timeout=15, max=100
Content-Length: 211

GET
H/1.1

200
OK

/
ns.allo-heberge.com/
Redirect Chain

https://www.millionturf.com/logos/repereduturf.gif
https://ns.allo-heberge.com/

0
0

174ms
20ms

Image
text/html

194.150.236.5
HIWIT_AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ns.allo-heberge.com/
Requested by: Host: www.gainsturf.com
URL: https://www.gainsturf.com/index.php?la_page_demandee=bilan_des_pronostics
Protocol: HTTP/1.1
Server: 194.150.236.5 , France, ASN44976 (HIWIT_AS, FR),
Reverse DNS: ns.allo-heberge.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://www.gainsturf.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

Redirect headers

Date: Fri, 16 Dec 2022 01:12:26 GMT
Strict-Transport-Security: max-age=15768000
Server: Apache
Content-Type: text/html; charset=iso-8859-1
Location: http://ns.allo-heberge.com/
Connection: Keep-Alive
Keep-Alive: timeout=15, max=100
Content-Length: 211

GET
H2 200 gaz0_9032214.gif
static.blog4ever.com/2021/06/864279/ 48 KB
48 KB 179ms
20ms Image
image/gif 51.159.101.159
Online SAS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://static.blog4ever.com/2021/06/864279/gaz0_9032214.gif
Requested by: Host: www.gainsturf.com
URL: https://www.gainsturf.com/index.php?la_page_demandee=bilan_des_pronostics
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 51.159.101.159 Paris, France, ASN12876 (Online SAS, FR),
Reverse DNS: 17d9637a-13ac-43cc-99fb-9c6d17e34762.fr-par-2.baremetal.scw.cloud
Software: nginx /
Resource Hash: 653157402e7854734f65c4f112eae10ae42d1f093a40374d34c52c1374e9e077

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://www.gainsturf.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Fri, 16 Dec 2022 01:12:26 GMT
last-modified: Tue, 15 Jun 2021 08:32:30 GMT
server: nginx
etag: "60c8659e-bff3"
content-type: image/gif
cache-control: max-age=604800
accept-ranges: bytes
content-length: 49139
expires: Fri, 23 Dec 2022 01:12:26 GMT

GET
H/1.1 200
OK paiement.jpg
www.gainsturf.com/ 6 KB
7 KB 20ms
20ms Image
image/jpeg 194.150.236.165
HIWIT_AS

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.gainsturf.com/paiement.jpg

Requested by

Host: www.gainsturf.com
URL: https://www.gainsturf.com/index.php?la_page_demandee=bilan_des_pronostics

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

194.150.236.165 , France, ASN44976 (HIWIT_AS, FR),

Reverse DNS

ns5.hiwit.net

Software

Apache /

Resource Hash

360182fdc221bf6d7948902f1b91c57dc8696c95a1bcf4c8612a792e22e5682c

Security Headers

Name	Value
Strict-Transport-Security	max-age=15768000

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://www.gainsturf.com/index.php?la_page_demandee=bilan_des_pronostics
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

Date: Fri, 16 Dec 2022 01:12:26 GMT
Strict-Transport-Security: max-age=15768000
Last-Modified: Mon, 23 Nov 2015 18:34:12 GMT
Server: Apache
ETag: "17a497d-19eb-5253978b45100"
Vary: Host
Content-Type: image/jpeg
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=15, max=97
Content-Length: 6635

GET
H/1.1 200
OK bas.png
www.gainsturf.com/ 28 KB
29 KB 20ms
19ms Image
image/png 194.150.236.165
HIWIT_AS

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.gainsturf.com/bas.png

Requested by

Host: www.gainsturf.com
URL: https://www.gainsturf.com/index.php?la_page_demandee=bilan_des_pronostics

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

194.150.236.165 , France, ASN44976 (HIWIT_AS, FR),

Reverse DNS

ns5.hiwit.net

Software

Apache /

Resource Hash

738202790976570bfe9e0e2f80370dfde1c6d568113c9a801c6a3e251d4aeb1d

Security Headers

Name	Value
Strict-Transport-Security	max-age=15768000

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://www.gainsturf.com/index.php?la_page_demandee=bilan_des_pronostics
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

Date: Fri, 16 Dec 2022 01:12:26 GMT
Strict-Transport-Security: max-age=15768000
Last-Modified: Mon, 23 Nov 2015 18:33:32 GMT
Server: Apache
ETag: "17a496b-7117-525397651f700"
Vary: Host
Content-Type: image/png
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=15, max=99
Content-Length: 28951

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain: www.edenturf.com
URL: https://www.edenturf.com/logos/basefiable.gif

Verdicts & Comments Add Verdict or Comment

1 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| oncontentvisibilityautostatechange

1 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

			Domain/Path	Expires	Name / Value
			www.gainsturf.com/	1969-12-31 23:59:59	Name: PHPSESSID Value: 648ad92ee1e568953e175e7165da716c

7 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
security	warning	URL: https://www.gainsturf.com/index.php?la_page_demandee=bilan_des_pronostics(Line 1249) Message: Mixed Content: The page at 'https://www.gainsturf.com/index.php?la_page_demandee=bilan_des_pronostics' was loaded over HTTPS, but requested an insecure element 'http://www.levainqueur.com/logo.gif'. This request was automatically upgraded to HTTPS, For more information see https://blog.chromium.org/2019/10/no-more-mixed-messages-about-https.html
security	warning	URL: https://www.gainsturf.com/index.php?la_page_demandee=bilan_des_pronostics(Line 1249) Message: Mixed Content: The page at 'https://www.gainsturf.com/index.php?la_page_demandee=bilan_des_pronostics' was loaded over HTTPS, but requested an insecure element 'http://www.biltoturf.com/logo.gif'. This request was automatically upgraded to HTTPS, For more information see https://blog.chromium.org/2019/10/no-more-mixed-messages-about-https.html
security	warning	URL: https://www.gainsturf.com/index.php?la_page_demandee=bilan_des_pronostics(Line 1249) Message: Mixed Content: The page at 'https://www.gainsturf.com/index.php?la_page_demandee=bilan_des_pronostics' was loaded over HTTPS, but requested an insecure element 'http://www.millionturf.com/logos/eruditcourse.gif'. This request was automatically upgraded to HTTPS, For more information see https://blog.chromium.org/2019/10/no-more-mixed-messages-about-https.html
security	warning	URL: https://www.gainsturf.com/index.php?la_page_demandee=bilan_des_pronostics(Line 1249) Message: Mixed Content: The page at 'https://www.gainsturf.com/index.php?la_page_demandee=bilan_des_pronostics' was loaded over HTTPS, but requested an insecure element 'http://www.edenturf.com/logos/basefiable.gif'. This request was automatically upgraded to HTTPS, For more information see https://blog.chromium.org/2019/10/no-more-mixed-messages-about-https.html
security	warning	URL: https://www.gainsturf.com/index.php?la_page_demandee=bilan_des_pronostics(Line 1249) Message: Mixed Content: The page at 'https://www.gainsturf.com/index.php?la_page_demandee=bilan_des_pronostics' was loaded over HTTPS, but requested an insecure element 'http://www.millionturf.com/logos/turforiginal.gif'. This request was automatically upgraded to HTTPS, For more information see https://blog.chromium.org/2019/10/no-more-mixed-messages-about-https.html
security	warning	URL: https://www.gainsturf.com/index.php?la_page_demandee=bilan_des_pronostics(Line 1249) Message: Mixed Content: The page at 'https://www.gainsturf.com/index.php?la_page_demandee=bilan_des_pronostics' was loaded over HTTPS, but requested an insecure element 'http://www.millionturf.com/logos/repereduturf.gif'. This request was automatically upgraded to HTTPS, For more information see https://blog.chromium.org/2019/10/no-more-mixed-messages-about-https.html
network	error	URL: https://www.edenturf.com/logos/basefiable.gif Message: Failed to load resource: net::ERR_NAME_NOT_RESOLVED

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header	Value
Strict-Transport-Security	max-age=15768000

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

img.root-top.com
ns.allo-heberge.com
static.blog4ever.com
www.biltoturf.com
www.edenturf.com
www.gainsturf.com
www.levainqueur.com
www.millionturf.com
www.edenturf.com
194.150.236.165
194.150.236.236
194.150.236.5
2606:4700:3038::6815:ea1a
51.159.101.159
19474bc3584021e7a7ae1db226bd348a94d4ff592176097d3a4141215ea5f3a9
336e041b7c299275c3ec89cc251c339ea2ec1870b70dc4ef25ba308e972be005
360182fdc221bf6d7948902f1b91c57dc8696c95a1bcf4c8612a792e22e5682c
6270f4fc23be1ddceb334705172b0470d61d28d201fcc23402dbdc8bac85bdc7
653157402e7854734f65c4f112eae10ae42d1f093a40374d34c52c1374e9e077
738202790976570bfe9e0e2f80370dfde1c6d568113c9a801c6a3e251d4aeb1d
762eac3a7727b80c9ef945b3d38aab2db8b650855547a5eadd420d7e8df65dab
867c25c09f7dad9c0124458eb33bba568725ed5a14d36e37115d2641ac0fc335
9fc779b0a082059dd8e86b6a3ef673eeaf0581661b10ac531798243a68298636
adccbdc428ed6600a3b4632df50de3b7b8d4f95e9f81ed8d6c0718fd380dde07
c4b677ba991d6464f2ae30a84b17f9738dcfcc36f441effd907fa448ae416169
d4a47af514364d5c8b39c8bdccc19511ad8d1fb5405206e3e7660b96a8913d8e
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e40ffaee6ccdb763149c3d7c22688965b465330584814b33a51ff7b67cb8b68a
ead7dff95228a235e92f3cc50bcd67d3e448ccb40cee683514504e8a59aa8f30
f51daef4455b2a135e0cea4af3f373daaf313688bdb0c515f1ce15b17934e571

www.gainsturf.com Open in urlscan Pro 194.150.236.165 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Detected technologies

Page Statistics

19 Requests

79 %HTTPS

20 %IPv6

8 Domains

8 Subdomains

6 IPs

2 Countries

573 kBTransfer

567 kBSize

1 Cookies

13 Outgoing links

Redirected requests

19 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 0 data transactions

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Failed requests

Verdicts & Comments Add Verdict or Comment

1 JavaScript Global Variables

1 Cookies

7 Console Messages

Security Headers

Indicators

www.gainsturf.com Open in urlscan Pro
194.150.236.165 Public Scan

Screenshot
Live screenshot

Full Image

19
Requests

79 %
HTTPS

20 %
IPv6

8
Domains

8
Subdomains

6
IPs

2
Countries

573 kB
Transfer

567 kB
Size

1
Cookies

19 HTTP transactions
0 data transactions