www.matincourses.powa.fr Open in urlscan Pro
194.150.236.190 Public Scan

Go To Rescan
Add Verdict Report

URL:
http://www.matincourses.powa.fr/supertrio//index.php?page_asked_id=pronostics_abonnes
Submission: On February 05 via manual (February 5th 2023, 8:12:42 pm UTC) from SN — Scanned from FR

Summary HTTP 13 Redirects Links 6 Behaviour Indicators

Summary

This website contacted 7 IPs in 4 countries across 7 domains to perform 13 HTTP transactions. The main IP is 194.150.236.190, located in France and belongs to HIWIT_AS, FR. The main domain is www.matincourses.powa.fr.

This is the only time www.matincourses.powa.fr was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
2	194.150.236.190 194.150.236.190	44976 (HIWIT_AS) (HIWIT_AS)
3	185.119.26.1 185.119.26.1	203544 (WEBDEVIIN-AS) (WEBDEVIIN-AS)
1 4	2606:4700:303... 2606:4700:3038::6815:ea1a	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	51.159.101.159 51.159.101.159	12876 (Online SAS) (Online SAS)
1	2a00:1450:400... 2a00:1450:400d:808::2008	15169 (GOOGLE) (GOOGLE)
2	2a00:1450:400... 2a00:1450:400d:806::200e	15169 (GOOGLE) (GOOGLE)
13	7

2 194.150.236.190 (France)

ASN44976 (HIWIT_AS, FR)
PTR: ns30.hiwit.net

www.matincourses.powa.fr	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 185.119.26.1 (France)

ASN203544 (WEBDEVIIN-AS, FR)
PTR: 1.26.119.185.in-addr.arpa

payment.allopass.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2606:4700:3038::6815:ea1a (United States) 1 redirects

ASN13335 (CLOUDFLARENET, US)

img.root-top.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 51.159.101.159 (Paris, France)

ASN12876 (Online SAS, FR)
PTR: 17d9637a-13ac-43cc-99fb-9c6d17e34762.fr-par-2.baremetal.scw.cloud

static.blog4ever.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:400d:808::2008 (Ireland)

ASN15169 (GOOGLE, US)

www.googletagmanager.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:400d:806::200e (Ireland)

ASN15169 (GOOGLE, US)

www.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
4	root-top.com 1 redirects img.root-top.com	718 B
3	allopass.com payment.allopass.com	10 KB
2	google-analytics.com www.google-analytics.com — Cisco Umbrella Rank: 21	20 KB
2	powa.fr www.matincourses.powa.fr	60 KB
1	googletagmanager.com www.googletagmanager.com — Cisco Umbrella Rank: 40	45 KB
1	blog4ever.com static.blog4ever.com	48 KB
0	flashcourse.net Failed ww82.flashcourse.net Failed
13	7

	Domain	Requested by
4	img.root-top.com	1 redirects www.matincourses.powa.fr
3	payment.allopass.com	www.matincourses.powa.fr payment.allopass.com
2	www.google-analytics.com	www.googletagmanager.com www.google-analytics.com
2	www.matincourses.powa.fr	www.matincourses.powa.fr
1	www.googletagmanager.com	payment.allopass.com
1	static.blog4ever.com	www.matincourses.powa.fr
0	ww82.flashcourse.net Failed	www.matincourses.powa.fr
13	7

This site contains links to these domains. Also see Links.

Domain
payment.allopass.com
www.flashcourse.net
www.root-top.com
www.turforiginal-vip.com

Subject Issuer	Validity	Valid
*.allopass.com Sectigo RSA Domain Validation Secure Server CA	`2022-10-07` - `2023-10-07`	a year	crt.sh
static.blog4ever.com R3	`2023-01-25` - `2023-04-25`	3 months	crt.sh
*.google-analytics.com GTS CA 1C3	`2023-01-09` - `2023-04-03`	3 months	crt.sh

This page contains 1 frames:

Primary Page: http://www.matincourses.powa.fr/supertrio//index.php?page_asked_id=pronostics_abonnes
Frame ID: A404CB4FFAA86272526C4C7430E612BE
Requests: 13 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

:. SUPER TRIO - Le Trio en 4 .:

Detected technologies

PHP (Programming Languages) Expand

Overall confidence: 100%
Detected patterns

\.php(?:$|\?)

Google Analytics (Analytics) Expand

Overall confidence: 100%
Detected patterns

google-analytics\.com/(?:ga|urchin|analytics)\.js

Google Tag Manager (Tag Managers) Expand

Overall confidence: 100%
Detected patterns

googletagmanager\.com/gtm\.js

Page Statistics

13
Requests

54 %
HTTPS

50 %
IPv6

7
Domains

7
Subdomains

7
IPs

4
Countries

184 kB
Transfer

290 kB
Size

6
Cookies

6 Outgoing links

These are links going to different origins than the main page.

URL: https://payment.allopass.com/buy/buy.apu?ids=351717&idd=1553531&carousel=row

Search URL Search Domain Scan URL

URL: http://www.flashcourse.net/vote.php?id=48

Search URL Search Domain Scan URL

URL: http://www.root-top.com/topsite/pegaseturf/in.php?ID=55

Search URL Search Domain Scan URL

URL: http://www.root-top.com/topsite/licorne/in.php?ID=45

Search URL Search Domain Scan URL

URL: http://www.root-top.com/topsite/secreturf/in.php?ID=260

Search URL Search Domain Scan URL

URL: https://www.turforiginal-vip.com/

Search URL Search Domain Scan URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 2

http://www.flashcourse.net/img/logo.gif HTTP 301
http://ww82.flashcourse.net/

Request Chain 5

http://img.root-top.com/topsite/secreturf/banner.gif HTTP 301
https://img.root-top.com/topsite/secreturf/banner.gif

13 HTTP transactions
0 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H/1.1 200
OK Primary Request index.php Show response
www.matincourses.powa.fr/supertrio// 10 KB
10 KB 129ms
95ms Document
text/html 194.150.236.190
HIWIT_AS

General

Check archive.org

Show headers Download Go to

Full URL: http://www.matincourses.powa.fr/supertrio//index.php?page_asked_id=pronostics_abonnes
Protocol: HTTP/1.1
Server: 194.150.236.190 , France, ASN44976 (HIWIT_AS, FR),
Reverse DNS: ns30.hiwit.net
Software: Apache /
Resource Hash: 19333266a4d1c1f782f20c95975711d715973d8603446b784f33ed4cd499ad01

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36
accept-language: fr-FR,fr;q=0.9

Response headers

Cache-Control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
Connection: Keep-Alive
Content-Type: text/html
Date: Sun, 05 Feb 2023 20:12:31 GMT
Expires: Thu, 19 Nov 1981 08:52:00 GMT
Keep-Alive: timeout=10, max=100
Pragma: no-cache
Server: Apache
Transfer-Encoding: chunked
Vary: Host

GET
H/1.1 200
OK checkout.apu Show response
payment.allopass.com/buy/ 11 KB
4 KB 6228ms
5532ms Script
text/html 185.119.26.1
WEBDEVIIN-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://payment.allopass.com/buy/checkout.apu?ids=351717&idd=1553531&lang=fr
Requested by: Host: www.matincourses.powa.fr
URL: http://www.matincourses.powa.fr/supertrio//index.php?page_asked_id=pronostics_abonnes
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 185.119.26.1 , France, ASN203544 (WEBDEVIIN-AS, FR),
Reverse DNS: 1.26.119.185.in-addr.arpa
Software: Apache /
Resource Hash: 0d06309e0908c497508b93c834023d39fdb042ea0bb172c3b53253904cece493

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: http://www.matincourses.powa.fr/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

Pragma: no-cache
Date: Sun, 05 Feb 2023 20:12:32 GMT
Content-Encoding: gzip
Server: Apache
Vary: Accept-Encoding
P3P: CP='NON NID OTPa OUR NOR' policy-ref='http://payment.allopass.com/info/p3p/policy-references.xml'
Content-Type: text/html
Cache-Control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
Connection: close
Content-Length: 2960
Expires: Thu, 19 Nov 1981 08:52:00 GMT

GET
H/1.1 200
OK arp.png
www.matincourses.powa.fr/supertrio// 50 KB
50 KB 20ms
20ms Image
image/png 194.150.236.190
HIWIT_AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://www.matincourses.powa.fr/supertrio//arp.png
Requested by: Host: www.matincourses.powa.fr
URL: http://www.matincourses.powa.fr/supertrio//index.php?page_asked_id=pronostics_abonnes
Protocol: HTTP/1.1
Server: 194.150.236.190 , France, ASN44976 (HIWIT_AS, FR),
Reverse DNS: ns30.hiwit.net
Software: Apache /
Resource Hash: 829369591dfdc7eb0c3431c6ec33ca8899153d7cce1124a2d1886dd9f520d98c

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: http://www.matincourses.powa.fr/supertrio//index.php?page_asked_id=pronostics_abonnes
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

Date: Sun, 05 Feb 2023 20:12:31 GMT
Last-Modified: Sun, 15 Nov 2020 05:37:03 GMT
Server: Apache
ETag: "997744-c64d-5b41ea6bd5dc0"
Vary: Host
Content-Type: image/png
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=10, max=99
Content-Length: 50765

GET

/
ww82.flashcourse.net/
Redirect Chain

http://www.flashcourse.net/img/logo.gif
http://ww82.flashcourse.net/

0
0

GET
H/1.1 521 banner.gif
img.root-top.com/topsite/pegaseturf/ 0
0 76ms
41ms Image
text/html 2606:4700:3038::6815:ea1a
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://img.root-top.com/topsite/pegaseturf/banner.gif
Requested by: Host: www.matincourses.powa.fr
URL: http://www.matincourses.powa.fr/supertrio//index.php?page_asked_id=pronostics_abonnes
Protocol: HTTP/1.1
Server: 2606:4700:3038::6815:ea1a , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: http://www.matincourses.powa.fr/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

GET
H/1.1 521 banner.gif
img.root-top.com/topsite/licorne/ 0
0 77ms
41ms Image
text/html 2606:4700:3038::6815:ea1a
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://img.root-top.com/topsite/licorne/banner.gif
Requested by: Host: www.matincourses.powa.fr
URL: http://www.matincourses.powa.fr/supertrio//index.php?page_asked_id=pronostics_abonnes
Protocol: HTTP/1.1
Server: 2606:4700:3038::6815:ea1a , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: http://www.matincourses.powa.fr/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

GET
H2

521

banner.gif
img.root-top.com/topsite/secreturf/
Redirect Chain

http://img.root-top.com/topsite/secreturf/banner.gif
https://img.root-top.com/topsite/secreturf/banner.gif

0
0

102ms
60ms

Image
text/html

2606:4700:3038::6815:ea1a
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://img.root-top.com/topsite/secreturf/banner.gif
Requested by: Host: www.matincourses.powa.fr
URL: http://www.matincourses.powa.fr/supertrio//index.php?page_asked_id=pronostics_abonnes
Protocol: H2
Server: 2606:4700:3038::6815:ea1a , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: http://www.matincourses.powa.fr/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

Redirect headers

Date: Sun, 05 Feb 2023 20:12:31 GMT
CF-Cache-Status: STALE
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Server: cloudflare
Age: 567037
Vary: Accept-Encoding
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=w72ro%2FRASNZPQsTMKIQunvsBRt%2B%2BhHvadpGz%2BHY27R68FUOYvWQ2MLkCeKpPazYtiHf2%2FvtjU7nvHZ0Un3StNh0rG6KO8CxQ6L%2FvVPafaSfhjMYDRCdFKTPA7ts9tl1gGeTnRJZAxbilLHmPoTXd"}],"group":"cf-nel","max_age":604800}
Location: https://img.root-top.com/topsite/secreturf/banner.gif
Cache-Control: max-age=14400
Connection: keep-alive
CF-RAY: 794e4d2ab8f72a20-CDG
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
Content-Length: 0

GET
H2 200 gaz0_9032214.gif
static.blog4ever.com/2021/06/864279/ 48 KB
48 KB 312ms
39ms Image
image/gif 51.159.101.159
Online SAS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://static.blog4ever.com/2021/06/864279/gaz0_9032214.gif
Requested by: Host: www.matincourses.powa.fr
URL: http://www.matincourses.powa.fr/supertrio//index.php?page_asked_id=pronostics_abonnes
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 51.159.101.159 Paris, France, ASN12876 (Online SAS, FR),
Reverse DNS: 17d9637a-13ac-43cc-99fb-9c6d17e34762.fr-par-2.baremetal.scw.cloud
Software: nginx /
Resource Hash: 653157402e7854734f65c4f112eae10ae42d1f093a40374d34c52c1374e9e077

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: http://www.matincourses.powa.fr/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date: Sun, 05 Feb 2023 20:12:32 GMT
last-modified: Tue, 15 Jun 2021 08:32:30 GMT
server: nginx
etag: "60c8659e-bff3"
content-type: image/gif
cache-control: max-age=604800
accept-ranges: bytes
content-length: 49139
expires: Sun, 12 Feb 2023 20:12:32 GMT

GET
H2 200 gtm.js Show response
www.googletagmanager.com/ 116 KB
45 KB 237ms
133ms Script
application/javascript 2a00:1450:400d:808::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtm.js?id=GTM-NHFGDSD

Requested by

Host: payment.allopass.com
URL: https://payment.allopass.com/buy/checkout.apu?ids=351717&idd=1553531&lang=fr

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400d:808::2008 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

9eabc36851568537d54edb47775fee67b92d6eaa1f9d649ba3bab0c3d1c7a235

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: http://www.matincourses.powa.fr/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date: Sun, 05 Feb 2023 20:12:38 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 45680
x-xss-protection: 0
last-modified: Sun, 05 Feb 2023 18:00:00 GMT
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Sun, 05 Feb 2023 20:12:38 GMT

GET
H/1.1 200
OK buy-button.css
payment.allopass.com/static/css/ 2 KB
830 B 59ms
21ms Stylesheet
text/css 185.119.26.1
WEBDEVIIN-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://payment.allopass.com/static/css/buy-button.css?1
Requested by: Host: payment.allopass.com
URL: https://payment.allopass.com/buy/checkout.apu?ids=351717&idd=1553531&lang=fr
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 185.119.26.1 , France, ASN203544 (WEBDEVIIN-AS, FR),
Reverse DNS: 1.26.119.185.in-addr.arpa
Software: Apache /
Resource Hash: 95eb15e76b752a9c78d6281cd3b7c43a8fbc2931783edf3bf3703af55eff06e2

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: http://www.matincourses.powa.fr/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

Date: Sun, 05 Feb 2023 20:12:38 GMT
Content-Encoding: gzip
Last-Modified: Tue, 16 Nov 2021 13:36:55 GMT
Server: Apache
ETag: "4215b-69a-5d0e804cbabc0"
Vary: Accept-Encoding
Content-Type: text/css
Connection: close
Accept-Ranges: bytes
Content-Length: 546

GET
H/1.1 200
OK 162x56.png
payment.allopass.com/static/buy/button/fr/ 6 KB
6 KB 60ms
22ms Image
image/png 185.119.26.1
WEBDEVIIN-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://payment.allopass.com/static/buy/button/fr/162x56.png
Requested by: Host: www.matincourses.powa.fr
URL: http://www.matincourses.powa.fr/supertrio//index.php?page_asked_id=pronostics_abonnes
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 185.119.26.1 , France, ASN203544 (WEBDEVIIN-AS, FR),
Reverse DNS: 1.26.119.185.in-addr.arpa
Software: Apache /
Resource Hash: 7dd9659e56e92abc376e04d427903b2cfca1d52d854d38e35fefa4cf9e7fd9db

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: http://www.matincourses.powa.fr/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

Date: Sun, 05 Feb 2023 20:12:38 GMT
Last-Modified: Tue, 16 Nov 2021 13:36:55 GMT
Server: Apache
ETag: "216d9-1688-5d0e804cbabc0"
Content-Type: image/png
Connection: close
Accept-Ranges: bytes
Content-Length: 5768

GET
H2 200 analytics.js Show response
www.google-analytics.com/ 49 KB
20 KB 149ms
39ms Script
text/javascript 2a00:1450:400d:806::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/analytics.js

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-NHFGDSD

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400d:806::200e , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

5971b095cff574a66d35ada016d4c077c86e2dea62e9c0f14cf7c94b258619de

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: http://www.matincourses.powa.fr/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

strict-transport-security: max-age=10886400; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
date: Sun, 05 Feb 2023 19:12:08 GMT
last-modified: Tue, 10 Jan 2023 21:29:14 GMT
server: Golfe2
age: 3630
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=7200
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 20085
expires: Sun, 05 Feb 2023 21:12:08 GMT

POST
H2 200 collect Show response
www.google-analytics.com/j/ 2 B
213 B 61ms
60ms XHR
text/plain 2a00:1450:400d:806::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/j/collect?v=1&_v=j99&a=1754087237&t=pageview&_s=1&dl=http%3A%2F%2Fwww.matincourses.powa.fr%2Fsupertrio%2F%2Findex.php%3Fpage_asked_id%3Dpronostics_abonnes&ul=en-us&de=windows-1252&dt=%3A.%20SUPER%20TRIO%20-%20Le%20Trio%20en%204%20.%3A&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=YEBAAEABAAAAACAAI~&jid=85278813&gjid=2026599722&cid=231828638.1675627959&tid=UA-135619294-1&_gid=1200635568.1675627959&_r=1&_slc=1&gtm=45He3210n81NHFGDSD&cd1=ALS-LIBS-CHECKOUT-15&cd2=1553531&cd3=351717&cd4=(not%20set)&cd5=classic&z=1835251023

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400d:806::200e , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

a048e640908046be06e00eab37742b5d5ff80964af58cfd22f7cb2de4dfe375f

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: http://www.matincourses.powa.fr/
accept-language: fr-FR,fr;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Sun, 05 Feb 2023 20:12:38 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: http://www.matincourses.powa.fr
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 2
expires: Fri, 01 Jan 1990 00:00:00 GMT

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain: ww82.flashcourse.net
URL: http://ww82.flashcourse.net/

Verdicts & Comments Add Verdict or Comment

17 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

6 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
www.matincourses.powa.fr/	1969-12-31 23:59:59	Name: PHPSESSID Value: 93b1eee082cbe3938c8c42a700aa7d23
payment.allopass.com/	1969-12-31 23:59:59	Name: ShopSessionId Value: fef13ff3-6e34-4754-86b5-d2c8d3d59fc7
.allopass.com/	1970-01-20 18:12:43	Name: AP_CUSK Value: 3605379670
.powa.fr/	1970-01-20 19:03:07	Name: _ga Value: GA1.2.231828638.1675627959
.powa.fr/	1970-01-20 09:28:34	Name: _gid Value: GA1.2.1200635568.1675627959
.powa.fr/	1970-01-20 09:27:08	Name: _gat_UA-135619294-1 Value: 1

3 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
network	error	URL: http://img.root-top.com/topsite/pegaseturf/banner.gif Message: Failed to load resource: the server responded with a status of 521 ()
network	error	URL: http://img.root-top.com/topsite/licorne/banner.gif Message: Failed to load resource: the server responded with a status of 521 ()
network	error	URL: https://img.root-top.com/topsite/secreturf/banner.gif Message: Failed to load resource: the server responded with a status of 521 ()

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

img.root-top.com
payment.allopass.com
static.blog4ever.com
ww82.flashcourse.net
www.google-analytics.com
www.googletagmanager.com
www.matincourses.powa.fr
ww82.flashcourse.net
185.119.26.1
194.150.236.190
2606:4700:3038::6815:ea1a
2a00:1450:400d:806::200e
2a00:1450:400d:808::2008
51.159.101.159
0d06309e0908c497508b93c834023d39fdb042ea0bb172c3b53253904cece493
19333266a4d1c1f782f20c95975711d715973d8603446b784f33ed4cd499ad01
5971b095cff574a66d35ada016d4c077c86e2dea62e9c0f14cf7c94b258619de
653157402e7854734f65c4f112eae10ae42d1f093a40374d34c52c1374e9e077
7dd9659e56e92abc376e04d427903b2cfca1d52d854d38e35fefa4cf9e7fd9db
829369591dfdc7eb0c3431c6ec33ca8899153d7cce1124a2d1886dd9f520d98c
95eb15e76b752a9c78d6281cd3b7c43a8fbc2931783edf3bf3703af55eff06e2
9eabc36851568537d54edb47775fee67b92d6eaa1f9d649ba3bab0c3d1c7a235
a048e640908046be06e00eab37742b5d5ff80964af58cfd22f7cb2de4dfe375f
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

www.matincourses.powa.fr Open in urlscan Pro 194.150.236.190 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Detected technologies

Page Statistics

13 Requests

54 %HTTPS

50 %IPv6

7 Domains

7 Subdomains

7 IPs

4 Countries

184 kBTransfer

290 kBSize

6 Cookies

6 Outgoing links

Redirected requests

13 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 0 data transactions

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Failed requests

Verdicts & Comments Add Verdict or Comment

17 JavaScript Global Variables

6 Cookies

3 Console Messages

Indicators

www.matincourses.powa.fr Open in urlscan Pro
194.150.236.190 Public Scan

Screenshot
Live screenshot

Full Image

13
Requests

54 %
HTTPS

50 %
IPv6

7
Domains

7
Subdomains

7
IPs

4
Countries

184 kB
Transfer

290 kB
Size

6
Cookies

13 HTTP transactions
0 data transactions