urlscan.io logo urlscan.io
SecurityTrails logo

www.kangaroturf.c4s.online Open in urlscan Pro
2001:41d0:301::20  Public Scan

Go To Rescan Add Verdict Report
URL: https://www.kangaroturf.c4s.online/
Submission: On January 07 via manual from MA — Scanned from FR
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 13 IPs in 3 countries across 10 domains to perform 39 HTTP transactions. The main IP is 2001:41d0:301::20, located in France and belongs to OVH, FR. The main domain is www.kangaroturf.c4s.online.
TLS certificate: Issued by R3 on December 29th 2023. Valid for: 3 months.
This is the only time www.kangaroturf.c4s.online was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

9    2001:41d0:301::20 (France)

ASN16276 (OVH, FR)
www.kangaroturf.c4s.online
kangaroturf.c4s.online
www.mini-turf.c4s.online
www.erfolg.c4s.online
5    2606:4700:3038::6815:ea1b (United States)

ASN13335 (CLOUDFLARENET, US)
img.root-top.com
4    46.105.57.169 (France)

ASN16276 (OVH, FR)
PTR: cluster020.hosting.ovh.net
pronosgratuit.lachezvos.pro
www.extra-derby.c4s.online
2    194.150.236.236 (France)

ASN44976 (HIWIT_AS, FR)
PTR: ns76.hiwit.net
www.ogalopcourse.com
3    2001:41d0:301::28 (France)

ASN16276 (OVH, FR)
www.dueldescracks.siteneti.net
jeuxsurs.siteneti.net
1    2a00:1450:4001:830::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
blogger.googleusercontent.com
8    151.101.65.21 (United States)

ASN54113 (FASTLY, US)
www.paypal.com
2    2a00:1450:4001:82a::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.google-analytics.com
1    2a00:1450:4001:82f::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.googletagmanager.com
1    2001:4860:4802:34::36 (United States)

ASN15169 (GOOGLE, US)
region1.google-analytics.com
2    192.229.221.25 (United States)

ASN15133 (EDGECAST, US)
www.paypalobjects.com
1    151.101.65.35 (United States)

ASN54113 (FASTLY, US)
t.paypal.com
Domain Requested by
8 www.paypal.com www.kangaroturf.c4s.online
www.paypal.com
5 img.root-top.com www.kangaroturf.c4s.online
4 www.kangaroturf.c4s.online www.kangaroturf.c4s.online
3 kangaroturf.c4s.online www.kangaroturf.c4s.online
3 pronosgratuit.lachezvos.pro www.kangaroturf.c4s.online
2 www.paypalobjects.com www.kangaroturf.c4s.online
2 www.google-analytics.com www.kangaroturf.c4s.online
www.google-analytics.com
2 jeuxsurs.siteneti.net www.kangaroturf.c4s.online
2 www.ogalopcourse.com www.kangaroturf.c4s.online
1 t.paypal.com www.kangaroturf.c4s.online
1 region1.google-analytics.com www.googletagmanager.com
1 www.googletagmanager.com www.google-analytics.com
1 www.extra-derby.c4s.online www.kangaroturf.c4s.online
1 www.erfolg.c4s.online www.kangaroturf.c4s.online
1 www.mini-turf.c4s.online www.kangaroturf.c4s.online
1 blogger.googleusercontent.com www.kangaroturf.c4s.online
1 www.dueldescracks.siteneti.net www.kangaroturf.c4s.online
39 17
Subject Issuer Validity Valid
cluster020.hosting.ovh.net
R3		 2023-12-29 -
2024-03-28		 3 months crt.sh
root-top.com
E1		 2023-12-28 -
2024-03-27		 3 months crt.sh
pmuchampion.com
R3		 2023-10-29 -
2024-01-27		 3 months crt.sh
ogalopcourse.com
R3		 2023-12-23 -
2024-03-22		 3 months crt.sh
sitios.siteneti.net
R3		 2023-11-11 -
2024-02-09		 3 months crt.sh
*.googleusercontent.com
GTS CA 1C3		 2023-11-20 -
2024-02-12		 3 months crt.sh
www.paypal.com
DigiCert SHA2 Extended Validation Server CA		 2023-10-13 -
2024-08-20		 10 months crt.sh
*.google-analytics.com
GTS CA 1C3		 2023-11-20 -
2024-02-12		 3 months crt.sh
t.paypal.com
DigiCert SHA2 Extended Validation Server CA		 2023-09-21 -
2024-10-21		 a year crt.sh

This page contains 3 frames:

Primary Page: https://www.kangaroturf.c4s.online/
Frame ID: 9590CF4BBF28E01826A20523FEB3CBC2
Requests: 32 HTTP requests in this frame

Frame: https://www.paypal.com/smart/buttons?style.label=paypal&style.layout=vertical&style.color=gold&style.shape=rect&style.tagline=false&style.menuPlacement=below&sdkVersion=5.0.418&components.0=buttons&locale.country=US&locale.lang=en&sdkMeta=eyJ1cmwiOiJodHRwczovL3d3dy5wYXlwYWwuY29tL3Nkay9qcz9jbGllbnQtaWQ9QVhXUGxqU1JfVjIxUXBfVnZFeVg0Z2x3R0U0WnBUb1hMbWVGYURDZEhMcTJaQVBsUno1aXNGVE9sRWJQal85bllabUdMbGlUVWtUYldscmQmZW5hYmxlLWZ1bmRpbmc9dmVubW8mY3VycmVuY3k9VVNEIiwiYXR0cnMiOnsiZGF0YS1zZGstaW50ZWdyYXRpb24tc291cmNlIjoiYnV0dG9uLWZhY3RvcnkiLCJkYXRhLXVpZCI6InVpZF96aHV1bGxtaWxmaXVtY3djamhsZHpyb215bW91eHIifX0&clientID=AXWPljSR_V21Qp_VvEyX4glwGE4ZpToXLmeFaDCdHLq2ZAPlRz5isFTOlEbPj_9nYZmGLliTUkTbWlrd&sdkCorrelationID=f8008308eaf3b&storageID=uid_5f8aac02df_mta6ntm6ntk&sessionID=uid_89733bae2d_mta6ntm6ntk&buttonSessionID=uid_41a2167d0f_mta6ntm6ntk&env=production&buttonSize=huge&fundingEligibility=eyJwYXlwYWwiOnsiZWxpZ2libGUiOnRydWUsInZhdWx0YWJsZSI6ZmFsc2V9LCJwYXlsYXRlciI6eyJlbGlnaWJsZSI6ZmFsc2UsInZhdWx0YWJsZSI6ZmFsc2UsInByb2R1Y3RzIjp7InBheUluMyI6eyJlbGlnaWJsZSI6ZmFsc2UsInZhcmlhbnQiOm51bGx9LCJwYXlJbjQiOnsiZWxpZ2libGUiOmZhbHNlLCJ2YXJpYW50IjpudWxsfSwicGF5bGF0ZXIiOnsiZWxpZ2libGUiOmZhbHNlLCJ2YXJpYW50IjpudWxsfX19LCJjYXJkIjp7ImVsaWdpYmxlIjp0cnVlLCJicmFuZGVkIjp0cnVlLCJpbnN0YWxsbWVudHMiOmZhbHNlLCJ2ZW5kb3JzIjp7InZpc2EiOnsiZWxpZ2libGUiOnRydWUsInZhdWx0YWJsZSI6dHJ1ZX0sIm1hc3RlcmNhcmQiOnsiZWxpZ2libGUiOnRydWUsInZhdWx0YWJsZSI6dHJ1ZX0sImFtZXgiOnsiZWxpZ2libGUiOnRydWUsInZhdWx0YWJsZSI6dHJ1ZX0sImRpc2NvdmVyIjp7ImVsaWdpYmxlIjpmYWxzZSwidmF1bHRhYmxlIjp0cnVlfSwiaGlwZXIiOnsiZWxpZ2libGUiOmZhbHNlLCJ2YXVsdGFibGUiOmZhbHNlfSwiZWxvIjp7ImVsaWdpYmxlIjpmYWxzZSwidmF1bHRhYmxlIjp0cnVlfSwiamNiIjp7ImVsaWdpYmxlIjpmYWxzZSwidmF1bHRhYmxlIjp0cnVlfX0sImd1ZXN0RW5hYmxlZCI6ZmFsc2V9LCJ2ZW5tbyI6eyJlbGlnaWJsZSI6ZmFsc2UsInZhdWx0YWJsZSI6ZmFsc2V9LCJpdGF1Ijp7ImVsaWdpYmxlIjpmYWxzZX0sImNyZWRpdCI6eyJlbGlnaWJsZSI6ZmFsc2V9LCJhcHBsZXBheSI6eyJlbGlnaWJsZSI6ZmFsc2V9LCJzZXBhIjp7ImVsaWdpYmxlIjpmYWxzZX0sImlkZWFsIjp7ImVsaWdpYmxlIjpmYWxzZX0sImJhbmNvbnRhY3QiOnsiZWxpZ2libGUiOmZhbHNlfSwiZ2lyb3BheSI6eyJlbGlnaWJsZSI6ZmFsc2V9LCJlcHMiOnsiZWxpZ2libGUiOmZhbHNlfSwic29mb3J0Ijp7ImVsaWdpYmxlIjpmYWxzZX0sIm15YmFuayI6eyJlbGlnaWJsZSI6ZmFsc2V9LCJwMjQiOnsiZWxpZ2libGUiOmZhbHNlfSwid2VjaGF0cGF5Ijp7ImVsaWdpYmxlIjpmYWxzZX0sInBheXUiOnsiZWxpZ2libGUiOmZhbHNlfSwiYmxpayI6eyJlbGlnaWJsZSI6ZmFsc2V9LCJ0cnVzdGx5Ijp7ImVsaWdpYmxlIjpmYWxzZX0sIm94eG8iOnsiZWxpZ2libGUiOmZhbHNlfSwiYm9sZXRvIjp7ImVsaWdpYmxlIjpmYWxzZX0sImJvbGV0b2JhbmNhcmlvIjp7ImVsaWdpYmxlIjpmYWxzZX0sIm1lcmNhZG9wYWdvIjp7ImVsaWdpYmxlIjpmYWxzZX0sIm11bHRpYmFuY28iOnsiZWxpZ2libGUiOmZhbHNlfSwic2F0aXNwYXkiOnsiZWxpZ2libGUiOmZhbHNlfSwicGFpZHkiOnsiZWxpZ2libGUiOmZhbHNlfX0&platform=desktop&experiment.enableVenmo=false&flow=purchase&currency=USD&intent=capture&commit=true&vault=false&enableFunding.0=venmo&renderedButtons.0=paypal&renderedButtons.1=card&debug=false&applePaySupport=false&supportsPopups=true&supportedNativeBrowser=false&allowBillingPayments=true&disableSetCookie=true
Frame ID: 100A0DE0BBBA2A0DFAC273E9D17102EE
Requests: 6 HTTP requests in this frame

Frame: https://www.paypalobjects.com/js-sdk-logos/2.2.7/paypal-blue.svg
Frame ID: 3D3E25FEB7C93F25A3C20B17D0538000
Requests: 2 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page Title

Gratuit KANGARO-TURF

Detected technologies

Overall confidence: 100%
Detected patterns
  • paypalobjects\.com
Overall confidence: 100%
Detected patterns
  • google-analytics\.com/(?:ga|urchin|analytics)\.js
Overall confidence: 100%
Detected patterns
  • googletagmanager\.com/gtag/js

Page Statistics

39
Requests

74 %
HTTPS

58 %
IPv6

10
Domains

17
Subdomains

13
IPs

3
Countries

2105 kB
Transfer

3101 kB
Size

8
Cookies

Redirected requests

There were HTTP redirect chains for the following requests:

39 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Primary Request /
www.kangaroturf.c4s.online/ 		15 KB
4 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://www.kangaroturf.c4s.online/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2001:41d0:301::20 , France, ASN16276 (OVH, FR),
Reverse DNS
Software
Apache / PHP/5.6
Resource Hash
3dff7ccf8650eb9a3a63e795bbc237e9051217042eb06a0345110e5345fc096e

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36
accept-language
fr-FR,fr;q=0.9

Response headers

accept-ranges
none
content-encoding
gzip
content-type
text/html; charset=UTF-8
date
Sun, 07 Jan 2024 10:53:56 GMT
server
Apache
vary
Accept-Encoding
x-powered-by
PHP/5.6
jeux.css
www.kangaroturf.c4s.online/css/ 		5 KB
1 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://www.kangaroturf.c4s.online/css/jeux.css
Requested by
Host: www.kangaroturf.c4s.online
URL: https://www.kangaroturf.c4s.online/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2001:41d0:301::20 , France, ASN16276 (OVH, FR),
Reverse DNS
Software
Apache /
Resource Hash
9ed611de5fc0d2fed1f7bc62b26d8fd283ea878f2aee9794d06e17a781c6f1ec

Request headers

accept-language
fr-FR,fr;q=0.9
Referer
https://www.kangaroturf.c4s.online/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date
Sun, 07 Jan 2024 10:53:56 GMT
content-encoding
gzip
last-modified
Sat, 15 Jul 2023 10:10:26 GMT
server
Apache
vary
Accept-Encoding
content-type
text/css
cache-control
max-age=900
accept-ranges
none
content-length
1233
expires
Sun, 07 Jan 2024 11:08:56 GMT
pmupourtous1.gif
www.kangaroturf.c4s.online/image/ 		86 KB
87 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.kangaroturf.c4s.online/image/pmupourtous1.gif
Requested by
Host: www.kangaroturf.c4s.online
URL: https://www.kangaroturf.c4s.online/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2001:41d0:301::20 , France, ASN16276 (OVH, FR),
Reverse DNS
Software
Apache /
Resource Hash
a5c520394981f9feb8b34b17aa3d020f61cc7f5cb706d57939bcd1b4d3ab0cbc

Request headers

accept-language
fr-FR,fr;q=0.9
Referer
https://www.kangaroturf.c4s.online/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date
Sun, 07 Jan 2024 10:53:56 GMT
last-modified
Tue, 25 Jul 2023 14:51:01 GMT
server
Apache
content-type
image/gif
cache-control
max-age=900
accept-ranges
bytes
content-length
88415
expires
Sun, 07 Jan 2024 11:08:56 GMT
banner.gif
img.root-top.com/topsite/topgenie/ 		4 KB
5 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://img.root-top.com/topsite/topgenie/banner.gif
Requested by
Host: www.kangaroturf.c4s.online
URL: https://www.kangaroturf.c4s.online/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3038::6815:ea1b , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
597b8d67ab1ae1248dc69b6ef66b49d95eedc1ab74ae74234d86e3668d72e58e

Request headers

accept-language
fr-FR,fr;q=0.9
Referer
https://www.kangaroturf.c4s.online/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date
Sun, 07 Jan 2024 10:53:59 GMT
cf-cache-status
HIT
last-modified
Tue, 29 Nov 2022 12:52:50 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
age
3069
etag
"1229025579"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=0SQe6u63TjCj7xsCGE2TmU8iKVedx8I64gGiWOnLK7jPbiS4GqRwlKvybTch2uizBUlhfWB8Pyc29r0o4XmIObcgWd069uAvQmRpZivRDmPdykmxZfYFDMCrZZe3ui4pozR6QdbWBHEXncvghYsn"}],"group":"cf-nel","max_age":604800}
content-type
image/png
cache-control
max-age=2678400
accept-ranges
bytes
cf-ray
841ba8fcbdbfd5a4-CDG
alt-svc
h3=":443"; ma=86400
content-length
4424
banner.gif
img.root-top.com/topsite/topturfjs/ 		4 KB
5 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://img.root-top.com/topsite/topturfjs/banner.gif
Requested by
Host: www.kangaroturf.c4s.online
URL: https://www.kangaroturf.c4s.online/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3038::6815:ea1b , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
597b8d67ab1ae1248dc69b6ef66b49d95eedc1ab74ae74234d86e3668d72e58e

Request headers

accept-language
fr-FR,fr;q=0.9
Referer
https://www.kangaroturf.c4s.online/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date
Sun, 07 Jan 2024 10:53:59 GMT
cf-cache-status
HIT
last-modified
Tue, 29 Nov 2022 12:52:50 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
age
1501876
etag
"1229025579"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=fPMpqkNppVWqMCKrJFZSqm%2BVetVO%2BwQNIIv8B93mZjVpMKhODGHFJENuSHKuXVnXQgsox0XzKQ0V0i%2Fy6X93LeJCm1PFh9pbSwxCD7K7wH07H0yUBR2%2B2LPJq8oNCh7P%2F6DY2vIT8GGdbVq3QB7s"}],"group":"cf-nel","max_age":604800}
content-type
image/png
cache-control
max-age=2678400
accept-ranges
bytes
cf-ray
841ba8fcbdc1d5a4-CDG
alt-svc
h3=":443"; ma=86400
content-length
4424
banner.gif
img.root-top.com/topsite/exelturf/ 		4 KB
5 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://img.root-top.com/topsite/exelturf/banner.gif
Requested by
Host: www.kangaroturf.c4s.online
URL: https://www.kangaroturf.c4s.online/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3038::6815:ea1b , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
597b8d67ab1ae1248dc69b6ef66b49d95eedc1ab74ae74234d86e3668d72e58e

Request headers

accept-language
fr-FR,fr;q=0.9
Referer
https://www.kangaroturf.c4s.online/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date
Sun, 07 Jan 2024 10:53:59 GMT
cf-cache-status
HIT
last-modified
Tue, 29 Nov 2022 12:52:50 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
age
293213
etag
"1229025579"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=bMc6ousmSifniXhofWxLHmqVk%2BofODV3vZdPMMwSnYYCTCoy6jRT7M%2FOe6PWzFmw4Yu0IF3sU1vI3M6dtlGZHHN9U3ex9K3CxnxeivrcxYG3LLLZOhpfb71hvPKoxEQeXEuBDmBMESCaANYzB%2BA9"}],"group":"cf-nel","max_age":604800}
content-type
image/png
cache-control
max-age=2678400
accept-ranges
bytes
cf-ray
841ba8fcbdc0d5a4-CDG
alt-svc
h3=":443"; ma=86400
content-length
4424
banner.gif
img.root-top.com/topsite/pmuchampion/ 		4 KB
5 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://img.root-top.com/topsite/pmuchampion/banner.gif
Requested by
Host: www.kangaroturf.c4s.online
URL: https://www.kangaroturf.c4s.online/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3038::6815:ea1b , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
597b8d67ab1ae1248dc69b6ef66b49d95eedc1ab74ae74234d86e3668d72e58e

Request headers

accept-language
fr-FR,fr;q=0.9
Referer
https://www.kangaroturf.c4s.online/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date
Sun, 07 Jan 2024 10:53:59 GMT
cf-cache-status
HIT
last-modified
Tue, 29 Nov 2022 12:52:50 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
age
6475
etag
"1229025579"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=5tT71M4cJCD%2FWBf9XF%2BREB2sEsvA9CtyCLk0egdXY4v%2B%2B4MI39dyumYwx4cQvgaKImzKO1igss%2BOZzKKuV716w37va5x4oilsJc0dIcUNjBKfSgWUBwwI3IhWLaq0%2BiDlvNHniK%2BdVUKj%2BNJTE4m"}],"group":"cf-nel","max_age":604800}
content-type
image/png
cache-control
max-age=2678400
accept-ranges
bytes
cf-ray
841ba8fcbdc2d5a4-CDG
alt-svc
h3=":443"; ma=86400
content-length
4424
banner.gif
img.root-top.com/topsite/astropmu/ 		4 KB
5 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://img.root-top.com/topsite/astropmu/banner.gif
Requested by
Host: www.kangaroturf.c4s.online
URL: https://www.kangaroturf.c4s.online/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3038::6815:ea1b , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
597b8d67ab1ae1248dc69b6ef66b49d95eedc1ab74ae74234d86e3668d72e58e

Request headers

accept-language
fr-FR,fr;q=0.9
Referer
https://www.kangaroturf.c4s.online/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date
Sun, 07 Jan 2024 10:53:59 GMT
cf-cache-status
HIT
last-modified
Tue, 29 Nov 2022 12:52:50 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
age
258624
etag
"1229025579"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=h1t0EwLc7Crbic%2BIdJuYsDJDepyc%2Bqf8F7GRnImFDBzjBlx8rpkdB4BxRT3ONxyRb1CF1KfNMtrc6ax%2FWvQw1QES%2B0NLiAMxPjHxF81au%2F0ElMkzoAKiBfC%2B1m4p2Ox4sqBijLzmmP3asHzWM3Pm"}],"group":"cf-nel","max_age":604800}
content-type
image/png
cache-control
max-age=2678400
accept-ranges
bytes
cf-ray
841ba8fcbdc3d5a4-CDG
alt-svc
h3=":443"; ma=86400
content-length
4424
logo_peor.gif
pronosgratuit.lachezvos.pro/image/ 		166 KB
166 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pronosgratuit.lachezvos.pro/image/logo_peor.gif
Requested by
Host: www.kangaroturf.c4s.online
URL: https://www.kangaroturf.c4s.online/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
46.105.57.169 , France, ASN16276 (OVH, FR),
Reverse DNS
cluster020.hosting.ovh.net
Software
Apache /
Resource Hash
19cab9b05742333a97c7a11aa1d7781ed65150def8e7049fca21005eff5072d6

Request headers

accept-language
fr-FR,fr;q=0.9
Referer
https://www.kangaroturf.c4s.online/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date
Sun, 07 Jan 2024 10:53:59 GMT
last-modified
Mon, 17 Jul 2023 19:10:07 GMT
server
Apache
content-type
image/gif
cache-control
max-age=900
accept-ranges
bytes
content-length
169885
expires
Sun, 07 Jan 2024 11:08:59 GMT
logo.gif
www.ogalopcourse.com// 		12 KB
12 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.ogalopcourse.com//logo.gif
Requested by
Host: www.kangaroturf.c4s.online
URL: https://www.kangaroturf.c4s.online/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
194.150.236.236 , France, ASN44976 (HIWIT_AS, FR),
Reverse DNS
ns76.hiwit.net
Software
Apache /
Resource Hash
dd112777fc359a6685659e7c18782167c3995a9d75f5d5a39a4098bf36ad11a2
Security Headers
Name Value
Strict-Transport-Security max-age=15768000

Request headers

accept-language
fr-FR,fr;q=0.9
Referer
https://www.kangaroturf.c4s.online/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

Date
Sun, 07 Jan 2024 10:53:59 GMT
Strict-Transport-Security
max-age=15768000
Last-Modified
Sun, 07 Aug 2022 16:40:22 GMT
Server
Apache
ETag
"28e945b-2f72-5e5a95af82980"
Vary
Host
Content-Type
image/gif
Connection
Keep-Alive
Accept-Ranges
bytes
Keep-Alive
timeout=15, max=100
Content-Length
12146
expertduturf.gif
kangaroturf.c4s.online/image/ 		26 KB
26 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://kangaroturf.c4s.online/image/expertduturf.gif
Requested by
Host: www.kangaroturf.c4s.online
URL: https://www.kangaroturf.c4s.online/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2001:41d0:301::20 , France, ASN16276 (OVH, FR),
Reverse DNS
Software
Apache /
Resource Hash
5eab03e0bb9a776cffe4e912fc45550c384c2ad112b48b331dddd43a0303022a

Request headers

accept-language
fr-FR,fr;q=0.9
Referer
https://www.kangaroturf.c4s.online/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date
Sun, 07 Jan 2024 10:53:59 GMT
last-modified
Mon, 13 Mar 2023 12:22:16 GMT
server
Apache
content-type
image/gif
cache-control
max-age=900
accept-ranges
bytes
content-length
26267
expires
Sun, 07 Jan 2024 11:08:59 GMT
lemagicienduturf.gif
kangaroturf.c4s.online/image/ 		53 KB
53 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://kangaroturf.c4s.online/image/lemagicienduturf.gif
Requested by
Host: www.kangaroturf.c4s.online
URL: https://www.kangaroturf.c4s.online/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2001:41d0:301::20 , France, ASN16276 (OVH, FR),
Reverse DNS
Software
Apache /
Resource Hash
23118bf6eebbbc12d6544b73bf5fcb46ff0290e3b6afa5c1e332ae186b7ee56b

Request headers

accept-language
fr-FR,fr;q=0.9
Referer
https://www.kangaroturf.c4s.online/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date
Sun, 07 Jan 2024 10:53:59 GMT
last-modified
Thu, 06 Apr 2023 19:59:42 GMT
server
Apache
content-type
image/gif
cache-control
max-age=900
accept-ranges
bytes
content-length
54195
expires
Sun, 07 Jan 2024 11:08:59 GMT
dueldescracks.gif
www.dueldescracks.siteneti.net/ 		36 KB
36 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.dueldescracks.siteneti.net/dueldescracks.gif
Requested by
Host: www.kangaroturf.c4s.online
URL: https://www.kangaroturf.c4s.online/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2001:41d0:301::28 , France, ASN16276 (OVH, FR),
Reverse DNS
Software
Apache /
Resource Hash
359a7a4381cf4c25ffb63b281e93b98b7f43d664dbc00e12cc3a065596e95516

Request headers

accept-language
fr-FR,fr;q=0.9
Referer
https://www.kangaroturf.c4s.online/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date
Sun, 07 Jan 2024 10:53:59 GMT
last-modified
Thu, 06 Apr 2023 18:29:01 GMT
server
Apache
content-type
image/gif
cache-control
max-age=900
accept-ranges
bytes
content-length
36694
expires
Sun, 07 Jan 2024 11:08:59 GMT
gas3_9032206.gif
pronosgratuit.lachezvos.pro/image/ 		59 KB
59 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pronosgratuit.lachezvos.pro/image/gas3_9032206.gif
Requested by
Host: www.kangaroturf.c4s.online
URL: https://www.kangaroturf.c4s.online/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
46.105.57.169 , France, ASN16276 (OVH, FR),
Reverse DNS
cluster020.hosting.ovh.net
Software
Apache /
Resource Hash
c02dc92bd9d9da2fc29ffd574dc9013bd9f4026756d11f20719042482a41f722

Request headers

accept-language
fr-FR,fr;q=0.9
Referer
https://www.kangaroturf.c4s.online/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date
Sun, 07 Jan 2024 10:53:59 GMT
last-modified
Mon, 17 Jul 2023 19:10:03 GMT
server
Apache
content-type
image/gif
cache-control
max-age=900
accept-ranges
bytes
content-length
59931
expires
Sun, 07 Jan 2024 11:08:59 GMT
LOGO%20EXPERT.gif
blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEiwZSQvG2ic5jGZ88h6w1rE46nI9P1eLlI9eoqqvr6ExzKUnmxkQHZXqQ2X5d_pDpLP_-GOI-S4WkPlF8GhpZ4T5W-AtwWPQB2crhXuDAK-oi_enF6yxKuqVolCDDSyAVqv1VQgLiSYNevAsWJ6... 		5 KB
5 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEiwZSQvG2ic5jGZ88h6w1rE46nI9P1eLlI9eoqqvr6ExzKUnmxkQHZXqQ2X5d_pDpLP_-GOI-S4WkPlF8GhpZ4T5W-AtwWPQB2crhXuDAK-oi_enF6yxKuqVolCDDSyAVqv1VQgLiSYNevAsWJ6bR4YUN6g-Frb3VDR-FlZ2Y4iBNuhj-b4Z7q3cwCuNLE/w92-h70/LOGO%20EXPERT.gif
Requested by
Host: www.kangaroturf.c4s.online
URL: https://www.kangaroturf.c4s.online/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:830::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
fife /
Resource Hash
e492b9ebe9cbcd1ea08ab40d9c93f0c458a4fbbc2743695a31c409872dd80182
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
fr-FR,fr;q=0.9
Referer
https://www.kangaroturf.c4s.online/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date
Sun, 07 Jan 2024 10:53:59 GMT
x-content-type-options
nosniff
server
fife
etag
"v371"
vary
Origin
content-type
image/gif
access-control-expose-headers
Content-Length
cache-control
public, max-age=86400, no-transform
content-disposition
inline;filename="LOGO EXPERT.gif"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
5309
x-xss-protection
0
expires
Mon, 08 Jan 2024 10:53:59 GMT
js
www.paypal.com/sdk/ 		293 KB
80 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.paypal.com/sdk/js?client-id=AXWPljSR_V21Qp_VvEyX4glwGE4ZpToXLmeFaDCdHLq2ZAPlRz5isFTOlEbPj_9nYZmGLliTUkTbWlrd&enable-funding=venmo&currency=USD
Requested by
Host: www.kangaroturf.c4s.online
URL: https://www.kangaroturf.c4s.online/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.65.21 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
f1b1f868f0cefc8cfc07aee8dabc332a9b75adde18bd2f93335116c0f5254836
Security Headers
Name Value
Content-Security-Policy default-src 'self' https://*.paypal.com https://*.paypalobjects.com; connect-src 'self' https://*.paypal.com https://*.paypalobjects.com https://*.qualtrics.com; frame-src 'self' https://*.paypal.com https://*.paypalobjects.com https://*.qualtrics.com; script-src 'nonce-ryLvp4GX4M7P/mYu7Ggrp2Zox29Y0jYG8+wUhuZErkcySPid' 'self' https://*.paypal.com https://*.paypalobjects.com 'unsafe-inline'; style-src 'nonce-ryLvp4GX4M7P/mYu7Ggrp2Zox29Y0jYG8+wUhuZErkcySPid' 'self' https://*.paypal.com https://*.paypalobjects.com 'unsafe-inline'; object-src 'none'; img-src https: data:; form-action 'self' https://*.paypal.com; base-uri 'self' https://*.paypal.com; upgrade-insecure-requests;; report-uri https://www.paypal.com/csplog/api/log/csp
Strict-Transport-Security max-age=63072000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
fr-FR,fr;q=0.9
Referer
https://www.kangaroturf.c4s.online/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

content-security-policy
default-src 'self' https://*.paypal.com https://*.paypalobjects.com; connect-src 'self' https://*.paypal.com https://*.paypalobjects.com https://*.qualtrics.com; frame-src 'self' https://*.paypal.com https://*.paypalobjects.com https://*.qualtrics.com; script-src 'nonce-ryLvp4GX4M7P/mYu7Ggrp2Zox29Y0jYG8+wUhuZErkcySPid' 'self' https://*.paypal.com https://*.paypalobjects.com 'unsafe-inline'; style-src 'nonce-ryLvp4GX4M7P/mYu7Ggrp2Zox29Y0jYG8+wUhuZErkcySPid' 'self' https://*.paypal.com https://*.paypalobjects.com 'unsafe-inline'; object-src 'none'; img-src https: data:; form-action 'self' https://*.paypal.com; base-uri 'self' https://*.paypal.com; upgrade-insecure-requests;; report-uri https://www.paypal.com/csplog/api/log/csp
content-encoding
gzip
x-content-type-options
nosniff
disable-set-cookie
true
via
1.1 varnish, 1.1 varnish, 1.1 varnish
date
Sun, 07 Jan 2024 10:53:59 GMT
age
0
strict-transport-security
max-age=63072000; includeSubDomains; preload
x-cache
HIT, MISS, MISS
p3p
true
paypal-debug-id
f413328ef0908
server-timing
"traceparent;desc="00-0000000000000000000f413328ef0908-df9e736ce1ece4d1-01"";content-encoding;desc="gzip",x-cdn;desc="fastly"
dc
ccg11-origin-www-1.paypal.com
content-length
80035
x-xss-protection
1; mode=block
x-served-by
cache-lhr7376-LHR, cache-lcy-eglc8600029-LCY, cache-lcy-eglc8600029-LCY
accept-ch
sec-ch-ua-full, sec-ch-ua-arch, sec-ch-ua-model, sec-ch-ua-platform-version, sec-ch-ua-full-version, sec-ch-ua-full-version-list, sec-ch-ua-bitness, sec-ch-ua-wow64
traceparent
00-0000000000000000000f413328ef0908-043162bd27769f16-01
x-timer
S1704624839.170146,VS0,VE527
etag
W/"138a3-3hGoURmj+xg4TOIzGnqB9At7kPQ"
x-frame-options
SAMEORIGIN
vary
Accept-Encoding
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
access-control-expose-headers
Server-Timing
cache-control
public, max-age=3600, s-maxage=10800
origin-trial
AlIogV3KFtnbfVCyl9Z2NprE7FD8PYCt+TQiYdE3ppeJjJ0xJKcthYwOxXpRCNopxVWdOIENMcNSvQCGAmj0fw0AAAB2eyJvcmlnaW4iOiJodHRwczovL3BheXBhbC5jb206NDQzIiwiZmVhdHVyZSI6IlNlbmRGdWxsVXNlckFnZW50QWZ0ZXJSZWR1Y3Rpb24iLCJleHBpcnkiOjE2ODQ4ODYzOTksImlzU3ViZG9tYWluIjp0cnVlfQ==
permissions-policy
ch-ua-platform-version=(self "https://c.paypal.com"),ch-ua-arch=(self "https://c.paypal.com"),ch-ua-wow64=(self "https://c.paypal.com"),ch-ua-model=(self "https://c.paypal.com"),ch-ua-bitness=(self "https://c.paypal.com"),ch-ua-full-version=(self "https://c.paypal.com"),ch-ua-full-version-list=(self "https://c.paypal.com")
accept-ranges
bytes
x-cache-hits
13, 0, 0
ivressedesgains.gif
kangaroturf.c4s.online/image/ 		100 KB
100 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://kangaroturf.c4s.online/image/ivressedesgains.gif
Requested by
Host: www.kangaroturf.c4s.online
URL: https://www.kangaroturf.c4s.online/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2001:41d0:301::20 , France, ASN16276 (OVH, FR),
Reverse DNS
Software
Apache /
Resource Hash
df71cf0774d4371a24620b26bc37304db8f4e58a0ce1204be218d49c00bbaca8

Request headers

accept-language
fr-FR,fr;q=0.9
Referer
https://www.kangaroturf.c4s.online/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date
Sun, 07 Jan 2024 10:53:59 GMT
last-modified
Thu, 20 Apr 2023 08:56:24 GMT
server
Apache
content-type
image/gif
cache-control
max-age=900
accept-ranges
bytes
content-length
102417
expires
Sun, 07 Jan 2024 11:08:59 GMT
mini%20turf.jpg
www.mini-turf.c4s.online/banniere/ 		278 KB
278 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.mini-turf.c4s.online/banniere/mini%20turf.jpg
Requested by
Host: www.kangaroturf.c4s.online
URL: https://www.kangaroturf.c4s.online/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2001:41d0:301::20 , France, ASN16276 (OVH, FR),
Reverse DNS
Software
Apache /
Resource Hash
3b4d7c223f67b89c4d51f5a523f1e27b78bd5f559a7f7042309fe97f43085c8b

Request headers

accept-language
fr-FR,fr;q=0.9
Referer
https://www.kangaroturf.c4s.online/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date
Sun, 07 Jan 2024 10:53:59 GMT
last-modified
Thu, 29 Mar 2018 09:10:41 GMT
server
Apache
content-type
image/jpeg
cache-control
max-age=900
accept-ranges
bytes
content-length
284220
expires
Sun, 07 Jan 2024 11:08:59 GMT
PMUCH.gif
jeuxsurs.siteneti.net/image/ 		37 KB
37 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://jeuxsurs.siteneti.net/image/PMUCH.gif
Requested by
Host: www.kangaroturf.c4s.online
URL: https://www.kangaroturf.c4s.online/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2001:41d0:301::28 , France, ASN16276 (OVH, FR),
Reverse DNS
Software
Apache /
Resource Hash
853003068526c8290a08b44e300be0151e9e9a433699d18f436fcbf0e07ae9ae

Request headers

accept-language
fr-FR,fr;q=0.9
Referer
https://www.kangaroturf.c4s.online/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date
Sun, 07 Jan 2024 10:53:59 GMT
last-modified
Sat, 30 Nov 2019 14:57:16 GMT
server
Apache
content-type
image/gif
cache-control
max-age=900
accept-ranges
bytes
content-length
37913
expires
Sun, 07 Jan 2024 11:08:59 GMT
erfolg.png
www.erfolg.c4s.online/banniere/ 		305 KB
306 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.erfolg.c4s.online/banniere/erfolg.png
Requested by
Host: www.kangaroturf.c4s.online
URL: https://www.kangaroturf.c4s.online/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2001:41d0:301::20 , France, ASN16276 (OVH, FR),
Reverse DNS
Software
Apache /
Resource Hash
284477d57113b864ab1c02e58d2f616555afa49abc77f7641d941d78eb38f853

Request headers

accept-language
fr-FR,fr;q=0.9
Referer
https://www.kangaroturf.c4s.online/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date
Sun, 07 Jan 2024 10:53:59 GMT
last-modified
Sun, 15 Jul 2018 17:37:22 GMT
server
Apache
content-type
image/png
cache-control
max-age=900
accept-ranges
bytes
content-length
312534
expires
Sun, 07 Jan 2024 11:08:59 GMT
Extra%20derby.gif
www.extra-derby.c4s.online/banniere/ 		204 KB
204 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.extra-derby.c4s.online/banniere/Extra%20derby.gif
Requested by
Host: www.kangaroturf.c4s.online
URL: https://www.kangaroturf.c4s.online/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
46.105.57.169 , France, ASN16276 (OVH, FR),
Reverse DNS
cluster020.hosting.ovh.net
Software
Apache /
Resource Hash
09800505d37a8c898f371e77d71724667a748de947a00292cb4c92bf4ae754de

Request headers

accept-language
fr-FR,fr;q=0.9
Referer
https://www.kangaroturf.c4s.online/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date
Sun, 07 Jan 2024 10:53:59 GMT
last-modified
Thu, 17 Nov 2016 17:50:38 GMT
server
Apache
content-type
image/gif
cache-control
max-age=900
accept-ranges
bytes
content-length
208675
expires
Sun, 07 Jan 2024 11:08:59 GMT
JEUXSUR.png
jeuxsurs.siteneti.net/banniere/ 		309 KB
309 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://jeuxsurs.siteneti.net/banniere/JEUXSUR.png
Requested by
Host: www.kangaroturf.c4s.online
URL: https://www.kangaroturf.c4s.online/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2001:41d0:301::28 , France, ASN16276 (OVH, FR),
Reverse DNS
Software
Apache /
Resource Hash
5ec1d1f767b7a3a3e6964755ea526e1657576b5a7c8d968a9208ffd6b1333786

Request headers

accept-language
fr-FR,fr;q=0.9
Referer
https://www.kangaroturf.c4s.online/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date
Sun, 07 Jan 2024 10:53:59 GMT
last-modified
Sat, 30 Nov 2019 14:56:59 GMT
server
Apache
content-type
image/png
cache-control
max-age=900
accept-ranges
bytes
content-length
316336
expires
Sun, 07 Jan 2024 11:08:59 GMT
new.gif
www.ogalopcourse.com/img/ 		3 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.ogalopcourse.com/img/new.gif
Requested by
Host: www.kangaroturf.c4s.online
URL: https://www.kangaroturf.c4s.online/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
194.150.236.236 , France, ASN44976 (HIWIT_AS, FR),
Reverse DNS
ns76.hiwit.net
Software
Apache /
Resource Hash
f94d68bd074ac3a9138d954a5ba91b444aeef97de2d067c636da0579cda3668e
Security Headers
Name Value
Strict-Transport-Security max-age=15768000

Request headers

accept-language
fr-FR,fr;q=0.9
Referer
https://www.kangaroturf.c4s.online/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

Date
Sun, 07 Jan 2024 10:53:59 GMT
Strict-Transport-Security
max-age=15768000
Last-Modified
Sun, 07 Aug 2022 16:40:35 GMT
Server
Apache
ETag
"28e95eb-a52-5e5a95bbe86c0"
Vary
Host
Content-Type
image/gif
Connection
Keep-Alive
Accept-Ranges
bytes
Keep-Alive
timeout=15, max=99
Content-Length
2642
PROGRES2.gif
pronosgratuit.lachezvos.pro/image/ 		17 KB
17 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pronosgratuit.lachezvos.pro/image/PROGRES2.gif
Requested by
Host: www.kangaroturf.c4s.online
URL: https://www.kangaroturf.c4s.online/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
46.105.57.169 , France, ASN16276 (OVH, FR),
Reverse DNS
cluster020.hosting.ovh.net
Software
Apache /
Resource Hash
09f778ac84dee43a19529ff738b8c9e5d2f7e9e7fa8bb34d8f1628d8f10b3cf8

Request headers

accept-language
fr-FR,fr;q=0.9
Referer
https://www.kangaroturf.c4s.online/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date
Sun, 07 Jan 2024 10:53:59 GMT
last-modified
Thu, 20 Jul 2023 10:50:07 GMT
server
Apache
content-type
image/gif
cache-control
max-age=900
accept-ranges
bytes
content-length
16950
expires
Sun, 07 Jan 2024 11:08:59 GMT
analytics.js
www.google-analytics.com/ 		52 KB
21 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/analytics.js
Requested by
Host: www.kangaroturf.c4s.online
URL: https://www.kangaroturf.c4s.online/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82a::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
de36e50194320a7d3ef1ace9bd34a875a8bd458b253c061979dd628e9bf49afd
Security Headers
Name Value
Strict-Transport-Security max-age=10886400; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
fr-FR,fr;q=0.9
Referer
https://www.kangaroturf.c4s.online/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

strict-transport-security
max-age=10886400; includeSubDomains; preload
content-encoding
gzip
x-content-type-options
nosniff
date
Sun, 07 Jan 2024 09:48:17 GMT
last-modified
Tue, 12 Dec 2023 18:09:08 GMT
server
Golfe2
age
3942
vary
Accept-Encoding
content-type
text/javascript
cache-control
public, max-age=7200
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
20994
expires
Sun, 07 Jan 2024 11:48:17 GMT
kangaro%20turf.png
www.kangaroturf.c4s.online/banniere/ 		73 KB
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.kangaroturf.c4s.online/banniere/kangaro%20turf.png
Requested by
Host: www.kangaroturf.c4s.online
URL: https://www.kangaroturf.c4s.online/css/jeux.css
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2001:41d0:301::20 , France, ASN16276 (OVH, FR),
Reverse DNS
Software
Apache /
Resource Hash

Request headers

accept-language
fr-FR,fr;q=0.9
Referer
https://www.kangaroturf.c4s.online/css/jeux.css
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date
Sun, 07 Jan 2024 10:53:59 GMT
last-modified
Sat, 06 Apr 2019 08:44:13 GMT
server
Apache
content-type
image/png
cache-control
max-age=900
accept-ranges
bytes
content-length
348249
expires
Sun, 07 Jan 2024 11:08:59 GMT
collect
www.google-analytics.com/j/ 		15 B
229 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/j/collect?v=1&_v=j101&a=542083195&t=pageview&_s=1&dl=https%3A%2F%2Fwww.kangaroturf.c4s.online%2F&ul=en-us&de=UTF-8&dt=Gratuit%20KANGARO-TURF&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=IEBAAEABAAAAACAAI~&jid=1152840852&gjid=1775607578&cid=932973352.1704624839&tid=UA-86810374-1&_gid=706356310.1704624839&_r=1&_slc=1&z=1037666144
Requested by
Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82a::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
b60c71b98dbb4ab180c55a78ff2394f96ef77648368d6d3e8301c15bd69289e4
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://www.kangaroturf.c4s.online/
accept-language
fr-FR,fr;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Sun, 07 Jan 2024 10:53:59 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://www.kangaroturf.c4s.online
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
15
expires
Fri, 01 Jan 1990 00:00:00 GMT
js
www.googletagmanager.com/gtag/ 		224 KB
80 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtag/js?id=G-G8VKCZ1Q8K&cx=c&_slc=1
Requested by
Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82f::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
62bdc123aae0b57cff55d0a291641ce77e4873a88892fd8cec02c4639b1c8564
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

accept-language
fr-FR,fr;q=0.9
Referer
https://www.kangaroturf.c4s.online/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date
Sun, 07 Jan 2024 10:53:59 GMT
content-encoding
br
strict-transport-security
max-age=31536000; includeSubDomains
server
Google Tag Manager
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
access-control-allow-headers
Cache-Control
content-length
82000
x-xss-protection
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires
Sun, 07 Jan 2024 10:53:59 GMT
collect
region1.google-analytics.com/g/ 		0
262 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://region1.google-analytics.com/g/collect?v=2&tid=G-G8VKCZ1Q8K&gtm=45je4130v9107633184&_p=1704624839370&gcd=11l1l1l1l2&dma_cps=sypham&dma=1&ul=en-us&sr=1600x1200&cid=932973352.1704624839&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&_eu=ABAI&_s=1&dl=https%3A%2F%2Fwww.kangaroturf.c4s.online%2F&dt=Gratuit%20KANGARO-TURF&sid=1704624839&sct=1&seg=0&en=page_view&_fv=1&_ss=1&_ee=1&tfd=3532
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-G8VKCZ1Q8K&cx=c&_slc=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2001:4860:4802:34::36 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
fr-FR,fr;q=0.9
Referer
https://www.kangaroturf.c4s.online/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 07 Jan 2024 10:53:59 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://www.kangaroturf.c4s.online
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
pptm.js
www.paypal.com/tagmanager/ 		12 KB
5 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.paypal.com/tagmanager/pptm.js?id=www.kangaroturf.c4s.online&t=xo&v=5.0.418&source=payments_sdk&client_id=AXWPljSR_V21Qp_VvEyX4glwGE4ZpToXLmeFaDCdHLq2ZAPlRz5isFTOlEbPj_9nYZmGLliTUkTbWlrd&disableSetCookie=true&vault=false
Requested by
Host: www.paypal.com
URL: https://www.paypal.com/sdk/js?client-id=AXWPljSR_V21Qp_VvEyX4glwGE4ZpToXLmeFaDCdHLq2ZAPlRz5isFTOlEbPj_9nYZmGLliTUkTbWlrd&enable-funding=venmo&currency=USD
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.65.21 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
7b43cb1814ca80746730f4207edcd1175bb5e95baf32398cfa5c891cb06713d7
Security Headers
Name Value
Content-Security-Policy default-src 'self' https://*.paypal.com https://*.paypalobjects.com 'unsafe-inline'; script-src 'nonce-HTwkiLzr+ujeLRaZoDSjl4xS+UHgHIGWQ2ky1zJot24awu+c' 'self' https://*.paypal.com https://*.paypalobjects.com 'unsafe-inline'; img-src * data:; object-src 'none'; font-src 'self' https://*.paypalobjects.com https://*.paypal.com; connect-src 'self' https://*.paypal.com https://*.paypalobjects.com https://nexus.ensighten.com https://*.google-analytics.com 'unsafe-inline' https://*.qualtrics.com; form-action 'self' https://*.paypal.com; base-uri 'self' https://*.paypal.com; upgrade-insecure-requests;; report-uri https://www.paypal.com/csplog/api/log/csp; frame-src 'self' https://*.paypal.com https://*.paypalobjects.com 'unsafe-inline' https://*.qualtrics.com;
Strict-Transport-Security max-age=63072000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
fr-FR,fr;q=0.9
Referer
https://www.kangaroturf.c4s.online/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

content-security-policy
default-src 'self' https://*.paypal.com https://*.paypalobjects.com 'unsafe-inline'; script-src 'nonce-HTwkiLzr+ujeLRaZoDSjl4xS+UHgHIGWQ2ky1zJot24awu+c' 'self' https://*.paypal.com https://*.paypalobjects.com 'unsafe-inline'; img-src * data:; object-src 'none'; font-src 'self' https://*.paypalobjects.com https://*.paypal.com; connect-src 'self' https://*.paypal.com https://*.paypalobjects.com https://nexus.ensighten.com https://*.google-analytics.com 'unsafe-inline' https://*.qualtrics.com; form-action 'self' https://*.paypal.com; base-uri 'self' https://*.paypal.com; upgrade-insecure-requests;; report-uri https://www.paypal.com/csplog/api/log/csp; frame-src 'self' https://*.paypal.com https://*.paypalobjects.com 'unsafe-inline' https://*.qualtrics.com;
content-encoding
gzip
x-content-type-options
nosniff
date
Sun, 07 Jan 2024 10:53:59 GMT
via
1.1 varnish, 1.1 varnish, 1.1 varnish
strict-transport-security
max-age=63072000; includeSubDomains; preload
age
2818
x-cache
HIT, HIT, MISS
paypal-debug-id
f4986271cd840
server-timing
content-encoding;desc="gzip",x-cdn;desc="fastly"
dc
ccg11-origin-www-1.paypal.com
content-length
4338
x-xss-protection
1; mode=block
x-served-by
cache-lhr7344-LHR, cache-lcy-eglc8600029-LCY, cache-lcy-eglc8600029-LCY
accept-ch
sec-ch-ua-full, sec-ch-ua-arch, sec-ch-ua-model, sec-ch-ua-platform-version, sec-ch-ua-full-version, sec-ch-ua-full-version-list, sec-ch-ua-bitness, sec-ch-ua-wow64
traceparent
00-0000000000000000000f4986271cd840-9ce18c11a0af3f3a-01
x-timer
S1704624840.753767,VS0,VE5
etag
W/"2f8b-lWMMAqH5NWBufCerdpb7DcGAARo"
x-frame-options
SAMEORIGIN
vary
Accept-Encoding
content-type
application/x-javascript; charset=utf-8
cache-control
public, max-age=3600
origin-trial
AlIogV3KFtnbfVCyl9Z2NprE7FD8PYCt+TQiYdE3ppeJjJ0xJKcthYwOxXpRCNopxVWdOIENMcNSvQCGAmj0fw0AAAB2eyJvcmlnaW4iOiJodHRwczovL3BheXBhbC5jb206NDQzIiwiZmVhdHVyZSI6IlNlbmRGdWxsVXNlckFnZW50QWZ0ZXJSZWR1Y3Rpb24iLCJleHBpcnkiOjE2ODQ4ODYzOTksImlzU3ViZG9tYWluIjp0cnVlfQ==
permissions-policy
ch-ua-platform-version=(self "https://c.paypal.com"),ch-ua-arch=(self "https://c.paypal.com"),ch-ua-wow64=(self "https://c.paypal.com"),ch-ua-model=(self "https://c.paypal.com"),ch-ua-bitness=(self "https://c.paypal.com"),ch-ua-full-version=(self "https://c.paypal.com"),ch-ua-full-version-list=(self "https://c.paypal.com")
accept-ranges
bytes
x-cache-hits
5, 1, 0
buttons
www.paypal.com/smart/ Frame 100A 		406 KB
104 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://www.paypal.com/smart/buttons?style.label=paypal&style.layout=vertical&style.color=gold&style.shape=rect&style.tagline=false&style.menuPlacement=below&sdkVersion=5.0.418&components.0=buttons&locale.country=US&locale.lang=en&sdkMeta=eyJ1cmwiOiJodHRwczovL3d3dy5wYXlwYWwuY29tL3Nkay9qcz9jbGllbnQtaWQ9QVhXUGxqU1JfVjIxUXBfVnZFeVg0Z2x3R0U0WnBUb1hMbWVGYURDZEhMcTJaQVBsUno1aXNGVE9sRWJQal85bllabUdMbGlUVWtUYldscmQmZW5hYmxlLWZ1bmRpbmc9dmVubW8mY3VycmVuY3k9VVNEIiwiYXR0cnMiOnsiZGF0YS1zZGstaW50ZWdyYXRpb24tc291cmNlIjoiYnV0dG9uLWZhY3RvcnkiLCJkYXRhLXVpZCI6InVpZF96aHV1bGxtaWxmaXVtY3djamhsZHpyb215bW91eHIifX0&clientID=AXWPljSR_V21Qp_VvEyX4glwGE4ZpToXLmeFaDCdHLq2ZAPlRz5isFTOlEbPj_9nYZmGLliTUkTbWlrd&sdkCorrelationID=f8008308eaf3b&storageID=uid_5f8aac02df_mta6ntm6ntk&sessionID=uid_89733bae2d_mta6ntm6ntk&buttonSessionID=uid_41a2167d0f_mta6ntm6ntk&env=production&buttonSize=huge&fundingEligibility=eyJwYXlwYWwiOnsiZWxpZ2libGUiOnRydWUsInZhdWx0YWJsZSI6ZmFsc2V9LCJwYXlsYXRlciI6eyJlbGlnaWJsZSI6ZmFsc2UsInZhdWx0YWJsZSI6ZmFsc2UsInByb2R1Y3RzIjp7InBheUluMyI6eyJlbGlnaWJsZSI6ZmFsc2UsInZhcmlhbnQiOm51bGx9LCJwYXlJbjQiOnsiZWxpZ2libGUiOmZhbHNlLCJ2YXJpYW50IjpudWxsfSwicGF5bGF0ZXIiOnsiZWxpZ2libGUiOmZhbHNlLCJ2YXJpYW50IjpudWxsfX19LCJjYXJkIjp7ImVsaWdpYmxlIjp0cnVlLCJicmFuZGVkIjp0cnVlLCJpbnN0YWxsbWVudHMiOmZhbHNlLCJ2ZW5kb3JzIjp7InZpc2EiOnsiZWxpZ2libGUiOnRydWUsInZhdWx0YWJsZSI6dHJ1ZX0sIm1hc3RlcmNhcmQiOnsiZWxpZ2libGUiOnRydWUsInZhdWx0YWJsZSI6dHJ1ZX0sImFtZXgiOnsiZWxpZ2libGUiOnRydWUsInZhdWx0YWJsZSI6dHJ1ZX0sImRpc2NvdmVyIjp7ImVsaWdpYmxlIjpmYWxzZSwidmF1bHRhYmxlIjp0cnVlfSwiaGlwZXIiOnsiZWxpZ2libGUiOmZhbHNlLCJ2YXVsdGFibGUiOmZhbHNlfSwiZWxvIjp7ImVsaWdpYmxlIjpmYWxzZSwidmF1bHRhYmxlIjp0cnVlfSwiamNiIjp7ImVsaWdpYmxlIjpmYWxzZSwidmF1bHRhYmxlIjp0cnVlfX0sImd1ZXN0RW5hYmxlZCI6ZmFsc2V9LCJ2ZW5tbyI6eyJlbGlnaWJsZSI6ZmFsc2UsInZhdWx0YWJsZSI6ZmFsc2V9LCJpdGF1Ijp7ImVsaWdpYmxlIjpmYWxzZX0sImNyZWRpdCI6eyJlbGlnaWJsZSI6ZmFsc2V9LCJhcHBsZXBheSI6eyJlbGlnaWJsZSI6ZmFsc2V9LCJzZXBhIjp7ImVsaWdpYmxlIjpmYWxzZX0sImlkZWFsIjp7ImVsaWdpYmxlIjpmYWxzZX0sImJhbmNvbnRhY3QiOnsiZWxpZ2libGUiOmZhbHNlfSwiZ2lyb3BheSI6eyJlbGlnaWJsZSI6ZmFsc2V9LCJlcHMiOnsiZWxpZ2libGUiOmZhbHNlfSwic29mb3J0Ijp7ImVsaWdpYmxlIjpmYWxzZX0sIm15YmFuayI6eyJlbGlnaWJsZSI6ZmFsc2V9LCJwMjQiOnsiZWxpZ2libGUiOmZhbHNlfSwid2VjaGF0cGF5Ijp7ImVsaWdpYmxlIjpmYWxzZX0sInBheXUiOnsiZWxpZ2libGUiOmZhbHNlfSwiYmxpayI6eyJlbGlnaWJsZSI6ZmFsc2V9LCJ0cnVzdGx5Ijp7ImVsaWdpYmxlIjpmYWxzZX0sIm94eG8iOnsiZWxpZ2libGUiOmZhbHNlfSwiYm9sZXRvIjp7ImVsaWdpYmxlIjpmYWxzZX0sImJvbGV0b2JhbmNhcmlvIjp7ImVsaWdpYmxlIjpmYWxzZX0sIm1lcmNhZG9wYWdvIjp7ImVsaWdpYmxlIjpmYWxzZX0sIm11bHRpYmFuY28iOnsiZWxpZ2libGUiOmZhbHNlfSwic2F0aXNwYXkiOnsiZWxpZ2libGUiOmZhbHNlfSwicGFpZHkiOnsiZWxpZ2libGUiOmZhbHNlfX0&platform=desktop&experiment.enableVenmo=false&flow=purchase&currency=USD&intent=capture&commit=true&vault=false&enableFunding.0=venmo&renderedButtons.0=paypal&renderedButtons.1=card&debug=false&applePaySupport=false&supportsPopups=true&supportedNativeBrowser=false&allowBillingPayments=true&disableSetCookie=true
Requested by
Host: www.paypal.com
URL: https://www.paypal.com/sdk/js?client-id=AXWPljSR_V21Qp_VvEyX4glwGE4ZpToXLmeFaDCdHLq2ZAPlRz5isFTOlEbPj_9nYZmGLliTUkTbWlrd&enable-funding=venmo&currency=USD
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.65.21 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
756bfb23803ecedac1e3a7e953f1a3c07c4ec06490d86facf5962aa4fbf54423
Security Headers
Name Value
Content-Security-Policy form-action 'self' https://*.paypal.com https://*.cardinalcommerce.com; default-src 'self' https://*.paypal.com https://*.paypalobjects.com; connect-src 'self' https://*.paypal.com:* https://*.paypalobjects.com https://*.googleapis.com https://*.firebaseio.com wss://*.firebaseio.com https://api2.amplitude.com http://127.0.0.1:* https://*.qualtrics.com; frame-src 'self' https://*.paypal.com:* https://*.paypalobjects.com https://*.cardinalcommerce.com https://*.firebaseapp.com https://*.qualtrics.com; script-src 'self' https://*.paypal.com:* https://*.paypalobjects.com 'unsafe-inline' 'unsafe-eval' https://apis.google.com; style-src 'self' https://*.paypal.com:* https://*.paypalobjects.com 'unsafe-inline'; font-src 'self' https://*.paypal.com https://*.paypalobjects.com data:; object-src 'none'; img-src https: data:; base-uri 'self' https://*.paypal.com; upgrade-insecure-requests;; report-uri https://www.paypal.com/csplog/api/log/csp
Strict-Transport-Security max-age=63072000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://www.kangaroturf.c4s.online/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36
accept-language
fr-FR,fr;q=0.9

Response headers

accept-ch
sec-ch-ua-full, sec-ch-ua-arch, sec-ch-ua-model, sec-ch-ua-platform-version, sec-ch-ua-full-version, sec-ch-ua-full-version-list, sec-ch-ua-bitness, sec-ch-ua-wow64
accept-ranges
bytes
access-control-expose-headers
Server-Timing
cache-control
max-age=0, no-cache, no-store, must-revalidate
content-disposition
inline
content-encoding
gzip
content-security-policy
form-action 'self' https://*.paypal.com https://*.cardinalcommerce.com; default-src 'self' https://*.paypal.com https://*.paypalobjects.com; connect-src 'self' https://*.paypal.com:* https://*.paypalobjects.com https://*.googleapis.com https://*.firebaseio.com wss://*.firebaseio.com https://api2.amplitude.com http://127.0.0.1:* https://*.qualtrics.com; frame-src 'self' https://*.paypal.com:* https://*.paypalobjects.com https://*.cardinalcommerce.com https://*.firebaseapp.com https://*.qualtrics.com; script-src 'self' https://*.paypal.com:* https://*.paypalobjects.com 'unsafe-inline' 'unsafe-eval' https://apis.google.com; style-src 'self' https://*.paypal.com:* https://*.paypalobjects.com 'unsafe-inline'; font-src 'self' https://*.paypal.com https://*.paypalobjects.com data:; object-src 'none'; img-src https: data:; base-uri 'self' https://*.paypal.com; upgrade-insecure-requests;; report-uri https://www.paypal.com/csplog/api/log/csp
content-type
text/html; charset=utf-8
date
Sun, 07 Jan 2024 10:54:00 GMT
dc
ccg11-origin-www-1.paypal.com
etag
W/"659de-e1UIAR+hMdAEQbIDDBEXsp5Y/WI"
origin-trial
AlIogV3KFtnbfVCyl9Z2NprE7FD8PYCt+TQiYdE3ppeJjJ0xJKcthYwOxXpRCNopxVWdOIENMcNSvQCGAmj0fw0AAAB2eyJvcmlnaW4iOiJodHRwczovL3BheXBhbC5jb206NDQzIiwiZmVhdHVyZSI6IlNlbmRGdWxsVXNlckFnZW50QWZ0ZXJSZWR1Y3Rpb24iLCJleHBpcnkiOjE2ODQ4ODYzOTksImlzU3ViZG9tYWluIjp0cnVlfQ==
p3p
true
paypal-debug-id
f94686107f30f
permissions-policy
ch-ua-platform-version=(self "https://c.paypal.com"),ch-ua-arch=(self "https://c.paypal.com"),ch-ua-wow64=(self "https://c.paypal.com"),ch-ua-model=(self "https://c.paypal.com"),ch-ua-bitness=(self "https://c.paypal.com"),ch-ua-full-version=(self "https://c.paypal.com"),ch-ua-full-version-list=(self "https://c.paypal.com")
server-timing
"traceparent;desc="00-0000000000000000000f94686107f30f-b22f156beb0c4aaa-01"";content-encoding;desc="gzip",x-cdn;desc="fastly"
strict-transport-security
max-age=63072000; includeSubDomains; preload
traceparent
00-0000000000000000000f94686107f30f-8379041e394ad20a-01
vary
Accept-Encoding
via
1.1 varnish, 1.1 varnish, 1.1 varnish
x-cache
MISS, MISS, MISS
x-cache-hits
0, 0, 0
x-content-type-options
nosniff
x-csrf-jwt
__blank__
x-served-by
cache-lhr7393-LHR, cache-lcy-eglc8600029-LCY, cache-lcy-eglc8600029-LCY
x-timer
S1704624840.797974,VS0,VE405
x-xss-protection
1; mode=block
paypal-blue.svg
www.paypalobjects.com/js-sdk-logos/2.2.7/ Frame 3D3E 		3 KB
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.paypalobjects.com/js-sdk-logos/2.2.7/paypal-blue.svg
Requested by
Host: www.kangaroturf.c4s.online
URL: https://www.kangaroturf.c4s.online/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
192.229.221.25 , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software
ECAcc (paa/6F05) /
Resource Hash
25b02175cc0a4e36fda24db4b7de40009feb7b31f18fe3c77423a2169929b94b
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
fr-FR,fr;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date
Sun, 07 Jan 2024 10:53:59 GMT
content-encoding
gzip
x-content-type-options
nosniff
strict-transport-security
max-age=63072000; includeSubDomains; preload
x-cache
HIT
paypal-debug-id
1867a673a7a0f
dc
ccg11-origin-www-1.paypal.com
content-length
1217
last-modified
Tue, 04 Apr 2023 21:46:19 GMT
server
ECAcc (paa/6F05)
traceparent
00-00000000000000000001867a673a7a0f-f3dfb61d7baab926-01
etag
W/"642c9aab-cc2"
vary
Accept-Encoding
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
s-maxage=31536000, public,max-age=3600
accept-ranges
bytes
timing-allow-origin
https://www.paypal.com,https://www.sandbox.paypal.com
expires
Sun, 07 Jan 2024 11:53:59 GMT
card-white.svg
www.paypalobjects.com/js-sdk-logos/2.2.7/ Frame 3D3E 		1 KB
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.paypalobjects.com/js-sdk-logos/2.2.7/card-white.svg
Requested by
Host: www.kangaroturf.c4s.online
URL: https://www.kangaroturf.c4s.online/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
192.229.221.25 , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software
ECAcc (paa/6F71) /
Resource Hash
1c4c2e6fd8a12889bc2ab350338566579ae079850e59701c8bf55ba52abd4d6b
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
fr-FR,fr;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date
Sun, 07 Jan 2024 10:53:59 GMT
content-encoding
gzip
x-content-type-options
nosniff
strict-transport-security
max-age=63072000; includeSubDomains; preload
x-cache
HIT
paypal-debug-id
1d478ed69fe51
dc
ccg11-origin-www-1.paypal.com
content-length
637
last-modified
Tue, 04 Apr 2023 21:46:19 GMT
server
ECAcc (paa/6F71)
traceparent
00-00000000000000000001d478ed69fe51-f4a949f38f31de5d-01
etag
W/"642c9aab-54e"
vary
Accept-Encoding
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
s-maxage=31536000, public,max-age=3600
accept-ranges
bytes
timing-allow-origin
https://www.paypal.com,https://www.sandbox.paypal.com
expires
Sun, 07 Jan 2024 11:53:59 GMT
ts
t.paypal.com/ 		42 B
554 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://t.paypal.com/ts?pgrp=muse%3Ageneric%3Aanalytics%3A%3Amerchant&page=muse%3Ageneric%3Aanalytics%3A%3Amerchant%3A%3A%3A&tsrce=tagmanagernodeweb&comp=tagmanagernodeweb&sub_component=analytics&s=ci&fltp=analytics-generic&pt=Gratuit%20KANGARO-TURF&dh=1200&dw=1600&bh=1200&bw=1600&cd=24&sh=1200&sw=1600&v=NA&pl=pdf&rosetta_language=en-US%2Cen&e=im&t=1704624839798&g=-60&completeurl=https%3A%2F%2Fwww.kangaroturf.c4s.online%2F&sinfo=%7B%22partners%22%3A%7B%22ecwid%22%3A%7B%7D%2C%22bigCommerce%22%3A%7B%7D%2C%22shopify%22%3A%7B%7D%2C%22wix%22%3A%7B%7D%2C%22bigCartel%22%3A%7B%7D%7D%7D&disableSetCookie=true
Requested by
Host: www.kangaroturf.c4s.online
URL: https://www.kangaroturf.c4s.online/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.65.35 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
6d8ba81d1b60a18707722a1f2b62dad48a6acced95a1933f49a68b5016620b93
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains; preload

Request headers

accept-language
fr-FR,fr;q=0.9
Referer
https://www.kangaroturf.c4s.online/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

x-cache-hits
0, 0
date
Sun, 07 Jan 2024 10:54:00 GMT
via
1.1 varnish, 1.1 varnish
strict-transport-security
max-age=63072000; includeSubDomains; preload
x-cache
MISS, MISS
p3p
CP="CAO IND OUR SAM UNI STA COR COM"
paypal-debug-id
a68f1d03d9394
server-timing
content-encoding;desc="",x-cdn;desc="fastly"
x-served-by
cache-lhr7359-LHR, cache-lcy-eglc8600047-LCY
pragma
no-cache
correlation-id
a68f1d03d9394
traceparent
00-0000000000000000000a68f1d03d9394-4a29388957a3e796-01
x-timer
S1704624840.865415,VS0,VE154
vary
Accept-Encoding
content-type
image/gif
cache-control
max-age=0, no-cache, no-store, must-revalidate
accept-ranges
bytes
timing-allow-origin
*
expires
Sun, 07 Jan 2024 10:53:59 GMT
js
www.paypal.com/sdk/ Frame 100A 		293 KB
80 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.paypal.com/sdk/js?client-id=AXWPljSR_V21Qp_VvEyX4glwGE4ZpToXLmeFaDCdHLq2ZAPlRz5isFTOlEbPj_9nYZmGLliTUkTbWlrd&enable-funding=venmo&currency=USD
Requested by
Host: www.paypal.com
URL: https://www.paypal.com/smart/buttons?style.label=paypal&style.layout=vertical&style.color=gold&style.shape=rect&style.tagline=false&style.menuPlacement=below&sdkVersion=5.0.418&components.0=buttons&locale.country=US&locale.lang=en&sdkMeta=eyJ1cmwiOiJodHRwczovL3d3dy5wYXlwYWwuY29tL3Nkay9qcz9jbGllbnQtaWQ9QVhXUGxqU1JfVjIxUXBfVnZFeVg0Z2x3R0U0WnBUb1hMbWVGYURDZEhMcTJaQVBsUno1aXNGVE9sRWJQal85bllabUdMbGlUVWtUYldscmQmZW5hYmxlLWZ1bmRpbmc9dmVubW8mY3VycmVuY3k9VVNEIiwiYXR0cnMiOnsiZGF0YS1zZGstaW50ZWdyYXRpb24tc291cmNlIjoiYnV0dG9uLWZhY3RvcnkiLCJkYXRhLXVpZCI6InVpZF96aHV1bGxtaWxmaXVtY3djamhsZHpyb215bW91eHIifX0&clientID=AXWPljSR_V21Qp_VvEyX4glwGE4ZpToXLmeFaDCdHLq2ZAPlRz5isFTOlEbPj_9nYZmGLliTUkTbWlrd&sdkCorrelationID=f8008308eaf3b&storageID=uid_5f8aac02df_mta6ntm6ntk&sessionID=uid_89733bae2d_mta6ntm6ntk&buttonSessionID=uid_41a2167d0f_mta6ntm6ntk&env=production&buttonSize=huge&fundingEligibility=eyJwYXlwYWwiOnsiZWxpZ2libGUiOnRydWUsInZhdWx0YWJsZSI6ZmFsc2V9LCJwYXlsYXRlciI6eyJlbGlnaWJsZSI6ZmFsc2UsInZhdWx0YWJsZSI6ZmFsc2UsInByb2R1Y3RzIjp7InBheUluMyI6eyJlbGlnaWJsZSI6ZmFsc2UsInZhcmlhbnQiOm51bGx9LCJwYXlJbjQiOnsiZWxpZ2libGUiOmZhbHNlLCJ2YXJpYW50IjpudWxsfSwicGF5bGF0ZXIiOnsiZWxpZ2libGUiOmZhbHNlLCJ2YXJpYW50IjpudWxsfX19LCJjYXJkIjp7ImVsaWdpYmxlIjp0cnVlLCJicmFuZGVkIjp0cnVlLCJpbnN0YWxsbWVudHMiOmZhbHNlLCJ2ZW5kb3JzIjp7InZpc2EiOnsiZWxpZ2libGUiOnRydWUsInZhdWx0YWJsZSI6dHJ1ZX0sIm1hc3RlcmNhcmQiOnsiZWxpZ2libGUiOnRydWUsInZhdWx0YWJsZSI6dHJ1ZX0sImFtZXgiOnsiZWxpZ2libGUiOnRydWUsInZhdWx0YWJsZSI6dHJ1ZX0sImRpc2NvdmVyIjp7ImVsaWdpYmxlIjpmYWxzZSwidmF1bHRhYmxlIjp0cnVlfSwiaGlwZXIiOnsiZWxpZ2libGUiOmZhbHNlLCJ2YXVsdGFibGUiOmZhbHNlfSwiZWxvIjp7ImVsaWdpYmxlIjpmYWxzZSwidmF1bHRhYmxlIjp0cnVlfSwiamNiIjp7ImVsaWdpYmxlIjpmYWxzZSwidmF1bHRhYmxlIjp0cnVlfX0sImd1ZXN0RW5hYmxlZCI6ZmFsc2V9LCJ2ZW5tbyI6eyJlbGlnaWJsZSI6ZmFsc2UsInZhdWx0YWJsZSI6ZmFsc2V9LCJpdGF1Ijp7ImVsaWdpYmxlIjpmYWxzZX0sImNyZWRpdCI6eyJlbGlnaWJsZSI6ZmFsc2V9LCJhcHBsZXBheSI6eyJlbGlnaWJsZSI6ZmFsc2V9LCJzZXBhIjp7ImVsaWdpYmxlIjpmYWxzZX0sImlkZWFsIjp7ImVsaWdpYmxlIjpmYWxzZX0sImJhbmNvbnRhY3QiOnsiZWxpZ2libGUiOmZhbHNlfSwiZ2lyb3BheSI6eyJlbGlnaWJsZSI6ZmFsc2V9LCJlcHMiOnsiZWxpZ2libGUiOmZhbHNlfSwic29mb3J0Ijp7ImVsaWdpYmxlIjpmYWxzZX0sIm15YmFuayI6eyJlbGlnaWJsZSI6ZmFsc2V9LCJwMjQiOnsiZWxpZ2libGUiOmZhbHNlfSwid2VjaGF0cGF5Ijp7ImVsaWdpYmxlIjpmYWxzZX0sInBheXUiOnsiZWxpZ2libGUiOmZhbHNlfSwiYmxpayI6eyJlbGlnaWJsZSI6ZmFsc2V9LCJ0cnVzdGx5Ijp7ImVsaWdpYmxlIjpmYWxzZX0sIm94eG8iOnsiZWxpZ2libGUiOmZhbHNlfSwiYm9sZXRvIjp7ImVsaWdpYmxlIjpmYWxzZX0sImJvbGV0b2JhbmNhcmlvIjp7ImVsaWdpYmxlIjpmYWxzZX0sIm1lcmNhZG9wYWdvIjp7ImVsaWdpYmxlIjpmYWxzZX0sIm11bHRpYmFuY28iOnsiZWxpZ2libGUiOmZhbHNlfSwic2F0aXNwYXkiOnsiZWxpZ2libGUiOmZhbHNlfSwicGFpZHkiOnsiZWxpZ2libGUiOmZhbHNlfX0&platform=desktop&experiment.enableVenmo=false&flow=purchase&currency=USD&intent=capture&commit=true&vault=false&enableFunding.0=venmo&renderedButtons.0=paypal&renderedButtons.1=card&debug=false&applePaySupport=false&supportsPopups=true&supportedNativeBrowser=false&allowBillingPayments=true&disableSetCookie=true
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.65.21 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
f1b1f868f0cefc8cfc07aee8dabc332a9b75adde18bd2f93335116c0f5254836
Security Headers
Name Value
Content-Security-Policy default-src 'self' https://*.paypal.com https://*.paypalobjects.com; connect-src 'self' https://*.paypal.com https://*.paypalobjects.com https://*.qualtrics.com; frame-src 'self' https://*.paypal.com https://*.paypalobjects.com https://*.qualtrics.com; script-src 'nonce-ryLvp4GX4M7P/mYu7Ggrp2Zox29Y0jYG8+wUhuZErkcySPid' 'self' https://*.paypal.com https://*.paypalobjects.com 'unsafe-inline'; style-src 'nonce-ryLvp4GX4M7P/mYu7Ggrp2Zox29Y0jYG8+wUhuZErkcySPid' 'self' https://*.paypal.com https://*.paypalobjects.com 'unsafe-inline'; object-src 'none'; img-src https: data:; form-action 'self' https://*.paypal.com; base-uri 'self' https://*.paypal.com; upgrade-insecure-requests;; report-uri https://www.paypal.com/csplog/api/log/csp
Strict-Transport-Security max-age=63072000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
fr-FR,fr;q=0.9
Referer
https://www.paypal.com/smart/buttons?style.label=paypal&style.layout=vertical&style.color=gold&style.shape=rect&style.tagline=false&style.menuPlacement=below&sdkVersion=5.0.418&components.0=buttons&locale.country=US&locale.lang=en&sdkMeta=eyJ1cmwiOiJodHRwczovL3d3dy5wYXlwYWwuY29tL3Nkay9qcz9jbGllbnQtaWQ9QVhXUGxqU1JfVjIxUXBfVnZFeVg0Z2x3R0U0WnBUb1hMbWVGYURDZEhMcTJaQVBsUno1aXNGVE9sRWJQal85bllabUdMbGlUVWtUYldscmQmZW5hYmxlLWZ1bmRpbmc9dmVubW8mY3VycmVuY3k9VVNEIiwiYXR0cnMiOnsiZGF0YS1zZGstaW50ZWdyYXRpb24tc291cmNlIjoiYnV0dG9uLWZhY3RvcnkiLCJkYXRhLXVpZCI6InVpZF96aHV1bGxtaWxmaXVtY3djamhsZHpyb215bW91eHIifX0&clientID=AXWPljSR_V21Qp_VvEyX4glwGE4ZpToXLmeFaDCdHLq2ZAPlRz5isFTOlEbPj_9nYZmGLliTUkTbWlrd&sdkCorrelationID=f8008308eaf3b&storageID=uid_5f8aac02df_mta6ntm6ntk&sessionID=uid_89733bae2d_mta6ntm6ntk&buttonSessionID=uid_41a2167d0f_mta6ntm6ntk&env=production&buttonSize=huge&fundingEligibility=eyJwYXlwYWwiOnsiZWxpZ2libGUiOnRydWUsInZhdWx0YWJsZSI6ZmFsc2V9LCJwYXlsYXRlciI6eyJlbGlnaWJsZSI6ZmFsc2UsInZhdWx0YWJsZSI6ZmFsc2UsInByb2R1Y3RzIjp7InBheUluMyI6eyJlbGlnaWJsZSI6ZmFsc2UsInZhcmlhbnQiOm51bGx9LCJwYXlJbjQiOnsiZWxpZ2libGUiOmZhbHNlLCJ2YXJpYW50IjpudWxsfSwicGF5bGF0ZXIiOnsiZWxpZ2libGUiOmZhbHNlLCJ2YXJpYW50IjpudWxsfX19LCJjYXJkIjp7ImVsaWdpYmxlIjp0cnVlLCJicmFuZGVkIjp0cnVlLCJpbnN0YWxsbWVudHMiOmZhbHNlLCJ2ZW5kb3JzIjp7InZpc2EiOnsiZWxpZ2libGUiOnRydWUsInZhdWx0YWJsZSI6dHJ1ZX0sIm1hc3RlcmNhcmQiOnsiZWxpZ2libGUiOnRydWUsInZhdWx0YWJsZSI6dHJ1ZX0sImFtZXgiOnsiZWxpZ2libGUiOnRydWUsInZhdWx0YWJsZSI6dHJ1ZX0sImRpc2NvdmVyIjp7ImVsaWdpYmxlIjpmYWxzZSwidmF1bHRhYmxlIjp0cnVlfSwiaGlwZXIiOnsiZWxpZ2libGUiOmZhbHNlLCJ2YXVsdGFibGUiOmZhbHNlfSwiZWxvIjp7ImVsaWdpYmxlIjpmYWxzZSwidmF1bHRhYmxlIjp0cnVlfSwiamNiIjp7ImVsaWdpYmxlIjpmYWxzZSwidmF1bHRhYmxlIjp0cnVlfX0sImd1ZXN0RW5hYmxlZCI6ZmFsc2V9LCJ2ZW5tbyI6eyJlbGlnaWJsZSI6ZmFsc2UsInZhdWx0YWJsZSI6ZmFsc2V9LCJpdGF1Ijp7ImVsaWdpYmxlIjpmYWxzZX0sImNyZWRpdCI6eyJlbGlnaWJsZSI6ZmFsc2V9LCJhcHBsZXBheSI6eyJlbGlnaWJsZSI6ZmFsc2V9LCJzZXBhIjp7ImVsaWdpYmxlIjpmYWxzZX0sImlkZWFsIjp7ImVsaWdpYmxlIjpmYWxzZX0sImJhbmNvbnRhY3QiOnsiZWxpZ2libGUiOmZhbHNlfSwiZ2lyb3BheSI6eyJlbGlnaWJsZSI6ZmFsc2V9LCJlcHMiOnsiZWxpZ2libGUiOmZhbHNlfSwic29mb3J0Ijp7ImVsaWdpYmxlIjpmYWxzZX0sIm15YmFuayI6eyJlbGlnaWJsZSI6ZmFsc2V9LCJwMjQiOnsiZWxpZ2libGUiOmZhbHNlfSwid2VjaGF0cGF5Ijp7ImVsaWdpYmxlIjpmYWxzZX0sInBheXUiOnsiZWxpZ2libGUiOmZhbHNlfSwiYmxpayI6eyJlbGlnaWJsZSI6ZmFsc2V9LCJ0cnVzdGx5Ijp7ImVsaWdpYmxlIjpmYWxzZX0sIm94eG8iOnsiZWxpZ2libGUiOmZhbHNlfSwiYm9sZXRvIjp7ImVsaWdpYmxlIjpmYWxzZX0sImJvbGV0b2JhbmNhcmlvIjp7ImVsaWdpYmxlIjpmYWxzZX0sIm1lcmNhZG9wYWdvIjp7ImVsaWdpYmxlIjpmYWxzZX0sIm11bHRpYmFuY28iOnsiZWxpZ2libGUiOmZhbHNlfSwic2F0aXNwYXkiOnsiZWxpZ2libGUiOmZhbHNlfSwicGFpZHkiOnsiZWxpZ2libGUiOmZhbHNlfX0&platform=desktop&experiment.enableVenmo=false&flow=purchase&currency=USD&intent=capture&commit=true&vault=false&enableFunding.0=venmo&renderedButtons.0=paypal&renderedButtons.1=card&debug=false&applePaySupport=false&supportsPopups=true&supportedNativeBrowser=false&allowBillingPayments=true&disableSetCookie=true
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

content-security-policy
default-src 'self' https://*.paypal.com https://*.paypalobjects.com; connect-src 'self' https://*.paypal.com https://*.paypalobjects.com https://*.qualtrics.com; frame-src 'self' https://*.paypal.com https://*.paypalobjects.com https://*.qualtrics.com; script-src 'nonce-ryLvp4GX4M7P/mYu7Ggrp2Zox29Y0jYG8+wUhuZErkcySPid' 'self' https://*.paypal.com https://*.paypalobjects.com 'unsafe-inline'; style-src 'nonce-ryLvp4GX4M7P/mYu7Ggrp2Zox29Y0jYG8+wUhuZErkcySPid' 'self' https://*.paypal.com https://*.paypalobjects.com 'unsafe-inline'; object-src 'none'; img-src https: data:; form-action 'self' https://*.paypal.com; base-uri 'self' https://*.paypal.com; upgrade-insecure-requests;; report-uri https://www.paypal.com/csplog/api/log/csp
content-encoding
gzip
x-content-type-options
nosniff
disable-set-cookie
true
via
1.1 varnish, 1.1 varnish, 1.1 varnish
date
Sun, 07 Jan 2024 10:54:00 GMT
age
1
strict-transport-security
max-age=63072000; includeSubDomains; preload
x-cache
HIT, HIT, MISS
p3p
true
paypal-debug-id
f413328ef0908
server-timing
"traceparent;desc="00-0000000000000000000f413328ef0908-df9e736ce1ece4d1-01"";content-encoding;desc="gzip",x-cdn;desc="fastly"
dc
ccg11-origin-www-1.paypal.com
content-length
80035
x-xss-protection
1; mode=block
x-served-by
cache-lhr7376-LHR, cache-lcy-eglc8600029-LCY, cache-lcy-eglc8600029-LCY
accept-ch
sec-ch-ua-full, sec-ch-ua-arch, sec-ch-ua-model, sec-ch-ua-platform-version, sec-ch-ua-full-version, sec-ch-ua-full-version-list, sec-ch-ua-bitness, sec-ch-ua-wow64
traceparent
00-0000000000000000000f413328ef0908-043162bd27769f16-01
x-timer
S1704624840.230704,VS0,VE6
etag
W/"138a3-3hGoURmj+xg4TOIzGnqB9At7kPQ"
x-frame-options
SAMEORIGIN
vary
Accept-Encoding
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
access-control-expose-headers
Server-Timing
cache-control
public, max-age=3600, s-maxage=10800
origin-trial
AlIogV3KFtnbfVCyl9Z2NprE7FD8PYCt+TQiYdE3ppeJjJ0xJKcthYwOxXpRCNopxVWdOIENMcNSvQCGAmj0fw0AAAB2eyJvcmlnaW4iOiJodHRwczovL3BheXBhbC5jb206NDQzIiwiZmVhdHVyZSI6IlNlbmRGdWxsVXNlckFnZW50QWZ0ZXJSZWR1Y3Rpb24iLCJleHBpcnkiOjE2ODQ4ODYzOTksImlzU3ViZG9tYWluIjp0cnVlfQ==
permissions-policy
ch-ua-platform-version=(self "https://c.paypal.com"),ch-ua-arch=(self "https://c.paypal.com"),ch-ua-wow64=(self "https://c.paypal.com"),ch-ua-model=(self "https://c.paypal.com"),ch-ua-bitness=(self "https://c.paypal.com"),ch-ua-full-version=(self "https://c.paypal.com"),ch-ua-full-version-list=(self "https://c.paypal.com")
accept-ranges
bytes
x-cache-hits
13, 1, 0
truncated
/ Frame 100A 		3 KB
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
25b02175cc0a4e36fda24db4b7de40009feb7b31f18fe3c77423a2169929b94b

Request headers

accept-language
fr-FR,fr;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

Content-Type
image/svg+xml
truncated
/ Frame 100A 		1 KB
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
1c4c2e6fd8a12889bc2ab350338566579ae079850e59701c8bf55ba52abd4d6b

Request headers

accept-language
fr-FR,fr;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

Content-Type
image/svg+xml
logger
www.paypal.com/xoplatform/logger/api/ Frame 100A 		1023 B
1 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://www.paypal.com/xoplatform/logger/api/logger?disableSetCookie=true
Requested by
Host: www.paypal.com
URL: https://www.paypal.com/sdk/js?client-id=AXWPljSR_V21Qp_VvEyX4glwGE4ZpToXLmeFaDCdHLq2ZAPlRz5isFTOlEbPj_9nYZmGLliTUkTbWlrd&enable-funding=venmo&currency=USD
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.65.21 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
9d36a281bae6b06b9589755a836af73d3cf3fd590c5029f36961a4431eacbcee
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept
application/json
Referer
https://www.paypal.com/smart/buttons?style.label=paypal&style.layout=vertical&style.color=gold&style.shape=rect&style.tagline=false&style.menuPlacement=below&sdkVersion=5.0.418&components.0=buttons&locale.country=US&locale.lang=en&sdkMeta=eyJ1cmwiOiJodHRwczovL3d3dy5wYXlwYWwuY29tL3Nkay9qcz9jbGllbnQtaWQ9QVhXUGxqU1JfVjIxUXBfVnZFeVg0Z2x3R0U0WnBUb1hMbWVGYURDZEhMcTJaQVBsUno1aXNGVE9sRWJQal85bllabUdMbGlUVWtUYldscmQmZW5hYmxlLWZ1bmRpbmc9dmVubW8mY3VycmVuY3k9VVNEIiwiYXR0cnMiOnsiZGF0YS1zZGstaW50ZWdyYXRpb24tc291cmNlIjoiYnV0dG9uLWZhY3RvcnkiLCJkYXRhLXVpZCI6InVpZF96aHV1bGxtaWxmaXVtY3djamhsZHpyb215bW91eHIifX0&clientID=AXWPljSR_V21Qp_VvEyX4glwGE4ZpToXLmeFaDCdHLq2ZAPlRz5isFTOlEbPj_9nYZmGLliTUkTbWlrd&sdkCorrelationID=f8008308eaf3b&storageID=uid_5f8aac02df_mta6ntm6ntk&sessionID=uid_89733bae2d_mta6ntm6ntk&buttonSessionID=uid_41a2167d0f_mta6ntm6ntk&env=production&buttonSize=huge&fundingEligibility=eyJwYXlwYWwiOnsiZWxpZ2libGUiOnRydWUsInZhdWx0YWJsZSI6ZmFsc2V9LCJwYXlsYXRlciI6eyJlbGlnaWJsZSI6ZmFsc2UsInZhdWx0YWJsZSI6ZmFsc2UsInByb2R1Y3RzIjp7InBheUluMyI6eyJlbGlnaWJsZSI6ZmFsc2UsInZhcmlhbnQiOm51bGx9LCJwYXlJbjQiOnsiZWxpZ2libGUiOmZhbHNlLCJ2YXJpYW50IjpudWxsfSwicGF5bGF0ZXIiOnsiZWxpZ2libGUiOmZhbHNlLCJ2YXJpYW50IjpudWxsfX19LCJjYXJkIjp7ImVsaWdpYmxlIjp0cnVlLCJicmFuZGVkIjp0cnVlLCJpbnN0YWxsbWVudHMiOmZhbHNlLCJ2ZW5kb3JzIjp7InZpc2EiOnsiZWxpZ2libGUiOnRydWUsInZhdWx0YWJsZSI6dHJ1ZX0sIm1hc3RlcmNhcmQiOnsiZWxpZ2libGUiOnRydWUsInZhdWx0YWJsZSI6dHJ1ZX0sImFtZXgiOnsiZWxpZ2libGUiOnRydWUsInZhdWx0YWJsZSI6dHJ1ZX0sImRpc2NvdmVyIjp7ImVsaWdpYmxlIjpmYWxzZSwidmF1bHRhYmxlIjp0cnVlfSwiaGlwZXIiOnsiZWxpZ2libGUiOmZhbHNlLCJ2YXVsdGFibGUiOmZhbHNlfSwiZWxvIjp7ImVsaWdpYmxlIjpmYWxzZSwidmF1bHRhYmxlIjp0cnVlfSwiamNiIjp7ImVsaWdpYmxlIjpmYWxzZSwidmF1bHRhYmxlIjp0cnVlfX0sImd1ZXN0RW5hYmxlZCI6ZmFsc2V9LCJ2ZW5tbyI6eyJlbGlnaWJsZSI6ZmFsc2UsInZhdWx0YWJsZSI6ZmFsc2V9LCJpdGF1Ijp7ImVsaWdpYmxlIjpmYWxzZX0sImNyZWRpdCI6eyJlbGlnaWJsZSI6ZmFsc2V9LCJhcHBsZXBheSI6eyJlbGlnaWJsZSI6ZmFsc2V9LCJzZXBhIjp7ImVsaWdpYmxlIjpmYWxzZX0sImlkZWFsIjp7ImVsaWdpYmxlIjpmYWxzZX0sImJhbmNvbnRhY3QiOnsiZWxpZ2libGUiOmZhbHNlfSwiZ2lyb3BheSI6eyJlbGlnaWJsZSI6ZmFsc2V9LCJlcHMiOnsiZWxpZ2libGUiOmZhbHNlfSwic29mb3J0Ijp7ImVsaWdpYmxlIjpmYWxzZX0sIm15YmFuayI6eyJlbGlnaWJsZSI6ZmFsc2V9LCJwMjQiOnsiZWxpZ2libGUiOmZhbHNlfSwid2VjaGF0cGF5Ijp7ImVsaWdpYmxlIjpmYWxzZX0sInBheXUiOnsiZWxpZ2libGUiOmZhbHNlfSwiYmxpayI6eyJlbGlnaWJsZSI6ZmFsc2V9LCJ0cnVzdGx5Ijp7ImVsaWdpYmxlIjpmYWxzZX0sIm94eG8iOnsiZWxpZ2libGUiOmZhbHNlfSwiYm9sZXRvIjp7ImVsaWdpYmxlIjpmYWxzZX0sImJvbGV0b2JhbmNhcmlvIjp7ImVsaWdpYmxlIjpmYWxzZX0sIm1lcmNhZG9wYWdvIjp7ImVsaWdpYmxlIjpmYWxzZX0sIm11bHRpYmFuY28iOnsiZWxpZ2libGUiOmZhbHNlfSwic2F0aXNwYXkiOnsiZWxpZ2libGUiOmZhbHNlfSwicGFpZHkiOnsiZWxpZ2libGUiOmZhbHNlfX0&platform=desktop&experiment.enableVenmo=false&flow=purchase&currency=USD&intent=capture&commit=true&vault=false&enableFunding.0=venmo&renderedButtons.0=paypal&renderedButtons.1=card&debug=false&applePaySupport=false&supportsPopups=true&supportedNativeBrowser=false&allowBillingPayments=true&disableSetCookie=true
accept-language
fr-FR,fr;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36
content-type
application/json

Response headers

date
Sun, 07 Jan 2024 10:54:00 GMT
via
1.1 varnish, 1.1 varnish, 1.1 varnish
x-content-type-options
nosniff
strict-transport-security
max-age=63072000; includeSubDomains; preload
content-encoding
br
x-cache
MISS, MISS, MISS
paypal-debug-id
f94686163a7bc
server-timing
content-encoding;desc="br",x-cdn;desc="fastly"
dc
ccg11-origin-www-1.paypal.com
x-served-by
cache-lhr7340-LHR, cache-lcy-eglc8600029-LCY, cache-lcy-eglc8600029-LCY
accept-ch
sec-ch-ua-full, sec-ch-ua-arch, sec-ch-ua-model, sec-ch-ua-platform-version, sec-ch-ua-full-version, sec-ch-ua-full-version-list, sec-ch-ua-bitness, sec-ch-ua-wow64
traceparent
00-0000000000000000000f94686163a7bc-ea05eff0dd548d99-01
x-timer
S1704624840.438838,VS0,VE191
etag
W/"3ff-IF3W/drVjgw0iBLOJdLwgxiL6R8"
vary
Accept-Encoding
content-type
application/json; charset=utf-8
access-control-allow-origin
https://www.paypal.com
cache-control
max-age=0, no-cache, no-store, must-revalidate
access-control-allow-credentials
true
origin-trial
AlIogV3KFtnbfVCyl9Z2NprE7FD8PYCt+TQiYdE3ppeJjJ0xJKcthYwOxXpRCNopxVWdOIENMcNSvQCGAmj0fw0AAAB2eyJvcmlnaW4iOiJodHRwczovL3BheXBhbC5jb206NDQzIiwiZmVhdHVyZSI6IlNlbmRGdWxsVXNlckFnZW50QWZ0ZXJSZWR1Y3Rpb24iLCJleHBpcnkiOjE2ODQ4ODYzOTksImlzU3ViZG9tYWluIjp0cnVlfQ==
permissions-policy
ch-ua-platform-version=(self "https://c.paypal.com"),ch-ua-arch=(self "https://c.paypal.com"),ch-ua-wow64=(self "https://c.paypal.com"),ch-ua-model=(self "https://c.paypal.com"),ch-ua-bitness=(self "https://c.paypal.com"),ch-ua-full-version=(self "https://c.paypal.com"),ch-ua-full-version-list=(self "https://c.paypal.com")
accept-ranges
none
x-cache-hits
0, 0, 0
logger
www.paypal.com/xoplatform/logger/api/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://www.paypal.com/xoplatform/logger/api/logger?disableSetCookie=true
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.65.21 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type
Access-Control-Request-Method
POST
Origin
https://www.kangaroturf.c4s.online
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

accept-ch
sec-ch-ua-full, sec-ch-ua-arch, sec-ch-ua-model, sec-ch-ua-platform-version, sec-ch-ua-full-version, sec-ch-ua-full-version-list, sec-ch-ua-bitness, sec-ch-ua-wow64
accept-ranges
bytes
access-control-allow-credentials
true
access-control-allow-headers
content-type
access-control-allow-methods
POST
access-control-allow-origin
https://www.kangaroturf.c4s.online
cache-control
max-age=0, no-cache, no-store, must-revalidate
content-length
0
date
Sun, 07 Jan 2024 10:54:00 GMT
dc
ccg11-origin-www-1.paypal.com
origin-trial
AlIogV3KFtnbfVCyl9Z2NprE7FD8PYCt+TQiYdE3ppeJjJ0xJKcthYwOxXpRCNopxVWdOIENMcNSvQCGAmj0fw0AAAB2eyJvcmlnaW4iOiJodHRwczovL3BheXBhbC5jb206NDQzIiwiZmVhdHVyZSI6IlNlbmRGdWxsVXNlckFnZW50QWZ0ZXJSZWR1Y3Rpb24iLCJleHBpcnkiOjE2ODQ4ODYzOTksImlzU3ViZG9tYWluIjp0cnVlfQ==
paypal-debug-id
f946861ec1d73
permissions-policy
ch-ua-platform-version=(self "https://c.paypal.com"),ch-ua-arch=(self "https://c.paypal.com"),ch-ua-wow64=(self "https://c.paypal.com"),ch-ua-model=(self "https://c.paypal.com"),ch-ua-bitness=(self "https://c.paypal.com"),ch-ua-full-version=(self "https://c.paypal.com"),ch-ua-full-version-list=(self "https://c.paypal.com")
server-timing
content-encoding;desc="",x-cdn;desc="fastly"
strict-transport-security
max-age=63072000; includeSubDomains; preload
traceparent
00-0000000000000000000f946861ec1d73-86442a6341a0531b-01
via
1.1 varnish, 1.1 varnish, 1.1 varnish
x-cache
MISS, MISS, MISS
x-cache-hits
0, 0, 0
x-content-type-options
nosniff
x-served-by
cache-lhr7369-LHR, cache-lcy-eglc8600023-LCY, cache-lcy-eglc8600023-LCY
x-timer
S1704624840.484138,VS0,VE192
logger
www.paypal.com/xoplatform/logger/api/ 		1015 B
920 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://www.paypal.com/xoplatform/logger/api/logger?disableSetCookie=true
Requested by
Host: www.paypal.com
URL: https://www.paypal.com/sdk/js?client-id=AXWPljSR_V21Qp_VvEyX4glwGE4ZpToXLmeFaDCdHLq2ZAPlRz5isFTOlEbPj_9nYZmGLliTUkTbWlrd&enable-funding=venmo&currency=USD
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.65.21 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
7de316abf3a04d63abfcc25888e0eac34fc32a86e440ad94822b8a5f2c47184f
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept
application/json
Referer
https://www.kangaroturf.c4s.online/
accept-language
fr-FR,fr;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36
content-type
application/json

Response headers

date
Sun, 07 Jan 2024 10:54:00 GMT
via
1.1 varnish, 1.1 varnish, 1.1 varnish
x-content-type-options
nosniff
strict-transport-security
max-age=63072000; includeSubDomains; preload
content-encoding
br
x-cache
MISS, MISS, MISS
paypal-debug-id
f24468670a1d3
server-timing
content-encoding;desc="br",x-cdn;desc="fastly"
dc
ccg11-origin-www-1.paypal.com
x-served-by
cache-lhr7343-LHR, cache-lcy-eglc8600023-LCY, cache-lcy-eglc8600023-LCY
accept-ch
sec-ch-ua-full, sec-ch-ua-arch, sec-ch-ua-model, sec-ch-ua-platform-version, sec-ch-ua-full-version, sec-ch-ua-full-version-list, sec-ch-ua-bitness, sec-ch-ua-wow64
traceparent
00-0000000000000000000f24468670a1d3-7120e6fcbda7200f-01
x-timer
S1704624841.700680,VS0,VE166
etag
W/"3f7-CYdGCcJ4PMDRXAfgIjK/xond8QE"
vary
Accept-Encoding
content-type
application/json; charset=utf-8
access-control-allow-origin
https://www.kangaroturf.c4s.online
cache-control
max-age=0, no-cache, no-store, must-revalidate
access-control-allow-credentials
true
origin-trial
AlIogV3KFtnbfVCyl9Z2NprE7FD8PYCt+TQiYdE3ppeJjJ0xJKcthYwOxXpRCNopxVWdOIENMcNSvQCGAmj0fw0AAAB2eyJvcmlnaW4iOiJodHRwczovL3BheXBhbC5jb206NDQzIiwiZmVhdHVyZSI6IlNlbmRGdWxsVXNlckFnZW50QWZ0ZXJSZWR1Y3Rpb24iLCJleHBpcnkiOjE2ODQ4ODYzOTksImlzU3ViZG9tYWluIjp0cnVlfQ==
permissions-policy
ch-ua-platform-version=(self "https://c.paypal.com"),ch-ua-arch=(self "https://c.paypal.com"),ch-ua-wow64=(self "https://c.paypal.com"),ch-ua-model=(self "https://c.paypal.com"),ch-ua-bitness=(self "https://c.paypal.com"),ch-ua-full-version=(self "https://c.paypal.com"),ch-ua-full-version-list=(self "https://c.paypal.com")
accept-ranges
none
x-cache-hits
0, 0, 0
logger
www.paypal.com/xoplatform/logger/api/ Frame 100A 		1012 B
1 KB 		Ping
General
Check archive.org
Download Go to
Full URL
https://www.paypal.com/xoplatform/logger/api/logger?disableSetCookie=true
Requested by
Host: www.paypal.com
URL: https://www.paypal.com/smart/buttons?style.label=paypal&style.layout=vertical&style.color=gold&style.shape=rect&style.tagline=false&style.menuPlacement=below&sdkVersion=5.0.418&components.0=buttons&locale.country=US&locale.lang=en&sdkMeta=eyJ1cmwiOiJodHRwczovL3d3dy5wYXlwYWwuY29tL3Nkay9qcz9jbGllbnQtaWQ9QVhXUGxqU1JfVjIxUXBfVnZFeVg0Z2x3R0U0WnBUb1hMbWVGYURDZEhMcTJaQVBsUno1aXNGVE9sRWJQal85bllabUdMbGlUVWtUYldscmQmZW5hYmxlLWZ1bmRpbmc9dmVubW8mY3VycmVuY3k9VVNEIiwiYXR0cnMiOnsiZGF0YS1zZGstaW50ZWdyYXRpb24tc291cmNlIjoiYnV0dG9uLWZhY3RvcnkiLCJkYXRhLXVpZCI6InVpZF96aHV1bGxtaWxmaXVtY3djamhsZHpyb215bW91eHIifX0&clientID=AXWPljSR_V21Qp_VvEyX4glwGE4ZpToXLmeFaDCdHLq2ZAPlRz5isFTOlEbPj_9nYZmGLliTUkTbWlrd&sdkCorrelationID=f8008308eaf3b&storageID=uid_5f8aac02df_mta6ntm6ntk&sessionID=uid_89733bae2d_mta6ntm6ntk&buttonSessionID=uid_41a2167d0f_mta6ntm6ntk&env=production&buttonSize=huge&fundingEligibility=eyJwYXlwYWwiOnsiZWxpZ2libGUiOnRydWUsInZhdWx0YWJsZSI6ZmFsc2V9LCJwYXlsYXRlciI6eyJlbGlnaWJsZSI6ZmFsc2UsInZhdWx0YWJsZSI6ZmFsc2UsInByb2R1Y3RzIjp7InBheUluMyI6eyJlbGlnaWJsZSI6ZmFsc2UsInZhcmlhbnQiOm51bGx9LCJwYXlJbjQiOnsiZWxpZ2libGUiOmZhbHNlLCJ2YXJpYW50IjpudWxsfSwicGF5bGF0ZXIiOnsiZWxpZ2libGUiOmZhbHNlLCJ2YXJpYW50IjpudWxsfX19LCJjYXJkIjp7ImVsaWdpYmxlIjp0cnVlLCJicmFuZGVkIjp0cnVlLCJpbnN0YWxsbWVudHMiOmZhbHNlLCJ2ZW5kb3JzIjp7InZpc2EiOnsiZWxpZ2libGUiOnRydWUsInZhdWx0YWJsZSI6dHJ1ZX0sIm1hc3RlcmNhcmQiOnsiZWxpZ2libGUiOnRydWUsInZhdWx0YWJsZSI6dHJ1ZX0sImFtZXgiOnsiZWxpZ2libGUiOnRydWUsInZhdWx0YWJsZSI6dHJ1ZX0sImRpc2NvdmVyIjp7ImVsaWdpYmxlIjpmYWxzZSwidmF1bHRhYmxlIjp0cnVlfSwiaGlwZXIiOnsiZWxpZ2libGUiOmZhbHNlLCJ2YXVsdGFibGUiOmZhbHNlfSwiZWxvIjp7ImVsaWdpYmxlIjpmYWxzZSwidmF1bHRhYmxlIjp0cnVlfSwiamNiIjp7ImVsaWdpYmxlIjpmYWxzZSwidmF1bHRhYmxlIjp0cnVlfX0sImd1ZXN0RW5hYmxlZCI6ZmFsc2V9LCJ2ZW5tbyI6eyJlbGlnaWJsZSI6ZmFsc2UsInZhdWx0YWJsZSI6ZmFsc2V9LCJpdGF1Ijp7ImVsaWdpYmxlIjpmYWxzZX0sImNyZWRpdCI6eyJlbGlnaWJsZSI6ZmFsc2V9LCJhcHBsZXBheSI6eyJlbGlnaWJsZSI6ZmFsc2V9LCJzZXBhIjp7ImVsaWdpYmxlIjpmYWxzZX0sImlkZWFsIjp7ImVsaWdpYmxlIjpmYWxzZX0sImJhbmNvbnRhY3QiOnsiZWxpZ2libGUiOmZhbHNlfSwiZ2lyb3BheSI6eyJlbGlnaWJsZSI6ZmFsc2V9LCJlcHMiOnsiZWxpZ2libGUiOmZhbHNlfSwic29mb3J0Ijp7ImVsaWdpYmxlIjpmYWxzZX0sIm15YmFuayI6eyJlbGlnaWJsZSI6ZmFsc2V9LCJwMjQiOnsiZWxpZ2libGUiOmZhbHNlfSwid2VjaGF0cGF5Ijp7ImVsaWdpYmxlIjpmYWxzZX0sInBheXUiOnsiZWxpZ2libGUiOmZhbHNlfSwiYmxpayI6eyJlbGlnaWJsZSI6ZmFsc2V9LCJ0cnVzdGx5Ijp7ImVsaWdpYmxlIjpmYWxzZX0sIm94eG8iOnsiZWxpZ2libGUiOmZhbHNlfSwiYm9sZXRvIjp7ImVsaWdpYmxlIjpmYWxzZX0sImJvbGV0b2JhbmNhcmlvIjp7ImVsaWdpYmxlIjpmYWxzZX0sIm1lcmNhZG9wYWdvIjp7ImVsaWdpYmxlIjpmYWxzZX0sIm11bHRpYmFuY28iOnsiZWxpZ2libGUiOmZhbHNlfSwic2F0aXNwYXkiOnsiZWxpZ2libGUiOmZhbHNlfSwicGFpZHkiOnsiZWxpZ2libGUiOmZhbHNlfX0&platform=desktop&experiment.enableVenmo=false&flow=purchase&currency=USD&intent=capture&commit=true&vault=false&enableFunding.0=venmo&renderedButtons.0=paypal&renderedButtons.1=card&debug=false&applePaySupport=false&supportsPopups=true&supportedNativeBrowser=false&allowBillingPayments=true&disableSetCookie=true
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.65.21 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
c01617df1a7d21d948d7970554842bf302d94829c372d259b78e4cc9809383f8
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://www.paypal.com/smart/buttons?style.label=paypal&style.layout=vertical&style.color=gold&style.shape=rect&style.tagline=false&style.menuPlacement=below&sdkVersion=5.0.418&components.0=buttons&locale.country=US&locale.lang=en&sdkMeta=eyJ1cmwiOiJodHRwczovL3d3dy5wYXlwYWwuY29tL3Nkay9qcz9jbGllbnQtaWQ9QVhXUGxqU1JfVjIxUXBfVnZFeVg0Z2x3R0U0WnBUb1hMbWVGYURDZEhMcTJaQVBsUno1aXNGVE9sRWJQal85bllabUdMbGlUVWtUYldscmQmZW5hYmxlLWZ1bmRpbmc9dmVubW8mY3VycmVuY3k9VVNEIiwiYXR0cnMiOnsiZGF0YS1zZGstaW50ZWdyYXRpb24tc291cmNlIjoiYnV0dG9uLWZhY3RvcnkiLCJkYXRhLXVpZCI6InVpZF96aHV1bGxtaWxmaXVtY3djamhsZHpyb215bW91eHIifX0&clientID=AXWPljSR_V21Qp_VvEyX4glwGE4ZpToXLmeFaDCdHLq2ZAPlRz5isFTOlEbPj_9nYZmGLliTUkTbWlrd&sdkCorrelationID=f8008308eaf3b&storageID=uid_5f8aac02df_mta6ntm6ntk&sessionID=uid_89733bae2d_mta6ntm6ntk&buttonSessionID=uid_41a2167d0f_mta6ntm6ntk&env=production&buttonSize=huge&fundingEligibility=eyJwYXlwYWwiOnsiZWxpZ2libGUiOnRydWUsInZhdWx0YWJsZSI6ZmFsc2V9LCJwYXlsYXRlciI6eyJlbGlnaWJsZSI6ZmFsc2UsInZhdWx0YWJsZSI6ZmFsc2UsInByb2R1Y3RzIjp7InBheUluMyI6eyJlbGlnaWJsZSI6ZmFsc2UsInZhcmlhbnQiOm51bGx9LCJwYXlJbjQiOnsiZWxpZ2libGUiOmZhbHNlLCJ2YXJpYW50IjpudWxsfSwicGF5bGF0ZXIiOnsiZWxpZ2libGUiOmZhbHNlLCJ2YXJpYW50IjpudWxsfX19LCJjYXJkIjp7ImVsaWdpYmxlIjp0cnVlLCJicmFuZGVkIjp0cnVlLCJpbnN0YWxsbWVudHMiOmZhbHNlLCJ2ZW5kb3JzIjp7InZpc2EiOnsiZWxpZ2libGUiOnRydWUsInZhdWx0YWJsZSI6dHJ1ZX0sIm1hc3RlcmNhcmQiOnsiZWxpZ2libGUiOnRydWUsInZhdWx0YWJsZSI6dHJ1ZX0sImFtZXgiOnsiZWxpZ2libGUiOnRydWUsInZhdWx0YWJsZSI6dHJ1ZX0sImRpc2NvdmVyIjp7ImVsaWdpYmxlIjpmYWxzZSwidmF1bHRhYmxlIjp0cnVlfSwiaGlwZXIiOnsiZWxpZ2libGUiOmZhbHNlLCJ2YXVsdGFibGUiOmZhbHNlfSwiZWxvIjp7ImVsaWdpYmxlIjpmYWxzZSwidmF1bHRhYmxlIjp0cnVlfSwiamNiIjp7ImVsaWdpYmxlIjpmYWxzZSwidmF1bHRhYmxlIjp0cnVlfX0sImd1ZXN0RW5hYmxlZCI6ZmFsc2V9LCJ2ZW5tbyI6eyJlbGlnaWJsZSI6ZmFsc2UsInZhdWx0YWJsZSI6ZmFsc2V9LCJpdGF1Ijp7ImVsaWdpYmxlIjpmYWxzZX0sImNyZWRpdCI6eyJlbGlnaWJsZSI6ZmFsc2V9LCJhcHBsZXBheSI6eyJlbGlnaWJsZSI6ZmFsc2V9LCJzZXBhIjp7ImVsaWdpYmxlIjpmYWxzZX0sImlkZWFsIjp7ImVsaWdpYmxlIjpmYWxzZX0sImJhbmNvbnRhY3QiOnsiZWxpZ2libGUiOmZhbHNlfSwiZ2lyb3BheSI6eyJlbGlnaWJsZSI6ZmFsc2V9LCJlcHMiOnsiZWxpZ2libGUiOmZhbHNlfSwic29mb3J0Ijp7ImVsaWdpYmxlIjpmYWxzZX0sIm15YmFuayI6eyJlbGlnaWJsZSI6ZmFsc2V9LCJwMjQiOnsiZWxpZ2libGUiOmZhbHNlfSwid2VjaGF0cGF5Ijp7ImVsaWdpYmxlIjpmYWxzZX0sInBheXUiOnsiZWxpZ2libGUiOmZhbHNlfSwiYmxpayI6eyJlbGlnaWJsZSI6ZmFsc2V9LCJ0cnVzdGx5Ijp7ImVsaWdpYmxlIjpmYWxzZX0sIm94eG8iOnsiZWxpZ2libGUiOmZhbHNlfSwiYm9sZXRvIjp7ImVsaWdpYmxlIjpmYWxzZX0sImJvbGV0b2JhbmNhcmlvIjp7ImVsaWdpYmxlIjpmYWxzZX0sIm1lcmNhZG9wYWdvIjp7ImVsaWdpYmxlIjpmYWxzZX0sIm11bHRpYmFuY28iOnsiZWxpZ2libGUiOmZhbHNlfSwic2F0aXNwYXkiOnsiZWxpZ2libGUiOmZhbHNlfSwicGFpZHkiOnsiZWxpZ2libGUiOmZhbHNlfX0&platform=desktop&experiment.enableVenmo=false&flow=purchase&currency=USD&intent=capture&commit=true&vault=false&enableFunding.0=venmo&renderedButtons.0=paypal&renderedButtons.1=card&debug=false&applePaySupport=false&supportsPopups=true&supportedNativeBrowser=false&allowBillingPayments=true&disableSetCookie=true
accept-language
fr-FR,fr;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36
Content-Type
application/json

Response headers

date
Sun, 07 Jan 2024 10:54:00 GMT
via
1.1 varnish, 1.1 varnish, 1.1 varnish
x-content-type-options
nosniff
strict-transport-security
max-age=63072000; includeSubDomains; preload
content-encoding
br
x-cache
MISS, MISS, MISS
paypal-debug-id
f9468614cd62b
server-timing
content-encoding;desc="br",x-cdn;desc="fastly"
dc
ccg11-origin-www-1.paypal.com
x-served-by
cache-lhr7378-LHR, cache-lcy-eglc8600029-LCY, cache-lcy-eglc8600029-LCY
accept-ch
sec-ch-ua-full, sec-ch-ua-arch, sec-ch-ua-model, sec-ch-ua-platform-version, sec-ch-ua-full-version, sec-ch-ua-full-version-list, sec-ch-ua-bitness, sec-ch-ua-wow64
traceparent
00-0000000000000000000f9468614cd62b-741affd1e3103e69-01
x-timer
S1704624840.457469,VS0,VE191
etag
W/"3f4-i7lcENAc03vbRZNgJ5NDIYU+H8I"
vary
Accept-Encoding
content-type
application/json; charset=utf-8
access-control-allow-origin
https://www.paypal.com
cache-control
max-age=0, no-cache, no-store, must-revalidate
access-control-allow-credentials
true
origin-trial
AlIogV3KFtnbfVCyl9Z2NprE7FD8PYCt+TQiYdE3ppeJjJ0xJKcthYwOxXpRCNopxVWdOIENMcNSvQCGAmj0fw0AAAB2eyJvcmlnaW4iOiJodHRwczovL3BheXBhbC5jb206NDQzIiwiZmVhdHVyZSI6IlNlbmRGdWxsVXNlckFnZW50QWZ0ZXJSZWR1Y3Rpb24iLCJleHBpcnkiOjE2ODQ4ODYzOTksImlzU3ViZG9tYWluIjp0cnVlfQ==
permissions-policy
ch-ua-platform-version=(self "https://c.paypal.com"),ch-ua-arch=(self "https://c.paypal.com"),ch-ua-wow64=(self "https://c.paypal.com"),ch-ua-model=(self "https://c.paypal.com"),ch-ua-bitness=(self "https://c.paypal.com"),ch-ua-full-version=(self "https://c.paypal.com"),ch-ua-full-version-list=(self "https://c.paypal.com")
accept-ranges
none
x-cache-hits
0, 0, 0

Verdicts & Comments Add Verdict or Comment

16 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| 0 object| 1 object| documentPictureInPicture string| GoogleAnalyticsObject function| ga object| google_tag_data object| gaplugins object| gaGlobal object| gaData object| dataLayer object| google_tag_manager object| __post_robot_11_0_0___uid_zhuullmilfiumcwcjhldzromymouxr object| paypal object| __zoid_10_3_3___uid_zhuullmilfiumcwcjhldzromymouxr function| initPayPalButton object| paypalDDL

8 Cookies

Domain/Path Name / Value
.c4s.online/ Name: _ga
Value: GA1.2.932973352.1704624839
.c4s.online/ Name: _gid
Value: GA1.2.706356310.1704624839
.c4s.online/ Name: _gat
Value: 1
.c4s.online/ Name: _ga_G8VKCZ1Q8K
Value: GS1.2.1704624839.1.0.1704624839.0.0.0
.paypal.com/ Name: tsrce
Value: smartcomponentnodeweb
.paypal.com/ Name: l7_az
Value: dcg14.slc
.paypal.com/ Name: ts
Value: vreXpYrS%3D1799319239%26vteXpYrS%3D1704626639%26vr%3De38edcca18c0ad102445994eface26ef%26vt%3De38edcca18c0ad102445994eface26ee%26vtyp%3Dnew
.paypal.com/ Name: ts_c
Value: vr%3De38edcca18c0ad102445994eface26ef%26vt%3De38edcca18c0ad102445994eface26ee

47 Console Messages

Source Level URL
Text
security warning URL: https://www.kangaroturf.c4s.online/
Message:
Mixed Content: The page at 'https://www.kangaroturf.c4s.online/' was loaded over HTTPS, but requested an insecure element 'http://www.kangaroturf.c4s.online/image/pmupourtous1.gif'. This request was automatically upgraded to HTTPS, For more information see https://blog.chromium.org/2019/10/no-more-mixed-messages-about-https.html
security warning URL: https://www.kangaroturf.c4s.online/
Message:
Mixed Content: The page at 'https://www.kangaroturf.c4s.online/' was loaded over HTTPS, but requested an insecure element 'http://img.root-top.com/topsite/topturfjs/banner.gif'. This request was automatically upgraded to HTTPS, For more information see https://blog.chromium.org/2019/10/no-more-mixed-messages-about-https.html
security warning URL: https://www.kangaroturf.c4s.online/
Message:
Mixed Content: The page at 'https://www.kangaroturf.c4s.online/' was loaded over HTTPS, but requested an insecure element 'http://img.root-top.com/topsite/exelturf/banner.gif'. This request was automatically upgraded to HTTPS, For more information see https://blog.chromium.org/2019/10/no-more-mixed-messages-about-https.html
security warning URL: https://www.kangaroturf.c4s.online/
Message:
Mixed Content: The page at 'https://www.kangaroturf.c4s.online/' was loaded over HTTPS, but requested an insecure element 'http://img.root-top.com/topsite/pmuchampion/banner.gif'. This request was automatically upgraded to HTTPS, For more information see https://blog.chromium.org/2019/10/no-more-mixed-messages-about-https.html
security warning URL: https://www.kangaroturf.c4s.online/
Message:
Mixed Content: The page at 'https://www.kangaroturf.c4s.online/' was loaded over HTTPS, but requested an insecure element 'http://pronosgratuit.lachezvos.pro/image/logo_peor.gif'. This request was automatically upgraded to HTTPS, For more information see https://blog.chromium.org/2019/10/no-more-mixed-messages-about-https.html
security warning URL: https://www.kangaroturf.c4s.online/
Message:
Mixed Content: The page at 'https://www.kangaroturf.c4s.online/' was loaded over HTTPS, but requested an insecure element 'http://www.ogalopcourse.com//logo.gif'. This request was automatically upgraded to HTTPS, For more information see https://blog.chromium.org/2019/10/no-more-mixed-messages-about-https.html
security warning URL: https://www.kangaroturf.c4s.online/
Message:
Mixed Content: The page at 'https://www.kangaroturf.c4s.online/' was loaded over HTTPS, but requested an insecure element 'http://kangaroturf.c4s.online/image/expertduturf.gif'. This request was automatically upgraded to HTTPS, For more information see https://blog.chromium.org/2019/10/no-more-mixed-messages-about-https.html
security warning URL: https://www.kangaroturf.c4s.online/
Message:
Mixed Content: The page at 'https://www.kangaroturf.c4s.online/' was loaded over HTTPS, but requested an insecure element 'http://kangaroturf.c4s.online/image/lemagicienduturf.gif'. This request was automatically upgraded to HTTPS, For more information see https://blog.chromium.org/2019/10/no-more-mixed-messages-about-https.html
security warning URL: https://www.kangaroturf.c4s.online/
Message:
Mixed Content: The page at 'https://www.kangaroturf.c4s.online/' was loaded over HTTPS, but requested an insecure element 'http://www.dueldescracks.siteneti.net/dueldescracks.gif'. This request was automatically upgraded to HTTPS, For more information see https://blog.chromium.org/2019/10/no-more-mixed-messages-about-https.html
security warning URL: https://www.kangaroturf.c4s.online/
Message:
Mixed Content: The page at 'https://www.kangaroturf.c4s.online/' was loaded over HTTPS, but requested an insecure element 'http://pronosgratuit.lachezvos.pro/image/gas3_9032206.gif'. This request was automatically upgraded to HTTPS, For more information see https://blog.chromium.org/2019/10/no-more-mixed-messages-about-https.html
security warning URL: https://www.kangaroturf.c4s.online/
Message:
Mixed Content: The page at 'https://www.kangaroturf.c4s.online/' was loaded over HTTPS, but requested an insecure element 'http://kangaroturf.c4s.online/image/ivressedesgains.gif'. This request was automatically upgraded to HTTPS, For more information see https://blog.chromium.org/2019/10/no-more-mixed-messages-about-https.html
security warning URL: https://www.kangaroturf.c4s.online/
Message:
Mixed Content: The page at 'https://www.kangaroturf.c4s.online/' was loaded over HTTPS, but requested an insecure element 'http://www.mini-turf.c4s.online/banniere/mini%20turf.jpg'. This request was automatically upgraded to HTTPS, For more information see https://blog.chromium.org/2019/10/no-more-mixed-messages-about-https.html
security warning URL: https://www.kangaroturf.c4s.online/
Message:
Mixed Content: The page at 'https://www.kangaroturf.c4s.online/' was loaded over HTTPS, but requested an insecure element 'http://jeuxsurs.siteneti.net/image/PMUCH.gif'. This request was automatically upgraded to HTTPS, For more information see https://blog.chromium.org/2019/10/no-more-mixed-messages-about-https.html
security warning URL: https://www.kangaroturf.c4s.online/
Message:
Mixed Content: The page at 'https://www.kangaroturf.c4s.online/' was loaded over HTTPS, but requested an insecure element 'http://www.erfolg.c4s.online/banniere/erfolg.png'. This request was automatically upgraded to HTTPS, For more information see https://blog.chromium.org/2019/10/no-more-mixed-messages-about-https.html
security warning URL: https://www.kangaroturf.c4s.online/
Message:
Mixed Content: The page at 'https://www.kangaroturf.c4s.online/' was loaded over HTTPS, but requested an insecure element 'http://www.extra-derby.c4s.online/banniere/Extra%20derby.gif'. This request was automatically upgraded to HTTPS, For more information see https://blog.chromium.org/2019/10/no-more-mixed-messages-about-https.html
security warning URL: https://www.kangaroturf.c4s.online/
Message:
Mixed Content: The page at 'https://www.kangaroturf.c4s.online/' was loaded over HTTPS, but requested an insecure element 'http://jeuxsurs.siteneti.net/banniere/JEUXSUR.png'. This request was automatically upgraded to HTTPS, For more information see https://blog.chromium.org/2019/10/no-more-mixed-messages-about-https.html
security warning URL: https://www.kangaroturf.c4s.online/
Message:
Mixed Content: The page at 'https://www.kangaroturf.c4s.online/' was loaded over HTTPS, but requested an insecure element 'http://www.ogalopcourse.com/img/new.gif'. This request was automatically upgraded to HTTPS, For more information see https://blog.chromium.org/2019/10/no-more-mixed-messages-about-https.html
security warning URL: https://www.kangaroturf.c4s.online/
Message:
Mixed Content: The page at 'https://www.kangaroturf.c4s.online/' was loaded over HTTPS, but requested an insecure element 'http://www.ogalopcourse.com/img/new.gif'. This request was automatically upgraded to HTTPS, For more information see https://blog.chromium.org/2019/10/no-more-mixed-messages-about-https.html
security warning URL: https://www.kangaroturf.c4s.online/
Message:
Mixed Content: The page at 'https://www.kangaroturf.c4s.online/' was loaded over HTTPS, but requested an insecure element 'http://www.ogalopcourse.com/img/new.gif'. This request was automatically upgraded to HTTPS, For more information see https://blog.chromium.org/2019/10/no-more-mixed-messages-about-https.html
security warning URL: https://www.kangaroturf.c4s.online/
Message:
Mixed Content: The page at 'https://www.kangaroturf.c4s.online/' was loaded over HTTPS, but requested an insecure element 'http://www.ogalopcourse.com/img/new.gif'. This request was automatically upgraded to HTTPS, For more information see https://blog.chromium.org/2019/10/no-more-mixed-messages-about-https.html
security warning URL: https://www.kangaroturf.c4s.online/
Message:
Mixed Content: The page at 'https://www.kangaroturf.c4s.online/' was loaded over HTTPS, but requested an insecure element 'http://www.ogalopcourse.com/img/new.gif'. This request was automatically upgraded to HTTPS, For more information see https://blog.chromium.org/2019/10/no-more-mixed-messages-about-https.html
security warning URL: https://www.kangaroturf.c4s.online/
Message:
Mixed Content: The page at 'https://www.kangaroturf.c4s.online/' was loaded over HTTPS, but requested an insecure element 'http://pronosgratuit.lachezvos.pro/image/PROGRES2.gif'. This request was automatically upgraded to HTTPS, For more information see https://blog.chromium.org/2019/10/no-more-mixed-messages-about-https.html
security warning URL: https://www.kangaroturf.c4s.online/
Message:
Mixed Content: The page at 'https://www.kangaroturf.c4s.online/' was loaded over HTTPS, but requested an insecure element 'http://www.kangaroturf.c4s.online/image/pmupourtous1.gif'. This request was automatically upgraded to HTTPS, For more information see https://blog.chromium.org/2019/10/no-more-mixed-messages-about-https.html
security warning URL: https://www.kangaroturf.c4s.online/(Line 145)
Message:
Mixed Content: The page at 'https://www.kangaroturf.c4s.online/' was loaded over HTTPS, but requested an insecure element 'http://www.kangaroturf.c4s.online/image/pmupourtous1.gif'. This request was automatically upgraded to HTTPS, For more information see https://blog.chromium.org/2019/10/no-more-mixed-messages-about-https.html
security warning URL: https://www.kangaroturf.c4s.online/(Line 145)
Message:
Mixed Content: The page at 'https://www.kangaroturf.c4s.online/' was loaded over HTTPS, but requested an insecure element 'http://img.root-top.com/topsite/topturfjs/banner.gif'. This request was automatically upgraded to HTTPS, For more information see https://blog.chromium.org/2019/10/no-more-mixed-messages-about-https.html
security warning URL: https://www.kangaroturf.c4s.online/(Line 145)
Message:
Mixed Content: The page at 'https://www.kangaroturf.c4s.online/' was loaded over HTTPS, but requested an insecure element 'http://img.root-top.com/topsite/exelturf/banner.gif'. This request was automatically upgraded to HTTPS, For more information see https://blog.chromium.org/2019/10/no-more-mixed-messages-about-https.html
security warning URL: https://www.kangaroturf.c4s.online/(Line 145)
Message:
Mixed Content: The page at 'https://www.kangaroturf.c4s.online/' was loaded over HTTPS, but requested an insecure element 'http://img.root-top.com/topsite/pmuchampion/banner.gif'. This request was automatically upgraded to HTTPS, For more information see https://blog.chromium.org/2019/10/no-more-mixed-messages-about-https.html
security warning URL: https://www.kangaroturf.c4s.online/(Line 145)
Message:
Mixed Content: The page at 'https://www.kangaroturf.c4s.online/' was loaded over HTTPS, but requested an insecure element 'http://pronosgratuit.lachezvos.pro/image/logo_peor.gif'. This request was automatically upgraded to HTTPS, For more information see https://blog.chromium.org/2019/10/no-more-mixed-messages-about-https.html
security warning URL: https://www.kangaroturf.c4s.online/(Line 145)
Message:
Mixed Content: The page at 'https://www.kangaroturf.c4s.online/' was loaded over HTTPS, but requested an insecure element 'http://www.ogalopcourse.com//logo.gif'. This request was automatically upgraded to HTTPS, For more information see https://blog.chromium.org/2019/10/no-more-mixed-messages-about-https.html
security warning URL: https://www.kangaroturf.c4s.online/(Line 145)
Message:
Mixed Content: The page at 'https://www.kangaroturf.c4s.online/' was loaded over HTTPS, but requested an insecure element 'http://kangaroturf.c4s.online/image/expertduturf.gif'. This request was automatically upgraded to HTTPS, For more information see https://blog.chromium.org/2019/10/no-more-mixed-messages-about-https.html
security warning URL: https://www.kangaroturf.c4s.online/(Line 145)
Message:
Mixed Content: The page at 'https://www.kangaroturf.c4s.online/' was loaded over HTTPS, but requested an insecure element 'http://kangaroturf.c4s.online/image/lemagicienduturf.gif'. This request was automatically upgraded to HTTPS, For more information see https://blog.chromium.org/2019/10/no-more-mixed-messages-about-https.html
security warning URL: https://www.kangaroturf.c4s.online/(Line 145)
Message:
Mixed Content: The page at 'https://www.kangaroturf.c4s.online/' was loaded over HTTPS, but requested an insecure element 'http://www.dueldescracks.siteneti.net/dueldescracks.gif'. This request was automatically upgraded to HTTPS, For more information see https://blog.chromium.org/2019/10/no-more-mixed-messages-about-https.html
security warning URL: https://www.kangaroturf.c4s.online/(Line 145)
Message:
Mixed Content: The page at 'https://www.kangaroturf.c4s.online/' was loaded over HTTPS, but requested an insecure element 'http://pronosgratuit.lachezvos.pro/image/gas3_9032206.gif'. This request was automatically upgraded to HTTPS, For more information see https://blog.chromium.org/2019/10/no-more-mixed-messages-about-https.html
network error URL: https://www.kangaroturf.c4s.online/banniere/kangaro%20turf.png
Message:
Failed to load resource: net::ERR_CONNECTION_RESET
security warning URL: https://www.kangaroturf.c4s.online/(Line 297)
Message:
Mixed Content: The page at 'https://www.kangaroturf.c4s.online/' was loaded over HTTPS, but requested an insecure element 'http://kangaroturf.c4s.online/image/ivressedesgains.gif'. This request was automatically upgraded to HTTPS, For more information see https://blog.chromium.org/2019/10/no-more-mixed-messages-about-https.html
security warning URL: https://www.kangaroturf.c4s.online/(Line 297)
Message:
Mixed Content: The page at 'https://www.kangaroturf.c4s.online/' was loaded over HTTPS, but requested an insecure element 'http://www.mini-turf.c4s.online/banniere/mini%20turf.jpg'. This request was automatically upgraded to HTTPS, For more information see https://blog.chromium.org/2019/10/no-more-mixed-messages-about-https.html
security warning URL: https://www.kangaroturf.c4s.online/(Line 297)
Message:
Mixed Content: The page at 'https://www.kangaroturf.c4s.online/' was loaded over HTTPS, but requested an insecure element 'http://jeuxsurs.siteneti.net/image/PMUCH.gif'. This request was automatically upgraded to HTTPS, For more information see https://blog.chromium.org/2019/10/no-more-mixed-messages-about-https.html
security warning URL: https://www.kangaroturf.c4s.online/(Line 297)
Message:
Mixed Content: The page at 'https://www.kangaroturf.c4s.online/' was loaded over HTTPS, but requested an insecure element 'http://www.erfolg.c4s.online/banniere/erfolg.png'. This request was automatically upgraded to HTTPS, For more information see https://blog.chromium.org/2019/10/no-more-mixed-messages-about-https.html
security warning URL: https://www.kangaroturf.c4s.online/(Line 297)
Message:
Mixed Content: The page at 'https://www.kangaroturf.c4s.online/' was loaded over HTTPS, but requested an insecure element 'http://www.extra-derby.c4s.online/banniere/Extra%20derby.gif'. This request was automatically upgraded to HTTPS, For more information see https://blog.chromium.org/2019/10/no-more-mixed-messages-about-https.html
security warning URL: https://www.kangaroturf.c4s.online/(Line 297)
Message:
Mixed Content: The page at 'https://www.kangaroturf.c4s.online/' was loaded over HTTPS, but requested an insecure element 'http://jeuxsurs.siteneti.net/banniere/JEUXSUR.png'. This request was automatically upgraded to HTTPS, For more information see https://blog.chromium.org/2019/10/no-more-mixed-messages-about-https.html
security warning URL: https://www.kangaroturf.c4s.online/(Line 297)
Message:
Mixed Content: The page at 'https://www.kangaroturf.c4s.online/' was loaded over HTTPS, but requested an insecure element 'http://www.ogalopcourse.com/img/new.gif'. This request was automatically upgraded to HTTPS, For more information see https://blog.chromium.org/2019/10/no-more-mixed-messages-about-https.html
security warning URL: https://www.kangaroturf.c4s.online/(Line 297)
Message:
Mixed Content: The page at 'https://www.kangaroturf.c4s.online/' was loaded over HTTPS, but requested an insecure element 'http://www.ogalopcourse.com/img/new.gif'. This request was automatically upgraded to HTTPS, For more information see https://blog.chromium.org/2019/10/no-more-mixed-messages-about-https.html
security warning URL: https://www.kangaroturf.c4s.online/(Line 297)
Message:
Mixed Content: The page at 'https://www.kangaroturf.c4s.online/' was loaded over HTTPS, but requested an insecure element 'http://www.ogalopcourse.com/img/new.gif'. This request was automatically upgraded to HTTPS, For more information see https://blog.chromium.org/2019/10/no-more-mixed-messages-about-https.html
security warning URL: https://www.kangaroturf.c4s.online/(Line 297)
Message:
Mixed Content: The page at 'https://www.kangaroturf.c4s.online/' was loaded over HTTPS, but requested an insecure element 'http://www.ogalopcourse.com/img/new.gif'. This request was automatically upgraded to HTTPS, For more information see https://blog.chromium.org/2019/10/no-more-mixed-messages-about-https.html
security warning URL: https://www.kangaroturf.c4s.online/(Line 297)
Message:
Mixed Content: The page at 'https://www.kangaroturf.c4s.online/' was loaded over HTTPS, but requested an insecure element 'http://www.ogalopcourse.com/img/new.gif'. This request was automatically upgraded to HTTPS, For more information see https://blog.chromium.org/2019/10/no-more-mixed-messages-about-https.html
security warning URL: https://www.kangaroturf.c4s.online/(Line 297)
Message:
Mixed Content: The page at 'https://www.kangaroturf.c4s.online/' was loaded over HTTPS, but requested an insecure element 'http://pronosgratuit.lachezvos.pro/image/PROGRES2.gif'. This request was automatically upgraded to HTTPS, For more information see https://blog.chromium.org/2019/10/no-more-mixed-messages-about-https.html
security warning URL: https://www.kangaroturf.c4s.online/(Line 297)
Message:
Mixed Content: The page at 'https://www.kangaroturf.c4s.online/' was loaded over HTTPS, but requested an insecure element 'http://www.kangaroturf.c4s.online/image/pmupourtous1.gif'. This request was automatically upgraded to HTTPS, For more information see https://blog.chromium.org/2019/10/no-more-mixed-messages-about-https.html

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

blogger.googleusercontent.com
img.root-top.com
jeuxsurs.siteneti.net
kangaroturf.c4s.online
pronosgratuit.lachezvos.pro
region1.google-analytics.com
t.paypal.com
www.dueldescracks.siteneti.net
www.erfolg.c4s.online
www.extra-derby.c4s.online
www.google-analytics.com
www.googletagmanager.com
www.kangaroturf.c4s.online
www.mini-turf.c4s.online
www.ogalopcourse.com
www.paypal.com
www.paypalobjects.com
151.101.65.21
151.101.65.35
192.229.221.25
194.150.236.236
2001:41d0:301::20
2001:41d0:301::28
2001:4860:4802:34::36
2606:4700:3038::6815:ea1b
2a00:1450:4001:82a::200e
2a00:1450:4001:82f::2008
2a00:1450:4001:830::2001
46.105.57.169
09800505d37a8c898f371e77d71724667a748de947a00292cb4c92bf4ae754de
09f778ac84dee43a19529ff738b8c9e5d2f7e9e7fa8bb34d8f1628d8f10b3cf8
19cab9b05742333a97c7a11aa1d7781ed65150def8e7049fca21005eff5072d6
1c4c2e6fd8a12889bc2ab350338566579ae079850e59701c8bf55ba52abd4d6b
23118bf6eebbbc12d6544b73bf5fcb46ff0290e3b6afa5c1e332ae186b7ee56b
25b02175cc0a4e36fda24db4b7de40009feb7b31f18fe3c77423a2169929b94b
284477d57113b864ab1c02e58d2f616555afa49abc77f7641d941d78eb38f853
359a7a4381cf4c25ffb63b281e93b98b7f43d664dbc00e12cc3a065596e95516
3b4d7c223f67b89c4d51f5a523f1e27b78bd5f559a7f7042309fe97f43085c8b
3dff7ccf8650eb9a3a63e795bbc237e9051217042eb06a0345110e5345fc096e
597b8d67ab1ae1248dc69b6ef66b49d95eedc1ab74ae74234d86e3668d72e58e
5eab03e0bb9a776cffe4e912fc45550c384c2ad112b48b331dddd43a0303022a
5ec1d1f767b7a3a3e6964755ea526e1657576b5a7c8d968a9208ffd6b1333786
62bdc123aae0b57cff55d0a291641ce77e4873a88892fd8cec02c4639b1c8564
6d8ba81d1b60a18707722a1f2b62dad48a6acced95a1933f49a68b5016620b93
756bfb23803ecedac1e3a7e953f1a3c07c4ec06490d86facf5962aa4fbf54423
7b43cb1814ca80746730f4207edcd1175bb5e95baf32398cfa5c891cb06713d7
7de316abf3a04d63abfcc25888e0eac34fc32a86e440ad94822b8a5f2c47184f
853003068526c8290a08b44e300be0151e9e9a433699d18f436fcbf0e07ae9ae
9d36a281bae6b06b9589755a836af73d3cf3fd590c5029f36961a4431eacbcee
9ed611de5fc0d2fed1f7bc62b26d8fd283ea878f2aee9794d06e17a781c6f1ec
a5c520394981f9feb8b34b17aa3d020f61cc7f5cb706d57939bcd1b4d3ab0cbc
b60c71b98dbb4ab180c55a78ff2394f96ef77648368d6d3e8301c15bd69289e4
c01617df1a7d21d948d7970554842bf302d94829c372d259b78e4cc9809383f8
c02dc92bd9d9da2fc29ffd574dc9013bd9f4026756d11f20719042482a41f722
dd112777fc359a6685659e7c18782167c3995a9d75f5d5a39a4098bf36ad11a2
de36e50194320a7d3ef1ace9bd34a875a8bd458b253c061979dd628e9bf49afd
df71cf0774d4371a24620b26bc37304db8f4e58a0ce1204be218d49c00bbaca8
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e492b9ebe9cbcd1ea08ab40d9c93f0c458a4fbbc2743695a31c409872dd80182
f1b1f868f0cefc8cfc07aee8dabc332a9b75adde18bd2f93335116c0f5254836
f94d68bd074ac3a9138d954a5ba91b444aeef97de2d067c636da0579cda3668e