3615turf.blogtqq.com Open in urlscan Pro
51.91.236.193 Public Scan

Go To Rescan
Add Verdict Report

URL:
http://3615turf.blogtqq.com/index.php
Submission: On August 12 via manual (August 12th 2023, 12:13:14 am UTC) from BF — Scanned from FR

Summary HTTP 33 Redirects Links 2 Behaviour Indicators

Summary

This website contacted 8 IPs in 3 countries across 7 domains to perform 33 HTTP transactions. The main IP is 51.91.236.193, located in France and belongs to OVH, FR. The main domain is 3615turf.blogtqq.com.

This is the only time 3615turf.blogtqq.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
16	51.91.236.193 51.91.236.193	16276 (OVH) (OVH)
3	185.119.26.1 185.119.26.1	203544 (WEBDEVIIN-AS) (WEBDEVIIN-AS)
1 1	2606:4700:303... 2606:4700:3038::6815:ea1a	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	2606:4700:303... 2606:4700:3038::6815:ea1b	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1 1	2606:4700:303... 2606:4700:3034::6815:15de	13335 (CLOUDFLAR...) (CLOUDFLARENET)
4	2606:4700:303... 2606:4700:3034::ac43:c8d8	13335 (CLOUDFLAR...) (CLOUDFLARENET)
4	2a00:1450:400... 2a00:1450:4001:80f::2008	15169 (GOOGLE) (GOOGLE)
1	2606:4700::68... 2606:4700::6810:3965	13335 (CLOUDFLAR...) (CLOUDFLARENET)
3	2a00:1450:400... 2a00:1450:4001:827::200e	15169 (GOOGLE) (GOOGLE)
1	2001:4860:480... 2001:4860:4802:32::36	15169 (GOOGLE) (GOOGLE)
33	8

16 51.91.236.193 (France)

ASN16276 (OVH, FR)
PTR: cluster028.hosting.ovh.net

3615turf.blogtqq.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 185.119.26.1 (France)

ASN203544 (WEBDEVIIN-AS, FR)
PTR: 1.26.119.185.in-addr.arpa

payment.allopass.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700:3038::6815:ea1a (United States) 1 redirects

ASN13335 (CLOUDFLARENET, US)

img.root-top.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700:3038::6815:ea1b (United States)

ASN13335 (CLOUDFLARENET, US)

img.root-top.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700:3034::6815:15de (United States) 1 redirects

ASN13335 (CLOUDFLARENET, US)

www.pronostic-facile.fr	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2606:4700:3034::ac43:c8d8 (United States)

ASN13335 (CLOUDFLARENET, US)

www.pronostic-facile.fr	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2a00:1450:4001:80f::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.googletagmanager.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700::6810:3965 (United States)

ASN13335 (CLOUDFLARENET, US)

static.cloudflareinsights.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1450:4001:827::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2001:4860:4802:32::36 (United States)

ASN15169 (GOOGLE, US)

region1.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
16	blogtqq.com 3615turf.blogtqq.com	92 KB
5	pronostic-facile.fr 1 redirects www.pronostic-facile.fr	10 KB
4	google-analytics.com www.google-analytics.com — Cisco Umbrella Rank: 54 region1.google-analytics.com — Cisco Umbrella Rank: 2069	42 KB
4	googletagmanager.com www.googletagmanager.com — Cisco Umbrella Rank: 65	269 KB
3	allopass.com payment.allopass.com	10 KB
2	root-top.com 1 redirects img.root-top.com	5 KB
1	cloudflareinsights.com static.cloudflareinsights.com — Cisco Umbrella Rank: 1175	7 KB
33	7

	Domain	Requested by
16	3615turf.blogtqq.com	3615turf.blogtqq.com
5	www.pronostic-facile.fr	1 redirects 3615turf.blogtqq.com www.pronostic-facile.fr static.cloudflareinsights.com
4	www.googletagmanager.com	payment.allopass.com www.pronostic-facile.fr www.googletagmanager.com www.google-analytics.com
3	www.google-analytics.com	www.googletagmanager.com www.google-analytics.com
3	payment.allopass.com	3615turf.blogtqq.com payment.allopass.com
2	img.root-top.com	1 redirects 3615turf.blogtqq.com
1	region1.google-analytics.com	www.googletagmanager.com
1	static.cloudflareinsights.com	www.pronostic-facile.fr
33	8

This site contains links to these domains. Also see Links.

Domain
payment.allopass.com
www.root-top.com

Subject Issuer	Validity	Valid
*.allopass.com Sectigo RSA Domain Validation Secure Server CA	`2022-10-07` - `2023-10-07`	a year	crt.sh
*.google-analytics.com GTS CA 1C3	`2023-07-17` - `2023-10-09`	3 months	crt.sh
pronostic-facile.fr GTS CA 1P5	`2023-08-07` - `2023-11-05`	3 months	crt.sh
sni.cloudflaressl.com Cloudflare Inc ECC CA-3	`2023-04-10` - `2024-04-09`	a year	crt.sh

This page contains 2 frames:

Primary Page: http://3615turf.blogtqq.com/index.php
Frame ID: C20D7210F461D41E90EA568DC7377137
Requests: 26 HTTP requests in this frame

Frame: https://www.pronostic-facile.fr/widget/partner/quinte_runners/all
Frame ID: F67F0175F2A73C82DD636CCC16631B13
Requests: 7 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

3615 Turf

Detected technologies

PHP (Programming Languages) Expand

Overall confidence: 100%
Detected patterns

\.php(?:$|\?)

Cloudflare Browser Insights (Analytics) Expand

Overall confidence: 100%
Detected patterns

static\.cloudflareinsights\.com/beacon(?:\.min)?\.js

Google Analytics (Analytics) Expand

Overall confidence: 100%
Detected patterns

google-analytics\.com/(?:ga|urchin|analytics)\.js

Google Tag Manager (Tag Managers) Expand

Overall confidence: 100%
Detected patterns

googletagmanager\.com/gtm\.js
googletagmanager\.com/gtag/js

Page Statistics

33
Requests

45 %
HTTPS

80 %
IPv6

7
Domains

8
Subdomains

8
IPs

3
Countries

434 kB
Transfer

1001 kB
Size

6
Cookies

2 Outgoing links

These are links going to different origins than the main page.

URL: https://payment.allopass.com/buy/buy.apu?ids=334687&idd=1471562&carousel=row

Search URL Search Domain Scan URL

URL: http://www.root-top.com/topsite/jmbazire/in.php?ID=255

Search URL Search Domain Scan URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 11

http://img.root-top.com/topsite/jmbazire/banner.gif HTTP 301
https://img.root-top.com/topsite/jmbazire/banner.gif

Request Chain 12

http://www.pronostic-facile.fr/widget/partner/script/quinte_runners HTTP 301
https://www.pronostic-facile.fr/widget/partner/script/quinte_runners

33 HTTP transactions
0 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H/1.1 200
OK Primary Request index.php Show response
3615turf.blogtqq.com/ 4 KB
2 KB 360ms
21ms Document
text/html 51.91.236.193
OVH

General

Check archive.org

Show headers Download Go to

Full URL: http://3615turf.blogtqq.com/index.php
Protocol: HTTP/1.1
Server: 51.91.236.193 , France, ASN16276 (OVH, FR),
Reverse DNS: cluster028.hosting.ovh.net
Software: Apache / PHP/7.2
Resource Hash: 3e7de7389a5777d4f65fc9d3e47aec6d1b51e3b3b41fcf68b51c911f065a7360

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36
accept-language: fr-FR,fr;q=0.9

Response headers

content-encoding: gzip
content-type: text/html; charset=UTF-8
date: Sat, 12 Aug 2023 00:13:09 GMT
server: Apache
transfer-encoding: chunked
vary: Accept-Encoding
x-iplb-instance: 32680
x-iplb-request-id: B22190B2:D1B8_335BECC1:0050_64D6CE95_CBC9:2D0EE
x-powered-by: PHP/7.2

GET
H/1.1 200
OK turf.css
3615turf.blogtqq.com/css/ 992 B
800 B 17ms
16ms Stylesheet
text/css 51.91.236.193
OVH

General

Check archive.org

Show headers Download Go to

Full URL: http://3615turf.blogtqq.com/css/turf.css
Requested by: Host: 3615turf.blogtqq.com
URL: http://3615turf.blogtqq.com/index.php
Protocol: HTTP/1.1
Server: 51.91.236.193 , France, ASN16276 (OVH, FR),
Reverse DNS: cluster028.hosting.ovh.net
Software: Apache /
Resource Hash: d255c2be2e8ff0d88c7eb54b9d2344b74d77c788dcf4d8ccaa8bc2d40928c1e8

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: http://3615turf.blogtqq.com/index.php
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date: Sat, 12 Aug 2023 00:13:09 GMT
content-encoding: gzip
last-modified: Thu, 10 Oct 2019 21:21:27 GMT
server: Apache
x-iplb-request-id: B22190B2:D1B8_335BECC1:0050_64D6CE95_CBCA:2D0EE
x-iplb-instance: 32680
vary: Accept-Encoding
content-type: text/css
cache-control: max-age=900
accept-ranges: bytes
content-length: 408
expires: Sat, 12 Aug 2023 00:28:09 GMT

GET
H/1.1 200
OK banniere.gif
3615turf.blogtqq.com/banniere/ 18 KB
19 KB 35ms
17ms Image
image/gif 51.91.236.193
OVH

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://3615turf.blogtqq.com/banniere/banniere.gif
Requested by: Host: 3615turf.blogtqq.com
URL: http://3615turf.blogtqq.com/index.php
Protocol: HTTP/1.1
Server: 51.91.236.193 , France, ASN16276 (OVH, FR),
Reverse DNS: cluster028.hosting.ovh.net
Software: Apache /
Resource Hash: 9b949a8c8e696c7eb5776b647f27522fe02cec03bca83101d2d6a5a2e33efbff

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: http://3615turf.blogtqq.com/index.php
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date: Sat, 12 Aug 2023 00:13:09 GMT
last-modified: Thu, 10 Oct 2019 21:21:24 GMT
server: Apache
x-iplb-request-id: B22190B2:D1B8_335BECC1:0050_64D6CE95_CBCB:2D0EE
x-iplb-instance: 32680
content-type: image/gif
cache-control: max-age=900
accept-ranges: bytes
content-length: 18860
expires: Sat, 12 Aug 2023 00:28:09 GMT

GET
H/1.1 200
OK accueil.gif
3615turf.blogtqq.com/bouton/ 316 B
662 B 208ms
16ms Image
image/gif 51.91.236.193
OVH

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://3615turf.blogtqq.com/bouton/accueil.gif
Requested by: Host: 3615turf.blogtqq.com
URL: http://3615turf.blogtqq.com/index.php
Protocol: HTTP/1.1
Server: 51.91.236.193 , France, ASN16276 (OVH, FR),
Reverse DNS: cluster028.hosting.ovh.net
Software: Apache /
Resource Hash: e19cb02bfda620bde5f8a07a239d91994c537ba7226c9cef9eb42047f62377a0

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: http://3615turf.blogtqq.com/index.php
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date: Sat, 12 Aug 2023 00:13:09 GMT
last-modified: Thu, 10 Oct 2019 21:21:25 GMT
server: Apache
x-iplb-request-id: B22190B2:D1C8_335BECC1:0050_64D6CE95_9785:2D0ED
x-iplb-instance: 32680
content-type: image/gif
cache-control: max-age=900
accept-ranges: bytes
content-length: 316
expires: Sat, 12 Aug 2023 00:28:09 GMT

GET
H/1.1 200
OK archive.gif
3615turf.blogtqq.com/bouton/ 318 B
664 B 209ms
16ms Image
image/gif 51.91.236.193
OVH

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://3615turf.blogtqq.com/bouton/archive.gif
Requested by: Host: 3615turf.blogtqq.com
URL: http://3615turf.blogtqq.com/index.php
Protocol: HTTP/1.1
Server: 51.91.236.193 , France, ASN16276 (OVH, FR),
Reverse DNS: cluster028.hosting.ovh.net
Software: Apache /
Resource Hash: 064d4fa5c42a4e5eb785a12f6b46828eccab7857de5a471e7af1d1549c4945ad

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: http://3615turf.blogtqq.com/index.php
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date: Sat, 12 Aug 2023 00:13:09 GMT
last-modified: Thu, 10 Oct 2019 21:21:25 GMT
server: Apache
x-iplb-request-id: B22190B2:D1B8_335BECC1:0050_64D6CE95_CBDC:2D0EE
x-iplb-instance: 32680
content-type: image/gif
cache-control: max-age=900
accept-ranges: bytes
content-length: 318
expires: Sat, 12 Aug 2023 00:28:09 GMT

GET
H/1.1 200
OK contact.gif
3615turf.blogtqq.com/bouton/ 309 B
655 B 224ms
16ms Image
image/gif 51.91.236.193
OVH

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://3615turf.blogtqq.com/bouton/contact.gif
Requested by: Host: 3615turf.blogtqq.com
URL: http://3615turf.blogtqq.com/index.php
Protocol: HTTP/1.1
Server: 51.91.236.193 , France, ASN16276 (OVH, FR),
Reverse DNS: cluster028.hosting.ovh.net
Software: Apache /
Resource Hash: 89187e19f0b7ef8f6c18ea2bba65ef1169bb93e40edb140f245f4f9b5024c752

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: http://3615turf.blogtqq.com/index.php
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date: Sat, 12 Aug 2023 00:13:09 GMT
last-modified: Thu, 10 Oct 2019 21:21:26 GMT
server: Apache
x-iplb-request-id: B22190B2:D1C8_335BECC1:0050_64D6CE95_9786:2D0ED
x-iplb-instance: 32680
content-type: image/gif
cache-control: max-age=900
accept-ranges: bytes
content-length: 309
expires: Sat, 12 Aug 2023 00:28:09 GMT

GET
H/1.1 200
OK sct2tqqm_01.gif
3615turf.blogtqq.com/image/ 4 KB
4 KB 225ms
16ms Image
image/gif 51.91.236.193
OVH

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://3615turf.blogtqq.com/image/sct2tqqm_01.gif
Requested by: Host: 3615turf.blogtqq.com
URL: http://3615turf.blogtqq.com/index.php
Protocol: HTTP/1.1
Server: 51.91.236.193 , France, ASN16276 (OVH, FR),
Reverse DNS: cluster028.hosting.ovh.net
Software: Apache /
Resource Hash: 0283a9c622051b0f52b9e239243ee53045cfa8770dacbd9918a93ce1687b6da7

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: http://3615turf.blogtqq.com/index.php
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date: Sat, 12 Aug 2023 00:13:09 GMT
last-modified: Thu, 10 Oct 2019 21:21:30 GMT
server: Apache
x-iplb-request-id: B22190B2:D1B8_335BECC1:0050_64D6CE95_CBDF:2D0EE
x-iplb-instance: 32680
content-type: image/gif
cache-control: max-age=900
accept-ranges: bytes
content-length: 4002
expires: Sat, 12 Aug 2023 00:28:09 GMT

GET
H/1.1 200
OK flech.gif
3615turf.blogtqq.com/image/ 4 KB
4 KB 229ms
17ms Image
image/gif 51.91.236.193
OVH

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://3615turf.blogtqq.com/image/flech.gif
Requested by: Host: 3615turf.blogtqq.com
URL: http://3615turf.blogtqq.com/index.php
Protocol: HTTP/1.1
Server: 51.91.236.193 , France, ASN16276 (OVH, FR),
Reverse DNS: cluster028.hosting.ovh.net
Software: Apache /
Resource Hash: af1fe4e33c5f4731d4cdec12276460903a4936bebdbcda74ebdbc7880f85f887

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: http://3615turf.blogtqq.com/index.php
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date: Sat, 12 Aug 2023 00:13:09 GMT
last-modified: Thu, 10 Oct 2019 21:21:28 GMT
server: Apache
x-iplb-request-id: B22190B2:D1C8_335BECC1:0050_64D6CE95_9787:2D0ED
x-iplb-instance: 32680
content-type: image/gif
cache-control: max-age=900
accept-ranges: bytes
content-length: 3857
expires: Sat, 12 Aug 2023 00:28:09 GMT

GET
H/1.1 200
OK chevaldecourse.jpg
3615turf.blogtqq.com/image/ 35 KB
35 KB 40ms
18ms Image
image/jpeg 51.91.236.193
OVH

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://3615turf.blogtqq.com/image/chevaldecourse.jpg
Requested by: Host: 3615turf.blogtqq.com
URL: http://3615turf.blogtqq.com/index.php
Protocol: HTTP/1.1
Server: 51.91.236.193 , France, ASN16276 (OVH, FR),
Reverse DNS: cluster028.hosting.ovh.net
Software: Apache /
Resource Hash: 05f98eee7abfdab19b94841f7490137a6312dd85e1e6e1f543ac669f902385f5

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: http://3615turf.blogtqq.com/index.php
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date: Sat, 12 Aug 2023 00:13:09 GMT
last-modified: Thu, 10 Oct 2019 21:21:28 GMT
server: Apache
x-iplb-request-id: B22190B2:D1B8_335BECC1:0050_64D6CE95_CBCE:2D0EE
x-iplb-instance: 32680
content-type: image/jpeg
cache-control: max-age=900
accept-ranges: bytes
content-length: 35936
expires: Sat, 12 Aug 2023 00:28:09 GMT

GET
H/1.1 200
OK flecha.gif
3615turf.blogtqq.com/image/ 4 KB
4 KB 75ms
16ms Image
image/gif 51.91.236.193
OVH

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://3615turf.blogtqq.com/image/flecha.gif
Requested by: Host: 3615turf.blogtqq.com
URL: http://3615turf.blogtqq.com/index.php
Protocol: HTTP/1.1
Server: 51.91.236.193 , France, ASN16276 (OVH, FR),
Reverse DNS: cluster028.hosting.ovh.net
Software: Apache /
Resource Hash: 0dd9d34f236dcb667a65cd6aa9285d7b71b41bb0adf261b7f114528d2bc07930

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: http://3615turf.blogtqq.com/index.php
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date: Sat, 12 Aug 2023 00:13:09 GMT
last-modified: Thu, 10 Oct 2019 21:21:29 GMT
server: Apache
x-iplb-request-id: B22190B2:D1B8_335BECC1:0050_64D6CE95_CBCF:2D0EE
x-iplb-instance: 32680
content-type: image/gif
cache-control: max-age=900
accept-ranges: bytes
content-length: 3909
expires: Sat, 12 Aug 2023 00:28:09 GMT

GET
H/1.1 200
OK codee.gif
3615turf.blogtqq.com/image/ 7 KB
7 KB 151ms
17ms Image
image/gif 51.91.236.193
OVH

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://3615turf.blogtqq.com/image/codee.gif
Requested by: Host: 3615turf.blogtqq.com
URL: http://3615turf.blogtqq.com/index.php
Protocol: HTTP/1.1
Server: 51.91.236.193 , France, ASN16276 (OVH, FR),
Reverse DNS: cluster028.hosting.ovh.net
Software: Apache /
Resource Hash: 2698dd4734cadb642256d55dcc2fd5d9cc0bee9aa583a488a808850e491f9693

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: http://3615turf.blogtqq.com/index.php
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date: Sat, 12 Aug 2023 00:13:09 GMT
last-modified: Thu, 10 Oct 2019 21:21:28 GMT
server: Apache
x-iplb-request-id: B22190B2:D1B8_335BECC1:0050_64D6CE95_CBD5:2D0EE
x-iplb-instance: 32680
content-type: image/gif
cache-control: max-age=900
accept-ranges: bytes
content-length: 6669
expires: Sat, 12 Aug 2023 00:28:09 GMT

GET
H/1.1 200
OK checkout.apu Show response
payment.allopass.com/buy/ 11 KB
4 KB 366ms
262ms Script
text/html 185.119.26.1
WEBDEVIIN-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://payment.allopass.com/buy/checkout.apu?ids=334687&idd=1471562&lang=fr
Requested by: Host: 3615turf.blogtqq.com
URL: http://3615turf.blogtqq.com/index.php
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 185.119.26.1 , France, ASN203544 (WEBDEVIIN-AS, FR),
Reverse DNS: 1.26.119.185.in-addr.arpa
Software: Apache /
Resource Hash: b40b2941caaba8f8a0ec0beb268cc38f36d5341db96cba7596e0c27613c3eac6

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: http://3615turf.blogtqq.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

Pragma: no-cache
Date: Sat, 12 Aug 2023 00:13:09 GMT
Content-Encoding: gzip
Server: Apache
Vary: Accept-Encoding
P3P: CP='NON NID OTPa OUR NOR' policy-ref='http://payment.allopass.com/info/p3p/policy-references.xml'
Content-Type: text/html
Cache-Control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
Connection: close
Content-Length: 2962
Expires: Thu, 19 Nov 1981 08:52:00 GMT

GET
H2

200

banner.gif
img.root-top.com/topsite/jmbazire/
Redirect Chain

http://img.root-top.com/topsite/jmbazire/banner.gif
https://img.root-top.com/topsite/jmbazire/banner.gif

4 KB
5 KB

91ms
28ms

Image
image/png

2606:4700:3038::6815:ea1b
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://img.root-top.com/topsite/jmbazire/banner.gif
Requested by: Host: 3615turf.blogtqq.com
URL: http://3615turf.blogtqq.com/index.php
Protocol: H2
Server: 2606:4700:3038::6815:ea1b , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 597b8d67ab1ae1248dc69b6ef66b49d95eedc1ab74ae74234d86e3668d72e58e

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: http://3615turf.blogtqq.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date: Sat, 12 Aug 2023 00:13:09 GMT
cf-cache-status: HIT
last-modified: Tue, 29 Nov 2022 12:52:50 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
age: 2590943
etag: "1229025579"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=7AVIR%2F5mGnY9nPBflnGsRmlOiwllMmSckVOzqGJZR06CgTJqSYhS49LnnQEHiONmCl8iJgO5epkDpDnWUuDSHW8e%2BacxrWge8A1NN8O%2F2f0jwO3NyJ8mxgygMK0I7%2BACPpP90Hq4Dl%2BNwDXhb%2FNr"}],"group":"cf-nel","max_age":604800}
content-type: image/png
cache-control: max-age=2678400
accept-ranges: bytes
cf-ray: 7f5482c58e07d56c-CDG
alt-svc: h3=":443"; ma=86400
content-length: 4424

Redirect headers

Date: Sat, 12 Aug 2023 00:13:09 GMT
CF-Cache-Status: HIT
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Server: cloudflare
Age: 392
Vary: Accept-Encoding
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=zgsIl2EEvaUt80KKjUhGK1%2BgpJO1uxd8bmzXXYsc31Dty2rT7fOE29ULny4Atuf%2F89BKvnVp1RHPWejcE0Nluqc3c46znRknc3vJ1Qv0XtFjYAb3us6f%2FeY67fUovTFnrKQ43%2FHTKr0Jycn%2Bpq7T"}],"group":"cf-nel","max_age":604800}
Location: https://img.root-top.com/topsite/jmbazire/banner.gif
Cache-Control: max-age=14400
Connection: keep-alive
CF-RAY: 7f5482c4ea9b2a1f-CDG
alt-svc: h3=":443"; ma=86400
Content-Length: 0

GET
H2

200

quinte_runners Show response
www.pronostic-facile.fr/widget/partner/script/
Redirect Chain

http://www.pronostic-facile.fr/widget/partner/script/quinte_runners
https://www.pronostic-facile.fr/widget/partner/script/quinte_runners

251 B
820 B

151ms
96ms

Script
text/html

2606:4700:3034::ac43:c8d8
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://www.pronostic-facile.fr/widget/partner/script/quinte_runners
Requested by: Host: 3615turf.blogtqq.com
URL: http://3615turf.blogtqq.com/index.php
Protocol: H2
Server: 2606:4700:3034::ac43:c8d8 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: c12334f075c3ef7a6c6fd68e3e441221457c69d7e6629fbc74d38b57c267ccd6

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: http://3615turf.blogtqq.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

x-runtime: 1
date: Sat, 12 Aug 2023 00:13:09 GMT
content-encoding: br
cf-cache-status: DYNAMIC
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=of9rEwepiS7taKpwnUeWRnzF15gOHfoT%2BMFAhkPSD0rN8%2FBw%2BPy%2BUVzOLtg4HCX%2FWy2tcV3zyt%2FEQeWgptPG4NzYR9tVC%2FBGMKqjYiZbz6idKsLIaK79U9uavEFEu75kzxMCkulDw1uWawNCvKATXdjEDyNaQw%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/html; charset=utf-8
cache-control: private, max-age=0, must-revalidate
cf-ray: 7f5482c5cb67d6ea-CDG
alt-svc: h3=":443"; ma=86400

Redirect headers

Date: Sat, 12 Aug 2023 00:13:09 GMT
CF-Cache-Status: DYNAMIC
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Server: cloudflare
Transfer-Encoding: chunked
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=y3HIDfJ4H41%2FC0HMIKRZn%2BFqqGVyT1fsqSPIkuES8zMVBQfQoP%2B%2BYLclgJKXiOVNAr1tMS%2Ba0qiXzq%2BfQe6B67Wvej8%2FWRqXgfIc5cDpqOTztrjGtVeP%2Bw0TxaJ1uJMostlMY7dhh0qcQ6EtTarsvA8tR6wPTg%3D%3D"}],"group":"cf-nel","max_age":604800}
Content-Type: text/html
Location: https://www.pronostic-facile.fr/widget/partner/script/quinte_runners
Connection: keep-alive
CF-RAY: 7f5482c50859d311-CDG
alt-svc: h3=":443"; ma=86400

GET
H/1.1 404
Not Found font.jpg
3615turf.blogtqq.com/image/ 196 B
196 B 94ms
17ms Image
text/html 51.91.236.193
OVH

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://3615turf.blogtqq.com/image/font.jpg
Requested by: Host: 3615turf.blogtqq.com
URL: http://3615turf.blogtqq.com/css/turf.css
Protocol: HTTP/1.1
Server: 51.91.236.193 , France, ASN16276 (OVH, FR),
Reverse DNS: cluster028.hosting.ovh.net
Software: Apache /
Resource Hash: 80c3fe2ae1062abf56456f52518bd670f9ec3917b7f85e152b347ac6b6faf880

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: http://3615turf.blogtqq.com/css/turf.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date: Sat, 12 Aug 2023 00:13:09 GMT
server: Apache
x-iplb-request-id: B22190B2:D1B8_335BECC1:0050_64D6CE95_CBD1:2D0EE
content-length: 196
x-iplb-instance: 32680
content-type: text/html; charset=iso-8859-1

GET
H/1.1 404
Not Found bbarre.gif
3615turf.blogtqq.com/image/ 196 B
196 B 168ms
15ms Image
text/html 51.91.236.193
OVH

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://3615turf.blogtqq.com/image/bbarre.gif
Requested by: Host: 3615turf.blogtqq.com
URL: http://3615turf.blogtqq.com/css/turf.css
Protocol: HTTP/1.1
Server: 51.91.236.193 , France, ASN16276 (OVH, FR),
Reverse DNS: cluster028.hosting.ovh.net
Software: Apache /
Resource Hash: 80c3fe2ae1062abf56456f52518bd670f9ec3917b7f85e152b347ac6b6faf880

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: http://3615turf.blogtqq.com/css/turf.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date: Sat, 12 Aug 2023 00:13:09 GMT
server: Apache
x-iplb-request-id: B22190B2:D1B8_335BECC1:0050_64D6CE95_CBD9:2D0EE
content-length: 196
x-iplb-instance: 32680
content-type: text/html; charset=iso-8859-1

GET
H/1.1 200
OK menu.gif
3615turf.blogtqq.com/image/ 1 KB
2 KB 132ms
18ms Image
image/gif 51.91.236.193
OVH

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://3615turf.blogtqq.com/image/menu.gif
Requested by: Host: 3615turf.blogtqq.com
URL: http://3615turf.blogtqq.com/css/turf.css
Protocol: HTTP/1.1
Server: 51.91.236.193 , France, ASN16276 (OVH, FR),
Reverse DNS: cluster028.hosting.ovh.net
Software: Apache /
Resource Hash: 62bd43cb235383a00e0e00ed5d6228d8249f0b6722a3935019471f5d65f104c2

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: http://3615turf.blogtqq.com/css/turf.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date: Sat, 12 Aug 2023 00:13:09 GMT
last-modified: Thu, 10 Oct 2019 21:21:30 GMT
server: Apache
x-iplb-request-id: B22190B2:D1B8_335BECC1:0050_64D6CE95_CBD3:2D0EE
x-iplb-instance: 32680
content-type: image/gif
cache-control: max-age=900
accept-ranges: bytes
content-length: 1326
expires: Sat, 12 Aug 2023 00:28:09 GMT

GET
H/1.1 200
OK font.gif
3615turf.blogtqq.com/image/ 8 KB
8 KB 113ms
16ms Image
image/gif 51.91.236.193
OVH

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://3615turf.blogtqq.com/image/font.gif
Requested by: Host: 3615turf.blogtqq.com
URL: http://3615turf.blogtqq.com/css/turf.css
Protocol: HTTP/1.1
Server: 51.91.236.193 , France, ASN16276 (OVH, FR),
Reverse DNS: cluster028.hosting.ovh.net
Software: Apache /
Resource Hash: 79eae1eb0457a662def57a3f548f6d2195ef60263ad08758cb98644a2d06eebd

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: http://3615turf.blogtqq.com/css/turf.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date: Sat, 12 Aug 2023 00:13:09 GMT
last-modified: Thu, 10 Oct 2019 21:21:29 GMT
server: Apache
x-iplb-request-id: B22190B2:D1B8_335BECC1:0050_64D6CE95_CBD2:2D0EE
x-iplb-instance: 32680
content-type: image/gif
cache-control: max-age=900
accept-ranges: bytes
content-length: 8330
expires: Sat, 12 Aug 2023 00:28:09 GMT

GET
H2 200 gtm.js Show response
www.googletagmanager.com/ 128 KB
49 KB 117ms
40ms Script
application/javascript 2a00:1450:4001:80f::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtm.js?id=GTM-NHFGDSD

Requested by

Host: payment.allopass.com
URL: https://payment.allopass.com/buy/checkout.apu?ids=334687&idd=1471562&lang=fr

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80f::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

7e199803f8c860c127ca8cd6957f7b18e149fd062a0948c02c2066c16b9a8a99

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: http://3615turf.blogtqq.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date: Sat, 12 Aug 2023 00:13:09 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
access-control-allow-headers: Cache-Control
content-length: 50118
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires: Sat, 12 Aug 2023 00:13:09 GMT

GET
H/1.1 200
OK buy-button.css
payment.allopass.com/static/css/ 2 KB
830 B 60ms
21ms Stylesheet
text/css 185.119.26.1
WEBDEVIIN-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://payment.allopass.com/static/css/buy-button.css?1
Requested by: Host: payment.allopass.com
URL: https://payment.allopass.com/buy/checkout.apu?ids=334687&idd=1471562&lang=fr
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 185.119.26.1 , France, ASN203544 (WEBDEVIIN-AS, FR),
Reverse DNS: 1.26.119.185.in-addr.arpa
Software: Apache /
Resource Hash: 95eb15e76b752a9c78d6281cd3b7c43a8fbc2931783edf3bf3703af55eff06e2

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: http://3615turf.blogtqq.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

Date: Sat, 12 Aug 2023 00:13:09 GMT
Content-Encoding: gzip
Last-Modified: Tue, 16 Nov 2021 13:36:55 GMT
Server: Apache
ETag: "215fd-69a-5d0e804cbabc0"
Vary: Accept-Encoding
Content-Type: text/css
Connection: close
Accept-Ranges: bytes
Content-Length: 546

GET
H/1.1 200
OK 162x56.png
payment.allopass.com/static/buy/button/fr/ 6 KB
6 KB 60ms
21ms Image
image/png 185.119.26.1
WEBDEVIIN-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://payment.allopass.com/static/buy/button/fr/162x56.png
Requested by: Host: 3615turf.blogtqq.com
URL: http://3615turf.blogtqq.com/index.php
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 185.119.26.1 , France, ASN203544 (WEBDEVIIN-AS, FR),
Reverse DNS: 1.26.119.185.in-addr.arpa
Software: Apache /
Resource Hash: 7dd9659e56e92abc376e04d427903b2cfca1d52d854d38e35fefa4cf9e7fd9db

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: http://3615turf.blogtqq.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

Date: Sat, 12 Aug 2023 00:13:09 GMT
Last-Modified: Tue, 16 Nov 2021 13:36:55 GMT
Server: Apache
ETag: "40f3d-1688-5d0e804cbabc0"
Content-Type: image/png
Connection: close
Accept-Ranges: bytes
Content-Length: 5768

GET
H2 200 all Show response
www.pronostic-facile.fr/widget/partner/quinte_runners/ Frame F67F 9 KB
4 KB 114ms
112ms Document
text/html 2606:4700:3034::ac43:c8d8
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://www.pronostic-facile.fr/widget/partner/quinte_runners/all
Requested by: Host: www.pronostic-facile.fr
URL: http://www.pronostic-facile.fr/widget/partner/script/quinte_runners
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3034::ac43:c8d8 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: ec380e0a9ddcfafc81c67a01fcf77bc63fe0945a5df67dcfc9add7b7328ed988

Request headers

Referer: http://3615turf.blogtqq.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36
accept-language: fr-FR,fr;q=0.9

Response headers

alt-svc: h3=":443"; ma=86400
cache-control: private, max-age=0, must-revalidate
cf-cache-status: DYNAMIC
cf-ray: 7f5482c76c48d6ea-CDG
content-encoding: br
content-type: text/html; charset=utf-8
date: Sat, 12 Aug 2023 00:13:09 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Ju4DZrlAjEykaGj3Av5dul6g5xhLg%2BsXgQM4BwiNgl15qD%2B08eb9k8FJ0A3DZYiH7E90NsC1Qua9rUGq5v2wT21G4WTZZbsWrPcI5EF52BeMnBIzKKObRLut18gOPqRO7Hps8JmI%2BzRs6I8VFop1IhPoZyjNvQ%3D%3D"}],"group":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
x-runtime: 4

GET
H/1.1 200
OK foot.gif
3615turf.blogtqq.com/image/ 3 KB
3 KB 16ms
16ms Image
image/gif 51.91.236.193
OVH

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://3615turf.blogtqq.com/image/foot.gif
Requested by: Host: 3615turf.blogtqq.com
URL: http://3615turf.blogtqq.com/css/turf.css
Protocol: HTTP/1.1
Server: 51.91.236.193 , France, ASN16276 (OVH, FR),
Reverse DNS: cluster028.hosting.ovh.net
Software: Apache /
Resource Hash: bccd4996e64f89321cf3833a083be074b75df138963dc6180956dbf51b725960

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: http://3615turf.blogtqq.com/css/turf.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date: Sat, 12 Aug 2023 00:13:09 GMT
last-modified: Thu, 10 Oct 2019 21:21:29 GMT
server: Apache
x-iplb-request-id: B22190B2:D1C8_335BECC1:0050_64D6CE95_978E:2D0ED
x-iplb-instance: 32680
content-type: image/gif
cache-control: max-age=900
accept-ranges: bytes
content-length: 2993
expires: Sat, 12 Aug 2023 00:28:09 GMT

GET
H3 200 rocket-loader.min.js Show response
www.pronostic-facile.fr/cdn-cgi/scripts/7d0fa10a/cloudflare-static/ Frame F67F 12 KB
4 KB 25ms
24ms Script
application/javascript 2606:4700:3034::ac43:c8d8
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.pronostic-facile.fr/cdn-cgi/scripts/7d0fa10a/cloudflare-static/rocket-loader.min.js

Requested by

Host: www.pronostic-facile.fr
URL: https://www.pronostic-facile.fr/widget/partner/quinte_runners/all

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:3034::ac43:c8d8 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

ccf00d1923b0131a10e0c6d26f95e5dee6ebf8621a27e83c5a2f68a2e0093142

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	DENY

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://www.pronostic-facile.fr/widget/partner/quinte_runners/all
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date: Sat, 12 Aug 2023 00:13:09 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Mon, 07 Aug 2023 18:20:33 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
etag: W/"64d135f1-302c"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Kx1yJTihd2d7JpXP3VNPlG%2Fqm7oamiF3TkuHMUJ0sj0ZCDsi0UUvGO51sN1XspZoHkFCxFFMTuEFQNmNP6Nabw52m6s3bafBeovUlW57gaqsS%2Bo7s0vd4wwLrE2vb%2Fw8WUVFs5u%2BqM2ulpXuisW%2BT51cxpV56w%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
x-frame-options: DENY
cache-control: max-age=172800, public
cf-ray: 7f5482c82adc0066-CDG
expires: Mon, 14 Aug 2023 00:13:09 GMT

GET
H2 200 v8b253dfea2ab4077af8c6f58422dfbfd1689876627854 Show response
static.cloudflareinsights.com/beacon.min.js/ Frame F67F 20 KB
7 KB 108ms
56ms Script
text/javascript 2606:4700::6810:3965
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://static.cloudflareinsights.com/beacon.min.js/v8b253dfea2ab4077af8c6f58422dfbfd1689876627854
Requested by: Host: www.pronostic-facile.fr
URL: https://www.pronostic-facile.fr/widget/partner/quinte_runners/all
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6810:3965 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: c235f21017bcc11fcaa31d7dfd9855aaebcbf5f6d7ee9bf9f2e98a910907c391

Request headers

Referer: https://www.pronostic-facile.fr/
Origin: https://www.pronostic-facile.fr
accept-language: fr-FR,fr;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date: Sat, 12 Aug 2023 00:13:09 GMT
content-encoding: gzip
last-modified: Thu, 20 Jul 2023 18:10:27 GMT
server: cloudflare
etag: W/"2023.7.1"
vary: Accept-Encoding
content-type: text/javascript;charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=86400
cross-origin-resource-policy: cross-origin
cf-ray: 7f5482c87dd22a17-CDG

GET
H2 200 js Show response
www.googletagmanager.com/gtag/ Frame F67F 179 KB
65 KB 36ms
35ms Script
application/javascript 2a00:1450:4001:80f::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=UA-630351-12

Requested by

Host: www.pronostic-facile.fr
URL: https://www.pronostic-facile.fr/cdn-cgi/scripts/7d0fa10a/cloudflare-static/rocket-loader.min.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80f::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

0eb004ecf66963f62d2ff6960e512188845f1704436523d71fbc7d5de2503139

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://www.pronostic-facile.fr/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date: Sat, 12 Aug 2023 00:13:09 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
access-control-allow-headers: Cache-Control
content-length: 66537
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires: Sat, 12 Aug 2023 00:13:09 GMT

GET
H2 200 analytics.js Show response
www.google-analytics.com/ 52 KB
21 KB 95ms
27ms Script
text/javascript 2a00:1450:4001:827::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/analytics.js

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-NHFGDSD

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:827::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

de36e50194320a7d3ef1ace9bd34a875a8bd458b253c061979dd628e9bf49afd

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: http://3615turf.blogtqq.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

strict-transport-security: max-age=10886400; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
date: Fri, 11 Aug 2023 23:49:43 GMT
last-modified: Mon, 12 Jun 2023 18:23:07 GMT
server: Golfe2
age: 1406
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=7200
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 20994
expires: Sat, 12 Aug 2023 01:49:43 GMT

POST
H3 204 rum Show response
www.pronostic-facile.fr/cdn-cgi/ Frame F67F 0
147 B 22ms
22ms XHR
text/plain 2606:4700:3034::ac43:c8d8
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.pronostic-facile.fr/cdn-cgi/rum?

Requested by

Host: static.cloudflareinsights.com
URL: https://static.cloudflareinsights.com/beacon.min.js/v8b253dfea2ab4077af8c6f58422dfbfd1689876627854

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:3034::ac43:c8d8 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	DENY

Request headers

Referer: https://www.pronostic-facile.fr/widget/partner/quinte_runners/all
accept-language: fr-FR,fr;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36
content-type: application/json

Response headers

date: Sat, 12 Aug 2023 00:13:09 GMT
x-content-type-options: nosniff
server: cloudflare
vary: Origin
access-control-max-age: 86400
access-control-allow-methods: POST,OPTIONS
access-control-allow-origin: https://www.pronostic-facile.fr
x-frame-options: DENY
access-control-allow-credentials: true
cf-ray: 7f5482c8eb240066-CDG

GET
H3 200 js Show response
www.googletagmanager.com/gtag/ Frame F67F 218 KB
77 KB 42ms
42ms Script
application/javascript 2a00:1450:4001:80f::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=G-PEY0K16Y5K&l=dataLayer&cx=c

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=UA-630351-12

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

e682c9bb05e0c6f981c3688133644035899881c8b56bcaacf1fb4d859fb637e5

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://www.pronostic-facile.fr/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date: Sat, 12 Aug 2023 00:13:09 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
access-control-allow-headers: Cache-Control
content-length: 78591
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires: Sat, 12 Aug 2023 00:13:09 GMT

GET
H2 200 analytics.js Show response
www.google-analytics.com/ Frame F67F 52 KB
21 KB 33ms
33ms Script
text/javascript 2a00:1450:4001:827::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/analytics.js

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=UA-630351-12

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:827::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

de36e50194320a7d3ef1ace9bd34a875a8bd458b253c061979dd628e9bf49afd

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://www.pronostic-facile.fr/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

strict-transport-security: max-age=10886400; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
date: Fri, 11 Aug 2023 23:49:43 GMT
last-modified: Mon, 12 Jun 2023 18:23:07 GMT
server: Golfe2
age: 1406
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=7200
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 20994
expires: Sat, 12 Aug 2023 01:49:43 GMT

POST
H2 200 collect Show response
www.google-analytics.com/j/ 15 B
224 B 34ms
33ms XHR
text/plain 2a00:1450:4001:827::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/j/collect?v=1&_v=j101&a=930853300&t=pageview&_s=1&dl=http%3A%2F%2F3615turf.blogtqq.com%2Findex.php&ul=en-us&de=UTF-8&dt=3615%20Turf&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=YEBAAEABAAAAACAAI~&jid=311916948&gjid=1754515610&cid=209539974.1691799190&tid=UA-135619294-1&_gid=1628753113.1691799190&_r=1&_slc=1&gtm=45He3890n81NHFGDSD&cd1=ALS-LIBS-CHECKOUT-15&cd2=1471562&cd3=334687&cd4=(not%20set)&cd5=classic&z=1889418233

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:827::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

7c7733e8636c67e4121a4a6b4ccc694169ca728763d2e90eafeb71cc00f20109

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: http://3615turf.blogtqq.com/
accept-language: fr-FR,fr;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Sat, 12 Aug 2023 00:13:09 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: http://3615turf.blogtqq.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 15
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 js Show response
www.googletagmanager.com/gtag/ 220 KB
78 KB 43ms
43ms Script
application/javascript 2a00:1450:4001:80f::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=G-SBC94LXYJ0&cx=c&_slc=1

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

f1519fedabffceeda2fe4457582edb861d13de262ec91fe53e2831bdae5ce04a

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: http://3615turf.blogtqq.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date: Sat, 12 Aug 2023 00:13:10 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
access-control-allow-headers: Cache-Control
content-length: 80028
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires: Sat, 12 Aug 2023 00:13:10 GMT

POST
H2 204 collect
region1.google-analytics.com/g/ 0
257 B 68ms
24ms Ping
text/plain 2001:4860:4802:32::36
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://region1.google-analytics.com/g/collect?v=2&tid=G-SBC94LXYJ0&gtm=45je3890&_p=930853300&ul=en-us&sr=1600x1200&cid=209539974.1691799190&_eu=ABAI&_s=1&dl=http%3A%2F%2F3615turf.blogtqq.com%2Findex.php&dt=3615%20Turf&sid=1691799190&sct=1&seg=0&en=page_view&_fv=1&_ss=1&_ee=1&ep.ua_dimension_1=ALS-LIBS-CHECKOUT-15&ep.ua_dimension_2=1471562&ep.ua_dimension_3=334687&ep.ua_dimension_4=(not%20set)&ep.ua_dimension_5=classic
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-SBC94LXYJ0&cx=c&_slc=1
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2001:4860:4802:32::36 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: http://3615turf.blogtqq.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 12 Aug 2023 00:13:10 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: http://3615turf.blogtqq.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Verdicts & Comments Add Verdict or Comment

17 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

6 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
payment.allopass.com/	1969-12-31 23:59:59	Name: ShopSessionId Value: a4a457c0-9849-4e04-9c90-2dfeb73f3242
.allopass.com/	1970-01-20 22:42:15	Name: AP_CUSK Value: 3624543936
.blogtqq.com/	1970-01-20 23:32:39	Name: _ga Value: GA1.2.209539974.1691799190
.blogtqq.com/	1970-01-20 13:58:05	Name: _gid Value: GA1.2.1628753113.1691799190
.blogtqq.com/	1970-01-20 13:56:39	Name: _gat_UA-135619294-1 Value: 1
.blogtqq.com/	1970-01-20 23:32:39	Name: _ga_SBC94LXYJ0 Value: GS1.2.1691799190.1.0.1691799190.0.0.0

2 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
network	error	URL: http://3615turf.blogtqq.com/image/font.jpg Message: Failed to load resource: the server responded with a status of 404 (Not Found)
network	error	URL: http://3615turf.blogtqq.com/image/bbarre.gif Message: Failed to load resource: the server responded with a status of 404 (Not Found)

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

3615turf.blogtqq.com
img.root-top.com
payment.allopass.com
region1.google-analytics.com
static.cloudflareinsights.com
www.google-analytics.com
www.googletagmanager.com
www.pronostic-facile.fr
185.119.26.1
2001:4860:4802:32::36
2606:4700:3034::6815:15de
2606:4700:3034::ac43:c8d8
2606:4700:3038::6815:ea1a
2606:4700:3038::6815:ea1b
2606:4700::6810:3965
2a00:1450:4001:80f::2008
2a00:1450:4001:827::200e
51.91.236.193
0283a9c622051b0f52b9e239243ee53045cfa8770dacbd9918a93ce1687b6da7
05f98eee7abfdab19b94841f7490137a6312dd85e1e6e1f543ac669f902385f5
064d4fa5c42a4e5eb785a12f6b46828eccab7857de5a471e7af1d1549c4945ad
0dd9d34f236dcb667a65cd6aa9285d7b71b41bb0adf261b7f114528d2bc07930
0eb004ecf66963f62d2ff6960e512188845f1704436523d71fbc7d5de2503139
2698dd4734cadb642256d55dcc2fd5d9cc0bee9aa583a488a808850e491f9693
3e7de7389a5777d4f65fc9d3e47aec6d1b51e3b3b41fcf68b51c911f065a7360
597b8d67ab1ae1248dc69b6ef66b49d95eedc1ab74ae74234d86e3668d72e58e
62bd43cb235383a00e0e00ed5d6228d8249f0b6722a3935019471f5d65f104c2
79eae1eb0457a662def57a3f548f6d2195ef60263ad08758cb98644a2d06eebd
7c7733e8636c67e4121a4a6b4ccc694169ca728763d2e90eafeb71cc00f20109
7dd9659e56e92abc376e04d427903b2cfca1d52d854d38e35fefa4cf9e7fd9db
7e199803f8c860c127ca8cd6957f7b18e149fd062a0948c02c2066c16b9a8a99
80c3fe2ae1062abf56456f52518bd670f9ec3917b7f85e152b347ac6b6faf880
89187e19f0b7ef8f6c18ea2bba65ef1169bb93e40edb140f245f4f9b5024c752
95eb15e76b752a9c78d6281cd3b7c43a8fbc2931783edf3bf3703af55eff06e2
9b949a8c8e696c7eb5776b647f27522fe02cec03bca83101d2d6a5a2e33efbff
af1fe4e33c5f4731d4cdec12276460903a4936bebdbcda74ebdbc7880f85f887
b40b2941caaba8f8a0ec0beb268cc38f36d5341db96cba7596e0c27613c3eac6
bccd4996e64f89321cf3833a083be074b75df138963dc6180956dbf51b725960
c12334f075c3ef7a6c6fd68e3e441221457c69d7e6629fbc74d38b57c267ccd6
c235f21017bcc11fcaa31d7dfd9855aaebcbf5f6d7ee9bf9f2e98a910907c391
ccf00d1923b0131a10e0c6d26f95e5dee6ebf8621a27e83c5a2f68a2e0093142
d255c2be2e8ff0d88c7eb54b9d2344b74d77c788dcf4d8ccaa8bc2d40928c1e8
de36e50194320a7d3ef1ace9bd34a875a8bd458b253c061979dd628e9bf49afd
e19cb02bfda620bde5f8a07a239d91994c537ba7226c9cef9eb42047f62377a0
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e682c9bb05e0c6f981c3688133644035899881c8b56bcaacf1fb4d859fb637e5
ec380e0a9ddcfafc81c67a01fcf77bc63fe0945a5df67dcfc9add7b7328ed988
f1519fedabffceeda2fe4457582edb861d13de262ec91fe53e2831bdae5ce04a

3615turf.blogtqq.com Open in urlscan Pro 51.91.236.193 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Detected technologies

Page Statistics

33 Requests

45 %HTTPS

80 %IPv6

7 Domains

8 Subdomains

8 IPs

3 Countries

434 kBTransfer

1001 kBSize

6 Cookies

2 Outgoing links

Redirected requests

33 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 0 data transactions

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

3615turf.blogtqq.com Open in urlscan Pro
51.91.236.193 Public Scan

Screenshot
Live screenshot

Full Image

33
Requests

45 %
HTTPS

80 %
IPv6

7
Domains

8
Subdomains

8
IPs

3
Countries

434 kB
Transfer

1001 kB
Size

6
Cookies

33 HTTP transactions
0 data transactions