urlscan.io logo urlscan.io
SecurityTrails logo

www.programmation.fr.mu Open in urlscan Pro
5.135.149.81  Public Scan

Go To Rescan Add Verdict Report
URL: http://www.programmation.fr.mu/
Submission: On February 15 via manual from BF — Scanned from FR
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 12 IPs in 3 countries across 12 domains to perform 45 HTTP transactions. The main IP is 5.135.149.81, located in Le Chesnay, France and belongs to OVH, FR. The main domain is www.programmation.fr.mu.
This is the only time www.programmation.fr.mu was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

10    5.135.149.81 (Le Chesnay, France)

ASN16276 (OVH, FR)
PTR: web3.venez.net
www.programmation.fr.mu
www.venez.fr
10    194.150.236.165 (France)

ASN44976 (HIWIT_AS, FR)
PTR: ns5.hiwit.net
www.turf.dafun.com
6    2a00:1450:4001:82f::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
pagead2.googlesyndication.com
4    185.119.26.1 (France)

ASN203544 (WEBDEVIIN-AS, FR)
PTR: 1.26.119.185.in-addr.arpa
payment.allopass.com
1    194.0.255.28 (France)

ASN8218 (NEO-ASN legacy Neotelecoms, FR)
PTR: srv28.bdmultimedia.fr
script.starpass.fr
1    2a00:7ee0:1:0:3:20:0:26b (France)

ASN210403 (LWS, FR)
www.lesleaders.com
4    2606:4700:3038::6815:ea1b (United States)

ASN13335 (CLOUDFLARENET, US)
img.root-top.com
4    2606:4700:3038::6815:ea1a (United States)

ASN13335 (CLOUDFLARENET, US)
img.root-top.com
1    194.150.236.166 (France)

ASN44976 (HIWIT_AS, FR)
PTR: ns6.hiwit.net
www.turfinfos.ouba.com
2    2a00:1450:4001:811::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.googletagmanager.com
2    2a00:1450:4001:806::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
googleads.g.doubleclick.net
3    2a00:1450:4001:810::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
tpc.googlesyndication.com
1    2a00:1450:4001:830::2004 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.google.com
Apex Domain
Subdomains		 Transfer
10 dafun.com
www.turf.dafun.com
484 KB
9 googlesyndication.com
pagead2.googlesyndication.com — Cisco Umbrella Rank: 120
tpc.googlesyndication.com — Cisco Umbrella Rank: 158
231 KB
8 root-top.com
img.root-top.com
21 KB
7 venez.fr
www.venez.fr
9 KB
4 allopass.com
payment.allopass.com
11 KB
3 fr.mu
www.programmation.fr.mu
3 KB
2 doubleclick.net
googleads.g.doubleclick.net — Cisco Umbrella Rank: 43
5 KB
2 googletagmanager.com
www.googletagmanager.com — Cisco Umbrella Rank: 52
159 KB
1 google.com
www.google.com — Cisco Umbrella Rank: 2
1 KB
1 ouba.com
www.turfinfos.ouba.com
6 KB
1 lesleaders.com
www.lesleaders.com
30 KB
1 starpass.fr
script.starpass.fr
376 B
45 12
Domain Requested by
10 www.turf.dafun.com www.programmation.fr.mu
www.turf.dafun.com
8 img.root-top.com 4 redirects www.turf.dafun.com
7 www.venez.fr www.programmation.fr.mu
www.venez.fr
6 pagead2.googlesyndication.com www.programmation.fr.mu
pagead2.googlesyndication.com
tpc.googlesyndication.com
4 payment.allopass.com www.turf.dafun.com
payment.allopass.com
3 tpc.googlesyndication.com pagead2.googlesyndication.com
tpc.googlesyndication.com
3 www.programmation.fr.mu www.programmation.fr.mu
2 googleads.g.doubleclick.net pagead2.googlesyndication.com
2 www.googletagmanager.com payment.allopass.com
www.googletagmanager.com
1 www.google.com tpc.googlesyndication.com
1 www.turfinfos.ouba.com www.turf.dafun.com
1 www.lesleaders.com www.turf.dafun.com
1 script.starpass.fr www.turf.dafun.com
45 13

This site contains no links.

Subject Issuer Validity Valid
venez.fr
R3		 2023-12-04 -
2024-03-03		 3 months crt.sh
*.allopass.com
Sectigo RSA Domain Validation Secure Server CA		 2023-10-06 -
2024-10-07		 a year crt.sh
script.starpass.fr
ZeroSSL RSA Domain Secure Site CA		 2024-01-11 -
2024-04-10		 3 months crt.sh
*.google-analytics.com
GTS CA 1C3		 2024-01-29 -
2024-04-22		 3 months crt.sh
*.g.doubleclick.net
GTS CA 1C3		 2024-01-29 -
2024-04-22		 3 months crt.sh
tpc.googlesyndication.com
GTS CA 1C3		 2024-01-29 -
2024-04-22		 3 months crt.sh
www.google.com
GTS CA 1C3		 2024-01-29 -
2024-04-22		 3 months crt.sh

This page contains 9 frames:

Primary Page: http://www.programmation.fr.mu/
Frame ID: 4A07C40AB92A1E4A2227B468FBD7D775
Requests: 1 HTTP requests in this frame

Frame: http://www.programmation.fr.mu/barre-programmation.fr.mu.html
Frame ID: A04A063198B708D0DE55FA4E1675B055
Requests: 9 HTTP requests in this frame

Frame: http://www.turf.dafun.com/pronos/programmation/
Frame ID: FACE80BA79313B4023AE6B9FC7BD1DFD
Requests: 23 HTTP requests in this frame

Frame: http://www.programmation.fr.mu/stats-programmation.fr.mu.html
Frame ID: A77FCF2936F980F60D249ED5A292AE51
Requests: 1 HTTP requests in this frame

Frame: https://www.venez.fr/alternate-barre.htm
Frame ID: 09A1D73EB1333DEABBAFF56EAF4823A2
Requests: 4 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/html/r20240213/r20190131/zrt_lookup_fy2021.html
Frame ID: BF27E512D9A0C48186E8C4555667DD2A
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5203714787387788&output=html&h=90&slotname=4563536207&adk=2647235303&adf=3604715433&pi=t.ma~as.4563536207&w=970&format=970x90&url=http%3A%2F%2Fwww.programmation.fr.mu%2F&wgl=1&dt=1708022053228&bpp=1&bdt=523&idt=260&shv=r20240213&mjsv=m202402070101&ptt=9&saldr=aa&correlator=7407254345333&frm=23&ife=1&pv=2&ga_vid=666907103.1708022053&ga_sid=1708022053&ga_hid=335035301&ga_fc=0&nhd=1&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&adx=20&ady=0&biw=1600&bih=1200&isw=1600&ish=90&ifk=505962444&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44808397%2C31081106%2C31081188%2C44785294%2C44795921%2C95324580%2C95325066%2C31081078%2C95322183%2C95324154%2C95324161&oid=2&pvsid=995981712755035&tmod=1488881790&uas=0&nvt=1&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C90&vis=1&rsz=o%7Co%7CaeE%7C&abl=NA&pfx=0&fu=4&bc=23&bz=1&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=1&uci=1.usdn0k16275t&fsb=1&dtd=268
Frame ID: 578D14FAC4739327E0851E134E27554D
Requests: 1 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Frame ID: 3C92627A3B3450EC11CE553610449E20
Requests: 3 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/aframe
Frame ID: 1167556BF03034F639D85531E71A2496
Requests: 2 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page Title

PROGRAMMATION

Detected technologies

Overall confidence: 100%
Detected patterns
  • googlesyndication\.com/
Overall confidence: 100%
Detected patterns
  • googletagmanager\.com/gtm\.js

Page Statistics

45
Requests

56 %
HTTPS

62 %
IPv6

12
Domains

13
Subdomains

12
IPs

3
Countries

960 kB
Transfer

1685 kB
Size

6
Cookies

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 13
  • http://img.root-top.com/topsite/turfgagnant/banner.gif HTTP 301
  • https://img.root-top.com/topsite/turfgagnant/banner.gif
Request Chain 14
  • http://img.root-top.com/topsite/bienjouer/banner.gif HTTP 301
  • https://img.root-top.com/topsite/bienjouer/banner.gif
Request Chain 20
  • http://img.root-top.com/topsite/lc13/banner.gif HTTP 301
  • https://img.root-top.com/topsite/lc13/banner.gif
Request Chain 21
  • http://img.root-top.com/topsite/miroirduturf/banner.gif HTTP 301
  • https://img.root-top.com/topsite/miroirduturf/banner.gif

45 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Primary Request /
www.programmation.fr.mu/ 		3 KB
1 KB 		Document
General
Check archive.org
Download Go to
Full URL
http://www.programmation.fr.mu/
Protocol
HTTP/1.1
Server
5.135.149.81 Le Chesnay, France, ASN16276 (OVH, FR),
Reverse DNS
web3.venez.net
Software
Apache /
Resource Hash
3c05b233a4a3ea3326a35076eed2fe49e26a2e26c3487c2df454658faebfc94a

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36
accept-language
fr-FR,fr;q=0.9

Response headers

Connection
Keep-Alive
Content-Encoding
gzip
Content-Length
1098
Content-Type
text/html; charset=iso-8859-1
Date
Thu, 15 Feb 2024 18:34:11 GMT
Keep-Alive
timeout=5, max=100
Server
Apache
Vary
Accept-Encoding
barre-programmation.fr.mu.html
www.programmation.fr.mu/ Frame A04A 		3 KB
2 KB 		Document
General
Check archive.org
Download Go to
Full URL
http://www.programmation.fr.mu/barre-programmation.fr.mu.html
Requested by
Host: www.programmation.fr.mu
URL: http://www.programmation.fr.mu/
Protocol
HTTP/1.1
Server
5.135.149.81 Le Chesnay, France, ASN16276 (OVH, FR),
Reverse DNS
web3.venez.net
Software
Apache /
Resource Hash
55ee0aa7bc5fa6bc8d19928833401dc6d1f41ad957b7db39041799a02a371aec

Request headers

Referer
http://www.programmation.fr.mu/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36
accept-language
fr-FR,fr;q=0.9

Response headers

Cache-Control
no-store, no-cache, must-revalidate post-check=0, pre-check=0
Connection
Keep-Alive
Content-Encoding
gzip
Content-Length
1500
Content-Type
text/html; charset=ISO-8859-1
Date
Thu, 15 Feb 2024 18:34:11 GMT
Expires
Thu, 15 Feb 2024 18:34:11 GMT
Keep-Alive
timeout=5, max=99
Last-Modified
Thu, 15 Feb 2024 18:34:11 GMT
Pragma
no-cache
Server
Apache
Vary
Accept-Encoding
/
www.turf.dafun.com/pronos/programmation/ Frame FACE 		13 KB
13 KB 		Document
General
Check archive.org
Download Go to
Full URL
http://www.turf.dafun.com/pronos/programmation/
Requested by
Host: www.programmation.fr.mu
URL: http://www.programmation.fr.mu/
Protocol
HTTP/1.1
Server
194.150.236.165 , France, ASN44976 (HIWIT_AS, FR),
Reverse DNS
ns5.hiwit.net
Software
Apache /
Resource Hash
dfec14afd1426fd0d9e224ee878dcfb424f0bc3933e270296096049efa63bb4e

Request headers

Referer
http://www.programmation.fr.mu/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36
accept-language
fr-FR,fr;q=0.9

Response headers

Connection
Keep-Alive
Content-Type
text/html
Date
Thu, 15 Feb 2024 18:34:12 GMT
Keep-Alive
timeout=15, max=100
Server
Apache
Transfer-Encoding
chunked
Vary
Host
stats-programmation.fr.mu.html
www.programmation.fr.mu/ Frame A77F 		0
192 B 		Document
General
Check archive.org
Download Go to
Full URL
http://www.programmation.fr.mu/stats-programmation.fr.mu.html
Requested by
Host: www.programmation.fr.mu
URL: http://www.programmation.fr.mu/
Protocol
HTTP/1.1
Server
5.135.149.81 Le Chesnay, France, ASN16276 (OVH, FR),
Reverse DNS
web3.venez.net
Software
Apache /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
http://www.programmation.fr.mu/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36
accept-language
fr-FR,fr;q=0.9

Response headers

Connection
Keep-Alive
Content-Length
0
Content-Type
text/html; charset=iso-8859-1
Date
Thu, 15 Feb 2024 18:34:11 GMT
Keep-Alive
timeout=5, max=100
Server
Apache
site.js
www.venez.fr/js/ Frame A04A 		2 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.venez.fr/js/site.js?www.venez.fr
Requested by
Host: www.programmation.fr.mu
URL: http://www.programmation.fr.mu/barre-programmation.fr.mu.html
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
5.135.149.81 Le Chesnay, France, ASN16276 (OVH, FR),
Reverse DNS
web3.venez.net
Software
Apache /
Resource Hash
0c91a24c2deb753c963c48cd9c3e5d16ee96128b30bce193c4324e121728c306

Request headers

accept-language
fr-FR,fr;q=0.9
Referer
http://www.programmation.fr.mu/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

Date
Thu, 15 Feb 2024 18:34:12 GMT
Content-Encoding
gzip
Last-Modified
Thu, 15 Feb 2024 18:34:12 GMT
Server
Apache
Vary
Accept-Encoding
Content-Type
application/javascript
Cache-Control
public, max-age=604800
Connection
Keep-Alive
Keep-Alive
timeout=5, max=100
Content-Length
1023
Expires
Thu, 22 Feb 2024 18:34:12 GMT
separateur90.gif
www.venez.fr/images/ Frame A04A 		82 B
388 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.venez.fr/images/separateur90.gif
Requested by
Host: www.programmation.fr.mu
URL: http://www.programmation.fr.mu/barre-programmation.fr.mu.html
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
5.135.149.81 Le Chesnay, France, ASN16276 (OVH, FR),
Reverse DNS
web3.venez.net
Software
Apache /
Resource Hash
3289fc83b622ca0a13683fa81b006a05de135d1938744d6e30e5c9be2f2d782a

Request headers

accept-language
fr-FR,fr;q=0.9
Referer
http://www.programmation.fr.mu/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

Date
Thu, 15 Feb 2024 18:34:12 GMT
Last-Modified
Thu, 15 Nov 2018 22:11:22 GMT
Server
Apache
ETag
"52-57abb54b25680"
Content-Type
image/gif
Cache-Control
max-age=604800, public
Connection
Keep-Alive
Accept-Ranges
bytes
Keep-Alive
timeout=5, max=100
Content-Length
82
adsbygoogle.js
pagead2.googlesyndication.com/pagead/js/ Frame A04A 		147 KB
54 KB 		Script
General
Check archive.org
Download Go to
Full URL
http://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js
Requested by
Host: www.programmation.fr.mu
URL: http://www.programmation.fr.mu/barre-programmation.fr.mu.html
Protocol
HTTP/1.1
Server
2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
c0b3f643db0a24dcc9ab6adb32d9b5f1b18d580e48cecb767b2fa14bf7360dc8
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
fr-FR,fr;q=0.9
Referer
http://www.programmation.fr.mu/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

Date
Thu, 15 Feb 2024 18:34:13 GMT
Content-Encoding
gzip
X-Content-Type-Options
nosniff
P3P
policyref="http://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
Cross-Origin-Resource-Policy
cross-origin
Content-Disposition
attachment; filename="f.txt"
Content-Length
54560
X-XSS-Protection
0
Server
cafe
ETag
16628034614886776624
Vary
Accept-Encoding
Content-Type
text/javascript; charset=UTF-8
Access-Control-Allow-Origin
*
Cache-Control
private, max-age=3600, stale-while-revalidate=3600
Timing-Allow-Origin
*
Link
<https://googleads.g.doubleclick.net>; rel="preconnect"; crossorigin
Expires
Thu, 15 Feb 2024 18:34:13 GMT
head.jpg
www.turf.dafun.com/pronos/programmation/ Frame FACE 		77 KB
77 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
http://www.turf.dafun.com/pronos/programmation/head.jpg
Requested by
Host: www.turf.dafun.com
URL: http://www.turf.dafun.com/pronos/programmation/
Protocol
HTTP/1.1
Server
194.150.236.165 , France, ASN44976 (HIWIT_AS, FR),
Reverse DNS
ns5.hiwit.net
Software
Apache /
Resource Hash
5b376279810fe763fdea3127458adda3830e717053879c9904d1d2186b4eed08

Request headers

accept-language
fr-FR,fr;q=0.9
Referer
http://www.turf.dafun.com/pronos/programmation/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

Date
Thu, 15 Feb 2024 18:34:12 GMT
Last-Modified
Thu, 22 Sep 2022 16:57:15 GMT
Server
Apache
ETag
"e7602e-1339d-5e946f40c90c0"
Vary
Host
Content-Type
image/jpeg
Connection
Keep-Alive
Accept-Ranges
bytes
Keep-Alive
timeout=15, max=100
Content-Length
78749
top2.jpg
www.turf.dafun.com/pronos/programmation/ Frame FACE 		35 KB
35 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
http://www.turf.dafun.com/pronos/programmation/top2.jpg
Requested by
Host: www.turf.dafun.com
URL: http://www.turf.dafun.com/pronos/programmation/
Protocol
HTTP/1.1
Server
194.150.236.165 , France, ASN44976 (HIWIT_AS, FR),
Reverse DNS
ns5.hiwit.net
Software
Apache /
Resource Hash
3e464a572c1687023cd22ff8c67d6c9f868e10aa7347018595bd0102deb81028

Request headers

accept-language
fr-FR,fr;q=0.9
Referer
http://www.turf.dafun.com/pronos/programmation/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

Date
Thu, 15 Feb 2024 18:34:12 GMT
Last-Modified
Thu, 22 Sep 2022 16:57:17 GMT
Server
Apache
ETag
"e76037-8a0e-5e946f42b1540"
Vary
Host
Content-Type
image/jpeg
Connection
Keep-Alive
Accept-Ranges
bytes
Keep-Alive
timeout=15, max=100
Content-Length
35342
dico-quinte.png
www.turf.dafun.com/pronos/programmation/ Frame FACE 		38 KB
39 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
http://www.turf.dafun.com/pronos/programmation/dico-quinte.png
Requested by
Host: www.turf.dafun.com
URL: http://www.turf.dafun.com/pronos/programmation/
Protocol
HTTP/1.1
Server
194.150.236.165 , France, ASN44976 (HIWIT_AS, FR),
Reverse DNS
ns5.hiwit.net
Software
Apache /
Resource Hash
f2384ebce8f127741faa22d0ad678830654adf0c666d8e3757524baca7ebece1

Request headers

accept-language
fr-FR,fr;q=0.9
Referer
http://www.turf.dafun.com/pronos/programmation/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

Date
Thu, 15 Feb 2024 18:34:12 GMT
Last-Modified
Thu, 22 Sep 2022 16:57:13 GMT
Server
Apache
ETag
"e7602a-99ca-5e946f3ee0c40"
Vary
Host
Content-Type
image/png
Connection
Keep-Alive
Accept-Ranges
bytes
Keep-Alive
timeout=15, max=98
Content-Length
39370
checkout.apu
payment.allopass.com/buy/ Frame FACE 		11 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://payment.allopass.com/buy/checkout.apu?ids=357177&idd=1558066&lang=fr
Requested by
Host: www.turf.dafun.com
URL: http://www.turf.dafun.com/pronos/programmation/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
185.119.26.1 , France, ASN203544 (WEBDEVIIN-AS, FR),
Reverse DNS
1.26.119.185.in-addr.arpa
Software
Apache /
Resource Hash
8310719dbac59791edc8b8c6ac9470325d7c5b1e92431978a91d7c61569017bb

Request headers

accept-language
fr-FR,fr;q=0.9
Referer
http://www.turf.dafun.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

Pragma
no-cache
Date
Thu, 15 Feb 2024 18:34:12 GMT
Content-Encoding
gzip
Server
Apache
Vary
Accept-Encoding
P3P
CP='NON NID OTPa OUR NOR' policy-ref='http://payment.allopass.com/info/p3p/policy-references.xml'
Content-Type
text/html
Cache-Control
no-store, no-cache, must-revalidate, post-check=0, pre-check=0
Connection
close
Content-Length
2962
Expires
Thu, 19 Nov 1981 08:52:00 GMT
script.php
script.starpass.fr/ Frame FACE 		140 B
376 B 		Script
General
Check archive.org
Download Go to
Full URL
https://script.starpass.fr/script.php?idd=443724&datas=
Requested by
Host: www.turf.dafun.com
URL: http://www.turf.dafun.com/pronos/programmation/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
194.0.255.28 , France, ASN8218 (NEO-ASN legacy Neotelecoms, FR),
Reverse DNS
srv28.bdmultimedia.fr
Software
Apache /
Resource Hash
5e5016681eb904a9e970b0981afb085b896d23f4e17b9b9c7e5ffe4d3478d1df

Request headers

accept-language
fr-FR,fr;q=0.9
Referer
http://www.turf.dafun.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

Date
Thu, 15 Feb 2024 18:33:10 GMT
Content-Encoding
gzip
Server
Apache
Vary
Accept-Encoding,User-Agent
Content-Type
text/html; charset=UTF-8
Connection
Keep-Alive
Keep-Alive
timeout=2, max=100
Content-Length
129
Saint-Leger_Enckeok.jpg
www.turf.dafun.com/pronos/programmation/ Frame FACE 		34 KB
34 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
http://www.turf.dafun.com/pronos/programmation/Saint-Leger_Enckeok.jpg
Requested by
Host: www.turf.dafun.com
URL: http://www.turf.dafun.com/pronos/programmation/
Protocol
HTTP/1.1
Server
194.150.236.165 , France, ASN44976 (HIWIT_AS, FR),
Reverse DNS
ns5.hiwit.net
Software
Apache /
Resource Hash
ff710d2b695aab9daeee97dab3574905e5c70f14ca7b68227426392d651301ab

Request headers

accept-language
fr-FR,fr;q=0.9
Referer
http://www.turf.dafun.com/pronos/programmation/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

Date
Thu, 15 Feb 2024 18:34:12 GMT
Last-Modified
Thu, 22 Sep 2022 16:57:17 GMT
Server
Apache
ETag
"e76036-8824-5e946f42b1540"
Vary
Host
Content-Type
image/jpeg
Connection
Keep-Alive
Accept-Ranges
bytes
Keep-Alive
timeout=15, max=100
Content-Length
34852
logo.gif
www.lesleaders.com/img/ Frame FACE 		30 KB
30 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
http://www.lesleaders.com/img/logo.gif
Requested by
Host: www.turf.dafun.com
URL: http://www.turf.dafun.com/pronos/programmation/
Protocol
HTTP/1.1
Server
2a00:7ee0:1:0:3:20:0:26b , France, ASN210403 (LWS, FR),
Reverse DNS
Software
/
Resource Hash
8c9ff7c5b615fba96821177236b13d95ac0b7b2c67da14f8f3846be6d1b7eb6e

Request headers

accept-language
fr-FR,fr;q=0.9
Referer
http://www.turf.dafun.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

Date
Thu, 15 Feb 2024 18:34:13 GMT
Last-Modified
Thu, 29 Aug 2019 11:44:42 GMT
X-Cache-Key
http://www.lesleaders.com/img/logo.gifbytes=0-2097151
ETag
"7775-5914008050804"
X-Cache-Status
BYPASS
Content-Type
image/gif
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
30581
X-Request-Id
349d1fa04579569208096f871c116f55
banner.gif
img.root-top.com/topsite/turfgagnant/ Frame FACE
Redirect Chain
  • http://img.root-top.com/topsite/turfgagnant/banner.gif
  • https://img.root-top.com/topsite/turfgagnant/banner.gif
4 KB
5 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://img.root-top.com/topsite/turfgagnant/banner.gif
Requested by
Host: www.turf.dafun.com
URL: http://www.turf.dafun.com/pronos/programmation/
Protocol
H2
Server
2606:4700:3038::6815:ea1a , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
597b8d67ab1ae1248dc69b6ef66b49d95eedc1ab74ae74234d86e3668d72e58e

Request headers

accept-language
fr-FR,fr;q=0.9
Referer
http://www.turf.dafun.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

date
Thu, 15 Feb 2024 18:34:12 GMT
cf-cache-status
HIT
last-modified
Tue, 29 Nov 2022 12:52:50 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
age
123926
etag
"1229025579"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=PlktlHijui5R7DQZ14eW27UZiAxuiai7SJl6mM%2FjkDannlyiaj8%2Fh2xkSJmAYr75KT5pDtBydWMZ5isOgDXX22zDhaeXnHVZ0IwkN%2BScrqv5r47KIFsnw2smCId9TUxCYl49Oluj5eXEuM%2B6Rkai"}],"group":"cf-nel","max_age":604800}
content-type
image/png
cache-control
max-age=2678400
accept-ranges
bytes
cf-ray
855fa4c65c522a52-CDG
alt-svc
h3=":443"; ma=86400
content-length
4424

Redirect headers

Date
Thu, 15 Feb 2024 18:34:12 GMT
CF-Cache-Status
HIT
NEL
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Server
cloudflare
Age
1078
Vary
Accept-Encoding
Report-To
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=DWLL14NuH%2FTeSZ%2F%2FmZHFavcXEqaaxNkXrHzO41DvqCZVCGNWmsY3z03M0Czsv7%2BsOPeax9G4BxfU58IzFkj0w6R9%2F4vrPuLO6Fqy13TS94pY5d6LkKe7dDSXGd0s%2BQ4iElo80947qqQrVXIQAld0"}],"group":"cf-nel","max_age":604800}
Location
https://img.root-top.com/topsite/turfgagnant/banner.gif
Cache-Control
max-age=14400
Connection
keep-alive
CF-RAY
855fa4c5dd573cd7-CDG
alt-svc
h3=":443"; ma=86400
Content-Length
0
banner.gif
img.root-top.com/topsite/bienjouer/ Frame FACE
Redirect Chain
  • http://img.root-top.com/topsite/bienjouer/banner.gif
  • https://img.root-top.com/topsite/bienjouer/banner.gif
4 KB
5 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://img.root-top.com/topsite/bienjouer/banner.gif
Requested by
Host: www.turf.dafun.com
URL: http://www.turf.dafun.com/pronos/programmation/
Protocol
H2
Server
2606:4700:3038::6815:ea1a , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
597b8d67ab1ae1248dc69b6ef66b49d95eedc1ab74ae74234d86e3668d72e58e

Request headers

accept-language
fr-FR,fr;q=0.9
Referer
http://www.turf.dafun.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

date
Thu, 15 Feb 2024 18:34:12 GMT
cf-cache-status
HIT
last-modified
Tue, 29 Nov 2022 12:52:50 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
age
1455911
etag
"1229025579"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=FrVuHr0Ch8zWrP%2BWXwID3Src3oEcSHCakASPZNrTgmImt4Bh8qFhxtzjpgEmbgLpbI3nwzCFxdg%2BGm7ZDr%2FpphmZ5nn%2F0xw8KOWjkCZNprd6Jj6cz32ASSE7zvarfveeNy6ESVQF0t1vQDQHMbFL"}],"group":"cf-nel","max_age":604800}
content-type
image/png
cache-control
max-age=2678400
accept-ranges
bytes
cf-ray
855fa4c65c5b2a52-CDG
alt-svc
h3=":443"; ma=86400
content-length
4424

Redirect headers

Date
Thu, 15 Feb 2024 18:34:12 GMT
CF-Cache-Status
EXPIRED
NEL
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Server
cloudflare
Vary
Accept-Encoding
Report-To
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=%2Frr%2FtnfmlT3kk%2FfRFgRCBktjws4kXAK24psMKmr3RzFH03a88w7Bd6pHOaPzq4mGKmVdzCfCD15EGe4R2yM1Swh50%2BBIubRjJHE3mMfy7aThXPeHNOGujJqgnSCqtD2bHxNsFJtcBB%2F2mVb1uIcs"}],"group":"cf-nel","max_age":604800}
Location
https://img.root-top.com/topsite/bienjouer/banner.gif
Cache-Control
max-age=14400
Connection
keep-alive
CF-RAY
855fa4c5de2100d0-CDG
alt-svc
h3=":443"; ma=86400
Content-Length
0
hippodrome.jpg
www.turf.dafun.com/pronos/programmation/ Frame FACE 		189 KB
189 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
http://www.turf.dafun.com/pronos/programmation/hippodrome.jpg
Requested by
Host: www.turf.dafun.com
URL: http://www.turf.dafun.com/pronos/programmation/
Protocol
HTTP/1.1
Server
194.150.236.165 , France, ASN44976 (HIWIT_AS, FR),
Reverse DNS
ns5.hiwit.net
Software
Apache /
Resource Hash
c4db386006b5be2390168346843ca573b54a3677a2433cbbcc9d01ba4f6a407a

Request headers

accept-language
fr-FR,fr;q=0.9
Referer
http://www.turf.dafun.com/pronos/programmation/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

Date
Thu, 15 Feb 2024 18:34:12 GMT
Last-Modified
Thu, 22 Sep 2022 16:57:15 GMT
Server
Apache
ETag
"e77a8b-2f447-5e946f40c90c0"
Vary
Host
Content-Type
image/jpeg
Connection
Keep-Alive
Accept-Ranges
bytes
Keep-Alive
timeout=15, max=97
Content-Length
193607
h3.jpg
www.turf.dafun.com/pronos/programmation/ Frame FACE 		13 KB
14 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
http://www.turf.dafun.com/pronos/programmation/h3.jpg
Requested by
Host: www.turf.dafun.com
URL: http://www.turf.dafun.com/pronos/programmation/
Protocol
HTTP/1.1
Server
194.150.236.165 , France, ASN44976 (HIWIT_AS, FR),
Reverse DNS
ns5.hiwit.net
Software
Apache /
Resource Hash
f8f374f740b76f7af943ea639d9e920d9c0bcc367eadd4e2af68c06aa9a9cba7

Request headers

accept-language
fr-FR,fr;q=0.9
Referer
http://www.turf.dafun.com/pronos/programmation/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

Date
Thu, 15 Feb 2024 18:34:12 GMT
Last-Modified
Thu, 22 Sep 2022 16:57:14 GMT
Server
Apache
ETag
"e7602f-34de-5e946f3fd4e80"
Vary
Host
Content-Type
image/jpeg
Connection
Keep-Alive
Accept-Ranges
bytes
Keep-Alive
timeout=15, max=99
Content-Length
13534
h1.jpg
www.turf.dafun.com/pronos/programmation/ Frame FACE 		17 KB
18 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
http://www.turf.dafun.com/pronos/programmation/h1.jpg
Requested by
Host: www.turf.dafun.com
URL: http://www.turf.dafun.com/pronos/programmation/
Protocol
HTTP/1.1
Server
194.150.236.165 , France, ASN44976 (HIWIT_AS, FR),
Reverse DNS
ns5.hiwit.net
Software
Apache /
Resource Hash
58d04ac1628a6b128ace264013150a1f04abf4c0ea874e280b68ba00713a654c

Request headers

accept-language
fr-FR,fr;q=0.9
Referer
http://www.turf.dafun.com/pronos/programmation/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

Date
Thu, 15 Feb 2024 18:34:12 GMT
Last-Modified
Thu, 22 Sep 2022 16:57:14 GMT
Server
Apache
ETag
"e7602b-4529-5e946f3fd4e80"
Vary
Host
Content-Type
image/jpeg
Connection
Keep-Alive
Accept-Ranges
bytes
Keep-Alive
timeout=15, max=99
Content-Length
17705
date.png
www.turf.dafun.com/pronos/programmation/ Frame FACE 		35 KB
35 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
http://www.turf.dafun.com/pronos/programmation/date.png
Requested by
Host: www.turf.dafun.com
URL: http://www.turf.dafun.com/pronos/programmation/
Protocol
HTTP/1.1
Server
194.150.236.165 , France, ASN44976 (HIWIT_AS, FR),
Reverse DNS
ns5.hiwit.net
Software
Apache /
Resource Hash
5c68f279cffe49ae5cab0e12909796e8a38bfb4fdc480137157ea141db30aab9

Request headers

accept-language
fr-FR,fr;q=0.9
Referer
http://www.turf.dafun.com/pronos/programmation/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

Date
Thu, 15 Feb 2024 18:34:12 GMT
Last-Modified
Thu, 22 Sep 2022 16:57:13 GMT
Server
Apache
ETag
"e76029-8c72-5e946f3ee0c40"
Vary
Host
Content-Type
image/png
Connection
Keep-Alive
Accept-Ranges
bytes
Keep-Alive
timeout=15, max=100
Content-Length
35954
arpnum.png
www.turf.dafun.com/pronos/programmation/ Frame FACE 		30 KB
30 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
http://www.turf.dafun.com/pronos/programmation/arpnum.png
Requested by
Host: www.turf.dafun.com
URL: http://www.turf.dafun.com/pronos/programmation/
Protocol
HTTP/1.1
Server
194.150.236.165 , France, ASN44976 (HIWIT_AS, FR),
Reverse DNS
ns5.hiwit.net
Software
Apache /
Resource Hash
e0aaaa34575f0948930fa8592cc5a9cf27c3063d4f8c8234cc2c0c69459feac4

Request headers

accept-language
fr-FR,fr;q=0.9
Referer
http://www.turf.dafun.com/pronos/programmation/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

Date
Thu, 15 Feb 2024 18:34:12 GMT
Last-Modified
Thu, 22 Sep 2022 16:57:12 GMT
Server
Apache
ETag
"e76019-7836-5e946f3deca00"
Vary
Host
Content-Type
image/png
Connection
Keep-Alive
Accept-Ranges
bytes
Keep-Alive
timeout=15, max=100
Content-Length
30774
banner.gif
img.root-top.com/topsite/lc13/ Frame FACE
Redirect Chain
  • http://img.root-top.com/topsite/lc13/banner.gif
  • https://img.root-top.com/topsite/lc13/banner.gif
4 KB
5 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://img.root-top.com/topsite/lc13/banner.gif
Requested by
Host: www.turf.dafun.com
URL: http://www.turf.dafun.com/pronos/programmation/
Protocol
H2
Server
2606:4700:3038::6815:ea1a , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
597b8d67ab1ae1248dc69b6ef66b49d95eedc1ab74ae74234d86e3668d72e58e

Request headers

accept-language
fr-FR,fr;q=0.9
Referer
http://www.turf.dafun.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

date
Thu, 15 Feb 2024 18:34:12 GMT
cf-cache-status
HIT
last-modified
Tue, 29 Nov 2022 12:52:50 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
age
406744
etag
"1229025579"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=7jwKhDjruGdYf%2FyHlFtOMIYu2%2BI8VRaMJS76mQjoTZ50n%2FiesD%2BAsbbArxtspd5YZ40Uu7qEFtI6H%2BTcBAWzxCIhVsh4TzC6wnQGOuYqHmWrzl11FPiU9ah3krXkuYzlKBv%2Fao%2FRIarCGIJOPTcB"}],"group":"cf-nel","max_age":604800}
content-type
image/png
cache-control
max-age=2678400
accept-ranges
bytes
cf-ray
855fa4c65c582a52-CDG
alt-svc
h3=":443"; ma=86400
content-length
4424

Redirect headers

Date
Thu, 15 Feb 2024 18:34:12 GMT
CF-Cache-Status
EXPIRED
NEL
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Server
cloudflare
Vary
Accept-Encoding
Report-To
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=7JmEYvSQwv4593JBHfcSBtoFG1MFEa3mViVtg5snrTfJG0vR%2FYmxfCuOoZT9xsWZnNJLh152vhS%2Bj3Wexf5aPwCVbKJgIwmO3IyuPPX%2BfCu6JpIJSV6mh5d0ReTfy4C6fFZhP1xdBzmCk4Rm4wD5"}],"group":"cf-nel","max_age":604800}
Location
https://img.root-top.com/topsite/lc13/banner.gif
Cache-Control
max-age=14400
Connection
keep-alive
CF-RAY
855fa4c5deae7844-CDG
alt-svc
h3=":443"; ma=86400
Content-Length
0
banner.gif
img.root-top.com/topsite/miroirduturf/ Frame FACE
Redirect Chain
  • http://img.root-top.com/topsite/miroirduturf/banner.gif
  • https://img.root-top.com/topsite/miroirduturf/banner.gif
4 KB
5 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://img.root-top.com/topsite/miroirduturf/banner.gif
Requested by
Host: www.turf.dafun.com
URL: http://www.turf.dafun.com/pronos/programmation/
Protocol
H2
Server
2606:4700:3038::6815:ea1a , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
597b8d67ab1ae1248dc69b6ef66b49d95eedc1ab74ae74234d86e3668d72e58e

Request headers

accept-language
fr-FR,fr;q=0.9
Referer
http://www.turf.dafun.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

date
Thu, 15 Feb 2024 18:34:12 GMT
cf-cache-status
HIT
last-modified
Tue, 29 Nov 2022 12:52:50 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
age
387304
etag
"1229025579"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=pQshmy4LGaVtBANAi01bLhKb%2BCIKCQxa7sGru0KIpM4jNWaWo8I9vdX%2BHcXoDDiN5uFFyznnwv4t893bP4W3Ufq9YLR7qtVu5pvXL7WkTfc8NlIcfwWXhR%2B4TPbCC2p75RkAAqeAk3m%2F9XUSNV5k"}],"group":"cf-nel","max_age":604800}
content-type
image/png
cache-control
max-age=2678400
accept-ranges
bytes
cf-ray
855fa4c65c592a52-CDG
alt-svc
h3=":443"; ma=86400
content-length
4424

Redirect headers

Date
Thu, 15 Feb 2024 18:34:12 GMT
CF-Cache-Status
EXPIRED
NEL
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Server
cloudflare
Vary
Accept-Encoding
Report-To
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=IjuGyQZBpjGIEG%2B6WKJ%2F3sMnjKRMpPj3ZNJO4iVVWOKq7XGErRAkJC8Y2IxkbKJ14pi5J9fogIQCprVqLimPQ0s%2FIKyEh6m7kxfXoXFRPOWrVCk%2BYl%2B%2BK93ACcluZ1QXjO6FttziM19UTg22qyl9"}],"group":"cf-nel","max_age":604800}
Location
https://img.root-top.com/topsite/miroirduturf/banner.gif
Cache-Control
max-age=14400
Connection
keep-alive
CF-RAY
855fa4c5da226984-CDG
alt-svc
h3=":443"; ma=86400
Content-Length
0
logo.gif
www.turfinfos.ouba.com/ Frame FACE 		6 KB
6 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
http://www.turfinfos.ouba.com/logo.gif
Requested by
Host: www.turf.dafun.com
URL: http://www.turf.dafun.com/pronos/programmation/
Protocol
HTTP/1.1
Server
194.150.236.166 , France, ASN44976 (HIWIT_AS, FR),
Reverse DNS
ns6.hiwit.net
Software
Apache /
Resource Hash
b3d1ff1c03e608adcedb1eb0620301291d21d70834b11c8e6f1d710351debd38

Request headers

accept-language
fr-FR,fr;q=0.9
Referer
http://www.turf.dafun.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

Date
Thu, 15 Feb 2024 18:34:12 GMT
Last-Modified
Tue, 12 Sep 2017 08:21:11 GMT
Server
Apache
ETag
"134e672-169d-558f9b9ceebc0"
Vary
Host
Content-Type
image/gif
Connection
Keep-Alive
Accept-Ranges
bytes
Keep-Alive
timeout=15, max=100
Content-Length
5789
gtm.js
www.googletagmanager.com/ Frame FACE 		171 KB
62 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtm.js?id=GTM-NVK252XV
Requested by
Host: payment.allopass.com
URL: https://payment.allopass.com/buy/checkout.apu?ids=357177&idd=1558066&lang=fr
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:811::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
a05040b33f50c669682972cec0acb700bd02753313656a8ac06e586c29431bee
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

accept-language
fr-FR,fr;q=0.9
Referer
http://www.turf.dafun.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

date
Thu, 15 Feb 2024 18:34:12 GMT
content-encoding
br
strict-transport-security
max-age=31536000; includeSubDomains
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
63395
x-xss-protection
0
last-modified
Thu, 15 Feb 2024 18:00:00 GMT
server
Google Tag Manager
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
access-control-allow-headers
Cache-Control
expires
Thu, 15 Feb 2024 18:34:12 GMT
buy-button.css
payment.allopass.com/static/css/ Frame FACE 		2 KB
830 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://payment.allopass.com/static/css/buy-button.css?1
Requested by
Host: payment.allopass.com
URL: https://payment.allopass.com/buy/checkout.apu?ids=357177&idd=1558066&lang=fr
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
185.119.26.1 , France, ASN203544 (WEBDEVIIN-AS, FR),
Reverse DNS
1.26.119.185.in-addr.arpa
Software
Apache /
Resource Hash
95eb15e76b752a9c78d6281cd3b7c43a8fbc2931783edf3bf3703af55eff06e2

Request headers

accept-language
fr-FR,fr;q=0.9
Referer
http://www.turf.dafun.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

Date
Thu, 15 Feb 2024 18:34:12 GMT
Content-Encoding
gzip
Last-Modified
Mon, 21 Aug 2023 10:50:27 GMT
Server
Apache
ETag
"24c36-69a-6036ca56d02c0"
Vary
Accept-Encoding
Content-Type
text/css
Connection
close
Accept-Ranges
bytes
Content-Length
546
162x56.png
payment.allopass.com/static/buy/button/fr/ Frame FACE 		6 KB
6 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://payment.allopass.com/static/buy/button/fr/162x56.png
Requested by
Host: www.turf.dafun.com
URL: http://www.turf.dafun.com/pronos/programmation/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
185.119.26.1 , France, ASN203544 (WEBDEVIIN-AS, FR),
Reverse DNS
1.26.119.185.in-addr.arpa
Software
Apache /
Resource Hash
7dd9659e56e92abc376e04d427903b2cfca1d52d854d38e35fefa4cf9e7fd9db

Request headers

accept-language
fr-FR,fr;q=0.9
Referer
http://www.turf.dafun.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

Date
Thu, 15 Feb 2024 18:34:12 GMT
Last-Modified
Mon, 21 Aug 2023 10:50:27 GMT
Server
Apache
ETag
"218f2-1688-6036ca56d02c0"
Content-Type
image/png
Connection
close
Accept-Ranges
bytes
Content-Length
5768
bt_ok.gif
payment.allopass.com/imgweb/common/ Frame FACE 		753 B
991 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://payment.allopass.com/imgweb/common/bt_ok.gif
Requested by
Host: www.turf.dafun.com
URL: http://www.turf.dafun.com/pronos/programmation/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
185.119.26.1 , France, ASN203544 (WEBDEVIIN-AS, FR),
Reverse DNS
1.26.119.185.in-addr.arpa
Software
Apache /
Resource Hash
d1d6b5efe0d6c2540778435a8f7873cbec1eb76a2b107370388a8806cb5dda6a

Request headers

accept-language
fr-FR,fr;q=0.9
Referer
http://www.turf.dafun.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

Date
Thu, 15 Feb 2024 18:34:12 GMT
Last-Modified
Tue, 26 Nov 2019 14:39:46 GMT
Server
Apache
ETag
"235c8-2f1-59840d9fb3080"
Content-Type
image/gif
Connection
close
Accept-Ranges
bytes
Content-Length
753
alternate-barre.htm
www.venez.fr/ Frame 09A1 		2 KB
1 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://www.venez.fr/alternate-barre.htm
Requested by
Host: www.programmation.fr.mu
URL: http://www.programmation.fr.mu/barre-programmation.fr.mu.html
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
5.135.149.81 Le Chesnay, France, ASN16276 (OVH, FR),
Reverse DNS
web3.venez.net
Software
Apache /
Resource Hash
1ed947cdf99e787184f5d2725c664ff7b46623860f42f9afea0a7432b84e3181

Request headers

Referer
http://www.programmation.fr.mu/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36
accept-language
fr-FR,fr;q=0.9

Response headers

Connection
Keep-Alive
Content-Encoding
gzip
Content-Length
873
Content-Type
text/html; charset=iso-8859-1
Date
Thu, 15 Feb 2024 18:34:12 GMT
Keep-Alive
timeout=5, max=99
Server
Apache
Vary
Accept-Encoding
barre90.gif
www.venez.fr/images/ Frame A04A 		110 B
416 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.venez.fr/images/barre90.gif
Requested by
Host: www.programmation.fr.mu
URL: http://www.programmation.fr.mu/barre-programmation.fr.mu.html
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
5.135.149.81 Le Chesnay, France, ASN16276 (OVH, FR),
Reverse DNS
web3.venez.net
Software
Apache /
Resource Hash
49d4ba84e10d9d1f2a83956dde4f20625fd11efc01f60a3a4552a9e09a05a74f

Request headers

accept-language
fr-FR,fr;q=0.9
Referer
http://www.programmation.fr.mu/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

Date
Thu, 15 Feb 2024 18:34:12 GMT
Last-Modified
Thu, 15 Nov 2018 22:06:23 GMT
Server
Apache
ETag
"6e-57abb42dff5c0"
Content-Type
image/gif
Cache-Control
max-age=604800, public
Connection
Keep-Alive
Accept-Ranges
bytes
Keep-Alive
timeout=5, max=99
Content-Length
110
destination
www.googletagmanager.com/gtag/ Frame FACE 		296 KB
97 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtag/destination?id=G-QG320G96PZ&l=dataLayer&cx=c
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-NVK252XV
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:811::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
81a1269314a8eaad3aa715b20acd0d28db497a63fd02ddb9d7fb329abbf5e4ab
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

accept-language
fr-FR,fr;q=0.9
Referer
http://www.turf.dafun.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

date
Thu, 15 Feb 2024 18:34:13 GMT
content-encoding
br
strict-transport-security
max-age=31536000; includeSubDomains
server
Google Tag Manager
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
access-control-allow-headers
Cache-Control
content-length
98977
x-xss-protection
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires
Thu, 15 Feb 2024 18:34:13 GMT
120x60.gif
www.venez.fr/images/ Frame 09A1 		4 KB
4 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.venez.fr/images/120x60.gif
Requested by
Host: www.venez.fr
URL: https://www.venez.fr/alternate-barre.htm
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
5.135.149.81 Le Chesnay, France, ASN16276 (OVH, FR),
Reverse DNS
web3.venez.net
Software
Apache /
Resource Hash
7dc792d48132ff15a9ad8c11a139bf26f8e13aa3df30a71582ae406ddffdab4f

Request headers

accept-language
fr-FR,fr;q=0.9
Referer
https://www.venez.fr/alternate-barre.htm
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

Date
Thu, 15 Feb 2024 18:34:12 GMT
Last-Modified
Wed, 02 Mar 2011 00:16:24 GMT
Server
Apache
ETag
"f4c-49d74d2b9c600"
Content-Type
image/gif
Cache-Control
max-age=604800, public
Connection
Keep-Alive
Accept-Ranges
bytes
Keep-Alive
timeout=5, max=98
Content-Length
3916
site.js
www.venez.fr/js/ Frame 09A1 		2 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.venez.fr/js/site.js?www.venez.fr
Requested by
Host: www.venez.fr
URL: https://www.venez.fr/alternate-barre.htm
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
5.135.149.81 Le Chesnay, France, ASN16276 (OVH, FR),
Reverse DNS
web3.venez.net
Software
Apache /
Resource Hash
0c91a24c2deb753c963c48cd9c3e5d16ee96128b30bce193c4324e121728c306

Request headers

accept-language
fr-FR,fr;q=0.9
Referer
https://www.venez.fr/alternate-barre.htm
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

Date
Thu, 15 Feb 2024 18:34:12 GMT
Content-Encoding
gzip
Last-Modified
Thu, 15 Feb 2024 18:34:12 GMT
Server
Apache
Vary
Accept-Encoding
Content-Type
application/javascript
Cache-Control
public, max-age=604800
Connection
Keep-Alive
Keep-Alive
timeout=5, max=98
Content-Length
1023
Expires
Thu, 22 Feb 2024 18:34:12 GMT
barre90.gif
www.venez.fr/images/ Frame 09A1 		110 B
416 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.venez.fr/images/barre90.gif
Requested by
Host: www.venez.fr
URL: https://www.venez.fr/alternate-barre.htm
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
5.135.149.81 Le Chesnay, France, ASN16276 (OVH, FR),
Reverse DNS
web3.venez.net
Software
Apache /
Resource Hash
49d4ba84e10d9d1f2a83956dde4f20625fd11efc01f60a3a4552a9e09a05a74f

Request headers

accept-language
fr-FR,fr;q=0.9
Referer
https://www.venez.fr/alternate-barre.htm
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

Date
Thu, 15 Feb 2024 18:34:12 GMT
Last-Modified
Thu, 15 Nov 2018 22:06:23 GMT
Server
Apache
ETag
"6e-57abb42dff5c0"
Content-Type
image/gif
Cache-Control
max-age=604800, public
Connection
Keep-Alive
Accept-Ranges
bytes
Keep-Alive
timeout=5, max=97
Content-Length
110
show_ads_impl_with_ama_fy2021.js
pagead2.googlesyndication.com/pagead/managed/js/adsense/m202402070101/ Frame A04A 		406 KB
138 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202402070101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-5203714787387788&plah=www.programmation.fr.mu&aplac=true&bust=31081078
Requested by
Host: pagead2.googlesyndication.com
URL: http://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
5b3bb2915a298b6981429b4063d9de6fb84a6a5eb87604ae1cafb013de33ab9b
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
fr-FR,fr;q=0.9
Referer
http://www.programmation.fr.mu/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

date
Thu, 15 Feb 2024 18:34:13 GMT
content-encoding
br
x-content-type-options
nosniff
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
141210
x-xss-protection
0
server
cafe
etag
13181561519644579920
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
cache-control
private, max-age=3600, stale-while-revalidate=3600
timing-allow-origin
*
expires
Thu, 15 Feb 2024 18:34:13 GMT
zrt_lookup_fy2021.html
googleads.g.doubleclick.net/pagead/html/r20240213/r20190131/ Frame BF27 		9 KB
5 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/html/r20240213/r20190131/zrt_lookup_fy2021.html
Requested by
Host: pagead2.googlesyndication.com
URL: http://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:806::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
9ba2c2b2479cc7044e4af1a0123ec24531e8ad57aa91d4d5655405a148271589
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
http://www.programmation.fr.mu/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36
accept-language
fr-FR,fr;q=0.9

Response headers

age
67287
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, max-age=1209600
content-encoding
br
content-length
4209
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Wed, 14 Feb 2024 23:52:46 GMT
etag
3890843268177463596
expires
Wed, 28 Feb 2024 23:52:46 GMT
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server
cafe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
ads
googleads.g.doubleclick.net/pagead/ Frame 578D 		829 B
578 B 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5203714787387788&output=html&h=90&slotname=4563536207&adk=2647235303&adf=3604715433&pi=t.ma~as.4563536207&w=970&format=970x90&url=http%3A%2F%2Fwww.programmation.fr.mu%2F&wgl=1&dt=1708022053228&bpp=1&bdt=523&idt=260&shv=r20240213&mjsv=m202402070101&ptt=9&saldr=aa&correlator=7407254345333&frm=23&ife=1&pv=2&ga_vid=666907103.1708022053&ga_sid=1708022053&ga_hid=335035301&ga_fc=0&nhd=1&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&adx=20&ady=0&biw=1600&bih=1200&isw=1600&ish=90&ifk=505962444&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44808397%2C31081106%2C31081188%2C44785294%2C44795921%2C95324580%2C95325066%2C31081078%2C95322183%2C95324154%2C95324161&oid=2&pvsid=995981712755035&tmod=1488881790&uas=0&nvt=1&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C90&vis=1&rsz=o%7Co%7CaeE%7C&abl=NA&pfx=0&fu=4&bc=23&bz=1&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=1&uci=1.usdn0k16275t&fsb=1&dtd=268
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202402070101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-5203714787387788&plah=www.programmation.fr.mu&aplac=true&bust=31081078
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:806::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e28a2a4a1dcc1e526b9b57f57a137d4270e2d905c39d89ea0a260b8419bf32bd
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
http://www.programmation.fr.mu/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36
accept-language
fr-FR,fr;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-encoding
br
content-length
405
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Thu, 15 Feb 2024 18:34:13 GMT
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server
cafe
timing-allow-origin
*
x-content-type-options
nosniff
x-xss-protection
0
sodar
pagead2.googlesyndication.com/getconfig/ Frame A04A 		16 KB
12 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gda&tv=r20240213&st=env
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202402070101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-5203714787387788&plah=www.programmation.fr.mu&aplac=true&bust=31081078
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
dbcf8d8e34c91eea4b10d5118dc15d7d626ab089bc17ce77f452b6528aac894c
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
fr-FR,fr;q=0.9
Referer
http://www.programmation.fr.mu/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

date
Thu, 15 Feb 2024 18:34:13 GMT
content-encoding
br
x-content-type-options
nosniff
server
cafe
content-type
application/json; charset=UTF-8
access-control-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
12296
x-xss-protection
0
sodar2.js
tpc.googlesyndication.com/sodar/ Frame A04A 		17 KB
7 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/sodar2.js
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202402070101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-5203714787387788&plah=www.programmation.fr.mu&aplac=true&bust=31081078
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:810::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
fr-FR,fr;q=0.9
Referer
http://www.programmation.fr.mu/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

date
Thu, 15 Feb 2024 18:34:13 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
6386
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
etag
"1637097310169751"
vary
Accept-Encoding
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
expires
Thu, 15 Feb 2024 18:34:13 GMT
runner.html
tpc.googlesyndication.com/sodar/sodar2/225/ Frame 3C92 		13 KB
5 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:810::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
http://www.programmation.fr.mu/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36
accept-language
fr-FR,fr;q=0.9

Response headers

accept-ranges
bytes
age
35620
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, max-age=31536000
content-encoding
gzip
content-length
5046
content-type
text/html
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy
cross-origin
date
Thu, 15 Feb 2024 08:40:34 GMT
expires
Fri, 14 Feb 2025 08:40:34 GMT
last-modified
Mon, 21 Jun 2021 20:47:05 GMT
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server
sffe
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
aframe
www.google.com/recaptcha/api2/ Frame 1167 		829 B
1 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://www.google.com/recaptcha/api2/aframe
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:830::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
GSE /
Resource Hash
eacde2363c0ae9e7a5de43670bef6ea82cbd4c6d3983dffdd25539961ee8e288
Security Headers
Name Value
Content-Security-Policy script-src 'report-sample' 'nonce-MFRPwday-mqBDI9aHdijuw' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
http://www.programmation.fr.mu/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36
accept-language
fr-FR,fr;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
private, max-age=300
content-encoding
gzip
content-security-policy
script-src 'report-sample' 'nonce-MFRPwday-mqBDI9aHdijuw' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-type
text/html; charset=utf-8
cross-origin-embedder-policy
require-corp
cross-origin-resource-policy
cross-origin
date
Thu, 15 Feb 2024 18:34:14 GMT
expires
Thu, 15 Feb 2024 18:34:14 GMT
report-to
{"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
server
GSE
x-content-type-options
nosniff
x-xss-protection
1; mode=block
Ke811GU8D9oP10uMu54EDqWuI5DGCOjC6vNIGcZJ2dY.js
pagead2.googlesyndication.com/bg/ Frame 3C92 		39 KB
15 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/bg/Ke811GU8D9oP10uMu54EDqWuI5DGCOjC6vNIGcZJ2dY.js
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
29ef35d4653c0fda0fd74b8cbb9e040ea5ae2390c608e8c2eaf34819c649d9d6
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
fr-FR,fr;q=0.9
Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

date
Thu, 15 Feb 2024 16:53:29 GMT
content-encoding
br
x-content-type-options
nosniff
age
6045
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
15261
x-xss-protection
0
last-modified
Mon, 12 Feb 2024 13:28:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="botguard-scs"
vary
Accept-Encoding
report-to
{"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Fri, 14 Feb 2025 16:53:29 GMT
sodar
pagead2.googlesyndication.com/pagead/ Frame 1167 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&li=gda_r20240213&jk=995981712755035&rc=
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
fr-FR,fr;q=0.9
Referer
https://www.google.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers
generate_204
tpc.googlesyndication.com/ Frame 3C92 		0
10 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/generate_204?ZqfejQ
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:810::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
fr-FR,fr;q=0.9
Referer
https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

date
Thu, 15 Feb 2024 18:34:14 GMT
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
sodar
pagead2.googlesyndication.com/pagead/ Frame A04A 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&t=2&li=gda_r20240213&jk=995981712755035&bg=!XF-lXxDNAAZN4L4YbeA7ADQBe5WfOPk5Zg5C6X_obo0t9aA5-2lhGFTOYdRIDoekwPuDZ7-3wllIdDn0tvLPXpcrNbhfAgAAADlSAAAAAWgBBwoAlqMcStfUl3ah1pt-JGDOoJqpJ4QIku1v49FDC_Y-hzWXOhEVgg5yZVrf6UnNGy-hKS6QkguIuMLpC1bdTgFI9GOccKgHiYV9LhB2CD7osfhpvgMNxddXqrlkkrpbb18JT6TUyv0InZRJh2TaShQS0hD1LdYzepdon4xUi_i9_QgUTflcvTbslVkw3WOt5e4ZtnRSiKmY0pkC-U97XQ81QmK-702-_KkXoyW2kAswfREKFSIeaC-qDL21m2ozBI8t1AEBtkjMZVQa8RplVpjPqlOsip8W1wZpTfbwy8OQDSOWrYvI80zF2CoVXsHoR44N6IcRy59rcJjB-XD-dQi3DtWdrad6Pibx9zYs5-I8iI0AYuYjF5_86f8aDNWqPRXn45l3bnrcH6BqvaEBKua36y2PJoN9Hk_nwEX57HdllW5L3VLr0v2aMG481RCZ10RA0fpKec6FYKnVri_HtoJhEyuo6iGAzhCvLtkzFhV550P9RLjzc3fpVRyDXctMKnCu7CT0wz1qpZBkcp_MTcIzZ8Sq-mc0LeqNsZLYHpX3K-WHyIUmXEIZhavLDjWGdZ6O9VXiL8qWEa557mehBtzBn8OcrQ5YmDEXYxSQT0_S9kfvPrzqjVRvLvKBKxO4RLIZRs_WRsdhreMuha9U0nNqneZpJSMq_D3R6IAZw1w-wmuLLUIHCAVFylFIG8ckGxzMdE4f4Hpwjpkav_KhPoeb7nmuZb8SnD8KjYwQAaAL7uMI0J4E2jzQ96aZVkHa0JxzmDuNTEsYLl7tbJVQ5z0X6wPn-jkCXua-30-gLlMYEQlNGHRx8bxyhGml1QVBjVfIZGYBPA9LTvYrKbkgpZDe3Vsn1Qs9fVkWz0NudmeDvvSZ6VHq-uUOnqegKaeSvs4fTuhJBSWKnj4wJ4JvG1QAL-v-7yau_x4T8Lt6wsrFY0ZIOaa8rzB021DqL4BK3FygTNmUQPV9va1br8bd08liJv93sNMcPEgdW0iA8U8PLtiDgwSIn2s33XrLM9oH-KTBxfEn0m_jNoTTKv41rPFORgrUXoKwhQfLxZCWadKfWRvoO8RXJKRsIG2bXIQCS3D_r3NLZRDtusnk_Kk2ph0ei1M6DrH2T6GDuOtzsa_jUhlp43c26Jq7tMoD_u2FfeX_17WOwcdHSC6S7DnZfWA5Q-wkau-hcILI_KOLIP3n9u75jTs4j2E8pyx00NMLfujvDZgK
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
fr-FR,fr;q=0.9
Referer
http://www.programmation.fr.mu/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

Verdicts & Comments Add Verdict or Comment

7 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| 0 object| 1 object| 2 object| google_reactive_ads_global_state object| google_ad_modifications number| google_global_correlator object| google_prev_clients

6 Cookies

Domain/Path Name / Value
payment.allopass.com/ Name: ShopSessionId
Value: 8daff20e-1a8b-4206-9ae9-2791e1af3c0b
.allopass.com/ Name: AP_CUSK
Value: 3643553024
.doubleclick.net/ Name: test_cookie
Value: CheckForPermission
.fr.mu/ Name: __gads
Value: ID=a36f764ccc2773af:T=1708022053:RT=1708022053:S=ALNI_MZQtkDjgC-IbwV_RWY1nOR4GZO5mA
.fr.mu/ Name: __gpi
Value: UID=00000d5916b1be12:T=1708022053:RT=1708022053:S=ALNI_MasInpyeOwWBeswTKaz98kHxC4FFQ
.fr.mu/ Name: __eoi
Value: ID=131e484225ce3c15:T=1708022053:RT=1708022053:S=AA-AfjYb6v3EeTrQonLE9vUMPEtB

10 Console Messages

Source Level URL
Text
other warning URL: http://www.programmation.fr.mu/
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: http://www.programmation.fr.mu/
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: http://www.programmation.fr.mu/
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: http://www.programmation.fr.mu/
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: http://www.programmation.fr.mu/
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: http://www.programmation.fr.mu/
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: http://www.programmation.fr.mu/
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: http://www.programmation.fr.mu/
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: http://www.programmation.fr.mu/
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
network error URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5203714787387788&output=html&h=90&slotname=4563536207&adk=2647235303&adf=3604715433&pi=t.ma~as.4563536207&w=970&format=970x90&url=http%3A%2F%2Fwww.programmation.fr.mu%2F&wgl=1&dt=1708022053228&bpp=1&bdt=523&idt=260&shv=r20240213&mjsv=m202402070101&ptt=9&saldr=aa&correlator=7407254345333&frm=23&ife=1&pv=2&ga_vid=666907103.1708022053&ga_sid=1708022053&ga_hid=335035301&ga_fc=0&nhd=1&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&adx=20&ady=0&biw=1600&bih=1200&isw=1600&ish=90&ifk=505962444&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44808397%2C31081106%2C31081188%2C44785294%2C44795921%2C95324580%2C95325066%2C31081078%2C95322183%2C95324154%2C95324161&oid=2&pvsid=995981712755035&tmod=1488881790&uas=0&nvt=1&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C90&vis=1&rsz=o%7Co%7CaeE%7C&abl=NA&pfx=0&fu=4&bc=23&bz=1&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=1&uci=1.usdn0k16275t&fsb=1&dtd=268
Message:
Failed to load resource: the server responded with a status of 403 ()

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

googleads.g.doubleclick.net
img.root-top.com
pagead2.googlesyndication.com
payment.allopass.com
script.starpass.fr
tpc.googlesyndication.com
www.google.com
www.googletagmanager.com
www.lesleaders.com
www.programmation.fr.mu
www.turf.dafun.com
www.turfinfos.ouba.com
www.venez.fr
185.119.26.1
194.0.255.28
194.150.236.165
194.150.236.166
2606:4700:3038::6815:ea1a
2606:4700:3038::6815:ea1b
2a00:1450:4001:806::2002
2a00:1450:4001:810::2001
2a00:1450:4001:811::2008
2a00:1450:4001:82f::2002
2a00:1450:4001:830::2004
2a00:7ee0:1:0:3:20:0:26b
5.135.149.81
0c91a24c2deb753c963c48cd9c3e5d16ee96128b30bce193c4324e121728c306
1ed947cdf99e787184f5d2725c664ff7b46623860f42f9afea0a7432b84e3181
29ef35d4653c0fda0fd74b8cbb9e040ea5ae2390c608e8c2eaf34819c649d9d6
3289fc83b622ca0a13683fa81b006a05de135d1938744d6e30e5c9be2f2d782a
3c05b233a4a3ea3326a35076eed2fe49e26a2e26c3487c2df454658faebfc94a
3e464a572c1687023cd22ff8c67d6c9f868e10aa7347018595bd0102deb81028
49d4ba84e10d9d1f2a83956dde4f20625fd11efc01f60a3a4552a9e09a05a74f
55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a
55ee0aa7bc5fa6bc8d19928833401dc6d1f41ad957b7db39041799a02a371aec
58d04ac1628a6b128ace264013150a1f04abf4c0ea874e280b68ba00713a654c
597b8d67ab1ae1248dc69b6ef66b49d95eedc1ab74ae74234d86e3668d72e58e
5b376279810fe763fdea3127458adda3830e717053879c9904d1d2186b4eed08
5b3bb2915a298b6981429b4063d9de6fb84a6a5eb87604ae1cafb013de33ab9b
5c68f279cffe49ae5cab0e12909796e8a38bfb4fdc480137157ea141db30aab9
5e5016681eb904a9e970b0981afb085b896d23f4e17b9b9c7e5ffe4d3478d1df
61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb
7dc792d48132ff15a9ad8c11a139bf26f8e13aa3df30a71582ae406ddffdab4f
7dd9659e56e92abc376e04d427903b2cfca1d52d854d38e35fefa4cf9e7fd9db
81a1269314a8eaad3aa715b20acd0d28db497a63fd02ddb9d7fb329abbf5e4ab
8310719dbac59791edc8b8c6ac9470325d7c5b1e92431978a91d7c61569017bb
8c9ff7c5b615fba96821177236b13d95ac0b7b2c67da14f8f3846be6d1b7eb6e
95eb15e76b752a9c78d6281cd3b7c43a8fbc2931783edf3bf3703af55eff06e2
9ba2c2b2479cc7044e4af1a0123ec24531e8ad57aa91d4d5655405a148271589
a05040b33f50c669682972cec0acb700bd02753313656a8ac06e586c29431bee
b3d1ff1c03e608adcedb1eb0620301291d21d70834b11c8e6f1d710351debd38
c0b3f643db0a24dcc9ab6adb32d9b5f1b18d580e48cecb767b2fa14bf7360dc8
c4db386006b5be2390168346843ca573b54a3677a2433cbbcc9d01ba4f6a407a
d1d6b5efe0d6c2540778435a8f7873cbec1eb76a2b107370388a8806cb5dda6a
dbcf8d8e34c91eea4b10d5118dc15d7d626ab089bc17ce77f452b6528aac894c
dfec14afd1426fd0d9e224ee878dcfb424f0bc3933e270296096049efa63bb4e
e0aaaa34575f0948930fa8592cc5a9cf27c3063d4f8c8234cc2c0c69459feac4
e28a2a4a1dcc1e526b9b57f57a137d4270e2d905c39d89ea0a260b8419bf32bd
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
eacde2363c0ae9e7a5de43670bef6ea82cbd4c6d3983dffdd25539961ee8e288
f2384ebce8f127741faa22d0ad678830654adf0c666d8e3757524baca7ebece1
f8f374f740b76f7af943ea639d9e920d9c0bcc367eadd4e2af68c06aa9a9cba7
ff710d2b695aab9daeee97dab3574905e5c70f14ca7b68227426392d651301ab