urlscan.io logo urlscan.io
SecurityTrails logo

www.abonnesturf.1s.fr Open in urlscan Pro
5.135.149.81  Public Scan

Go To Rescan Add Verdict Report
URL: http://www.abonnesturf.1s.fr/
Submission: On December 07 via manual from MA — Scanned from FR
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 12 IPs in 3 countries across 12 domains to perform 58 HTTP transactions. The main IP is 5.135.149.81, located in Le Chesnay, France and belongs to OVH, FR. The main domain is www.abonnesturf.1s.fr.
This is the only time www.abonnesturf.1s.fr was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
10 5.135.149.81 16276 (OVH)
8 194.150.236.165 44976 (HIWIT_AS)
6 2a00:1450:400... 15169 (GOOGLE)
4 4 2606:4700:303... 13335 (CLOUDFLAR...)
4 2606:4700:303... 13335 (CLOUDFLAR...)
1 194.150.236.166 44976 (HIWIT_AS)
1 194.0.255.28 8218 (NEO-ASN l...)
4 185.119.26.1 203544 (WEBDEVIIN-AS)
1 1 13.32.27.6 16509 (AMAZON-02)
16 13.32.27.2 16509 (AMAZON-02)
2 2a00:1450:400... 15169 (GOOGLE)
2 2a00:1450:400... 15169 (GOOGLE)
3 2a00:1450:400... 15169 (GOOGLE)
1 2a00:1450:400... 15169 (GOOGLE)
58 12
10    5.135.149.81 (Le Chesnay, France)

ASN16276 (OVH, FR)
PTR: web3.venez.net
www.abonnesturf.1s.fr
www.venez.fr
8    194.150.236.165 (France)

ASN44976 (HIWIT_AS, FR)
PTR: ns5.hiwit.net
www.turf.dafun.com
6    2a00:1450:4001:809::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
pagead2.googlesyndication.com
4    2606:4700:3038::6815:ea1a (United States)

ASN13335 (CLOUDFLARENET, US)
img.root-top.com
4    2606:4700:3038::6815:ea1b (United States)

ASN13335 (CLOUDFLARENET, US)
img.root-top.com
1    194.150.236.166 (France)

ASN44976 (HIWIT_AS, FR)
PTR: ns6.hiwit.net
www.turfinfos.ouba.com
1    194.0.255.28 (France)

ASN8218 (NEO-ASN legacy Neotelecoms, FR)
PTR: srv28.bdmultimedia.fr
script.starpass.fr
4    185.119.26.1 (France)

ASN203544 (WEBDEVIIN-AS, FR)
PTR: 1.26.119.185.in-addr.arpa
payment.allopass.com
1    13.32.27.6 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-32-27-6.fra56.r.cloudfront.net
www.zone-turf.fr
16    13.32.27.2 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-32-27-2.fra56.r.cloudfront.net
www.zone-turf.fr
2    2a00:1450:4001:800::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
googleads.g.doubleclick.net
2    2a00:1450:4001:80f::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.googletagmanager.com
3    2a00:1450:4001:802::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
tpc.googlesyndication.com
1    2a00:1450:4001:82b::2004 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.google.com
Apex Domain
Subdomains		 Transfer
17 zone-turf.fr
www.zone-turf.fr
47 KB
9 googlesyndication.com
pagead2.googlesyndication.com — Cisco Umbrella Rank: 102
tpc.googlesyndication.com — Cisco Umbrella Rank: 148
228 KB
8 root-top.com
img.root-top.com
21 KB
8 dafun.com
www.turf.dafun.com
1 MB
7 venez.fr
www.venez.fr
9 KB
4 allopass.com
payment.allopass.com
11 KB
3 1s.fr
www.abonnesturf.1s.fr
3 KB
2 googletagmanager.com
www.googletagmanager.com — Cisco Umbrella Rank: 36
155 KB
2 doubleclick.net
googleads.g.doubleclick.net — Cisco Umbrella Rank: 33
5 KB
1 google.com
www.google.com — Cisco Umbrella Rank: 2
1 KB
1 starpass.fr
script.starpass.fr
289 B
1 ouba.com
www.turfinfos.ouba.com
6 KB
58 12
Domain Requested by
17 www.zone-turf.fr 1 redirects www.turf.dafun.com
8 img.root-top.com 4 redirects www.turf.dafun.com
8 www.turf.dafun.com www.abonnesturf.1s.fr
www.turf.dafun.com
7 www.venez.fr www.abonnesturf.1s.fr
www.venez.fr
6 pagead2.googlesyndication.com www.abonnesturf.1s.fr
pagead2.googlesyndication.com
tpc.googlesyndication.com
4 payment.allopass.com www.turf.dafun.com
payment.allopass.com
3 tpc.googlesyndication.com pagead2.googlesyndication.com
tpc.googlesyndication.com
3 www.abonnesturf.1s.fr www.abonnesturf.1s.fr
2 www.googletagmanager.com payment.allopass.com
www.googletagmanager.com
2 googleads.g.doubleclick.net pagead2.googlesyndication.com
1 www.google.com tpc.googlesyndication.com
1 script.starpass.fr www.turf.dafun.com
1 www.turfinfos.ouba.com www.turf.dafun.com
58 13

This site contains no links.

Subject Issuer Validity Valid
venez.fr
R3		 2023-12-04 -
2024-03-03		 3 months crt.sh
script.starpass.fr
ZeroSSL RSA Domain Secure Site CA		 2023-11-12 -
2024-02-10		 3 months crt.sh
*.allopass.com
Sectigo RSA Domain Validation Secure Server CA		 2023-10-06 -
2024-10-07		 a year crt.sh
*.g.doubleclick.net
GTS CA 1C3		 2023-11-20 -
2024-02-12		 3 months crt.sh
*.google-analytics.com
GTS CA 1C3		 2023-11-20 -
2024-02-12		 3 months crt.sh
www.zone-turf.fr
Amazon RSA 2048 M03		 2023-09-26 -
2024-10-24		 a year crt.sh
tpc.googlesyndication.com
GTS CA 1C3		 2023-11-20 -
2024-02-12		 3 months crt.sh
www.google.com
GTS CA 1C3		 2023-11-20 -
2024-02-12		 3 months crt.sh

This page contains 9 frames:

Primary Page: http://www.abonnesturf.1s.fr/
Frame ID: 625868EE735DEAB71FF24BA93B422A19
Requests: 1 HTTP requests in this frame

Frame: http://www.abonnesturf.1s.fr/barre-abonnesturf.1s.fr.html
Frame ID: 20EBF515C52A11A18F0F6A01A4B2BBAE
Requests: 9 HTTP requests in this frame

Frame: http://www.turf.dafun.com/pronos/abonnesturf/
Frame ID: 94B7D0E1E89E39B10C8C77AAEF863F7D
Requests: 36 HTTP requests in this frame

Frame: http://www.abonnesturf.1s.fr/stats-abonnesturf.1s.fr.html
Frame ID: 62C72F39236492D32D377468DBD83009
Requests: 1 HTTP requests in this frame

Frame: https://www.venez.fr/alternate-barre.htm
Frame ID: 22586EB76838E3B45C5F7A2E9792DFED
Requests: 4 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/html/r20231206/r20190131/zrt_lookup_fy2021.html
Frame ID: EEABD334DC5E4415749A4EF7C8DFB604
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5203714787387788&output=html&h=90&slotname=4563536207&adk=2647235303&adf=3604715433&pi=t.ma~as.4563536207&w=970&format=970x90&url=http%3A%2F%2Fwww.abonnesturf.1s.fr%2F&ea=0&wgl=1&dt=1701989865869&bpp=2&bdt=347&idt=238&shv=r20231206&mjsv=m202312040101&ptt=9&saldr=aa&correlator=1529931928045&frm=23&ife=1&pv=2&ga_vid=145893078.1701989866&ga_sid=1701989866&ga_hid=873902660&ga_fc=0&nhd=1&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&adx=20&ady=0&biw=1600&bih=1200&isw=1600&ish=90&ifk=2071789444&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44795921%2C44806139%2C44807763%2C44808148%2C44808285%2C95320229&oid=2&pvsid=235966564669847&tmod=355002932&uas=0&nvt=1&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C90&vis=1&rsz=o%7Co%7CaeE%7C&abl=NA&pfx=0&fu=4&bc=23&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=1&uci=1.6045a4b04ya9&fsb=1&dtd=250
Frame ID: C31C0DA7702EB6A21C1B659EB16BC607
Requests: 1 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Frame ID: E6CAC6BAB67054BB66F13B8E247C2372
Requests: 3 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/aframe
Frame ID: AFBD077C76BBFC5F5EBB76B796AE95C3
Requests: 2 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page Title

ABONNESTURF

Detected technologies

Overall confidence: 100%
Detected patterns
  • googlesyndication\.com/
Overall confidence: 100%
Detected patterns
  • googletagmanager\.com/gtm\.js

Page Statistics

58
Requests

69 %
HTTPS

50 %
IPv6

12
Domains

13
Subdomains

12
IPs

3
Countries

1533 kB
Transfer

2254 kB
Size

5
Cookies

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 8
  • http://img.root-top.com/topsite/miroirduturf/banner.gif HTTP 301
  • https://img.root-top.com/topsite/miroirduturf/banner.gif
Request Chain 10
  • http://img.root-top.com/topsite/lc13/banner.gif HTTP 301
  • https://img.root-top.com/topsite/lc13/banner.gif
Request Chain 11
  • http://img.root-top.com/topsite/bienjouer/banner.gif HTTP 301
  • https://img.root-top.com/topsite/bienjouer/banner.gif
Request Chain 12
  • http://img.root-top.com/topsite/turfgagnant/banner.gif HTTP 301
  • https://img.root-top.com/topsite/turfgagnant/banner.gif
Request Chain 18
  • http://www.zone-turf.fr/module/module_webmaster.php?e=partants&f=medium HTTP 301
  • https://www.zone-turf.fr/module/module_webmaster.php?e=partants&f=medium

58 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Primary Request /
www.abonnesturf.1s.fr/ 		3 KB
1 KB 		Document
General
Check archive.org
Download Go to
Full URL
http://www.abonnesturf.1s.fr/
Protocol
HTTP/1.1
Server
5.135.149.81 Le Chesnay, France, ASN16276 (OVH, FR),
Reverse DNS
web3.venez.net
Software
Apache /
Resource Hash
6f7c4e103d3a2a75f9afee4b24cf4bb5964be123d12f8c5bbfc02bdf296815ec

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36
accept-language
fr-FR,fr;q=0.9

Response headers

Connection
Keep-Alive
Content-Encoding
gzip
Content-Length
1091
Content-Type
text/html; charset=iso-8859-1
Date
Thu, 07 Dec 2023 22:57:45 GMT
Keep-Alive
timeout=5, max=100
Server
Apache
Vary
Accept-Encoding
barre-abonnesturf.1s.fr.html
www.abonnesturf.1s.fr/ Frame 20EB 		3 KB
2 KB 		Document
General
Check archive.org
Download Go to
Full URL
http://www.abonnesturf.1s.fr/barre-abonnesturf.1s.fr.html
Requested by
Host: www.abonnesturf.1s.fr
URL: http://www.abonnesturf.1s.fr/
Protocol
HTTP/1.1
Server
5.135.149.81 Le Chesnay, France, ASN16276 (OVH, FR),
Reverse DNS
web3.venez.net
Software
Apache /
Resource Hash
1e766cac058ea6669c54c5c2880bc8973b01e31cbdef886d384613ac3745dffd

Request headers

Referer
http://www.abonnesturf.1s.fr/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36
accept-language
fr-FR,fr;q=0.9

Response headers

Cache-Control
no-store, no-cache, must-revalidate post-check=0, pre-check=0
Connection
Keep-Alive
Content-Encoding
gzip
Content-Length
1501
Content-Type
text/html; charset=ISO-8859-1
Date
Thu, 07 Dec 2023 22:57:45 GMT
Expires
Thu, 07 Dec 2023 22:57:45 GMT
Keep-Alive
timeout=5, max=99
Last-Modified
Thu, 07 Dec 2023 22:57:45 GMT
Pragma
no-cache
Server
Apache
Vary
Accept-Encoding
/
www.turf.dafun.com/pronos/abonnesturf/ Frame 94B7 		11 KB
11 KB 		Document
General
Check archive.org
Download Go to
Full URL
http://www.turf.dafun.com/pronos/abonnesturf/
Requested by
Host: www.abonnesturf.1s.fr
URL: http://www.abonnesturf.1s.fr/
Protocol
HTTP/1.1
Server
194.150.236.165 , France, ASN44976 (HIWIT_AS, FR),
Reverse DNS
ns5.hiwit.net
Software
Apache /
Resource Hash
2d68db8cb2c21f4ca0766b4073922f4a13ade7da6e354567980e38736500ea08

Request headers

Referer
http://www.abonnesturf.1s.fr/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36
accept-language
fr-FR,fr;q=0.9

Response headers

Connection
Keep-Alive
Content-Type
text/html
Date
Thu, 07 Dec 2023 22:57:45 GMT
Keep-Alive
timeout=15, max=100
Server
Apache
Transfer-Encoding
chunked
Vary
Host
stats-abonnesturf.1s.fr.html
www.abonnesturf.1s.fr/ Frame 62C7 		0
192 B 		Document
General
Check archive.org
Download Go to
Full URL
http://www.abonnesturf.1s.fr/stats-abonnesturf.1s.fr.html
Requested by
Host: www.abonnesturf.1s.fr
URL: http://www.abonnesturf.1s.fr/
Protocol
HTTP/1.1
Server
5.135.149.81 Le Chesnay, France, ASN16276 (OVH, FR),
Reverse DNS
web3.venez.net
Software
Apache /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
http://www.abonnesturf.1s.fr/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36
accept-language
fr-FR,fr;q=0.9

Response headers

Connection
Keep-Alive
Content-Length
0
Content-Type
text/html; charset=iso-8859-1
Date
Thu, 07 Dec 2023 22:57:45 GMT
Keep-Alive
timeout=5, max=100
Server
Apache
site.js
www.venez.fr/js/ Frame 20EB 		2 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.venez.fr/js/site.js?www.venez.fr
Requested by
Host: www.abonnesturf.1s.fr
URL: http://www.abonnesturf.1s.fr/barre-abonnesturf.1s.fr.html
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
5.135.149.81 Le Chesnay, France, ASN16276 (OVH, FR),
Reverse DNS
web3.venez.net
Software
Apache /
Resource Hash
0c91a24c2deb753c963c48cd9c3e5d16ee96128b30bce193c4324e121728c306

Request headers

accept-language
fr-FR,fr;q=0.9
Referer
http://www.abonnesturf.1s.fr/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

Date
Thu, 07 Dec 2023 22:57:45 GMT
Content-Encoding
gzip
Last-Modified
Thu, 07 Dec 2023 22:57:45 GMT
Server
Apache
Vary
Accept-Encoding
Content-Type
application/javascript
Cache-Control
public, max-age=604800
Connection
Keep-Alive
Keep-Alive
timeout=5, max=100
Content-Length
1023
Expires
Thu, 14 Dec 2023 22:57:45 GMT
separateur90.gif
www.venez.fr/images/ Frame 20EB 		82 B
388 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.venez.fr/images/separateur90.gif
Requested by
Host: www.abonnesturf.1s.fr
URL: http://www.abonnesturf.1s.fr/barre-abonnesturf.1s.fr.html
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
5.135.149.81 Le Chesnay, France, ASN16276 (OVH, FR),
Reverse DNS
web3.venez.net
Software
Apache /
Resource Hash
3289fc83b622ca0a13683fa81b006a05de135d1938744d6e30e5c9be2f2d782a

Request headers

accept-language
fr-FR,fr;q=0.9
Referer
http://www.abonnesturf.1s.fr/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

Date
Thu, 07 Dec 2023 22:57:45 GMT
Last-Modified
Thu, 15 Nov 2018 22:11:22 GMT
Server
Apache
ETag
"52-57abb54b25680"
Content-Type
image/gif
Cache-Control
max-age=604800, public
Connection
Keep-Alive
Accept-Ranges
bytes
Keep-Alive
timeout=5, max=100
Content-Length
82
adsbygoogle.js
pagead2.googlesyndication.com/pagead/js/ Frame 20EB 		147 KB
54 KB 		Script
General
Check archive.org
Download Go to
Full URL
http://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js
Requested by
Host: www.abonnesturf.1s.fr
URL: http://www.abonnesturf.1s.fr/barre-abonnesturf.1s.fr.html
Protocol
HTTP/1.1
Server
2a00:1450:4001:809::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
0be8cbfd2aa0b2cf321156a57b73311019eac80ffdaa47b4f3baa67546bba2ce
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
fr-FR,fr;q=0.9
Referer
http://www.abonnesturf.1s.fr/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

Date
Thu, 07 Dec 2023 22:57:45 GMT
Content-Encoding
gzip
X-Content-Type-Options
nosniff
P3P
policyref="http://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
Cross-Origin-Resource-Policy
cross-origin
Content-Disposition
attachment; filename="f.txt"
Content-Length
54762
X-XSS-Protection
0
Server
cafe
ETag
8879305881674248870
Vary
Accept-Encoding
Content-Type
text/javascript; charset=UTF-8
Access-Control-Allow-Origin
*
Cache-Control
private, max-age=3600
Timing-Allow-Origin
*
Expires
Thu, 07 Dec 2023 22:57:45 GMT
h1.png
www.turf.dafun.com/pronos/abonnesturf/ Frame 94B7 		29 KB
29 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
http://www.turf.dafun.com/pronos/abonnesturf/h1.png
Requested by
Host: www.turf.dafun.com
URL: http://www.turf.dafun.com/pronos/abonnesturf/
Protocol
HTTP/1.1
Server
194.150.236.165 , France, ASN44976 (HIWIT_AS, FR),
Reverse DNS
ns5.hiwit.net
Software
Apache /
Resource Hash
acb0939b88719c0a69a6333ed54b8be78afaa623f53873be5f698ae052aa7293

Request headers

accept-language
fr-FR,fr;q=0.9
Referer
http://www.turf.dafun.com/pronos/abonnesturf/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

Date
Thu, 07 Dec 2023 22:57:45 GMT
Last-Modified
Thu, 22 Sep 2022 16:56:57 GMT
Server
Apache
ETag
"e75cd9-7414-5e946f2f9e840"
Vary
Host
Content-Type
image/png
Connection
Keep-Alive
Accept-Ranges
bytes
Keep-Alive
timeout=15, max=99
Content-Length
29716
head.jpg
www.turf.dafun.com/pronos/abonnesturf/ Frame 94B7 		285 KB
285 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
http://www.turf.dafun.com/pronos/abonnesturf/head.jpg
Requested by
Host: www.turf.dafun.com
URL: http://www.turf.dafun.com/pronos/abonnesturf/
Protocol
HTTP/1.1
Server
194.150.236.165 , France, ASN44976 (HIWIT_AS, FR),
Reverse DNS
ns5.hiwit.net
Software
Apache /
Resource Hash
4b7fad91f5413c7460b5e04ea365d0bed0b91502482973fd34bfb3e204fe61e0

Request headers

accept-language
fr-FR,fr;q=0.9
Referer
http://www.turf.dafun.com/pronos/abonnesturf/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

Date
Thu, 07 Dec 2023 22:57:45 GMT
Last-Modified
Thu, 22 Sep 2022 16:56:58 GMT
Server
Apache
ETag
"e75d26-47215-5e946f3092a80"
Vary
Host
Content-Type
image/jpeg
Connection
Keep-Alive
Accept-Ranges
bytes
Keep-Alive
timeout=15, max=100
Content-Length
291349
banner.gif
img.root-top.com/topsite/miroirduturf/ Frame 94B7
Redirect Chain
  • http://img.root-top.com/topsite/miroirduturf/banner.gif
  • https://img.root-top.com/topsite/miroirduturf/banner.gif
4 KB
5 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://img.root-top.com/topsite/miroirduturf/banner.gif
Requested by
Host: www.turf.dafun.com
URL: http://www.turf.dafun.com/pronos/abonnesturf/
Protocol
H2
Server
2606:4700:3038::6815:ea1b , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
597b8d67ab1ae1248dc69b6ef66b49d95eedc1ab74ae74234d86e3668d72e58e

Request headers

accept-language
fr-FR,fr;q=0.9
Referer
http://www.turf.dafun.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date
Thu, 07 Dec 2023 22:57:45 GMT
cf-cache-status
HIT
last-modified
Tue, 29 Nov 2022 12:52:50 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
age
2134829
etag
"1229025579"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=WUfdmATnl5HYzwJIgF5DM7d4IETUs3wIHwxyatDSRT24N1IvSb%2BWDMRStkduVNw6UFRt5T%2Be9%2FC0AIEQ8PXWrT8xJmInax%2Fe9bw7buEMxdNTSCA6eKgf7OVnyBXIkvDdt%2Bkss0km3SLJHOqf3SiH"}],"group":"cf-nel","max_age":604800}
content-type
image/png
cache-control
max-age=2678400
accept-ranges
bytes
cf-ray
83205e953dbc2a73-CDG
alt-svc
h3=":443"; ma=86400
content-length
4424

Redirect headers

Date
Thu, 07 Dec 2023 22:57:45 GMT
CF-Cache-Status
EXPIRED
NEL
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Server
cloudflare
Vary
Accept-Encoding
Report-To
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=bhq%2BVE5NDCL8oX3EdrwLJ1NWglZniVmhFIqXrfXeQC5jAYLgFEYJ283%2Ff%2FwgjX1QcmR6TqpBvkeVSu9Dn19RBQQRG5CT8Fx%2Fari8MXL1CLWT9eQ4a3VIQbwEBElNC%2BIBfIJ6PdkEQBtrljJEPKP5"}],"group":"cf-nel","max_age":604800}
Location
https://img.root-top.com/topsite/miroirduturf/banner.gif
Cache-Control
max-age=14400
Connection
keep-alive
CF-RAY
83205e94b9136f27-CDG
alt-svc
h3=":443"; ma=86400
Content-Length
0
logo.gif
www.turfinfos.ouba.com/ Frame 94B7 		6 KB
6 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
http://www.turfinfos.ouba.com/logo.gif
Requested by
Host: www.turf.dafun.com
URL: http://www.turf.dafun.com/pronos/abonnesturf/
Protocol
HTTP/1.1
Server
194.150.236.166 , France, ASN44976 (HIWIT_AS, FR),
Reverse DNS
ns6.hiwit.net
Software
Apache /
Resource Hash
b3d1ff1c03e608adcedb1eb0620301291d21d70834b11c8e6f1d710351debd38

Request headers

accept-language
fr-FR,fr;q=0.9
Referer
http://www.turf.dafun.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

Date
Thu, 07 Dec 2023 22:57:45 GMT
Last-Modified
Tue, 12 Sep 2017 08:21:11 GMT
Server
Apache
ETag
"134e672-169d-558f9b9ceebc0"
Vary
Host
Content-Type
image/gif
Connection
Keep-Alive
Accept-Ranges
bytes
Keep-Alive
timeout=15, max=100
Content-Length
5789
banner.gif
img.root-top.com/topsite/lc13/ Frame 94B7
Redirect Chain
  • http://img.root-top.com/topsite/lc13/banner.gif
  • https://img.root-top.com/topsite/lc13/banner.gif
4 KB
5 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://img.root-top.com/topsite/lc13/banner.gif
Requested by
Host: www.turf.dafun.com
URL: http://www.turf.dafun.com/pronos/abonnesturf/
Protocol
H2
Server
2606:4700:3038::6815:ea1b , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
597b8d67ab1ae1248dc69b6ef66b49d95eedc1ab74ae74234d86e3668d72e58e

Request headers

accept-language
fr-FR,fr;q=0.9
Referer
http://www.turf.dafun.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date
Thu, 07 Dec 2023 22:57:45 GMT
cf-cache-status
HIT
last-modified
Tue, 29 Nov 2022 12:52:50 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
age
2491880
etag
"1229025579"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=VJ8mq0JE3X55D9Lid9i4bTV0%2BTJyJZwzV%2FhrEPv%2B0uedToOIUby25%2Ba790%2FCgvQ6CdXAlEescqtkSn5%2F2dMuBQvP1uRELBYBxbcb68s0zJbp%2BG7EagMXud%2BpN3mYzwNH826UkoiaRc%2FNsrt6yxBD"}],"group":"cf-nel","max_age":604800}
content-type
image/png
cache-control
max-age=2678400
accept-ranges
bytes
cf-ray
83205e953dbb2a73-CDG
alt-svc
h3=":443"; ma=86400
content-length
4424

Redirect headers

Date
Thu, 07 Dec 2023 22:57:45 GMT
CF-Cache-Status
HIT
NEL
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Server
cloudflare
Age
496
Vary
Accept-Encoding
Report-To
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=6gSJw%2BmCpH0fsVpXnSA%2FgQfdsi5d%2BU4vyMriekJ2gsq3ftGhSgGDbzNNdu4lSMShGNfBC04FP6bB%2FGOt0a669VW9lQsSg6gQZ1btKi9%2FK3sNUNJhvVBuXLQ7A077kIGsQgsa1lK45qT%2FCRLCxhzw"}],"group":"cf-nel","max_age":604800}
Location
https://img.root-top.com/topsite/lc13/banner.gif
Cache-Control
max-age=14400
Connection
keep-alive
CF-RAY
83205e94bfc80222-CDG
alt-svc
h3=":443"; ma=86400
Content-Length
0
banner.gif
img.root-top.com/topsite/bienjouer/ Frame 94B7
Redirect Chain
  • http://img.root-top.com/topsite/bienjouer/banner.gif
  • https://img.root-top.com/topsite/bienjouer/banner.gif
4 KB
5 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://img.root-top.com/topsite/bienjouer/banner.gif
Requested by
Host: www.turf.dafun.com
URL: http://www.turf.dafun.com/pronos/abonnesturf/
Protocol
H2
Server
2606:4700:3038::6815:ea1b , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
597b8d67ab1ae1248dc69b6ef66b49d95eedc1ab74ae74234d86e3668d72e58e

Request headers

accept-language
fr-FR,fr;q=0.9
Referer
http://www.turf.dafun.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date
Thu, 07 Dec 2023 22:57:45 GMT
cf-cache-status
HIT
last-modified
Tue, 29 Nov 2022 12:52:50 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
age
672037
etag
"1229025579"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=lN6biHP7Dg2%2B0gFujk3Zh4rXqXefDXIEYis1Luhb1wwo6jI88Eu47Pj40rt5um6bbYl5J4z294%2BTzMfUqytfM1B7npbJmRSNlkgvuKBd7FZb35YSKImx1JLBFFsUHT9atrCIt6ewEyj7xcJcd6J9"}],"group":"cf-nel","max_age":604800}
content-type
image/png
cache-control
max-age=2678400
accept-ranges
bytes
cf-ray
83205e953dbd2a73-CDG
alt-svc
h3=":443"; ma=86400
content-length
4424

Redirect headers

Date
Thu, 07 Dec 2023 22:57:45 GMT
CF-Cache-Status
EXPIRED
NEL
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Server
cloudflare
Vary
Accept-Encoding
Report-To
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=3wspeLWmz0THFPQMNmQ1MEMCX7sRLzLRHxWaed8eXXhrfaeC79nqnJZX7P1wBw%2FcFoyRbr98%2Bfe4QdJkkZZqc8HFhe3vXNWCiuTUX318tVKQghoPHH5hD9K8SzaAA54U8NN6ZRsQT4O6uORYA6DO"}],"group":"cf-nel","max_age":604800}
Location
https://img.root-top.com/topsite/bienjouer/banner.gif
Cache-Control
max-age=14400
Connection
keep-alive
CF-RAY
83205e94bcb00342-CDG
alt-svc
h3=":443"; ma=86400
Content-Length
0
banner.gif
img.root-top.com/topsite/turfgagnant/ Frame 94B7
Redirect Chain
  • http://img.root-top.com/topsite/turfgagnant/banner.gif
  • https://img.root-top.com/topsite/turfgagnant/banner.gif
4 KB
5 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://img.root-top.com/topsite/turfgagnant/banner.gif
Requested by
Host: www.turf.dafun.com
URL: http://www.turf.dafun.com/pronos/abonnesturf/
Protocol
H2
Server
2606:4700:3038::6815:ea1b , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
597b8d67ab1ae1248dc69b6ef66b49d95eedc1ab74ae74234d86e3668d72e58e

Request headers

accept-language
fr-FR,fr;q=0.9
Referer
http://www.turf.dafun.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date
Thu, 07 Dec 2023 22:57:45 GMT
cf-cache-status
HIT
last-modified
Tue, 29 Nov 2022 12:52:50 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
age
2579421
etag
"1229025579"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=KDYT6maYwgZLYuk6uWiah3LntcvzgNeNAyytfYSzNCaWMBZzTCNW0Z2ZlhZ5rBRV2QaHyNTzPx0ZyWxG8Us7jz16jgsjVrpH8aDy5f7EPicDIquI6%2BLTDPry8%2FdJGnelBblguP1T9rhznjEohmZM"}],"group":"cf-nel","max_age":604800}
content-type
image/png
cache-control
max-age=2678400
accept-ranges
bytes
cf-ray
83205e953dbf2a73-CDG
alt-svc
h3=":443"; ma=86400
content-length
4424

Redirect headers

Date
Thu, 07 Dec 2023 22:57:45 GMT
CF-Cache-Status
EXPIRED
NEL
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Server
cloudflare
Vary
Accept-Encoding
Report-To
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=JmRC9sK3SGFWbcmx6IY0PHEeYAOExKo74rrZTJkIiE%2BqTxGspHdMuNO57tkdyix%2F05zOq%2BpiUxph3YXsFZeLsl8tiua3LdBSxVYLCNxB%2BzUlvQ%2F20PIptCIS9W%2BRlRkMmEJuNV3ruVQw8wUealM1"}],"group":"cf-nel","max_age":604800}
Location
https://img.root-top.com/topsite/turfgagnant/banner.gif
Cache-Control
max-age=14400
Connection
keep-alive
CF-RAY
83205e94bdcc2a50-CDG
alt-svc
h3=":443"; ma=86400
Content-Length
0
arplan.jpg
www.turf.dafun.com/pronos/abonnesturf/ Frame 94B7 		609 KB
609 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
http://www.turf.dafun.com/pronos/abonnesturf/arplan.jpg
Requested by
Host: www.turf.dafun.com
URL: http://www.turf.dafun.com/pronos/abonnesturf/
Protocol
HTTP/1.1
Server
194.150.236.165 , France, ASN44976 (HIWIT_AS, FR),
Reverse DNS
ns5.hiwit.net
Software
Apache /
Resource Hash
321e5e5af465f1753cdf0a077c1cfdc6eb72ca29f68d91496f184de7f1b0253f

Request headers

accept-language
fr-FR,fr;q=0.9
Referer
http://www.turf.dafun.com/pronos/abonnesturf/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

Date
Thu, 07 Dec 2023 22:57:45 GMT
Last-Modified
Thu, 22 Sep 2022 16:56:57 GMT
Server
Apache
ETag
"179a42f-9843d-5e946f2f9e840"
Vary
Host
Content-Type
image/jpeg
Connection
Keep-Alive
Accept-Ranges
bytes
Keep-Alive
timeout=15, max=100
Content-Length
623677
h2.png
www.turf.dafun.com/pronos/abonnesturf/ Frame 94B7 		29 KB
29 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
http://www.turf.dafun.com/pronos/abonnesturf/h2.png
Requested by
Host: www.turf.dafun.com
URL: http://www.turf.dafun.com/pronos/abonnesturf/
Protocol
HTTP/1.1
Server
194.150.236.165 , France, ASN44976 (HIWIT_AS, FR),
Reverse DNS
ns5.hiwit.net
Software
Apache /
Resource Hash
1dfedd383e1fc3d297e6a301ebd3045097c859b39b0c490bcff19527e05d56dd

Request headers

accept-language
fr-FR,fr;q=0.9
Referer
http://www.turf.dafun.com/pronos/abonnesturf/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

Date
Thu, 07 Dec 2023 22:57:45 GMT
Last-Modified
Thu, 22 Sep 2022 16:56:57 GMT
Server
Apache
ETag
"e75cfd-72ce-5e946f2f9e840"
Vary
Host
Content-Type
image/png
Connection
Keep-Alive
Accept-Ranges
bytes
Keep-Alive
timeout=15, max=100
Content-Length
29390
script.php
script.starpass.fr/ Frame 94B7 		25 B
289 B 		Script
General
Check archive.org
Download Go to
Full URL
https://script.starpass.fr/script.php?idd=443727&datas=
Requested by
Host: www.turf.dafun.com
URL: http://www.turf.dafun.com/pronos/abonnesturf/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
194.0.255.28 , France, ASN8218 (NEO-ASN legacy Neotelecoms, FR),
Reverse DNS
srv28.bdmultimedia.fr
Software
Apache /
Resource Hash
a0710d7ae8f4a0ab076452dc7c3882b1c553ee11603bc5f9cf9dce10400ae1ce

Request headers

accept-language
fr-FR,fr;q=0.9
Referer
http://www.turf.dafun.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

Date
Thu, 07 Dec 2023 22:56:48 GMT
Content-Encoding
gzip
Server
Apache
Vary
Accept-Encoding,User-Agent
Content-Type
text/html; charset=UTF-8
Connection
Keep-Alive
Keep-Alive
timeout=2, max=100
Content-Length
43
checkout.apu
payment.allopass.com/buy/ Frame 94B7 		11 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://payment.allopass.com/buy/checkout.apu?ids=357168&idd=1558039&lang=fr
Requested by
Host: www.turf.dafun.com
URL: http://www.turf.dafun.com/pronos/abonnesturf/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
185.119.26.1 , France, ASN203544 (WEBDEVIIN-AS, FR),
Reverse DNS
1.26.119.185.in-addr.arpa
Software
Apache /
Resource Hash
9158177e6ef5e8394f55ba2a7ee77f10e7169db4386014a9bd1d80c3d011bacb

Request headers

accept-language
fr-FR,fr;q=0.9
Referer
http://www.turf.dafun.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

Pragma
no-cache
Date
Thu, 07 Dec 2023 22:57:45 GMT
Content-Encoding
gzip
Server
Apache
Vary
Accept-Encoding
P3P
CP='NON NID OTPa OUR NOR' policy-ref='http://payment.allopass.com/info/p3p/policy-references.xml'
Content-Type
text/html
Cache-Control
no-store, no-cache, must-revalidate, post-check=0, pre-check=0
Connection
close
Content-Length
2963
Expires
Thu, 19 Nov 1981 08:52:00 GMT
ratio-thieben.jpg
www.turf.dafun.com/pronos/abonnesturf/ Frame 94B7 		28 KB
29 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
http://www.turf.dafun.com/pronos/abonnesturf/ratio-thieben.jpg
Requested by
Host: www.turf.dafun.com
URL: http://www.turf.dafun.com/pronos/abonnesturf/
Protocol
HTTP/1.1
Server
194.150.236.165 , France, ASN44976 (HIWIT_AS, FR),
Reverse DNS
ns5.hiwit.net
Software
Apache /
Resource Hash
9ec37f7a06412aa02f72942e4675e5b2a57cceaf03bbbef6c0c04d4f8fdb8d61

Request headers

accept-language
fr-FR,fr;q=0.9
Referer
http://www.turf.dafun.com/pronos/abonnesturf/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

Date
Thu, 07 Dec 2023 22:57:45 GMT
Last-Modified
Thu, 22 Sep 2022 16:56:59 GMT
Server
Apache
ETag
"e75d86-7121-5e946f3186cc0"
Vary
Host
Content-Type
image/jpeg
Connection
Keep-Alive
Accept-Ranges
bytes
Keep-Alive
timeout=15, max=100
Content-Length
28961
module_webmaster.php
www.zone-turf.fr/module/ Frame 94B7
Redirect Chain
  • http://www.zone-turf.fr/module/module_webmaster.php?e=partants&f=medium
  • https://www.zone-turf.fr/module/module_webmaster.php?e=partants&f=medium
18 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.zone-turf.fr/module/module_webmaster.php?e=partants&f=medium
Requested by
Host: www.turf.dafun.com
URL: http://www.turf.dafun.com/pronos/abonnesturf/
Protocol
H2
Server
13.32.27.2 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-32-27-2.fra56.r.cloudfront.net
Software
Apache /
Resource Hash
75083ea5f166bbf858df88c546f3acb81804581591c794ed91008fb65e6a6032

Request headers

accept-language
fr-FR,fr;q=0.9
Referer
http://www.turf.dafun.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date
Thu, 07 Dec 2023 22:57:18 GMT
via
1.1 varnish, 1.1 9928105291571d6cae52bcb916c898d8.cloudfront.net (CloudFront)
content-encoding
gzip
x-amz-cf-pop
FRA56-C2
age
27
x-cache
Hit from cloudfront
p3p
CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
alt-svc
h3=":443"; ma=86400
pragma
cache
server
Apache
vary
Accept-Encoding
content-type
application/x-javascript
x-varnish
3126393518
cache-control
max-age=60
x-amz-cf-id
dLp3L7PJpsFrT7hGy3ZEHA9aZB4IwHMOfTMOxuK8UN3_Rw2JKsDkAA==
expires
Thu, 07 Dec 2023 22:58:18 GMT

Redirect headers

Date
Thu, 07 Dec 2023 22:57:45 GMT
Via
1.1 1c12254585d1d316d9380549d59e3c80.cloudfront.net (CloudFront)
Server
CloudFront
X-Amz-Cf-Pop
FRA56-C2
X-Cache
Redirect from cloudfront
Content-Type
text/html
Location
https://www.zone-turf.fr/module/module_webmaster.php?e=partants&f=medium
Connection
keep-alive
Alt-Svc
h3=":443"; ma=86400
Content-Length
167
X-Amz-Cf-Id
L9usHrMgGU5q1tKCgF-WJzbWTP7mes5fphQ_p4346E1ZuUZTMoSzeg==
h3.png
www.turf.dafun.com/pronos/abonnesturf/ Frame 94B7 		29 KB
29 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
http://www.turf.dafun.com/pronos/abonnesturf/h3.png
Requested by
Host: www.turf.dafun.com
URL: http://www.turf.dafun.com/pronos/abonnesturf/
Protocol
HTTP/1.1
Server
194.150.236.165 , France, ASN44976 (HIWIT_AS, FR),
Reverse DNS
ns5.hiwit.net
Software
Apache /
Resource Hash
5b5cceed2cb716c00e2ac6a024cf27d7efad1d17dda764769105ef14d4fe9355

Request headers

accept-language
fr-FR,fr;q=0.9
Referer
http://www.turf.dafun.com/pronos/abonnesturf/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

Date
Thu, 07 Dec 2023 22:57:45 GMT
Last-Modified
Thu, 22 Sep 2022 16:56:57 GMT
Server
Apache
ETag
"e75d0e-7436-5e946f2f9e840"
Vary
Host
Content-Type
image/png
Connection
Keep-Alive
Accept-Ranges
bytes
Keep-Alive
timeout=15, max=100
Content-Length
29750
alternate-barre.htm
www.venez.fr/ Frame 2258 		2 KB
1 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://www.venez.fr/alternate-barre.htm
Requested by
Host: www.abonnesturf.1s.fr
URL: http://www.abonnesturf.1s.fr/barre-abonnesturf.1s.fr.html
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
5.135.149.81 Le Chesnay, France, ASN16276 (OVH, FR),
Reverse DNS
web3.venez.net
Software
Apache /
Resource Hash
a8666070143db8208dbc9c81aea320781ec046c4b0c9699e3094f214f1c78e8c

Request headers

Referer
http://www.abonnesturf.1s.fr/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36
accept-language
fr-FR,fr;q=0.9

Response headers

Connection
Keep-Alive
Content-Encoding
gzip
Content-Length
847
Content-Type
text/html; charset=iso-8859-1
Date
Thu, 07 Dec 2023 22:57:45 GMT
Keep-Alive
timeout=5, max=99
Server
Apache
Vary
Accept-Encoding
barre90.gif
www.venez.fr/images/ Frame 20EB 		110 B
416 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.venez.fr/images/barre90.gif
Requested by
Host: www.abonnesturf.1s.fr
URL: http://www.abonnesturf.1s.fr/barre-abonnesturf.1s.fr.html
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
5.135.149.81 Le Chesnay, France, ASN16276 (OVH, FR),
Reverse DNS
web3.venez.net
Software
Apache /
Resource Hash
49d4ba84e10d9d1f2a83956dde4f20625fd11efc01f60a3a4552a9e09a05a74f

Request headers

accept-language
fr-FR,fr;q=0.9
Referer
http://www.abonnesturf.1s.fr/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

Date
Thu, 07 Dec 2023 22:57:45 GMT
Last-Modified
Thu, 15 Nov 2018 22:06:23 GMT
Server
Apache
ETag
"6e-57abb42dff5c0"
Content-Type
image/gif
Cache-Control
max-age=604800, public
Connection
Keep-Alive
Accept-Ranges
bytes
Keep-Alive
timeout=5, max=99
Content-Length
110
120x60.gif
www.venez.fr/images/ Frame 2258 		4 KB
4 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.venez.fr/images/120x60.gif
Requested by
Host: www.venez.fr
URL: https://www.venez.fr/alternate-barre.htm
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
5.135.149.81 Le Chesnay, France, ASN16276 (OVH, FR),
Reverse DNS
web3.venez.net
Software
Apache /
Resource Hash
7dc792d48132ff15a9ad8c11a139bf26f8e13aa3df30a71582ae406ddffdab4f

Request headers

accept-language
fr-FR,fr;q=0.9
Referer
https://www.venez.fr/alternate-barre.htm
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

Date
Thu, 07 Dec 2023 22:57:45 GMT
Last-Modified
Wed, 02 Mar 2011 00:16:24 GMT
Server
Apache
ETag
"f4c-49d74d2b9c600"
Content-Type
image/gif
Cache-Control
max-age=604800, public
Connection
Keep-Alive
Accept-Ranges
bytes
Keep-Alive
timeout=5, max=98
Content-Length
3916
site.js
www.venez.fr/js/ Frame 2258 		2 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.venez.fr/js/site.js?www.venez.fr
Requested by
Host: www.venez.fr
URL: https://www.venez.fr/alternate-barre.htm
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
5.135.149.81 Le Chesnay, France, ASN16276 (OVH, FR),
Reverse DNS
web3.venez.net
Software
Apache /
Resource Hash
0c91a24c2deb753c963c48cd9c3e5d16ee96128b30bce193c4324e121728c306

Request headers

accept-language
fr-FR,fr;q=0.9
Referer
https://www.venez.fr/alternate-barre.htm
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

Date
Thu, 07 Dec 2023 22:57:45 GMT
Content-Encoding
gzip
Last-Modified
Thu, 07 Dec 2023 22:57:45 GMT
Server
Apache
Vary
Accept-Encoding
Content-Type
application/javascript
Cache-Control
public, max-age=604800
Connection
Keep-Alive
Keep-Alive
timeout=5, max=98
Content-Length
1023
Expires
Thu, 14 Dec 2023 22:57:45 GMT
barre90.gif
www.venez.fr/images/ Frame 2258 		110 B
416 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.venez.fr/images/barre90.gif
Requested by
Host: www.venez.fr
URL: https://www.venez.fr/alternate-barre.htm
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
5.135.149.81 Le Chesnay, France, ASN16276 (OVH, FR),
Reverse DNS
web3.venez.net
Software
Apache /
Resource Hash
49d4ba84e10d9d1f2a83956dde4f20625fd11efc01f60a3a4552a9e09a05a74f

Request headers

accept-language
fr-FR,fr;q=0.9
Referer
https://www.venez.fr/alternate-barre.htm
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

Date
Thu, 07 Dec 2023 22:57:45 GMT
Last-Modified
Thu, 15 Nov 2018 22:06:23 GMT
Server
Apache
ETag
"6e-57abb42dff5c0"
Content-Type
image/gif
Cache-Control
max-age=604800, public
Connection
Keep-Alive
Accept-Ranges
bytes
Keep-Alive
timeout=5, max=97
Content-Length
110
show_ads_impl_with_ama_fy2021.js
pagead2.googlesyndication.com/pagead/managed/js/adsense/m202312040101/ Frame 20EB 		398 KB
135 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202312040101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-5203714787387788&plah=www.abonnesturf.1s.fr
Requested by
Host: pagead2.googlesyndication.com
URL: http://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:809::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
72216dfa064a0a997f95bc4b24cefb808434e90e38b4dd78c77384294fde6ca9
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
fr-FR,fr;q=0.9
Referer
http://www.abonnesturf.1s.fr/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date
Thu, 07 Dec 2023 22:57:45 GMT
content-encoding
br
x-content-type-options
nosniff
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
137692
x-xss-protection
0
server
cafe
etag
5498997240167340451
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
cache-control
private, max-age=3600, stale-while-revalidate=3600
timing-allow-origin
*
expires
Thu, 07 Dec 2023 22:57:45 GMT
zrt_lookup_fy2021.html
googleads.g.doubleclick.net/pagead/html/r20231206/r20190131/ Frame EEAB 		9 KB
4 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/html/r20231206/r20190131/zrt_lookup_fy2021.html
Requested by
Host: pagead2.googlesyndication.com
URL: http://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:800::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
1fc8dfdb8f646e934bf93bc6f793604bb12c6b304c04ac509aa86cdc1a2dbbea
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
http://www.abonnesturf.1s.fr/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36
accept-language
fr-FR,fr;q=0.9

Response headers

age
12575
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, max-age=1209600
content-encoding
br
content-length
4130
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Thu, 07 Dec 2023 19:28:10 GMT
etag
5585625838579639069
expires
Thu, 21 Dec 2023 19:28:10 GMT
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server
cafe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
gtm.js
www.googletagmanager.com/ Frame 94B7 		165 KB
60 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtm.js?id=GTM-NVK252XV
Requested by
Host: payment.allopass.com
URL: https://payment.allopass.com/buy/checkout.apu?ids=357168&idd=1558039&lang=fr
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80f::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
5059d917a969071c4840938e70d5223ce63bc36dea26486df72ca67e5f2c90b5
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

accept-language
fr-FR,fr;q=0.9
Referer
http://www.turf.dafun.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date
Thu, 07 Dec 2023 22:57:45 GMT
content-encoding
br
strict-transport-security
max-age=31536000; includeSubDomains
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
61217
x-xss-protection
0
last-modified
Thu, 07 Dec 2023 21:00:00 GMT
server
Google Tag Manager
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
access-control-allow-headers
Cache-Control
expires
Thu, 07 Dec 2023 22:57:45 GMT
buy-button.css
payment.allopass.com/static/css/ Frame 94B7 		2 KB
830 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://payment.allopass.com/static/css/buy-button.css?1
Requested by
Host: payment.allopass.com
URL: https://payment.allopass.com/buy/checkout.apu?ids=357168&idd=1558039&lang=fr
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
185.119.26.1 , France, ASN203544 (WEBDEVIIN-AS, FR),
Reverse DNS
1.26.119.185.in-addr.arpa
Software
Apache /
Resource Hash
95eb15e76b752a9c78d6281cd3b7c43a8fbc2931783edf3bf3703af55eff06e2

Request headers

accept-language
fr-FR,fr;q=0.9
Referer
http://www.turf.dafun.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

Date
Thu, 07 Dec 2023 22:57:45 GMT
Content-Encoding
gzip
Last-Modified
Mon, 21 Aug 2023 10:50:27 GMT
Server
Apache
ETag
"235e8-69a-6036ca56d02c0"
Vary
Accept-Encoding
Content-Type
text/css
Connection
close
Accept-Ranges
bytes
Content-Length
546
162x56.png
payment.allopass.com/static/buy/button/fr/ Frame 94B7 		6 KB
6 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://payment.allopass.com/static/buy/button/fr/162x56.png
Requested by
Host: www.turf.dafun.com
URL: http://www.turf.dafun.com/pronos/abonnesturf/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
185.119.26.1 , France, ASN203544 (WEBDEVIIN-AS, FR),
Reverse DNS
1.26.119.185.in-addr.arpa
Software
Apache /
Resource Hash
7dd9659e56e92abc376e04d427903b2cfca1d52d854d38e35fefa4cf9e7fd9db

Request headers

accept-language
fr-FR,fr;q=0.9
Referer
http://www.turf.dafun.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

Date
Thu, 07 Dec 2023 22:57:45 GMT
Last-Modified
Mon, 21 Aug 2023 10:50:27 GMT
Server
Apache
ETag
"40f3c-1688-6036ca56d02c0"
Content-Type
image/png
Connection
close
Accept-Ranges
bytes
Content-Length
5768
ec-ld-m-abrivard-35428.gif
www.zone-turf.fr/media/picture/casaque/ Frame 94B7 		2 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.zone-turf.fr/media/picture/casaque/ec-ld-m-abrivard-35428.gif
Requested by
Host: www.turf.dafun.com
URL: http://www.turf.dafun.com/pronos/abonnesturf/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.32.27.2 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-32-27-2.fra56.r.cloudfront.net
Software
Apache /
Resource Hash
483a7833c592fe3922dcb9fe9b29e5aa849a09fff5e763ad56ab66ee335d7ac7

Request headers

accept-language
fr-FR,fr;q=0.9
Referer
http://www.turf.dafun.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date
Thu, 07 Dec 2023 22:14:18 GMT
via
1.1 varnish, 1.1 9928105291571d6cae52bcb916c898d8.cloudfront.net (CloudFront)
x-backend
default
x-amz-cf-pop
FRA56-C2
age
184395
x-cache
Hit from cloudfront
alt-svc
h3=":443"; ma=86400
content-length
2473
last-modified
Sun, 03 Dec 2023 22:59:32 GMT
server
Apache
etag
"9d2b7b97-9a9-60ba2f456c05f"
vary
Accept-Encoding
x-varnish
3895090143 3884078398
content-type
image/gif
cache-control
max-age=259200
accept-ranges
bytes
x-amz-cf-id
qyI_a5-e2aGgW_1VDN54ZvGrnyBFFDbQf-ilcc9yiUxEvxKboASkHA==
expires
Fri, 08 Dec 2023 19:44:30 GMT
ec-moureaux-as-510114.gif
www.zone-turf.fr/media/picture/casaque/ Frame 94B7 		3 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.zone-turf.fr/media/picture/casaque/ec-moureaux-as-510114.gif
Requested by
Host: www.turf.dafun.com
URL: http://www.turf.dafun.com/pronos/abonnesturf/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.32.27.2 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-32-27-2.fra56.r.cloudfront.net
Software
Apache /
Resource Hash
578e6ccb3a6e5b73f541f19bf9cd6178391e6afd4e82902fc7ee49f6c2a20459

Request headers

accept-language
fr-FR,fr;q=0.9
Referer
http://www.turf.dafun.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date
Thu, 07 Dec 2023 22:48:53 GMT
via
1.1 varnish, 1.1 9928105291571d6cae52bcb916c898d8.cloudfront.net (CloudFront)
x-amz-cf-pop
FRA56-C2
age
187424
x-cache
Hit from cloudfront
x-cache-hist
198
alt-svc
h3=":443"; ma=86400
content-length
2560
last-modified
Sun, 03 Dec 2023 22:58:56 GMT
server
Apache
etag
"9d13a565-a00-60ba2f232bb1a"
vary
Accept-Encoding
x-varnish
3125392190 3111369643
content-type
image/gif
cache-control
max-age=259200
accept-ranges
bytes
x-amz-cf-id
ckCZ-Mi1cVmKZzgCkgkWOTEbQk4aG-xCRG5qTUEqnFehNAle8f6PhQ==
expires
Fri, 08 Dec 2023 18:54:01 GMT
ec-luck-169802.gif
www.zone-turf.fr/media/picture/casaque/ Frame 94B7 		2 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.zone-turf.fr/media/picture/casaque/ec-luck-169802.gif
Requested by
Host: www.turf.dafun.com
URL: http://www.turf.dafun.com/pronos/abonnesturf/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.32.27.2 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-32-27-2.fra56.r.cloudfront.net
Software
Apache /
Resource Hash
864452c35b9993c446efbf811d2ae96074e3543e505ce584f1496d46e5c08343

Request headers

accept-language
fr-FR,fr;q=0.9
Referer
http://www.turf.dafun.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date
Thu, 07 Dec 2023 22:03:56 GMT
via
1.1 varnish, 1.1 9928105291571d6cae52bcb916c898d8.cloudfront.net (CloudFront)
x-backend
default
x-amz-cf-pop
FRA56-C2
age
13229
x-cache
Hit from cloudfront
alt-svc
h3=":443"; ma=86400
content-length
2468
last-modified
Thu, 07 Dec 2023 17:29:14 GMT
server
Apache
etag
"9d3966e6-9a4-60beece7bf916"
vary
Accept-Encoding
x-varnish
3898110707 3897873179
content-type
image/gif
cache-control
max-age=259200
accept-ranges
bytes
x-amz-cf-id
7-QeBzXIBijl3rF8_EYYb6GXaes_gDfkJ4M3v4Q7b2WXCtLFhlFKfQ==
expires
Sun, 10 Dec 2023 19:17:16 GMT
mme-yvonne-guedj-519110.gif
www.zone-turf.fr/media/picture/casaque/ Frame 94B7 		2 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.zone-turf.fr/media/picture/casaque/mme-yvonne-guedj-519110.gif
Requested by
Host: www.turf.dafun.com
URL: http://www.turf.dafun.com/pronos/abonnesturf/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.32.27.2 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-32-27-2.fra56.r.cloudfront.net
Software
Apache /
Resource Hash
961c16e1aee6dd2f5efd3acc71fc39a1f9604bf79f218bcf56ceca0b0626eee1

Request headers

accept-language
fr-FR,fr;q=0.9
Referer
http://www.turf.dafun.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date
Thu, 07 Dec 2023 22:47:29 GMT
via
1.1 varnish, 1.1 9928105291571d6cae52bcb916c898d8.cloudfront.net (CloudFront)
x-amz-cf-pop
FRA56-C2
age
113267
x-cache
Hit from cloudfront
x-cache-hist
142
alt-svc
h3=":443"; ma=86400
content-length
2296
last-modified
Wed, 29 Nov 2023 17:26:48 GMT
server
Apache
etag
"9d6348b0-8f8-60b4dd70e0fd5"
content-type
image/gif
x-varnish
3126367280 3117033136
cache-control
max-age=259200
accept-ranges
bytes
x-amz-cf-id
AUnYzL62ZiqYGSyAUd9U-qHNEhzGYYCnuyUbQ2gNRNt4BFapQdESgg==
expires
Sat, 09 Dec 2023 15:29:58 GMT
bro-byggnads-bro-byggnads-ab-246488.gif
www.zone-turf.fr/media/picture/casaque/ Frame 94B7 		2 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.zone-turf.fr/media/picture/casaque/bro-byggnads-bro-byggnads-ab-246488.gif
Requested by
Host: www.turf.dafun.com
URL: http://www.turf.dafun.com/pronos/abonnesturf/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.32.27.2 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-32-27-2.fra56.r.cloudfront.net
Software
Apache /
Resource Hash
5ac24ebdd89f1fd813ad6cf4075a30f12a78c1549233ad890ed428cb4c87e43e

Request headers

accept-language
fr-FR,fr;q=0.9
Referer
http://www.turf.dafun.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date
Thu, 07 Dec 2023 22:50:00 GMT
via
1.1 varnish, 1.1 9928105291571d6cae52bcb916c898d8.cloudfront.net (CloudFront)
x-amz-cf-pop
FRA56-C2
age
87054
x-cache
Hit from cloudfront
alt-svc
h3=":443"; ma=86400
content-length
2532
last-modified
Wed, 06 Dec 2023 22:46:44 GMT
server
Apache
etag
"9da961c0-9e4-60bdf20154517"
vary
Accept-Encoding
x-varnish
3119349492
content-type
image/gif
cache-control
max-age=259200
accept-ranges
bytes
x-amz-cf-id
f6ksk7dmehBv5hZoJBeD875nRmUM66GYh0VoyLfcB8zaLhXCfPmZJg==
expires
Sat, 09 Dec 2023 22:46:51 GMT
ec-ec-saint-martin-121.gif
www.zone-turf.fr/media/picture/casaque/ Frame 94B7 		2 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.zone-turf.fr/media/picture/casaque/ec-ec-saint-martin-121.gif
Requested by
Host: www.turf.dafun.com
URL: http://www.turf.dafun.com/pronos/abonnesturf/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.32.27.2 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-32-27-2.fra56.r.cloudfront.net
Software
Apache /
Resource Hash
0935504f64fd872d5f40e49464e9e2504a7a56b02df20c9793416bc3650a34aa

Request headers

accept-language
fr-FR,fr;q=0.9
Referer
http://www.turf.dafun.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date
Thu, 07 Dec 2023 22:43:06 GMT
via
1.1 varnish, 1.1 9928105291571d6cae52bcb916c898d8.cloudfront.net (CloudFront)
x-backend
default
x-amz-cf-pop
FRA56-C2
age
33543
x-cache
Hit from cloudfront
alt-svc
h3=":443"; ma=86400
content-length
2462
last-modified
Wed, 06 Dec 2023 22:57:37 GMT
server
Apache
etag
"9d2d0dd2-99e-60bdf470cb523"
vary
Accept-Encoding
x-varnish
3897648280 3895339399
content-type
image/gif
cache-control
max-age=259200
accept-ranges
bytes
x-amz-cf-id
ufN9fB2RR0oKuPmK-Y3jB6lQaRVFE_8YJ0bGiKhbdw-NCTXHZo723Q==
expires
Sun, 10 Dec 2023 13:38:42 GMT
brixton-medical-ab-213698.gif
www.zone-turf.fr/media/picture/casaque/ Frame 94B7 		2 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.zone-turf.fr/media/picture/casaque/brixton-medical-ab-213698.gif
Requested by
Host: www.turf.dafun.com
URL: http://www.turf.dafun.com/pronos/abonnesturf/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.32.27.2 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-32-27-2.fra56.r.cloudfront.net
Software
Apache /
Resource Hash
97220448c1aa603fd2298d6db95eec151793f2edd815d91cbab8980d7d1ccfc3

Request headers

accept-language
fr-FR,fr;q=0.9
Referer
http://www.turf.dafun.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date
Thu, 07 Dec 2023 22:03:56 GMT
via
1.1 varnish, 1.1 9928105291571d6cae52bcb916c898d8.cloudfront.net (CloudFront)
x-amz-cf-pop
FRA56-C2
age
209078
x-cache
Hit from cloudfront
alt-svc
h3=":443"; ma=86400
content-length
2122
last-modified
Tue, 15 Aug 2023 21:49:52 GMT
server
Apache
etag
"9d30f367-84a-602fd28aff93b"
vary
Accept-Encoding
x-varnish
3105377502
content-type
image/gif
cache-control
max-age=259200
accept-ranges
bytes
x-amz-cf-id
Je_M0KETelURFbrUPk84iL9z9yGo2E4gXGr3NhwVgzxP2lbeQmevHw==
expires
Fri, 08 Dec 2023 12:53:08 GMT
damien-lecroq-257526.gif
www.zone-turf.fr/media/picture/casaque/ Frame 94B7 		3 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.zone-turf.fr/media/picture/casaque/damien-lecroq-257526.gif
Requested by
Host: www.turf.dafun.com
URL: http://www.turf.dafun.com/pronos/abonnesturf/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.32.27.2 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-32-27-2.fra56.r.cloudfront.net
Software
Apache /
Resource Hash
55801425033cc18240e76a61e2695817c8ff3d581110379ee1c81452e7633e6d

Request headers

accept-language
fr-FR,fr;q=0.9
Referer
http://www.turf.dafun.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date
Thu, 07 Dec 2023 22:50:00 GMT
via
1.1 varnish, 1.1 9928105291571d6cae52bcb916c898d8.cloudfront.net (CloudFront)
x-amz-cf-pop
FRA56-C2
age
99510
x-cache
Hit from cloudfront
x-cache-hist
76
alt-svc
h3=":443"; ma=86400
content-length
2649
last-modified
Wed, 29 Nov 2023 17:26:42 GMT
server
Apache
etag
"9d3a4034-a59-60b4dd6aced4a"
vary
Accept-Encoding
x-varnish
3122143938 3118647310
content-type
image/gif
cache-control
max-age=259200
accept-ranges
bytes
x-amz-cf-id
1EXsMrQtrvgFi1DGJQqpQBnGZKj1mL6zHlDoeGfNqugpPQu0TdH3xg==
expires
Sat, 09 Dec 2023 19:19:15 GMT
ecurie-de-l-de-l-iton-36639.gif
www.zone-turf.fr/media/picture/casaque/ Frame 94B7 		2 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.zone-turf.fr/media/picture/casaque/ecurie-de-l-de-l-iton-36639.gif
Requested by
Host: www.turf.dafun.com
URL: http://www.turf.dafun.com/pronos/abonnesturf/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.32.27.2 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-32-27-2.fra56.r.cloudfront.net
Software
Apache /
Resource Hash
fdf749fbd7823486667a8cc0dd63f03946e3500626b6984b4e305a72245f86dc

Request headers

accept-language
fr-FR,fr;q=0.9
Referer
http://www.turf.dafun.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date
Thu, 07 Dec 2023 22:50:01 GMT
via
1.1 varnish, 1.1 9928105291571d6cae52bcb916c898d8.cloudfront.net (CloudFront)
x-amz-cf-pop
FRA56-C2
age
86986
x-cache
Hit from cloudfront
alt-svc
h3=":443"; ma=86400
content-length
2206
last-modified
Wed, 06 Dec 2023 22:46:44 GMT
server
Apache
etag
"9d22d4dc-89e-60bdf20185247"
vary
Accept-Encoding
x-varnish
3119348204
content-type
image/gif
cache-control
max-age=259200
accept-ranges
bytes
x-amz-cf-id
mRZZz76zlKQ_S7VlYo5IpmsnM2E5dvqbvlkUs71JPPpFgrHA_pJzgA==
expires
Sat, 09 Dec 2023 22:47:59 GMT
mlle-laura-ledoyen-547076.gif
www.zone-turf.fr/media/picture/casaque/ Frame 94B7 		3 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.zone-turf.fr/media/picture/casaque/mlle-laura-ledoyen-547076.gif
Requested by
Host: www.turf.dafun.com
URL: http://www.turf.dafun.com/pronos/abonnesturf/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.32.27.2 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-32-27-2.fra56.r.cloudfront.net
Software
Apache /
Resource Hash
3e6e999713ebd066f1ebab516cab8f15792e527faa4268226442370af11aa2e6

Request headers

accept-language
fr-FR,fr;q=0.9
Referer
http://www.turf.dafun.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date
Thu, 07 Dec 2023 22:50:00 GMT
via
1.1 varnish, 1.1 9928105291571d6cae52bcb916c898d8.cloudfront.net (CloudFront)
x-backend
default
x-amz-cf-pop
FRA56-C2
age
87040
x-cache
Hit from cloudfront
alt-svc
h3=":443"; ma=86400
content-length
2922
last-modified
Wed, 06 Dec 2023 22:46:44 GMT
server
Apache
etag
"9d024b76-b6a-60bdf201ade99"
vary
Accept-Encoding
x-varnish
3891718486 3891717922
content-type
image/gif
cache-control
max-age=259200
accept-ranges
bytes
x-amz-cf-id
VXr_g4A2A_irLT4xeC1K1LNDwI-MkG_YnELdx0MfHG9swIhbfjoegA==
expires
Sat, 09 Dec 2023 22:47:05 GMT
fredrik-wallin-249152.gif
www.zone-turf.fr/media/picture/casaque/ Frame 94B7 		2 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.zone-turf.fr/media/picture/casaque/fredrik-wallin-249152.gif
Requested by
Host: www.turf.dafun.com
URL: http://www.turf.dafun.com/pronos/abonnesturf/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.32.27.2 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-32-27-2.fra56.r.cloudfront.net
Software
Apache /
Resource Hash
c7ebc7db18c222ccd59d6982e4537cda3dbcc6d71b4c58f05a7ac89d44fba4a4

Request headers

accept-language
fr-FR,fr;q=0.9
Referer
http://www.turf.dafun.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date
Thu, 07 Dec 2023 22:50:00 GMT
via
1.1 varnish, 1.1 9928105291571d6cae52bcb916c898d8.cloudfront.net (CloudFront)
x-amz-cf-pop
FRA56-C2
age
87032
x-cache
Hit from cloudfront
x-cache-hist
1
alt-svc
h3=":443"; ma=86400
content-length
2395
last-modified
Wed, 06 Dec 2023 22:46:44 GMT
server
Apache
etag
"9d3f8e61-95b-60bdf2020fcfd"
vary
Accept-Encoding
x-varnish
3119349789 3119348667
content-type
image/gif
cache-control
max-age=259200
accept-ranges
bytes
x-amz-cf-id
CBluqKBy-YIAfUQxJ0Wz02BrXDXK7gXRdT968yAWzfCUrpSnTF_D9g==
expires
Sat, 09 Dec 2023 22:47:12 GMT
princling-holding-587914.gif
www.zone-turf.fr/media/picture/casaque/ Frame 94B7 		2 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.zone-turf.fr/media/picture/casaque/princling-holding-587914.gif
Requested by
Host: www.turf.dafun.com
URL: http://www.turf.dafun.com/pronos/abonnesturf/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.32.27.2 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-32-27-2.fra56.r.cloudfront.net
Software
Apache /
Resource Hash
7b931c804871f12f998cf359283ca906c1cb9f4eaac26b6f02558d3bac4409b1

Request headers

accept-language
fr-FR,fr;q=0.9
Referer
http://www.turf.dafun.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date
Thu, 07 Dec 2023 22:19:05 GMT
via
1.1 varnish, 1.1 9928105291571d6cae52bcb916c898d8.cloudfront.net (CloudFront)
x-amz-cf-pop
FRA56-C2
age
10098
x-cache
Hit from cloudfront
x-cache-hist
1
alt-svc
h3=":443"; ma=86400
content-length
2268
last-modified
Wed, 06 Dec 2023 22:56:49 GMT
server
Apache
etag
"9db9d195-8dc-60bdf4425c87a"
vary
Accept-Encoding
x-varnish
3125875685 3125848840
content-type
image/gif
cache-control
max-age=259200
accept-ranges
bytes
x-amz-cf-id
dhL8MOnHzyFfBYkxV_5zNvc-9bfkYduBihVW7JGr7UQXmsBlmYLy2w==
expires
Sun, 10 Dec 2023 20:09:27 GMT
global-glide-ab-139734.gif
www.zone-turf.fr/media/picture/casaque/ Frame 94B7 		3 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.zone-turf.fr/media/picture/casaque/global-glide-ab-139734.gif
Requested by
Host: www.turf.dafun.com
URL: http://www.turf.dafun.com/pronos/abonnesturf/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.32.27.2 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-32-27-2.fra56.r.cloudfront.net
Software
Apache /
Resource Hash
5f99bf149fd4a8bc9119c9ffecc6d9a34f6d6c7f65c52ba14c839d9b8f17c3d9

Request headers

accept-language
fr-FR,fr;q=0.9
Referer
http://www.turf.dafun.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date
Thu, 07 Dec 2023 22:24:24 GMT
via
1.1 varnish, 1.1 9928105291571d6cae52bcb916c898d8.cloudfront.net (CloudFront)
x-amz-cf-pop
FRA56-C2
age
34408
x-cache
Hit from cloudfront
x-cache-hist
56
alt-svc
h3=":443"; ma=86400
content-length
2917
last-modified
Wed, 06 Dec 2023 22:56:49 GMT
server
Apache
etag
"9d38da64-b65-60bdf442658fa"
content-type
image/gif
x-varnish
3126301507 3122867450
cache-control
max-age=259200
accept-ranges
bytes
x-amz-cf-id
RTxxuDRCwfcMHyqpcDUvlb_xLiuwrKE6Ujz4kPkMRxk4aerpF7qMUw==
expires
Sun, 10 Dec 2023 13:24:18 GMT
ec-nininni-219438.gif
www.zone-turf.fr/media/picture/casaque/ Frame 94B7 		3 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.zone-turf.fr/media/picture/casaque/ec-nininni-219438.gif
Requested by
Host: www.turf.dafun.com
URL: http://www.turf.dafun.com/pronos/abonnesturf/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.32.27.2 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-32-27-2.fra56.r.cloudfront.net
Software
Apache /
Resource Hash
6b0c54096f7d7e61aaa4bb157614468613a26c77f655c8d742c312a7d9d6b2a2

Request headers

accept-language
fr-FR,fr;q=0.9
Referer
http://www.turf.dafun.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date
Thu, 07 Dec 2023 22:20:59 GMT
via
1.1 varnish, 1.1 9928105291571d6cae52bcb916c898d8.cloudfront.net (CloudFront)
x-amz-cf-pop
FRA56-C2
age
16648
x-cache
Hit from cloudfront
x-cache-hist
24
alt-svc
h3=":443"; ma=86400
content-length
2707
last-modified
Wed, 06 Dec 2023 22:57:38 GMT
server
Apache
etag
"9d3d5403-a93-60bdf47150dc1"
content-type
image/gif
x-varnish
3126291357 3125196236
cache-control
max-age=259200
accept-ranges
bytes
x-amz-cf-id
KXjFkrPA98ABs4e2K6ikHdakkbV4c9SGJlLf0uLy-bGFTVg57W5JtA==
expires
Sun, 10 Dec 2023 18:20:17 GMT
ec-panamera-racing-101440.gif
www.zone-turf.fr/media/picture/casaque/ Frame 94B7 		3 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.zone-turf.fr/media/picture/casaque/ec-panamera-racing-101440.gif
Requested by
Host: www.turf.dafun.com
URL: http://www.turf.dafun.com/pronos/abonnesturf/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.32.27.2 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-32-27-2.fra56.r.cloudfront.net
Software
Apache /
Resource Hash
68c3cc441e3deb652a684a0e38e3aafb4ec70ddea0f6e6862cc37dbffff7fafa

Request headers

accept-language
fr-FR,fr;q=0.9
Referer
http://www.turf.dafun.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date
Thu, 07 Dec 2023 22:30:22 GMT
via
1.1 varnish, 1.1 9928105291571d6cae52bcb916c898d8.cloudfront.net (CloudFront)
x-backend
default
x-amz-cf-pop
FRA56-C2
age
17545
x-cache
Hit from cloudfront
alt-svc
h3=":443"; ma=86400
content-length
2886
last-modified
Wed, 06 Dec 2023 22:56:49 GMT
server
Apache
etag
"9d3d4c79-b46-60bdf44279562"
content-type
image/gif
x-varnish
3898619083 3897383732
cache-control
max-age=259200
accept-ranges
bytes
x-amz-cf-id
5iS7fvzhYTDpYPhUh6qSxPHDjFKPWooSNNyVDuOyHnnxORc3HZjk2g==
expires
Sun, 10 Dec 2023 18:05:20 GMT
bt_ok.gif
payment.allopass.com/imgweb/common/ Frame 94B7 		753 B
991 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://payment.allopass.com/imgweb/common/bt_ok.gif
Requested by
Host: www.turf.dafun.com
URL: http://www.turf.dafun.com/pronos/abonnesturf/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
185.119.26.1 , France, ASN203544 (WEBDEVIIN-AS, FR),
Reverse DNS
1.26.119.185.in-addr.arpa
Software
Apache /
Resource Hash
d1d6b5efe0d6c2540778435a8f7873cbec1eb76a2b107370388a8806cb5dda6a

Request headers

accept-language
fr-FR,fr;q=0.9
Referer
http://www.turf.dafun.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

Date
Thu, 07 Dec 2023 22:57:45 GMT
Last-Modified
Tue, 26 Nov 2019 14:39:46 GMT
Server
Apache
ETag
"235c8-2f1-59840d9fb3080"
Content-Type
image/gif
Connection
close
Accept-Ranges
bytes
Content-Length
753
arpnum.png
www.turf.dafun.com/pronos/abonnesturf/ Frame 94B7 		28 KB
28 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
http://www.turf.dafun.com/pronos/abonnesturf/arpnum.png
Requested by
Host: www.turf.dafun.com
URL: http://www.turf.dafun.com/pronos/abonnesturf/
Protocol
HTTP/1.1
Server
194.150.236.165 , France, ASN44976 (HIWIT_AS, FR),
Reverse DNS
ns5.hiwit.net
Software
Apache /
Resource Hash
f2207fe2c468645234ccc51e5d925121bf6ad9075e84b3c898fd2855981fba10

Request headers

accept-language
fr-FR,fr;q=0.9
Referer
http://www.turf.dafun.com/pronos/abonnesturf/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

Date
Thu, 07 Dec 2023 22:57:45 GMT
Last-Modified
Thu, 22 Sep 2022 16:56:56 GMT
Server
Apache
ETag
"e75cc8-7055-5e946f2eaa600"
Vary
Host
Content-Type
image/png
Connection
Keep-Alive
Accept-Ranges
bytes
Keep-Alive
timeout=15, max=99
Content-Length
28757
destination
www.googletagmanager.com/gtag/ Frame 94B7 		289 KB
95 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtag/destination?id=G-QG320G96PZ&l=dataLayer&cx=c
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-NVK252XV
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80f::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
1af26f843bc814a278f0875a5664aef28a0bb477cc5d490fcd97c5c10d974925
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

accept-language
fr-FR,fr;q=0.9
Referer
http://www.turf.dafun.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date
Thu, 07 Dec 2023 22:57:46 GMT
content-encoding
br
strict-transport-security
max-age=31536000; includeSubDomains
server
Google Tag Manager
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
access-control-allow-headers
Cache-Control
content-length
96850
x-xss-protection
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires
Thu, 07 Dec 2023 22:57:46 GMT
ads
googleads.g.doubleclick.net/pagead/ Frame C31C 		706 B
573 B 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5203714787387788&output=html&h=90&slotname=4563536207&adk=2647235303&adf=3604715433&pi=t.ma~as.4563536207&w=970&format=970x90&url=http%3A%2F%2Fwww.abonnesturf.1s.fr%2F&ea=0&wgl=1&dt=1701989865869&bpp=2&bdt=347&idt=238&shv=r20231206&mjsv=m202312040101&ptt=9&saldr=aa&correlator=1529931928045&frm=23&ife=1&pv=2&ga_vid=145893078.1701989866&ga_sid=1701989866&ga_hid=873902660&ga_fc=0&nhd=1&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&adx=20&ady=0&biw=1600&bih=1200&isw=1600&ish=90&ifk=2071789444&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44795921%2C44806139%2C44807763%2C44808148%2C44808285%2C95320229&oid=2&pvsid=235966564669847&tmod=355002932&uas=0&nvt=1&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C90&vis=1&rsz=o%7Co%7CaeE%7C&abl=NA&pfx=0&fu=4&bc=23&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=1&uci=1.6045a4b04ya9&fsb=1&dtd=250
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202312040101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-5203714787387788&plah=www.abonnesturf.1s.fr
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:800::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
a14481f6f7e089a99ae3ed7ce562aeaeb1098c967bf35247d4d010e409d310ea
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
http://www.abonnesturf.1s.fr/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36
accept-language
fr-FR,fr;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
private
content-encoding
br
content-length
352
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Thu, 07 Dec 2023 22:57:46 GMT
expires
Thu, 07 Dec 2023 22:57:46 GMT
observe-browsing-topics
?1
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server
cafe
timing-allow-origin
*
x-content-type-options
nosniff
x-xss-protection
0
sodar
pagead2.googlesyndication.com/getconfig/ Frame 20EB 		16 KB
12 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gda&tv=r20231206&st=env
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202312040101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-5203714787387788&plah=www.abonnesturf.1s.fr
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:809::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
22667e11b144fbcecaf21c051f5453ea9abee32ba6db7e3748a565928f1c6799
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
fr-FR,fr;q=0.9
Referer
http://www.abonnesturf.1s.fr/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date
Thu, 07 Dec 2023 22:57:46 GMT
content-encoding
br
x-content-type-options
nosniff
server
cafe
content-type
application/json; charset=UTF-8
access-control-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
12327
x-xss-protection
0
sodar2.js
tpc.googlesyndication.com/sodar/ Frame 20EB 		17 KB
7 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/sodar2.js
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202312040101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-5203714787387788&plah=www.abonnesturf.1s.fr
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:802::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
fr-FR,fr;q=0.9
Referer
http://www.abonnesturf.1s.fr/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date
Thu, 07 Dec 2023 22:57:46 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
6386
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
etag
"1637097310169751"
vary
Accept-Encoding
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
expires
Thu, 07 Dec 2023 22:57:46 GMT
runner.html
tpc.googlesyndication.com/sodar/sodar2/225/ Frame E6CA 		13 KB
5 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:802::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
http://www.abonnesturf.1s.fr/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36
accept-language
fr-FR,fr;q=0.9

Response headers

accept-ranges
bytes
age
34701
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, max-age=31536000
content-encoding
gzip
content-length
5046
content-type
text/html
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy
cross-origin
date
Thu, 07 Dec 2023 13:19:25 GMT
expires
Fri, 06 Dec 2024 13:19:25 GMT
last-modified
Mon, 21 Jun 2021 20:47:05 GMT
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server
sffe
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
aframe
www.google.com/recaptcha/api2/ Frame AFBD 		829 B
1 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://www.google.com/recaptcha/api2/aframe
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82b::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
GSE /
Resource Hash
68da7d66966e7bd7366fc9dc4638f74bfa6da94627d9410a762f5587afddf267
Security Headers
Name Value
Content-Security-Policy script-src 'report-sample' 'nonce-ED39ShkmeugJSAAYBSniZQ' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
http://www.abonnesturf.1s.fr/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36
accept-language
fr-FR,fr;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
private, max-age=300
content-encoding
gzip
content-security-policy
script-src 'report-sample' 'nonce-ED39ShkmeugJSAAYBSniZQ' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-type
text/html; charset=utf-8
cross-origin-embedder-policy
require-corp
cross-origin-resource-policy
cross-origin
date
Thu, 07 Dec 2023 22:57:46 GMT
expires
Thu, 07 Dec 2023 22:57:46 GMT
report-to
{"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
server
GSE
x-content-type-options
nosniff
x-xss-protection
1; mode=block
Dtt_-LR3WxpzwV0Gscftq1A_D1owstvxoTnWWhwY4Ow.js
pagead2.googlesyndication.com/bg/ Frame E6CA 		39 KB
15 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/bg/Dtt_-LR3WxpzwV0Gscftq1A_D1owstvxoTnWWhwY4Ow.js
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:809::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
0edb7ff8b4775b1a73c15d06b1c7edab503f0f5a30b2dbf1a139d65a1c18e0ec
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
fr-FR,fr;q=0.9
Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date
Thu, 07 Dec 2023 19:17:03 GMT
content-encoding
br
x-content-type-options
nosniff
age
13243
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
15165
x-xss-protection
0
last-modified
Tue, 28 Nov 2023 18:18:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="botguard-scs"
vary
Accept-Encoding
report-to
{"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Fri, 06 Dec 2024 19:17:03 GMT
sodar
pagead2.googlesyndication.com/pagead/ Frame AFBD 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&li=gda_r20231206&jk=235966564669847&rc=
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:809::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
fr-FR,fr;q=0.9
Referer
https://www.google.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers
generate_204
tpc.googlesyndication.com/ Frame E6CA 		0
10 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/generate_204?CeeItQ
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:802::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
fr-FR,fr;q=0.9
Referer
https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date
Thu, 07 Dec 2023 22:57:46 GMT
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
sodar
pagead2.googlesyndication.com/pagead/ Frame 20EB 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&t=2&li=gda_r20231206&jk=235966564669847&bg=!fX6lfjHNAAY3kmNgF5I7ADQBe5WfOPQSrocSt7sFwAZ-7wUuwB1w3JcJiLa-iJ4eIWX2tVBnGRHiSUlhd93hMA81g6XNAgAAAEJSAAAAAmgBBwoAZlfAxggu3VhV12IxcNz0jRSYZpysfXSTjz0vgVJ_hOlIfe509WSjVWh3IZx3eGPOklvcwBBXVJ8rFHHMPEnfS_qPYHDiqCi56i5nZfkr98KZoVbMtKJpUvp37Lqt7ecL-_wSoKhfzZkDEEoEYOwMOPkd5jky16msEcAvzoT_B-MCt84VsKdRsEay2NEkIv20yqbrHx8ckmirxqRvM-37Ynk7Cxzd_YLiUeiA1dJ7GtIt0NYPqPRqvsApmfsV9qL2_f3z0jw2LNkuWAINzF61w_kIzBTjQc_bxFMbjpyii5BnUGjCicRriDFzJHPll2VVwNZGL4QMJz4p39AX5L_ONfHXrZ-sejSs3J7vO28IAgc2LXKicY4ajKSQEqmvX4VefJIbjAeN9gWH61PrpX_oCtLSG5Hg0925f379Z1tZTiVvTsXTSjI_wIrU7MurbCxw3zuAgv-Aq2ej8fobfg7lPn9gKO2naQJua5Ansyv2Su1e0qwr-swCwDxwj8CyiYDzXpEwnaIvuWnh-zHIuPXWFK76xRK5soiw3VbukBIIug4zaTBEMEuLEwUvxVPbMSJu3uOTxCxGPHoUyBG11eXyw5ZHJltBk2mbSseXCscHneA_3QyLh00uX1FPVQUC0SrkIaySXNxjRrK_HGDpQew_8YOhI4jj7Zs78RbXEEW1rgxeVfNB_z6DZYjy3zOf7C-TLlgPye9UCmvEskUc_bKIrJXbP8KsoaFKP1R_05k6XtZrqbcNxhHN1IhyAxkEgvk_EakntuDM2MtojSSYc0EDmOxId_wC_JLblpgq9O6pa5Zp8pLk1U8iSBC_8NgKUeC9cn2xmLqQSfctUazBaiS4-D_AlcnzfAGaCIlf0fO8OndUDqHZjTlzBWD6pp1I2sd1GtKxkpYNw56TtJharTWEgxLaFAQOC17gMeEilSobpcY4Xy-5_1ufOGLa7ejqDhp63No7jqHdhOOw0V9YR5wM-UYz1Fh1RCCPbgx2OOnaTUHnxIar7csdSBFN93Hcomw0B03V4KuBDesWrX5_0bZI8NkBaF8GtsH9NJer1CV9pe3Dv3EmfYV9tP-Av-Yi_1ueqyrRWA0d2wJzTN_YIz9lmUVgj633_-K7CA26l76Sm0naV4dhGOmFFBMM_437JMxDesiQGJ6OS1nW-uLr6Qiw6eXSICv83Yo6yC4
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:809::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
fr-FR,fr;q=0.9
Referer
http://www.abonnesturf.1s.fr/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

Verdicts & Comments Add Verdict or Comment

7 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| 0 object| 1 object| 2 object| google_reactive_ads_global_state object| google_ad_modifications number| google_global_correlator object| google_prev_clients

5 Cookies

Domain/Path Name / Value
payment.allopass.com/ Name: ShopSessionId
Value: a4ca3a2d-2ab7-4c30-a36f-b2ead7796bdb
.allopass.com/ Name: AP_CUSK
Value: 3636432449
.doubleclick.net/ Name: test_cookie
Value: CheckForPermission
.1s.fr/ Name: __gads
Value: ID=8d8f434d1e95d144:T=1701989866:RT=1701989866:S=ALNI_MZw-9K57UrZ51u9rb52ch60VJ7tEA
.1s.fr/ Name: __gpi
Value: UID=00000d0f72cf7949:T=1701989866:RT=1701989866:S=ALNI_Mb35ZlBY-gQ8eboIDAwZ_p115mg4A

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

googleads.g.doubleclick.net
img.root-top.com
pagead2.googlesyndication.com
payment.allopass.com
script.starpass.fr
tpc.googlesyndication.com
www.abonnesturf.1s.fr
www.google.com
www.googletagmanager.com
www.turf.dafun.com
www.turfinfos.ouba.com
www.venez.fr
www.zone-turf.fr
13.32.27.2
13.32.27.6
185.119.26.1
194.0.255.28
194.150.236.165
194.150.236.166
2606:4700:3038::6815:ea1a
2606:4700:3038::6815:ea1b
2a00:1450:4001:800::2002
2a00:1450:4001:802::2001
2a00:1450:4001:809::2002
2a00:1450:4001:80f::2008
2a00:1450:4001:82b::2004
5.135.149.81
0935504f64fd872d5f40e49464e9e2504a7a56b02df20c9793416bc3650a34aa
0be8cbfd2aa0b2cf321156a57b73311019eac80ffdaa47b4f3baa67546bba2ce
0c91a24c2deb753c963c48cd9c3e5d16ee96128b30bce193c4324e121728c306
0edb7ff8b4775b1a73c15d06b1c7edab503f0f5a30b2dbf1a139d65a1c18e0ec
1af26f843bc814a278f0875a5664aef28a0bb477cc5d490fcd97c5c10d974925
1dfedd383e1fc3d297e6a301ebd3045097c859b39b0c490bcff19527e05d56dd
1e766cac058ea6669c54c5c2880bc8973b01e31cbdef886d384613ac3745dffd
1fc8dfdb8f646e934bf93bc6f793604bb12c6b304c04ac509aa86cdc1a2dbbea
22667e11b144fbcecaf21c051f5453ea9abee32ba6db7e3748a565928f1c6799
2d68db8cb2c21f4ca0766b4073922f4a13ade7da6e354567980e38736500ea08
321e5e5af465f1753cdf0a077c1cfdc6eb72ca29f68d91496f184de7f1b0253f
3289fc83b622ca0a13683fa81b006a05de135d1938744d6e30e5c9be2f2d782a
3e6e999713ebd066f1ebab516cab8f15792e527faa4268226442370af11aa2e6
483a7833c592fe3922dcb9fe9b29e5aa849a09fff5e763ad56ab66ee335d7ac7
49d4ba84e10d9d1f2a83956dde4f20625fd11efc01f60a3a4552a9e09a05a74f
4b7fad91f5413c7460b5e04ea365d0bed0b91502482973fd34bfb3e204fe61e0
5059d917a969071c4840938e70d5223ce63bc36dea26486df72ca67e5f2c90b5
55801425033cc18240e76a61e2695817c8ff3d581110379ee1c81452e7633e6d
55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a
578e6ccb3a6e5b73f541f19bf9cd6178391e6afd4e82902fc7ee49f6c2a20459
597b8d67ab1ae1248dc69b6ef66b49d95eedc1ab74ae74234d86e3668d72e58e
5ac24ebdd89f1fd813ad6cf4075a30f12a78c1549233ad890ed428cb4c87e43e
5b5cceed2cb716c00e2ac6a024cf27d7efad1d17dda764769105ef14d4fe9355
5f99bf149fd4a8bc9119c9ffecc6d9a34f6d6c7f65c52ba14c839d9b8f17c3d9
61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb
68c3cc441e3deb652a684a0e38e3aafb4ec70ddea0f6e6862cc37dbffff7fafa
68da7d66966e7bd7366fc9dc4638f74bfa6da94627d9410a762f5587afddf267
6b0c54096f7d7e61aaa4bb157614468613a26c77f655c8d742c312a7d9d6b2a2
6f7c4e103d3a2a75f9afee4b24cf4bb5964be123d12f8c5bbfc02bdf296815ec
72216dfa064a0a997f95bc4b24cefb808434e90e38b4dd78c77384294fde6ca9
75083ea5f166bbf858df88c546f3acb81804581591c794ed91008fb65e6a6032
7b931c804871f12f998cf359283ca906c1cb9f4eaac26b6f02558d3bac4409b1
7dc792d48132ff15a9ad8c11a139bf26f8e13aa3df30a71582ae406ddffdab4f
7dd9659e56e92abc376e04d427903b2cfca1d52d854d38e35fefa4cf9e7fd9db
864452c35b9993c446efbf811d2ae96074e3543e505ce584f1496d46e5c08343
9158177e6ef5e8394f55ba2a7ee77f10e7169db4386014a9bd1d80c3d011bacb
95eb15e76b752a9c78d6281cd3b7c43a8fbc2931783edf3bf3703af55eff06e2
961c16e1aee6dd2f5efd3acc71fc39a1f9604bf79f218bcf56ceca0b0626eee1
97220448c1aa603fd2298d6db95eec151793f2edd815d91cbab8980d7d1ccfc3
9ec37f7a06412aa02f72942e4675e5b2a57cceaf03bbbef6c0c04d4f8fdb8d61
a0710d7ae8f4a0ab076452dc7c3882b1c553ee11603bc5f9cf9dce10400ae1ce
a14481f6f7e089a99ae3ed7ce562aeaeb1098c967bf35247d4d010e409d310ea
a8666070143db8208dbc9c81aea320781ec046c4b0c9699e3094f214f1c78e8c
acb0939b88719c0a69a6333ed54b8be78afaa623f53873be5f698ae052aa7293
b3d1ff1c03e608adcedb1eb0620301291d21d70834b11c8e6f1d710351debd38
c7ebc7db18c222ccd59d6982e4537cda3dbcc6d71b4c58f05a7ac89d44fba4a4
d1d6b5efe0d6c2540778435a8f7873cbec1eb76a2b107370388a8806cb5dda6a
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
f2207fe2c468645234ccc51e5d925121bf6ad9075e84b3c898fd2855981fba10
fdf749fbd7823486667a8cc0dd63f03946e3500626b6984b4e305a72245f86dc