www.turfjumele.ouba.com Open in urlscan Pro
194.150.236.166 Public Scan

Go To Rescan
Add Verdict Report

URL:
http://www.turfjumele.ouba.com/
Submission: On November 30 via manual (November 30th 2023, 8:04:36 pm UTC) from MA — Scanned from FR

Summary HTTP 19 Redirects Links 8 Behaviour Indicators

Summary

This website contacted 9 IPs in 3 countries across 9 domains to perform 19 HTTP transactions. The main IP is 194.150.236.166, located in France and belongs to HIWIT_AS, FR. The main domain is www.turfjumele.ouba.com.

This is the only time www.turfjumele.ouba.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
3	194.150.236.166 194.150.236.166	44976 (HIWIT_AS) (HIWIT_AS)
2 6	91.198.105.122 91.198.105.122	35393 (EURO-WEB-AS) (EURO-WEB-AS)
1	104.164.68.150 104.164.68.150	18779 (EGIHOSTING) (EGIHOSTING)
2 2	2606:4700:303... 2606:4700:3038::6815:ea1a	13335 (CLOUDFLAR...) (CLOUDFLARENET)
2	2606:4700:303... 2606:4700:3038::6815:ea1b	13335 (CLOUDFLAR...) (CLOUDFLARENET)
4	185.119.26.1 185.119.26.1	203544 (WEBDEVIIN-AS) (WEBDEVIIN-AS)
1	194.0.255.28 194.0.255.28	8218 (NEO-ASN l...) (NEO-ASN legacy Neotelecoms)
2	2a00:1450:400... 2a00:1450:4001:813::2008	15169 (GOOGLE) (GOOGLE)
1	2001:4860:480... 2001:4860:4802:32::36	15169 (GOOGLE) (GOOGLE)
19	9

3 194.150.236.166 (France)

ASN44976 (HIWIT_AS, FR)
PTR: ns6.hiwit.net

www.turfjumele.ouba.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
www.turfinfos.ouba.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 91.198.105.122 (France) 2 redirects

ASN35393 (EURO-WEB-AS, FR)

www.gambling-affiliation.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
static.gambling-affiliation.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 104.164.68.150 (United States)

ASN18779 (EGIHOSTING, US)

topnelly.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2606:4700:3038::6815:ea1a (United States) 2 redirects

ASN13335 (CLOUDFLARENET, US)

img.root-top.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2606:4700:3038::6815:ea1b (United States)

ASN13335 (CLOUDFLARENET, US)

img.root-top.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 185.119.26.1 (France)

ASN203544 (WEBDEVIIN-AS, FR)
PTR: 1.26.119.185.in-addr.arpa

payment.allopass.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 194.0.255.28 (France)

ASN8218 (NEO-ASN legacy Neotelecoms, FR)
PTR: srv28.bdmultimedia.fr

script.starpass.fr	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:813::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.googletagmanager.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2001:4860:4802:32::36 (United States)

ASN15169 (GOOGLE, US)

region1.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
6	gambling-affiliation.com 2 redirects www.gambling-affiliation.com static.gambling-affiliation.com	330 KB
4	allopass.com payment.allopass.com	11 KB
4	root-top.com 2 redirects img.root-top.com	11 KB
3	ouba.com www.turfjumele.ouba.com www.turfinfos.ouba.com	43 KB
2	googletagmanager.com www.googletagmanager.com — Cisco Umbrella Rank: 36	154 KB
1	google-analytics.com region1.google-analytics.com — Cisco Umbrella Rank: 2189	259 B
1	starpass.fr script.starpass.fr	289 B
1	topnelly.com topnelly.com	10 KB
0	pmugagnant.com Failed www.pmugagnant.com Failed
19	9

	Domain	Requested by
4	payment.allopass.com	www.turfjumele.ouba.com payment.allopass.com
4	img.root-top.com	2 redirects www.turfjumele.ouba.com
4	www.gambling-affiliation.com	2 redirects www.turfjumele.ouba.com
2	www.googletagmanager.com	payment.allopass.com www.googletagmanager.com
2	static.gambling-affiliation.com	www.turfjumele.ouba.com
2	www.turfjumele.ouba.com	www.turfjumele.ouba.com
1	region1.google-analytics.com	www.googletagmanager.com
1	script.starpass.fr	www.turfjumele.ouba.com
1	www.turfinfos.ouba.com	www.turfjumele.ouba.com
1	topnelly.com	www.turfjumele.ouba.com
0	www.pmugagnant.com Failed	www.turfjumele.ouba.com
19	11

This site contains links to these domains. Also see Links.

Domain
www.gambling-affiliation.com
www.topnelly.com
www.pmugagnant.com
www.root-top.com
www.turfinfos.ouba.com
payment.allopass.com

Subject Issuer	Validity	Valid
*.allopass.com Sectigo RSA Domain Validation Secure Server CA	`2023-10-06` - `2024-10-07`	a year	crt.sh
script.starpass.fr ZeroSSL RSA Domain Secure Site CA	`2023-11-12` - `2024-02-10`	3 months	crt.sh
static.gambling-affiliation.com Gandi RSA Domain Validation Secure Server CA 3	`2023-08-31` - `2024-08-31`	a year	crt.sh
*.google-analytics.com GTS CA 1C3	`2023-10-23` - `2024-01-15`	3 months	crt.sh

This page contains 1 frames:

Primary Page: http://www.turfjumele.ouba.com/
Frame ID: F0BC368DD2B59632CE8FCFD832EA5DCC
Requests: 19 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

TURFJUMELE

Detected technologies

Google Analytics (Analytics) Expand

Overall confidence: 100%
Detected patterns

Google Tag Manager (Tag Managers) Expand

Overall confidence: 100%
Detected patterns

googletagmanager\.com/gtm\.js

Page Statistics

19
Requests

53 %
HTTPS

44 %
IPv6

9
Domains

11
Subdomains

9
IPs

3
Countries

557 kB
Transfer

859 kB
Size

5
Cookies

8 Outgoing links

These are links going to different origins than the main page.

URL: https://www.gambling-affiliation.com/cpc/v=XOYfWloMSxub.PrvkxP.6RvDVyBVLZF9ATEkHeA-hX8_GA7331V2&aff_var_1=

Search URL Search Domain Scan URL

URL: http://www.topnelly.com/vote.php?id=14

Search URL Search Domain Scan URL

URL: http://www.pmugagnant.com/vote.php?id=30

Search URL Search Domain Scan URL

URL: http://www.root-top.com/topsite/baseturf/in.php?ID=416

Search URL Search Domain Scan URL

URL: http://www.root-top.com/topsite/avisdespros/in.php?ID=139

Search URL Search Domain Scan URL

URL: http://www.turfinfos.ouba.com/vote.php?id=42

Search URL Search Domain Scan URL

URL: https://www.gambling-affiliation.com/cpc/v=XyxQYsFrQfxlCp9M2uuTiQT3OGBUJixTxEYgC-ZBzPk_GA7331V2&aff_var_1=

Search URL Search Domain Scan URL

URL: https://payment.allopass.com/buy/buy.apu?ids=357182&idd=1558081&carousel=row

Search URL Search Domain Scan URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 0

http://www.gambling-affiliation.com/cpm/v=rXQqzpWoJL1IUZjAYLnx69oltvp9uTgPNNZJ1lh9b-UtXxFrYKjgvzNATmgTPiQLcAgghqTcRwfHgGAEI8e-yA__&s= HTTP 301
https://www.gambling-affiliation.com/cpm/v=rXQqzpWoJL1IUZjAYLnx69oltvp9uTgPNNZJ1lh9b-UtXxFrYKjgvzNATmgTPiQLcAgghqTcRwfHgGAEI8e-yA__&s=

Request Chain 3

http://img.root-top.com/topsite/baseturf/banner.gif HTTP 301
https://img.root-top.com/topsite/baseturf/banner.gif

Request Chain 4

http://img.root-top.com/topsite/avisdespros/banner.gif HTTP 301
https://img.root-top.com/topsite/avisdespros/banner.gif

Request Chain 6

http://www.gambling-affiliation.com/cpm/v=C9z-slObnjzA7LNusqFJmBm5b3xs-9JSg-NaIElgF.EtXxFrYKjgvzNATmgTPiQLcAgghqTcRwfHgGAEI8e-yA__&s= HTTP 301
https://www.gambling-affiliation.com/cpm/v=C9z-slObnjzA7LNusqFJmBm5b3xs-9JSg-NaIElgF.EtXxFrYKjgvzNATmgTPiQLcAgghqTcRwfHgGAEI8e-yA__&s=

19 HTTP transactions
0 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H/1.1 200
OK Primary Request / Show response
www.turfjumele.ouba.com/ 13 KB
14 KB 1342ms
85ms Document
text/html 194.150.236.166
HIWIT_AS

General

Check archive.org

Show headers Download Go to

Full URL: http://www.turfjumele.ouba.com/
Protocol: HTTP/1.1
Server: 194.150.236.166 , France, ASN44976 (HIWIT_AS, FR),
Reverse DNS: ns6.hiwit.net
Software: Apache /
Resource Hash: d9f5b5d34f0f6152918a7fb58c249ff30cc2a348c72c7c7773eee9f926ebf53e

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36
accept-language: fr-FR,fr;q=0.9

Response headers

Cache-Control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
Connection: Keep-Alive
Content-Type: text/html
Date: Thu, 30 Nov 2023 20:04:31 GMT
Expires: Thu, 19 Nov 1981 08:52:00 GMT
Keep-Alive: timeout=15, max=100
Pragma: no-cache
Server: Apache
Transfer-Encoding: chunked
Vary: Host

GET
H2

200

v=rXQqzpWoJL1IUZjAYLnx69oltvp9uTgPNNZJ1lh9b-UtXxFrYKjgvzNATmgTPiQLcAgghqTcRwfHgGAEI8e-yA__&s= Show response
www.gambling-affiliation.com/cpm/
Redirect Chain

http://www.gambling-affiliation.com/cpm/v=rXQqzpWoJL1IUZjAYLnx69oltvp9uTgPNNZJ1lh9b-UtXxFrYKjgvzNATmgTPiQLcAgghqTcRwfHgGAEI8e-yA__&s=
https://www.gambling-affiliation.com/cpm/v=rXQqzpWoJL1IUZjAYLnx69oltvp9uTgPNNZJ1lh9b-UtXxFrYKjgvzNATmgTPiQLcAgghqTcRwfHgGAEI8e-yA__&s=

329 B
416 B

241ms
200ms

Script
application/javascript

91.198.105.122
EURO-WEB-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://www.gambling-affiliation.com/cpm/v=rXQqzpWoJL1IUZjAYLnx69oltvp9uTgPNNZJ1lh9b-UtXxFrYKjgvzNATmgTPiQLcAgghqTcRwfHgGAEI8e-yA__&s=
Requested by: Host: www.turfjumele.ouba.com
URL: http://www.turfjumele.ouba.com/
Protocol: H2
Server: 91.198.105.122 , France, ASN35393 (EURO-WEB-AS, FR),
Reverse DNS
Software: Apache /
Resource Hash: 2038e75d6253a4fff12afdec036e27703f1575215661ed15bdb353d7cf93f059

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: http://www.turfjumele.ouba.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Thu, 30 Nov 2023 20:04:31 GMT
server: Apache
content-length: 329
content-type: application/javascript

Redirect headers

location: https://www.gambling-affiliation.com/cpm/v=rXQqzpWoJL1IUZjAYLnx69oltvp9uTgPNNZJ1lh9b-UtXxFrYKjgvzNATmgTPiQLcAgghqTcRwfHgGAEI8e-yA__&s=
content-length: 0

GET
H/1.1 200
OK logo.gif
topnelly.com/img/ 9 KB
10 KB 680ms
165ms Image
image/gif 104.164.68.150
EGIHOSTING

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://topnelly.com/img/logo.gif
Requested by: Host: www.turfjumele.ouba.com
URL: http://www.turfjumele.ouba.com/
Protocol: HTTP/1.1
Server: 104.164.68.150 , United States, ASN18779 (EGIHOSTING, US),
Reverse DNS
Software: nginx /
Resource Hash: 658f3c57a79908162133dce57a6c1caad51d8e77ebed43b280fba23d98ed0687

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: http://www.turfjumele.ouba.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

Date: Thu, 30 Nov 2023 20:04:33 GMT
Last-Modified: Thu, 25 May 2023 04:02:43 GMT
Server: nginx
ETag: "646edde3-2592"
Content-Type: image/gif
Cache-Control: max-age=432000
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 9618
Expires: Tue, 05 Dec 2023 20:04:33 GMT

GET logo.gif
www.pmugagnant.com/ 0
0

GET
H2

200

banner.gif
img.root-top.com/topsite/baseturf/
Redirect Chain

http://img.root-top.com/topsite/baseturf/banner.gif
https://img.root-top.com/topsite/baseturf/banner.gif

4 KB
5 KB

73ms
28ms

Image
image/png

2606:4700:3038::6815:ea1b
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://img.root-top.com/topsite/baseturf/banner.gif
Requested by: Host: www.turfjumele.ouba.com
URL: http://www.turfjumele.ouba.com/
Protocol: H2
Server: 2606:4700:3038::6815:ea1b , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 597b8d67ab1ae1248dc69b6ef66b49d95eedc1ab74ae74234d86e3668d72e58e

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: http://www.turfjumele.ouba.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Thu, 30 Nov 2023 20:04:32 GMT
cf-cache-status: HIT
last-modified: Tue, 29 Nov 2022 12:52:50 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
age: 1204814
etag: "1229025579"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=%2BRo872bgbfVCcTZEgqSIkOV2L4PCzzv8tOBdLtP99MlGJ67xHa7lrVftvE5zsgDvTFA9VtAnwL2i%2B9lSr%2FGQ98NoLWwfRvuOFFcEdcLkVF1aDfzgL%2BI9EpF7wg%2FA3xPu6UJK%2FVRC8CTKNCflusRV"}],"group":"cf-nel","max_age":604800}
content-type: image/png
cache-control: max-age=2678400
accept-ranges: bytes
cf-ray: 82e5b3342b9d6f06-CDG
alt-svc: h3=":443"; ma=86400
content-length: 4424

Redirect headers

Date: Thu, 30 Nov 2023 20:04:31 GMT
CF-Cache-Status: HIT
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Server: cloudflare
Age: 1114
Vary: Accept-Encoding
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=IQcKM7uSwwOJRJlHB0IdxDWbUdSkt1zuXyNocU6a5YVTqT7jIGhAn37ohORBzWWHvYqLrDZktDAglIEnYm6W7hLJ6ozSCS3gtMbO20%2Bd1cFF5gjvCd0jljI8EEn2XT8iDlaA8nS%2BsCYw7nse71o0"}],"group":"cf-nel","max_age":604800}
Location: https://img.root-top.com/topsite/baseturf/banner.gif
Cache-Control: max-age=14400
Connection: keep-alive
CF-RAY: 82e5b333a99b01bf-CDG
alt-svc: h3=":443"; ma=86400
Content-Length: 0

GET
H2

200

banner.gif
img.root-top.com/topsite/avisdespros/
Redirect Chain

http://img.root-top.com/topsite/avisdespros/banner.gif
https://img.root-top.com/topsite/avisdespros/banner.gif

4 KB
5 KB

35ms
31ms

Image
image/png

2606:4700:3038::6815:ea1b
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://img.root-top.com/topsite/avisdespros/banner.gif
Requested by: Host: www.turfjumele.ouba.com
URL: http://www.turfjumele.ouba.com/
Protocol: H2
Server: 2606:4700:3038::6815:ea1b , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 597b8d67ab1ae1248dc69b6ef66b49d95eedc1ab74ae74234d86e3668d72e58e

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: http://www.turfjumele.ouba.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Thu, 30 Nov 2023 20:04:32 GMT
cf-cache-status: HIT
last-modified: Tue, 29 Nov 2022 12:52:50 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
age: 227652
etag: "1229025579"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=1FJt8YgPaVgW%2ByxfQYlQ4u1v4Ihx%2B0rHhvR2NaomlAYNguDV0toRNKXV9me3iBwyjYegfGjTFDoVfFViVt2Ce%2Bq0mmFnleyubCgGaxm%2Fxo8jxwL6rmNCy9oyNwn3oaMj4oiZ4b2o8GA7w6l6Ots0"}],"group":"cf-nel","max_age":604800}
content-type: image/png
cache-control: max-age=2678400
accept-ranges: bytes
cf-ray: 82e5b3342ba16f06-CDG
alt-svc: h3=":443"; ma=86400
content-length: 4424

Redirect headers

Date: Thu, 30 Nov 2023 20:04:32 GMT
CF-Cache-Status: EXPIRED
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Server: cloudflare
Vary: Accept-Encoding
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=jS2tyL4rirdeQ86iV01RSWOPPCSBeaAt6uEStnPXdR2DseUFUygR4bKOjCAh2V%2BIJ5o8cf4f9DIENIhDwYlnOSb8hbv9DNBfkcQzqX8umimIeJILPIe7WFGIZ0fegunqSYoVOG1tRhFE1MexTaUi"}],"group":"cf-nel","max_age":604800}
Location: https://img.root-top.com/topsite/avisdespros/banner.gif
Cache-Control: max-age=14400
Connection: keep-alive
CF-RAY: 82e5b333adf62a19-CDG
alt-svc: h3=":443"; ma=86400
Content-Length: 0

GET
H/1.1 200
OK logo.gif
www.turfinfos.ouba.com/ 6 KB
6 KB 75ms
20ms Image
image/gif 194.150.236.166
HIWIT_AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://www.turfinfos.ouba.com/logo.gif
Requested by: Host: www.turfjumele.ouba.com
URL: http://www.turfjumele.ouba.com/
Protocol: HTTP/1.1
Server: 194.150.236.166 , France, ASN44976 (HIWIT_AS, FR),
Reverse DNS: ns6.hiwit.net
Software: Apache /
Resource Hash: b3d1ff1c03e608adcedb1eb0620301291d21d70834b11c8e6f1d710351debd38

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: http://www.turfjumele.ouba.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

Date: Thu, 30 Nov 2023 20:04:31 GMT
Last-Modified: Tue, 12 Sep 2017 08:21:11 GMT
Server: Apache
ETag: "134e672-169d-558f9b9ceebc0"
Vary: Host
Content-Type: image/gif
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=15, max=100
Content-Length: 5789

GET
H2

200

v=C9z-slObnjzA7LNusqFJmBm5b3xs-9JSg-NaIElgF.EtXxFrYKjgvzNATmgTPiQLcAgghqTcRwfHgGAEI8e-yA__&s= Show response
www.gambling-affiliation.com/cpm/
Redirect Chain

http://www.gambling-affiliation.com/cpm/v=C9z-slObnjzA7LNusqFJmBm5b3xs-9JSg-NaIElgF.EtXxFrYKjgvzNATmgTPiQLcAgghqTcRwfHgGAEI8e-yA__&s=
https://www.gambling-affiliation.com/cpm/v=C9z-slObnjzA7LNusqFJmBm5b3xs-9JSg-NaIElgF.EtXxFrYKjgvzNATmgTPiQLcAgghqTcRwfHgGAEI8e-yA__&s=

339 B
427 B

151ms
110ms

Script
application/javascript

91.198.105.122
EURO-WEB-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://www.gambling-affiliation.com/cpm/v=C9z-slObnjzA7LNusqFJmBm5b3xs-9JSg-NaIElgF.EtXxFrYKjgvzNATmgTPiQLcAgghqTcRwfHgGAEI8e-yA__&s=
Requested by: Host: www.turfjumele.ouba.com
URL: http://www.turfjumele.ouba.com/
Protocol: H2
Server: 91.198.105.122 , France, ASN35393 (EURO-WEB-AS, FR),
Reverse DNS
Software: Apache /
Resource Hash: d6c6e81746a729aaae8c402916022c88cf81b62d9f57edf7d783861b57734305

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: http://www.turfjumele.ouba.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Thu, 30 Nov 2023 20:04:31 GMT
server: Apache
content-length: 339
content-type: application/javascript

Redirect headers

location: https://www.gambling-affiliation.com/cpm/v=C9z-slObnjzA7LNusqFJmBm5b3xs-9JSg-NaIElgF.EtXxFrYKjgvzNATmgTPiQLcAgghqTcRwfHgGAEI8e-yA__&s=
content-length: 0

GET
H/1.1 200
OK checkout.apu Show response
payment.allopass.com/buy/ 11 KB
4 KB 183ms
72ms Script
text/html 185.119.26.1
WEBDEVIIN-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://payment.allopass.com/buy/checkout.apu?ids=357182&idd=1558081&lang=fr
Requested by: Host: www.turfjumele.ouba.com
URL: http://www.turfjumele.ouba.com/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 185.119.26.1 , France, ASN203544 (WEBDEVIIN-AS, FR),
Reverse DNS: 1.26.119.185.in-addr.arpa
Software: Apache /
Resource Hash: 2d1acc8f29c2bda056a03ed1830ccf2f81b941c6ff8986b551a9b039d529d5a5

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: http://www.turfjumele.ouba.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

Pragma: no-cache
Date: Thu, 30 Nov 2023 20:04:32 GMT
Content-Encoding: gzip
Server: Apache
Vary: Accept-Encoding
P3P: CP='NON NID OTPa OUR NOR' policy-ref='http://payment.allopass.com/info/p3p/policy-references.xml'
Content-Type: text/html
Cache-Control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
Connection: close
Content-Length: 2963
Expires: Thu, 19 Nov 1981 08:52:00 GMT

GET
H/1.1 200
OK script.php Show response
script.starpass.fr/ 25 B
289 B 159ms
39ms Script
text/html 194.0.255.28
NEO-ASN legacy Ne...

General

Check archive.org

Show headers Download Go to

Full URL: https://script.starpass.fr/script.php?idd=443720&datas=
Requested by: Host: www.turfjumele.ouba.com
URL: http://www.turfjumele.ouba.com/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 194.0.255.28 , France, ASN8218 (NEO-ASN legacy Neotelecoms, FR),
Reverse DNS: srv28.bdmultimedia.fr
Software: Apache /
Resource Hash: a0710d7ae8f4a0ab076452dc7c3882b1c553ee11603bc5f9cf9dce10400ae1ce

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: http://www.turfjumele.ouba.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

Date: Thu, 30 Nov 2023 20:03:35 GMT
Content-Encoding: gzip
Server: Apache
Vary: Accept-Encoding,User-Agent
Content-Type: text/html; charset=UTF-8
Connection: Keep-Alive
Keep-Alive: timeout=2, max=100
Content-Length: 43

GET
H/1.1 200
OK SaintElier2.jpg
www.turfjumele.ouba.com/ 23 KB
23 KB 20ms
19ms Image
image/jpeg 194.150.236.166
HIWIT_AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://www.turfjumele.ouba.com/SaintElier2.jpg
Requested by: Host: www.turfjumele.ouba.com
URL: http://www.turfjumele.ouba.com/
Protocol: HTTP/1.1
Server: 194.150.236.166 , France, ASN44976 (HIWIT_AS, FR),
Reverse DNS: ns6.hiwit.net
Software: Apache /
Resource Hash: 60bc87e695b0a9a4e2c6e33b231e0e49af61f53e5be5e5e1643d15ccb84d4ae7

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: http://www.turfjumele.ouba.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

Date: Thu, 30 Nov 2023 20:04:31 GMT
Last-Modified: Tue, 12 Sep 2017 08:29:10 GMT
Server: Apache
ETag: "134e7f0-5a52-558f9d65be180"
Vary: Host
Content-Type: image/jpeg
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=15, max=99
Content-Length: 23122

GET
H2 200 62482.jpg
static.gambling-affiliation.com/uploads/ads/ 115 KB
116 KB 102ms
38ms Image
image/jpeg 91.198.105.122
EURO-WEB-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://static.gambling-affiliation.com/uploads/ads/62482.jpg
Requested by: Host: www.turfjumele.ouba.com
URL: http://www.turfjumele.ouba.com/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 91.198.105.122 , France, ASN35393 (EURO-WEB-AS, FR),
Reverse DNS
Software: nginx/1.15.5 /
Resource Hash: 24c6c6cef0212392bd8472c94a831aaad088a6a727061af17ce115506e2698cb

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: http://www.turfjumele.ouba.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Thu, 30 Nov 2023 20:04:32 GMT
last-modified: Tue, 07 Mar 2023 17:08:20 GMT
server: nginx/1.15.5
accept-ranges: bytes
etag: "64076f84-1cdc9"
content-length: 118217
content-type: image/jpeg

GET
H2 200 54289.gif
static.gambling-affiliation.com/uploads/ads/ 212 KB
213 KB 98ms
35ms Image
image/gif 91.198.105.122
EURO-WEB-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://static.gambling-affiliation.com/uploads/ads/54289.gif
Requested by: Host: www.turfjumele.ouba.com
URL: http://www.turfjumele.ouba.com/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 91.198.105.122 , France, ASN35393 (EURO-WEB-AS, FR),
Reverse DNS
Software: nginx/1.15.5 /
Resource Hash: 338c8b352f04bd1850d9b85d39fcea1f11e3ff81c33c051fd33090099f6473ac

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: http://www.turfjumele.ouba.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Thu, 30 Nov 2023 20:04:32 GMT
last-modified: Wed, 19 May 2021 07:05:11 GMT
server: nginx/1.15.5
accept-ranges: bytes
etag: "60a4b8a7-35124"
content-length: 217380
content-type: image/gif

GET
H2 200 gtm.js Show response
www.googletagmanager.com/ 164 KB
60 KB 102ms
39ms Script
application/javascript 2a00:1450:4001:813::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtm.js?id=GTM-NVK252XV

Requested by

Host: payment.allopass.com
URL: https://payment.allopass.com/buy/checkout.apu?ids=357182&idd=1558081&lang=fr

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:813::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

257fa2758381e487004fc7eecb5100550ac7581baac05792e6fc188bb805b6b2

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: http://www.turfjumele.ouba.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Thu, 30 Nov 2023 20:04:32 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 60950
x-xss-protection: 0
last-modified: Thu, 30 Nov 2023 18:00:00 GMT
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Thu, 30 Nov 2023 20:04:32 GMT

GET
H/1.1 200
OK buy-button.css
payment.allopass.com/static/css/ 2 KB
830 B 60ms
22ms Stylesheet
text/css 185.119.26.1
WEBDEVIIN-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://payment.allopass.com/static/css/buy-button.css?1
Requested by: Host: payment.allopass.com
URL: https://payment.allopass.com/buy/checkout.apu?ids=357182&idd=1558081&lang=fr
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 185.119.26.1 , France, ASN203544 (WEBDEVIIN-AS, FR),
Reverse DNS: 1.26.119.185.in-addr.arpa
Software: Apache /
Resource Hash: 95eb15e76b752a9c78d6281cd3b7c43a8fbc2931783edf3bf3703af55eff06e2

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: http://www.turfjumele.ouba.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

Date: Thu, 30 Nov 2023 20:04:32 GMT
Content-Encoding: gzip
Last-Modified: Mon, 21 Aug 2023 10:50:27 GMT
Server: Apache
ETag: "42312-69a-6036ca56d02c0"
Vary: Accept-Encoding
Content-Type: text/css
Connection: close
Accept-Ranges: bytes
Content-Length: 546

GET
H/1.1 200
OK 162x56.png
payment.allopass.com/static/buy/button/fr/ 6 KB
6 KB 58ms
21ms Image
image/png 185.119.26.1
WEBDEVIIN-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://payment.allopass.com/static/buy/button/fr/162x56.png
Requested by: Host: www.turfjumele.ouba.com
URL: http://www.turfjumele.ouba.com/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 185.119.26.1 , France, ASN203544 (WEBDEVIIN-AS, FR),
Reverse DNS: 1.26.119.185.in-addr.arpa
Software: Apache /
Resource Hash: 7dd9659e56e92abc376e04d427903b2cfca1d52d854d38e35fefa4cf9e7fd9db

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: http://www.turfjumele.ouba.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

Date: Thu, 30 Nov 2023 20:04:32 GMT
Last-Modified: Mon, 21 Aug 2023 10:50:27 GMT
Server: Apache
ETag: "216d8-1688-6036ca56d02c0"
Content-Type: image/png
Connection: close
Accept-Ranges: bytes
Content-Length: 5768

GET
H/1.1 200
OK bt_ok.gif
payment.allopass.com/imgweb/common/ 753 B
991 B 60ms
22ms Image
image/gif 185.119.26.1
WEBDEVIIN-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://payment.allopass.com/imgweb/common/bt_ok.gif
Requested by: Host: www.turfjumele.ouba.com
URL: http://www.turfjumele.ouba.com/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 185.119.26.1 , France, ASN203544 (WEBDEVIIN-AS, FR),
Reverse DNS: 1.26.119.185.in-addr.arpa
Software: Apache /
Resource Hash: d1d6b5efe0d6c2540778435a8f7873cbec1eb76a2b107370388a8806cb5dda6a

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: http://www.turfjumele.ouba.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

Date: Thu, 30 Nov 2023 20:04:32 GMT
Last-Modified: Tue, 26 Nov 2019 14:39:46 GMT
Server: Apache
ETag: "432cd-2f1-59840d9fb3080"
Content-Type: image/gif
Connection: close
Accept-Ranges: bytes
Content-Length: 753

GET
H2 200 destination Show response
www.googletagmanager.com/gtag/ 288 KB
94 KB 45ms
44ms Script
application/javascript 2a00:1450:4001:813::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/destination?id=G-QG320G96PZ&l=dataLayer&cx=c

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-NVK252XV

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:813::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

63a257a77a0da3f6338ee0bc97e138682f12a9ef43e442afc6889b170006ebde

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: http://www.turfjumele.ouba.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Thu, 30 Nov 2023 20:04:32 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
access-control-allow-headers: Cache-Control
content-length: 96433
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires: Thu, 30 Nov 2023 20:04:32 GMT

POST
H2 204 collect
region1.google-analytics.com/g/ 0
259 B 68ms
23ms Ping
text/plain 2001:4860:4802:32::36
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://region1.google-analytics.com/g/collect?v=2&tid=G-QG320G96PZ&gtm=45je3b60v9166788369z89166799165&_p=1701374672179&gcd=11l1l1l1l1&dma_cps=sypham&dma=1&cid=1196839955.1701374672&ul=en-us&sr=1600x1200&_s=1&sid=1701374672&sct=1&seg=0&dl=http%3A%2F%2Fwww.turfjumele.ouba.com%2F&dt=TURFJUMELE&en=CAROUSEL_&_fv=1&_nsi=1&_ss=1&tfd=1933
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/destination?id=G-QG320G96PZ&l=dataLayer&cx=c
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2001:4860:4802:32::36 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: http://www.turfjumele.ouba.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 30 Nov 2023 20:04:32 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: http://www.turfjumele.ouba.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain: www.pmugagnant.com
URL: http://www.pmugagnant.com/logo.gif

Verdicts & Comments Add Verdict or Comment

13 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

5 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
www.turfjumele.ouba.com/	1969-12-31 23:59:59	Name: PHPSESSID Value: 4837e5331f95a2d45d04f7a8423f1da1
payment.allopass.com/	1969-12-31 23:59:59	Name: ShopSessionId Value: 86c79463-7219-434f-805d-ad2ab183229f
.allopass.com/	1970-01-21 01:21:50	Name: AP_CUSK Value: 3635688173
.ouba.com/	1970-01-21 02:12:14	Name: _ga_QG320G96PZ Value: GS1.1.1701374672.1.0.1701374672.0.0.0
.ouba.com/	1970-01-21 02:12:14	Name: _ga Value: GA1.1.1196839955.1701374672

1 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
network	error	URL: http://www.pmugagnant.com/logo.gif Message: Failed to load resource: net::ERR_NAME_NOT_RESOLVED

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

img.root-top.com
payment.allopass.com
region1.google-analytics.com
script.starpass.fr
static.gambling-affiliation.com
topnelly.com
www.gambling-affiliation.com
www.googletagmanager.com
www.pmugagnant.com
www.turfinfos.ouba.com
www.turfjumele.ouba.com
www.pmugagnant.com
104.164.68.150
185.119.26.1
194.0.255.28
194.150.236.166
2001:4860:4802:32::36
2606:4700:3038::6815:ea1a
2606:4700:3038::6815:ea1b
2a00:1450:4001:813::2008
91.198.105.122
2038e75d6253a4fff12afdec036e27703f1575215661ed15bdb353d7cf93f059
24c6c6cef0212392bd8472c94a831aaad088a6a727061af17ce115506e2698cb
257fa2758381e487004fc7eecb5100550ac7581baac05792e6fc188bb805b6b2
2d1acc8f29c2bda056a03ed1830ccf2f81b941c6ff8986b551a9b039d529d5a5
338c8b352f04bd1850d9b85d39fcea1f11e3ff81c33c051fd33090099f6473ac
597b8d67ab1ae1248dc69b6ef66b49d95eedc1ab74ae74234d86e3668d72e58e
60bc87e695b0a9a4e2c6e33b231e0e49af61f53e5be5e5e1643d15ccb84d4ae7
63a257a77a0da3f6338ee0bc97e138682f12a9ef43e442afc6889b170006ebde
658f3c57a79908162133dce57a6c1caad51d8e77ebed43b280fba23d98ed0687
7dd9659e56e92abc376e04d427903b2cfca1d52d854d38e35fefa4cf9e7fd9db
95eb15e76b752a9c78d6281cd3b7c43a8fbc2931783edf3bf3703af55eff06e2
a0710d7ae8f4a0ab076452dc7c3882b1c553ee11603bc5f9cf9dce10400ae1ce
b3d1ff1c03e608adcedb1eb0620301291d21d70834b11c8e6f1d710351debd38
d1d6b5efe0d6c2540778435a8f7873cbec1eb76a2b107370388a8806cb5dda6a
d6c6e81746a729aaae8c402916022c88cf81b62d9f57edf7d783861b57734305
d9f5b5d34f0f6152918a7fb58c249ff30cc2a348c72c7c7773eee9f926ebf53e
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

www.turfjumele.ouba.com Open in urlscan Pro 194.150.236.166 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Detected technologies

Page Statistics

19 Requests

53 %HTTPS

44 %IPv6

9 Domains

11 Subdomains

9 IPs

3 Countries

557 kBTransfer

859 kBSize

5 Cookies

8 Outgoing links

Redirected requests

19 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 0 data transactions

Request headers

Response headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Failed requests

Verdicts & Comments Add Verdict or Comment

13 JavaScript Global Variables

5 Cookies

1 Console Messages

Indicators

www.turfjumele.ouba.com Open in urlscan Pro
194.150.236.166 Public Scan

Screenshot
Live screenshot

Full Image

19
Requests

53 %
HTTPS

44 %
IPv6

9
Domains

11
Subdomains

9
IPs

3
Countries

557 kB
Transfer

859 kB
Size

5
Cookies

19 HTTP transactions
0 data transactions