URL: http://www.pronoscourse.com/turf/fortunecourse/index.php?la_page_demandee=pronostics_du_jour
Submission: On June 18 via manual from MA

Summary

This website contacted 7 IPs in 2 countries across 10 domains to perform 20 HTTP transactions. The main IP is 194.150.236.165, located in France and belongs to HIWIT_AS, FR. The main domain is www.pronoscourse.com.
This is the only time www.pronoscourse.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
11 194.150.236.165 44976 (HIWIT_AS)
1 64.20.38.219 19318 (IS-AS-1)
1 4 194.150.236.190 44976 (HIWIT_AS)
1 194.150.236.236 44976 (HIWIT_AS)
6 8 2606:4700:303... 13335 (CLOUDFLAR...)
1 2 91.121.164.142 16276 (OVH)
1 185.119.26.1 203544 (WEBDEVIIN-AS)
20 7
Domain Requested by
10 www.pronoscourse.com www.pronoscourse.com
8 img.root-top.com 6 redirects www.pronoscourse.com
2 nsm05.casimages.com 1 redirects www.pronoscourse.com
1 payment.allopass.com www.pronoscourse.com
1 www.snprono.powa.fr www.pronoscourse.com
1 www.biltoturf.com www.pronoscourse.com
1 www.zetop.info www.pronoscourse.com
1 zetop.info 1 redirects
1 www.turfsur.com www.pronoscourse.com
1 www.levainqueur.com www.pronoscourse.com
1 turftriomphe.com www.pronoscourse.com
20 11

This site contains links to these domains. Also see Links.

Domain
turftriomphe.com
www.levainqueur.com
www.turfsur.com
www.zetop.info
www.biltoturf.com
www.root-top.com
Subject Issuer Validity Valid
*.casimages.com
Sectigo RSA Domain Validation Secure Server CA
2021-04-04 -
2022-05-05
a year crt.sh
sni.cloudflaressl.com
Cloudflare Inc ECC CA-3
2020-08-03 -
2021-08-03
a year crt.sh
*.allopass.com
R3
2021-05-04 -
2021-08-02
3 months crt.sh

This page contains 1 frames:

Primary Page: http://www.pronoscourse.com/turf/fortunecourse/index.php?la_page_demandee=pronostics_du_jour
Frame ID: 11DADF693F762F081BEAD948043CC376
Requests: 20 HTTP requests in this frame

Screenshot


Detected technologies

Overall confidence: 100%
Detected patterns
  • url /\.php(?:$|\?)/i

Overall confidence: 100%
Detected patterns
  • headers server /(?:Apache(?:$|\/([\d.]+)|[^/-])|(?:^|\b)HTTPD)/i

Page Statistics

20
Requests

20 %
HTTPS

14 %
IPv6

10
Domains

11
Subdomains

7
IPs

2
Countries

618 kB
Transfer

612 kB
Size

0
Cookies

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 5
  • http://zetop.info/img/logo_zetop.gif HTTP 301
  • http://www.zetop.info/img/logo_zetop.gif
Request Chain 7
  • http://img.root-top.com/topsite/ficebook/banner.gif HTTP 301
  • https://img.root-top.com/topsite/ficebook/banner.gif HTTP 302
  • http://nsm05.casimages.com/img/2011/10/07/1110070340161338798861456.gif HTTP 301
  • https://nsm05.casimages.com/img/2011/10/07/1110070340161338798861456.gif
Request Chain 8
  • http://img.root-top.com/topsite/turfistes/banner.gif HTTP 301
  • https://img.root-top.com/topsite/turfistes/banner.gif
Request Chain 9
  • http://img.root-top.com/topsite/turfplus/banner.gif HTTP 301
  • https://img.root-top.com/topsite/turfplus/banner.gif
Request Chain 10
  • http://img.root-top.com/topsite/secreturf/banner.gif HTTP 301
  • https://img.root-top.com/topsite/secreturf/banner.gif HTTP 302
  • http://www.snprono.powa.fr/secreturf.gif

20 HTTP transactions

Resource
Path
Size
x-fer
Type
MIME-Type
Primary Request index.php?la_page_demandee=pronostics_du_jour
www.pronoscourse.com/turf/fortunecourse/
11 KB
12 KB
Document
General
Full URL
http://www.pronoscourse.com/turf/fortunecourse/index.php?la_page_demandee=pronostics_du_jour
Protocol
HTTP/1.1
Server
194.150.236.165 , France, ASN44976 (HIWIT_AS, FR),
Reverse DNS
ns5.hiwit.net
Software
Apache /
Resource Hash
ddf7065e2fb1b434534574e6d36a62d15b33ff311af1a734be2f0dd36b67b6e0

Request headers

Host
www.pronoscourse.com
Connection
keep-alive
Pragma
no-cache
Cache-Control
no-cache
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Accept-Encoding
gzip, deflate
Accept-Language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Fri, 18 Jun 2021 04:30:51 GMT
Server
Apache
Vary
Host
Keep-Alive
timeout=15, max=100
Connection
Keep-Alive
Transfer-Encoding
chunked
Content-Type
text/html
h1.png
www.pronoscourse.com/turf/fortunecourse/
27 KB
28 KB
Image
General
Full URL
http://www.pronoscourse.com/turf/fortunecourse/h1.png
Requested by
Host: www.pronoscourse.com
URL: http://www.pronoscourse.com/turf/fortunecourse/index.php?la_page_demandee=pronostics_du_jour
Protocol
HTTP/1.1
Server
194.150.236.165 , France, ASN44976 (HIWIT_AS, FR),
Reverse DNS
ns5.hiwit.net
Software
Apache /
Resource Hash
c50a8d7063f0ac813e1ac39f6fbb06861e4d7f8222a16101bf4dbacc3bb806de

Request headers

Pragma
no-cache
Accept-Encoding
gzip, deflate
Host
www.pronoscourse.com
Accept-Language
en-US
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept
image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
Referer
http://www.pronoscourse.com/turf/fortunecourse/index.php?la_page_demandee=pronostics_du_jour
Connection
keep-alive
Cache-Control
no-cache
Referer
http://www.pronoscourse.com/turf/fortunecourse/index.php?la_page_demandee=pronostics_du_jour
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Fri, 18 Jun 2021 04:30:51 GMT
Last-Modified
Mon, 21 Aug 2017 12:36:03 GMT
Server
Apache
ETag
"194d9dc-6d74-55742b8c612c0"
Vary
Host
Content-Type
image/png
Connection
Keep-Alive
Accept-Ranges
bytes
Keep-Alive
timeout=15, max=100
Content-Length
28020
header.jpg
www.pronoscourse.com/turf/fortunecourse/
99 KB
99 KB
Image
General
Full URL
http://www.pronoscourse.com/turf/fortunecourse/header.jpg
Requested by
Host: www.pronoscourse.com
URL: http://www.pronoscourse.com/turf/fortunecourse/index.php?la_page_demandee=pronostics_du_jour
Protocol
HTTP/1.1
Server
194.150.236.165 , France, ASN44976 (HIWIT_AS, FR),
Reverse DNS
ns5.hiwit.net
Software
Apache /
Resource Hash
2680921f3183aefc8e7756602433aeb83fca8d3498d4c2eace0e42da7e68dbe7

Request headers

Pragma
no-cache
Accept-Encoding
gzip, deflate
Host
www.pronoscourse.com
Accept-Language
en-US
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept
image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
Referer
http://www.pronoscourse.com/turf/fortunecourse/index.php?la_page_demandee=pronostics_du_jour
Connection
keep-alive
Cache-Control
no-cache
Referer
http://www.pronoscourse.com/turf/fortunecourse/index.php?la_page_demandee=pronostics_du_jour
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Fri, 18 Jun 2021 04:30:51 GMT
Last-Modified
Mon, 21 Aug 2017 12:36:09 GMT
Server
Apache
ETag
"194d9df-18a4a-55742b921a040"
Vary
Host
Content-Type
image/jpeg
Connection
Keep-Alive
Accept-Ranges
bytes
Keep-Alive
timeout=15, max=100
Content-Length
100938
logo2.gif
turftriomphe.com/lien/
77 KB
77 KB
Image
General
Full URL
http://turftriomphe.com/lien/logo2.gif
Requested by
Host: www.pronoscourse.com
URL: http://www.pronoscourse.com/turf/fortunecourse/index.php?la_page_demandee=pronostics_du_jour
Protocol
HTTP/1.1
Server
64.20.38.219 , United States, ASN19318 (IS-AS-1, US),
Reverse DNS
Software
LiteSpeed /
Resource Hash
7adb98959fb28df7c99082b45bbf1f1f75b818282b220ea5c86b667912aa402d

Request headers

Referer
http://www.pronoscourse.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Fri, 18 Jun 2021 04:30:51 GMT
Last-Modified
Tue, 03 Nov 2015 11:59:38 GMT
Server
LiteSpeed
Content-Type
image/gif
Cache-Control
public, max-age=604800
Connection
Keep-Alive
Accept-Ranges
bytes
Content-Length
78622
Expires
Fri, 25 Jun 2021 04:30:51 GMT
logo.gif
www.levainqueur.com/
28 KB
28 KB
Image
General
Full URL
http://www.levainqueur.com/logo.gif
Requested by
Host: www.pronoscourse.com
URL: http://www.pronoscourse.com/turf/fortunecourse/index.php?la_page_demandee=pronostics_du_jour
Protocol
HTTP/1.1
Server
194.150.236.165 , France, ASN44976 (HIWIT_AS, FR),
Reverse DNS
ns5.hiwit.net
Software
Apache /
Resource Hash
6270f4fc23be1ddceb334705172b0470d61d28d201fcc23402dbdc8bac85bdc7

Request headers

Referer
http://www.pronoscourse.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Fri, 18 Jun 2021 04:30:51 GMT
Last-Modified
Tue, 13 Oct 2015 12:36:31 GMT
Server
Apache
ETag
"e76ccd-70a5-521fbb20911c0"
Vary
Host
Content-Type
image/gif
Connection
Keep-Alive
Accept-Ranges
bytes
Keep-Alive
timeout=15, max=100
Content-Length
28837
logo.gif
www.turfsur.com/img/
11 KB
11 KB
Image
General
Full URL
http://www.turfsur.com/img/logo.gif
Requested by
Host: www.pronoscourse.com
URL: http://www.pronoscourse.com/turf/fortunecourse/index.php?la_page_demandee=pronostics_du_jour
Protocol
HTTP/1.1
Server
194.150.236.190 , France, ASN44976 (HIWIT_AS, FR),
Reverse DNS
ns30.hiwit.net
Software
Apache /
Resource Hash
9bd0c1e96f9d3b63b53ba8c355ada916479d8815034cab0aad1540c3c602d896

Request headers

Referer
http://www.pronoscourse.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Fri, 18 Jun 2021 04:30:51 GMT
Last-Modified
Mon, 05 Mar 2018 05:51:23 GMT
Server
Apache
ETag
"878aad-2cb9-566a3ea782cc0"
Vary
Host
Content-Type
image/gif
Connection
Keep-Alive
Accept-Ranges
bytes
Keep-Alive
timeout=10, max=100
Content-Length
11449
logo_zetop.gif
www.zetop.info/img/
Redirect Chain
  • http://zetop.info/img/logo_zetop.gif
  • http://www.zetop.info/img/logo_zetop.gif
11 KB
11 KB
Image
General
Full URL
http://www.zetop.info/img/logo_zetop.gif
Requested by
Host: www.pronoscourse.com
URL: http://www.pronoscourse.com/turf/fortunecourse/index.php?la_page_demandee=pronostics_du_jour
Protocol
HTTP/1.1
Server
194.150.236.190 , France, ASN44976 (HIWIT_AS, FR),
Reverse DNS
ns30.hiwit.net
Software
Apache /
Resource Hash
7c9a501ff24c88a1c67c41a92315b5c7b94e19bed6381da81631f691e501a8be

Request headers

Referer
http://www.pronoscourse.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Fri, 18 Jun 2021 04:30:51 GMT
Last-Modified
Thu, 06 Jun 2013 09:17:28 GMT
Server
Apache
ETag
"64570c-2ac9-4de78c87e3a00"
Vary
Host
Content-Type
image/gif
Connection
Keep-Alive
Accept-Ranges
bytes
Keep-Alive
timeout=10, max=100
Content-Length
10953

Redirect headers

Location
http://www.zetop.info/img/logo_zetop.gif
Date
Fri, 18 Jun 2021 04:30:51 GMT
Server
Apache
Connection
Keep-Alive
Keep-Alive
timeout=10, max=100
Content-Length
248
Content-Type
text/html; charset=iso-8859-1
logo.gif
www.biltoturf.com/
6 KB
6 KB
Image
General
Full URL
http://www.biltoturf.com/logo.gif
Requested by
Host: www.pronoscourse.com
URL: http://www.pronoscourse.com/turf/fortunecourse/index.php?la_page_demandee=pronostics_du_jour
Protocol
HTTP/1.1
Server
194.150.236.236 , France, ASN44976 (HIWIT_AS, FR),
Reverse DNS
ns76.hiwit.net
Software
Apache /
Resource Hash
ead7dff95228a235e92f3cc50bcd67d3e448ccb40cee683514504e8a59aa8f30

Request headers

Referer
http://www.pronoscourse.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Fri, 18 Jun 2021 04:30:51 GMT
Last-Modified
Sat, 24 Apr 2021 03:49:26 GMT
Server
Apache
ETag
"2563ddd-165f-5c0afcc7b5d80"
Vary
Host
Content-Type
image/gif
Connection
Keep-Alive
Accept-Ranges
bytes
Keep-Alive
timeout=15, max=100
Content-Length
5727
1110070340161338798861456.gif
nsm05.casimages.com/img/2011/10/07/
Redirect Chain
  • http://img.root-top.com/topsite/ficebook/banner.gif
  • https://img.root-top.com/topsite/ficebook/banner.gif
  • http://nsm05.casimages.com/img/2011/10/07/1110070340161338798861456.gif
  • https://nsm05.casimages.com/img/2011/10/07/1110070340161338798861456.gif
8 KB
9 KB
Image
General
Full URL
https://nsm05.casimages.com/img/2011/10/07/1110070340161338798861456.gif
Requested by
Host: www.pronoscourse.com
URL: http://www.pronoscourse.com/turf/fortunecourse/index.php?la_page_demandee=pronostics_du_jour
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
91.121.164.142 , France, ASN16276 (OVH, FR),
Reverse DNS
ns360576.ip-91-121-164.eu
Software
Apache /
Resource Hash
c208d77e0e089f3e3b6e76a7811758dc5fe21725e55e37d22d54a878cefec06c
Security Headers
Name Value
Strict-Transport-Security max-age=31556926

Request headers

Referer
http://www.pronoscourse.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Fri, 18 Jun 2021 04:39:39 GMT
Last-Modified
Thu, 14 Jan 2016 06:35:23 GMT
Server
Apache
ETag
"9c6610d-219d-529457dc380c0"
Strict-Transport-Security
max-age=31556926
Content-Type
image/gif
Access-Control-Allow-Origin
https://www.casimages.com
Cache-Control
max-age=31536000
Connection
Keep-Alive
Accept-Ranges
bytes
Keep-Alive
timeout=5, max=100
Content-Length
8605
Expires
Sat, 18 Jun 2022 04:39:39 GMT

Redirect headers

Location
https://nsm05.casimages.com/img/2011/10/07/1110070340161338798861456.gif
Date
Fri, 18 Jun 2021 04:39:39 GMT
Server
Apache
Connection
Keep-Alive
Keep-Alive
timeout=5, max=100
Content-Length
280
Content-Type
text/html; charset=iso-8859-1
banner.gif
img.root-top.com/topsite/turfistes/
Redirect Chain
  • http://img.root-top.com/topsite/turfistes/banner.gif
  • https://img.root-top.com/topsite/turfistes/banner.gif
10 KB
10 KB
Image
General
Full URL
https://img.root-top.com/topsite/turfistes/banner.gif
Requested by
Host: www.pronoscourse.com
URL: http://www.pronoscourse.com/turf/fortunecourse/index.php?la_page_demandee=pronostics_du_jour
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3038::6815:ea1a , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
3005df14ee8178e94b13c6c28388978d3502b27fcb4a83ff867fa8a9261d9829

Request headers

Referer
http://www.pronoscourse.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 18 Jun 2021 04:30:51 GMT
cf-cache-status
HIT
nel
{"report_to":"cf-nel","max_age":604800}
age
71160
alt-svc
h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
content-length
9791
cf-request-id
0abefbe35a0000177e23a5e000000001
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v2?s=%2BQQkVwfBkED7jhyRnPNtMCzdnEUbwnMbNw7Qbkvzp1RF8CQw8iahPmYJZCWIEH5hWazrb6hvQYKylLAEyloprSnHQLJDKCWD6J2SkvXh8v1kkLDcGmR13CmtevXqsEWXK%2FmQY9ED2fpfqA%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/gif
cache-control
max-age=14400, must-revalidate
accept-ranges
bytes
cf-ray
6611c8e55f93177e-FRA
expires
Sun, 20 Jun 2021 08:44:51 GMT

Redirect headers

Date
Fri, 18 Jun 2021 04:30:51 GMT
CF-Cache-Status
HIT
NEL
{"report_to":"cf-nel","max_age":604800}
Server
cloudflare
Age
603
Vary
Accept-Encoding
Report-To
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v2?s=Cg8wNIV%2FOLf2ROosDTABAd6px3EnvY954r%2Bi%2BjzU%2B1C36aUbq0ZampsxASr6P0UneZK4MnKXEMFU8hHk%2Fi9MYE1HUdDH0847djtcZAbSShENHCfbKbqUlJT4FaWRnuvxQvv19lcbczyyVQ%3D%3D"}],"group":"cf-nel","max_age":604800}
Location
https://img.root-top.com/topsite/turfistes/banner.gif
Cache-Control
max-age=14400
Connection
keep-alive
CF-RAY
6611c8e51cfc4dc4-FRA
alt-svc
h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
Content-Length
0
cf-request-id
0abefbe33200004dc47d2b0000000001
banner.gif
img.root-top.com/topsite/turfplus/
Redirect Chain
  • http://img.root-top.com/topsite/turfplus/banner.gif
  • https://img.root-top.com/topsite/turfplus/banner.gif
4 KB
4 KB
Image
General
Full URL
https://img.root-top.com/topsite/turfplus/banner.gif
Requested by
Host: www.pronoscourse.com
URL: http://www.pronoscourse.com/turf/fortunecourse/index.php?la_page_demandee=pronostics_du_jour
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3038::6815:ea1a , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
c89138fe4d60f677872fa14679dd7d6807b9f614bd62beb3ffc112f082442b8d

Request headers

Referer
http://www.pronoscourse.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 18 Jun 2021 04:30:51 GMT
cf-cache-status
HIT
nel
{"report_to":"cf-nel","max_age":604800}
age
1257161
alt-svc
h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
content-length
3872
cf-request-id
0abefbe3550000177ee52d1000000001
last-modified
Wed, 14 Sep 2011 18:49:04 GMT
server
cloudflare
etag
"510718442"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v2?s=zSSphjBKyzQ%2BsQh5PncNCzND8XLar01p62AUkGVQbiblp5ffiG9d4sBw8jjp08gnchJMDiETgSmUKiIDBPMONpodHlilRAoc2EcCYj5kJS9MsDaPweb7W0yNafvNLiuu0ynZ9%2FrI9jrr1w%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/png
cache-control
max-age=2678400
accept-ranges
bytes
cf-ray
6611c8e55f9b177e-FRA
expires
Mon, 24 May 2021 23:04:17 GMT

Redirect headers

Date
Fri, 18 Jun 2021 04:30:51 GMT
CF-Cache-Status
HIT
NEL
{"report_to":"cf-nel","max_age":604800}
Server
cloudflare
Age
230
Vary
Accept-Encoding
Report-To
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v2?s=xOiKB7TQVHdqfb8DwcVF0LjLVq%2FK9XcNIYBF6HqNxkbgLb8bUG2wM8z%2B%2BEmsyfCYzUkUWRiQYX4FMVzVCxKLZlfIP4vz2vJcpi1q%2F0%2BuM78gvFkLsLo4UdiqN14ax51rsZGim1rkX9sJ%2Bw%3D%3D"}],"group":"cf-nel","max_age":604800}
Location
https://img.root-top.com/topsite/turfplus/banner.gif
Cache-Control
max-age=14400
Connection
keep-alive
CF-RAY
6611c8e52a492c56-FRA
alt-svc
h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
Content-Length
0
cf-request-id
0abefbe33a00002c56af310000000001
secreturf.gif
www.snprono.powa.fr/
Redirect Chain
  • http://img.root-top.com/topsite/secreturf/banner.gif
  • https://img.root-top.com/topsite/secreturf/banner.gif
  • http://www.snprono.powa.fr/secreturf.gif
26 KB
26 KB
Image
General
Full URL
http://www.snprono.powa.fr/secreturf.gif
Requested by
Host: www.pronoscourse.com
URL: http://www.pronoscourse.com/turf/fortunecourse/index.php?la_page_demandee=pronostics_du_jour
Protocol
HTTP/1.1
Server
194.150.236.190 , France, ASN44976 (HIWIT_AS, FR),
Reverse DNS
ns30.hiwit.net
Software
Apache /
Resource Hash
0c9a44b18ceb770e00ec78282dbb2b4b880686e3ab7d97933710b0f85d56a725

Request headers

Referer
http://www.pronoscourse.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Fri, 18 Jun 2021 04:30:51 GMT
Last-Modified
Sat, 14 Nov 2020 05:14:08 GMT
Server
Apache
ETag
"a51079-666d-5b40a36f12800"
Vary
Host
Content-Type
image/gif
Connection
Keep-Alive
Accept-Ranges
bytes
Keep-Alive
timeout=10, max=100
Content-Length
26221

Redirect headers

date
Fri, 18 Jun 2021 04:30:51 GMT
cf-cache-status
BYPASS
nel
{"report_to":"cf-nel","max_age":604800}
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v2?s=6Zk%2BeGVwz66qwaaW13UT9hsgfXe%2B3CGgE2aanwFs3EOfIYagFpOtC%2FEL5%2Bpc23iDv0cAGOn%2Bg%2BNrDj%2B3hE%2BDCW90l8kxJerF9nUVo9LB9%2Bu9XoBRodgkBSifiIkPO8JauOdXdnTas9%2BdUQ%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
text/html; charset=iso-8859-1
location
http://www.snprono.powa.fr/secreturf.gif
cf-ray
6611c8e55f99177e-FRA
alt-svc
h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
cf-request-id
0abefbe3550000177e0e391000000001
secure.apu?ids=316940&idd=1551572
payment.allopass.com/api/
1 KB
2 KB
Script
General
Full URL
https://payment.allopass.com/api/secure.apu?ids=316940&idd=1551572
Requested by
Host: www.pronoscourse.com
URL: http://www.pronoscourse.com/turf/fortunecourse/index.php?la_page_demandee=pronostics_du_jour
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
185.119.26.1 , France, ASN203544 (WEBDEVIIN-AS, FR),
Reverse DNS
1.26.119.185.in-addr.arpa
Software
Apache /
Resource Hash
68d08f86c5ff4fec88852c315a0870332110b742ae85a9bfd8436ea07ac763df

Request headers

Referer
http://www.pronoscourse.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Fri, 18 Jun 2021 04:30:51 GMT
Server
Apache
Connection
close
Content-Length
1521
X-Allopass-Token
60cc217be41aa
Content-Type
text/javascript; charset=utf-8
Scoop_camille.jpg
www.pronoscourse.com/turf/fortunecourse/
130 KB
130 KB
Image
General
Full URL
http://www.pronoscourse.com/turf/fortunecourse/Scoop_camille.jpg
Requested by
Host: www.pronoscourse.com
URL: http://www.pronoscourse.com/turf/fortunecourse/index.php?la_page_demandee=pronostics_du_jour
Protocol
HTTP/1.1
Server
194.150.236.165 , France, ASN44976 (HIWIT_AS, FR),
Reverse DNS
ns5.hiwit.net
Software
Apache /
Resource Hash
d64984de6507d8ecee4088d57eebe2451b69cd394c4cd0cdba6f2d924763c846

Request headers

Pragma
no-cache
Accept-Encoding
gzip, deflate
Host
www.pronoscourse.com
Accept-Language
en-US
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept
image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
Referer
http://www.pronoscourse.com/turf/fortunecourse/index.php?la_page_demandee=pronostics_du_jour
Connection
keep-alive
Cache-Control
no-cache
Referer
http://www.pronoscourse.com/turf/fortunecourse/index.php?la_page_demandee=pronostics_du_jour
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Fri, 18 Jun 2021 04:30:51 GMT
Last-Modified
Mon, 21 Aug 2017 12:36:21 GMT
Server
Apache
ETag
"194d9e4-2087c-55742b9d8bb40"
Vary
Host
Content-Type
image/jpeg
Connection
Keep-Alive
Accept-Ranges
bytes
Keep-Alive
timeout=15, max=100
Content-Length
133244
index.php?la_page_demandee=pronostics_du_jour
www.pronoscourse.com/turf/fortunecourse/
1 KB
1 KB
Image
General
Full URL
http://www.pronoscourse.com/turf/fortunecourse/index.php?la_page_demandee=pronostics_du_jour
Requested by
Host: www.pronoscourse.com
URL: http://www.pronoscourse.com/turf/fortunecourse/index.php?la_page_demandee=pronostics_du_jour
Protocol
HTTP/1.1
Server
194.150.236.165 , France, ASN44976 (HIWIT_AS, FR),
Reverse DNS
ns5.hiwit.net
Software
Apache /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Pragma
no-cache
Accept-Encoding
gzip, deflate
Host
www.pronoscourse.com
Accept-Language
en-US
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept
image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
Referer
http://www.pronoscourse.com/turf/fortunecourse/index.php?la_page_demandee=pronostics_du_jour
Connection
keep-alive
Cache-Control
no-cache
Referer
http://www.pronoscourse.com/turf/fortunecourse/index.php?la_page_demandee=pronostics_du_jour
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Fri, 18 Jun 2021 04:30:51 GMT
Vary
Host
Server
Apache
Connection
Keep-Alive
Keep-Alive
timeout=15, max=99
Transfer-Encoding
chunked
Content-Type
text/html
h2.png
www.pronoscourse.com/turf/fortunecourse/
27 KB
27 KB
Image
General
Full URL
http://www.pronoscourse.com/turf/fortunecourse/h2.png
Requested by
Host: www.pronoscourse.com
URL: http://www.pronoscourse.com/turf/fortunecourse/index.php?la_page_demandee=pronostics_du_jour
Protocol
HTTP/1.1
Server
194.150.236.165 , France, ASN44976 (HIWIT_AS, FR),
Reverse DNS
ns5.hiwit.net
Software
Apache /
Resource Hash
6faf4e5943d6929526b1ace9839f78382d7bbf8e939937cc0d1d024eaedc43ec

Request headers

Pragma
no-cache
Accept-Encoding
gzip, deflate
Host
www.pronoscourse.com
Accept-Language
en-US
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept
image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
Referer
http://www.pronoscourse.com/turf/fortunecourse/index.php?la_page_demandee=pronostics_du_jour
Connection
keep-alive
Cache-Control
no-cache
Referer
http://www.pronoscourse.com/turf/fortunecourse/index.php?la_page_demandee=pronostics_du_jour
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Fri, 18 Jun 2021 04:30:51 GMT
Last-Modified
Mon, 21 Aug 2017 12:36:04 GMT
Server
Apache
ETag
"194d9dd-6aee-55742b8d55500"
Vary
Host
Content-Type
image/png
Connection
Keep-Alive
Accept-Ranges
bytes
Keep-Alive
timeout=15, max=100
Content-Length
27374
puce.png
www.pronoscourse.com/turf/fortunecourse/
38 KB
39 KB
Image
General
Full URL
http://www.pronoscourse.com/turf/fortunecourse/puce.png
Requested by
Host: www.pronoscourse.com
URL: http://www.pronoscourse.com/turf/fortunecourse/index.php?la_page_demandee=pronostics_du_jour
Protocol
HTTP/1.1
Server
194.150.236.165 , France, ASN44976 (HIWIT_AS, FR),
Reverse DNS
ns5.hiwit.net
Software
Apache /
Resource Hash
dbd33fac1eb9ae03922641bf09830249044bc0119042d161c7fe7ccf5c007cc3

Request headers

Pragma
no-cache
Accept-Encoding
gzip, deflate
Host
www.pronoscourse.com
Accept-Language
en-US
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept
image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
Referer
http://www.pronoscourse.com/turf/fortunecourse/index.php?la_page_demandee=pronostics_du_jour
Connection
keep-alive
Cache-Control
no-cache
Referer
http://www.pronoscourse.com/turf/fortunecourse/index.php?la_page_demandee=pronostics_du_jour
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Fri, 18 Jun 2021 04:30:51 GMT
Last-Modified
Mon, 21 Aug 2017 12:36:17 GMT
Server
Apache
ETag
"194d9e3-9949-55742b99bb240"
Vary
Host
Content-Type
image/png
Connection
Keep-Alive
Accept-Ranges
bytes
Keep-Alive
timeout=15, max=100
Content-Length
39241
h3.png
www.pronoscourse.com/turf/fortunecourse/
27 KB
28 KB
Image
General
Full URL
http://www.pronoscourse.com/turf/fortunecourse/h3.png
Requested by
Host: www.pronoscourse.com
URL: http://www.pronoscourse.com/turf/fortunecourse/index.php?la_page_demandee=pronostics_du_jour
Protocol
HTTP/1.1
Server
194.150.236.165 , France, ASN44976 (HIWIT_AS, FR),
Reverse DNS
ns5.hiwit.net
Software
Apache /
Resource Hash
85939c05f88881282d0aa5d48c5289231759f7d31db51ad4aab1698948612bdb

Request headers

Pragma
no-cache
Accept-Encoding
gzip, deflate
Host
www.pronoscourse.com
Accept-Language
en-US
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept
image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
Referer
http://www.pronoscourse.com/turf/fortunecourse/index.php?la_page_demandee=pronostics_du_jour
Connection
keep-alive
Cache-Control
no-cache
Referer
http://www.pronoscourse.com/turf/fortunecourse/index.php?la_page_demandee=pronostics_du_jour
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Fri, 18 Jun 2021 04:30:51 GMT
Last-Modified
Mon, 21 Aug 2017 12:36:06 GMT
Server
Apache
ETag
"194d9de-6dde-55742b8f3d980"
Vary
Host
Content-Type
image/png
Connection
Keep-Alive
Accept-Ranges
bytes
Keep-Alive
timeout=15, max=100
Content-Length
28126
date.png
www.pronoscourse.com/turf/fortunecourse/
39 KB
39 KB
Image
General
Full URL
http://www.pronoscourse.com/turf/fortunecourse/date.png
Requested by
Host: www.pronoscourse.com
URL: http://www.pronoscourse.com/turf/fortunecourse/index.php?la_page_demandee=pronostics_du_jour
Protocol
HTTP/1.1
Server
194.150.236.165 , France, ASN44976 (HIWIT_AS, FR),
Reverse DNS
ns5.hiwit.net
Software
Apache /
Resource Hash
ecc132d445a4321f033bc3b45093bf742f4bd9920f5f633d82d4331f21a0c7b5

Request headers

Pragma
no-cache
Accept-Encoding
gzip, deflate
Host
www.pronoscourse.com
Accept-Language
en-US
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept
image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
Referer
http://www.pronoscourse.com/turf/fortunecourse/index.php?la_page_demandee=pronostics_du_jour
Connection
keep-alive
Cache-Control
no-cache
Referer
http://www.pronoscourse.com/turf/fortunecourse/index.php?la_page_demandee=pronostics_du_jour
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Fri, 18 Jun 2021 04:30:51 GMT
Last-Modified
Mon, 21 Aug 2017 12:36:00 GMT
Server
Apache
ETag
"194d9da-9b38-55742b8984c00"
Vary
Host
Content-Type
image/png
Connection
Keep-Alive
Accept-Ranges
bytes
Keep-Alive
timeout=15, max=99
Content-Length
39736
arpnum.png
www.pronoscourse.com/turf/fortunecourse/
31 KB
31 KB
Image
General
Full URL
http://www.pronoscourse.com/turf/fortunecourse/arpnum.png
Requested by
Host: www.pronoscourse.com
URL: http://www.pronoscourse.com/turf/fortunecourse/index.php?la_page_demandee=pronostics_du_jour
Protocol
HTTP/1.1
Server
194.150.236.165 , France, ASN44976 (HIWIT_AS, FR),
Reverse DNS
ns5.hiwit.net
Software
Apache /
Resource Hash
5ea3545f6ce50418d7e69c95ef9f4b993f8ddaa1b565196802c98aa79805194f

Request headers

Pragma
no-cache
Accept-Encoding
gzip, deflate
Host
www.pronoscourse.com
Accept-Language
en-US
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept
image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
Referer
http://www.pronoscourse.com/turf/fortunecourse/index.php?la_page_demandee=pronostics_du_jour
Connection
keep-alive
Cache-Control
no-cache
Referer
http://www.pronoscourse.com/turf/fortunecourse/index.php?la_page_demandee=pronostics_du_jour
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Fri, 18 Jun 2021 04:30:51 GMT
Last-Modified
Mon, 21 Aug 2017 12:35:57 GMT
Server
Apache
ETag
"194d9d8-7b0e-55742b86a8540"
Vary
Host
Content-Type
image/png
Connection
Keep-Alive
Accept-Ranges
bytes
Keep-Alive
timeout=15, max=99
Content-Length
31502

14 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| onbeforexrselect object| ontransitionrun object| ontransitionstart object| ontransitioncancel boolean| originAgentCluster object| trustedTypes boolean| crossOriginIsolated string| error_url undefined| ap_check undefined| checked undefined| request undefined| res function| getParameterByName boolean| loaded

0 Cookies

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

img.root-top.com
nsm05.casimages.com
payment.allopass.com
turftriomphe.com
www.biltoturf.com
www.levainqueur.com
www.pronoscourse.com
www.snprono.powa.fr
www.turfsur.com
www.zetop.info
zetop.info
185.119.26.1
194.150.236.165
194.150.236.190
194.150.236.236
2606:4700:3038::6815:ea1a
64.20.38.219
91.121.164.142
0c9a44b18ceb770e00ec78282dbb2b4b880686e3ab7d97933710b0f85d56a725
2680921f3183aefc8e7756602433aeb83fca8d3498d4c2eace0e42da7e68dbe7
3005df14ee8178e94b13c6c28388978d3502b27fcb4a83ff867fa8a9261d9829
5ea3545f6ce50418d7e69c95ef9f4b993f8ddaa1b565196802c98aa79805194f
6270f4fc23be1ddceb334705172b0470d61d28d201fcc23402dbdc8bac85bdc7
68d08f86c5ff4fec88852c315a0870332110b742ae85a9bfd8436ea07ac763df
6faf4e5943d6929526b1ace9839f78382d7bbf8e939937cc0d1d024eaedc43ec
7adb98959fb28df7c99082b45bbf1f1f75b818282b220ea5c86b667912aa402d
7c9a501ff24c88a1c67c41a92315b5c7b94e19bed6381da81631f691e501a8be
85939c05f88881282d0aa5d48c5289231759f7d31db51ad4aab1698948612bdb
9bd0c1e96f9d3b63b53ba8c355ada916479d8815034cab0aad1540c3c602d896
c208d77e0e089f3e3b6e76a7811758dc5fe21725e55e37d22d54a878cefec06c
c50a8d7063f0ac813e1ac39f6fbb06861e4d7f8222a16101bf4dbacc3bb806de
c89138fe4d60f677872fa14679dd7d6807b9f614bd62beb3ffc112f082442b8d
d64984de6507d8ecee4088d57eebe2451b69cd394c4cd0cdba6f2d924763c846
dbd33fac1eb9ae03922641bf09830249044bc0119042d161c7fe7ccf5c007cc3
ddf7065e2fb1b434534574e6d36a62d15b33ff311af1a734be2f0dd36b67b6e0
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
ead7dff95228a235e92f3cc50bcd67d3e448ccb40cee683514504e8a59aa8f30
ecc132d445a4321f033bc3b45093bf742f4bd9920f5f633d82d4331f21a0c7b5