urlscan.io logo urlscan.io
SecurityTrails logo

www.bazireturf.com Open in urlscan Pro
194.150.236.179  Public Scan

Go To Rescan Add Verdict Report
URL: https://www.bazireturf.com/turf/victoireturf/
Submission: On May 29 via manual from MA — Scanned from FR
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 6 IPs in 3 countries across 8 domains to perform 19 HTTP transactions. The main IP is 194.150.236.179, located in France and belongs to HIWIT_AS, FR. The main domain is www.bazireturf.com.
TLS certificate: Issued by R3 on April 1st 2024. Valid for: 3 months.
This is the only time www.bazireturf.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
8 194.150.236.179 44976 (HIWIT_AS)
1 194.150.236.236 44976 (HIWIT_AS)
4 185.119.26.1 203544 (WEBDEVIIN-AS)
2 2a00:1450:400... 15169 (GOOGLE)
1 2001:4860:480... 15169 (GOOGLE)
19 6
8    194.150.236.179 (France)

ASN44976 (HIWIT_AS, FR)
PTR: ns19.hiwit.net
www.bazireturf.com
1    194.150.236.236 (France)

ASN44976 (HIWIT_AS, FR)
PTR: ns76.hiwit.net
www.tresorturf.com
4    185.119.26.1 (France)

ASN203544 (WEBDEVIIN-AS, FR)
PTR: 1.26.119.185.in-addr.arpa
payment.allopass.com
2    2a00:1450:4001:81d::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.googletagmanager.com
1    2001:4860:4802:34::36 (United States)

ASN15169 (GOOGLE, US)
region1.google-analytics.com
Domain Requested by
8 www.bazireturf.com www.bazireturf.com
4 payment.allopass.com www.bazireturf.com
payment.allopass.com
2 www.googletagmanager.com payment.allopass.com
www.googletagmanager.com
1 region1.google-analytics.com www.googletagmanager.com
1 www.tresorturf.com www.bazireturf.com
0 www.gambling-affiliation.com Failed www.bazireturf.com
0 jmbazire.genhit.com Failed www.bazireturf.com
0 www.duvaldestin.com Failed www.bazireturf.com
19 8

This site contains links to these domains. Also see Links.

Domain
www.duvaldestin.com
www.tresorturf.com
jmbazire.genhit.com
payment.allopass.com
Subject Issuer Validity Valid
bazireturf.com
R3		 2024-04-01 -
2024-06-30		 3 months crt.sh
tresorturf.com
R3		 2024-04-21 -
2024-07-20		 3 months crt.sh
*.allopass.com
Sectigo RSA Domain Validation Secure Server CA		 2023-10-06 -
2024-10-07		 a year crt.sh
*.google-analytics.com
WR2		 2024-05-13 -
2024-08-05		 3 months crt.sh

This page contains 1 frames:

Primary Page: https://www.bazireturf.com/turf/victoireturf/
Frame ID: 76F6D37973E43D8CCB571405E309FABC
Requests: 19 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page Title

VICTOIRE TURF

Detected technologies

Overall confidence: 100%
Detected patterns
Overall confidence: 100%
Detected patterns
  • googletagmanager\.com/gtm\.js

Page Statistics

19
Requests

84 %
HTTPS

40 %
IPv6

8
Domains

8
Subdomains

6
IPs

3
Countries

427 kB
Transfer

762 kB
Size

5
Cookies

Redirected requests

There were HTTP redirect chains for the following requests:

19 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Primary Request /
www.bazireturf.com/turf/victoireturf/ 		13 KB
14 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://www.bazireturf.com/turf/victoireturf/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
194.150.236.179 , France, ASN44976 (HIWIT_AS, FR),
Reverse DNS
ns19.hiwit.net
Software
Apache /
Resource Hash
bb2896311890073a9e2d87e6c567d1341e13e287a522c88e0846bd2e940adea4
Security Headers
Name Value
Strict-Transport-Security max-age=15768000

Request headers

Accept-Language
fr-FR,fr;q=0.9;q=0.9
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
sec-ch-ua-mobile
?0
sec-ch-ua-platform
"Win32"

Response headers

Cache-Control
no-store, no-cache, must-revalidate, post-check=0, pre-check=0
Connection
Keep-Alive
Content-Type
text/html
Date
Wed, 29 May 2024 16:41:19 GMT
Expires
Thu, 19 Nov 1981 08:52:00 GMT
Keep-Alive
timeout=15, max=100
Pragma
no-cache
Server
Apache
Strict-Transport-Security
max-age=15768000
Transfer-Encoding
chunked
Vary
Host
h1.png
www.bazireturf.com/turf/victoireturf/ 		27 KB
28 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.bazireturf.com/turf/victoireturf/h1.png
Requested by
Host: www.bazireturf.com
URL: https://www.bazireturf.com/turf/victoireturf/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
194.150.236.179 , France, ASN44976 (HIWIT_AS, FR),
Reverse DNS
ns19.hiwit.net
Software
Apache /
Resource Hash
31ebf9aeaedcdaec75a827066eb352390f6d78b489a47153dd53705595d484ca
Security Headers
Name Value
Strict-Transport-Security max-age=15768000

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
https://www.bazireturf.com/turf/victoireturf/
Accept-Language
fr-FR,fr;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

Date
Wed, 29 May 2024 16:41:20 GMT
Strict-Transport-Security
max-age=15768000
Last-Modified
Wed, 01 Sep 2021 11:02:12 GMT
Server
Apache
ETag
"169e2ae-6d55-5caecff8bd500"
Vary
Host
Content-Type
image/png
Connection
Keep-Alive
Accept-Ranges
bytes
Keep-Alive
timeout=15, max=99
Content-Length
27989
head.jpg
www.bazireturf.com/turf/victoireturf/ 		54 KB
55 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.bazireturf.com/turf/victoireturf/head.jpg
Requested by
Host: www.bazireturf.com
URL: https://www.bazireturf.com/turf/victoireturf/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
194.150.236.179 , France, ASN44976 (HIWIT_AS, FR),
Reverse DNS
ns19.hiwit.net
Software
Apache /
Resource Hash
49cae39b5b91b05391a99c346640060dc6db5448865ce1077e696689f3396792
Security Headers
Name Value
Strict-Transport-Security max-age=15768000

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
https://www.bazireturf.com/turf/victoireturf/
Accept-Language
fr-FR,fr;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

Date
Wed, 29 May 2024 16:41:20 GMT
Strict-Transport-Security
max-age=15768000
Last-Modified
Wed, 01 Sep 2021 11:02:13 GMT
Server
Apache
ETag
"169e2b1-d98c-5caecff9b1740"
Vary
Host
Content-Type
image/jpeg
Connection
Keep-Alive
Accept-Ranges
bytes
Keep-Alive
timeout=15, max=98
Content-Length
55692
logo.gif
www.duvaldestin.com/ 		0
0
logo.gif
www.bazireturf.com/img/ 		19 KB
19 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.bazireturf.com/img/logo.gif
Requested by
Host: www.bazireturf.com
URL: https://www.bazireturf.com/turf/victoireturf/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
194.150.236.179 , France, ASN44976 (HIWIT_AS, FR),
Reverse DNS
ns19.hiwit.net
Software
Apache /
Resource Hash
e3a0169c93ee99ee209e212f1f9b711712aa8546cd9bc4a8f4bc431df18dabde
Security Headers
Name Value
Strict-Transport-Security max-age=15768000

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
https://www.bazireturf.com/turf/victoireturf/
Accept-Language
fr-FR,fr;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

Date
Wed, 29 May 2024 16:41:20 GMT
Strict-Transport-Security
max-age=15768000
Last-Modified
Wed, 30 Nov 2016 07:10:42 GMT
Server
Apache
ETag
"169be12-4c74-5427f67204080"
Vary
Host
Content-Type
image/gif
Connection
Keep-Alive
Accept-Ranges
bytes
Keep-Alive
timeout=15, max=100
Content-Length
19572
logo.gif
www.tresorturf.com/img/ 		7 KB
8 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.tresorturf.com/img/logo.gif
Requested by
Host: www.bazireturf.com
URL: https://www.bazireturf.com/turf/victoireturf/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
194.150.236.236 , France, ASN44976 (HIWIT_AS, FR),
Reverse DNS
ns76.hiwit.net
Software
Apache /
Resource Hash
6708a8ec82fad521076f2579c9873b1335aad3bd231cdb2972ea0bfb38689d97
Security Headers
Name Value
Strict-Transport-Security max-age=15768000

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
https://www.bazireturf.com/
Accept-Language
fr-FR,fr;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

Date
Wed, 29 May 2024 16:41:20 GMT
Strict-Transport-Security
max-age=15768000
Last-Modified
Mon, 26 Jun 2023 01:03:21 GMT
Server
Apache
ETag
"2b6f1b3-1cc2-5fefdeaade840"
Vary
Host
Content-Type
image/gif
Connection
Keep-Alive
Accept-Ranges
bytes
Keep-Alive
timeout=15, max=100
Content-Length
7362
logo
jmbazire.genhit.com/ 		0
0
checkout.apu
payment.allopass.com/buy/ 		11 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://payment.allopass.com/buy/checkout.apu?ids=321952&idd=1407649&lang=fr
Requested by
Host: www.bazireturf.com
URL: https://www.bazireturf.com/turf/victoireturf/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
185.119.26.1 , France, ASN203544 (WEBDEVIIN-AS, FR),
Reverse DNS
1.26.119.185.in-addr.arpa
Software
Apache /
Resource Hash
5725ec903bd9784dda20be8167690234b4d49129ff3f6e31d90e827b36ae49bb

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
https://www.bazireturf.com/
Accept-Language
fr-FR,fr;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

Pragma
no-cache
Date
Wed, 29 May 2024 16:41:20 GMT
Content-Encoding
gzip
Server
Apache
Vary
Accept-Encoding
P3P
CP='NON NID OTPa OUR NOR' policy-ref='http://payment.allopass.com/info/p3p/policy-references.xml'
Content-Type
text/html
Cache-Control
no-store, no-cache, must-revalidate, post-check=0, pre-check=0
Connection
close
Content-Length
2963
Expires
Thu, 19 Nov 1981 08:52:00 GMT
h3.png
www.bazireturf.com/turf/victoireturf/ 		27 KB
28 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.bazireturf.com/turf/victoireturf/h3.png
Requested by
Host: www.bazireturf.com
URL: https://www.bazireturf.com/turf/victoireturf/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
194.150.236.179 , France, ASN44976 (HIWIT_AS, FR),
Reverse DNS
ns19.hiwit.net
Software
Apache /
Resource Hash
49c9f7121ee9c8b1b6e598b86ad821c2a431dec20ea2a26a51a0099e1ea7d403
Security Headers
Name Value
Strict-Transport-Security max-age=15768000

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
https://www.bazireturf.com/turf/victoireturf/
Accept-Language
fr-FR,fr;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

Date
Wed, 29 May 2024 16:41:20 GMT
Strict-Transport-Security
max-age=15768000
Last-Modified
Wed, 01 Sep 2021 11:02:13 GMT
Server
Apache
ETag
"169e2b0-6dc3-5caecff9b1740"
Vary
Host
Content-Type
image/png
Connection
Keep-Alive
Accept-Ranges
bytes
Keep-Alive
timeout=15, max=100
Content-Length
28099
h2.png
www.bazireturf.com/turf/victoireturf/ 		27 KB
27 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.bazireturf.com/turf/victoireturf/h2.png
Requested by
Host: www.bazireturf.com
URL: https://www.bazireturf.com/turf/victoireturf/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
194.150.236.179 , France, ASN44976 (HIWIT_AS, FR),
Reverse DNS
ns19.hiwit.net
Software
Apache /
Resource Hash
b00c094adf05e6690e7c9c4a5c5a0c194a2b73cd18e8fd3800acbff1d58d87f8
Security Headers
Name Value
Strict-Transport-Security max-age=15768000

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
https://www.bazireturf.com/turf/victoireturf/
Accept-Language
fr-FR,fr;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

Date
Wed, 29 May 2024 16:41:20 GMT
Strict-Transport-Security
max-age=15768000
Last-Modified
Wed, 01 Sep 2021 11:02:12 GMT
Server
Apache
ETag
"169e2af-6acd-5caecff8bd500"
Vary
Host
Content-Type
image/png
Connection
Keep-Alive
Accept-Ranges
bytes
Keep-Alive
timeout=15, max=97
Content-Length
27341
puce.png
www.bazireturf.com/turf/victoireturf/ 		33 KB
34 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.bazireturf.com/turf/victoireturf/puce.png
Requested by
Host: www.bazireturf.com
URL: https://www.bazireturf.com/turf/victoireturf/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
194.150.236.179 , France, ASN44976 (HIWIT_AS, FR),
Reverse DNS
ns19.hiwit.net
Software
Apache /
Resource Hash
864c8de2401de5d4179c83883d86996453df5bbfe3cc7263043a77e15efd7109
Security Headers
Name Value
Strict-Transport-Security max-age=15768000

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
https://www.bazireturf.com/turf/victoireturf/
Accept-Language
fr-FR,fr;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

Date
Wed, 29 May 2024 16:41:20 GMT
Strict-Transport-Security
max-age=15768000
Last-Modified
Wed, 01 Sep 2021 11:02:14 GMT
Server
Apache
ETag
"169e2b5-84d6-5caecffaa5980"
Vary
Host
Content-Type
image/png
Connection
Keep-Alive
Accept-Ranges
bytes
Keep-Alive
timeout=15, max=100
Content-Length
34006
date.png
www.bazireturf.com/turf/victoireturf/ 		33 KB
34 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.bazireturf.com/turf/victoireturf/date.png
Requested by
Host: www.bazireturf.com
URL: https://www.bazireturf.com/turf/victoireturf/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
194.150.236.179 , France, ASN44976 (HIWIT_AS, FR),
Reverse DNS
ns19.hiwit.net
Software
Apache /
Resource Hash
fc01ed57d1edc90d3c90024746ce98d16362529291a8f93ef551ae53d59bb06c
Security Headers
Name Value
Strict-Transport-Security max-age=15768000

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
https://www.bazireturf.com/turf/victoireturf/
Accept-Language
fr-FR,fr;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

Date
Wed, 29 May 2024 16:41:20 GMT
Strict-Transport-Security
max-age=15768000
Last-Modified
Wed, 01 Sep 2021 11:02:12 GMT
Server
Apache
ETag
"169e2ad-85ff-5caecff8bd500"
Vary
Host
Content-Type
image/png
Connection
Keep-Alive
Accept-Ranges
bytes
Keep-Alive
timeout=15, max=100
Content-Length
34303
gtm.js
www.googletagmanager.com/ 		182 KB
66 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtm.js?id=GTM-NVK252XV
Requested by
Host: payment.allopass.com
URL: https://payment.allopass.com/buy/checkout.apu?ids=321952&idd=1407649&lang=fr
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:81d::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
1390ff453ee0afeec6dd9beb71854537b3b3cd9f1b42c7237d7f95424b146fec
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
https://www.bazireturf.com/
Accept-Language
fr-FR,fr;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Wed, 29 May 2024 16:41:20 GMT
content-encoding
br
strict-transport-security
max-age=31536000; includeSubDomains
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
67224
x-xss-protection
0
last-modified
Wed, 29 May 2024 15:00:00 GMT
server
Google Tag Manager
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
access-control-allow-headers
Cache-Control
expires
Wed, 29 May 2024 16:41:20 GMT
buy-button.css
payment.allopass.com/static/css/ 		2 KB
830 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://payment.allopass.com/static/css/buy-button.css?1
Requested by
Host: payment.allopass.com
URL: https://payment.allopass.com/buy/checkout.apu?ids=321952&idd=1407649&lang=fr
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
185.119.26.1 , France, ASN203544 (WEBDEVIIN-AS, FR),
Reverse DNS
1.26.119.185.in-addr.arpa
Software
Apache /
Resource Hash
95eb15e76b752a9c78d6281cd3b7c43a8fbc2931783edf3bf3703af55eff06e2

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
https://www.bazireturf.com/
Accept-Language
fr-FR,fr;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

Date
Wed, 29 May 2024 16:41:20 GMT
Content-Encoding
gzip
Last-Modified
Mon, 21 Aug 2023 10:50:27 GMT
Server
Apache
ETag
"235e8-69a-6036ca56d02c0"
Vary
Accept-Encoding
Content-Type
text/css
Connection
close
Accept-Ranges
bytes
Content-Length
546
162x56.png
payment.allopass.com/static/buy/button/fr/ 		6 KB
6 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://payment.allopass.com/static/buy/button/fr/162x56.png
Requested by
Host: www.bazireturf.com
URL: https://www.bazireturf.com/turf/victoireturf/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
185.119.26.1 , France, ASN203544 (WEBDEVIIN-AS, FR),
Reverse DNS
1.26.119.185.in-addr.arpa
Software
Apache /
Resource Hash
7dd9659e56e92abc376e04d427903b2cfca1d52d854d38e35fefa4cf9e7fd9db

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
https://www.bazireturf.com/
Accept-Language
fr-FR,fr;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

Date
Wed, 29 May 2024 16:41:20 GMT
Last-Modified
Mon, 21 Aug 2023 10:50:27 GMT
Server
Apache
ETag
"215ee-1688-6036ca56d02c0"
Content-Type
image/png
Connection
close
Accept-Ranges
bytes
Content-Length
5768
v=2XpOgQhHyD2kUb3iTi6.4ZuSowGhDeeywC6TRWnXlH-yGy88.tSXpu-7IufP2hxImxLWo8Ujm4EP.-9CPIbtBw__&s=
www.gambling-affiliation.com/cpm/ 		0
0
bt_ok.gif
payment.allopass.com/imgweb/common/ 		753 B
991 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://payment.allopass.com/imgweb/common/bt_ok.gif
Requested by
Host: www.bazireturf.com
URL: https://www.bazireturf.com/turf/victoireturf/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
185.119.26.1 , France, ASN203544 (WEBDEVIIN-AS, FR),
Reverse DNS
1.26.119.185.in-addr.arpa
Software
Apache /
Resource Hash
d1d6b5efe0d6c2540778435a8f7873cbec1eb76a2b107370388a8806cb5dda6a

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
https://www.bazireturf.com/
Accept-Language
fr-FR,fr;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

Date
Wed, 29 May 2024 16:41:20 GMT
Last-Modified
Tue, 26 Nov 2019 14:39:46 GMT
Server
Apache
ETag
"22a09-2f1-59840d9fb3080"
Content-Type
image/gif
Connection
close
Accept-Ranges
bytes
Content-Length
753
destination
www.googletagmanager.com/gtag/ 		319 KB
104 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtag/destination?id=G-QG320G96PZ&l=dataLayer&cx=c
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-NVK252XV
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:81d::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
b9f1f178352e9b23dabad7ad3bb715fa65e3078985a5b3e84e5a5db06bac2eee
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
https://www.bazireturf.com/
Accept-Language
fr-FR,fr;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Wed, 29 May 2024 16:41:20 GMT
content-encoding
br
strict-transport-security
max-age=31536000; includeSubDomains
server
Google Tag Manager
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
access-control-allow-headers
Cache-Control
content-length
106596
x-xss-protection
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires
Wed, 29 May 2024 16:41:20 GMT
collect
region1.google-analytics.com/g/ 		0
256 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://region1.google-analytics.com/g/collect?v=2&tid=G-QG320G96PZ&gtm=45je45m0v9166788369z89166799165za200zb9166799165&_p=1717000880331&gcd=13l3lPl2l1&npa=1&dma_cps=sypham&dma=1&cid=1271618371.1717000881&ul=fr-fr&sr=1600x1200&uaa=x86&uab=64&uafvl=Google%2520Chrome%3B125.0.6422.112%7CChromium%3B125.0.6422.112%7CNot.A%252FBrand%3B24.0.0.0&uamb=0&uam=&uap=Win32&uapv=10.0.0&uaw=0&are=1&frm=0&pscdl=noapi&_s=1&sid=1717000880&sct=1&seg=0&dl=https%3A%2F%2Fwww.bazireturf.com%2Fturf%2Fvictoireturf%2F&dt=VICTOIRE%20TURF&en=CAROUSEL_&_fv=1&_nsi=1&_ss=1&tfd=1173
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/destination?id=G-QG320G96PZ&l=dataLayer&cx=c
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2001:4860:4802:34::36 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
https://www.bazireturf.com/
Accept-Language
fr-FR,fr;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

pragma
no-cache
date
Wed, 29 May 2024 16:41:20 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://www.bazireturf.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain
www.duvaldestin.com
URL
https://www.duvaldestin.com/logo.gif
Domain
jmbazire.genhit.com
URL
https://jmbazire.genhit.com/logo
Domain
www.gambling-affiliation.com
URL
http://www.gambling-affiliation.com/cpm/v=2XpOgQhHyD2kUb3iTi6.4ZuSowGhDeeywC6TRWnXlH-yGy88.tSXpu-7IufP2hxImxLWo8Ujm4EP.-9CPIbtBw__&s=

Verdicts & Comments Add Verdict or Comment

13 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| headID object| cssNode function| allopassButtons number| alreadyrunflag undefined| proto undefined| contentloadtag number| _timer object| dataLayer object| elts object| google_tag_manager object| google_tag_data function| onYouTubeIframeAPIReady object| gaGlobal

5 Cookies

Domain/Path Name / Value
www.bazireturf.com/ Name: PHPSESSID
Value: f910b80edb6542a4ac484a5e455dcd50
payment.allopass.com/ Name: ShopSessionId
Value: b8b0f082-3b8b-4c83-a10a-0660cfa9d3f7
.allopass.com/ Name: AP_CUSK
Value: 3653230016
.bazireturf.com/ Name: _ga_QG320G96PZ
Value: GS1.1.1717000880.1.0.1717000880.0.0.0
.bazireturf.com/ Name: _ga
Value: GA1.1.1271618371.1717000881

27 Console Messages

Source Level URL
Text
security warning URL: https://www.bazireturf.com/turf/victoireturf/
Message:
Mixed Content: The page at 'https://www.bazireturf.com/turf/victoireturf/' was loaded over HTTPS, but requested an insecure element 'http://www.duvaldestin.com/logo.gif'. This request was automatically upgraded to HTTPS, For more information see https://blog.chromium.org/2019/10/no-more-mixed-messages-about-https.html
security warning URL: https://www.bazireturf.com/turf/victoireturf/
Message:
Mixed Content: The page at 'https://www.bazireturf.com/turf/victoireturf/' was loaded over HTTPS, but requested an insecure element 'http://www.bazireturf.com/img/logo.gif'. This request was automatically upgraded to HTTPS, For more information see https://blog.chromium.org/2019/10/no-more-mixed-messages-about-https.html
security warning URL: https://www.bazireturf.com/turf/victoireturf/
Message:
Mixed Content: The page at 'https://www.bazireturf.com/turf/victoireturf/' was loaded over HTTPS, but requested an insecure element 'http://www.tresorturf.com/img/logo.gif'. This request was automatically upgraded to HTTPS, For more information see https://blog.chromium.org/2019/10/no-more-mixed-messages-about-https.html
security warning URL: https://www.bazireturf.com/turf/victoireturf/
Message:
Mixed Content: The page at 'https://www.bazireturf.com/turf/victoireturf/' was loaded over HTTPS, but requested an insecure element 'http://jmbazire.genhit.com/logo'. This request was automatically upgraded to HTTPS, For more information see https://blog.chromium.org/2019/10/no-more-mixed-messages-about-https.html
security warning URL: https://www.bazireturf.com/turf/victoireturf/
Message:
Mixed Content: The page at 'https://www.bazireturf.com/turf/victoireturf/' was loaded over HTTPS, but requested an insecure element 'http://www.duvaldestin.com/logo.gif'. This request was automatically upgraded to HTTPS, For more information see https://blog.chromium.org/2019/10/no-more-mixed-messages-about-https.html
security warning URL: https://www.bazireturf.com/turf/victoireturf/
Message:
Mixed Content: The page at 'https://www.bazireturf.com/turf/victoireturf/' was loaded over HTTPS, but requested an insecure element 'http://www.bazireturf.com/img/logo.gif'. This request was automatically upgraded to HTTPS, For more information see https://blog.chromium.org/2019/10/no-more-mixed-messages-about-https.html
security warning URL: https://www.bazireturf.com/turf/victoireturf/
Message:
Mixed Content: The page at 'https://www.bazireturf.com/turf/victoireturf/' was loaded over HTTPS, but requested an insecure element 'http://www.tresorturf.com/img/logo.gif'. This request was automatically upgraded to HTTPS, For more information see https://blog.chromium.org/2019/10/no-more-mixed-messages-about-https.html
security warning URL: https://www.bazireturf.com/turf/victoireturf/
Message:
Mixed Content: The page at 'https://www.bazireturf.com/turf/victoireturf/' was loaded over HTTPS, but requested an insecure element 'http://jmbazire.genhit.com/logo'. This request was automatically upgraded to HTTPS, For more information see https://blog.chromium.org/2019/10/no-more-mixed-messages-about-https.html
security warning URL: https://www.bazireturf.com/turf/victoireturf/(Line 200)
Message:
Mixed Content: The page at 'https://www.bazireturf.com/turf/victoireturf/' was loaded over HTTPS, but requested an insecure element 'http://www.duvaldestin.com/logo.gif'. This request was automatically upgraded to HTTPS, For more information see https://blog.chromium.org/2019/10/no-more-mixed-messages-about-https.html
security warning URL: https://www.bazireturf.com/turf/victoireturf/(Line 200)
Message:
Mixed Content: The page at 'https://www.bazireturf.com/turf/victoireturf/' was loaded over HTTPS, but requested an insecure element 'http://www.bazireturf.com/img/logo.gif'. This request was automatically upgraded to HTTPS, For more information see https://blog.chromium.org/2019/10/no-more-mixed-messages-about-https.html
security warning URL: https://www.bazireturf.com/turf/victoireturf/(Line 200)
Message:
Mixed Content: The page at 'https://www.bazireturf.com/turf/victoireturf/' was loaded over HTTPS, but requested an insecure element 'http://www.tresorturf.com/img/logo.gif'. This request was automatically upgraded to HTTPS, For more information see https://blog.chromium.org/2019/10/no-more-mixed-messages-about-https.html
security warning URL: https://www.bazireturf.com/turf/victoireturf/(Line 200)
Message:
Mixed Content: The page at 'https://www.bazireturf.com/turf/victoireturf/' was loaded over HTTPS, but requested an insecure element 'http://jmbazire.genhit.com/logo'. This request was automatically upgraded to HTTPS, For more information see https://blog.chromium.org/2019/10/no-more-mixed-messages-about-https.html
security warning URL: https://www.bazireturf.com/turf/victoireturf/(Line 200)
Message:
Mixed Content: The page at 'https://www.bazireturf.com/turf/victoireturf/' was loaded over HTTPS, but requested an insecure element 'http://www.duvaldestin.com/logo.gif'. This request was automatically upgraded to HTTPS, For more information see https://blog.chromium.org/2019/10/no-more-mixed-messages-about-https.html
security warning URL: https://www.bazireturf.com/turf/victoireturf/(Line 200)
Message:
Mixed Content: The page at 'https://www.bazireturf.com/turf/victoireturf/' was loaded over HTTPS, but requested an insecure element 'http://www.bazireturf.com/img/logo.gif'. This request was automatically upgraded to HTTPS, For more information see https://blog.chromium.org/2019/10/no-more-mixed-messages-about-https.html
security warning URL: https://www.bazireturf.com/turf/victoireturf/(Line 200)
Message:
Mixed Content: The page at 'https://www.bazireturf.com/turf/victoireturf/' was loaded over HTTPS, but requested an insecure element 'http://www.tresorturf.com/img/logo.gif'. This request was automatically upgraded to HTTPS, For more information see https://blog.chromium.org/2019/10/no-more-mixed-messages-about-https.html
security warning URL: https://www.bazireturf.com/turf/victoireturf/(Line 200)
Message:
Mixed Content: The page at 'https://www.bazireturf.com/turf/victoireturf/' was loaded over HTTPS, but requested an insecure element 'http://jmbazire.genhit.com/logo'. This request was automatically upgraded to HTTPS, For more information see https://blog.chromium.org/2019/10/no-more-mixed-messages-about-https.html
network error URL: https://jmbazire.genhit.com/logo
Message:
Failed to load resource: net::ERR_NAME_NOT_RESOLVED
security error URL: https://www.bazireturf.com/turf/victoireturf/
Message:
Mixed Content: The page at 'https://www.bazireturf.com/turf/victoireturf/' was loaded over HTTPS, but requested an insecure script 'http://www.gambling-affiliation.com/cpm/v=2XpOgQhHyD2kUb3iTi6.4ZuSowGhDeeywC6TRWnXlH-yGy88.tSXpu-7IufP2hxImxLWo8Ujm4EP.-9CPIbtBw__&s='. This request has been blocked; the content must be served over HTTPS.
recommendation verbose URL: https://www.bazireturf.com/turf/victoireturf/
Message:
[DOM] Input elements should have autocomplete attributes (suggested: "current-password"): (More info: https://goo.gl/9p2vKq) %o
other warning URL: https://www.bazireturf.com/turf/victoireturf/
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://www.bazireturf.com/turf/victoireturf/
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://www.bazireturf.com/turf/victoireturf/
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://www.bazireturf.com/turf/victoireturf/
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://www.bazireturf.com/turf/victoireturf/
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://www.bazireturf.com/turf/victoireturf/
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://www.bazireturf.com/turf/victoireturf/
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://www.bazireturf.com/turf/victoireturf/
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header Value
Strict-Transport-Security max-age=15768000

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

jmbazire.genhit.com
payment.allopass.com
region1.google-analytics.com
www.bazireturf.com
www.duvaldestin.com
www.gambling-affiliation.com
www.googletagmanager.com
www.tresorturf.com
jmbazire.genhit.com
www.duvaldestin.com
www.gambling-affiliation.com
185.119.26.1
194.150.236.179
194.150.236.236
2001:4860:4802:34::36
2a00:1450:4001:81d::2008
1390ff453ee0afeec6dd9beb71854537b3b3cd9f1b42c7237d7f95424b146fec
31ebf9aeaedcdaec75a827066eb352390f6d78b489a47153dd53705595d484ca
49c9f7121ee9c8b1b6e598b86ad821c2a431dec20ea2a26a51a0099e1ea7d403
49cae39b5b91b05391a99c346640060dc6db5448865ce1077e696689f3396792
5725ec903bd9784dda20be8167690234b4d49129ff3f6e31d90e827b36ae49bb
6708a8ec82fad521076f2579c9873b1335aad3bd231cdb2972ea0bfb38689d97
7dd9659e56e92abc376e04d427903b2cfca1d52d854d38e35fefa4cf9e7fd9db
864c8de2401de5d4179c83883d86996453df5bbfe3cc7263043a77e15efd7109
95eb15e76b752a9c78d6281cd3b7c43a8fbc2931783edf3bf3703af55eff06e2
b00c094adf05e6690e7c9c4a5c5a0c194a2b73cd18e8fd3800acbff1d58d87f8
b9f1f178352e9b23dabad7ad3bb715fa65e3078985a5b3e84e5a5db06bac2eee
bb2896311890073a9e2d87e6c567d1341e13e287a522c88e0846bd2e940adea4
d1d6b5efe0d6c2540778435a8f7873cbec1eb76a2b107370388a8806cb5dda6a
e3a0169c93ee99ee209e212f1f9b711712aa8546cd9bc4a8f4bc431df18dabde
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
fc01ed57d1edc90d3c90024746ce98d16362529291a8f93ef551ae53d59bb06c