www.turfprox.com Open in urlscan Pro
194.150.236.165 Public Scan

Go To Rescan
Add Verdict Report

URL:
https://www.turfprox.com/index.php?page_vue=pronostics_quinte_du_jour_abonnes
Submission: On July 16 via manual (July 16th 2022, 6:13:15 pm UTC) from CI — Scanned from FR

Summary HTTP 15 Redirects Links 4 Behaviour Indicators

Summary

This website contacted 4 IPs in 2 countries across 7 domains to perform 15 HTTP transactions. The main IP is 194.150.236.165, located in France and belongs to HIWIT_AS, FR. The main domain is www.turfprox.com.
TLS certificate: Issued by R3 on June 6th 2022. Valid for: 3 months.

This is the only time www.turfprox.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
1 11	194.150.236.165 194.150.236.165	44976 (HIWIT_AS) (HIWIT_AS)
1	173.225.100.28 173.225.100.28	19318 (IS-AS-1) (IS-AS-1)
1 1	2606:4700:303... 2606:4700:3038::6815:ea1b	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	194.150.236.179 194.150.236.179	44976 (HIWIT_AS) (HIWIT_AS)
15	4

11 194.150.236.165 (France) 1 redirects

ASN44976 (HIWIT_AS, FR)
PTR: ns5.hiwit.net

www.turfprox.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
turfgeny.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
www.turfgeny.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 173.225.100.28 (United States)

ASN19318 (IS-AS-1, US)

turfvictoire.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700:3038::6815:ea1b (United States) 1 redirects

ASN13335 (CLOUDFLARENET, US)

img.root-top.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 194.150.236.179 (France)

ASN44976 (HIWIT_AS, FR)
PTR: ns19.hiwit.net

www.pronostar.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
9	turfprox.com www.turfprox.com	209 KB
2	turfgeny.com 1 redirects turfgeny.com www.turfgeny.com	10 KB
1	pronostar.net www.pronostar.net	12 KB
1	root-top.com 1 redirects img.root-top.com	569 B
1	turfvictoire.com turfvictoire.com	408 KB
0	ovnet.fr Failed www.ovnet.fr Failed
0	gambling-affiliation.com Failed www.gambling-affiliation.com Failed
15	7

	Domain	Requested by
9	www.turfprox.com	www.turfprox.com
1	www.pronostar.net	www.turfprox.com
1	www.turfgeny.com	www.turfprox.com
1	turfgeny.com	1 redirects
1	img.root-top.com	1 redirects
1	turfvictoire.com	www.turfprox.com
0	www.ovnet.fr Failed	www.turfprox.com
0	www.gambling-affiliation.com Failed	www.turfprox.com
15	8

This site contains links to these domains. Also see Links.

Domain
turfvictoire.com
www.root-top.com
www.turfgeny.com
www.pronostar.net

Subject Issuer	Validity	Valid
turfprox.com R3	`2022-06-06` - `2022-09-04`	3 months	crt.sh
turfvictoire.com cPanel, Inc. Certification Authority	`2022-05-20` - `2022-08-18`	3 months	crt.sh
pronostar.net R3	`2022-06-09` - `2022-09-07`	3 months	crt.sh

This page contains 1 frames:

Primary Page: https://www.turfprox.com/index.php?page_vue=pronostics_quinte_du_jour_abonnes
Frame ID: 8AAA4CB94039C6ACA2FFF685106C4AC4
Requests: 15 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

TURFPRO - Le professionnel de l'hippiquepronosticspronostics

Detected technologies

PHP (Programming Languages) Expand

Overall confidence: 100%
Detected patterns

\.php(?:$|\?)

Page Statistics

15
Requests

67 %
HTTPS

25 %
IPv6

7
Domains

8
Subdomains

4
IPs

2
Countries

639 kB
Transfer

634 kB
Size

1
Cookies

4 Outgoing links

These are links going to different origins than the main page.

URL: http://turfvictoire.com/index.php?in=19

Search URL Search Domain Scan URL

URL: http://www.root-top.com/topsite/topsorturf/in.php?ID=9

Search URL Search Domain Scan URL

URL: http://www.turfgeny.com/vote.php?id=2

Search URL Search Domain Scan URL

URL: http://www.pronostar.net/vote.php?id=6

Search URL Search Domain Scan URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 3

https://img.root-top.com/topsite/topsorturf/banner.gif HTTP 302
https://www.turfprox.com/img/topgagnant.gif

Request Chain 4

https://turfgeny.com/img/logo.gif HTTP 301
https://www.turfgeny.com/img/logo.gif

15 HTTP transactions
0 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H/1.1 200
OK Primary Request index.php Show response
www.turfprox.com/ 14 KB
15 KB 233ms
128ms Document
text/html 194.150.236.165
HIWIT_AS

General

Check archive.org

Show headers Download Go to

Full URL

https://www.turfprox.com/index.php?page_vue=pronostics_quinte_du_jour_abonnes

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

194.150.236.165 , France, ASN44976 (HIWIT_AS, FR),

Reverse DNS

ns5.hiwit.net

Software

Apache /

Resource Hash

43ea0e940c8cbeebc829815cc76ac2bc77d717f972dc1646fef08a9605a3a0e7

Security Headers

Name	Value
Strict-Transport-Security	max-age=15768000

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36
accept-language: fr-FR,fr;q=0.9

Response headers

Cache-Control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
Connection: Keep-Alive
Content-Type: text/html
Date: Sat, 16 Jul 2022 18:13:10 GMT
Expires: Thu, 19 Nov 1981 08:52:00 GMT
Keep-Alive: timeout=15, max=100
Pragma: no-cache
Server: Apache
Strict-Transport-Security: max-age=15768000
Transfer-Encoding: chunked
Vary: Host

GET
H/1.1 200
OK verification_formulaire.js Show response
www.turfprox.com/ 6 KB
7 KB 32ms
23ms Script
application/javascript 194.150.236.165
HIWIT_AS

General

Check archive.org

Show headers Download Go to

Full URL

https://www.turfprox.com/verification_formulaire.js

Requested by

Host: www.turfprox.com
URL: https://www.turfprox.com/index.php?page_vue=pronostics_quinte_du_jour_abonnes

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

194.150.236.165 , France, ASN44976 (HIWIT_AS, FR),

Reverse DNS

ns5.hiwit.net

Software

Apache /

Resource Hash

940d14446abf52d855c37f9922482f81e972675c254aefe36d9770fb0b8f1bc5

Security Headers

Name	Value
Strict-Transport-Security	max-age=15768000

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://www.turfprox.com/index.php?page_vue=pronostics_quinte_du_jour_abonnes
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

Date: Sat, 16 Jul 2022 18:13:11 GMT
Last-Modified: Tue, 13 Oct 2015 19:22:08 GMT
Server: Apache
ETag: "e7836f-19e1-522015ca23800"
Vary: Host
Content-Type: application/javascript
Connection: Keep-Alive
Strict-Transport-Security: max-age=15768000
Accept-Ranges: bytes
Keep-Alive: timeout=15, max=99
Content-Length: 6625

GET
H/1.1 200
OK entete.jpg
www.turfprox.com/img/ 32 KB
32 KB 55ms
23ms Image
image/jpeg 194.150.236.165
HIWIT_AS

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.turfprox.com/img/entete.jpg

Requested by

Host: www.turfprox.com
URL: https://www.turfprox.com/index.php?page_vue=pronostics_quinte_du_jour_abonnes

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

194.150.236.165 , France, ASN44976 (HIWIT_AS, FR),

Reverse DNS

ns5.hiwit.net

Software

Apache /

Resource Hash

151b9107a6dbb6ded49a55f7f694c38e55a7246e2e2e5e25c061af888e0a86ea

Security Headers

Name	Value
Strict-Transport-Security	max-age=15768000

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://www.turfprox.com/index.php?page_vue=pronostics_quinte_du_jour_abonnes
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

Date: Sat, 16 Jul 2022 18:13:11 GMT
Last-Modified: Tue, 13 Oct 2015 19:23:27 GMT
Server: Apache
ETag: "e783a5-807d-522016157a9c0"
Vary: Host
Content-Type: image/jpeg
Connection: Keep-Alive
Strict-Transport-Security: max-age=15768000
Accept-Ranges: bytes
Keep-Alive: timeout=15, max=98
Content-Length: 32893

GET
H2 200 logo2.gif
turfvictoire.com/lien/ 407 KB
408 KB 473ms
184ms Image
image/gif 173.225.100.28
IS-AS-1

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://turfvictoire.com/lien/logo2.gif
Requested by: Host: www.turfprox.com
URL: https://www.turfprox.com/index.php?page_vue=pronostics_quinte_du_jour_abonnes
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 173.225.100.28 , United States, ASN19318 (IS-AS-1, US),
Reverse DNS
Software: LiteSpeed /
Resource Hash: aed0c8666e5c0a1f69060a3275ccd4eb32fcf3bb0e7d254ebe3266262a60b57b

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://www.turfprox.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Sat, 16 Jul 2022 18:13:11 GMT
last-modified: Mon, 04 Oct 2021 14:14:45 GMT
server: LiteSpeed
content-type: image/gif
cache-control: public, max-age=604800
accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000, h3-29=":443"; ma=2592000, h3-Q050=":443"; ma=2592000, h3-Q046=":443"; ma=2592000, h3-Q043=":443"; ma=2592000, quic=":443"; ma=2592000; v="43,46"
content-length: 417279
expires: Sat, 23 Jul 2022 18:13:11 GMT

GET
H/1.1

200
OK

topgagnant.gif
www.turfprox.com/img/
Redirect Chain

https://img.root-top.com/topsite/topsorturf/banner.gif
https://www.turfprox.com/img/topgagnant.gif

21 KB
22 KB

24ms
23ms

Image
image/gif

194.150.236.165
HIWIT_AS

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.turfprox.com/img/topgagnant.gif

Requested by

Host: www.turfprox.com
URL: https://www.turfprox.com/index.php?page_vue=pronostics_quinte_du_jour_abonnes

Protocol

HTTP/1.1

Server

194.150.236.165 , France, ASN44976 (HIWIT_AS, FR),

Reverse DNS

ns5.hiwit.net

Software

Apache /

Resource Hash

8339a530df38805ff92d2d53161d9f8ced0d376e1756984e0ff3d313f7607bbd

Security Headers

Name	Value
Strict-Transport-Security	max-age=15768000

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://www.turfprox.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

Date: Sat, 16 Jul 2022 18:13:11 GMT
Last-Modified: Fri, 24 Sep 2021 17:42:27 GMT
Server: Apache
ETag: "19146b1-5560-5ccc1454d46c0"
Vary: Host
Content-Type: image/gif
Connection: Keep-Alive
Strict-Transport-Security: max-age=15768000
Accept-Ranges: bytes
Keep-Alive: timeout=15, max=98
Content-Length: 21856

Redirect headers

date: Sat, 16 Jul 2022 18:13:11 GMT
cf-cache-status: BYPASS
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Zww9%2BXL0e%2Fk%2B9uBm4%2Bq2kXtDhBF4vyZ8gG9Gc6CCN7flOq87ncWd%2F0HUvTUR9dLHJFho5xW12fhmZbJHT9zmHxtYo0XGohrvhyQM3L%2FSvZc8IsfdK2pYEI8oBaMAzWN%2FBv1WmMtElIfqRPMWZYMS"}],"group":"cf-nel","max_age":604800}
content-type: text/html; charset=iso-8859-1
location: https://www.turfprox.com/img/topgagnant.gif
cf-ray: 72bcb5d93e48b963-AMS
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400

GET
H/1.1

200
OK

logo.gif
www.turfgeny.com/img/
Redirect Chain

https://turfgeny.com/img/logo.gif
https://www.turfgeny.com/img/logo.gif

9 KB
9 KB

134ms
23ms

Image
image/gif

194.150.236.165
HIWIT_AS

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.turfgeny.com/img/logo.gif

Requested by

Host: www.turfprox.com
URL: https://www.turfprox.com/index.php?page_vue=pronostics_quinte_du_jour_abonnes

Protocol

HTTP/1.1

Server

194.150.236.165 , France, ASN44976 (HIWIT_AS, FR),

Reverse DNS

ns5.hiwit.net

Software

Apache /

Resource Hash

d5127e3bfb1b69e0213ad5552051e6687d4d8a452669e4a5c69899e9b4ff2378

Security Headers

Name	Value
Strict-Transport-Security	max-age=15768000

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://www.turfprox.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

Date: Sat, 16 Jul 2022 18:13:11 GMT
Last-Modified: Tue, 13 Oct 2015 18:57:43 GMT
Server: Apache
ETag: "e77fd7-2458-52201055017c0"
Vary: Host
Content-Type: image/gif
Connection: Keep-Alive
Strict-Transport-Security: max-age=15768000
Accept-Ranges: bytes
Keep-Alive: timeout=15, max=100
Content-Length: 9304

Redirect headers

Date: Sat, 16 Jul 2022 18:13:11 GMT
Server: Apache
Strict-Transport-Security: max-age=15768000
Content-Type: text/html; charset=iso-8859-1
Location: https://www.turfgeny.com/img/logo.gif
Connection: Keep-Alive
Keep-Alive: timeout=15, max=100
Content-Length: 245

GET
H/1.1 200
OK logo.gif
www.pronostar.net/ 12 KB
12 KB 113ms
23ms Image
image/gif 194.150.236.179
HIWIT_AS

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.pronostar.net/logo.gif

Requested by

Host: www.turfprox.com
URL: https://www.turfprox.com/index.php?page_vue=pronostics_quinte_du_jour_abonnes

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

194.150.236.179 , France, ASN44976 (HIWIT_AS, FR),

Reverse DNS

ns19.hiwit.net

Software

Apache /

Resource Hash

9207d6d5b64eacd523ec2cd4ac6b5aaa5965f54f458d0848b0e7c3ce445ec088

Security Headers

Name	Value
Strict-Transport-Security	max-age=15768000

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://www.turfprox.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

Date: Sat, 16 Jul 2022 18:13:11 GMT
Last-Modified: Wed, 19 Oct 2016 07:08:04 GMT
Server: Apache
ETag: "1629685-3094-53f32785f9d00"
Vary: Host
Content-Type: image/gif
Connection: Keep-Alive
Strict-Transport-Security: max-age=15768000
Accept-Ranges: bytes
Keep-Alive: timeout=15, max=100
Content-Length: 12436

GET v=zl9TVO1Xg86PbjowRxuW23Gu4Qp4z4gkjbTC65idhC-TcFkPdvxq1khNYTlTjOarplB.gIs6t-YhKW9CW3lzjw__&s=
www.gambling-affiliation.com/cpm/ 0
0

GET
H/1.1 200
OK arplan2.jpg
www.turfprox.com/img/ 29 KB
29 KB 24ms
23ms Image
image/jpeg 194.150.236.165
HIWIT_AS

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.turfprox.com/img/arplan2.jpg

Requested by

Host: www.turfprox.com
URL: https://www.turfprox.com/index.php?page_vue=pronostics_quinte_du_jour_abonnes

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

194.150.236.165 , France, ASN44976 (HIWIT_AS, FR),

Reverse DNS

ns5.hiwit.net

Software

Apache /

Resource Hash

5ef47c280b022f584dae031fd8dc085a053b0ef0225d7ef4ba4ce0290c83d0ef

Security Headers

Name	Value
Strict-Transport-Security	max-age=15768000

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://www.turfprox.com/index.php?page_vue=pronostics_quinte_du_jour_abonnes
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

Date: Sat, 16 Jul 2022 18:13:11 GMT
Last-Modified: Tue, 13 Oct 2015 19:23:09 GMT
Server: Apache
ETag: "e78396-73a3-5220160450140"
Vary: Host
Content-Type: image/jpeg
Connection: Keep-Alive
Strict-Transport-Security: max-age=15768000
Accept-Ranges: bytes
Keep-Alive: timeout=15, max=100
Content-Length: 29603

GET
H/1.1 200
OK bar_menu2.png
www.turfprox.com/img/ 42 KB
42 KB 23ms
23ms Image
image/png 194.150.236.165
HIWIT_AS

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.turfprox.com/img/bar_menu2.png

Requested by

Host: www.turfprox.com
URL: https://www.turfprox.com/index.php?page_vue=pronostics_quinte_du_jour_abonnes

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

194.150.236.165 , France, ASN44976 (HIWIT_AS, FR),

Reverse DNS

ns5.hiwit.net

Software

Apache /

Resource Hash

a273c7ea2677f270f6639b4a8f92248a2df5277ae71c90ca85dc2bc9cdc7c064

Security Headers

Name	Value
Strict-Transport-Security	max-age=15768000

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://www.turfprox.com/index.php?page_vue=pronostics_quinte_du_jour_abonnes
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

Date: Sat, 16 Jul 2022 18:13:11 GMT
Last-Modified: Tue, 13 Oct 2015 19:23:12 GMT
Server: Apache
ETag: "e78399-a667-522016072c800"
Vary: Host
Content-Type: image/png
Connection: Keep-Alive
Strict-Transport-Security: max-age=15768000
Accept-Ranges: bytes
Keep-Alive: timeout=15, max=100
Content-Length: 42599

GET
H/1.1 200
OK arpid.png
www.turfprox.com/img/ 36 KB
36 KB 52ms
23ms Image
image/png 194.150.236.165
HIWIT_AS

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.turfprox.com/img/arpid.png

Requested by

Host: www.turfprox.com
URL: https://www.turfprox.com/index.php?page_vue=pronostics_quinte_du_jour_abonnes

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

194.150.236.165 , France, ASN44976 (HIWIT_AS, FR),

Reverse DNS

ns5.hiwit.net

Software

Apache /

Resource Hash

c517617128ea864559e7480b40897f890a6175d6dbc358f66ad0c932bd98e608

Security Headers

Name	Value
Strict-Transport-Security	max-age=15768000

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://www.turfprox.com/index.php?page_vue=pronostics_quinte_du_jour_abonnes
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

Date: Sat, 16 Jul 2022 18:13:11 GMT
Last-Modified: Tue, 13 Oct 2015 19:23:08 GMT
Server: Apache
ETag: "e78395-8fae-522016035bf00"
Vary: Host
Content-Type: image/png
Connection: Keep-Alive
Strict-Transport-Security: max-age=15768000
Accept-Ranges: bytes
Keep-Alive: timeout=15, max=97
Content-Length: 36782

GET
H/1.1 200
OK fondpage.jpg
www.turfprox.com/img/ 11 KB
12 KB 65ms
23ms Image
image/jpeg 194.150.236.165
HIWIT_AS

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.turfprox.com/img/fondpage.jpg

Requested by

Host: www.turfprox.com
URL: https://www.turfprox.com/index.php?page_vue=pronostics_quinte_du_jour_abonnes

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

194.150.236.165 , France, ASN44976 (HIWIT_AS, FR),

Reverse DNS

ns5.hiwit.net

Software

Apache /

Resource Hash

64e22acadc6a30923d154d3979e49f38862608a6b622804ee63fdd8c5e488518

Security Headers

Name	Value
Strict-Transport-Security	max-age=15768000

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://www.turfprox.com/index.php?page_vue=pronostics_quinte_du_jour_abonnes
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

Date: Sat, 16 Jul 2022 18:13:11 GMT
Last-Modified: Tue, 13 Oct 2015 19:23:35 GMT
Server: Apache
ETag: "e783a8-2d10-5220161d1bbc0"
Vary: Host
Content-Type: image/jpeg
Connection: Keep-Alive
Strict-Transport-Security: max-age=15768000
Accept-Ranges: bytes
Keep-Alive: timeout=15, max=100
Content-Length: 11536

GET
H/1.1 200
OK titre.png
www.turfprox.com/img/ 14 KB
14 KB 67ms
23ms Image
image/png 194.150.236.165
HIWIT_AS

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.turfprox.com/img/titre.png

Requested by

Host: www.turfprox.com
URL: https://www.turfprox.com/index.php?page_vue=pronostics_quinte_du_jour_abonnes

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

194.150.236.165 , France, ASN44976 (HIWIT_AS, FR),

Reverse DNS

ns5.hiwit.net

Software

Apache /

Resource Hash

95501c92cb9a8e812d3600115289b035e97113793b4b60e2f096b5115f6bbb94

Security Headers

Name	Value
Strict-Transport-Security	max-age=15768000

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://www.turfprox.com/index.php?page_vue=pronostics_quinte_du_jour_abonnes
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

Date: Sat, 16 Jul 2022 18:13:11 GMT
Last-Modified: Tue, 13 Oct 2015 19:24:01 GMT
Server: Apache
ETag: "e783ba-36d0-52201635e7640"
Vary: Host
Content-Type: image/png
Connection: Keep-Alive
Strict-Transport-Security: max-age=15768000
Accept-Ranges: bytes
Keep-Alive: timeout=15, max=99
Content-Length: 14032

GET v=0hvfr8EaW76fPeSzjdUjZJaeo5RRNrQyBk1KqR2pfFqTcFkPdvxq1khNYTlTjOarplB.gIs6t-YhKW9CW3lzjw__&s=
www.gambling-affiliation.com/cpm/ 0
0

GET /
www.ovnet.fr/cpt/ 0
0

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain: www.gambling-affiliation.com
URL: http://www.gambling-affiliation.com/cpm/v=zl9TVO1Xg86PbjowRxuW23Gu4Qp4z4gkjbTC65idhC-TcFkPdvxq1khNYTlTjOarplB.gIs6t-YhKW9CW3lzjw__&s=

Domain: www.gambling-affiliation.com
URL: http://www.gambling-affiliation.com/cpm/v=0hvfr8EaW76fPeSzjdUjZJaeo5RRNrQyBk1KqR2pfFqTcFkPdvxq1khNYTlTjOarplB.gIs6t-YhKW9CW3lzjw__&s=

Domain: www.ovnet.fr
URL: http://www.ovnet.fr/cpt/?code=3/46/11305/0/3&ID=414847624

Verdicts & Comments Add Verdict or Comment

9 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

1 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

			Domain/Path	Expires	Name / Value
			www.turfprox.com/	1969-12-31 23:59:59	Name: PHPSESSID Value: b294878fb2ad4ac40805687f442ad9fe

9 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
security	warning	URL: https://www.turfprox.com/index.php?page_vue=pronostics_quinte_du_jour_abonnes Message: Mixed Content: The page at 'https://www.turfprox.com/index.php?page_vue=pronostics_quinte_du_jour_abonnes' was loaded over HTTPS, but requested an insecure element 'http://turfvictoire.com/lien/logo2.gif'. This request was automatically upgraded to HTTPS, For more information see https://blog.chromium.org/2019/10/no-more-mixed-messages-about-https.html
security	warning	URL: https://www.turfprox.com/index.php?page_vue=pronostics_quinte_du_jour_abonnes Message: Mixed Content: The page at 'https://www.turfprox.com/index.php?page_vue=pronostics_quinte_du_jour_abonnes' was loaded over HTTPS, but requested an insecure element 'http://turfgeny.com/img/logo.gif'. This request was automatically upgraded to HTTPS, For more information see https://blog.chromium.org/2019/10/no-more-mixed-messages-about-https.html
security	warning	URL: https://www.turfprox.com/index.php?page_vue=pronostics_quinte_du_jour_abonnes Message: Mixed Content: The page at 'https://www.turfprox.com/index.php?page_vue=pronostics_quinte_du_jour_abonnes' was loaded over HTTPS, but requested an insecure element 'http://www.pronostar.net/logo.gif'. This request was automatically upgraded to HTTPS, For more information see https://blog.chromium.org/2019/10/no-more-mixed-messages-about-https.html
security	error	URL: https://www.turfprox.com/index.php?page_vue=pronostics_quinte_du_jour_abonnes Message: Mixed Content: The page at 'https://www.turfprox.com/index.php?page_vue=pronostics_quinte_du_jour_abonnes' was loaded over HTTPS, but requested an insecure script 'http://www.gambling-affiliation.com/cpm/v=zl9TVO1Xg86PbjowRxuW23Gu4Qp4z4gkjbTC65idhC-TcFkPdvxq1khNYTlTjOarplB.gIs6t-YhKW9CW3lzjw__&s='. This request has been blocked; the content must be served over HTTPS.
security	error	URL: https://www.turfprox.com/index.php?page_vue=pronostics_quinte_du_jour_abonnes Message: Mixed Content: The page at 'https://www.turfprox.com/index.php?page_vue=pronostics_quinte_du_jour_abonnes' was loaded over HTTPS, but requested an insecure script 'http://www.gambling-affiliation.com/cpm/v=0hvfr8EaW76fPeSzjdUjZJaeo5RRNrQyBk1KqR2pfFqTcFkPdvxq1khNYTlTjOarplB.gIs6t-YhKW9CW3lzjw__&s='. This request has been blocked; the content must be served over HTTPS.
security	warning	URL: https://www.turfprox.com/index.php?page_vue=pronostics_quinte_du_jour_abonnes(Line 366) Message: Mixed Content: The page at 'https://www.turfprox.com/index.php?page_vue=pronostics_quinte_du_jour_abonnes' was loaded over HTTPS, but requested an insecure element 'http://turfvictoire.com/lien/logo2.gif'. This request was automatically upgraded to HTTPS, For more information see https://blog.chromium.org/2019/10/no-more-mixed-messages-about-https.html
security	warning	URL: https://www.turfprox.com/index.php?page_vue=pronostics_quinte_du_jour_abonnes(Line 366) Message: Mixed Content: The page at 'https://www.turfprox.com/index.php?page_vue=pronostics_quinte_du_jour_abonnes' was loaded over HTTPS, but requested an insecure element 'http://turfgeny.com/img/logo.gif'. This request was automatically upgraded to HTTPS, For more information see https://blog.chromium.org/2019/10/no-more-mixed-messages-about-https.html
security	warning	URL: https://www.turfprox.com/index.php?page_vue=pronostics_quinte_du_jour_abonnes(Line 366) Message: Mixed Content: The page at 'https://www.turfprox.com/index.php?page_vue=pronostics_quinte_du_jour_abonnes' was loaded over HTTPS, but requested an insecure element 'http://www.pronostar.net/logo.gif'. This request was automatically upgraded to HTTPS, For more information see https://blog.chromium.org/2019/10/no-more-mixed-messages-about-https.html
security	error	URL: https://www.turfprox.com/index.php?page_vue=pronostics_quinte_du_jour_abonnes Message: Mixed Content: The page at 'https://www.turfprox.com/index.php?page_vue=pronostics_quinte_du_jour_abonnes' was loaded over HTTPS, but requested an insecure script 'http://www.ovnet.fr/cpt/?code=3/46/11305/0/3&ID=414847624'. This request has been blocked; the content must be served over HTTPS.

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header	Value
Strict-Transport-Security	max-age=15768000

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

img.root-top.com
turfgeny.com
turfvictoire.com
www.gambling-affiliation.com
www.ovnet.fr
www.pronostar.net
www.turfgeny.com
www.turfprox.com
www.gambling-affiliation.com
www.ovnet.fr
173.225.100.28
194.150.236.165
194.150.236.179
2606:4700:3038::6815:ea1b
151b9107a6dbb6ded49a55f7f694c38e55a7246e2e2e5e25c061af888e0a86ea
43ea0e940c8cbeebc829815cc76ac2bc77d717f972dc1646fef08a9605a3a0e7
5ef47c280b022f584dae031fd8dc085a053b0ef0225d7ef4ba4ce0290c83d0ef
64e22acadc6a30923d154d3979e49f38862608a6b622804ee63fdd8c5e488518
8339a530df38805ff92d2d53161d9f8ced0d376e1756984e0ff3d313f7607bbd
9207d6d5b64eacd523ec2cd4ac6b5aaa5965f54f458d0848b0e7c3ce445ec088
940d14446abf52d855c37f9922482f81e972675c254aefe36d9770fb0b8f1bc5
95501c92cb9a8e812d3600115289b035e97113793b4b60e2f096b5115f6bbb94
a273c7ea2677f270f6639b4a8f92248a2df5277ae71c90ca85dc2bc9cdc7c064
aed0c8666e5c0a1f69060a3275ccd4eb32fcf3bb0e7d254ebe3266262a60b57b
c517617128ea864559e7480b40897f890a6175d6dbc358f66ad0c932bd98e608
d5127e3bfb1b69e0213ad5552051e6687d4d8a452669e4a5c69899e9b4ff2378

www.turfprox.com Open in urlscan Pro 194.150.236.165 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Detected technologies

Page Statistics

15 Requests

67 %HTTPS

25 %IPv6

7 Domains

8 Subdomains

4 IPs

2 Countries

639 kBTransfer

634 kBSize

1 Cookies

4 Outgoing links

Redirected requests

15 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 0 data transactions

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Failed requests

Verdicts & Comments Add Verdict or Comment

9 JavaScript Global Variables

1 Cookies

9 Console Messages

Security Headers

Indicators

www.turfprox.com Open in urlscan Pro
194.150.236.165 Public Scan

Screenshot
Live screenshot

Full Image

15
Requests

67 %
HTTPS

25 %
IPv6

7
Domains

8
Subdomains

4
IPs

2
Countries

639 kB
Transfer

634 kB
Size

1
Cookies

15 HTTP transactions
0 data transactions