urlscan.io logo urlscan.io
SecurityTrails logo

www.abonnesturf.1s.fr Open in urlscan Pro
5.135.149.81  Public Scan

Go To Rescan Add Verdict Report
URL: http://www.abonnesturf.1s.fr/
Submission: On December 30 via manual from BF — Scanned from FR
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 19 IPs in 4 countries across 18 domains to perform 66 HTTP transactions. The main IP is 5.135.149.81, located in Le Chesnay, France and belongs to OVH, FR. The main domain is www.abonnesturf.1s.fr.
This is the only time www.abonnesturf.1s.fr was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

10    5.135.149.81 (Le Chesnay, France)

ASN16276 (OVH, FR)
PTR: web3.venez.net
www.abonnesturf.1s.fr
www.venez.fr
8    194.150.236.165 (France)

ASN44976 (HIWIT_AS, FR)
PTR: ns5.hiwit.net
www.turf.dafun.com
1    2a00:1450:4001:80e::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
pagead2.googlesyndication.com
4    2606:4700:3038::6815:ea1a (United States)

ASN13335 (CLOUDFLARENET, US)
img.root-top.com
4    2606:4700:3038::6815:ea1b (United States)

ASN13335 (CLOUDFLARENET, US)
img.root-top.com
3    88.99.130.181 (Germany)

ASN24940 (HETZNER-AS, DE)
PTR: freegifmaker.me
www.loogix.com
3    3.66.136.156 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-3-66-136-156.eu-central-1.compute.amazonaws.com
freegifmaker.me
1    194.150.236.166 (France)

ASN44976 (HIWIT_AS, FR)
PTR: ns6.hiwit.net
www.turfinfos.ouba.com
1    194.0.255.28 (France)

ASN8218 (NEO-ASN legacy Neotelecoms, FR)
PTR: srv28.bdmultimedia.fr
script.starpass.fr
4    185.119.26.1 (France)

ASN203544 (WEBDEVIIN-AS, FR)
PTR: 1.26.119.185.in-addr.arpa
payment.allopass.com
16    2600:9000:2304:3a00:10:b13a:9240:93a1 (United States)

ASN16509 (AMAZON-02, US)
www.zone-turf.fr
5    2a00:1450:4001:803::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
pagead2.googlesyndication.com
2    2a00:1450:400d:803::2002 (Ireland)

ASN15169 (GOOGLE, US)
googleads.g.doubleclick.net
1    2a00:1450:4001:80f::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
partner.googleadservices.com
1    2a00:1450:4001:82b::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
adservice.google.fr
1    2a00:1450:4001:829::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
adservice.google.com
3    2a00:1450:4001:80e::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
tpc.googlesyndication.com
1    2a00:1450:400d:807::2004 (Ireland)

ASN15169 (GOOGLE, US)
www.google.com
1    2a00:1450:4001:82a::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.googletagmanager.com
6    2600:9000:2491:b000:b:f280:8a40:93a1 (United States)

ASN16509 (AMAZON-02, US)
d1crle9mdp1ve1.cloudfront.net
1    2a00:1450:4001:828::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.google-analytics.com
Apex Domain
Subdomains		 Transfer
16 zone-turf.fr
www.zone-turf.fr — Cisco Umbrella Rank: 207273
40 KB
9 googlesyndication.com
pagead2.googlesyndication.com — Cisco Umbrella Rank: 145
tpc.googlesyndication.com — Cisco Umbrella Rank: 187
207 KB
8 root-top.com
img.root-top.com
7 KB
8 dafun.com
www.turf.dafun.com
1 MB
7 venez.fr
www.venez.fr
9 KB
6 cloudfront.net
d1crle9mdp1ve1.cloudfront.net
84 KB
4 allopass.com
payment.allopass.com
11 KB
3 freegifmaker.me
freegifmaker.me
142 KB
3 loogix.com
www.loogix.com
738 B
3 1s.fr
www.abonnesturf.1s.fr
3 KB
2 google.com
adservice.google.com — Cisco Umbrella Rank: 142
www.google.com — Cisco Umbrella Rank: 16
2 KB
2 doubleclick.net
googleads.g.doubleclick.net — Cisco Umbrella Rank: 64
5 KB
1 google-analytics.com
www.google-analytics.com — Cisco Umbrella Rank: 103
20 KB
1 googletagmanager.com
www.googletagmanager.com — Cisco Umbrella Rank: 123
45 KB
1 google.fr
adservice.google.fr — Cisco Umbrella Rank: 17421
792 B
1 googleadservices.com
partner.googleadservices.com — Cisco Umbrella Rank: 1011
692 B
1 starpass.fr
script.starpass.fr
94 KB
1 ouba.com
www.turfinfos.ouba.com
6 KB
66 18
Domain Requested by
16 www.zone-turf.fr 1 redirects www.turf.dafun.com
8 img.root-top.com 7 redirects www.turf.dafun.com
8 www.turf.dafun.com www.abonnesturf.1s.fr
www.turf.dafun.com
7 www.venez.fr www.abonnesturf.1s.fr
www.venez.fr
6 d1crle9mdp1ve1.cloudfront.net www.turf.dafun.com
6 pagead2.googlesyndication.com www.abonnesturf.1s.fr
pagead2.googlesyndication.com
tpc.googlesyndication.com
4 payment.allopass.com www.turf.dafun.com
payment.allopass.com
3 tpc.googlesyndication.com pagead2.googlesyndication.com
tpc.googlesyndication.com
www.abonnesturf.1s.fr
3 freegifmaker.me www.turf.dafun.com
3 www.loogix.com 3 redirects
3 www.abonnesturf.1s.fr www.abonnesturf.1s.fr
2 googleads.g.doubleclick.net pagead2.googlesyndication.com
1 www.google-analytics.com www.googletagmanager.com
1 www.googletagmanager.com payment.allopass.com
1 www.google.com tpc.googlesyndication.com
1 adservice.google.com pagead2.googlesyndication.com
1 adservice.google.fr pagead2.googlesyndication.com
1 partner.googleadservices.com pagead2.googlesyndication.com
1 script.starpass.fr www.turf.dafun.com
1 www.turfinfos.ouba.com www.turf.dafun.com
66 20

This site contains no links.

Subject Issuer Validity Valid
venez.fr
R3		 2022-12-17 -
2023-03-17		 3 months crt.sh
script.starpass.fr
ZeroSSL RSA Domain Secure Site CA		 2022-11-18 -
2023-02-16		 3 months crt.sh
*.allopass.com
Sectigo RSA Domain Validation Secure Server CA		 2022-10-07 -
2023-10-07		 a year crt.sh
*.g.doubleclick.net
GTS CA 1C3		 2022-11-28 -
2023-02-20		 3 months crt.sh
*.googleadservices.com
GTS CA 1C3		 2022-11-28 -
2023-02-20		 3 months crt.sh
*.google.fr
GTS CA 1C3		 2022-11-28 -
2023-02-20		 3 months crt.sh
*.google.com
GTS CA 1C3		 2022-11-28 -
2023-02-20		 3 months crt.sh
tpc.googlesyndication.com
GTS CA 1C3		 2022-11-28 -
2023-02-20		 3 months crt.sh
www.google.com
GTS CA 1C3		 2022-11-28 -
2023-02-20		 3 months crt.sh
*.google-analytics.com
GTS CA 1C3		 2022-11-28 -
2023-02-20		 3 months crt.sh
www.zone-turf.fr
Amazon RSA 2048 M02		 2022-10-26 -
2023-11-24		 a year crt.sh
*.cloudfront.net
Amazon		 2022-02-01 -
2023-01-31		 a year crt.sh

This page contains 9 frames:

Primary Page: http://www.abonnesturf.1s.fr/
Frame ID: 9DC14ADF8BDC432AEA1DE80A4E0FD678
Requests: 1 HTTP requests in this frame

Frame: http://www.abonnesturf.1s.fr/barre-abonnesturf.1s.fr.html
Frame ID: BA8CF8CFCCB521D66AA95682AB0BB74E
Requests: 12 HTTP requests in this frame

Frame: http://www.turf.dafun.com/pronos/abonnesturf/
Frame ID: 9844C3EE97C21AD3BE5980907EB32E96
Requests: 41 HTTP requests in this frame

Frame: http://www.abonnesturf.1s.fr/stats-abonnesturf.1s.fr.html
Frame ID: 79BB5336C46785157E1355B115481677
Requests: 1 HTTP requests in this frame

Frame: https://www.venez.fr/alternate-barre.htm
Frame ID: 34E9708FAE3152C09956409D27517882
Requests: 4 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/html/r20221207/r20190131/zrt_lookup.html
Frame ID: C25E545F11C7D06E04863F9018B6CDA4
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5203714787387788&output=html&h=90&slotname=4563536207&adk=2647235303&adf=3604715433&pi=t.ma~as.4563536207&w=970&format=970x90&url=http%3A%2F%2Fwww.abonnesturf.1s.fr%2F&ea=0&wgl=1&dt=1672440230668&bpp=4&bdt=374&idt=253&shv=r20221207&mjsv=m202212070101&ptt=9&saldr=aa&correlator=7442077223667&frm=23&ife=1&pv=2&ga_vid=107957710.1672440231&ga_sid=1672440231&ga_hid=2117042221&ga_fc=0&nhd=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&adx=20&ady=0&biw=1600&bih=1200&isw=1600&ish=90&ifk=2071789444&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759842%2C31071276%2C44777948%2C44780792%2C44769661&oid=2&pvsid=1158092139226912&tmod=59288082&uas=0&nvt=1&eae=2&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C90&vis=1&rsz=o%7Co%7CaeE%7C&abl=NA&pfx=0&fu=4&bc=23&ifi=1&uci=1.6jdf56f5x5hw&fsb=1&dtd=269
Frame ID: A8F478E3AC850C9D5A42E8A051A863BD
Requests: 1 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Frame ID: D7F9A40DE6B762F6AD0DBDBD11D7670E
Requests: 3 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/aframe
Frame ID: DF164E39EB5BD98DA6972B310788E87D
Requests: 2 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page Title

ABONNESTURF

Detected technologies

Overall confidence: 100%
Detected patterns
  • googlesyndication\.com/
Overall confidence: 100%
Detected patterns
  • google-analytics\.com/(?:ga|urchin|analytics)\.js
Overall confidence: 100%
Detected patterns
  • googletagmanager\.com/gtm\.js

Page Statistics

66
Requests

73 %
HTTPS

67 %
IPv6

18
Domains

20
Subdomains

19
IPs

4
Countries

1722 kB
Transfer

2652 kB
Size

5
Cookies

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 10
  • http://img.root-top.com/topsite/miroirduturf/banner.gif HTTP 301
  • https://img.root-top.com/topsite/miroirduturf/banner.gif HTTP 302
  • http://www.loogix.com/img/res/1/4/0/8/2/6/14082678501421827.gif?1408267850 HTTP 301
  • http://freegifmaker.me/img/res/1/4/0/8/2/6/14082678501421827.gif?1408267850
Request Chain 12
  • http://img.root-top.com/topsite/lc13/banner.gif HTTP 301
  • https://img.root-top.com/topsite/lc13/banner.gif
Request Chain 13
  • http://img.root-top.com/topsite/bienjouer/banner.gif HTTP 301
  • https://img.root-top.com/topsite/bienjouer/banner.gif HTTP 302
  • http://www.loogix.com/img/res/1/3/9/3/7/5/13937580041908691.gif HTTP 301
  • http://freegifmaker.me/img/res/1/3/9/3/7/5/13937580041908691.gif
Request Chain 14
  • http://img.root-top.com/topsite/turfgagnant/banner.gif HTTP 301
  • https://img.root-top.com/topsite/turfgagnant/banner.gif HTTP 302
  • http://www.loogix.com/img/res/1/4/0/0/6/6/1400663748165342.gif?1400663749 HTTP 301
  • http://freegifmaker.me/img/res/1/4/0/0/6/6/1400663748165342.gif?1400663749
Request Chain 18
  • http://www.zone-turf.fr/module/module_webmaster.php?e=partants&f=medium HTTP 301
  • https://www.zone-turf.fr/module/module_webmaster.php?e=partants&f=medium

66 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Primary Request /
www.abonnesturf.1s.fr/ 		3 KB
1 KB 		Document
General
Check archive.org
Download Go to
Full URL
http://www.abonnesturf.1s.fr/
Protocol
HTTP/1.1
Server
5.135.149.81 Le Chesnay, France, ASN16276 (OVH, FR),
Reverse DNS
web3.venez.net
Software
Apache /
Resource Hash
27dc3e57def64eb6ce1ec80c9508a7b6df7e223d51576125bf10fb3c4387b0ee

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
accept-language
fr-FR,fr;q=0.9

Response headers

Connection
Keep-Alive
Content-Encoding
gzip
Content-Length
1091
Content-Type
text/html; charset=iso-8859-1
Date
Fri, 30 Dec 2022 22:43:49 GMT
Keep-Alive
timeout=5, max=100
Server
Apache
Vary
Accept-Encoding
barre-abonnesturf.1s.fr.html
www.abonnesturf.1s.fr/ Frame BA8C 		3 KB
2 KB 		Document
General
Check archive.org
Download Go to
Full URL
http://www.abonnesturf.1s.fr/barre-abonnesturf.1s.fr.html
Requested by
Host: www.abonnesturf.1s.fr
URL: http://www.abonnesturf.1s.fr/
Protocol
HTTP/1.1
Server
5.135.149.81 Le Chesnay, France, ASN16276 (OVH, FR),
Reverse DNS
web3.venez.net
Software
Apache /
Resource Hash
65003fb8b314bf8136a717639f7b3542be820349c054e1792e2b728d3ffb7b8a

Request headers

Referer
http://www.abonnesturf.1s.fr/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
accept-language
fr-FR,fr;q=0.9

Response headers

Cache-Control
no-store, no-cache, must-revalidate post-check=0, pre-check=0
Connection
Keep-Alive
Content-Encoding
gzip
Content-Length
1500
Content-Type
text/html; charset=ISO-8859-1
Date
Fri, 30 Dec 2022 22:43:49 GMT
Expires
Fri, 30 Dec 2022 22:43:49 GMT
Keep-Alive
timeout=5, max=99
Last-Modified
Fri, 30 Dec 2022 22:43:49 GMT
Pragma
no-cache
Server
Apache
Vary
Accept-Encoding
/
www.turf.dafun.com/pronos/abonnesturf/ Frame 9844 		11 KB
11 KB 		Document
General
Check archive.org
Download Go to
Full URL
http://www.turf.dafun.com/pronos/abonnesturf/
Requested by
Host: www.abonnesturf.1s.fr
URL: http://www.abonnesturf.1s.fr/
Protocol
HTTP/1.1
Server
194.150.236.165 , France, ASN44976 (HIWIT_AS, FR),
Reverse DNS
ns5.hiwit.net
Software
Apache /
Resource Hash
053632df4493fbfd8e33d16fb3453e6940fd56864004405fb4215b6bff6b4405

Request headers

Referer
http://www.abonnesturf.1s.fr/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
accept-language
fr-FR,fr;q=0.9

Response headers

Connection
Keep-Alive
Content-Type
text/html
Date
Fri, 30 Dec 2022 22:43:50 GMT
Keep-Alive
timeout=15, max=100
Server
Apache
Transfer-Encoding
chunked
Vary
Host
stats-abonnesturf.1s.fr.html
www.abonnesturf.1s.fr/ Frame 79BB 		0
192 B 		Document
General
Check archive.org
Download Go to
Full URL
http://www.abonnesturf.1s.fr/stats-abonnesturf.1s.fr.html
Requested by
Host: www.abonnesturf.1s.fr
URL: http://www.abonnesturf.1s.fr/
Protocol
HTTP/1.1
Server
5.135.149.81 Le Chesnay, France, ASN16276 (OVH, FR),
Reverse DNS
web3.venez.net
Software
Apache /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
http://www.abonnesturf.1s.fr/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
accept-language
fr-FR,fr;q=0.9

Response headers

Connection
Keep-Alive
Content-Length
0
Content-Type
text/html; charset=iso-8859-1
Date
Fri, 30 Dec 2022 22:43:49 GMT
Keep-Alive
timeout=5, max=100
Server
Apache
site.js
www.venez.fr/js/ Frame BA8C 		2 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.venez.fr/js/site.js?www.venez.fr
Requested by
Host: www.abonnesturf.1s.fr
URL: http://www.abonnesturf.1s.fr/barre-abonnesturf.1s.fr.html
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
5.135.149.81 Le Chesnay, France, ASN16276 (OVH, FR),
Reverse DNS
web3.venez.net
Software
Apache /
Resource Hash
0c91a24c2deb753c963c48cd9c3e5d16ee96128b30bce193c4324e121728c306

Request headers

accept-language
fr-FR,fr;q=0.9
Referer
http://www.abonnesturf.1s.fr/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

Date
Fri, 30 Dec 2022 22:43:49 GMT
Content-Encoding
gzip
Last-Modified
Fri, 30 Dec 2022 22:43:49 GMT
Server
Apache
Vary
Accept-Encoding
Content-Type
application/javascript
Cache-Control
public, max-age=604800
Connection
Keep-Alive
Keep-Alive
timeout=5, max=100
Content-Length
1023
Expires
Fri, 06 Jan 2023 22:43:49 GMT
separateur90.gif
www.venez.fr/images/ Frame BA8C 		82 B
388 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.venez.fr/images/separateur90.gif
Requested by
Host: www.abonnesturf.1s.fr
URL: http://www.abonnesturf.1s.fr/barre-abonnesturf.1s.fr.html
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
5.135.149.81 Le Chesnay, France, ASN16276 (OVH, FR),
Reverse DNS
web3.venez.net
Software
Apache /
Resource Hash
3289fc83b622ca0a13683fa81b006a05de135d1938744d6e30e5c9be2f2d782a

Request headers

accept-language
fr-FR,fr;q=0.9
Referer
http://www.abonnesturf.1s.fr/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

Date
Fri, 30 Dec 2022 22:43:49 GMT
Last-Modified
Thu, 15 Nov 2018 22:11:22 GMT
Server
Apache
ETag
"52-57abb54b25680"
Content-Type
image/gif
Cache-Control
max-age=604800, public
Connection
Keep-Alive
Accept-Ranges
bytes
Keep-Alive
timeout=5, max=100
Content-Length
82
adsbygoogle.js
pagead2.googlesyndication.com/pagead/js/ Frame BA8C 		144 KB
51 KB 		Script
General
Check archive.org
Download Go to
Full URL
http://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js
Requested by
Host: www.abonnesturf.1s.fr
URL: http://www.abonnesturf.1s.fr/barre-abonnesturf.1s.fr.html
Protocol
HTTP/1.1
Server
2a00:1450:4001:80e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
aa79139c0f9eaf6f26074f3b39ca9debaf8323305ca7572ff52e0e6c6d36c81a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
fr-FR,fr;q=0.9
Referer
http://www.abonnesturf.1s.fr/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

Date
Fri, 30 Dec 2022 22:43:50 GMT
Content-Encoding
gzip
X-Content-Type-Options
nosniff
P3P
policyref="http://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
Cross-Origin-Resource-Policy
cross-origin
Content-Disposition
attachment; filename="f.txt"
Content-Length
52086
X-XSS-Protection
0
Server
cafe
ETag
11981669917554435300
Vary
Accept-Encoding
Content-Type
text/javascript; charset=UTF-8
Access-Control-Allow-Origin
*
Cache-Control
private, max-age=3600
Timing-Allow-Origin
*
Expires
Fri, 30 Dec 2022 22:43:50 GMT
alternate-barre.htm
www.venez.fr/ Frame 34E9 		2 KB
1 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://www.venez.fr/alternate-barre.htm
Requested by
Host: www.abonnesturf.1s.fr
URL: http://www.abonnesturf.1s.fr/barre-abonnesturf.1s.fr.html
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
5.135.149.81 Le Chesnay, France, ASN16276 (OVH, FR),
Reverse DNS
web3.venez.net
Software
Apache /
Resource Hash
7f7a77be50c12c7be1e4d9ae0239d4537e7cf924e58318102b81298e2d6569f7

Request headers

Referer
http://www.abonnesturf.1s.fr/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
accept-language
fr-FR,fr;q=0.9

Response headers

Connection
Keep-Alive
Content-Encoding
gzip
Content-Length
848
Content-Type
text/html; charset=iso-8859-1
Date
Fri, 30 Dec 2022 22:43:49 GMT
Keep-Alive
timeout=5, max=99
Server
Apache
Vary
Accept-Encoding
barre90.gif
www.venez.fr/images/ Frame BA8C 		110 B
416 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.venez.fr/images/barre90.gif
Requested by
Host: www.abonnesturf.1s.fr
URL: http://www.abonnesturf.1s.fr/barre-abonnesturf.1s.fr.html
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
5.135.149.81 Le Chesnay, France, ASN16276 (OVH, FR),
Reverse DNS
web3.venez.net
Software
Apache /
Resource Hash
49d4ba84e10d9d1f2a83956dde4f20625fd11efc01f60a3a4552a9e09a05a74f

Request headers

accept-language
fr-FR,fr;q=0.9
Referer
http://www.abonnesturf.1s.fr/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

Date
Fri, 30 Dec 2022 22:43:49 GMT
Last-Modified
Thu, 15 Nov 2018 22:06:23 GMT
Server
Apache
ETag
"6e-57abb42dff5c0"
Content-Type
image/gif
Cache-Control
max-age=604800, public
Connection
Keep-Alive
Accept-Ranges
bytes
Keep-Alive
timeout=5, max=99
Content-Length
110
h1.png
www.turf.dafun.com/pronos/abonnesturf/ Frame 9844 		29 KB
29 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
http://www.turf.dafun.com/pronos/abonnesturf/h1.png
Requested by
Host: www.turf.dafun.com
URL: http://www.turf.dafun.com/pronos/abonnesturf/
Protocol
HTTP/1.1
Server
194.150.236.165 , France, ASN44976 (HIWIT_AS, FR),
Reverse DNS
ns5.hiwit.net
Software
Apache /
Resource Hash
acb0939b88719c0a69a6333ed54b8be78afaa623f53873be5f698ae052aa7293

Request headers

accept-language
fr-FR,fr;q=0.9
Referer
http://www.turf.dafun.com/pronos/abonnesturf/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

Date
Fri, 30 Dec 2022 22:43:50 GMT
Last-Modified
Thu, 22 Sep 2022 16:56:57 GMT
Server
Apache
ETag
"e75cd9-7414-5e946f2f9e840"
Vary
Host
Content-Type
image/png
Connection
Keep-Alive
Accept-Ranges
bytes
Keep-Alive
timeout=15, max=99
Content-Length
29716
head.jpg
www.turf.dafun.com/pronos/abonnesturf/ Frame 9844 		285 KB
285 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
http://www.turf.dafun.com/pronos/abonnesturf/head.jpg
Requested by
Host: www.turf.dafun.com
URL: http://www.turf.dafun.com/pronos/abonnesturf/
Protocol
HTTP/1.1
Server
194.150.236.165 , France, ASN44976 (HIWIT_AS, FR),
Reverse DNS
ns5.hiwit.net
Software
Apache /
Resource Hash
4b7fad91f5413c7460b5e04ea365d0bed0b91502482973fd34bfb3e204fe61e0

Request headers

accept-language
fr-FR,fr;q=0.9
Referer
http://www.turf.dafun.com/pronos/abonnesturf/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

Date
Fri, 30 Dec 2022 22:43:50 GMT
Last-Modified
Thu, 22 Sep 2022 16:56:58 GMT
Server
Apache
ETag
"e75d26-47215-5e946f3092a80"
Vary
Host
Content-Type
image/jpeg
Connection
Keep-Alive
Accept-Ranges
bytes
Keep-Alive
timeout=15, max=100
Content-Length
291349
14082678501421827.gif
freegifmaker.me/img/res/1/4/0/8/2/6/ Frame 9844
Redirect Chain
  • http://img.root-top.com/topsite/miroirduturf/banner.gif
  • https://img.root-top.com/topsite/miroirduturf/banner.gif
  • http://www.loogix.com/img/res/1/4/0/8/2/6/14082678501421827.gif?1408267850
  • http://freegifmaker.me/img/res/1/4/0/8/2/6/14082678501421827.gif?1408267850
57 KB
56 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
http://freegifmaker.me/img/res/1/4/0/8/2/6/14082678501421827.gif?1408267850
Requested by
Host: www.turf.dafun.com
URL: http://www.turf.dafun.com/pronos/abonnesturf/
Protocol
HTTP/1.1
Server
3.66.136.156 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-3-66-136-156.eu-central-1.compute.amazonaws.com
Software
nginx/1.12.0 /
Resource Hash
29e58a31046cbd8912e14634fb404dba058f422d9cf5cb9aa2e2759a2be89707

Request headers

accept-language
fr-FR,fr;q=0.9
Referer
http://www.turf.dafun.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

Expires
Fri, 06 Jan 2023 22:43:51 GMT
Date
Fri, 30 Dec 2022 22:43:51 GMT
Content-Encoding
gzip
Response
200
Last-Modified
Fri, 23 Dec 2022 17:53:57 GMT
Server
nginx/1.12.0
Display
staticcontent_sol
Etag
"53f0764a-e259-gzip"
Vary
Accept-Encoding,Origin
Transfer-Encoding
chunked
Content-Type
image/gif
X-Middleton-Display
staticcontent_sol
Cache-Control
max-age=604800
X-Middleton-Response
200
X-Ua-Compatible
IE=edge

Redirect headers

Location
http://freegifmaker.me/img/res/1/4/0/8/2/6/14082678501421827.gif?1408267850
Date
Fri, 30 Dec 2022 22:43:50 GMT
Server
nginx/1.12.0
Connection
keep-alive
Content-Length
185
Content-Type
text/html
logo.gif
www.turfinfos.ouba.com/ Frame 9844 		6 KB
6 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
http://www.turfinfos.ouba.com/logo.gif
Requested by
Host: www.turf.dafun.com
URL: http://www.turf.dafun.com/pronos/abonnesturf/
Protocol
HTTP/1.1
Server
194.150.236.166 , France, ASN44976 (HIWIT_AS, FR),
Reverse DNS
ns6.hiwit.net
Software
Apache /
Resource Hash
b3d1ff1c03e608adcedb1eb0620301291d21d70834b11c8e6f1d710351debd38

Request headers

accept-language
fr-FR,fr;q=0.9
Referer
http://www.turf.dafun.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

Date
Fri, 30 Dec 2022 22:43:50 GMT
Last-Modified
Tue, 12 Sep 2017 08:21:11 GMT
Server
Apache
ETag
"134e672-169d-558f9b9ceebc0"
Vary
Host
Content-Type
image/gif
Connection
Keep-Alive
Accept-Ranges
bytes
Keep-Alive
timeout=15, max=100
Content-Length
5789
banner.gif
img.root-top.com/topsite/lc13/ Frame 9844
Redirect Chain
  • http://img.root-top.com/topsite/lc13/banner.gif
  • https://img.root-top.com/topsite/lc13/banner.gif
2 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://img.root-top.com/topsite/lc13/banner.gif
Requested by
Host: www.turf.dafun.com
URL: http://www.turf.dafun.com/pronos/abonnesturf/
Protocol
H2
Server
2606:4700:3038::6815:ea1b , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
a552344a2313af10905a5c897cb7f12e107bcc63108d60ef31a78a85d19b9cb8

Request headers

accept-language
fr-FR,fr;q=0.9
Referer
http://www.turf.dafun.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Fri, 30 Dec 2022 22:43:50 GMT
cf-cache-status
HIT
last-modified
Thu, 29 Dec 2022 19:13:08 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
age
99042
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=erWv4kGjXoXr8jR88YpknE96PCLbtUfIzEpKnUes5UdrolaxXFcmUWRzkOvkc2mRFR6tqXczRsZvG3D4%2FQf1zvr9RnOp%2BBmb3wHMUFFJugxNmQAk%2FVwYtKyUXXnKvIZAWu92HmpzJJ%2FYivQdg0IW"}],"group":"cf-nel","max_age":604800}
content-type
image/gif
cache-control
max-age=14400, must-revalidate
accept-ranges
bytes
cf-ray
781e4bf199292a4b-CDG
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
2396
expires
Sun, 01 Jan 2023 19:13:08 GMT

Redirect headers

Date
Fri, 30 Dec 2022 22:43:50 GMT
CF-Cache-Status
HIT
NEL
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Server
cloudflare
Age
470
Vary
Accept-Encoding
Report-To
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=FJ0dxkBPorQRTf41w5r%2F3h6oS3TzlI4r%2FO3UwzoIRq%2FMkwn3k5RDABEs25QE7smGOnipf4OJTBg%2BQpLN4Cu%2B1poyw21VH3Glmba0prFFLyaZM0qyl1qt5EWtxINAvPlJozlvQS6sEsdKHg%2FPqn4w"}],"group":"cf-nel","max_age":604800}
Location
https://img.root-top.com/topsite/lc13/banner.gif
Cache-Control
max-age=14400
Connection
keep-alive
CF-RAY
781e4bf11a0ad574-CDG
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
Content-Length
0
13937580041908691.gif
freegifmaker.me/img/res/1/3/9/3/7/5/ Frame 9844
Redirect Chain
  • http://img.root-top.com/topsite/bienjouer/banner.gif
  • https://img.root-top.com/topsite/bienjouer/banner.gif
  • http://www.loogix.com/img/res/1/3/9/3/7/5/13937580041908691.gif
  • http://freegifmaker.me/img/res/1/3/9/3/7/5/13937580041908691.gif
10 KB
9 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
http://freegifmaker.me/img/res/1/3/9/3/7/5/13937580041908691.gif
Requested by
Host: www.turf.dafun.com
URL: http://www.turf.dafun.com/pronos/abonnesturf/
Protocol
HTTP/1.1
Server
3.66.136.156 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-3-66-136-156.eu-central-1.compute.amazonaws.com
Software
nginx/1.12.0 /
Resource Hash
282bf0267358b4b4f834644fced15044b16455ebecce54a5278d67e0baa8feef

Request headers

accept-language
fr-FR,fr;q=0.9
Referer
http://www.turf.dafun.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

Expires
Fri, 06 Jan 2023 22:43:51 GMT
Date
Fri, 30 Dec 2022 22:43:51 GMT
Content-Encoding
gzip
Response
200
Last-Modified
Fri, 23 Dec 2022 17:53:57 GMT
Server
nginx/1.12.0
Display
staticcontent_sol
Etag
"53130f34-26f1-gzip"
Vary
Accept-Encoding,Origin
Transfer-Encoding
chunked
Content-Type
image/gif
X-Middleton-Display
staticcontent_sol
Cache-Control
max-age=604800
X-Middleton-Response
200
X-Ua-Compatible
IE=edge

Redirect headers

Location
http://freegifmaker.me/img/res/1/3/9/3/7/5/13937580041908691.gif
Date
Fri, 30 Dec 2022 22:43:50 GMT
Server
nginx/1.12.0
Connection
keep-alive
Content-Length
185
Content-Type
text/html
1400663748165342.gif
freegifmaker.me/img/res/1/4/0/0/6/6/ Frame 9844
Redirect Chain
  • http://img.root-top.com/topsite/turfgagnant/banner.gif
  • https://img.root-top.com/topsite/turfgagnant/banner.gif
  • http://www.loogix.com/img/res/1/4/0/0/6/6/1400663748165342.gif?1400663749
  • http://freegifmaker.me/img/res/1/4/0/0/6/6/1400663748165342.gif?1400663749
77 KB
76 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
http://freegifmaker.me/img/res/1/4/0/0/6/6/1400663748165342.gif?1400663749
Requested by
Host: www.turf.dafun.com
URL: http://www.turf.dafun.com/pronos/abonnesturf/
Protocol
HTTP/1.1
Server
3.66.136.156 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-3-66-136-156.eu-central-1.compute.amazonaws.com
Software
nginx/1.12.0 /
Resource Hash
a51445ce818e264ccd17cdd92631fa7fb0f9536fda57df7270c54ddbe3444079

Request headers

accept-language
fr-FR,fr;q=0.9
Referer
http://www.turf.dafun.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

Expires
Fri, 06 Jan 2023 22:43:51 GMT
Date
Fri, 30 Dec 2022 22:43:51 GMT
Content-Encoding
gzip
Response
200
Last-Modified
Fri, 23 Dec 2022 17:53:57 GMT
Server
nginx/1.12.0
Display
staticcontent_sol
Etag
"537c6ec5-1351b-gzip"
Vary
Accept-Encoding,Origin
Transfer-Encoding
chunked
Content-Type
image/gif
X-Middleton-Display
staticcontent_sol
Cache-Control
max-age=604800
X-Middleton-Response
200
X-Ua-Compatible
IE=edge

Redirect headers

Location
http://freegifmaker.me/img/res/1/4/0/0/6/6/1400663748165342.gif?1400663749
Date
Fri, 30 Dec 2022 22:43:50 GMT
Server
nginx/1.12.0
Connection
keep-alive
Content-Length
185
Content-Type
text/html
script.php
script.starpass.fr/ Frame 9844 		533 KB
94 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://script.starpass.fr/script.php?idd=443727&datas=
Requested by
Host: www.turf.dafun.com
URL: http://www.turf.dafun.com/pronos/abonnesturf/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
194.0.255.28 , France, ASN8218 (NEO-ASN legacy Neotelecoms, FR),
Reverse DNS
srv28.bdmultimedia.fr
Software
Apache /
Resource Hash
9eddd6e4da9946114b60f398babb5b65927deb9ed4bf7063e7e09c6f05eed481

Request headers

accept-language
fr-FR,fr;q=0.9
Referer
http://www.turf.dafun.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

Date
Fri, 30 Dec 2022 22:43:10 GMT
Content-Encoding
gzip
Server
Apache
Vary
Accept-Encoding,User-Agent
Transfer-Encoding
chunked
Content-Type
text/html; charset=UTF-8
Connection
Keep-Alive
Keep-Alive
timeout=2, max=100
checkout.apu
payment.allopass.com/buy/ Frame 9844 		11 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://payment.allopass.com/buy/checkout.apu?ids=357168&idd=1558039&lang=fr
Requested by
Host: www.turf.dafun.com
URL: http://www.turf.dafun.com/pronos/abonnesturf/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
185.119.26.1 , France, ASN203544 (WEBDEVIIN-AS, FR),
Reverse DNS
1.26.119.185.in-addr.arpa
Software
Apache /
Resource Hash
a7f9e64c3ee6cc6e4080443b2c523137f8d2133fc6bbff01da427d0f974c071f

Request headers

accept-language
fr-FR,fr;q=0.9
Referer
http://www.turf.dafun.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

Pragma
no-cache
Date
Fri, 30 Dec 2022 22:43:50 GMT
Content-Encoding
gzip
Server
Apache
Vary
Accept-Encoding
P3P
CP='NON NID OTPa OUR NOR' policy-ref='http://payment.allopass.com/info/p3p/policy-references.xml'
Content-Type
text/html
Cache-Control
no-store, no-cache, must-revalidate, post-check=0, pre-check=0
Connection
close
Content-Length
2961
Expires
Thu, 19 Nov 1981 08:52:00 GMT
ratio-thieben.jpg
www.turf.dafun.com/pronos/abonnesturf/ Frame 9844 		28 KB
29 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
http://www.turf.dafun.com/pronos/abonnesturf/ratio-thieben.jpg
Requested by
Host: www.turf.dafun.com
URL: http://www.turf.dafun.com/pronos/abonnesturf/
Protocol
HTTP/1.1
Server
194.150.236.165 , France, ASN44976 (HIWIT_AS, FR),
Reverse DNS
ns5.hiwit.net
Software
Apache /
Resource Hash
9ec37f7a06412aa02f72942e4675e5b2a57cceaf03bbbef6c0c04d4f8fdb8d61

Request headers

accept-language
fr-FR,fr;q=0.9
Referer
http://www.turf.dafun.com/pronos/abonnesturf/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

Date
Fri, 30 Dec 2022 22:43:50 GMT
Last-Modified
Thu, 22 Sep 2022 16:56:59 GMT
Server
Apache
ETag
"e75d86-7121-5e946f3186cc0"
Vary
Host
Content-Type
image/jpeg
Connection
Keep-Alive
Accept-Ranges
bytes
Keep-Alive
timeout=15, max=100
Content-Length
28961
module_webmaster.php
www.zone-turf.fr/module/ Frame 9844
Redirect Chain
  • http://www.zone-turf.fr/module/module_webmaster.php?e=partants&f=medium
  • https://www.zone-turf.fr/module/module_webmaster.php?e=partants&f=medium
17 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.zone-turf.fr/module/module_webmaster.php?e=partants&f=medium
Requested by
Host: www.turf.dafun.com
URL: http://www.turf.dafun.com/pronos/abonnesturf/
Protocol
H2
Server
2600:9000:2304:3a00:10:b13a:9240:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Apache /
Resource Hash
e19df68d98312cc83e8fd1cca7b2f84e7adaa63d55b6016d8b3dc08c87f6d8b1

Request headers

accept-language
fr-FR,fr;q=0.9
Referer
http://www.turf.dafun.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Fri, 30 Dec 2022 22:43:28 GMT
via
1.1 varnish, 1.1 8c71fe23914182493dae4cb15c841346.cloudfront.net (CloudFront)
content-encoding
gzip
x-backend
default
x-amz-cf-pop
VIE50-P1
age
53
x-cache
Hit from cloudfront
p3p
CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
alt-svc
h3=":443"; ma=86400
pragma
cache
server
Apache
vary
Accept-Encoding
content-type
application/x-javascript
x-varnish
1646176590 1646173564
cache-control
max-age=60
x-amz-cf-id
I9VQ7SLV3y-WYP04lk06B5Rj_N8dKCh3YjNgbh-gyQOr5WYuxamj6Q==
expires
Fri, 30 Dec 2022 22:43:57 GMT

Redirect headers

Date
Fri, 30 Dec 2022 22:43:50 GMT
Via
1.1 7f49a9d7acd3e2b85c2c573f92e92d4c.cloudfront.net (CloudFront)
Server
CloudFront
X-Amz-Cf-Pop
VIE50-P1
X-Cache
Redirect from cloudfront
Content-Type
text/html
Location
https://www.zone-turf.fr/module/module_webmaster.php?e=partants&f=medium
Connection
keep-alive
Alt-Svc
h3=":443"; ma=86400
Content-Length
167
X-Amz-Cf-Id
IuzfaezUkhleW3fuflZTCBcSYN0sDzUQ4aVvxhxB_28Xtt_iEwrNBw==
h3.png
www.turf.dafun.com/pronos/abonnesturf/ Frame 9844 		29 KB
29 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
http://www.turf.dafun.com/pronos/abonnesturf/h3.png
Requested by
Host: www.turf.dafun.com
URL: http://www.turf.dafun.com/pronos/abonnesturf/
Protocol
HTTP/1.1
Server
194.150.236.165 , France, ASN44976 (HIWIT_AS, FR),
Reverse DNS
ns5.hiwit.net
Software
Apache /
Resource Hash
5b5cceed2cb716c00e2ac6a024cf27d7efad1d17dda764769105ef14d4fe9355

Request headers

accept-language
fr-FR,fr;q=0.9
Referer
http://www.turf.dafun.com/pronos/abonnesturf/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

Date
Fri, 30 Dec 2022 22:43:50 GMT
Last-Modified
Thu, 22 Sep 2022 16:56:57 GMT
Server
Apache
ETag
"e75d0e-7436-5e946f2f9e840"
Vary
Host
Content-Type
image/png
Connection
Keep-Alive
Accept-Ranges
bytes
Keep-Alive
timeout=15, max=100
Content-Length
29750
120x60.gif
www.venez.fr/images/ Frame 34E9 		4 KB
4 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.venez.fr/images/120x60.gif
Requested by
Host: www.venez.fr
URL: https://www.venez.fr/alternate-barre.htm
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
5.135.149.81 Le Chesnay, France, ASN16276 (OVH, FR),
Reverse DNS
web3.venez.net
Software
Apache /
Resource Hash
7dc792d48132ff15a9ad8c11a139bf26f8e13aa3df30a71582ae406ddffdab4f

Request headers

accept-language
fr-FR,fr;q=0.9
Referer
https://www.venez.fr/alternate-barre.htm
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

Date
Fri, 30 Dec 2022 22:43:49 GMT
Last-Modified
Wed, 02 Mar 2011 00:16:24 GMT
Server
Apache
ETag
"f4c-49d74d2b9c600"
Content-Type
image/gif
Cache-Control
max-age=604800, public
Connection
Keep-Alive
Accept-Ranges
bytes
Keep-Alive
timeout=5, max=98
Content-Length
3916
site.js
www.venez.fr/js/ Frame 34E9 		2 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.venez.fr/js/site.js?www.venez.fr
Requested by
Host: www.venez.fr
URL: https://www.venez.fr/alternate-barre.htm
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
5.135.149.81 Le Chesnay, France, ASN16276 (OVH, FR),
Reverse DNS
web3.venez.net
Software
Apache /
Resource Hash
0c91a24c2deb753c963c48cd9c3e5d16ee96128b30bce193c4324e121728c306

Request headers

accept-language
fr-FR,fr;q=0.9
Referer
https://www.venez.fr/alternate-barre.htm
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

Date
Fri, 30 Dec 2022 22:43:49 GMT
Content-Encoding
gzip
Last-Modified
Fri, 30 Dec 2022 22:43:49 GMT
Server
Apache
Vary
Accept-Encoding
Content-Type
application/javascript
Cache-Control
public, max-age=604800
Connection
Keep-Alive
Keep-Alive
timeout=5, max=98
Content-Length
1023
Expires
Fri, 06 Jan 2023 22:43:49 GMT
arplan.jpg
www.turf.dafun.com/pronos/abonnesturf/ Frame 9844 		609 KB
609 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
http://www.turf.dafun.com/pronos/abonnesturf/arplan.jpg
Requested by
Host: www.turf.dafun.com
URL: http://www.turf.dafun.com/pronos/abonnesturf/
Protocol
HTTP/1.1
Server
194.150.236.165 , France, ASN44976 (HIWIT_AS, FR),
Reverse DNS
ns5.hiwit.net
Software
Apache /
Resource Hash
321e5e5af465f1753cdf0a077c1cfdc6eb72ca29f68d91496f184de7f1b0253f

Request headers

accept-language
fr-FR,fr;q=0.9
Referer
http://www.turf.dafun.com/pronos/abonnesturf/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

Date
Fri, 30 Dec 2022 22:43:50 GMT
Last-Modified
Thu, 22 Sep 2022 16:56:57 GMT
Server
Apache
ETag
"179a42f-9843d-5e946f2f9e840"
Vary
Host
Content-Type
image/jpeg
Connection
Keep-Alive
Accept-Ranges
bytes
Keep-Alive
timeout=15, max=100
Content-Length
623677
h2.png
www.turf.dafun.com/pronos/abonnesturf/ Frame 9844 		29 KB
29 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
http://www.turf.dafun.com/pronos/abonnesturf/h2.png
Requested by
Host: www.turf.dafun.com
URL: http://www.turf.dafun.com/pronos/abonnesturf/
Protocol
HTTP/1.1
Server
194.150.236.165 , France, ASN44976 (HIWIT_AS, FR),
Reverse DNS
ns5.hiwit.net
Software
Apache /
Resource Hash
1dfedd383e1fc3d297e6a301ebd3045097c859b39b0c490bcff19527e05d56dd

Request headers

accept-language
fr-FR,fr;q=0.9
Referer
http://www.turf.dafun.com/pronos/abonnesturf/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

Date
Fri, 30 Dec 2022 22:43:50 GMT
Last-Modified
Thu, 22 Sep 2022 16:56:57 GMT
Server
Apache
ETag
"e75cfd-72ce-5e946f2f9e840"
Vary
Host
Content-Type
image/png
Connection
Keep-Alive
Accept-Ranges
bytes
Keep-Alive
timeout=15, max=100
Content-Length
29390
barre90.gif
www.venez.fr/images/ Frame 34E9 		110 B
416 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.venez.fr/images/barre90.gif
Requested by
Host: www.venez.fr
URL: https://www.venez.fr/alternate-barre.htm
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
5.135.149.81 Le Chesnay, France, ASN16276 (OVH, FR),
Reverse DNS
web3.venez.net
Software
Apache /
Resource Hash
49d4ba84e10d9d1f2a83956dde4f20625fd11efc01f60a3a4552a9e09a05a74f

Request headers

accept-language
fr-FR,fr;q=0.9
Referer
https://www.venez.fr/alternate-barre.htm
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

Date
Fri, 30 Dec 2022 22:43:49 GMT
Last-Modified
Thu, 15 Nov 2018 22:06:23 GMT
Server
Apache
ETag
"6e-57abb42dff5c0"
Content-Type
image/gif
Cache-Control
max-age=604800, public
Connection
Keep-Alive
Accept-Ranges
bytes
Keep-Alive
timeout=5, max=97
Content-Length
110
show_ads_impl_with_ama_fy2021.js
pagead2.googlesyndication.com/pagead/managed/js/adsense/m202212070101/ Frame BA8C 		355 KB
118 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202212070101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-5203714787387788&plah=www.abonnesturf.1s.fr&bust=31071276
Requested by
Host: pagead2.googlesyndication.com
URL: http://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:803::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
50496c2028ae5aab5dd45cbaee5b13a4db395a17a58ee0bc27480c0a0063c977
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
fr-FR,fr;q=0.9
Referer
http://www.abonnesturf.1s.fr/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Fri, 30 Dec 2022 22:43:50 GMT
content-encoding
br
x-content-type-options
nosniff
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
119791
x-xss-protection
0
server
cafe
etag
12135144437316899543
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
cache-control
private, max-age=3600, stale-while-revalidate=3600
timing-allow-origin
*
expires
Fri, 30 Dec 2022 22:43:50 GMT
zrt_lookup.html
googleads.g.doubleclick.net/pagead/html/r20221207/r20190131/ Frame C25E 		10 KB
5 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/html/r20221207/r20190131/zrt_lookup.html
Requested by
Host: pagead2.googlesyndication.com
URL: http://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:400d:803::2002 , Ireland, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
9da238ca619f3bf71312de3c9c913c653941ada56cb5e1601aafb6094ae51cdc
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
http://www.abonnesturf.1s.fr/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
accept-language
fr-FR,fr;q=0.9

Response headers

age
75921
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
public, max-age=1209600
content-encoding
br
content-length
4242
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Fri, 30 Dec 2022 01:38:29 GMT
etag
10353107486223812946
expires
Fri, 13 Jan 2023 01:38:29 GMT
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server
cafe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
cookie.js
partner.googleadservices.com/gampad/ Frame BA8C 		377 B
692 B 		Script
General
Check archive.org
Download Go to
Full URL
https://partner.googleadservices.com/gampad/cookie.js?domain=www.abonnesturf.1s.fr&callback=_gfp_s_&client=ca-pub-5203714787387788&gpid_exp=1
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202212070101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-5203714787387788&plah=www.abonnesturf.1s.fr&bust=31071276
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
b5202513a61539f8cf6a953bcca6ebc48e6eeff5543eae552d7d786b5e0017b9
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
fr-FR,fr;q=0.9
Referer
http://www.abonnesturf.1s.fr/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Fri, 30 Dec 2022 22:43:51 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-type
text/javascript; charset=UTF-8
cache-control
private
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
247
x-xss-protection
0
integrator.js
adservice.google.fr/adsid/ Frame BA8C 		107 B
792 B 		Script
General
Check archive.org
Download Go to
Full URL
https://adservice.google.fr/adsid/integrator.js?domain=www.abonnesturf.1s.fr
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202212070101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-5203714787387788&plah=www.abonnesturf.1s.fr&bust=31071276
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
fr-FR,fr;q=0.9
Referer
http://www.abonnesturf.1s.fr/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Fri, 30 Dec 2022 22:43:51 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
content-type
application/javascript; charset=UTF-8
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control
private, no-cache, no-store
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length
100
x-xss-protection
0
integrator.js
adservice.google.com/adsid/ Frame BA8C 		107 B
549 B 		Script
General
Check archive.org
Download Go to
Full URL
https://adservice.google.com/adsid/integrator.js?domain=www.abonnesturf.1s.fr
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202212070101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-5203714787387788&plah=www.abonnesturf.1s.fr&bust=31071276
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
fr-FR,fr;q=0.9
Referer
http://www.abonnesturf.1s.fr/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Fri, 30 Dec 2022 22:43:51 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
content-type
application/javascript; charset=UTF-8
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control
private, no-cache, no-store
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
100
x-xss-protection
0
ads
googleads.g.doubleclick.net/pagead/ Frame A8F4 		436 B
409 B 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5203714787387788&output=html&h=90&slotname=4563536207&adk=2647235303&adf=3604715433&pi=t.ma~as.4563536207&w=970&format=970x90&url=http%3A%2F%2Fwww.abonnesturf.1s.fr%2F&ea=0&wgl=1&dt=1672440230668&bpp=4&bdt=374&idt=253&shv=r20221207&mjsv=m202212070101&ptt=9&saldr=aa&correlator=7442077223667&frm=23&ife=1&pv=2&ga_vid=107957710.1672440231&ga_sid=1672440231&ga_hid=2117042221&ga_fc=0&nhd=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&adx=20&ady=0&biw=1600&bih=1200&isw=1600&ish=90&ifk=2071789444&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759842%2C31071276%2C44777948%2C44780792%2C44769661&oid=2&pvsid=1158092139226912&tmod=59288082&uas=0&nvt=1&eae=2&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C90&vis=1&rsz=o%7Co%7CaeE%7C&abl=NA&pfx=0&fu=4&bc=23&ifi=1&uci=1.6jdf56f5x5hw&fsb=1&dtd=269
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202212070101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-5203714787387788&plah=www.abonnesturf.1s.fr&bust=31071276
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:400d:803::2002 , Ireland, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
1c9c204897211b376e92013bc9f392a3fb4cf42ad99beaf0cf09b3fee3de8b65
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
http://www.abonnesturf.1s.fr/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
accept-language
fr-FR,fr;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
private
content-encoding
br
content-length
210
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Fri, 30 Dec 2022 22:43:51 GMT
expires
Fri, 30 Dec 2022 22:43:51 GMT
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server
cafe
timing-allow-origin
*
x-content-type-options
nosniff
x-xss-protection
0
sodar
pagead2.googlesyndication.com/getconfig/ Frame BA8C 		15 KB
11 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gda&tv=r20221207&st=env
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202212070101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-5203714787387788&plah=www.abonnesturf.1s.fr&bust=31071276
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:803::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
fcb9ffe59728585aaafed9d49c55f2187abaa8e7f1fd0038757fcfba67d5d53d
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
fr-FR,fr;q=0.9
Referer
http://www.abonnesturf.1s.fr/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Fri, 30 Dec 2022 22:43:51 GMT
content-encoding
br
x-content-type-options
nosniff
server
cafe
content-type
application/json; charset=UTF-8
access-control-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
11220
x-xss-protection
0
sodar2.js
tpc.googlesyndication.com/sodar/ Frame BA8C 		17 KB
7 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/sodar2.js
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202212070101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-5203714787387788&plah=www.abonnesturf.1s.fr&bust=31071276
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80e::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
fr-FR,fr;q=0.9
Referer
http://www.abonnesturf.1s.fr/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Fri, 30 Dec 2022 22:43:51 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
6386
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
etag
"1637097310169751"
vary
Accept-Encoding
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
expires
Fri, 30 Dec 2022 22:43:51 GMT
runner.html
tpc.googlesyndication.com/sodar/sodar2/225/ Frame D7F9 		13 KB
5 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80e::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
http://www.abonnesturf.1s.fr/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
accept-language
fr-FR,fr;q=0.9

Response headers

accept-ranges
bytes
age
11746
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
public, max-age=31536000
content-encoding
gzip
content-length
5046
content-type
text/html
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy
cross-origin
date
Fri, 30 Dec 2022 19:28:05 GMT
expires
Sat, 30 Dec 2023 19:28:05 GMT
last-modified
Mon, 21 Jun 2021 20:47:05 GMT
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server
sffe
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
aframe
www.google.com/recaptcha/api2/ Frame DF16 		783 B
1 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://www.google.com/recaptcha/api2/aframe
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:400d:807::2004 , Ireland, ASN15169 (GOOGLE, US),
Reverse DNS
Software
GSE /
Resource Hash
5f6afa109e8abfae0844da1c8e73e725998f81e84b7884aebafc3f025c6f1944
Security Headers
Name Value
Content-Security-Policy script-src 'report-sample' 'nonce-P_pwHZFr4pq667Asc1cUoQ' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
http://www.abonnesturf.1s.fr/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
accept-language
fr-FR,fr;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
private, max-age=300
content-encoding
gzip
content-length
513
content-security-policy
script-src 'report-sample' 'nonce-P_pwHZFr4pq667Asc1cUoQ' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-type
text/html; charset=utf-8
cross-origin-embedder-policy
require-corp
cross-origin-resource-policy
cross-origin
date
Fri, 30 Dec 2022 22:43:51 GMT
expires
Fri, 30 Dec 2022 22:43:51 GMT
report-to
{"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
server
GSE
x-content-type-options
nosniff
x-xss-protection
1; mode=block
3WpNOUgrN-_pxVw2NAHVNtofer_w6aLb3ZHXGHAM44Y.js
pagead2.googlesyndication.com/bg/ Frame D7F9 		36 KB
16 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/bg/3WpNOUgrN-_pxVw2NAHVNtofer_w6aLb3ZHXGHAM44Y.js
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:803::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
dd6a4d39482b37efe9c55c363401d536da1f7abff0e9a2dbdd91d718700ce386
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
fr-FR,fr;q=0.9
Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Fri, 30 Dec 2022 19:29:57 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
11634
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
16071
x-xss-protection
0
last-modified
Mon, 05 Dec 2022 17:18:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="botguard-scs"
vary
Accept-Encoding
report-to
{"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Sat, 30 Dec 2023 19:29:57 GMT
sodar
pagead2.googlesyndication.com/pagead/ Frame DF16 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&li=gda_r20221207&jk=1158092139226912&rc=
Requested by
Host: www.abonnesturf.1s.fr
URL: http://www.abonnesturf.1s.fr/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:803::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
fr-FR,fr;q=0.9
Referer
https://www.google.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers
generate_204
tpc.googlesyndication.com/ Frame D7F9 		0
10 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/generate_204?8HDHFA
Requested by
Host: www.abonnesturf.1s.fr
URL: http://www.abonnesturf.1s.fr/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80e::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
fr-FR,fr;q=0.9
Referer
https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Fri, 30 Dec 2022 22:43:51 GMT
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
gtm.js
www.googletagmanager.com/ Frame 9844 		115 KB
45 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtm.js?id=GTM-NHFGDSD
Requested by
Host: payment.allopass.com
URL: https://payment.allopass.com/buy/checkout.apu?ids=357168&idd=1558039&lang=fr
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82a::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
d1a79abd8a54b42ed4fcdd6d82631562d55d8246d3566e1403cd7fb3175305dd
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

accept-language
fr-FR,fr;q=0.9
Referer
http://www.turf.dafun.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Fri, 30 Dec 2022 22:43:51 GMT
content-encoding
br
strict-transport-security
max-age=31536000; includeSubDomains
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
45434
x-xss-protection
0
last-modified
Fri, 30 Dec 2022 21:00:00 GMT
server
Google Tag Manager
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
access-control-allow-headers
Cache-Control
expires
Fri, 30 Dec 2022 22:43:51 GMT
buy-button.css
payment.allopass.com/static/css/ Frame 9844 		2 KB
830 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://payment.allopass.com/static/css/buy-button.css?1
Requested by
Host: payment.allopass.com
URL: https://payment.allopass.com/buy/checkout.apu?ids=357168&idd=1558039&lang=fr
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
185.119.26.1 , France, ASN203544 (WEBDEVIIN-AS, FR),
Reverse DNS
1.26.119.185.in-addr.arpa
Software
Apache /
Resource Hash
95eb15e76b752a9c78d6281cd3b7c43a8fbc2931783edf3bf3703af55eff06e2

Request headers

accept-language
fr-FR,fr;q=0.9
Referer
http://www.turf.dafun.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

Date
Fri, 30 Dec 2022 22:43:51 GMT
Content-Encoding
gzip
Last-Modified
Tue, 16 Nov 2021 13:36:55 GMT
Server
Apache
ETag
"232e2-69a-5d0e804cbabc0"
Vary
Accept-Encoding
Content-Type
text/css
Connection
close
Accept-Ranges
bytes
Content-Length
546
162x56.png
payment.allopass.com/static/buy/button/fr/ Frame 9844 		6 KB
6 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://payment.allopass.com/static/buy/button/fr/162x56.png
Requested by
Host: www.turf.dafun.com
URL: http://www.turf.dafun.com/pronos/abonnesturf/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
185.119.26.1 , France, ASN203544 (WEBDEVIIN-AS, FR),
Reverse DNS
1.26.119.185.in-addr.arpa
Software
Apache /
Resource Hash
7dd9659e56e92abc376e04d427903b2cfca1d52d854d38e35fefa4cf9e7fd9db

Request headers

accept-language
fr-FR,fr;q=0.9
Referer
http://www.turf.dafun.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

Date
Fri, 30 Dec 2022 22:43:51 GMT
Last-Modified
Tue, 16 Nov 2021 13:36:55 GMT
Server
Apache
ETag
"215ef-1688-5d0e804cbabc0"
Content-Type
image/png
Connection
close
Accept-Ranges
bytes
Content-Length
5768
ec-allenamento-team-mino-121406.gif
www.zone-turf.fr/media/picture/casaque/ Frame 9844 		2 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.zone-turf.fr/media/picture/casaque/ec-allenamento-team-mino-121406.gif
Requested by
Host: www.turf.dafun.com
URL: http://www.turf.dafun.com/pronos/abonnesturf/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2600:9000:2304:3a00:10:b13a:9240:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Apache /
Resource Hash
eaeb87dd1966c8f37356dcc2e33ff75ac7c0d894c56079b705c6bea860e2deef

Request headers

accept-language
fr-FR,fr;q=0.9
Referer
http://www.turf.dafun.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Fri, 30 Dec 2022 22:33:38 GMT
via
1.1 varnish, 1.1 2037bc3d80050c91043b9acac67831a2.cloudfront.net (CloudFront)
age
112471
x-amz-cf-pop
VIE50-P1
x-cache
Hit from cloudfront
x-cache-hist
120
alt-svc
h3=":443"; ma=86400
content-length
2513
last-modified
Wed, 28 Dec 2022 23:03:57 GMT
server
Apache
etag
"9d39b893-9d1-5f0eb621faf5b"
vary
Accept-Encoding
x-varnish
2510014147 2503136736
content-type
image/gif
cache-control
max-age=259200
accept-ranges
bytes
x-amz-cf-id
AR3L2MRagfpX5234nJu_uRmB9PS83xR2l28F6Hw6eIoCTztWp02GCg==
expires
Sun, 01 Jan 2023 15:29:20 GMT
ec-costa-aps-kolin-stabl-538658.gif
www.zone-turf.fr/media/picture/casaque/ Frame 9844 		3 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.zone-turf.fr/media/picture/casaque/ec-costa-aps-kolin-stabl-538658.gif
Requested by
Host: www.turf.dafun.com
URL: http://www.turf.dafun.com/pronos/abonnesturf/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2600:9000:2304:3a00:10:b13a:9240:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Apache /
Resource Hash
183f011999180d0b7fc238ad745ce0ccaa5f8e88b9382e5c08e0f042a227a6d1

Request headers

accept-language
fr-FR,fr;q=0.9
Referer
http://www.turf.dafun.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Fri, 30 Dec 2022 22:43:51 GMT
via
1.1 varnish, 1.1 2037bc3d80050c91043b9acac67831a2.cloudfront.net (CloudFront)
x-backend
default
age
203334
x-amz-cf-pop
VIE50-P1
x-cache
Hit from cloudfront
alt-svc
h3=":443"; ma=86400
content-length
2635
last-modified
Sat, 03 Dec 2022 22:50:53 GMT
server
Apache
etag
"9d850c0b-a4b-5eef449566816"
vary
Accept-Encoding
x-varnish
1637518357 1622403461
content-type
image/gif
cache-control
max-age=259200
accept-ranges
bytes
x-amz-cf-id
5yQA2i8zC8jTxq7eFulqnBVFYi3O3F2GPD9eJ8antPDWQcqH8b8-2Q==
expires
Sat, 31 Dec 2022 14:14:56 GMT
ec-jean-pierre-barjon-201560.gif
www.zone-turf.fr/media/picture/casaque/ Frame 9844 		3 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.zone-turf.fr/media/picture/casaque/ec-jean-pierre-barjon-201560.gif
Requested by
Host: www.turf.dafun.com
URL: http://www.turf.dafun.com/pronos/abonnesturf/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2600:9000:2304:3a00:10:b13a:9240:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Apache /
Resource Hash
3b368373b6e5dc4a46c28a8b17c444d6294328144c768c5488473a4f8667548a

Request headers

accept-language
fr-FR,fr;q=0.9
Referer
http://www.turf.dafun.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Fri, 30 Dec 2022 21:51:45 GMT
via
1.1 varnish, 1.1 2037bc3d80050c91043b9acac67831a2.cloudfront.net (CloudFront)
age
7627
x-amz-cf-pop
VIE50-P1
x-cache
Hit from cloudfront
x-cache-hist
11
alt-svc
h3=":443"; ma=86400
content-length
2725
last-modified
Fri, 30 Dec 2022 15:49:27 GMT
server
Apache
etag
"9d3bd7fd-aa5-5f10d8be1f9eb"
vary
Accept-Encoding
x-varnish
2509887856 2508985171
content-type
image/gif
cache-control
max-age=259200
accept-ranges
bytes
x-amz-cf-id
1-YIobkh7A5pO8BIQISudFPbSzrp0tRANqYC9D2Wtxbgtd6w9UCWtQ==
expires
Mon, 02 Jan 2023 20:36:43 GMT
y-desmet-319.gif
www.zone-turf.fr/media/picture/casaque/ Frame 9844 		2 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.zone-turf.fr/media/picture/casaque/y-desmet-319.gif
Requested by
Host: www.turf.dafun.com
URL: http://www.turf.dafun.com/pronos/abonnesturf/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2600:9000:2304:3a00:10:b13a:9240:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Apache /
Resource Hash
08544dca8933b4d4b7575aab76d15cd1e015344c39e65df32cba8cd17cc24411

Request headers

accept-language
fr-FR,fr;q=0.9
Referer
http://www.turf.dafun.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Fri, 30 Dec 2022 22:36:49 GMT
via
1.1 varnish, 1.1 2037bc3d80050c91043b9acac67831a2.cloudfront.net (CloudFront)
x-backend
default
age
131536
x-amz-cf-pop
VIE50-P1
x-cache
Hit from cloudfront
alt-svc
h3=":443"; ma=86400
content-length
2493
last-modified
Wed, 28 Dec 2022 23:03:57 GMT
server
Apache
etag
"9d3da9ed-9bd-5f0eb62220120"
content-type
image/gif
x-varnish
1646143657 1631094758
cache-control
max-age=259200
accept-ranges
bytes
x-amz-cf-id
Jf5hRcZJojw1ydh1HrVqZjkOLmPUmdUunqsqXze_RpuIdhzw2ZDyrg==
expires
Sun, 01 Jan 2023 10:11:35 GMT
c-countess-ab-277368.gif
www.zone-turf.fr/media/picture/casaque/ Frame 9844 		2 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.zone-turf.fr/media/picture/casaque/c-countess-ab-277368.gif
Requested by
Host: www.turf.dafun.com
URL: http://www.turf.dafun.com/pronos/abonnesturf/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2600:9000:2304:3a00:10:b13a:9240:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Apache /
Resource Hash
0141b53751648593f4f59574f1d260c330e34706e614500fe04787fad8f0a478

Request headers

accept-language
fr-FR,fr;q=0.9
Referer
http://www.turf.dafun.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Fri, 30 Dec 2022 22:43:51 GMT
via
1.1 varnish, 1.1 2037bc3d80050c91043b9acac67831a2.cloudfront.net (CloudFront)
x-backend
default
age
218972
x-amz-cf-pop
VIE50-P1
x-cache
Hit from cloudfront
alt-svc
h3=":443"; ma=86400
content-length
2167
last-modified
Thu, 01 Dec 2022 22:49:06 GMT
server
Apache
etag
"9d56bcac-877-5eecc074eea52"
vary
Accept-Encoding
x-varnish
1640187395 1622619121
content-type
image/gif
cache-control
max-age=259200
accept-ranges
bytes
x-amz-cf-id
N4Wf4zL3S3tD8vLzej66XPI0WaYnO36JJzCuLaTzsUwAwP5h2sEjIQ==
expires
Sat, 31 Dec 2022 09:54:19 GMT
ec-gabriel-pou-pou-443914.gif
www.zone-turf.fr/media/picture/casaque/ Frame 9844 		2 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.zone-turf.fr/media/picture/casaque/ec-gabriel-pou-pou-443914.gif
Requested by
Host: www.turf.dafun.com
URL: http://www.turf.dafun.com/pronos/abonnesturf/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2600:9000:2304:3a00:10:b13a:9240:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Apache /
Resource Hash
2be3f3806bbc4bef61e1e5bf4d100e2129fe6c93d51e32983e1ea035e20e9c47

Request headers

accept-language
fr-FR,fr;q=0.9
Referer
http://www.turf.dafun.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Fri, 30 Dec 2022 22:09:47 GMT
via
1.1 varnish, 1.1 2037bc3d80050c91043b9acac67831a2.cloudfront.net (CloudFront)
x-backend
default
age
134672
x-amz-cf-pop
VIE50-P1
x-cache
Hit from cloudfront
alt-svc
h3=":443"; ma=86400
content-length
2545
last-modified
Wed, 28 Dec 2022 23:03:58 GMT
server
Apache
etag
"9da8001e-9f1-5f0eb62242bc6"
vary
Accept-Encoding
x-varnish
1642932805 1630710455
content-type
image/gif
cache-control
max-age=259200
accept-ranges
bytes
x-amz-cf-id
qYJjsP-_dukUBL1C1KyukPrczpLYaUMWnA9pO07YLiIcKHOYRNAh3Q==
expires
Sun, 01 Jan 2023 09:19:19 GMT
asap-kb-546786.gif
www.zone-turf.fr/media/picture/casaque/ Frame 9844 		3 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.zone-turf.fr/media/picture/casaque/asap-kb-546786.gif
Requested by
Host: www.turf.dafun.com
URL: http://www.turf.dafun.com/pronos/abonnesturf/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2600:9000:2304:3a00:10:b13a:9240:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Apache /
Resource Hash
e3ae582acca21b89cbc149f97c8a8ac8711555dc18a83304eca9301009bdbc94

Request headers

accept-language
fr-FR,fr;q=0.9
Referer
http://www.turf.dafun.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Fri, 30 Dec 2022 22:09:47 GMT
via
1.1 varnish, 1.1 2037bc3d80050c91043b9acac67831a2.cloudfront.net (CloudFront)
age
171591
x-amz-cf-pop
VIE50-P1
x-cache
Hit from cloudfront
alt-svc
h3=":443"; ma=86400
content-length
2858
last-modified
Wed, 28 Dec 2022 23:03:58 GMT
server
Apache
etag
"9da65e1c-b2a-5f0eb6224e35a"
vary
Accept-Encoding
x-varnish
2499771946
content-type
image/gif
cache-control
max-age=259200
accept-ranges
bytes
x-amz-cf-id
Bct5WdNpRZJ-Rox93NkNqMFeCgSW_ItVpkvWmM8aO2zOKJn5m6WI7g==
expires
Sat, 31 Dec 2022 23:04:00 GMT
j-cottel-1688.gif
www.zone-turf.fr/media/picture/casaque/ Frame 9844 		2 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.zone-turf.fr/media/picture/casaque/j-cottel-1688.gif
Requested by
Host: www.turf.dafun.com
URL: http://www.turf.dafun.com/pronos/abonnesturf/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2600:9000:2304:3a00:10:b13a:9240:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Apache /
Resource Hash
fee64e201bdb0aa49201ed91defc35fd721526ed7c14efb960615d2bc810cba3

Request headers

accept-language
fr-FR,fr;q=0.9
Referer
http://www.turf.dafun.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Fri, 30 Dec 2022 22:22:46 GMT
via
1.1 varnish, 1.1 2037bc3d80050c91043b9acac67831a2.cloudfront.net (CloudFront)
age
25216
x-amz-cf-pop
VIE50-P1
x-cache
Hit from cloudfront
x-cache-hist
19
alt-svc
h3=":443"; ma=86400
content-length
1884
last-modified
Thu, 29 Dec 2022 23:01:02 GMT
server
Apache
etag
"9d37a387-75c-5f0ff7589dc08"
x-varnish
2509966748 2508163298
content-type
image/gif
cache-control
max-age=259200
accept-ranges
bytes
x-amz-cf-id
y1ialtITDh9pqrhMkMJ_GUvXGnfOQ2KPPB1xaYv4aEtGYCUu8p9Icg==
expires
Mon, 02 Jan 2023 15:43:35 GMT
y-henry-10548.gif
www.zone-turf.fr/media/picture/casaque/ Frame 9844 		2 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.zone-turf.fr/media/picture/casaque/y-henry-10548.gif
Requested by
Host: www.turf.dafun.com
URL: http://www.turf.dafun.com/pronos/abonnesturf/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2600:9000:2304:3a00:10:b13a:9240:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Apache /
Resource Hash
2be288f8566de33c1fff7d65f507b1ea20a9e4365eff8d9305ed5e44efc46184

Request headers

accept-language
fr-FR,fr;q=0.9
Referer
http://www.turf.dafun.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Fri, 30 Dec 2022 22:43:51 GMT
via
1.1 varnish, 1.1 2037bc3d80050c91043b9acac67831a2.cloudfront.net (CloudFront)
x-backend
default
age
258144
x-amz-cf-pop
VIE50-P1
x-cache
Hit from cloudfront
alt-svc
h3=":443"; ma=86400
content-length
1688
last-modified
Tue, 27 Dec 2022 23:00:43 GMT
server
Apache
etag
"9d3c8df7-698-5f0d738bb61d0"
x-varnish
1645890787 1620448629
content-type
image/gif
cache-control
max-age=259200
accept-ranges
bytes
x-amz-cf-id
dqWGMipOcndfSlPoMq-iR0Yi3UG3tK6o05FaaRIH2I8nDkXBvQ3bjw==
expires
Fri, 30 Dec 2022 23:01:27 GMT
ec-ebba-ebba-britta-67479.gif
www.zone-turf.fr/media/picture/casaque/ Frame 9844 		2 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.zone-turf.fr/media/picture/casaque/ec-ebba-ebba-britta-67479.gif
Requested by
Host: www.turf.dafun.com
URL: http://www.turf.dafun.com/pronos/abonnesturf/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2600:9000:2304:3a00:10:b13a:9240:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Apache /
Resource Hash
dbffe8680363e3f4575a0b4259d51c4e52e66d2dc561d89996555e5172439e47

Request headers

accept-language
fr-FR,fr;q=0.9
Referer
http://www.turf.dafun.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Fri, 30 Dec 2022 22:22:46 GMT
via
1.1 varnish, 1.1 2037bc3d80050c91043b9acac67831a2.cloudfront.net (CloudFront)
x-backend
default
age
218538
x-amz-cf-pop
VIE50-P1
x-cache
Hit from cloudfront
alt-svc
h3=":443"; ma=86400
content-length
1907
last-modified
Tue, 06 Dec 2022 22:48:51 GMT
server
Apache
etag
"9d7dd21b-773-5ef309b9f2350"
vary
Accept-Encoding
x-varnish
1644758198 1622678520
content-type
image/gif
cache-control
max-age=259200
accept-ranges
bytes
x-amz-cf-id
WkQj0jVYbhSpAhttwOQID13ZPZ-6eTdbuWOqbkRBIQNChq12IfjkAQ==
expires
Sat, 31 Dec 2022 10:01:33 GMT
jm-benhini-308534.gif
www.zone-turf.fr/media/picture/casaque/ Frame 9844 		2 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.zone-turf.fr/media/picture/casaque/jm-benhini-308534.gif
Requested by
Host: www.turf.dafun.com
URL: http://www.turf.dafun.com/pronos/abonnesturf/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2600:9000:2304:3a00:10:b13a:9240:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Apache /
Resource Hash
ab39519eecf15d802bf08311c17f86f5edee0801676b722efb2d471451c5193b

Request headers

accept-language
fr-FR,fr;q=0.9
Referer
http://www.turf.dafun.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Fri, 30 Dec 2022 22:02:55 GMT
via
1.1 varnish, 1.1 2037bc3d80050c91043b9acac67831a2.cloudfront.net (CloudFront)
age
207858
x-amz-cf-pop
VIE50-P1
x-cache
Hit from cloudfront
x-cache-hist
176
alt-svc
h3=":443"; ma=86400
content-length
2261
last-modified
Fri, 09 Dec 2022 22:51:09 GMT
server
Apache
etag
"9d04bb2d-8d5-5ef6cfd515605"
content-type
image/gif
x-varnish
2510119814 2497157861
cache-control
max-age=259200
accept-ranges
bytes
x-amz-cf-id
DDTkazOr2DkXQqRqYI78F8anOoJ0fcMYoxPEH4Ye605IB2NIK5YFDA==
expires
Sat, 31 Dec 2022 12:59:33 GMT
j-seche-35693.gif
www.zone-turf.fr/media/picture/casaque/ Frame 9844 		2 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.zone-turf.fr/media/picture/casaque/j-seche-35693.gif
Requested by
Host: www.turf.dafun.com
URL: http://www.turf.dafun.com/pronos/abonnesturf/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2600:9000:2304:3a00:10:b13a:9240:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Apache /
Resource Hash
2f6a4da1591cfe99a48b99eec2d7b013852e5d9ae489cb5b3e64d2d8bcff4dc8

Request headers

accept-language
fr-FR,fr;q=0.9
Referer
http://www.turf.dafun.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Fri, 30 Dec 2022 22:22:46 GMT
via
1.1 varnish, 1.1 2037bc3d80050c91043b9acac67831a2.cloudfront.net (CloudFront)
x-backend
default
age
142316
x-amz-cf-pop
VIE50-P1
x-cache
Hit from cloudfront
alt-svc
h3=":443"; ma=86400
content-length
2487
last-modified
Wed, 28 Dec 2022 23:03:58 GMT
server
Apache
etag
"9d22bf07-9b7-5f0eb6229d10e"
vary
Accept-Encoding
x-varnish
1643669569 1629945029
content-type
image/gif
cache-control
max-age=259200
accept-ranges
bytes
x-amz-cf-id
A48vInWeXHMwmsLz3oTUdfbkCD19HsbtPtwgNAJyWyWmX0IhPHwPdw==
expires
Sun, 01 Jan 2023 07:11:55 GMT
mme-s-raimond-47771.gif
www.zone-turf.fr/media/picture/casaque/ Frame 9844 		3 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.zone-turf.fr/media/picture/casaque/mme-s-raimond-47771.gif
Requested by
Host: www.turf.dafun.com
URL: http://www.turf.dafun.com/pronos/abonnesturf/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2600:9000:2304:3a00:10:b13a:9240:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Apache /
Resource Hash
26147424b460a3b262ffc530e30579fef01cb47d6dff53d5795b69b28527776c

Request headers

accept-language
fr-FR,fr;q=0.9
Referer
http://www.turf.dafun.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Fri, 30 Dec 2022 21:54:38 GMT
via
1.1 varnish, 1.1 2037bc3d80050c91043b9acac67831a2.cloudfront.net (CloudFront)
x-backend
default
age
39118
x-amz-cf-pop
VIE50-P1
x-cache
Hit from cloudfront
alt-svc
h3=":443"; ma=86400
content-length
2690
last-modified
Thu, 29 Dec 2022 22:50:17 GMT
server
Apache
etag
"9d2a3dd3-a82-5f0ff4f104ba2"
vary
Accept-Encoding
x-varnish
1641472516 1640269590
content-type
image/gif
cache-control
max-age=259200
accept-ranges
bytes
x-amz-cf-id
B9innWxPBKmyS14zsiqDv7wmu5_EsmzK1td1xWt5j_UkUHTpXPq4Wg==
expires
Mon, 02 Jan 2023 11:51:53 GMT
a-wit-10343.gif
www.zone-turf.fr/media/picture/casaque/ Frame 9844 		2 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.zone-turf.fr/media/picture/casaque/a-wit-10343.gif
Requested by
Host: www.turf.dafun.com
URL: http://www.turf.dafun.com/pronos/abonnesturf/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2600:9000:2304:3a00:10:b13a:9240:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Apache /
Resource Hash
c05572f4e0975b3654f60ab0d1ba7ab96264cbc01c76f23dd752701780124184

Request headers

accept-language
fr-FR,fr;q=0.9
Referer
http://www.turf.dafun.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Fri, 30 Dec 2022 22:02:55 GMT
via
1.1 varnish, 1.1 2037bc3d80050c91043b9acac67831a2.cloudfront.net (CloudFront)
x-backend
default
age
111504
x-amz-cf-pop
VIE50-P1
x-cache
Hit from cloudfront
alt-svc
h3=":443"; ma=86400
content-length
1644
last-modified
Wed, 28 Dec 2022 23:03:58 GMT
server
Apache
etag
"9d257d37-66c-5f0eb622d91fc"
content-type
image/gif
x-varnish
1645983579 1634504068
cache-control
max-age=259200
accept-ranges
bytes
x-amz-cf-id
6VZGcJPF_WRsJnnbySdBuHAoBJcdgCSWyWmWEnEk1UcvzIzbdh2IMw==
expires
Sun, 01 Jan 2023 15:45:27 GMT
bt_ok.gif
payment.allopass.com/imgweb/common/ Frame 9844 		753 B
991 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://payment.allopass.com/imgweb/common/bt_ok.gif
Requested by
Host: www.turf.dafun.com
URL: http://www.turf.dafun.com/pronos/abonnesturf/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
185.119.26.1 , France, ASN203544 (WEBDEVIIN-AS, FR),
Reverse DNS
1.26.119.185.in-addr.arpa
Software
Apache /
Resource Hash
d1d6b5efe0d6c2540778435a8f7873cbec1eb76a2b107370388a8806cb5dda6a

Request headers

accept-language
fr-FR,fr;q=0.9
Referer
http://www.turf.dafun.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

Date
Fri, 30 Dec 2022 22:43:51 GMT
Last-Modified
Tue, 26 Nov 2019 14:39:46 GMT
Server
Apache
ETag
"22a09-2f1-59840d9fb3080"
Content-Type
image/gif
Connection
close
Accept-Ranges
bytes
Content-Length
753
arpnum.png
www.turf.dafun.com/pronos/abonnesturf/ Frame 9844 		28 KB
28 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
http://www.turf.dafun.com/pronos/abonnesturf/arpnum.png
Requested by
Host: www.turf.dafun.com
URL: http://www.turf.dafun.com/pronos/abonnesturf/
Protocol
HTTP/1.1
Server
194.150.236.165 , France, ASN44976 (HIWIT_AS, FR),
Reverse DNS
ns5.hiwit.net
Software
Apache /
Resource Hash
f2207fe2c468645234ccc51e5d925121bf6ad9075e84b3c898fd2855981fba10

Request headers

accept-language
fr-FR,fr;q=0.9
Referer
http://www.turf.dafun.com/pronos/abonnesturf/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

Date
Fri, 30 Dec 2022 22:43:51 GMT
Last-Modified
Thu, 22 Sep 2022 16:56:56 GMT
Server
Apache
ETag
"e75cc8-7055-5e946f2eaa600"
Vary
Host
Content-Type
image/png
Connection
Keep-Alive
Accept-Ranges
bytes
Keep-Alive
timeout=15, max=99
Content-Length
28757
spritev3.png
d1crle9mdp1ve1.cloudfront.net/script/v3/themes/default_blue/images/ Frame 9844 		10 KB
10 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://d1crle9mdp1ve1.cloudfront.net/script/v3/themes/default_blue/images/spritev3.png
Requested by
Host: www.turf.dafun.com
URL: http://www.turf.dafun.com/pronos/abonnesturf/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2491:b000:b:f280:8a40:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Apache /
Resource Hash
f61a5853e0d521650c49841a7eaa276055806233c503f55ffa9d0015e7940874

Request headers

accept-language
fr-FR,fr;q=0.9
Referer
http://www.turf.dafun.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

Date
Tue, 27 Dec 2022 11:16:27 GMT
Via
1.1 93efd892a8e99dc59164afbee331cd56.cloudfront.net (CloudFront)
Last-Modified
Wed, 25 Sep 2013 06:45:43 GMT
Server
Apache
X-Amz-Cf-Pop
FRA56-P7
Age
300404
Vary
Accept-Encoding
X-Cache
Hit from cloudfront
Content-Type
image/png
Cache-Control
max-age=2678400
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
10005
X-Amz-Cf-Id
EAyjguSIo9lT8ebae8vbk-9bWqr9lHeeTfBOMrhkLcQPeE83dck-fQ==
Expires
Fri, 27 Jan 2023 11:16:27 GMT
kit-micropaiement-starpass-logo.png
d1crle9mdp1ve1.cloudfront.net/script/v3/themes/default_blue/images/ Frame 9844 		14 KB
15 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://d1crle9mdp1ve1.cloudfront.net/script/v3/themes/default_blue/images/kit-micropaiement-starpass-logo.png
Requested by
Host: www.turf.dafun.com
URL: http://www.turf.dafun.com/pronos/abonnesturf/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2491:b000:b:f280:8a40:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Apache /
Resource Hash
16b75ffef6575fb4a8392662d6f4cbc1ce9731090c344d9275aa18c1bf4d22f8

Request headers

accept-language
fr-FR,fr;q=0.9
Referer
http://www.turf.dafun.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

Date
Fri, 30 Dec 2022 01:37:09 GMT
Via
1.1 6e5ec1ef7875ec0751cb61200df7f212.cloudfront.net (CloudFront)
Last-Modified
Wed, 25 Sep 2013 06:45:43 GMT
Server
Apache
X-Amz-Cf-Pop
FRA56-P7
Age
75962
Vary
Accept-Encoding
X-Cache
Hit from cloudfront
Content-Type
image/png
Cache-Control
max-age=2678400
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
14648
X-Amz-Cf-Id
k2CaLBw-Nv8mc4oH9d6ZLXeUiFndm9Ir1jbuYaQrkoUa7Oqk2n9alg==
Expires
Mon, 30 Jan 2023 01:37:09 GMT
sprite-solution-v3.3.png
d1crle9mdp1ve1.cloudfront.net/script/v3/themes/default/images/ Frame 9844 		10 KB
10 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://d1crle9mdp1ve1.cloudfront.net/script/v3/themes/default/images/sprite-solution-v3.3.png
Requested by
Host: www.turf.dafun.com
URL: http://www.turf.dafun.com/pronos/abonnesturf/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2491:b000:b:f280:8a40:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Apache /
Resource Hash
69fc9bfe3dda05ea6979425fce9cdc5f36ed97b8464700cc2bcd269e7b6900bc

Request headers

accept-language
fr-FR,fr;q=0.9
Referer
http://www.turf.dafun.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

Date
Mon, 26 Dec 2022 06:08:11 GMT
Via
1.1 85ca8c4198fb707d10ecc2a784a315be.cloudfront.net (CloudFront)
Last-Modified
Thu, 11 Aug 2016 12:43:28 GMT
Server
Apache
X-Amz-Cf-Pop
FRA56-P7
Age
405299
Vary
Accept-Encoding
X-Cache
Hit from cloudfront
Content-Type
image/png
Cache-Control
max-age=2678400
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
10206
X-Amz-Cf-Id
ZIo-QdYsHR1lCFZHfR9KwhT3BPOngu5D4tvUlkZU2c9sQnAy4RVxyA==
Expires
Thu, 26 Jan 2023 06:08:11 GMT
sprite-flag-v6.4.png
d1crle9mdp1ve1.cloudfront.net/script/v3/themes/default/images/ Frame 9844 		30 KB
31 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://d1crle9mdp1ve1.cloudfront.net/script/v3/themes/default/images/sprite-flag-v6.4.png
Requested by
Host: www.turf.dafun.com
URL: http://www.turf.dafun.com/pronos/abonnesturf/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2491:b000:b:f280:8a40:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Apache /
Resource Hash
8c9da1b1f22e858156ed9b50e24062cc53aca8b630f303fc00de0975a789c0d2

Request headers

accept-language
fr-FR,fr;q=0.9
Referer
http://www.turf.dafun.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

Date
Wed, 28 Dec 2022 05:02:50 GMT
Via
1.1 93efd892a8e99dc59164afbee331cd56.cloudfront.net (CloudFront)
Last-Modified
Thu, 29 May 2014 12:26:16 GMT
Server
Apache
X-Amz-Cf-Pop
FRA56-P7
Age
236420
Vary
Accept-Encoding
X-Cache
Hit from cloudfront
Content-Type
image/png
Cache-Control
max-age=2678400
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
31072
X-Amz-Cf-Id
xFTp82qHXQ1TtEw80mFhYM2MGsMva85j6Yr5SL_uwqa1Vm0HO5sy3w==
Expires
Sat, 28 Jan 2023 05:02:50 GMT
logo.png
d1crle9mdp1ve1.cloudfront.net/script/v3/panel/cb/default/image/ Frame 9844 		14 KB
15 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://d1crle9mdp1ve1.cloudfront.net/script/v3/panel/cb/default/image/logo.png
Requested by
Host: www.turf.dafun.com
URL: http://www.turf.dafun.com/pronos/abonnesturf/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2491:b000:b:f280:8a40:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Apache /
Resource Hash
c594bd41589245fab296d11ed6fb8af54b28bde777fd51e54adb6285289f5740

Request headers

accept-language
fr-FR,fr;q=0.9
Referer
http://www.turf.dafun.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

Date
Wed, 14 Dec 2022 11:30:51 GMT
Via
1.1 6e5ec1ef7875ec0751cb61200df7f212.cloudfront.net (CloudFront)
Last-Modified
Wed, 25 Sep 2013 06:45:23 GMT
Server
Apache
X-Amz-Cf-Pop
FRA56-P7
Age
1422740
X-Cache
Hit from cloudfront
Content-Type
image/png
Cache-Control
max-age=2678400
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
14358
X-Amz-Cf-Id
zjBusz7MDBSXvnApdanCQFaQuFRl12OqBe9bzJE-mJL17a80iaj8uQ==
Expires
Sat, 14 Jan 2023 11:30:51 GMT
logo-internet-plus-mobile.jpg
d1crle9mdp1ve1.cloudfront.net/script/v3/panel/mpme/default/image/ Frame 9844 		3 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://d1crle9mdp1ve1.cloudfront.net/script/v3/panel/mpme/default/image/logo-internet-plus-mobile.jpg
Requested by
Host: www.turf.dafun.com
URL: http://www.turf.dafun.com/pronos/abonnesturf/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2491:b000:b:f280:8a40:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Apache /
Resource Hash
e325f17eee64e9e9a17d47240daa5e58989c3b54c32f61b9b7bdb9095db43e0a

Request headers

accept-language
fr-FR,fr;q=0.9
Referer
http://www.turf.dafun.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

Date
Fri, 02 Dec 2022 01:31:18 GMT
Via
1.1 d76db2cbee553c8bb2de7fd88a960646.cloudfront.net (CloudFront)
Last-Modified
Wed, 25 Sep 2013 06:45:27 GMT
Server
Apache
X-Amz-Cf-Pop
FRA56-P7
Age
2495514
X-Cache
Hit from cloudfront
Content-Type
image/jpeg
Cache-Control
max-age=2678400
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
3025
X-Amz-Cf-Id
84upPht0t1AnwfziazEV3RZqq9cxoD0rEmoYZ9jtH7zRXKLzq_RODQ==
Expires
Mon, 02 Jan 2023 01:31:18 GMT
analytics.js
www.google-analytics.com/ Frame 9844 		49 KB
20 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/analytics.js
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-NHFGDSD
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:828::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
b42e4a056cb5b80c5a315040826866445ec9332f0749e184509ab2d9d3b86719
Security Headers
Name Value
Strict-Transport-Security max-age=10886400; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
fr-FR,fr;q=0.9
Referer
http://www.turf.dafun.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

strict-transport-security
max-age=10886400; includeSubDomains; preload
content-encoding
gzip
x-content-type-options
nosniff
date
Fri, 30 Dec 2022 21:50:44 GMT
last-modified
Tue, 27 Sep 2022 22:01:05 GMT
server
Golfe2
age
3188
vary
Accept-Encoding
content-type
text/javascript
cache-control
public, max-age=7200
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
20039
expires
Fri, 30 Dec 2022 23:50:44 GMT
sodar
pagead2.googlesyndication.com/pagead/ Frame BA8C 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&t=2&li=gda_r20221207&jk=1158092139226912&bg=!29il2JzNAAYgquz3AKo7ACkAdvg8Whw99K9yw64KhNeKgAlG9TGSzNpsn858D3Y7-lw225JCqsUwuQIAAABWUgAAAAJoAQeZAxQam-H8r_X9aZ9BZZ_TsSbMZiFubR36D3P9PnXQVTdr6SBTWp6qffmfP18AAQ3d3hbPGLh1z-lwtotG9RX2Ewtclb3C0uvy6Rw3SX5uL4zagwM-H0PhGH1mCG1u88KHb8WLzYBPSiE_e7yLGWIGDTQeeVNw_JVx87h_KOnPOP-7jXQAkb5lOJT3xfiEWez2R85FBnisoCp32J9NElsMaYJNW1GNbNsm0MVfG6zE7mdjtjeFxiRC75_mms6eNYDa2EzrrGQS-6dBnXGq8OznQVK0gn1yRSHXup_DCeS5JSmeIkdjTZXbUmlGDF8c31J7SxYJnZdS7JvH2q50cIOMA3F43Kjeib0owZjVpPcPaOOpo7F3Ow38Lqdtn9-cxVNTYmwnoVQJxA2w7NGj9v5j8iYR0cQ558ZD8occwR8aRRGz5pmZ12PwIgCXhM073R6IlDlZaIwUhC8C0c5RhzWqtFFUJytWl3qh7dxjzukBWWCwDOqu9uv3zbLsx1OcLvTd5BwMCQxzjfqCMY52jKHKJbPVZqmxzqCf4Za-jOeNyk3yxRYiCzvo-8zvsnG0KXCGsM5r_64ix8u6JelCFb25ZrMjvY1vzV50NbjwJr89YCzgFb5ocppVtQvPADwjBcw9PcRcA_K2ukOhTyJQCcl9S-E2RlHzF-JojuQn3Rcti9rMPEwZdN7Kr5BADWu_8OWRXKM_RQ9iZlChHkU43d_K-bM4qfIltDaF4d2miZGPgf4Xqv9ujOwxJIeK1i8OTp-zJCWh6nAW18AGmELn7N_TEzsLruOjllmitvAWgwRfClv5n49EWAq9D_Bj5232YG7DrzVkFbabcZH74SPHY4E6oDTmH-jXjwciST2VKaYY812HSlqJrFqrrIarXA7R9arpwEP3MgRmsS0WTm9NtChhCacAzJOkkagEQtVqk7Y_ARf8w6ntMCAgt4IgzutP3pD3pmzU3SUt2YTpYmGmzNsKX-GqQSXTOC4p-rzlELSV22r1rvwGFuK7akhqj3SRkdFPUsNUxqJQJQEQonxTMd7Ok3rxrAbwOA
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:803::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
fr-FR,fr;q=0.9
Referer
http://www.abonnesturf.1s.fr/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

Verdicts & Comments Add Verdict or Comment

8 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| 0 object| 1 object| 2 object| oncontentvisibilityautostatechange object| google_reactive_ads_global_state object| google_ad_modifications number| google_global_correlator object| google_prev_clients

5 Cookies

Domain/Path Name / Value
.1s.fr/ Name: __gads
Value: ID=0bf420e96ba863e4-22f6d78fe6da00f2:T=1672440231:RT=1672440231:S=ALNI_MaToayRt1YHL1izWGOvRp-LYKS5Jg
.1s.fr/ Name: __gpi
Value: UID=00000b9afb282518:T=1672440231:RT=1672440231:S=ALNI_MZ2F_WANmKc96thItGgyrZoK5sowQ
.doubleclick.net/ Name: test_cookie
Value: CheckForPermission
payment.allopass.com/ Name: ShopSessionId
Value: 58b40443-7ea6-4cd3-b310-eacd70e4202f
.allopass.com/ Name: AP_CUSK
Value: 3600783814

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

adservice.google.com
adservice.google.fr
d1crle9mdp1ve1.cloudfront.net
freegifmaker.me
googleads.g.doubleclick.net
img.root-top.com
pagead2.googlesyndication.com
partner.googleadservices.com
payment.allopass.com
script.starpass.fr
tpc.googlesyndication.com
www.abonnesturf.1s.fr
www.google-analytics.com
www.google.com
www.googletagmanager.com
www.loogix.com
www.turf.dafun.com
www.turfinfos.ouba.com
www.venez.fr
www.zone-turf.fr
185.119.26.1
194.0.255.28
194.150.236.165
194.150.236.166
2600:9000:2304:3a00:10:b13a:9240:93a1
2600:9000:2491:b000:b:f280:8a40:93a1
2606:4700:3038::6815:ea1a
2606:4700:3038::6815:ea1b
2a00:1450:4001:803::2002
2a00:1450:4001:80e::2001
2a00:1450:4001:80e::2002
2a00:1450:4001:80f::2002
2a00:1450:4001:828::200e
2a00:1450:4001:829::2002
2a00:1450:4001:82a::2008
2a00:1450:4001:82b::2002
2a00:1450:400d:803::2002
2a00:1450:400d:807::2004
3.66.136.156
5.135.149.81
88.99.130.181
0141b53751648593f4f59574f1d260c330e34706e614500fe04787fad8f0a478
053632df4493fbfd8e33d16fb3453e6940fd56864004405fb4215b6bff6b4405
08544dca8933b4d4b7575aab76d15cd1e015344c39e65df32cba8cd17cc24411
0c91a24c2deb753c963c48cd9c3e5d16ee96128b30bce193c4324e121728c306
16b75ffef6575fb4a8392662d6f4cbc1ce9731090c344d9275aa18c1bf4d22f8
183f011999180d0b7fc238ad745ce0ccaa5f8e88b9382e5c08e0f042a227a6d1
1c9c204897211b376e92013bc9f392a3fb4cf42ad99beaf0cf09b3fee3de8b65
1dfedd383e1fc3d297e6a301ebd3045097c859b39b0c490bcff19527e05d56dd
26147424b460a3b262ffc530e30579fef01cb47d6dff53d5795b69b28527776c
27dc3e57def64eb6ce1ec80c9508a7b6df7e223d51576125bf10fb3c4387b0ee
282bf0267358b4b4f834644fced15044b16455ebecce54a5278d67e0baa8feef
29e58a31046cbd8912e14634fb404dba058f422d9cf5cb9aa2e2759a2be89707
2be288f8566de33c1fff7d65f507b1ea20a9e4365eff8d9305ed5e44efc46184
2be3f3806bbc4bef61e1e5bf4d100e2129fe6c93d51e32983e1ea035e20e9c47
2f6a4da1591cfe99a48b99eec2d7b013852e5d9ae489cb5b3e64d2d8bcff4dc8
321e5e5af465f1753cdf0a077c1cfdc6eb72ca29f68d91496f184de7f1b0253f
3289fc83b622ca0a13683fa81b006a05de135d1938744d6e30e5c9be2f2d782a
3b368373b6e5dc4a46c28a8b17c444d6294328144c768c5488473a4f8667548a
49d4ba84e10d9d1f2a83956dde4f20625fd11efc01f60a3a4552a9e09a05a74f
4b7fad91f5413c7460b5e04ea365d0bed0b91502482973fd34bfb3e204fe61e0
50496c2028ae5aab5dd45cbaee5b13a4db395a17a58ee0bc27480c0a0063c977
55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a
5b5cceed2cb716c00e2ac6a024cf27d7efad1d17dda764769105ef14d4fe9355
5f6afa109e8abfae0844da1c8e73e725998f81e84b7884aebafc3f025c6f1944
61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb
65003fb8b314bf8136a717639f7b3542be820349c054e1792e2b728d3ffb7b8a
69fc9bfe3dda05ea6979425fce9cdc5f36ed97b8464700cc2bcd269e7b6900bc
7dc792d48132ff15a9ad8c11a139bf26f8e13aa3df30a71582ae406ddffdab4f
7dd9659e56e92abc376e04d427903b2cfca1d52d854d38e35fefa4cf9e7fd9db
7f7a77be50c12c7be1e4d9ae0239d4537e7cf924e58318102b81298e2d6569f7
8c9da1b1f22e858156ed9b50e24062cc53aca8b630f303fc00de0975a789c0d2
95eb15e76b752a9c78d6281cd3b7c43a8fbc2931783edf3bf3703af55eff06e2
9da238ca619f3bf71312de3c9c913c653941ada56cb5e1601aafb6094ae51cdc
9ec37f7a06412aa02f72942e4675e5b2a57cceaf03bbbef6c0c04d4f8fdb8d61
9eddd6e4da9946114b60f398babb5b65927deb9ed4bf7063e7e09c6f05eed481
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
a51445ce818e264ccd17cdd92631fa7fb0f9536fda57df7270c54ddbe3444079
a552344a2313af10905a5c897cb7f12e107bcc63108d60ef31a78a85d19b9cb8
a7f9e64c3ee6cc6e4080443b2c523137f8d2133fc6bbff01da427d0f974c071f
aa79139c0f9eaf6f26074f3b39ca9debaf8323305ca7572ff52e0e6c6d36c81a
ab39519eecf15d802bf08311c17f86f5edee0801676b722efb2d471451c5193b
acb0939b88719c0a69a6333ed54b8be78afaa623f53873be5f698ae052aa7293
b3d1ff1c03e608adcedb1eb0620301291d21d70834b11c8e6f1d710351debd38
b42e4a056cb5b80c5a315040826866445ec9332f0749e184509ab2d9d3b86719
b5202513a61539f8cf6a953bcca6ebc48e6eeff5543eae552d7d786b5e0017b9
c05572f4e0975b3654f60ab0d1ba7ab96264cbc01c76f23dd752701780124184
c594bd41589245fab296d11ed6fb8af54b28bde777fd51e54adb6285289f5740
d1a79abd8a54b42ed4fcdd6d82631562d55d8246d3566e1403cd7fb3175305dd
d1d6b5efe0d6c2540778435a8f7873cbec1eb76a2b107370388a8806cb5dda6a
dbffe8680363e3f4575a0b4259d51c4e52e66d2dc561d89996555e5172439e47
dd6a4d39482b37efe9c55c363401d536da1f7abff0e9a2dbdd91d718700ce386
e19df68d98312cc83e8fd1cca7b2f84e7adaa63d55b6016d8b3dc08c87f6d8b1
e325f17eee64e9e9a17d47240daa5e58989c3b54c32f61b9b7bdb9095db43e0a
e3ae582acca21b89cbc149f97c8a8ac8711555dc18a83304eca9301009bdbc94
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
eaeb87dd1966c8f37356dcc2e33ff75ac7c0d894c56079b705c6bea860e2deef
f2207fe2c468645234ccc51e5d925121bf6ad9075e84b3c898fd2855981fba10
f61a5853e0d521650c49841a7eaa276055806233c503f55ffa9d0015e7940874
fcb9ffe59728585aaafed9d49c55f2187abaa8e7f1fd0038757fcfba67d5d53d
fee64e201bdb0aa49201ed91defc35fd721526ed7c14efb960615d2bc810cba3