jumecourse.onlc.fr Open in urlscan Pro
2606:4700:20::681a:1f9  Public Scan

8 Outgoing links

These are links going to different origins than the main page.

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Redirected requests

There were HTTP redirect chains for the following requests:

16 HTTP transactions Everything HTML Script AJAX CSS Image Expand all
0 data transactions

Method Protocol	Status	Resource Path	Size x-fer	Time Latency	Type MIME-Type	IP Location
GET H2	200	Primary Request 0-Accueil.html Show response jumecourse.onlc.fr/	10 KB 4 KB	147ms 66ms	Document text/html	2606:4700:20::681a:1f9 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://jumecourse.onlc.fr/0-Accueil.html Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700:20::681a:1f9 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 062e902c40a37ad56db19181a1890b83b4125e0f0f5e2dd04b5010b31c52600e Request headers Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36 accept-language fr-FR,fr;q=0.9 Response headers access-control-allow-origin https://www.onlinecreation.me alt-svc h3=":443"; ma=86400 cache-control no-store, no-cache, must-revalidate cf-cache-status DYNAMIC cf-ray 81db9e596d9202cd-CDG content-encoding br content-type text/html; charset=utf-8 date Sun, 29 Oct 2023 13:03:25 GMT expires Thu, 19 Nov 1981 08:52:00 GMT nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} p3p CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT" pragma no-cache report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Jdj2cX9dBMPEilO4OKhxRXV49y1ztHlpCgKlMrT%2Fj2Iq%2F0%2FzEg1WqEf4qrZrqupPr%2BaV6hdmToCW9IxdzMYhdv5PaO7d8jO%2BN%2BcpFjoAJQztLcqcTBp4K%2Fjdaidega2mMjP5a3cw%2BCsqcWbboo2EpA%3D%3D"}],"group":"cf-nel","max_age":604800} server cloudflare
GET H2	200	jquery.min.js Show response ajax.googleapis.com/ajax/libs/jquery/1.7.2/	93 KB 34 KB	83ms 25ms	Script text/javascript	2a00:1450:4001:803::200a GOOGLE
General Check archive.org Show headers Download Go to Full URL https://ajax.googleapis.com/ajax/libs/jquery/1.7.2/jquery.min.js Requested by Host: jumecourse.onlc.fr URL: https://jumecourse.onlc.fr/0-Accueil.html Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:803::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash 47b68dce8cb6805ad5b3ea4d27af92a241f4e29a5c12a274c852e4346a0500b4 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language fr-FR,fr;q=0.9 Referer https://jumecourse.onlc.fr/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36 Response headers date Wed, 25 Oct 2023 14:08:36 GMT content-encoding gzip x-content-type-options nosniff age 341689 content-security-policy-report-only require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/hosted-libraries-pushers cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 33845 x-xss-protection 0 last-modified Tue, 03 Mar 2020 19:15:00 GMT server sffe cross-origin-opener-policy same-origin; report-to="hosted-libraries-pushers" vary Accept-Encoding report-to {"group":"hosted-libraries-pushers","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/hosted-libraries-pushers"}]} content-type text/javascript; charset=UTF-8 access-control-allow-origin * cache-control public, max-age=31536000, stale-while-revalidate=2592000 accept-ranges bytes timing-allow-origin * expires Thu, 24 Oct 2024 14:08:36 GMT
GET H2	200	mediaelementplayer.min.css cdnjs.cloudflare.com/ajax/libs/mediaelement/2.9.5/	17 KB 3 KB	74ms 34ms	Stylesheet text/css	2606:4700::6811:180e CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://cdnjs.cloudflare.com/ajax/libs/mediaelement/2.9.5/mediaelementplayer.min.css Requested by Host: jumecourse.onlc.fr URL: https://jumecourse.onlc.fr/0-Accueil.html Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700::6811:180e , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash a3ecfe4da73d3f04f54aca493982a068a9e328942a64100bfc976cbae9cafb10 Security Headers Name Value Strict-Transport-Security max-age=15780000 X-Content-Type-Options nosniff Request headers Referer Origin https://jumecourse.onlc.fr accept-language fr-FR,fr;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36 Response headers date Sun, 29 Oct 2023 13:03:25 GMT content-encoding br x-content-type-options nosniff cf-cache-status HIT nel {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800} strict-transport-security max-age=15780000 age 931663 cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=86400 content-length 2265 last-modified Mon, 04 May 2020 16:13:19 GMT server cloudflare cf-cdnjs-via cfworker/kv etag "5eb03f1f-4392" vary Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=MUdxAo69JUqQVHq9W0YZu0%2FoSDPIDHxPuht9vXHQOtA6iqY%2FlyU17k2%2BeRENV%2Fx7ds4dFC3wrmpEbPZ2kHYLnxs2zPSMxD4YHt2PiCnCxG4w%2F1x%2FA0NCQcg5aAqgqSEK3D2CUggOYsf0xeOQ4UgiMA44"}],"group":"cf-nel","max_age":604800} content-type text/css; charset=utf-8 access-control-allow-origin * cache-control public, max-age=30672000 accept-ranges bytes timing-allow-origin * cf-ray 81db9e5a18b102a5-CDG expires Fri, 18 Oct 2024 13:03:25 GMT
GET H2	200	mediaelement-and-player.min.js Show response cdnjs.cloudflare.com/ajax/libs/mediaelement/2.9.5/	61 KB 15 KB	81ms 41ms	Script application/javascript	2606:4700::6811:180e CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://cdnjs.cloudflare.com/ajax/libs/mediaelement/2.9.5/mediaelement-and-player.min.js Requested by Host: jumecourse.onlc.fr URL: https://jumecourse.onlc.fr/0-Accueil.html Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700::6811:180e , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash c190fd4534143b46005a1fb176e61c80c6dc36b7893ba45f2d5480217dfcb8c3 Security Headers Name Value Strict-Transport-Security max-age=15780000 X-Content-Type-Options nosniff Request headers Referer Origin https://jumecourse.onlc.fr accept-language fr-FR,fr;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36 Response headers date Sun, 29 Oct 2023 13:03:25 GMT content-encoding br x-content-type-options nosniff cf-cache-status HIT nel {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800} strict-transport-security max-age=15780000 age 3957286 cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=86400 content-length 15089 last-modified Mon, 04 May 2020 16:13:19 GMT server cloudflare cf-cdnjs-via cfworker/kv etag "5eb03f1f-f42f" vary Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=mzM0Fpl4AsV7bvUCXpGwZqEuVG%2FUK9Y1%2FGpyJwcyAarM7oXUddjKaTsHdEzAeqUPgCi670IU6c6ZzLCHue%2BGHhZHcfx3RNWpH2wVbLE0S92bDhuyaWTb6XLOeCGv0XP3wMaKUL6%2B5bFoMRQ2PIixMGzg"}],"group":"cf-nel","max_age":604800} content-type application/javascript; charset=utf-8 access-control-allow-origin * cache-control public, max-age=30672000 accept-ranges bytes timing-allow-origin * cf-ray 81db9e5a18b502a5-CDG expires Fri, 18 Oct 2024 13:03:25 GMT
GET		logo2.gif turftriomphe.com/lien/	0 0
GET H2	200	logo.gif www.turfsur.com/img/	11 KB 11 KB	123ms 28ms	Image image/gif	2606:4700:3033::ac43:d6a8 CLOUDFLARENET
General Check archive.org Show headers Download Go to Show image Full URL https://www.turfsur.com/img/logo.gif Requested by Host: jumecourse.onlc.fr URL: https://jumecourse.onlc.fr/0-Accueil.html Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700:3033::ac43:d6a8 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 9bd0c1e96f9d3b63b53ba8c355ada916479d8815034cab0aad1540c3c602d896 Security Headers Name Value Strict-Transport-Security max-age=15768000 Request headers accept-language fr-FR,fr;q=0.9 Referer https://jumecourse.onlc.fr/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36 Response headers date Sun, 29 Oct 2023 13:03:25 GMT content-encoding br strict-transport-security max-age=15768000 cf-cache-status HIT nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} display staticcontent_sol age 1015669 x-middleton-display staticcontent_sol x-middleton-response 200 alt-svc h3=":443"; ma=86400 x-ezoic-excludewebp false response 200 last-modified Sun, 30 Jul 2023 20:50:09 GMT server cloudflare etag "2bb66ea-2cb9-601ba759c8240-gzip" vary Accept-Encoding,Host,Origin report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=FBz%2F%2FmBxVty4xKk9jPZhytTBj9fjmgKl1klWIe6tIhUH88o3GDVF5v72D7IDdJKB5gAKuv2ncJgPJEaKIrZrra1OreyIYs%2FVsp%2BdM6UnS1rT%2FKpCn3p14svmpcwwRnbw1p8oJpuhCtZCgr59EMw%3D"}],"group":"cf-nel","max_age":604800} content-type image/gif cache-control public, max-age=2592000 cf-ray 81db9e5a7a02d4fa-CDG
GET H/1.1	200 OK	checkout.apu Show response payment.allopass.com/buy/	11 KB 4 KB	148ms 54ms	Script text/html	185.119.26.1 WEBDEVIIN-AS
General Check archive.org Show headers Download Go to Full URL https://payment.allopass.com/buy/checkout.apu?ids=285826&idd=1189692&lang=fr Requested by Host: jumecourse.onlc.fr URL: https://jumecourse.onlc.fr/0-Accueil.html Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_256_GCM Server 185.119.26.1 , France, ASN203544 (WEBDEVIIN-AS, FR), Reverse DNS 1.26.119.185.in-addr.arpa Software Apache / Resource Hash 4477e5d3c4edc02da645cc75f4a64388b66bdc76af744e22df9358329733d9b3 Request headers accept-language fr-FR,fr;q=0.9 Referer https://jumecourse.onlc.fr/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36 Response headers Pragma no-cache Date Sun, 29 Oct 2023 13:03:25 GMT Content-Encoding gzip Server Apache Vary Accept-Encoding P3P CP='NON NID OTPa OUR NOR' policy-ref='http://payment.allopass.com/info/p3p/policy-references.xml' Content-Type text/html Cache-Control no-store, no-cache, must-revalidate, post-check=0, pre-check=0 Connection close Content-Length 2962 Expires Thu, 19 Nov 1981 08:52:00 GMT
GET H/1.1	200 OK	script.php Show response script.starpass.fr/	20 B 286 B	193ms 38ms	Script text/html	194.0.255.28 NEO-ASN legacy Ne...
General Check archive.org Show headers Download Go to Full URL https://script.starpass.fr/script.php?idd=435963&datas= Requested by Host: jumecourse.onlc.fr URL: https://jumecourse.onlc.fr/0-Accueil.html Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_256_GCM Server 194.0.255.28 , France, ASN8218 (NEO-ASN legacy Neotelecoms, FR), Reverse DNS srv28.bdmultimedia.fr Software Apache / Resource Hash 65e35c6ae1f74e16cbe663763323963eec7c6a22512042ab0758bd68151934a1 Request headers accept-language fr-FR,fr;q=0.9 Referer https://jumecourse.onlc.fr/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36 Response headers Date Sun, 29 Oct 2023 13:02:31 GMT Content-Encoding gzip Server Apache Vary Accept-Encoding,User-Agent Content-Type text/html; charset=UTF-8 Connection Keep-Alive Keep-Alive timeout=2, max=100 Content-Length 40
GET H2	200	13.jpg www.123galop.com/fr/imgactu/photos_courses_au_galop/HK_Flat_12_2005/	33 KB 33 KB	127ms 19ms	Image image/jpeg	87.98.255.4 OVH
General Check archive.org Show headers Download Go to Show image Full URL https://www.123galop.com/fr/imgactu/photos_courses_au_galop/HK_Flat_12_2005/13.jpg Requested by Host: jumecourse.onlc.fr URL: https://jumecourse.onlc.fr/0-Accueil.html Protocol H2 Security TLS 1.3, , AES_256_GCM Server 87.98.255.4 , France, ASN16276 (OVH, FR), Reverse DNS cluster003.ovh.net Software Apache / Resource Hash ce779c1cdb99c7850d05395a755056a39ef334456e470405b855faff38e94cda Request headers accept-language fr-FR,fr;q=0.9 Referer https://jumecourse.onlc.fr/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36 Response headers date Sun, 29 Oct 2023 13:03:25 GMT last-modified Wed, 14 Dec 2005 10:55:29 GMT server Apache content-type image/jpeg cache-control max-age=900 accept-ranges bytes content-length 33752 expires Sun, 29 Oct 2023 13:18:25 GMT
GET H/1.1	200 OK	logo.gif www.levainqueur.com/	28 KB 28 KB	101ms 19ms	Image image/gif	194.150.236.165 HIWIT_AS
General Check archive.org Show headers Download Go to Show image Full URL https://www.levainqueur.com/logo.gif Requested by Host: jumecourse.onlc.fr URL: https://jumecourse.onlc.fr/0-Accueil.html Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_256_GCM Server 194.150.236.165 , France, ASN44976 (HIWIT_AS, FR), Reverse DNS ns5.hiwit.net Software Apache / Resource Hash 6270f4fc23be1ddceb334705172b0470d61d28d201fcc23402dbdc8bac85bdc7 Security Headers Name Value Strict-Transport-Security max-age=15768000 Request headers accept-language fr-FR,fr;q=0.9 Referer https://jumecourse.onlc.fr/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36 Response headers Date Sun, 29 Oct 2023 13:03:25 GMT Strict-Transport-Security max-age=15768000 Last-Modified Tue, 13 Oct 2015 12:36:31 GMT Server Apache ETag "e76ccd-70a5-521fbb20911c0" Vary Host Content-Type image/gif Connection Keep-Alive Accept-Ranges bytes Keep-Alive timeout=15, max=100 Content-Length 28837
GET H2	200	tribal-violet.jpg static.onlc.eu/designs/bordeauxmy/	9 KB 10 KB	100ms 27ms	Image image/webp	2606:4700:20::681a:6a2 CLOUDFLARENET
General Check archive.org Show headers Download Go to Show image Full URL https://static.onlc.eu/designs/bordeauxmy/tribal-violet.jpg Requested by Host: jumecourse.onlc.fr URL: https://jumecourse.onlc.fr/0-Accueil.html Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700:20::681a:6a2 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 6112b6dd5044659a9cdb95307745c66f18cfd160adf325bca0a34615dd04769a Request headers accept-language fr-FR,fr;q=0.9 Referer https://jumecourse.onlc.fr/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36 Response headers date Sun, 29 Oct 2023 13:03:25 GMT cf-cache-status HIT nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} age 3474 cf-polished qual=85, origFmt=jpeg, origSize=42260 content-disposition inline; filename="tribal-violet.webp" alt-svc h3=":443"; ma=86400 content-length 9668 cf-bgj imgq:85,h2pri last-modified Thu, 27 Aug 2009 00:25:29 GMT server cloudflare etag "2515975563" vary Accept report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=eG0DaI1VUd0%2FOnCruS%2FXnl2%2BT4iK56dFvIgeLh1blroZniFpgRqm%2FbBnYotoExFmr0PEbCiLtnQbxD5ihy6vguT%2F83%2Fpx4s9py1%2FrGXRSZixVPC0gkJhln5%2Bj4Dkv2MhxZfdnKeSMX%2FTkofl"}],"group":"cf-nel","max_age":604800} content-type image/webp access-control-allow-origin * cache-control max-age=31536000 accept-ranges bytes cf-ray 81db9e5b1d7fd5dd-CDG
GET H2	200	gtm.js Show response www.googletagmanager.com/	164 KB 60 KB	93ms 34ms	Script application/javascript	2a00:1450:4001:82f::2008 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://www.googletagmanager.com/gtm.js?id=GTM-NVK252XV Requested by Host: payment.allopass.com URL: https://payment.allopass.com/buy/checkout.apu?ids=285826&idd=1189692&lang=fr Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:82f::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software Google Tag Manager / Resource Hash 49ba611214b0cc1d1b68df3b2d319c5e3b8b42c6d02ff8bfc99d5bf8c2db360d Security Headers Name Value Strict-Transport-Security max-age=31536000; includeSubDomains X-Xss-Protection 0 Request headers accept-language fr-FR,fr;q=0.9 Referer https://jumecourse.onlc.fr/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36 Response headers date Sun, 29 Oct 2023 13:03:25 GMT content-encoding br strict-transport-security max-age=31536000; includeSubDomains cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 60983 x-xss-protection 0 last-modified Sun, 29 Oct 2023 12:00:00 GMT server Google Tag Manager vary Accept-Encoding content-type application/javascript; charset=UTF-8 access-control-allow-origin * cache-control private, max-age=900 access-control-allow-credentials true access-control-allow-headers Cache-Control expires Sun, 29 Oct 2023 13:03:25 GMT
GET H/1.1	200 OK	buy-button.css payment.allopass.com/static/css/	2 KB 830 B	56ms 19ms	Stylesheet text/css	185.119.26.1 WEBDEVIIN-AS
General Check archive.org Show headers Download Go to Full URL https://payment.allopass.com/static/css/buy-button.css?1 Requested by Host: payment.allopass.com URL: https://payment.allopass.com/buy/checkout.apu?ids=285826&idd=1189692&lang=fr Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_256_GCM Server 185.119.26.1 , France, ASN203544 (WEBDEVIIN-AS, FR), Reverse DNS 1.26.119.185.in-addr.arpa Software Apache / Resource Hash 95eb15e76b752a9c78d6281cd3b7c43a8fbc2931783edf3bf3703af55eff06e2 Request headers accept-language fr-FR,fr;q=0.9 Referer https://jumecourse.onlc.fr/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36 Response headers Date Sun, 29 Oct 2023 13:03:25 GMT Content-Encoding gzip Last-Modified Mon, 21 Aug 2023 10:50:27 GMT Server Apache ETag "270ef-69a-6036ca56d02c0" Vary Accept-Encoding Content-Type text/css Connection close Accept-Ranges bytes Content-Length 546
GET H/1.1	200 OK	162x56.png payment.allopass.com/static/buy/button/fr/	6 KB 6 KB	57ms 20ms	Image image/png	185.119.26.1 WEBDEVIIN-AS
General Check archive.org Show headers Download Go to Show image Full URL https://payment.allopass.com/static/buy/button/fr/162x56.png Requested by Host: jumecourse.onlc.fr URL: https://jumecourse.onlc.fr/0-Accueil.html Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_256_GCM Server 185.119.26.1 , France, ASN203544 (WEBDEVIIN-AS, FR), Reverse DNS 1.26.119.185.in-addr.arpa Software Apache / Resource Hash 7dd9659e56e92abc376e04d427903b2cfca1d52d854d38e35fefa4cf9e7fd9db Request headers accept-language fr-FR,fr;q=0.9 Referer https://jumecourse.onlc.fr/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36 Response headers Date Sun, 29 Oct 2023 13:03:25 GMT Last-Modified Mon, 21 Aug 2023 10:50:27 GMT Server Apache ETag "40f3c-1688-6036ca56d02c0" Content-Type image/png Connection close Accept-Ranges bytes Content-Length 5768
GET H2	200	destination Show response www.googletagmanager.com/gtag/	288 KB 94 KB	36ms 35ms	Script application/javascript	2a00:1450:4001:82f::2008 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://www.googletagmanager.com/gtag/destination?id=G-QG320G96PZ&l=dataLayer&cx=c Requested by Host: www.googletagmanager.com URL: https://www.googletagmanager.com/gtm.js?id=GTM-NVK252XV Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:82f::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software Google Tag Manager / Resource Hash 6f1f1a61f44724c4854fc31d8d0811ee458ce577ab9ffa7d1ab5bb8ad5d61ec4 Security Headers Name Value Strict-Transport-Security max-age=31536000; includeSubDomains X-Xss-Protection 0 Request headers accept-language fr-FR,fr;q=0.9 Referer https://jumecourse.onlc.fr/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36 Response headers date Sun, 29 Oct 2023 13:03:26 GMT content-encoding br strict-transport-security max-age=31536000; includeSubDomains server Google Tag Manager vary Accept-Encoding content-type application/javascript; charset=UTF-8 access-control-allow-origin * cache-control private, max-age=900 access-control-allow-credentials true cross-origin-resource-policy cross-origin access-control-allow-headers Cache-Control content-length 96212 x-xss-protection 0 alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 expires Sun, 29 Oct 2023 13:03:26 GMT
POST H2	204	collect region1.google-analytics.com/g/	0 256 B	64ms 22ms	Ping text/plain	2001:4860:4802:34::36 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://region1.google-analytics.com/g/collect?v=2&tid=G-QG320G96PZ&gtm=45je3ap0v9166788369z89166799165&_p=1825900908&gcd=11l1l1l1l1&cid=505583173.1698584606&ul=en-us&sr=1600x1200&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&_s=1&sid=1698584606&sct=1&seg=0&dl=https%3A%2F%2Fjumecourse.onlc.fr%2F0-Accueil.html&dt=JUMELECOURSE%20-%20Accueil&en=CAROUSEL_&_fv=1&_nsi=1&_ss=1 Requested by Host: www.googletagmanager.com URL: https://www.googletagmanager.com/gtag/destination?id=G-QG320G96PZ&l=dataLayer&cx=c Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2001:4860:4802:34::36 , United States, ASN15169 (GOOGLE, US), Reverse DNS Software Golfe2 / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Request headers accept-language fr-FR,fr;q=0.9 Referer https://jumecourse.onlc.fr/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36 Response headers pragma no-cache date Sun, 29 Oct 2023 13:03:26 GMT server Golfe2 content-type text/plain access-control-allow-origin https://jumecourse.onlc.fr cache-control no-cache, no-store, must-revalidate access-control-allow-credentials true cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 0 expires Fri, 01 Jan 1990 00:00:00 GMT

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain

turftriomphe.com

URL

https://turftriomphe.com/lien/logo2.gif

23 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| documentPictureInPicture function| $ function| jQuery object| mejs function| onYouTubePlayerAPIReady function| onYouTubePlayerReady function| MediaElement function| MediaElementPlayer object| headID object| cssNode function| allopassButtons number| alreadyrunflag undefined| proto undefined| contentloadtag number| _timer object| dataLayer object| google_tag_manager object| google_tag_data function| KillSurf function| openup object| elts function| onYouTubeIframeAPIReady object| gaGlobal

5 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

			Domain/Path	Expires	Name / Value
			jumecourse.onlc.fr/	1970-01-20 15:50:20	Name: PHPSESSID Value: ji29cofph8hugs6s0frh4glttp
			payment.allopass.com/	1969-12-31 23:59:59	Name: ShopSessionId Value: f0646cbc-5919-4606-b7bb-81b93b0739a4
			.allopass.com/	1970-01-21 00:35:20	Name: AP_CUSK Value: 3632456837
			.onlc.fr/	1970-01-21 01:25:44	Name: _ga Value: GA1.1.505583173.1698584606
			.onlc.fr/	1970-01-21 01:25:44	Name: _ga_QG320G96PZ Value: GS1.1.1698584606.1.0.1698584606.0.0.0

9 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
security	warning	URL: https://jumecourse.onlc.fr/0-Accueil.html Message: Mixed Content: The page at 'https://jumecourse.onlc.fr/0-Accueil.html' was loaded over HTTPS, but requested an insecure element 'http://turftriomphe.com/lien/logo2.gif'. This request was automatically upgraded to HTTPS, For more information see https://blog.chromium.org/2019/10/no-more-mixed-messages-about-https.html
security	warning	URL: https://jumecourse.onlc.fr/0-Accueil.html Message: Mixed Content: The page at 'https://jumecourse.onlc.fr/0-Accueil.html' was loaded over HTTPS, but requested an insecure element 'http://www.turfsur.com/img/logo.gif'. This request was automatically upgraded to HTTPS, For more information see https://blog.chromium.org/2019/10/no-more-mixed-messages-about-https.html
security	warning	URL: https://jumecourse.onlc.fr/0-Accueil.html Message: Mixed Content: The page at 'https://jumecourse.onlc.fr/0-Accueil.html' was loaded over HTTPS, but requested an insecure element 'http://www.123galop.com/fr/imgactu/photos_courses_au_galop/HK_Flat_12_2005/13.jpg'. This request was automatically upgraded to HTTPS, For more information see https://blog.chromium.org/2019/10/no-more-mixed-messages-about-https.html
security	warning	URL: https://jumecourse.onlc.fr/0-Accueil.html Message: Mixed Content: The page at 'https://jumecourse.onlc.fr/0-Accueil.html' was loaded over HTTPS, but requested an insecure element 'http://www.levainqueur.com/logo.gif'. This request was automatically upgraded to HTTPS, For more information see https://blog.chromium.org/2019/10/no-more-mixed-messages-about-https.html
network	error	URL: https://turftriomphe.com/lien/logo2.gif Message: Failed to load resource: net::ERR_NAME_NOT_RESOLVED
security	warning	URL: https://jumecourse.onlc.fr/0-Accueil.html(Line 168) Message: Mixed Content: The page at 'https://jumecourse.onlc.fr/0-Accueil.html' was loaded over HTTPS, but requested an insecure element 'http://turftriomphe.com/lien/logo2.gif'. This request was automatically upgraded to HTTPS, For more information see https://blog.chromium.org/2019/10/no-more-mixed-messages-about-https.html
security	warning	URL: https://jumecourse.onlc.fr/0-Accueil.html(Line 168) Message: Mixed Content: The page at 'https://jumecourse.onlc.fr/0-Accueil.html' was loaded over HTTPS, but requested an insecure element 'http://www.turfsur.com/img/logo.gif'. This request was automatically upgraded to HTTPS, For more information see https://blog.chromium.org/2019/10/no-more-mixed-messages-about-https.html
security	warning	URL: https://jumecourse.onlc.fr/0-Accueil.html(Line 210) Message: Mixed Content: The page at 'https://jumecourse.onlc.fr/0-Accueil.html' was loaded over HTTPS, but requested an insecure element 'http://www.123galop.com/fr/imgactu/photos_courses_au_galop/HK_Flat_12_2005/13.jpg'. This request was automatically upgraded to HTTPS, For more information see https://blog.chromium.org/2019/10/no-more-mixed-messages-about-https.html
security	warning	URL: https://jumecourse.onlc.fr/0-Accueil.html(Line 210) Message: Mixed Content: The page at 'https://jumecourse.onlc.fr/0-Accueil.html' was loaded over HTTPS, but requested an insecure element 'http://www.levainqueur.com/logo.gif'. This request was automatically upgraded to HTTPS, For more information see https://blog.chromium.org/2019/10/no-more-mixed-messages-about-https.html

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

ajax.googleapis.com
cdnjs.cloudflare.com
jumecourse.onlc.fr
payment.allopass.com
region1.google-analytics.com
script.starpass.fr
static.onlc.eu
turftriomphe.com
www.123galop.com
www.googletagmanager.com
www.levainqueur.com
www.turfsur.com
turftriomphe.com
185.119.26.1
194.0.255.28
194.150.236.165
2001:4860:4802:34::36
2606:4700:20::681a:1f9
2606:4700:20::681a:6a2
2606:4700:3033::ac43:d6a8
2606:4700::6811:180e
2a00:1450:4001:803::200a
2a00:1450:4001:82f::2008
87.98.255.4
062e902c40a37ad56db19181a1890b83b4125e0f0f5e2dd04b5010b31c52600e
4477e5d3c4edc02da645cc75f4a64388b66bdc76af744e22df9358329733d9b3
47b68dce8cb6805ad5b3ea4d27af92a241f4e29a5c12a274c852e4346a0500b4
49ba611214b0cc1d1b68df3b2d319c5e3b8b42c6d02ff8bfc99d5bf8c2db360d
6112b6dd5044659a9cdb95307745c66f18cfd160adf325bca0a34615dd04769a
6270f4fc23be1ddceb334705172b0470d61d28d201fcc23402dbdc8bac85bdc7
65e35c6ae1f74e16cbe663763323963eec7c6a22512042ab0758bd68151934a1
6f1f1a61f44724c4854fc31d8d0811ee458ce577ab9ffa7d1ab5bb8ad5d61ec4
7dd9659e56e92abc376e04d427903b2cfca1d52d854d38e35fefa4cf9e7fd9db
95eb15e76b752a9c78d6281cd3b7c43a8fbc2931783edf3bf3703af55eff06e2
9bd0c1e96f9d3b63b53ba8c355ada916479d8815034cab0aad1540c3c602d896
a3ecfe4da73d3f04f54aca493982a068a9e328942a64100bfc976cbae9cafb10
c190fd4534143b46005a1fb176e61c80c6dc36b7893ba45f2d5480217dfcb8c3
ce779c1cdb99c7850d05395a755056a39ef334456e470405b855faff38e94cda
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855