lequintespecial.onlc.fr Open in urlscan Pro
2606:4700:20::ac43:48cb  Public Scan

8 Outgoing links

These are links going to different origins than the main page.

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Redirected requests

There were HTTP redirect chains for the following requests:

17 HTTP transactions Everything HTML Script AJAX CSS Image Expand all
0 data transactions

Method Protocol	Status	Resource Path	Size x-fer	Time Latency	Type MIME-Type	IP Location
GET H/1.1	200 OK	Primary Request / Show response lequintespecial.onlc.fr/	8 KB 4 KB	97ms 54ms	Document text/html	2606:4700:20::ac43:48cb CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL http://lequintespecial.onlc.fr/ Protocol HTTP/1.1 Server 2606:4700:20::ac43:48cb , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash b48e8b781d0c41c52c36f918e5d36e58ca727183fef49e2c986a856b1dce63f6 Request headers Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36 accept-language fr-FR,fr;q=0.9 Response headers Access-Control-Allow-Origin https://www.onlinecreation.me CF-Cache-Status DYNAMIC CF-RAY 6f824fe9cb293b6d-CDG Cache-Control no-store, no-cache, must-revalidate Connection keep-alive Content-Encoding gzip Content-Type text/html; charset=utf-8 Date Thu, 07 Apr 2022 11:09:38 GMT Expires Thu, 19 Nov 1981 08:52:00 GMT NEL {"success_fraction":0,"report_to":"cf-nel","max_age":604800} P3P CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT" Pragma no-cache Report-To {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=TXu8XgyzN%2B9i9NjvRT4JIUpqR%2BGFoyoLojRe7%2FZ14Zshu%2Fc%2BrjicGKcDUSVCafrRTHC1nDTkqfnQKX17HVt36zru9giLT4fP%2B7Cp9BJ69GJ1ro6h94Q86cKfPnW5Gn5TevN%2FnvVPJE4hnSmp49W5lPv4DTQ8"}],"group":"cf-nel","max_age":604800} Server cloudflare Transfer-Encoding chunked alt-svc h3=":443"; ma=86400, h3-29=":443"; ma=86400
GET H2	200	jquery.min.js Show response ajax.googleapis.com/ajax/libs/jquery/1.7.2/	93 KB 34 KB	83ms 26ms	Script text/javascript	2a00:1450:4001:810::200a GOOGLE
General Check archive.org Show headers Download Go to Full URL https://ajax.googleapis.com/ajax/libs/jquery/1.7.2/jquery.min.js Requested by Host: lequintespecial.onlc.fr URL: http://lequintespecial.onlc.fr/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:810::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash 47b68dce8cb6805ad5b3ea4d27af92a241f4e29a5c12a274c852e4346a0500b4 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language fr-FR,fr;q=0.9 Referer http://lequintespecial.onlc.fr/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36 Response headers date Thu, 31 Mar 2022 13:20:12 GMT content-encoding gzip x-content-type-options nosniff age 596966 content-security-policy-report-only require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/hosted-libraries-pushers cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 33845 x-xss-protection 0 last-modified Tue, 03 Mar 2020 19:15:00 GMT server sffe cross-origin-opener-policy same-origin; report-to="hosted-libraries-pushers" vary Accept-Encoding report-to {"group":"hosted-libraries-pushers","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/hosted-libraries-pushers"}]} content-type text/javascript; charset=UTF-8 access-control-allow-origin * cache-control public, max-age=31536000, stale-while-revalidate=2592000 accept-ranges bytes timing-allow-origin * expires Fri, 31 Mar 2023 13:20:12 GMT
GET H2	200	mediaelementplayer.min.css cdnjs.cloudflare.com/ajax/libs/mediaelement/2.9.5/	17 KB 3 KB	69ms 26ms	Stylesheet text/css	2606:4700::6811:190e CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://cdnjs.cloudflare.com/ajax/libs/mediaelement/2.9.5/mediaelementplayer.min.css Requested by Host: lequintespecial.onlc.fr URL: http://lequintespecial.onlc.fr/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700::6811:190e , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash a3ecfe4da73d3f04f54aca493982a068a9e328942a64100bfc976cbae9cafb10 Security Headers Name Value Strict-Transport-Security max-age=15780000 X-Content-Type-Options nosniff Request headers Referer Origin http://lequintespecial.onlc.fr accept-language fr-FR,fr;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36 Response headers date Thu, 07 Apr 2022 11:09:38 GMT content-encoding br x-content-type-options nosniff cf-cache-status HIT nel {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800} age 178800 cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=86400, h3-29=":443"; ma=86400 content-length 2265 timing-allow-origin * last-modified Mon, 04 May 2020 16:13:19 GMT server cloudflare cf-cdnjs-via cfworker/kv etag "5eb03f1f-4392" expect-ct max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" strict-transport-security max-age=15780000 report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=U18%2BfiHLj6uEWAEf0e9ZmwvEVYdaQxLqmn%2FSKTC2ch6hSyOM%2BpuQJG1Z1M3it5s6iMK4justk4zVKzaTTggGiUvjJN3fOzwUqflBbL7nI8%2Fm1xHuzHLLWigIIiHovGB9WJUYVN8OUBgPDn3fchPfAju9"}],"group":"cf-nel","max_age":604800} content-type text/css; charset=utf-8 access-control-allow-origin * vary Accept-Encoding cache-control public, max-age=30672000 accept-ranges bytes cf-ray 6f824fed4873edaf-CDG expires Tue, 28 Mar 2023 11:09:38 GMT
GET H2	200	mediaelement-and-player.min.js Show response cdnjs.cloudflare.com/ajax/libs/mediaelement/2.9.5/	61 KB 15 KB	72ms 29ms	Script application/javascript	2606:4700::6811:190e CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://cdnjs.cloudflare.com/ajax/libs/mediaelement/2.9.5/mediaelement-and-player.min.js Requested by Host: lequintespecial.onlc.fr URL: http://lequintespecial.onlc.fr/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700::6811:190e , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash c190fd4534143b46005a1fb176e61c80c6dc36b7893ba45f2d5480217dfcb8c3 Security Headers Name Value Strict-Transport-Security max-age=15780000 X-Content-Type-Options nosniff Request headers Referer Origin http://lequintespecial.onlc.fr accept-language fr-FR,fr;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36 Response headers date Thu, 07 Apr 2022 11:09:38 GMT content-encoding br x-content-type-options nosniff cf-cache-status HIT nel {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800} age 55533 cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=86400, h3-29=":443"; ma=86400 content-length 15089 timing-allow-origin * last-modified Mon, 04 May 2020 16:13:19 GMT server cloudflare cf-cdnjs-via cfworker/kv etag "5eb03f1f-f42f" expect-ct max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" strict-transport-security max-age=15780000 report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=bfeGD2iVVnyyOCs9ZYF%2FOlf6CAI%2BNf4HyEq62Hw0mHTU3OQzAR5G78D3aVE23t85Nb32k9P3ok%2B5CgxWZDXzUX8eZBgMvLE3dcQU2P2VhxIv%2BHu3cupdlr4Emw9eEQuyLG2dqCbfP9EpX3CMlGxwvXby"}],"group":"cf-nel","max_age":604800} content-type application/javascript; charset=utf-8 access-control-allow-origin * vary Accept-Encoding cache-control public, max-age=30672000 accept-ranges bytes cf-ray 6f824fed4876edaf-CDG expires Tue, 28 Mar 2023 11:09:38 GMT
GET H/1.1	200 OK	pixel.gif static.onlc.eu/designs/venus/	34 B 916 B	59ms 32ms	Image image/webp	2606:4700:20::681a:7a2 CLOUDFLARENET
General Check archive.org Show headers Download Go to Show image Full URL http://static.onlc.eu/designs/venus/pixel.gif Requested by Host: lequintespecial.onlc.fr URL: http://lequintespecial.onlc.fr/ Protocol HTTP/1.1 Server 2606:4700:20::681a:7a2 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 86be52bdb7547413cafb3ed175a806a798c65de98b40849e0b974c47d187de65 Request headers accept-language fr-FR,fr;q=0.9 Referer http://lequintespecial.onlc.fr/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36 Response headers Date Thu, 07 Apr 2022 11:09:38 GMT CF-Cache-Status HIT NEL {"success_fraction":0,"report_to":"cf-nel","max_age":604800} Age 618 Cf-Polished origFmt=gif, origSize=43 Content-Disposition inline; filename="pixel.webp" Connection keep-alive alt-svc h3=":443"; ma=86400, h3-29=":443"; ma=86400 Content-Length 34 Last-Modified Sat, 12 May 2007 23:38:17 GMT Server cloudflare ETag "1246710638" Vary Accept Report-To {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=X9%2B5yDa2M94aKGVYMceK3BgCrQ4KbWrW44s3wUqn4THkMADIbtztKXehWTkyR2uxJ3tyYD4v6pM2wczphFxVNrd0710Hg4aN%2BHBbcTla%2B%2Fjc8l%2FEBw6f9btUJHQLEb9HwHyATZH3VmUbOLk8"}],"group":"cf-nel","max_age":604800} Content-Type image/webp Access-Control-Allow-Origin * Cache-Control max-age=31536000 Accept-Ranges bytes CF-RAY 6f824fee0e7f3a3b-CDG Cf-Bgj imgq:85,h2pri
GET H/1.1	200 OK	checkout.apu Show response payment.allopass.com/buy/	11 KB 4 KB	452ms 304ms	Script text/html	185.119.26.1 WEBDEVIIN-AS
General Check archive.org Show headers Download Go to Full URL https://payment.allopass.com/buy/checkout.apu?ids=351148&idd=1534923&lang=fr Requested by Host: lequintespecial.onlc.fr URL: http://lequintespecial.onlc.fr/ Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_256_GCM Server 185.119.26.1 , France, ASN203544 (WEBDEVIIN-AS, FR), Reverse DNS 1.26.119.185.in-addr.arpa Software Apache / Resource Hash c51a5bd5b2811c7aecee7060b2736687907fc3d5ee35e936d3de2659e758ec9b Request headers accept-language fr-FR,fr;q=0.9 Referer http://lequintespecial.onlc.fr/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36 Response headers Pragma no-cache Date Thu, 07 Apr 2022 11:09:38 GMT Content-Encoding gzip Server Apache Vary Accept-Encoding P3P CP='NON NID OTPa OUR NOR' policy-ref='http://payment.allopass.com/info/p3p/policy-references.xml' Cache-Control no-store, no-cache, must-revalidate, post-check=0, pre-check=0 Connection close Content-Type text/html Content-Length 2961 Expires Thu, 19 Nov 1981 08:52:00 GMT
GET H/1.1	200 OK	pop.php Show response pubdirecte.com/script/	4 KB 4 KB	82ms 52ms	Script text/html	95.142.100.25 ATOM86-AS ATOM86
General Check archive.org Show headers Download Go to Full URL http://pubdirecte.com/script/pop.php?said=132123 Requested by Host: lequintespecial.onlc.fr URL: http://lequintespecial.onlc.fr/ Protocol HTTP/1.1 Server 95.142.100.25 Zwanenburg, Netherlands, ASN8455 (ATOM86-AS ATOM86, NL), Reverse DNS Software Apache / Resource Hash ff4b4fef08d0448d21123d97bc64409c005ab4951640759d53b4ea8809f85014 Request headers accept-language fr-FR,fr;q=0.9 Referer http://lequintespecial.onlc.fr/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36 Response headers Date Thu, 07 Apr 2022 11:09:33 GMT Server Apache Transfer-Encoding chunked P3P policyref="http://www.pubdirecte.com/P3P.XML",CP="NON DSP COR CURa PSA PSD OUR BUS NAV STA" Access-Control-Allow-Origin * Cache-Control max-age=0 Connection close Content-Type text/html; charset=ISO-8859-1 Expires Thu, 07 Apr 2022 11:09:33 GMT
GET H/1.1	200 OK	banniere.php Show response pubdirecte.com/script/	2 KB 2 KB	68ms 48ms	Script application/javascript	95.142.100.25 ATOM86-AS ATOM86
General Check archive.org Show headers Download Go to Full URL http://pubdirecte.com/script/banniere.php?said=132122 Requested by Host: lequintespecial.onlc.fr URL: http://lequintespecial.onlc.fr/ Protocol HTTP/1.1 Server 95.142.100.25 Zwanenburg, Netherlands, ASN8455 (ATOM86-AS ATOM86, NL), Reverse DNS Software Apache / Resource Hash 2775303d1460915b2b64110bb64aa4ec2d416ae1b10e6b2dae001e6a84cf5bbd Request headers accept-language fr-FR,fr;q=0.9 Referer http://lequintespecial.onlc.fr/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36 Response headers Pragma no-cache Date Thu, 07 Apr 2022 11:09:33 GMT Server Apache Transfer-Encoding chunked Content-Type application/javascript Access-Control-Allow-Origin * Cache-Control no-store, no-cache, must-revalidate, post-check=0, pre-check=0 Connection close Expires Sun, 01 Jan 2014 00:00:00 GMT
GET H/1.1	200 OK	logo.gif www.weekturf.com/img/	14 KB 14 KB	54ms 18ms	Image image/gif	194.150.236.236 HIWIT_AS
General Check archive.org Show headers Download Go to Show image Full URL http://www.weekturf.com/img/logo.gif Requested by Host: lequintespecial.onlc.fr URL: http://lequintespecial.onlc.fr/ Protocol HTTP/1.1 Server 194.150.236.236 , France, ASN44976 (HIWIT_AS, FR), Reverse DNS ns76.hiwit.net Software Apache / Resource Hash 6724d9ce7730f6100c1a4878eecc7726497e8ecfb1342016629c6dc143a4ed8b Request headers accept-language fr-FR,fr;q=0.9 Referer http://lequintespecial.onlc.fr/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36 Response headers Date Thu, 07 Apr 2022 11:09:38 GMT Last-Modified Wed, 06 May 2015 14:31:44 GMT Server Apache ETag "16110df-36ac-5156aa7791400" Vary Host Content-Type image/gif Connection Keep-Alive Accept-Ranges bytes Keep-Alive timeout=15, max=100 Content-Length 13996
GET H/1.1	404 Not Found	logo2.gif statsquinte.com/	0 0	288ms 138ms	Image text/html	2607:fad0:3801:4::1 LIQUIDWEB
General Check archive.org Show headers Download Go to Show image Full URL http://statsquinte.com/logo2.gif Requested by Host: lequintespecial.onlc.fr URL: http://lequintespecial.onlc.fr/ Protocol HTTP/1.1 Server 2607:fad0:3801:4::1 , United States, ASN32244 (LIQUIDWEB, US), Reverse DNS Software / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Request headers accept-language fr-FR,fr;q=0.9 Referer http://lequintespecial.onlc.fr/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36 Response headers
GET H/1.1	200 OK	bordeaux_wikipedia.jpg static.onlc.eu/designs/photos/	76 KB 77 KB	57ms 31ms	Image image/webp	2606:4700:20::681a:7a2 CLOUDFLARENET
General Check archive.org Show headers Download Go to Show image Full URL http://static.onlc.eu/designs/photos/bordeaux_wikipedia.jpg Requested by Host: lequintespecial.onlc.fr URL: http://lequintespecial.onlc.fr/ Protocol HTTP/1.1 Server 2606:4700:20::681a:7a2 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 48c1daec16901c58f33fcae43255e3fed613beb22f772e3922a5b9bd85c6a123 Request headers accept-language fr-FR,fr;q=0.9 Referer http://lequintespecial.onlc.fr/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36 Response headers Date Thu, 07 Apr 2022 11:09:38 GMT CF-Cache-Status HIT NEL {"success_fraction":0,"report_to":"cf-nel","max_age":604800} Age 5754 Cf-Polished qual=85, origFmt=jpeg, origSize=207833 Content-Disposition inline; filename="bordeaux_wikipedia.webp" Connection keep-alive alt-svc h3=":443"; ma=86400, h3-29=":443"; ma=86400 Content-Length 77778 Last-Modified Sun, 13 May 2007 22:03:30 GMT Server cloudflare ETag "1439917163" Vary Accept Report-To {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=I5n1c0U6bxrG3OrfDUOxoCZ2pTyfrYSUskSQXctTlIUL5GHw5FraMz5329XPntYSMVOCoTOgNqGDyxztZSg%2FCA2aR39CIUP%2F9DbXYzT1rD8eUGO5navFw5RPqV3FQuWgNvDavlE3h2zMLz4P"}],"group":"cf-nel","max_age":604800} Content-Type image/webp Access-Control-Allow-Origin * Cache-Control max-age=31536000 Accept-Ranges bytes CF-RAY 6f824fee0dcb9992-CDG Cf-Bgj imgq:85,h2pri
GET H2	200	gtm.js Show response www.googletagmanager.com/	99 KB 38 KB	610ms 43ms	Script application/javascript	2a00:1450:4001:810::2008 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://www.googletagmanager.com/gtm.js?id=GTM-NHFGDSD Requested by Host: payment.allopass.com URL: https://payment.allopass.com/buy/checkout.apu?ids=351148&idd=1534923&lang=fr Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:810::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software Google Tag Manager / Resource Hash 48ce9c12554feb6c93be6afe0fb667f2e71fe0beba0d7401f313f4131e5bf6da Security Headers Name Value Strict-Transport-Security max-age=31536000; includeSubDomains X-Xss-Protection 0 Request headers accept-language fr-FR,fr;q=0.9 Referer http://lequintespecial.onlc.fr/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36 Response headers date Thu, 07 Apr 2022 11:09:39 GMT content-encoding br vary Accept-Encoding cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 38722 x-xss-protection 0 last-modified Thu, 07 Apr 2022 09:00:00 GMT server Google Tag Manager strict-transport-security max-age=31536000; includeSubDomains content-type application/javascript; charset=UTF-8 access-control-allow-origin * cache-control private, max-age=900 access-control-allow-credentials true access-control-allow-headers Cache-Control expires Thu, 07 Apr 2022 11:09:39 GMT
GET H/1.1	200 OK	buy-button.css payment.allopass.com/static/css/	2 KB 830 B	56ms 20ms	Stylesheet text/css	185.119.26.1 WEBDEVIIN-AS
General Check archive.org Show headers Download Go to Full URL https://payment.allopass.com/static/css/buy-button.css?1 Requested by Host: payment.allopass.com URL: https://payment.allopass.com/buy/checkout.apu?ids=351148&idd=1534923&lang=fr Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_256_GCM Server 185.119.26.1 , France, ASN203544 (WEBDEVIIN-AS, FR), Reverse DNS 1.26.119.185.in-addr.arpa Software Apache / Resource Hash 95eb15e76b752a9c78d6281cd3b7c43a8fbc2931783edf3bf3703af55eff06e2 Request headers accept-language fr-FR,fr;q=0.9 Referer http://lequintespecial.onlc.fr/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36 Response headers Date Thu, 07 Apr 2022 11:09:39 GMT Content-Encoding gzip Last-Modified Tue, 16 Nov 2021 13:36:55 GMT Server Apache ETag "4215b-69a-5d0e804cbabc0" Vary Accept-Encoding Content-Type text/css Connection close Accept-Ranges bytes Content-Length 546
GET H/1.1	200 OK	162x56.png payment.allopass.com/static/buy/button/fr/	6 KB 6 KB	56ms 20ms	Image image/png	185.119.26.1 WEBDEVIIN-AS
General Check archive.org Show headers Download Go to Show image Full URL https://payment.allopass.com/static/buy/button/fr/162x56.png Requested by Host: lequintespecial.onlc.fr URL: http://lequintespecial.onlc.fr/ Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_256_GCM Server 185.119.26.1 , France, ASN203544 (WEBDEVIIN-AS, FR), Reverse DNS 1.26.119.185.in-addr.arpa Software Apache / Resource Hash 7dd9659e56e92abc376e04d427903b2cfca1d52d854d38e35fefa4cf9e7fd9db Request headers accept-language fr-FR,fr;q=0.9 Referer http://lequintespecial.onlc.fr/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36 Response headers Date Thu, 07 Apr 2022 11:09:39 GMT Last-Modified Tue, 16 Nov 2021 13:36:55 GMT Server Apache ETag "216d9-1688-5d0e804cbabc0" Content-Type image/png Connection close Accept-Ranges bytes Content-Length 5768
GET H/1.1	200 OK	225659_dll_468x60_orange2.png static.linkredirect.biz/b-images/	4 KB 5 KB	65ms 37ms	Image image/png	2a06:98c1:3120::7 CLOUDFLARENET
General Check archive.org Show headers Download Go to Show image Full URL http://static.linkredirect.biz/b-images/225659_dll_468x60_orange2.png Requested by Host: lequintespecial.onlc.fr URL: http://lequintespecial.onlc.fr/ Protocol HTTP/1.1 Server 2a06:98c1:3120::7 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 941dc6cc29ab5fe73bbb1ca9e602cca7f89a4d39398db0bbbd5faf4db85fac86 Request headers accept-language fr-FR,fr;q=0.9 Referer http://lequintespecial.onlc.fr/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36 Response headers Date Thu, 07 Apr 2022 11:09:39 GMT CF-Cache-Status HIT NEL {"success_fraction":0,"report_to":"cf-nel","max_age":604800} Age 177041 Connection keep-alive alt-svc h3=":443"; ma=86400, h3-29=":443"; ma=86400 Content-Length 4036 last-modified Mon, 22 Oct 2018 13:27:00 GMT Server cloudflare etag "1287192511" Vary Accept-Encoding Report-To {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=YwPNl88V7LYpwPlEBlw8zySH1z3U4ilvotKuAinYhgFY1gcCGt1X%2FHPVf9wWi3JN52QTRJrHQ2znqd1F4z8D6tJLxkOAeNEaWyd4mu1jwMuPLx8%2BdRvoM2Ardp0eXlnI1WVicrKzkAo1wus7fDGi8ETZCIsY1w%3D%3D"}],"group":"cf-nel","max_age":604800} Content-Type image/png cache-control public, max-age=259200, no-transform Accept-Ranges bytes CF-RAY 6f824ff08cac4049-CDG expires Fri, 08 Apr 2022 09:58:57 GMT
GET H2	200	analytics.js Show response www.google-analytics.com/	49 KB 20 KB	84ms 25ms	Script text/javascript	2a00:1450:4001:810::200e GOOGLE
General Check archive.org Show headers Download Go to Full URL https://www.google-analytics.com/analytics.js Requested by Host: www.googletagmanager.com URL: https://www.googletagmanager.com/gtm.js?id=GTM-NHFGDSD Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:810::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software Golfe2 / Resource Hash a1925038db769477ab74b4df34350c35688a795bb718727b0f4292a4a78a6210 Security Headers Name Value Strict-Transport-Security max-age=10886400; includeSubDomains; preload X-Content-Type-Options nosniff Request headers accept-language fr-FR,fr;q=0.9 Referer http://lequintespecial.onlc.fr/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36 Response headers strict-transport-security max-age=10886400; includeSubDomains; preload content-encoding gzip x-content-type-options nosniff last-modified Tue, 02 Nov 2021 17:39:06 GMT server Golfe2 age 5689 date Thu, 07 Apr 2022 09:34:50 GMT vary Accept-Encoding content-type text/javascript cache-control public, max-age=7200 cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 20006 expires Thu, 07 Apr 2022 11:34:50 GMT
POST H2	200	collect Show response www.google-analytics.com/j/	1 B 211 B	33ms 32ms	XHR text/plain	2a00:1450:4001:810::200e GOOGLE
General Check archive.org Show headers Download Go to Full URL https://www.google-analytics.com/j/collect?v=1&_v=j96&a=1593142004&t=pageview&_s=1&dl=http%3A%2F%2Flequintespecial.onlc.fr%2F&ul=en-us&de=UTF-8&dt=lequintespecialiste%20-%20Accueil&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=YEBAAEABAAAAAC~&jid=790408903&gjid=585617318&cid=918313300.1649329780&tid=UA-135619294-1&_gid=315277359.1649329780&_r=1&gtm=2wg3u0NHFGDSD&cd1=ALS-LIBS-CHECKOUT-15&cd2=1534923&cd3=351148&cd4=(not%20set)&cd5=classic&z=1106411734 Requested by Host: www.google-analytics.com URL: https://www.google-analytics.com/analytics.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:810::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software Golfe2 / Resource Hash 6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b Security Headers Name Value X-Content-Type-Options nosniff Request headers Referer http://lequintespecial.onlc.fr/ accept-language fr-FR,fr;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36 Content-Type text/plain Response headers pragma no-cache date Thu, 07 Apr 2022 11:09:40 GMT x-content-type-options nosniff last-modified Sun, 17 May 1998 03:00:00 GMT server Golfe2 content-type text/plain access-control-allow-origin http://lequintespecial.onlc.fr cache-control no-cache, no-store, must-revalidate access-control-allow-credentials true cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 1 expires Fri, 01 Jan 1990 00:00:00 GMT

43 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

function| structuredClone object| oncontextlost object| oncontextrestored function| $ function| jQuery object| mejs function| onYouTubePlayerAPIReady function| onYouTubePlayerReady function| MediaElement function| MediaElementPlayer object| headID object| cssNode function| allopassButtons number| alreadyrunflag undefined| proto undefined| contentloadtag number| _timer object| dataLayer boolean| puShown number| PopWidth number| PopHeight number| PopFocus object| _Top function| GetWindowHeight function| GetWindowWidth function| GetWindowTop function| GetWindowLeft function| doOpen function| PubdirecteSetCook function| PubdirecteSetCookOpen function| PubdirecteGetCook function| initPu function| checkTarget function| KillSurf function| openup object| elts object| google_tag_manager object| google_tag_data string| GoogleAnalyticsObject function| ga object| gaplugins object| gaGlobal object| gaData

6 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

			Domain/Path	Expires	Name / Value
			lequintespecial.onlc.fr/	1970-01-20 02:09:25	Name: PHPSESSID Value: 2651046c7561648fc2f7298bf1bf0e7c
			payment.allopass.com/	1969-12-31 23:59:59	Name: ShopSessionId Value: 3a778062-abac-4acd-b396-de17be3b6a6c
			.allopass.com/	1970-01-20 10:54:25	Name: AP_CUSK Value: 3562769347
			.onlc.fr/	1970-01-20 19:40:01	Name: _ga Value: GA1.2.918313300.1649329780
			.onlc.fr/	1970-01-20 02:10:16	Name: _gid Value: GA1.2.315277359.1649329780
			.onlc.fr/	1970-01-20 02:08:49	Name: _gat_UA-135619294-1 Value: 1

1 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
network	error	URL: http://statsquinte.com/logo2.gif Message: Failed to load resource: the server responded with a status of 404 (Not Found)

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

ajax.googleapis.com
cdnjs.cloudflare.com
lequintespecial.onlc.fr
payment.allopass.com
pubdirecte.com
static.linkredirect.biz
static.onlc.eu
statsquinte.com
www.google-analytics.com
www.googletagmanager.com
www.weekturf.com
185.119.26.1
194.150.236.236
2606:4700:20::681a:7a2
2606:4700:20::ac43:48cb
2606:4700::6811:190e
2607:fad0:3801:4::1
2a00:1450:4001:810::2008
2a00:1450:4001:810::200a
2a00:1450:4001:810::200e
2a06:98c1:3120::7
95.142.100.25
2775303d1460915b2b64110bb64aa4ec2d416ae1b10e6b2dae001e6a84cf5bbd
47b68dce8cb6805ad5b3ea4d27af92a241f4e29a5c12a274c852e4346a0500b4
48c1daec16901c58f33fcae43255e3fed613beb22f772e3922a5b9bd85c6a123
48ce9c12554feb6c93be6afe0fb667f2e71fe0beba0d7401f313f4131e5bf6da
6724d9ce7730f6100c1a4878eecc7726497e8ecfb1342016629c6dc143a4ed8b
6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b
7dd9659e56e92abc376e04d427903b2cfca1d52d854d38e35fefa4cf9e7fd9db
86be52bdb7547413cafb3ed175a806a798c65de98b40849e0b974c47d187de65
941dc6cc29ab5fe73bbb1ca9e602cca7f89a4d39398db0bbbd5faf4db85fac86
95eb15e76b752a9c78d6281cd3b7c43a8fbc2931783edf3bf3703af55eff06e2
a1925038db769477ab74b4df34350c35688a795bb718727b0f4292a4a78a6210
a3ecfe4da73d3f04f54aca493982a068a9e328942a64100bfc976cbae9cafb10
b48e8b781d0c41c52c36f918e5d36e58ca727183fef49e2c986a856b1dce63f6
c190fd4534143b46005a1fb176e61c80c6dc36b7893ba45f2d5480217dfcb8c3
c51a5bd5b2811c7aecee7060b2736687907fc3d5ee35e936d3de2659e758ec9b
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
ff4b4fef08d0448d21123d97bc64409c005ab4951640759d53b4ea8809f85014