programmation.fr.mu Open in urlscan Pro
5.135.149.81 Public Scan

URL:
http://programmation.fr.mu/
Submission: On June 30 via manual (June 30th 2021, 3:26:55 pm UTC) from FR

Summary HTTP 47 Redirects Behaviour Indicators

Summary

This website contacted 19 IPs in 3 countries across 17 domains to perform 47 HTTP transactions. The main IP is 5.135.149.81, located in France and belongs to OVH, FR. The main domain is programmation.fr.mu.

This is the only time programmation.fr.mu was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
10	5.135.149.81 5.135.149.81	16276 (OVH) (OVH)
10	194.150.236.165 194.150.236.165	44976 (HIWIT_AS) (HIWIT_AS)
3	2a00:1450:400... 2a00:1450:4001:812::2002	15169 (GOOGLE) (GOOGLE)
4	185.119.26.1 185.119.26.1	203544 (WEBDEVIIN-AS) (WEBDEVIIN-AS)
1	91.216.107.189 91.216.107.189	16347 (RMI-FITECH) (RMI-FITECH)
7 8	2606:4700:303... 2606:4700:3038::6815:ea1a	13335 (CLOUDFLAR...) (CLOUDFLARENET)
3 3	88.99.130.181 88.99.130.181	24940 (HETZNER-AS) (HETZNER-AS)
3	50.16.49.81 50.16.49.81	14618 (AMAZON-AES) (AMAZON-AES)
1	194.150.236.166 194.150.236.166	44976 (HIWIT_AS) (HIWIT_AS)
2	2a00:1450:400... 2a00:1450:4001:830::2002	15169 (GOOGLE) (GOOGLE)
1	142.250.185.66 142.250.185.66	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:800::2002	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:827::2002	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:802::2002	15169 (GOOGLE) (GOOGLE)
3	2a00:1450:400... 2a00:1450:4001:80f::2002	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:827::2001	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:802::2001	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:800::2004	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:813::2008	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:80f::200e	15169 (GOOGLE) (GOOGLE)
47	19

10 5.135.149.81 (France)

ASN16276 (OVH, FR)
PTR: web3.venez.net

programmation.fr.mu	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
www.venez.fr	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

10 194.150.236.165 (France)

ASN44976 (HIWIT_AS, FR)
PTR: ns5.hiwit.net

www.turf.dafun.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1450:4001:812::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

pagead2.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 185.119.26.1 (France)

ASN203544 (WEBDEVIIN-AS, FR)
PTR: 1.26.119.185.in-addr.arpa

payment.allopass.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 91.216.107.189 (France)

ASN16347 (RMI-FITECH, FR)

www.lesleaders.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

8 2606:4700:3038::6815:ea1a (United States) 7 redirects

ASN13335 (CLOUDFLARENET, US)

img.root-top.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 88.99.130.181 (Germany) 3 redirects

ASN24940 (HETZNER-AS, DE)
PTR: freegifmaker.me

www.loogix.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 50.16.49.81 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-50-16-49-81.compute-1.amazonaws.com

freegifmaker.me	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 194.150.236.166 (France)

ASN44976 (HIWIT_AS, FR)
PTR: ns6.hiwit.net

www.turfinfos.ouba.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:830::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

googleads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 142.250.185.66 (United States)

ASN15169 (GOOGLE, US)
PTR: fra16s48-in-f2.1e100.net

partner.googleadservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:800::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

adservice.google.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:827::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

adservice.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:802::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.googletagservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1450:4001:80f::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

pagead2.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:827::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

tpc.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:802::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

tpc.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:800::2004 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:813::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.googletagmanager.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:80f::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
10	dafun.com www.turf.dafun.com	484 KB
8	root-top.com 7 redirects img.root-top.com	7 KB
8	googlesyndication.com pagead2.googlesyndication.com tpc.googlesyndication.com	162 KB
7	venez.fr www.venez.fr	9 KB
4	allopass.com payment.allopass.com	11 KB
3	freegifmaker.me freegifmaker.me	142 KB
3	loogix.com 3 redirects www.loogix.com	738 B
3	fr.mu programmation.fr.mu	3 KB
2	google.com adservice.google.com www.google.com	942 B
2	doubleclick.net googleads.g.doubleclick.net	5 KB
1	google-analytics.com www.google-analytics.com	19 KB
1	googletagmanager.com www.googletagmanager.com	32 KB
1	googletagservices.com www.googletagservices.com	27 KB
1	google.de adservice.google.de	165 B
1	googleadservices.com partner.googleadservices.com	654 B
1	ouba.com www.turfinfos.ouba.com	6 KB
1	lesleaders.com www.lesleaders.com	30 KB
47	17

	Domain	Requested by
10	www.turf.dafun.com	programmation.fr.mu www.turf.dafun.com
8	img.root-top.com	7 redirects www.turf.dafun.com
7	www.venez.fr	programmation.fr.mu www.venez.fr
6	pagead2.googlesyndication.com	programmation.fr.mu pagead2.googlesyndication.com tpc.googlesyndication.com
4	payment.allopass.com	www.turf.dafun.com payment.allopass.com
3	freegifmaker.me	www.turf.dafun.com
3	www.loogix.com	3 redirects
3	programmation.fr.mu	programmation.fr.mu
2	tpc.googlesyndication.com	pagead2.googlesyndication.com tpc.googlesyndication.com
2	googleads.g.doubleclick.net	pagead2.googlesyndication.com
1	www.google-analytics.com	www.googletagmanager.com
1	www.googletagmanager.com	payment.allopass.com
1	www.google.com	tpc.googlesyndication.com
1	www.googletagservices.com	pagead2.googlesyndication.com
1	adservice.google.com	pagead2.googlesyndication.com
1	adservice.google.de	pagead2.googlesyndication.com
1	partner.googleadservices.com	pagead2.googlesyndication.com
1	www.turfinfos.ouba.com	www.turf.dafun.com
1	www.lesleaders.com	www.turf.dafun.com
47	19

This site contains no links.

Subject Issuer	Validity	Valid
venez.fr R3	`2021-04-12` - `2021-07-11`	3 months	crt.sh
*.allopass.com R3	`2021-05-04` - `2021-08-02`	3 months	crt.sh
sni.cloudflaressl.com Cloudflare Inc ECC CA-3	`2020-08-03` - `2021-08-03`	a year	crt.sh
*.g.doubleclick.net GTS CA 1C3	`2021-05-31` - `2021-08-23`	3 months	crt.sh
*.googleadservices.com GTS CA 1C3	`2021-05-31` - `2021-08-23`	3 months	crt.sh
*.google.de GTS CA 1C3	`2021-06-07` - `2021-08-30`	3 months	crt.sh
*.google.com GTS CA 1C3	`2021-06-07` - `2021-08-30`	3 months	crt.sh
tpc.googlesyndication.com GTS CA 1C3	`2021-06-07` - `2021-08-30`	3 months	crt.sh
www.google.com GTS CA 1C3	`2021-06-07` - `2021-08-30`	3 months	crt.sh
*.google-analytics.com GTS CA 1C3	`2021-05-31` - `2021-08-23`	3 months	crt.sh

This page contains 9 frames:

Primary Page: http://programmation.fr.mu/
Frame ID: 8ABD4C5932DB537F45081B654424E9B8
Requests: 1 HTTP requests in this frame

Frame: http://programmation.fr.mu/barre-programmation.fr.mu.html
Frame ID: 85EA7468915B6449A02F00B7B87E2A45
Requests: 14 HTTP requests in this frame

Frame: http://www.turf.dafun.com/pronos/programmation/
Frame ID: DC4081963D3FEA219762B58CC50FDFE5
Requests: 22 HTTP requests in this frame

Frame: http://programmation.fr.mu/stats-programmation.fr.mu.html
Frame ID: F07AE38FC0A6632CF486C90D29BCB1BF
Requests: 1 HTTP requests in this frame

Frame: https://www.venez.fr/alternate-barre.htm
Frame ID: 65CEB1405612481434C0E31287634773
Requests: 4 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/html/r20210628/r20190131/zrt_lookup.html
Frame ID: 031A3BD2B0D3B060C6A2B4DEA5B1A2FE
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5203714787387788&output=html&h=90&slotname=4563536207&adk=2647235303&adf=3604715433&pi=t.ma~as.4563536207&w=970&psa=0&format=970x90&url=http%3A%2F%2Fprogrammation.fr.mu%2F&ea=0&flash=0&wgl=1&dt=1625066792712&bpp=7&bdt=288&idt=90&shv=r20210628&ptt=9&saldr=aa&correlator=8792493306307&frm=23&ife=1&pv=2&ga_vid=1197819410.1625066793&ga_sid=1625066793&ga_hid=474729932&ga_fc=0&nhd=1&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=20&ady=0&biw=1600&bih=1200&isw=1600&ish=90&ifk=1659534046&scr_x=0&scr_y=0&eid=31061334%2C31061383&oid=3&pvsid=2609816066189015&eae=2&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C90&vis=1&rsz=o%7Co%7CaeE%7C&abl=NA&pfx=0&fu=4&bc=23&ifi=1&uci=1.ttvs9bk60w08&fsb=1&dtd=114
Frame ID: 2338DEF6EE09CFCBF3AB4BD108CAA37F
Requests: 1 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/224/runner.html
Frame ID: 113785EDF5175D866409B7810913191F
Requests: 2 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/aframe
Frame ID: 8B1C88E95D9A30C90D2516DF0282B126
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Detected technologies

Apache (Web Servers) Expand

Overall confidence: 100%
Detected patterns

headers server /(?:Apache(?:$|\/([\d.]+)|[^/-])|(?:^|\b)HTTPD)/i

Page Statistics

47
Requests

57 %
HTTPS

60 %
IPv6

17
Domains

19
Subdomains

19
IPs

3
Countries

936 kB
Transfer

1342 kB
Size

2
Cookies

0 Outgoing links

These are links going to different origins than the main page.

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 17

http://img.root-top.com/topsite/turfgagnant/banner.gif HTTP 301
https://img.root-top.com/topsite/turfgagnant/banner.gif HTTP 302
http://www.loogix.com/img/res/1/4/0/0/6/6/1400663748165342.gif?1400663749 HTTP 301
http://freegifmaker.me/img/res/1/4/0/0/6/6/1400663748165342.gif?1400663749

Request Chain 18

http://img.root-top.com/topsite/bienjouer/banner.gif HTTP 301
https://img.root-top.com/topsite/bienjouer/banner.gif HTTP 302
http://www.loogix.com/img/res/1/3/9/3/7/5/13937580041908691.gif HTTP 301
http://freegifmaker.me/img/res/1/3/9/3/7/5/13937580041908691.gif

Request Chain 19

http://img.root-top.com/topsite/lc13/banner.gif HTTP 301
https://img.root-top.com/topsite/lc13/banner.gif

Request Chain 20

http://img.root-top.com/topsite/miroirduturf/banner.gif HTTP 301
https://img.root-top.com/topsite/miroirduturf/banner.gif HTTP 302
http://www.loogix.com/img/res/1/4/0/8/2/6/14082678501421827.gif?1408267850 HTTP 301
http://freegifmaker.me/img/res/1/4/0/8/2/6/14082678501421827.gif?1408267850

47 HTTP transactions
0 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H/1.1 200
OK Primary Request / Show response
programmation.fr.mu/ 3 KB
1 KB 130ms
71ms Document
text/html 5.135.149.81
OVH

General

Check archive.org

Show headers Download Go to

Full URL: http://programmation.fr.mu/
Protocol: HTTP/1.1
Server: 5.135.149.81 , France, ASN16276 (OVH, FR),
Reverse DNS: web3.venez.net
Software: Apache /
Resource Hash: 3e8a51749672ee34dc1f1fe4b4510b9f7f842a352ef673bc880b94e62696f786

Request headers

Host: programmation.fr.mu
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Accept-Encoding: gzip, deflate
Accept-Language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Wed, 30 Jun 2021 15:26:31 GMT
Server: Apache
Vary: Accept-Encoding
Content-Encoding: gzip
Content-Length: 1098
Keep-Alive: timeout=5, max=100
Connection: Keep-Alive
Content-Type: text/html; charset=iso-8859-1

GET
H/1.1 200
OK barre-programmation.fr.mu.html Show response
programmation.fr.mu/ Frame 85EA 3 KB
2 KB 138ms
135ms Document
text/html 5.135.149.81
OVH

General

Check archive.org

Show headers Download Go to

Full URL: http://programmation.fr.mu/barre-programmation.fr.mu.html
Requested by: Host: programmation.fr.mu
URL: http://programmation.fr.mu/
Protocol: HTTP/1.1
Server: 5.135.149.81 , France, ASN16276 (OVH, FR),
Reverse DNS: web3.venez.net
Software: Apache /
Resource Hash: 914b8ddeba70a202fd0c0721dd65bbe2cae4f894cfe70de6057e797c60fc1144

Request headers

Host: programmation.fr.mu
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Referer: http://programmation.fr.mu/
Accept-Encoding: gzip, deflate
Accept-Language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: http://programmation.fr.mu/

Response headers

Date: Wed, 30 Jun 2021 15:26:31 GMT
Server: Apache
Expires: Wed, 30 Jun 2021 15:26:31 GMT
Last-Modified: Wed, 30 Jun 2021 15:26:31 GMT
Cache-Control: no-store, no-cache, must-revalidate post-check=0, pre-check=0
Pragma: no-cache
Vary: Accept-Encoding
Content-Encoding: gzip
Content-Length: 1503
Keep-Alive: timeout=5, max=99
Connection: Keep-Alive
Content-Type: text/html; charset=ISO-8859-1

GET
H/1.1 200
OK / Show response
www.turf.dafun.com/pronos/programmation/ Frame DC40 12 KB
13 KB 258ms
205ms Document
text/html 194.150.236.165
HIWIT_AS

General

Check archive.org

Show headers Download Go to

Full URL: http://www.turf.dafun.com/pronos/programmation/
Requested by: Host: programmation.fr.mu
URL: http://programmation.fr.mu/
Protocol: HTTP/1.1
Server: 194.150.236.165 , France, ASN44976 (HIWIT_AS, FR),
Reverse DNS: ns5.hiwit.net
Software: Apache /
Resource Hash: 0e0c46dc5ea067610f498fbbea10bede54ddc1364862959257e2b7814e4fe4e3

Request headers

Host: www.turf.dafun.com
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Referer: http://programmation.fr.mu/
Accept-Encoding: gzip, deflate
Accept-Language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: http://programmation.fr.mu/

Response headers

Date: Wed, 30 Jun 2021 15:26:32 GMT
Server: Apache
Vary: Host
Keep-Alive: timeout=15, max=100
Connection: Keep-Alive
Transfer-Encoding: chunked
Content-Type: text/html

GET
H/1.1 200
OK stats-programmation.fr.mu.html Show response
programmation.fr.mu/ Frame F07A 0
192 B 177ms
150ms Document
text/html 5.135.149.81
OVH

General

Check archive.org

Show headers Download Go to

Full URL: http://programmation.fr.mu/stats-programmation.fr.mu.html
Requested by: Host: programmation.fr.mu
URL: http://programmation.fr.mu/
Protocol: HTTP/1.1
Server: 5.135.149.81 , France, ASN16276 (OVH, FR),
Reverse DNS: web3.venez.net
Software: Apache /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Host: programmation.fr.mu
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Referer: http://programmation.fr.mu/
Accept-Encoding: gzip, deflate
Accept-Language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: http://programmation.fr.mu/

Response headers

Date: Wed, 30 Jun 2021 15:26:31 GMT
Server: Apache
Content-Length: 0
Keep-Alive: timeout=5, max=100
Connection: Keep-Alive
Content-Type: text/html; charset=iso-8859-1

GET
H/1.1 200
OK site.js Show response
www.venez.fr/js/ Frame 85EA 2 KB
1 KB 226ms
49ms Script
application/javascript 5.135.149.81
OVH

General

Check archive.org

Show headers Download Go to

Full URL: https://www.venez.fr/js/site.js?www.venez.fr
Requested by: Host: programmation.fr.mu
URL: http://programmation.fr.mu/barre-programmation.fr.mu.html
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 5.135.149.81 , France, ASN16276 (OVH, FR),
Reverse DNS: web3.venez.net
Software: Apache /
Resource Hash: 0c91a24c2deb753c963c48cd9c3e5d16ee96128b30bce193c4324e121728c306

Request headers

Referer: http://programmation.fr.mu/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Wed, 30 Jun 2021 15:26:32 GMT
Content-Encoding: gzip
Last-Modified: Wed, 30 Jun 2021 15:26:32 GMT
Server: Apache
Vary: Accept-Encoding
Content-Type: application/javascript
Cache-Control: public, max-age=604800
Connection: Keep-Alive
Keep-Alive: timeout=5, max=100
Content-Length: 1023
Expires: Wed, 07 Jul 2021 15:26:32 GMT

GET
H/1.1 200
OK separateur90.gif
www.venez.fr/images/ Frame 85EA 82 B
388 B 231ms
51ms Image
image/gif 5.135.149.81
OVH

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.venez.fr/images/separateur90.gif
Requested by: Host: programmation.fr.mu
URL: http://programmation.fr.mu/barre-programmation.fr.mu.html
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 5.135.149.81 , France, ASN16276 (OVH, FR),
Reverse DNS: web3.venez.net
Software: Apache /
Resource Hash: 3289fc83b622ca0a13683fa81b006a05de135d1938744d6e30e5c9be2f2d782a

Request headers

Referer: http://programmation.fr.mu/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Wed, 30 Jun 2021 15:26:32 GMT
Last-Modified: Thu, 15 Nov 2018 22:11:22 GMT
Server: Apache
ETag: "52-57abb54b25680"
Content-Type: image/gif
Cache-Control: max-age=604800, public
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=100
Content-Length: 82

GET
H/1.1 200
OK adsbygoogle.js Show response
pagead2.googlesyndication.com/pagead/js/ Frame 85EA 135 KB
48 KB 25ms
25ms Script
text/javascript 2a00:1450:4001:812::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

http://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js

Requested by

Host: programmation.fr.mu
URL: http://programmation.fr.mu/barre-programmation.fr.mu.html

Protocol

HTTP/1.1

Server

2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

286489fa50631d3c3f4fd6625e007e27cb92fe28dd5b115d1d308bde54391180

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: http://programmation.fr.mu/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Timing-Allow-Origin: *
Date: Wed, 30 Jun 2021 15:26:32 GMT
Content-Encoding: gzip
X-Content-Type-Options: nosniff
Server: cafe
ETag: 6720371853764259081
Vary: Accept-Encoding, Origin
P3P: policyref="http://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
Cache-Control: private, max-age=3600
Cross-Origin-Resource-Policy: cross-origin
Content-Disposition: attachment; filename="f.txt"
Content-Type: text/javascript; charset=UTF-8
Content-Length: 48702
X-XSS-Protection: 0
Expires: Wed, 30 Jun 2021 15:26:32 GMT

GET
H/1.1 200
OK head.jpg
www.turf.dafun.com/pronos/programmation/ Frame DC40 77 KB
77 KB 85ms
58ms Image
image/jpeg 194.150.236.165
HIWIT_AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://www.turf.dafun.com/pronos/programmation/head.jpg
Requested by: Host: www.turf.dafun.com
URL: http://www.turf.dafun.com/pronos/programmation/
Protocol: HTTP/1.1
Server: 194.150.236.165 , France, ASN44976 (HIWIT_AS, FR),
Reverse DNS: ns5.hiwit.net
Software: Apache /
Resource Hash: 5b376279810fe763fdea3127458adda3830e717053879c9904d1d2186b4eed08

Request headers

Referer: http://www.turf.dafun.com/pronos/programmation/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Wed, 30 Jun 2021 15:26:32 GMT
Last-Modified: Sat, 17 Apr 2021 10:08:16 GMT
Server: Apache
ETag: "e7602e-1339d-5c02846680400"
Vary: Host
Content-Type: image/jpeg
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=15, max=99
Content-Length: 78749

GET
H/1.1 200
OK top2.jpg
www.turf.dafun.com/pronos/programmation/ Frame DC40 35 KB
35 KB 114ms
88ms Image
image/jpeg 194.150.236.165
HIWIT_AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://www.turf.dafun.com/pronos/programmation/top2.jpg
Requested by: Host: www.turf.dafun.com
URL: http://www.turf.dafun.com/pronos/programmation/
Protocol: HTTP/1.1
Server: 194.150.236.165 , France, ASN44976 (HIWIT_AS, FR),
Reverse DNS: ns5.hiwit.net
Software: Apache /
Resource Hash: 3e464a572c1687023cd22ff8c67d6c9f868e10aa7347018595bd0102deb81028

Request headers

Referer: http://www.turf.dafun.com/pronos/programmation/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Wed, 30 Jun 2021 15:26:32 GMT
Last-Modified: Tue, 13 Oct 2015 10:56:29 GMT
Server: Apache
ETag: "e76037-8a0e-521fa4c49d140"
Vary: Host
Content-Type: image/jpeg
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=15, max=100
Content-Length: 35342

GET
H/1.1 200
OK dico-quinte.png
www.turf.dafun.com/pronos/programmation/ Frame DC40 38 KB
39 KB 115ms
88ms Image
image/png 194.150.236.165
HIWIT_AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://www.turf.dafun.com/pronos/programmation/dico-quinte.png
Requested by: Host: www.turf.dafun.com
URL: http://www.turf.dafun.com/pronos/programmation/
Protocol: HTTP/1.1
Server: 194.150.236.165 , France, ASN44976 (HIWIT_AS, FR),
Reverse DNS: ns5.hiwit.net
Software: Apache /
Resource Hash: f2384ebce8f127741faa22d0ad678830654adf0c666d8e3757524baca7ebece1

Request headers

Referer: http://www.turf.dafun.com/pronos/programmation/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Wed, 30 Jun 2021 15:26:32 GMT
Last-Modified: Tue, 13 Oct 2015 10:56:21 GMT
Server: Apache
ETag: "e7602a-99ca-521fa4bcfbf40"
Vary: Host
Content-Type: image/png
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=15, max=100
Content-Length: 39370

GET
H/1.1 200
OK hippodrome.jpg
www.turf.dafun.com/pronos/programmation/ Frame DC40 189 KB
189 KB 109ms
87ms Image
image/jpeg 194.150.236.165
HIWIT_AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://www.turf.dafun.com/pronos/programmation/hippodrome.jpg
Requested by: Host: www.turf.dafun.com
URL: http://www.turf.dafun.com/pronos/programmation/
Protocol: HTTP/1.1
Server: 194.150.236.165 , France, ASN44976 (HIWIT_AS, FR),
Reverse DNS: ns5.hiwit.net
Software: Apache /
Resource Hash: c4db386006b5be2390168346843ca573b54a3677a2433cbbcc9d01ba4f6a407a

Request headers

Referer: http://www.turf.dafun.com/pronos/programmation/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Wed, 30 Jun 2021 15:26:32 GMT
Last-Modified: Sat, 17 Apr 2021 11:55:58 GMT
Server: Apache
ETag: "e77a8b-2f447-5c029c7924f80"
Vary: Host
Content-Type: image/jpeg
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=15, max=100
Content-Length: 193607

GET
H/1.1 200
OK h3.jpg
www.turf.dafun.com/pronos/programmation/ Frame DC40 13 KB
14 KB 114ms
87ms Image
image/jpeg 194.150.236.165
HIWIT_AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://www.turf.dafun.com/pronos/programmation/h3.jpg
Requested by: Host: www.turf.dafun.com
URL: http://www.turf.dafun.com/pronos/programmation/
Protocol: HTTP/1.1
Server: 194.150.236.165 , France, ASN44976 (HIWIT_AS, FR),
Reverse DNS: ns5.hiwit.net
Software: Apache /
Resource Hash: f8f374f740b76f7af943ea639d9e920d9c0bcc367eadd4e2af68c06aa9a9cba7

Request headers

Referer: http://www.turf.dafun.com/pronos/programmation/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Wed, 30 Jun 2021 15:26:32 GMT
Last-Modified: Sat, 17 Apr 2021 10:08:16 GMT
Server: Apache
ETag: "e7602f-34de-5c02846680400"
Vary: Host
Content-Type: image/jpeg
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=15, max=100
Content-Length: 13534

GET
H/1.1 200
OK h1.jpg
www.turf.dafun.com/pronos/programmation/ Frame DC40 17 KB
18 KB 115ms
88ms Image
image/jpeg 194.150.236.165
HIWIT_AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://www.turf.dafun.com/pronos/programmation/h1.jpg
Requested by: Host: www.turf.dafun.com
URL: http://www.turf.dafun.com/pronos/programmation/
Protocol: HTTP/1.1
Server: 194.150.236.165 , France, ASN44976 (HIWIT_AS, FR),
Reverse DNS: ns5.hiwit.net
Software: Apache /
Resource Hash: 58d04ac1628a6b128ace264013150a1f04abf4c0ea874e280b68ba00713a654c

Request headers

Referer: http://www.turf.dafun.com/pronos/programmation/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Wed, 30 Jun 2021 15:26:32 GMT
Last-Modified: Sat, 17 Apr 2021 10:08:15 GMT
Server: Apache
ETag: "e7602b-4529-5c0284658c1c0"
Vary: Host
Content-Type: image/jpeg
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=15, max=100
Content-Length: 17705

GET
H/1.1 200
OK date.png
www.turf.dafun.com/pronos/programmation/ Frame DC40 35 KB
35 KB 165ms
59ms Image
image/png 194.150.236.165
HIWIT_AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://www.turf.dafun.com/pronos/programmation/date.png
Requested by: Host: www.turf.dafun.com
URL: http://www.turf.dafun.com/pronos/programmation/
Protocol: HTTP/1.1
Server: 194.150.236.165 , France, ASN44976 (HIWIT_AS, FR),
Reverse DNS: ns5.hiwit.net
Software: Apache /
Resource Hash: 5c68f279cffe49ae5cab0e12909796e8a38bfb4fdc480137157ea141db30aab9

Request headers

Referer: http://www.turf.dafun.com/pronos/programmation/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Wed, 30 Jun 2021 15:26:32 GMT
Last-Modified: Tue, 13 Oct 2015 10:56:20 GMT
Server: Apache
ETag: "e76029-8c72-521fa4bc07d00"
Vary: Host
Content-Type: image/png
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=15, max=98
Content-Length: 35954

GET
H/1.1 200
OK arpnum.png
www.turf.dafun.com/pronos/programmation/ Frame DC40 30 KB
30 KB 177ms
62ms Image
image/png 194.150.236.165
HIWIT_AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://www.turf.dafun.com/pronos/programmation/arpnum.png
Requested by: Host: www.turf.dafun.com
URL: http://www.turf.dafun.com/pronos/programmation/
Protocol: HTTP/1.1
Server: 194.150.236.165 , France, ASN44976 (HIWIT_AS, FR),
Reverse DNS: ns5.hiwit.net
Software: Apache /
Resource Hash: e0aaaa34575f0948930fa8592cc5a9cf27c3063d4f8c8234cc2c0c69459feac4

Request headers

Referer: http://www.turf.dafun.com/pronos/programmation/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Wed, 30 Jun 2021 15:26:32 GMT
Last-Modified: Tue, 13 Oct 2015 10:56:19 GMT
Server: Apache
ETag: "e76019-7836-521fa4bb13ac0"
Vary: Host
Content-Type: image/png
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=15, max=99
Content-Length: 30774

GET
H/1.1 200
OK checkout.apu Show response
payment.allopass.com/buy/ Frame DC40 11 KB
4 KB 563ms
382ms Script
text/html 185.119.26.1
WEBDEVIIN-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://payment.allopass.com/buy/checkout.apu?ids=352302&idd=1539064&lang=fr
Requested by: Host: www.turf.dafun.com
URL: http://www.turf.dafun.com/pronos/programmation/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 185.119.26.1 , France, ASN203544 (WEBDEVIIN-AS, FR),
Reverse DNS: 1.26.119.185.in-addr.arpa
Software: Apache /
Resource Hash: 1f6f8fcb5ad2e2b2573dbe11a4b3936e7dcc72973599a87ef155cab156f49e20

Request headers

Referer: http://www.turf.dafun.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma: no-cache
Date: Wed, 30 Jun 2021 15:26:32 GMT
Content-Encoding: gzip
Server: Apache
Vary: Accept-Encoding
P3P: CP='NON NID OTPa OUR NOR' policy-ref='http://payment.allopass.com/info/p3p/policy-references.xml'
Cache-Control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
Connection: close
Content-Type: text/html
Content-Length: 2960
Expires: Thu, 19 Nov 1981 08:52:00 GMT

GET
H/1.1 200
OK Saint-Leger_Enckeok.jpg
www.turf.dafun.com/pronos/programmation/ Frame DC40 34 KB
34 KB 63ms
63ms Image
image/jpeg 194.150.236.165
HIWIT_AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://www.turf.dafun.com/pronos/programmation/Saint-Leger_Enckeok.jpg
Requested by: Host: www.turf.dafun.com
URL: http://www.turf.dafun.com/pronos/programmation/
Protocol: HTTP/1.1
Server: 194.150.236.165 , France, ASN44976 (HIWIT_AS, FR),
Reverse DNS: ns5.hiwit.net
Software: Apache /
Resource Hash: ff710d2b695aab9daeee97dab3574905e5c70f14ca7b68227426392d651301ab

Request headers

Referer: http://www.turf.dafun.com/pronos/programmation/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Wed, 30 Jun 2021 15:26:32 GMT
Last-Modified: Tue, 13 Oct 2015 10:56:29 GMT
Server: Apache
ETag: "e76036-8824-521fa4c49d140"
Vary: Host
Content-Type: image/jpeg
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=15, max=99
Content-Length: 34852

GET
H/1.1 200
OK logo.gif
www.lesleaders.com/img/ Frame DC40 30 KB
30 KB 956ms
92ms Image
image/gif 91.216.107.189
RMI-FITECH

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://www.lesleaders.com/img/logo.gif
Requested by: Host: www.turf.dafun.com
URL: http://www.turf.dafun.com/pronos/programmation/
Protocol: HTTP/1.1
Server: 91.216.107.189 , France, ASN16347 (RMI-FITECH, FR),
Reverse DNS
Software: nginx /
Resource Hash: 8c9ff7c5b615fba96821177236b13d95ac0b7b2c67da14f8f3846be6d1b7eb6e

Request headers

Referer: http://www.turf.dafun.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Wed, 30 Jun 2021 15:26:33 GMT
Last-Modified: Thu, 29 Aug 2019 11:44:42 GMT
Server: nginx
ETag: "7775-5914008050804"
Vary: Host
Content-Type: image/gif
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 30581

GET
H/1.1

200
OK

1400663748165342.gif
freegifmaker.me/img/res/1/4/0/0/6/6/ Frame DC40
Redirect Chain

http://img.root-top.com/topsite/turfgagnant/banner.gif
https://img.root-top.com/topsite/turfgagnant/banner.gif
http://www.loogix.com/img/res/1/4/0/0/6/6/1400663748165342.gif?1400663749
http://freegifmaker.me/img/res/1/4/0/0/6/6/1400663748165342.gif?1400663749

77 KB
77 KB

687ms
642ms

Image
image/gif

50.16.49.81
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://freegifmaker.me/img/res/1/4/0/0/6/6/1400663748165342.gif?1400663749
Requested by: Host: www.turf.dafun.com
URL: http://www.turf.dafun.com/pronos/programmation/
Protocol: HTTP/1.1
Server: 50.16.49.81 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-50-16-49-81.compute-1.amazonaws.com
Software: nginx/1.16.0 /
Resource Hash: a51445ce818e264ccd17cdd92631fa7fb0f9536fda57df7270c54ddbe3444079

Request headers

Referer: http://www.turf.dafun.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Wed, 30 Jun 2021 15:26:33 GMT
Content-Encoding: gzip
Response: 200
Last-Modified: Fri, 25 Jun 2021 22:41:18 GMT
Server: nginx/1.16.0
Display: staticcontent_sol, staticcontent_sol
Etag: "537c6ec5-1351b-gzip"
Vary: Accept-Encoding, Origin,Accept-Encoding
Content-Type: image/gif
X-Middleton-Display: staticcontent_sol, staticcontent_sol
Expires: Wed, 07 Jul 2021 15:26:33 GMT
Cache-Control: max-age=604800
Transfer-Encoding: chunked
X-Middleton-Response: 200
X-Ua-Compatible: IE=edge

Redirect headers

Location: http://freegifmaker.me/img/res/1/4/0/0/6/6/1400663748165342.gif?1400663749
Date: Wed, 30 Jun 2021 15:26:32 GMT
Server: nginx/1.12.0
Connection: keep-alive
Content-Length: 185
Content-Type: text/html

GET
H/1.1

200
OK

13937580041908691.gif
freegifmaker.me/img/res/1/3/9/3/7/5/ Frame DC40
Redirect Chain

http://img.root-top.com/topsite/bienjouer/banner.gif
https://img.root-top.com/topsite/bienjouer/banner.gif
http://www.loogix.com/img/res/1/3/9/3/7/5/13937580041908691.gif
http://freegifmaker.me/img/res/1/3/9/3/7/5/13937580041908691.gif

10 KB
9 KB

487ms
457ms

Image
image/gif

50.16.49.81
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://freegifmaker.me/img/res/1/3/9/3/7/5/13937580041908691.gif
Requested by: Host: www.turf.dafun.com
URL: http://www.turf.dafun.com/pronos/programmation/
Protocol: HTTP/1.1
Server: 50.16.49.81 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-50-16-49-81.compute-1.amazonaws.com
Software: nginx/1.16.0 /
Resource Hash: 282bf0267358b4b4f834644fced15044b16455ebecce54a5278d67e0baa8feef

Request headers

Referer: http://www.turf.dafun.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Wed, 30 Jun 2021 15:26:33 GMT
Content-Encoding: gzip
Response: 200
Last-Modified: Fri, 25 Jun 2021 22:41:18 GMT
Server: nginx/1.16.0
Display: staticcontent_sol, staticcontent_sol
Etag: "53130f34-26f1-gzip"
Vary: Accept-Encoding, Origin,Accept-Encoding
Content-Type: image/gif
X-Middleton-Display: staticcontent_sol, staticcontent_sol
Expires: Wed, 07 Jul 2021 15:26:33 GMT
Cache-Control: max-age=604800
Transfer-Encoding: chunked
X-Middleton-Response: 200
X-Ua-Compatible: IE=edge

Redirect headers

Location: http://freegifmaker.me/img/res/1/3/9/3/7/5/13937580041908691.gif
Date: Wed, 30 Jun 2021 15:26:32 GMT
Server: nginx/1.12.0
Connection: keep-alive
Content-Length: 185
Content-Type: text/html

GET
H2

200

banner.gif
img.root-top.com/topsite/lc13/ Frame DC40
Redirect Chain

http://img.root-top.com/topsite/lc13/banner.gif
https://img.root-top.com/topsite/lc13/banner.gif

2 KB
3 KB

50ms
21ms

Image
image/gif

2606:4700:3038::6815:ea1a
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://img.root-top.com/topsite/lc13/banner.gif
Requested by: Host: www.turf.dafun.com
URL: http://www.turf.dafun.com/pronos/programmation/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3038::6815:ea1a , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: a33536913470e0494a6fcc5357d5e9fb823e0412d7fcc79fdbd589efde77c79a

Request headers

Referer: http://www.turf.dafun.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 30 Jun 2021 15:26:32 GMT
cf-cache-status: HIT
nel: {"report_to":"cf-nel","max_age":604800}
age: 110053
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
content-length: 2463
cf-request-id: 0aff207edf00000100b38b6000000001
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v2?s=AX0sZrXyUgMze7RL1YwAhmrG9VhlUDvCf6CvcF0eCgUugW%2FtsQholpmE2KvxtKePgukfGp7k9IPeH5NeqInkbaUo14fy6cNSvQwQT1LPt3HNq7ytvnfaR03Gok%2BsQbtYRh4T8G53xjMq2Q%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/gif
cache-control: max-age=14400, must-revalidate
accept-ranges: bytes
cf-ray: 667869de29630100-AMS
expires: Fri, 02 Jul 2021 08:52:19 GMT

Redirect headers

Date: Wed, 30 Jun 2021 15:26:32 GMT
CF-Cache-Status: HIT
NEL: {"report_to":"cf-nel","max_age":604800}
Server: cloudflare
Age: 292
Vary: Accept-Encoding
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v2?s=c80Yy6688%2BwDc%2BqvfRxZDEMG2DcR2h8%2BuV9g7%2FIKEI5H4nICN8jR%2BWd2iRT5wPBGEv63c6%2BMzbA%2By%2FTcH%2BziQqG%2BBtzuWy3Cb4ly8hk%2BfvyT4rC6dzn%2BWyIUtfiYVXGxjXNG5YVyUp%2B1ug%3D%3D"}],"group":"cf-nel","max_age":604800}
Location: https://img.root-top.com/topsite/lc13/banner.gif
Cache-Control: max-age=14400
Connection: keep-alive
CF-RAY: 667869dddcf94c01-AMS
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
Content-Length: 0
cf-request-id: 0aff207eab00004c014e388000000001

GET
H/1.1

200
OK

14082678501421827.gif
freegifmaker.me/img/res/1/4/0/8/2/6/ Frame DC40
Redirect Chain

http://img.root-top.com/topsite/miroirduturf/banner.gif
https://img.root-top.com/topsite/miroirduturf/banner.gif
http://www.loogix.com/img/res/1/4/0/8/2/6/14082678501421827.gif?1408267850
http://freegifmaker.me/img/res/1/4/0/8/2/6/14082678501421827.gif?1408267850

57 KB
56 KB

691ms
645ms

Image
image/gif

50.16.49.81
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://freegifmaker.me/img/res/1/4/0/8/2/6/14082678501421827.gif?1408267850
Requested by: Host: www.turf.dafun.com
URL: http://www.turf.dafun.com/pronos/programmation/
Protocol: HTTP/1.1
Server: 50.16.49.81 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-50-16-49-81.compute-1.amazonaws.com
Software: nginx/1.16.0 /
Resource Hash: 29e58a31046cbd8912e14634fb404dba058f422d9cf5cb9aa2e2759a2be89707

Request headers

Referer: http://www.turf.dafun.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Wed, 30 Jun 2021 15:26:33 GMT
Content-Encoding: gzip
Response: 200
Last-Modified: Fri, 25 Jun 2021 22:41:18 GMT
Server: nginx/1.16.0
Display: staticcontent_sol, staticcontent_sol
Etag: "53f0764a-e259-gzip"
Vary: Accept-Encoding, Origin,Accept-Encoding
Content-Type: image/gif
X-Middleton-Display: staticcontent_sol, staticcontent_sol
Expires: Wed, 07 Jul 2021 15:26:33 GMT
Cache-Control: max-age=604800
Transfer-Encoding: chunked
X-Middleton-Response: 200
X-Ua-Compatible: IE=edge

Redirect headers

Location: http://freegifmaker.me/img/res/1/4/0/8/2/6/14082678501421827.gif?1408267850
Date: Wed, 30 Jun 2021 15:26:32 GMT
Server: nginx/1.12.0
Connection: keep-alive
Content-Length: 185
Content-Type: text/html

GET
H/1.1 200
OK logo.gif
www.turfinfos.ouba.com/ Frame DC40 6 KB
6 KB 142ms
87ms Image
image/gif 194.150.236.166
HIWIT_AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://www.turfinfos.ouba.com/logo.gif
Requested by: Host: www.turf.dafun.com
URL: http://www.turf.dafun.com/pronos/programmation/
Protocol: HTTP/1.1
Server: 194.150.236.166 , France, ASN44976 (HIWIT_AS, FR),
Reverse DNS: ns6.hiwit.net
Software: Apache /
Resource Hash: b3d1ff1c03e608adcedb1eb0620301291d21d70834b11c8e6f1d710351debd38

Request headers

Referer: http://www.turf.dafun.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Wed, 30 Jun 2021 15:26:32 GMT
Last-Modified: Tue, 12 Sep 2017 08:21:11 GMT
Server: Apache
ETag: "134e672-169d-558f9b9ceebc0"
Vary: Host
Content-Type: image/gif
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=15, max=100
Content-Length: 5789

GET
H/1.1 200
OK alternate-barre.htm Show response
www.venez.fr/ Frame 65CE 2 KB
1 KB 50ms
50ms Document
text/html 5.135.149.81
OVH

General

Check archive.org

Show headers Download Go to

Full URL: https://www.venez.fr/alternate-barre.htm
Requested by: Host: programmation.fr.mu
URL: http://programmation.fr.mu/barre-programmation.fr.mu.html
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 5.135.149.81 , France, ASN16276 (OVH, FR),
Reverse DNS: web3.venez.net
Software: Apache /
Resource Hash: a626e1d5493bf1193b9ddd4c4875e216ec49dfb9beb2163b497db2325057a883

Request headers

Host: www.venez.fr
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site: cross-site
Sec-Fetch-Mode: navigate
Sec-Fetch-Dest: iframe
Referer: http://programmation.fr.mu/
Accept-Encoding: gzip, deflate, br
Accept-Language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: http://programmation.fr.mu/

Response headers

Date: Wed, 30 Jun 2021 15:26:32 GMT
Server: Apache
Vary: Accept-Encoding
Content-Encoding: gzip
Content-Length: 871
Keep-Alive: timeout=5, max=99
Connection: Keep-Alive
Content-Type: text/html; charset=iso-8859-1

GET
H/1.1 200
OK barre90.gif
www.venez.fr/images/ Frame 85EA 110 B
416 B 54ms
51ms Image
image/gif 5.135.149.81
OVH

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.venez.fr/images/barre90.gif
Requested by: Host: programmation.fr.mu
URL: http://programmation.fr.mu/barre-programmation.fr.mu.html
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 5.135.149.81 , France, ASN16276 (OVH, FR),
Reverse DNS: web3.venez.net
Software: Apache /
Resource Hash: 49d4ba84e10d9d1f2a83956dde4f20625fd11efc01f60a3a4552a9e09a05a74f

Request headers

Referer: http://programmation.fr.mu/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Wed, 30 Jun 2021 15:26:32 GMT
Last-Modified: Thu, 15 Nov 2018 22:06:23 GMT
Server: Apache
ETag: "6e-57abb42dff5c0"
Content-Type: image/gif
Cache-Control: max-age=604800, public
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=99
Content-Length: 110

GET
H2 200 show_ads_impl_with_ama_fy2019.js Show response
pagead2.googlesyndication.com/pagead/js/r20210628/r20190131/ Frame 85EA 240 KB
89 KB 27ms
27ms Script
text/javascript 2a00:1450:4001:812::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/r20210628/r20190131/show_ads_impl_with_ama_fy2019.js?client=ca-pub-5203714787387788&plah=programmation.fr.mu&amaexp=1

Requested by

Host: pagead2.googlesyndication.com
URL: http://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e233a147eb1f2dc7932e22c7199051febacd3246e31ee3cb3675db87dec8c042

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: http://programmation.fr.mu/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 30 Jun 2021 15:26:32 GMT
content-encoding: gzip
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 91162
x-xss-protection: 0
server: cafe
etag: 13729711335453486071
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=3600, stale-while-revalidate=3600
timing-allow-origin: *
expires: Wed, 30 Jun 2021 15:26:32 GMT

GET
H2 200 zrt_lookup.html Show response
googleads.g.doubleclick.net/pagead/html/r20210628/r20190131/ Frame 031A 10 KB
5 KB 6ms
5ms Document
text/html 2a00:1450:4001:830::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/html/r20210628/r20190131/zrt_lookup.html

Requested by

Host: pagead2.googlesyndication.com
URL: http://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

20b3bad1427e2212dd847357841f993f025b5061c4af1d382dcc727e102cc1e4

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: googleads.g.doubleclick.net
:scheme: https
:path: /pagead/html/r20210628/r20190131/zrt_lookup.html
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: http://programmation.fr.mu/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: http://programmation.fr.mu/

Response headers

p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
vary: Accept-Encoding
date: Tue, 29 Jun 2021 19:14:00 GMT
expires: Tue, 13 Jul 2021 19:14:00 GMT
content-type: text/html; charset=UTF-8
etag: 15579341980913220427
x-content-type-options: nosniff
content-encoding: gzip
server: cafe
content-length: 4579
x-xss-protection: 0
age: 72752
cache-control: public, max-age=1209600
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H/1.1 200
OK 120x60.gif
www.venez.fr/images/ Frame 65CE 4 KB
4 KB 52ms
50ms Image
image/gif 5.135.149.81
OVH

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.venez.fr/images/120x60.gif
Requested by: Host: www.venez.fr
URL: https://www.venez.fr/alternate-barre.htm
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 5.135.149.81 , France, ASN16276 (OVH, FR),
Reverse DNS: web3.venez.net
Software: Apache /
Resource Hash: 7dc792d48132ff15a9ad8c11a139bf26f8e13aa3df30a71582ae406ddffdab4f

Request headers

Referer: https://www.venez.fr/alternate-barre.htm
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Wed, 30 Jun 2021 15:26:32 GMT
Last-Modified: Wed, 02 Mar 2011 00:16:24 GMT
Server: Apache
ETag: "f4c-49d74d2b9c600"
Content-Type: image/gif
Cache-Control: max-age=604800, public
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=98
Content-Length: 3916

GET
H/1.1 200
OK site.js Show response
www.venez.fr/js/ Frame 65CE 2 KB
1 KB 54ms
53ms Script
application/javascript 5.135.149.81
OVH

General

Check archive.org

Show headers Download Go to

Full URL: https://www.venez.fr/js/site.js?www.venez.fr
Requested by: Host: www.venez.fr
URL: https://www.venez.fr/alternate-barre.htm
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 5.135.149.81 , France, ASN16276 (OVH, FR),
Reverse DNS: web3.venez.net
Software: Apache /
Resource Hash: 0c91a24c2deb753c963c48cd9c3e5d16ee96128b30bce193c4324e121728c306

Request headers

Referer: https://www.venez.fr/alternate-barre.htm
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Wed, 30 Jun 2021 15:26:32 GMT
Content-Encoding: gzip
Last-Modified: Wed, 30 Jun 2021 15:26:32 GMT
Server: Apache
Vary: Accept-Encoding
Content-Type: application/javascript
Cache-Control: public, max-age=604800
Connection: Keep-Alive
Keep-Alive: timeout=5, max=98
Content-Length: 1023
Expires: Wed, 07 Jul 2021 15:26:32 GMT

GET
H/1.1 200
OK barre90.gif
www.venez.fr/images/ Frame 65CE 110 B
417 B 53ms
52ms Image
image/gif 5.135.149.81
OVH

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.venez.fr/images/barre90.gif
Requested by: Host: www.venez.fr
URL: https://www.venez.fr/alternate-barre.htm
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 5.135.149.81 , France, ASN16276 (OVH, FR),
Reverse DNS: web3.venez.net
Software: Apache /
Resource Hash: 49d4ba84e10d9d1f2a83956dde4f20625fd11efc01f60a3a4552a9e09a05a74f

Request headers

Referer: https://www.venez.fr/alternate-barre.htm
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Wed, 30 Jun 2021 15:26:32 GMT
Last-Modified: Thu, 15 Nov 2018 22:06:23 GMT
Server: Apache
ETag: "6e-57abb42dff5c0"
Content-Type: image/gif
Cache-Control: max-age=604800, public
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=100
Content-Length: 110

GET
H2 200 cookie.js Show response
partner.googleadservices.com/gampad/ Frame 85EA 195 B
654 B 146ms
52ms Script
text/javascript 142.250.185.66
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://partner.googleadservices.com/gampad/cookie.js?domain=programmation.fr.mu&callback=_gfp_s_&client=ca-pub-5203714787387788

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/r20210628/r20190131/show_ads_impl_with_ama_fy2019.js?client=ca-pub-5203714787387788&plah=programmation.fr.mu&amaexp=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.185.66 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s48-in-f2.1e100.net

Software

cafe /

Resource Hash

2c70b211713c22bbb5118c2d7ca852f49a7bb661743d4c1d12f91983a0706100

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: http://programmation.fr.mu/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 30 Jun 2021 15:26:32 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-type: text/javascript; charset=UTF-8
cache-control: private
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 188
x-xss-protection: 0

GET
H2 200 integrator.js Show response
adservice.google.de/adsid/ Frame 85EA 107 B
165 B 14ms
14ms Script
application/javascript 2a00:1450:4001:800::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.de/adsid/integrator.js?domain=programmation.fr.mu

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:800::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: http://programmation.fr.mu/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin: *
date: Wed, 30 Jun 2021 15:26:32 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/javascript; charset=UTF-8
alt-svc: h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H2 200 integrator.js Show response
adservice.google.com/adsid/ Frame 85EA 107 B
165 B 15ms
14ms Script
application/javascript 2a00:1450:4001:827::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.com/adsid/integrator.js?domain=programmation.fr.mu

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: http://programmation.fr.mu/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin: *
date: Wed, 30 Jun 2021 15:26:32 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/javascript; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H3-29 200 ads Show response
googleads.g.doubleclick.net/pagead/ Frame 2338 436 B
234 B 82ms
78ms Document
text/html 2a00:1450:4001:830::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5203714787387788&output=html&h=90&slotname=4563536207&adk=2647235303&adf=3604715433&pi=t.ma~as.4563536207&w=970&psa=0&format=970x90&url=http%3A%2F%2Fprogrammation.fr.mu%2F&ea=0&flash=0&wgl=1&dt=1625066792712&bpp=7&bdt=288&idt=90&shv=r20210628&ptt=9&saldr=aa&correlator=8792493306307&frm=23&ife=1&pv=2&ga_vid=1197819410.1625066793&ga_sid=1625066793&ga_hid=474729932&ga_fc=0&nhd=1&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=20&ady=0&biw=1600&bih=1200&isw=1600&ish=90&ifk=1659534046&scr_x=0&scr_y=0&eid=31061334%2C31061383&oid=3&pvsid=2609816066189015&eae=2&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C90&vis=1&rsz=o%7Co%7CaeE%7C&abl=NA&pfx=0&fu=4&bc=23&ifi=1&uci=1.ttvs9bk60w08&fsb=1&dtd=114

Requested by

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

292d083902639b1271c019be0e38b0a626a739f645e345d13fefb19442512f19

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: googleads.g.doubleclick.net
:scheme: https
:path: /pagead/ads?client=ca-pub-5203714787387788&output=html&h=90&slotname=4563536207&adk=2647235303&adf=3604715433&pi=t.ma~as.4563536207&w=970&psa=0&format=970x90&url=http%3A%2F%2Fprogrammation.fr.mu%2F&ea=0&flash=0&wgl=1&dt=1625066792712&bpp=7&bdt=288&idt=90&shv=r20210628&ptt=9&saldr=aa&correlator=8792493306307&frm=23&ife=1&pv=2&ga_vid=1197819410.1625066793&ga_sid=1625066793&ga_hid=474729932&ga_fc=0&nhd=1&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=20&ady=0&biw=1600&bih=1200&isw=1600&ish=90&ifk=1659534046&scr_x=0&scr_y=0&eid=31061334%2C31061383&oid=3&pvsid=2609816066189015&eae=2&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C90&vis=1&rsz=o%7Co%7CaeE%7C&abl=NA&pfx=0&fu=4&bc=23&ifi=1&uci=1.ttvs9bk60w08&fsb=1&dtd=114
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: http://programmation.fr.mu/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: http://programmation.fr.mu/

Response headers

p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
x-content-type-options: nosniff
content-encoding: br
date: Wed, 30 Jun 2021 15:26:32 GMT
server: cafe
content-length: 211
x-xss-protection: 0
set-cookie: test_cookie=CheckForPermission; expires=Wed, 30-Jun-2021 15:41:32 GMT; path=/; domain=.doubleclick.net; Secure; HttpOnly; SameSite=none
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
expires: Wed, 30 Jun 2021 15:26:32 GMT
cache-control: private

GET
H2 200 osd.js Show response
www.googletagservices.com/activeview/js/current/ Frame 85EA 72 KB
27 KB 14ms
13ms Script
text/javascript 2a00:1450:4001:802::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/osd.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:802::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

29d592e34e3d2c8ca0c55ceafd75940de79cdb6381d8ceb372d226e7820e7220

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: http://programmation.fr.mu/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 30 Jun 2021 15:26:32 GMT
content-encoding: gzip
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
server: sffe
etag: "1624879999447392"
vary: Accept-Encoding
content-type: text/javascript
cache-control: private, max-age=3000
x-content-type-options: nosniff
accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 27719
x-xss-protection: 0
expires: Wed, 30 Jun 2021 15:26:32 GMT

GET
H/1.1 204
No Content gen_204
pagead2.googlesyndication.com/pagead/ Frame 85EA 0
459 B 38ms
38ms Image
image/gif 2a00:1450:4001:812::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

http://pagead2.googlesyndication.com/pagead/gen_204?id=adfil-imp&wp=ca-pub-5203714787387788&c=16&n=0&t=0&w=0&x=2

Requested by

Host: programmation.fr.mu
URL: http://programmation.fr.mu/barre-programmation.fr.mu.html

Protocol

HTTP/1.1

Server

2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: http://programmation.fr.mu/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma: no-cache
Date: Wed, 30 Jun 2021 15:26:32 GMT
X-Content-Type-Options: nosniff
Server: cafe
Timing-Allow-Origin: *
P3P: policyref="http://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
Cache-Control: no-cache, must-revalidate
Cross-Origin-Resource-Policy: cross-origin
Content-Type: image/gif
Content-Length: 0
X-XSS-Protection: 0
Expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3-29 200 sodar Show response
pagead2.googlesyndication.com/getconfig/ Frame 85EA 10 KB
8 KB 28ms
26ms XHR
application/json 2a00:1450:4001:80f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gda&tv=r20210628&st=env

Requested by

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

2844db6776c6406748374c514c10278615905b751bbf49cd943d191da6faca7a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: http://programmation.fr.mu/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin: *
date: Wed, 30 Jun 2021 15:26:32 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin: *
cache-control: private
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/json; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 7822
x-xss-protection: 0

GET
H2 200 sodar2.js Show response
tpc.googlesyndication.com/sodar/ Frame 85EA 17 KB
6 KB 13ms
13ms Script
text/javascript 2a00:1450:4001:827::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:827::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

a5ead9037af4a0e749e217f63b25a25493a7705e17d98f04b336ab1370a353db

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: http://programmation.fr.mu/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 30 Jun 2021 15:26:33 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: sffe
etag: "1624308425655142"
vary: Accept-Encoding
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 6467
x-xss-protection: 0
expires: Wed, 30 Jun 2021 15:26:33 GMT

GET
H3-29 200 runner.html Show response
tpc.googlesyndication.com/sodar/sodar2/224/ Frame 1137 12 KB
5 KB 15ms
14ms Document
text/html 2a00:1450:4001:802::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2/224/runner.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:802::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

4fa0156d693856f79289525c8e4db988a188d55ce0283351c96d811c7ce3e2c3

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: tpc.googlesyndication.com
:scheme: https
:path: /sodar/sodar2/224/runner.html
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: http://programmation.fr.mu/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: http://programmation.fr.mu/

Response headers

accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-type: text/html
cross-origin-resource-policy: cross-origin
content-length: 5029
date: Wed, 30 Jun 2021 13:23:41 GMT
expires: Thu, 30 Jun 2022 13:23:41 GMT
last-modified: Wed, 02 Jun 2021 17:09:45 GMT
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
cache-control: public, max-age=31536000
age: 7372
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H2 200 aframe Show response
www.google.com/recaptcha/api2/ Frame 8B1C 783 B
777 B 16ms
16ms Document
text/html 2a00:1450:4001:800::2004
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/recaptcha/api2/aframe

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:800::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

GSE /

Resource Hash

a818c2ca69c62daa04d24169da1d3cf24fa073e747861ab22e4c63e6c1fe09d0

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-PmniQBIOlKbnfFlotTR6eA' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

:method: GET
:authority: www.google.com
:scheme: https
:path: /recaptcha/api2/aframe
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: http://programmation.fr.mu/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: http://programmation.fr.mu/

Response headers

expires: Wed, 30 Jun 2021 15:26:33 GMT
date: Wed, 30 Jun 2021 15:26:33 GMT
cache-control: private, max-age=300
content-type: text/html; charset=utf-8
content-security-policy: script-src 'report-sample' 'nonce-PmniQBIOlKbnfFlotTR6eA' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-encoding: gzip
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
content-length: 511
server: GSE
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H3-29 200 mGzIkP9MbilhhXayH-4FXVj5Hth0Auc0RFP8Od1UZbs.js Show response
pagead2.googlesyndication.com/bg/ Frame 1137 14 KB
6 KB 15ms
14ms Script
text/javascript 2a00:1450:4001:80f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/mGzIkP9MbilhhXayH-4FXVj5Hth0Auc0RFP8Od1UZbs.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2/224/runner.html

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

986cc890ff4c6e29618576b21fee055d58f91ed87402e7344453fc39dd5465bb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 29 Jun 2021 13:01:14 GMT
content-encoding: br
x-content-type-options: nosniff
age: 95119
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 5744
x-xss-protection: 0
last-modified: Tue, 22 Jun 2021 16:28:00 GMT
server: sffe
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Wed, 29 Jun 2022 13:01:14 GMT

GET
H2 200 gtm.js Show response
www.googletagmanager.com/ Frame DC40 83 KB
32 KB 19ms
19ms Script
application/javascript 2a00:1450:4001:813::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtm.js?id=GTM-NHFGDSD

Requested by

Host: payment.allopass.com
URL: https://payment.allopass.com/buy/checkout.apu?ids=352302&idd=1539064&lang=fr

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:813::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

f6d13ddc2742b5c5ca2af48e871d607ddcb2ac757def1c7e0d0c1b855a35657d

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

Referer: http://www.turf.dafun.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 30 Jun 2021 15:26:33 GMT
content-encoding: br
vary: Accept-Encoding
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 33068
x-xss-protection: 0
last-modified: Wed, 30 Jun 2021 15:00:00 GMT
server: Google Tag Manager
strict-transport-security: max-age=31536000; includeSubDomains
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Wed, 30 Jun 2021 15:26:33 GMT

GET
H/1.1 200
OK buy-button.css
payment.allopass.com/static/css/ Frame DC40 2 KB
830 B 175ms
60ms Stylesheet
text/css 185.119.26.1
WEBDEVIIN-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://payment.allopass.com/static/css/buy-button.css?1
Requested by: Host: payment.allopass.com
URL: https://payment.allopass.com/buy/checkout.apu?ids=352302&idd=1539064&lang=fr
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 185.119.26.1 , France, ASN203544 (WEBDEVIIN-AS, FR),
Reverse DNS: 1.26.119.185.in-addr.arpa
Software: Apache /
Resource Hash: 95eb15e76b752a9c78d6281cd3b7c43a8fbc2931783edf3bf3703af55eff06e2

Request headers

Referer: http://www.turf.dafun.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Wed, 30 Jun 2021 15:26:33 GMT
Content-Encoding: gzip
Last-Modified: Mon, 20 Jan 2020 15:32:43 GMT
Server: Apache
ETag: "221ab-69a-59c94009dfcc0"
Vary: Accept-Encoding
Content-Type: text/css
Connection: close
Accept-Ranges: bytes
Content-Length: 546

GET
H/1.1 200
OK 162x56.png
payment.allopass.com/static/buy/button/fr/ Frame DC40 6 KB
6 KB 174ms
60ms Image
image/png 185.119.26.1
WEBDEVIIN-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://payment.allopass.com/static/buy/button/fr/162x56.png
Requested by: Host: www.turf.dafun.com
URL: http://www.turf.dafun.com/pronos/programmation/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 185.119.26.1 , France, ASN203544 (WEBDEVIIN-AS, FR),
Reverse DNS: 1.26.119.185.in-addr.arpa
Software: Apache /
Resource Hash: 7dd9659e56e92abc376e04d427903b2cfca1d52d854d38e35fefa4cf9e7fd9db

Request headers

Referer: http://www.turf.dafun.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Wed, 30 Jun 2021 15:26:33 GMT
Last-Modified: Mon, 20 Jan 2020 15:32:43 GMT
Server: Apache
ETag: "216da-1688-59c94009dfcc0"
Content-Type: image/png
Connection: close
Accept-Ranges: bytes
Content-Length: 5768

GET
H/1.1 200
OK bt_ok.gif
payment.allopass.com/imgweb/common/ Frame DC40 753 B
991 B 172ms
58ms Image
image/gif 185.119.26.1
WEBDEVIIN-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://payment.allopass.com/imgweb/common/bt_ok.gif
Requested by: Host: www.turf.dafun.com
URL: http://www.turf.dafun.com/pronos/programmation/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 185.119.26.1 , France, ASN203544 (WEBDEVIIN-AS, FR),
Reverse DNS: 1.26.119.185.in-addr.arpa
Software: Apache /
Resource Hash: d1d6b5efe0d6c2540778435a8f7873cbec1eb76a2b107370388a8806cb5dda6a

Request headers

Referer: http://www.turf.dafun.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Wed, 30 Jun 2021 15:26:33 GMT
Last-Modified: Tue, 26 Nov 2019 14:39:46 GMT
Server: Apache
ETag: "432cd-2f1-59840d9fb3080"
Content-Type: image/gif
Connection: close
Accept-Ranges: bytes
Content-Length: 753

GET
H2 200 analytics.js Show response
www.google-analytics.com/ Frame DC40 48 KB
19 KB 7ms
5ms Script
text/javascript 2a00:1450:4001:80f::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/analytics.js

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-NHFGDSD

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80f::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

73d6a5ea11fb7bf6e6a6ccd44b1635d52c79b0a00623d0387c9dddd4b7c68e89

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: http://www.turf.dafun.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security: max-age=10886400; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Wed, 09 Jun 2021 17:36:57 GMT
server: Golfe2
age: 6888
date: Wed, 30 Jun 2021 13:31:45 GMT
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=7200
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 19661
expires: Wed, 30 Jun 2021 15:31:45 GMT

GET
H3-29 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame 85EA 0
20 B 41ms
40ms Image
image/gif 2a00:1450:4001:80f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar2&v=224&t=2&li=gda_r20210628&jk=2609816066189015&bg=!NzSlNHDNAAYo4NJEKOA7ACkAdvg8Wh374ZO47QpS9aF0hrx8Dt5egRXrp77cXtX8klwhED1D2e6DigIAAABsUgAAANFoAQeZAorQOyEGqs_DyNo39YeT_no5XnNWvv3lwHb7IzDsP4u8VzYgjSWbEjV0N-KugutYQQpbVVEflZJDbHRyf4tEI4Rk1ev047WLHMiQwe3ybdoZA1ILEwZ1b7MnG0Zh92d2zC4Jmpv1Fg8EtEixmwNicCZs97bEz8aQFG5n73fA4NaKexaVSm7X0ntXioZhvyh1bvgdCBdUX0xARbrywwC8woMaksL0kYKwYYRuRb42mKlQE00IoH0al2iFgczslj0UddNOOOQzTvPeYdp8sdScqcfg9YTK8WkrZfgVUm4RiVSxK9v_NpRd6sxbj7ynGPodLNoIuaFR1UKhTFAyka83CxQBAVeKj8zVm7O2B6nUb2sFGug0xUyv_sMNwTem8BjY39KMZl9SCVQyRWN_Jd2A_kvV0I4C7AEQHFcHGpB0FQAf9zjVgSX4NDEBvwuqdkLDOA1on1Tm4Am7eiM9oZF8S0KRQ2lHGcnQxLbWojs4FWevT6GTo-BLSPTXnfUP227FtG5AIZ_o0a6v5Yr8CM2co3BYII3jHLi_Gfq912T1W8JFscY23tZ5b38yoeOgRm0kJJJeWUJ8EUqgPfsWa_mem30MOmSGYnrU6j-ltAmLBzsixgrltXFqGDZ5v2GEkI91os2UBwX6pxDvKAIwhNl0ch6YZ7H02UG5NMAMSFO3lyq-auXkzwpKGRf47lcLSdM1P-Un3Mdz9Yj-EhsbKNBhOc00-3-RE19rEYzamOsxOdYQVEV_mm6Oc4_eOOyzAfPttD0sqPbpIvjx4zgoo5GJIr6B2N6HaGeJdtaLEZgOhu3_qgFVIkEirax0MGuweWREVdkhkVK3LqBdjpW4Ccy6ubu89aEz-lHN4hJeKw

Requested by

Host: programmation.fr.mu
URL: http://programmation.fr.mu/

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: http://programmation.fr.mu/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 30 Jun 2021 15:26:33 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Verdicts & Comments Add Verdict or Comment

15 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

2 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

			Domain/Path	Expires	Name / Value
			.doubleclick.net/	1970-01-19 19:24:27	Name: test_cookie Value: CheckForPermission
			.fr.mu/	1970-01-20 04:46:02	Name: __gads Value: ID=f854cfb0d5b493cd-2288858042c9001a:T=1625066792:RT=1625066792:S=ALNI_MaZMxX2zvbCBQcWWNgkBCTnI1S6cA

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

adservice.google.com
adservice.google.de
freegifmaker.me
googleads.g.doubleclick.net
img.root-top.com
pagead2.googlesyndication.com
partner.googleadservices.com
payment.allopass.com
programmation.fr.mu
tpc.googlesyndication.com
www.google-analytics.com
www.google.com
www.googletagmanager.com
www.googletagservices.com
www.lesleaders.com
www.loogix.com
www.turf.dafun.com
www.turfinfos.ouba.com
www.venez.fr
142.250.185.66
185.119.26.1
194.150.236.165
194.150.236.166
2606:4700:3038::6815:ea1a
2a00:1450:4001:800::2002
2a00:1450:4001:800::2004
2a00:1450:4001:802::2001
2a00:1450:4001:802::2002
2a00:1450:4001:80f::2002
2a00:1450:4001:80f::200e
2a00:1450:4001:812::2002
2a00:1450:4001:813::2008
2a00:1450:4001:827::2001
2a00:1450:4001:827::2002
2a00:1450:4001:830::2002
5.135.149.81
50.16.49.81
88.99.130.181
91.216.107.189
0c91a24c2deb753c963c48cd9c3e5d16ee96128b30bce193c4324e121728c306
0e0c46dc5ea067610f498fbbea10bede54ddc1364862959257e2b7814e4fe4e3
1f6f8fcb5ad2e2b2573dbe11a4b3936e7dcc72973599a87ef155cab156f49e20
20b3bad1427e2212dd847357841f993f025b5061c4af1d382dcc727e102cc1e4
282bf0267358b4b4f834644fced15044b16455ebecce54a5278d67e0baa8feef
2844db6776c6406748374c514c10278615905b751bbf49cd943d191da6faca7a
286489fa50631d3c3f4fd6625e007e27cb92fe28dd5b115d1d308bde54391180
292d083902639b1271c019be0e38b0a626a739f645e345d13fefb19442512f19
29d592e34e3d2c8ca0c55ceafd75940de79cdb6381d8ceb372d226e7820e7220
29e58a31046cbd8912e14634fb404dba058f422d9cf5cb9aa2e2759a2be89707
2c70b211713c22bbb5118c2d7ca852f49a7bb661743d4c1d12f91983a0706100
3289fc83b622ca0a13683fa81b006a05de135d1938744d6e30e5c9be2f2d782a
3e464a572c1687023cd22ff8c67d6c9f868e10aa7347018595bd0102deb81028
3e8a51749672ee34dc1f1fe4b4510b9f7f842a352ef673bc880b94e62696f786
49d4ba84e10d9d1f2a83956dde4f20625fd11efc01f60a3a4552a9e09a05a74f
4fa0156d693856f79289525c8e4db988a188d55ce0283351c96d811c7ce3e2c3
58d04ac1628a6b128ace264013150a1f04abf4c0ea874e280b68ba00713a654c
5b376279810fe763fdea3127458adda3830e717053879c9904d1d2186b4eed08
5c68f279cffe49ae5cab0e12909796e8a38bfb4fdc480137157ea141db30aab9
73d6a5ea11fb7bf6e6a6ccd44b1635d52c79b0a00623d0387c9dddd4b7c68e89
7dc792d48132ff15a9ad8c11a139bf26f8e13aa3df30a71582ae406ddffdab4f
7dd9659e56e92abc376e04d427903b2cfca1d52d854d38e35fefa4cf9e7fd9db
8c9ff7c5b615fba96821177236b13d95ac0b7b2c67da14f8f3846be6d1b7eb6e
914b8ddeba70a202fd0c0721dd65bbe2cae4f894cfe70de6057e797c60fc1144
95eb15e76b752a9c78d6281cd3b7c43a8fbc2931783edf3bf3703af55eff06e2
986cc890ff4c6e29618576b21fee055d58f91ed87402e7344453fc39dd5465bb
a33536913470e0494a6fcc5357d5e9fb823e0412d7fcc79fdbd589efde77c79a
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
a51445ce818e264ccd17cdd92631fa7fb0f9536fda57df7270c54ddbe3444079
a5ead9037af4a0e749e217f63b25a25493a7705e17d98f04b336ab1370a353db
a626e1d5493bf1193b9ddd4c4875e216ec49dfb9beb2163b497db2325057a883
a818c2ca69c62daa04d24169da1d3cf24fa073e747861ab22e4c63e6c1fe09d0
b3d1ff1c03e608adcedb1eb0620301291d21d70834b11c8e6f1d710351debd38
c4db386006b5be2390168346843ca573b54a3677a2433cbbcc9d01ba4f6a407a
d1d6b5efe0d6c2540778435a8f7873cbec1eb76a2b107370388a8806cb5dda6a
e0aaaa34575f0948930fa8592cc5a9cf27c3063d4f8c8234cc2c0c69459feac4
e233a147eb1f2dc7932e22c7199051febacd3246e31ee3cb3675db87dec8c042
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
f2384ebce8f127741faa22d0ad678830654adf0c666d8e3757524baca7ebece1
f6d13ddc2742b5c5ca2af48e871d607ddcb2ac757def1c7e0d0c1b855a35657d
f8f374f740b76f7af943ea639d9e920d9c0bcc367eadd4e2af68c06aa9a9cba7
ff710d2b695aab9daeee97dab3574905e5c70f14ca7b68227426392d651301ab

programmation.fr.mu Open in urlscan Pro 5.135.149.81 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Detected technologies

Page Statistics

47 Requests

57 %HTTPS

60 %IPv6

17 Domains

19 Subdomains

19 IPs

3 Countries

936 kBTransfer

1342 kBSize

2 Cookies

0 Outgoing links

Redirected requests

47 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 0 data transactions

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

programmation.fr.mu Open in urlscan Pro
5.135.149.81 Public Scan

Screenshot
Live screenshot

Full Image

47
Requests

57 %
HTTPS

60 %
IPv6

17
Domains

19
Subdomains

19
IPs

3
Countries

936 kB
Transfer

1342 kB
Size

2
Cookies

47 HTTP transactions
0 data transactions