urlscan.io logo urlscan.io
SecurityTrails logo

www.abonnesturf.1s.fr Open in urlscan Pro
5.135.149.81  Public Scan

Go To Rescan Add Verdict Report
URL: http://www.abonnesturf.1s.fr/
Submission: On February 15 via manual from BF — Scanned from FR
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 12 IPs in 3 countries across 12 domains to perform 58 HTTP transactions. The main IP is 5.135.149.81, located in Le Chesnay, France and belongs to OVH, FR. The main domain is www.abonnesturf.1s.fr.
This is the only time www.abonnesturf.1s.fr was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
10 5.135.149.81 16276 (OVH)
8 194.150.236.165 44976 (HIWIT_AS)
6 2a00:1450:400... 15169 (GOOGLE)
4 4 2606:4700:303... 13335 (CLOUDFLAR...)
4 2606:4700:303... 13335 (CLOUDFLAR...)
1 194.150.236.166 44976 (HIWIT_AS)
1 194.0.255.28 8218 (NEO-ASN l...)
4 185.119.26.1 203544 (WEBDEVIIN-AS)
1 17 52.222.139.6 16509 (AMAZON-02)
2 2a00:1450:400... 15169 (GOOGLE)
2 2a00:1450:400... 15169 (GOOGLE)
3 2a00:1450:400... 15169 (GOOGLE)
1 2a00:1450:400... 15169 (GOOGLE)
58 12
10    5.135.149.81 (Le Chesnay, France)

ASN16276 (OVH, FR)
PTR: web3.venez.net
www.abonnesturf.1s.fr
www.venez.fr
8    194.150.236.165 (France)

ASN44976 (HIWIT_AS, FR)
PTR: ns5.hiwit.net
www.turf.dafun.com
6    2a00:1450:4001:806::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
pagead2.googlesyndication.com
4    2606:4700:3038::6815:ea1a (United States)

ASN13335 (CLOUDFLARENET, US)
img.root-top.com
4    2606:4700:3038::6815:ea1b (United States)

ASN13335 (CLOUDFLARENET, US)
img.root-top.com
1    194.150.236.166 (France)

ASN44976 (HIWIT_AS, FR)
PTR: ns6.hiwit.net
www.turfinfos.ouba.com
1    194.0.255.28 (France)

ASN8218 (NEO-ASN legacy Neotelecoms, FR)
PTR: srv28.bdmultimedia.fr
script.starpass.fr
4    185.119.26.1 (France)

ASN203544 (WEBDEVIIN-AS, FR)
PTR: 1.26.119.185.in-addr.arpa
payment.allopass.com
17    52.222.139.6 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-52-222-139-6.ams50.r.cloudfront.net
www.zone-turf.fr
2    2a00:1450:4001:81c::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.googletagmanager.com
2    2a00:1450:4001:812::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
googleads.g.doubleclick.net
3    2a00:1450:4001:806::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
tpc.googlesyndication.com
1    2a00:1450:4001:830::2004 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.google.com
Apex Domain
Subdomains		 Transfer
17 zone-turf.fr
www.zone-turf.fr
44 KB
9 googlesyndication.com
pagead2.googlesyndication.com — Cisco Umbrella Rank: 120
tpc.googlesyndication.com — Cisco Umbrella Rank: 158
231 KB
8 root-top.com
img.root-top.com
21 KB
8 dafun.com
www.turf.dafun.com
1 MB
7 venez.fr
www.venez.fr
9 KB
4 allopass.com
payment.allopass.com
11 KB
3 1s.fr
www.abonnesturf.1s.fr
3 KB
2 doubleclick.net
googleads.g.doubleclick.net — Cisco Umbrella Rank: 43
5 KB
2 googletagmanager.com
www.googletagmanager.com — Cisco Umbrella Rank: 52
159 KB
1 google.com
www.google.com — Cisco Umbrella Rank: 2
1 KB
1 starpass.fr
script.starpass.fr
289 B
1 ouba.com
www.turfinfos.ouba.com
6 KB
58 12
Domain Requested by
17 www.zone-turf.fr 1 redirects www.turf.dafun.com
8 img.root-top.com 4 redirects www.turf.dafun.com
8 www.turf.dafun.com www.abonnesturf.1s.fr
www.turf.dafun.com
7 www.venez.fr www.abonnesturf.1s.fr
www.venez.fr
6 pagead2.googlesyndication.com www.abonnesturf.1s.fr
pagead2.googlesyndication.com
tpc.googlesyndication.com
4 payment.allopass.com www.turf.dafun.com
payment.allopass.com
3 tpc.googlesyndication.com pagead2.googlesyndication.com
tpc.googlesyndication.com
3 www.abonnesturf.1s.fr www.abonnesturf.1s.fr
2 googleads.g.doubleclick.net pagead2.googlesyndication.com
2 www.googletagmanager.com payment.allopass.com
www.googletagmanager.com
1 www.google.com tpc.googlesyndication.com
1 script.starpass.fr www.turf.dafun.com
1 www.turfinfos.ouba.com www.turf.dafun.com
58 13

This site contains no links.

Subject Issuer Validity Valid
venez.fr
R3		 2023-12-04 -
2024-03-03		 3 months crt.sh
script.starpass.fr
ZeroSSL RSA Domain Secure Site CA		 2024-01-11 -
2024-04-10		 3 months crt.sh
*.allopass.com
Sectigo RSA Domain Validation Secure Server CA		 2023-10-06 -
2024-10-07		 a year crt.sh
*.google-analytics.com
GTS CA 1C3		 2024-01-29 -
2024-04-22		 3 months crt.sh
www.zone-turf.fr
Amazon RSA 2048 M03		 2023-09-26 -
2024-10-24		 a year crt.sh
*.g.doubleclick.net
GTS CA 1C3		 2024-01-29 -
2024-04-22		 3 months crt.sh
tpc.googlesyndication.com
GTS CA 1C3		 2024-01-29 -
2024-04-22		 3 months crt.sh
www.google.com
GTS CA 1C3		 2024-01-29 -
2024-04-22		 3 months crt.sh

This page contains 9 frames:

Primary Page: http://www.abonnesturf.1s.fr/
Frame ID: B3F2BEAAEEA9BB2B338CADA913E0EC82
Requests: 1 HTTP requests in this frame

Frame: http://www.abonnesturf.1s.fr/barre-abonnesturf.1s.fr.html
Frame ID: FC2B7512D09078F13FAEBAFE3B00CEF8
Requests: 9 HTTP requests in this frame

Frame: http://www.turf.dafun.com/pronos/abonnesturf/
Frame ID: 2AA48156C1551CD9D727325CB46D1339
Requests: 36 HTTP requests in this frame

Frame: http://www.abonnesturf.1s.fr/stats-abonnesturf.1s.fr.html
Frame ID: EAF1F59A555D43A92F8C268E9023B13B
Requests: 1 HTTP requests in this frame

Frame: https://www.venez.fr/alternate-barre.htm
Frame ID: B153D9E627D0CC450504C06E7E067926
Requests: 4 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/html/r20240213/r20190131/zrt_lookup_fy2021.html
Frame ID: 6176470AA955D9034F3C4EDDDF565921
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5203714787387788&output=html&h=90&slotname=4563536207&adk=2647235303&adf=3604715433&pi=t.ma~as.4563536207&w=970&format=970x90&url=http%3A%2F%2Fwww.abonnesturf.1s.fr%2F&wgl=1&dt=1708022289294&bpp=1&bdt=508&idt=265&shv=r20240213&mjsv=m202402120101&ptt=9&saldr=aa&correlator=6267764554288&frm=23&ife=1&pv=2&ga_vid=1095074599.1708022290&ga_sid=1708022290&ga_hid=1707308006&ga_fc=0&nhd=1&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&adx=20&ady=0&biw=1600&bih=1200&isw=1600&ish=90&ifk=2071789444&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C44808398%2C31081186%2C44798934%2C95324580%2C95325068%2C31081135%2C95324154%2C95324161&oid=2&pvsid=890008726442931&tmod=1141072196&uas=0&nvt=1&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C90&vis=1&rsz=o%7Co%7CaeE%7C&abl=NA&pfx=0&fu=4&bc=23&bz=1&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=1&uci=1.m48hqfey12g6&fsb=1&dtd=272
Frame ID: 6D0A9498C769F85F436CAA21DD385DD8
Requests: 1 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Frame ID: 33E75E48C08A47585AF663CE13BFE2EF
Requests: 3 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/aframe
Frame ID: 6E43C344367CC80C3508599F7FE22982
Requests: 2 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page Title

ABONNESTURF

Detected technologies

Overall confidence: 100%
Detected patterns
  • googlesyndication\.com/
Overall confidence: 100%
Detected patterns
  • googletagmanager\.com/gtm\.js

Page Statistics

58
Requests

69 %
HTTPS

54 %
IPv6

12
Domains

13
Subdomains

12
IPs

3
Countries

1538 kB
Transfer

2273 kB
Size

6
Cookies

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 8
  • http://img.root-top.com/topsite/miroirduturf/banner.gif HTTP 301
  • https://img.root-top.com/topsite/miroirduturf/banner.gif
Request Chain 10
  • http://img.root-top.com/topsite/lc13/banner.gif HTTP 301
  • https://img.root-top.com/topsite/lc13/banner.gif
Request Chain 11
  • http://img.root-top.com/topsite/bienjouer/banner.gif HTTP 301
  • https://img.root-top.com/topsite/bienjouer/banner.gif
Request Chain 12
  • http://img.root-top.com/topsite/turfgagnant/banner.gif HTTP 301
  • https://img.root-top.com/topsite/turfgagnant/banner.gif
Request Chain 16
  • http://www.zone-turf.fr/module/module_webmaster.php?e=partants&f=medium HTTP 301
  • https://www.zone-turf.fr/module/module_webmaster.php?e=partants&f=medium

58 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Primary Request /
www.abonnesturf.1s.fr/ 		3 KB
1 KB 		Document
General
Check archive.org
Download Go to
Full URL
http://www.abonnesturf.1s.fr/
Protocol
HTTP/1.1
Server
5.135.149.81 Le Chesnay, France, ASN16276 (OVH, FR),
Reverse DNS
web3.venez.net
Software
Apache /
Resource Hash
df5cdebc0a7d48614d6f190500bbda96e20d67b329aa383c678e69d27ad8fe04

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36
accept-language
fr-FR,fr;q=0.9

Response headers

Connection
Keep-Alive
Content-Encoding
gzip
Content-Length
1091
Content-Type
text/html; charset=iso-8859-1
Date
Thu, 15 Feb 2024 18:38:07 GMT
Keep-Alive
timeout=5, max=100
Server
Apache
Vary
Accept-Encoding
barre-abonnesturf.1s.fr.html
www.abonnesturf.1s.fr/ Frame FC2B 		3 KB
2 KB 		Document
General
Check archive.org
Download Go to
Full URL
http://www.abonnesturf.1s.fr/barre-abonnesturf.1s.fr.html
Requested by
Host: www.abonnesturf.1s.fr
URL: http://www.abonnesturf.1s.fr/
Protocol
HTTP/1.1
Server
5.135.149.81 Le Chesnay, France, ASN16276 (OVH, FR),
Reverse DNS
web3.venez.net
Software
Apache /
Resource Hash
15feaa77519500c4652d3e9d362b607ca07af9126e7efb1a1c31abb1ea33e9c0

Request headers

Referer
http://www.abonnesturf.1s.fr/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36
accept-language
fr-FR,fr;q=0.9

Response headers

Cache-Control
no-store, no-cache, must-revalidate post-check=0, pre-check=0
Connection
Keep-Alive
Content-Encoding
gzip
Content-Length
1498
Content-Type
text/html; charset=ISO-8859-1
Date
Thu, 15 Feb 2024 18:38:07 GMT
Expires
Thu, 15 Feb 2024 18:38:07 GMT
Keep-Alive
timeout=5, max=99
Last-Modified
Thu, 15 Feb 2024 18:38:07 GMT
Pragma
no-cache
Server
Apache
Vary
Accept-Encoding
/
www.turf.dafun.com/pronos/abonnesturf/ Frame 2AA4 		11 KB
11 KB 		Document
General
Check archive.org
Download Go to
Full URL
http://www.turf.dafun.com/pronos/abonnesturf/
Requested by
Host: www.abonnesturf.1s.fr
URL: http://www.abonnesturf.1s.fr/
Protocol
HTTP/1.1
Server
194.150.236.165 , France, ASN44976 (HIWIT_AS, FR),
Reverse DNS
ns5.hiwit.net
Software
Apache /
Resource Hash
fc2ff5c23a427ecbccbe4680238db0e20a6e2e014dee4d0e3214a5842da5a804

Request headers

Referer
http://www.abonnesturf.1s.fr/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36
accept-language
fr-FR,fr;q=0.9

Response headers

Connection
Keep-Alive
Content-Type
text/html
Date
Thu, 15 Feb 2024 18:38:08 GMT
Keep-Alive
timeout=15, max=100
Server
Apache
Transfer-Encoding
chunked
Vary
Host
stats-abonnesturf.1s.fr.html
www.abonnesturf.1s.fr/ Frame EAF1 		0
192 B 		Document
General
Check archive.org
Download Go to
Full URL
http://www.abonnesturf.1s.fr/stats-abonnesturf.1s.fr.html
Requested by
Host: www.abonnesturf.1s.fr
URL: http://www.abonnesturf.1s.fr/
Protocol
HTTP/1.1
Server
5.135.149.81 Le Chesnay, France, ASN16276 (OVH, FR),
Reverse DNS
web3.venez.net
Software
Apache /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
http://www.abonnesturf.1s.fr/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36
accept-language
fr-FR,fr;q=0.9

Response headers

Connection
Keep-Alive
Content-Length
0
Content-Type
text/html; charset=iso-8859-1
Date
Thu, 15 Feb 2024 18:38:07 GMT
Keep-Alive
timeout=5, max=100
Server
Apache
site.js
www.venez.fr/js/ Frame FC2B 		2 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.venez.fr/js/site.js?www.venez.fr
Requested by
Host: www.abonnesturf.1s.fr
URL: http://www.abonnesturf.1s.fr/barre-abonnesturf.1s.fr.html
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
5.135.149.81 Le Chesnay, France, ASN16276 (OVH, FR),
Reverse DNS
web3.venez.net
Software
Apache /
Resource Hash
0c91a24c2deb753c963c48cd9c3e5d16ee96128b30bce193c4324e121728c306

Request headers

accept-language
fr-FR,fr;q=0.9
Referer
http://www.abonnesturf.1s.fr/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

Date
Thu, 15 Feb 2024 18:38:08 GMT
Content-Encoding
gzip
Last-Modified
Thu, 15 Feb 2024 18:38:08 GMT
Server
Apache
Vary
Accept-Encoding
Content-Type
application/javascript
Cache-Control
public, max-age=604800
Connection
Keep-Alive
Keep-Alive
timeout=5, max=100
Content-Length
1023
Expires
Thu, 22 Feb 2024 18:38:08 GMT
separateur90.gif
www.venez.fr/images/ Frame FC2B 		82 B
388 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.venez.fr/images/separateur90.gif
Requested by
Host: www.abonnesturf.1s.fr
URL: http://www.abonnesturf.1s.fr/barre-abonnesturf.1s.fr.html
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
5.135.149.81 Le Chesnay, France, ASN16276 (OVH, FR),
Reverse DNS
web3.venez.net
Software
Apache /
Resource Hash
3289fc83b622ca0a13683fa81b006a05de135d1938744d6e30e5c9be2f2d782a

Request headers

accept-language
fr-FR,fr;q=0.9
Referer
http://www.abonnesturf.1s.fr/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

Date
Thu, 15 Feb 2024 18:38:08 GMT
Last-Modified
Thu, 15 Nov 2018 22:11:22 GMT
Server
Apache
ETag
"52-57abb54b25680"
Content-Type
image/gif
Cache-Control
max-age=604800, public
Connection
Keep-Alive
Accept-Ranges
bytes
Keep-Alive
timeout=5, max=100
Content-Length
82
adsbygoogle.js
pagead2.googlesyndication.com/pagead/js/ Frame FC2B 		146 KB
54 KB 		Script
General
Check archive.org
Download Go to
Full URL
http://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js
Requested by
Host: www.abonnesturf.1s.fr
URL: http://www.abonnesturf.1s.fr/barre-abonnesturf.1s.fr.html
Protocol
HTTP/1.1
Server
2a00:1450:4001:806::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
3e20e61a1f7378e24c93f06d597540d4c2ece76f2f3ef182757f24be86de9034
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
fr-FR,fr;q=0.9
Referer
http://www.abonnesturf.1s.fr/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

Date
Thu, 15 Feb 2024 18:38:09 GMT
Content-Encoding
gzip
X-Content-Type-Options
nosniff
P3P
policyref="http://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
Cross-Origin-Resource-Policy
cross-origin
Content-Disposition
attachment; filename="f.txt"
Content-Length
54250
X-XSS-Protection
0
Server
cafe
ETag
13988041341127090485
Vary
Accept-Encoding
Content-Type
text/javascript; charset=UTF-8
Access-Control-Allow-Origin
*
Cache-Control
private, max-age=3600, stale-while-revalidate=3600
Timing-Allow-Origin
*
Link
<https://googleads.g.doubleclick.net>; rel="preconnect"; crossorigin
Expires
Thu, 15 Feb 2024 18:38:09 GMT
h1.png
www.turf.dafun.com/pronos/abonnesturf/ Frame 2AA4 		29 KB
29 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
http://www.turf.dafun.com/pronos/abonnesturf/h1.png
Requested by
Host: www.turf.dafun.com
URL: http://www.turf.dafun.com/pronos/abonnesturf/
Protocol
HTTP/1.1
Server
194.150.236.165 , France, ASN44976 (HIWIT_AS, FR),
Reverse DNS
ns5.hiwit.net
Software
Apache /
Resource Hash
acb0939b88719c0a69a6333ed54b8be78afaa623f53873be5f698ae052aa7293

Request headers

accept-language
fr-FR,fr;q=0.9
Referer
http://www.turf.dafun.com/pronos/abonnesturf/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

Date
Thu, 15 Feb 2024 18:38:08 GMT
Last-Modified
Thu, 22 Sep 2022 16:56:57 GMT
Server
Apache
ETag
"e75cd9-7414-5e946f2f9e840"
Vary
Host
Content-Type
image/png
Connection
Keep-Alive
Accept-Ranges
bytes
Keep-Alive
timeout=15, max=99
Content-Length
29716
head.jpg
www.turf.dafun.com/pronos/abonnesturf/ Frame 2AA4 		285 KB
285 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
http://www.turf.dafun.com/pronos/abonnesturf/head.jpg
Requested by
Host: www.turf.dafun.com
URL: http://www.turf.dafun.com/pronos/abonnesturf/
Protocol
HTTP/1.1
Server
194.150.236.165 , France, ASN44976 (HIWIT_AS, FR),
Reverse DNS
ns5.hiwit.net
Software
Apache /
Resource Hash
4b7fad91f5413c7460b5e04ea365d0bed0b91502482973fd34bfb3e204fe61e0

Request headers

accept-language
fr-FR,fr;q=0.9
Referer
http://www.turf.dafun.com/pronos/abonnesturf/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

Date
Thu, 15 Feb 2024 18:38:08 GMT
Last-Modified
Thu, 22 Sep 2022 16:56:58 GMT
Server
Apache
ETag
"e75d26-47215-5e946f3092a80"
Vary
Host
Content-Type
image/jpeg
Connection
Keep-Alive
Accept-Ranges
bytes
Keep-Alive
timeout=15, max=100
Content-Length
291349
banner.gif
img.root-top.com/topsite/miroirduturf/ Frame 2AA4
Redirect Chain
  • http://img.root-top.com/topsite/miroirduturf/banner.gif
  • https://img.root-top.com/topsite/miroirduturf/banner.gif
4 KB
5 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://img.root-top.com/topsite/miroirduturf/banner.gif
Requested by
Host: www.turf.dafun.com
URL: http://www.turf.dafun.com/pronos/abonnesturf/
Protocol
H2
Server
2606:4700:3038::6815:ea1b , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
597b8d67ab1ae1248dc69b6ef66b49d95eedc1ab74ae74234d86e3668d72e58e

Request headers

accept-language
fr-FR,fr;q=0.9
Referer
http://www.turf.dafun.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

date
Thu, 15 Feb 2024 18:38:09 GMT
cf-cache-status
HIT
last-modified
Tue, 29 Nov 2022 12:52:50 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
age
1253730
etag
"1229025579"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=xPReQqqQjkAaQfVLMOR7LW%2FXZxx%2FSPFw2VWZh0QaxMMQhBeneEVxirxk09eeVA7WyU%2FACe5m%2B4Kk6IYcDbrC3W1%2Fyc%2F0hZyx6eeDOn3dZfYdr7ZUBCe5RIerjjfjuzOFBpz3hOE53KsNk%2F5K6gE4"}],"group":"cf-nel","max_age":604800}
content-type
image/png
cache-control
max-age=2678400
accept-ranges
bytes
cf-ray
855faa8adf2cd3d8-CDG
alt-svc
h3=":443"; ma=86400
content-length
4424

Redirect headers

Date
Thu, 15 Feb 2024 18:38:09 GMT
CF-Cache-Status
EXPIRED
NEL
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Server
cloudflare
Vary
Accept-Encoding
Report-To
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=T1Q7QahlvAdPIivBlfG0unSDi5zOBj6JmxqrgD9VGwF0yEGkOtMDLY4GWjO9%2FT0HMccYhFnhYcZ3tkRi5cM2SWzyaxgW%2BNLkZlaUy27UvV8xJVQMLeANAT95IPX60i6tUBhTKx7yU28RjpjWuovT"}],"group":"cf-nel","max_age":604800}
Location
https://img.root-top.com/topsite/miroirduturf/banner.gif
Cache-Control
max-age=14400
Connection
keep-alive
CF-RAY
855faa8a39d599bd-CDG
alt-svc
h3=":443"; ma=86400
Content-Length
0
logo.gif
www.turfinfos.ouba.com/ Frame 2AA4 		6 KB
6 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
http://www.turfinfos.ouba.com/logo.gif
Requested by
Host: www.turf.dafun.com
URL: http://www.turf.dafun.com/pronos/abonnesturf/
Protocol
HTTP/1.1
Server
194.150.236.166 , France, ASN44976 (HIWIT_AS, FR),
Reverse DNS
ns6.hiwit.net
Software
Apache /
Resource Hash
b3d1ff1c03e608adcedb1eb0620301291d21d70834b11c8e6f1d710351debd38

Request headers

accept-language
fr-FR,fr;q=0.9
Referer
http://www.turf.dafun.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

Date
Thu, 15 Feb 2024 18:38:09 GMT
Last-Modified
Tue, 12 Sep 2017 08:21:11 GMT
Server
Apache
ETag
"134e672-169d-558f9b9ceebc0"
Vary
Host
Content-Type
image/gif
Connection
Keep-Alive
Accept-Ranges
bytes
Keep-Alive
timeout=15, max=100
Content-Length
5789
banner.gif
img.root-top.com/topsite/lc13/ Frame 2AA4
Redirect Chain
  • http://img.root-top.com/topsite/lc13/banner.gif
  • https://img.root-top.com/topsite/lc13/banner.gif
4 KB
5 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://img.root-top.com/topsite/lc13/banner.gif
Requested by
Host: www.turf.dafun.com
URL: http://www.turf.dafun.com/pronos/abonnesturf/
Protocol
H2
Server
2606:4700:3038::6815:ea1b , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
597b8d67ab1ae1248dc69b6ef66b49d95eedc1ab74ae74234d86e3668d72e58e

Request headers

accept-language
fr-FR,fr;q=0.9
Referer
http://www.turf.dafun.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

date
Thu, 15 Feb 2024 18:38:09 GMT
cf-cache-status
HIT
last-modified
Tue, 29 Nov 2022 12:52:50 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
age
546785
etag
"1229025579"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=9E7GwgrMpZoZoWsmwVAkSsIOkyCvUDxoYtKDnuSfWSVYfF%2BdujCB%2B%2FKPoWL9csMh8udkeCqUFllTHlihnYod7RbFFUE43FdzXXDQF9i1cIMSueWfvECBlntVEf23icpNXMvMwf0AJ2js9obDcfVt"}],"group":"cf-nel","max_age":604800}
content-type
image/png
cache-control
max-age=2678400
accept-ranges
bytes
cf-ray
855faa8adf2bd3d8-CDG
alt-svc
h3=":443"; ma=86400
content-length
4424

Redirect headers

Date
Thu, 15 Feb 2024 18:38:09 GMT
CF-Cache-Status
EXPIRED
NEL
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Server
cloudflare
Vary
Accept-Encoding
Report-To
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=2qqAQ9yR0xnzeQXRmIt4uynI47cYdg8oFL5%2BmsmnSIl7mgYYvWEe3EbZUXwJDPZerP9%2BF03BxIjLbQw8PTUJAwZ%2FnjHUEJ2IWam9t%2BVO1Kqp08DUR4f%2BjfcekRzAJs92tnLx1%2F%2F1JAQQuMfprhRC"}],"group":"cf-nel","max_age":604800}
Location
https://img.root-top.com/topsite/lc13/banner.gif
Cache-Control
max-age=14400
Connection
keep-alive
CF-RAY
855faa8a4a99702f-CDG
alt-svc
h3=":443"; ma=86400
Content-Length
0
banner.gif
img.root-top.com/topsite/bienjouer/ Frame 2AA4
Redirect Chain
  • http://img.root-top.com/topsite/bienjouer/banner.gif
  • https://img.root-top.com/topsite/bienjouer/banner.gif
4 KB
5 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://img.root-top.com/topsite/bienjouer/banner.gif
Requested by
Host: www.turf.dafun.com
URL: http://www.turf.dafun.com/pronos/abonnesturf/
Protocol
H2
Server
2606:4700:3038::6815:ea1b , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
597b8d67ab1ae1248dc69b6ef66b49d95eedc1ab74ae74234d86e3668d72e58e

Request headers

accept-language
fr-FR,fr;q=0.9
Referer
http://www.turf.dafun.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

date
Thu, 15 Feb 2024 18:38:09 GMT
cf-cache-status
HIT
last-modified
Tue, 29 Nov 2022 12:52:50 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
age
3764
etag
"1229025579"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=nUOyixsKkF4T5hnEsbTER85EaPrUx3%2F%2F9JsqNWB8l0G8dmXWUKD5wlrCbEIXLwUDn8A56yb487kTwzW5c2F01JYotWDwYwUVMloto%2BRFhsnwW42n6OgxvVleuB%2FwENODspG30rfgJ24BoMfYWs7A"}],"group":"cf-nel","max_age":604800}
content-type
image/png
cache-control
max-age=2678400
accept-ranges
bytes
cf-ray
855faa8adf2dd3d8-CDG
alt-svc
h3=":443"; ma=86400
content-length
4424

Redirect headers

Date
Thu, 15 Feb 2024 18:38:09 GMT
CF-Cache-Status
EXPIRED
NEL
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Server
cloudflare
Vary
Accept-Encoding
Report-To
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=PHjwv1agK0Bz1G6KpmeUwZelXndmCszcUEav%2BAuasClz6tEYxnnvOOevTNrcaHMGfaUmw43c7%2B4rIv6IUy2t8F0X0lsLQcmAjePaM0mbJCyungzVQqhCzN9rwmarvpSf6hYmbLHNzvMmHedxWuYb"}],"group":"cf-nel","max_age":604800}
Location
https://img.root-top.com/topsite/bienjouer/banner.gif
Cache-Control
max-age=14400
Connection
keep-alive
CF-RAY
855faa8a4f89d36b-CDG
alt-svc
h3=":443"; ma=86400
Content-Length
0
banner.gif
img.root-top.com/topsite/turfgagnant/ Frame 2AA4
Redirect Chain
  • http://img.root-top.com/topsite/turfgagnant/banner.gif
  • https://img.root-top.com/topsite/turfgagnant/banner.gif
4 KB
5 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://img.root-top.com/topsite/turfgagnant/banner.gif
Requested by
Host: www.turf.dafun.com
URL: http://www.turf.dafun.com/pronos/abonnesturf/
Protocol
H2
Server
2606:4700:3038::6815:ea1b , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
597b8d67ab1ae1248dc69b6ef66b49d95eedc1ab74ae74234d86e3668d72e58e

Request headers

accept-language
fr-FR,fr;q=0.9
Referer
http://www.turf.dafun.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

date
Thu, 15 Feb 2024 18:38:09 GMT
cf-cache-status
HIT
last-modified
Tue, 29 Nov 2022 12:52:50 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
age
6088
etag
"1229025579"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=1VF7Q0CCANiGhtxFDJsHbEYO0sZ4LwzbPNflH1A7rw5bTOJq1Zlf9sfTTRzCptmNX2AQD7kcXGqfdcxVi2ax%2BCHVmiba6dxLgnNMMSCWCOAd0oApVgepy%2FnUDfUHxbpHeWscrq91Mg9e4Zq3hE%2Fq"}],"group":"cf-nel","max_age":604800}
content-type
image/png
cache-control
max-age=2678400
accept-ranges
bytes
cf-ray
855faa8adf2ad3d8-CDG
alt-svc
h3=":443"; ma=86400
content-length
4424

Redirect headers

Date
Thu, 15 Feb 2024 18:38:09 GMT
CF-Cache-Status
HIT
NEL
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Server
cloudflare
Age
410
Vary
Accept-Encoding
Report-To
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=VD4OUjyO7MbK4DaPs8N8jJayXXgcOKOwUt2TjohBRzlaN8v9EU2956ke%2Bpx6w7HDcEyasaYamZL9CkXJnTdzek%2FD97%2BgXVc86%2BNVaJI05Qta%2B%2F7tFLDyLt7M5H8JajJ9vfv%2BdIzOJGoL5fSRSrLt"}],"group":"cf-nel","max_age":604800}
Location
https://img.root-top.com/topsite/turfgagnant/banner.gif
Cache-Control
max-age=14400
Connection
keep-alive
CF-RAY
855faa8a4bbc006f-CDG
alt-svc
h3=":443"; ma=86400
Content-Length
0
script.php
script.starpass.fr/ Frame 2AA4 		25 B
289 B 		Script
General
Check archive.org
Download Go to
Full URL
https://script.starpass.fr/script.php?idd=443727&datas=
Requested by
Host: www.turf.dafun.com
URL: http://www.turf.dafun.com/pronos/abonnesturf/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
194.0.255.28 , France, ASN8218 (NEO-ASN legacy Neotelecoms, FR),
Reverse DNS
srv28.bdmultimedia.fr
Software
Apache /
Resource Hash
a0710d7ae8f4a0ab076452dc7c3882b1c553ee11603bc5f9cf9dce10400ae1ce

Request headers

accept-language
fr-FR,fr;q=0.9
Referer
http://www.turf.dafun.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

Date
Thu, 15 Feb 2024 18:37:06 GMT
Content-Encoding
gzip
Server
Apache
Vary
Accept-Encoding,User-Agent
Content-Type
text/html; charset=UTF-8
Connection
Keep-Alive
Keep-Alive
timeout=2, max=100
Content-Length
43
checkout.apu
payment.allopass.com/buy/ Frame 2AA4 		11 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://payment.allopass.com/buy/checkout.apu?ids=357168&idd=1558039&lang=fr
Requested by
Host: www.turf.dafun.com
URL: http://www.turf.dafun.com/pronos/abonnesturf/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
185.119.26.1 , France, ASN203544 (WEBDEVIIN-AS, FR),
Reverse DNS
1.26.119.185.in-addr.arpa
Software
Apache /
Resource Hash
9158177e6ef5e8394f55ba2a7ee77f10e7169db4386014a9bd1d80c3d011bacb

Request headers

accept-language
fr-FR,fr;q=0.9
Referer
http://www.turf.dafun.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

Pragma
no-cache
Date
Thu, 15 Feb 2024 18:38:08 GMT
Content-Encoding
gzip
Server
Apache
Vary
Accept-Encoding
P3P
CP='NON NID OTPa OUR NOR' policy-ref='http://payment.allopass.com/info/p3p/policy-references.xml'
Content-Type
text/html
Cache-Control
no-store, no-cache, must-revalidate, post-check=0, pre-check=0
Connection
close
Content-Length
2963
Expires
Thu, 19 Nov 1981 08:52:00 GMT
ratio-thieben.jpg
www.turf.dafun.com/pronos/abonnesturf/ Frame 2AA4 		28 KB
29 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
http://www.turf.dafun.com/pronos/abonnesturf/ratio-thieben.jpg
Requested by
Host: www.turf.dafun.com
URL: http://www.turf.dafun.com/pronos/abonnesturf/
Protocol
HTTP/1.1
Server
194.150.236.165 , France, ASN44976 (HIWIT_AS, FR),
Reverse DNS
ns5.hiwit.net
Software
Apache /
Resource Hash
9ec37f7a06412aa02f72942e4675e5b2a57cceaf03bbbef6c0c04d4f8fdb8d61

Request headers

accept-language
fr-FR,fr;q=0.9
Referer
http://www.turf.dafun.com/pronos/abonnesturf/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

Date
Thu, 15 Feb 2024 18:38:08 GMT
Last-Modified
Thu, 22 Sep 2022 16:56:59 GMT
Server
Apache
ETag
"e75d86-7121-5e946f3186cc0"
Vary
Host
Content-Type
image/jpeg
Connection
Keep-Alive
Accept-Ranges
bytes
Keep-Alive
timeout=15, max=100
Content-Length
28961
module_webmaster.php
www.zone-turf.fr/module/ Frame 2AA4
Redirect Chain
  • http://www.zone-turf.fr/module/module_webmaster.php?e=partants&f=medium
  • https://www.zone-turf.fr/module/module_webmaster.php?e=partants&f=medium
18 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.zone-turf.fr/module/module_webmaster.php?e=partants&f=medium
Requested by
Host: www.turf.dafun.com
URL: http://www.turf.dafun.com/pronos/abonnesturf/
Protocol
H2
Server
52.222.139.6 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-52-222-139-6.ams50.r.cloudfront.net
Software
/
Resource Hash
2b676b32222a68fd789f4d404ce9a333b1850fdab630197356c6cd813fcf462a

Request headers

accept-language
fr-FR,fr;q=0.9
Referer
http://www.turf.dafun.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

date
Thu, 15 Feb 2024 18:37:38 GMT
content-encoding
gzip
via
1.1 40299f499171d28c4f5fd30234a9d098.cloudfront.net (CloudFront)
x-amz-cf-pop
AMS50-C1
age
31
x-cache
Hit from cloudfront
p3p
CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
alt-svc
h3=":443"; ma=86400
content-length
2175
pragma
no-cache
x-vcache
MISS
vary
Accept-Encoding
content-type
application/x-javascript
cache-control
no-store, no-cache, must-revalidate, post-check=0, pre-check=0
accept-ranges
bytes
x-amz-cf-id
Paa3IHTq98Y18_T-_c1e88hasX3KiyehSQAczfKe9D6g2lise_BD6w==
expires
Thu, 19 Nov 1981 08:52:00 GMT

Redirect headers

Date
Thu, 15 Feb 2024 18:38:09 GMT
Via
1.1 36782ce80608b4ebb0112f2f4fdd01be.cloudfront.net (CloudFront)
Server
CloudFront
X-Amz-Cf-Pop
AMS50-C1
X-Cache
Redirect from cloudfront
Content-Type
text/html
Location
https://www.zone-turf.fr/module/module_webmaster.php?e=partants&f=medium
Connection
keep-alive
Alt-Svc
h3=":443"; ma=86400
Content-Length
167
X-Amz-Cf-Id
0YqT2f41ndYUafdupftoLOt7N2whp2klAdR3E4USoa_2uN_DU42gWg==
h3.png
www.turf.dafun.com/pronos/abonnesturf/ Frame 2AA4 		29 KB
29 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
http://www.turf.dafun.com/pronos/abonnesturf/h3.png
Requested by
Host: www.turf.dafun.com
URL: http://www.turf.dafun.com/pronos/abonnesturf/
Protocol
HTTP/1.1
Server
194.150.236.165 , France, ASN44976 (HIWIT_AS, FR),
Reverse DNS
ns5.hiwit.net
Software
Apache /
Resource Hash
5b5cceed2cb716c00e2ac6a024cf27d7efad1d17dda764769105ef14d4fe9355

Request headers

accept-language
fr-FR,fr;q=0.9
Referer
http://www.turf.dafun.com/pronos/abonnesturf/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

Date
Thu, 15 Feb 2024 18:38:08 GMT
Last-Modified
Thu, 22 Sep 2022 16:56:57 GMT
Server
Apache
ETag
"e75d0e-7436-5e946f2f9e840"
Vary
Host
Content-Type
image/png
Connection
Keep-Alive
Accept-Ranges
bytes
Keep-Alive
timeout=15, max=100
Content-Length
29750
arplan.jpg
www.turf.dafun.com/pronos/abonnesturf/ Frame 2AA4 		609 KB
609 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
http://www.turf.dafun.com/pronos/abonnesturf/arplan.jpg
Requested by
Host: www.turf.dafun.com
URL: http://www.turf.dafun.com/pronos/abonnesturf/
Protocol
HTTP/1.1
Server
194.150.236.165 , France, ASN44976 (HIWIT_AS, FR),
Reverse DNS
ns5.hiwit.net
Software
Apache /
Resource Hash
321e5e5af465f1753cdf0a077c1cfdc6eb72ca29f68d91496f184de7f1b0253f

Request headers

accept-language
fr-FR,fr;q=0.9
Referer
http://www.turf.dafun.com/pronos/abonnesturf/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

Date
Thu, 15 Feb 2024 18:38:08 GMT
Last-Modified
Thu, 22 Sep 2022 16:56:57 GMT
Server
Apache
ETag
"179a42f-9843d-5e946f2f9e840"
Vary
Host
Content-Type
image/jpeg
Connection
Keep-Alive
Accept-Ranges
bytes
Keep-Alive
timeout=15, max=100
Content-Length
623677
h2.png
www.turf.dafun.com/pronos/abonnesturf/ Frame 2AA4 		29 KB
29 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
http://www.turf.dafun.com/pronos/abonnesturf/h2.png
Requested by
Host: www.turf.dafun.com
URL: http://www.turf.dafun.com/pronos/abonnesturf/
Protocol
HTTP/1.1
Server
194.150.236.165 , France, ASN44976 (HIWIT_AS, FR),
Reverse DNS
ns5.hiwit.net
Software
Apache /
Resource Hash
1dfedd383e1fc3d297e6a301ebd3045097c859b39b0c490bcff19527e05d56dd

Request headers

accept-language
fr-FR,fr;q=0.9
Referer
http://www.turf.dafun.com/pronos/abonnesturf/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

Date
Thu, 15 Feb 2024 18:38:08 GMT
Last-Modified
Thu, 22 Sep 2022 16:56:57 GMT
Server
Apache
ETag
"e75cfd-72ce-5e946f2f9e840"
Vary
Host
Content-Type
image/png
Connection
Keep-Alive
Accept-Ranges
bytes
Keep-Alive
timeout=15, max=100
Content-Length
29390
alternate-barre.htm
www.venez.fr/ Frame B153 		2 KB
1 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://www.venez.fr/alternate-barre.htm
Requested by
Host: www.abonnesturf.1s.fr
URL: http://www.abonnesturf.1s.fr/barre-abonnesturf.1s.fr.html
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
5.135.149.81 Le Chesnay, France, ASN16276 (OVH, FR),
Reverse DNS
web3.venez.net
Software
Apache /
Resource Hash
1ed947cdf99e787184f5d2725c664ff7b46623860f42f9afea0a7432b84e3181

Request headers

Referer
http://www.abonnesturf.1s.fr/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36
accept-language
fr-FR,fr;q=0.9

Response headers

Connection
Keep-Alive
Content-Encoding
gzip
Content-Length
873
Content-Type
text/html; charset=iso-8859-1
Date
Thu, 15 Feb 2024 18:38:08 GMT
Keep-Alive
timeout=5, max=99
Server
Apache
Vary
Accept-Encoding
barre90.gif
www.venez.fr/images/ Frame FC2B 		110 B
416 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.venez.fr/images/barre90.gif
Requested by
Host: www.abonnesturf.1s.fr
URL: http://www.abonnesturf.1s.fr/barre-abonnesturf.1s.fr.html
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
5.135.149.81 Le Chesnay, France, ASN16276 (OVH, FR),
Reverse DNS
web3.venez.net
Software
Apache /
Resource Hash
49d4ba84e10d9d1f2a83956dde4f20625fd11efc01f60a3a4552a9e09a05a74f

Request headers

accept-language
fr-FR,fr;q=0.9
Referer
http://www.abonnesturf.1s.fr/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

Date
Thu, 15 Feb 2024 18:38:08 GMT
Last-Modified
Thu, 15 Nov 2018 22:06:23 GMT
Server
Apache
ETag
"6e-57abb42dff5c0"
Content-Type
image/gif
Cache-Control
max-age=604800, public
Connection
Keep-Alive
Accept-Ranges
bytes
Keep-Alive
timeout=5, max=99
Content-Length
110
120x60.gif
www.venez.fr/images/ Frame B153 		4 KB
4 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.venez.fr/images/120x60.gif
Requested by
Host: www.venez.fr
URL: https://www.venez.fr/alternate-barre.htm
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
5.135.149.81 Le Chesnay, France, ASN16276 (OVH, FR),
Reverse DNS
web3.venez.net
Software
Apache /
Resource Hash
7dc792d48132ff15a9ad8c11a139bf26f8e13aa3df30a71582ae406ddffdab4f

Request headers

accept-language
fr-FR,fr;q=0.9
Referer
https://www.venez.fr/alternate-barre.htm
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

Date
Thu, 15 Feb 2024 18:38:08 GMT
Last-Modified
Wed, 02 Mar 2011 00:16:24 GMT
Server
Apache
ETag
"f4c-49d74d2b9c600"
Content-Type
image/gif
Cache-Control
max-age=604800, public
Connection
Keep-Alive
Accept-Ranges
bytes
Keep-Alive
timeout=5, max=98
Content-Length
3916
site.js
www.venez.fr/js/ Frame B153 		2 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.venez.fr/js/site.js?www.venez.fr
Requested by
Host: www.venez.fr
URL: https://www.venez.fr/alternate-barre.htm
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
5.135.149.81 Le Chesnay, France, ASN16276 (OVH, FR),
Reverse DNS
web3.venez.net
Software
Apache /
Resource Hash
0c91a24c2deb753c963c48cd9c3e5d16ee96128b30bce193c4324e121728c306

Request headers

accept-language
fr-FR,fr;q=0.9
Referer
https://www.venez.fr/alternate-barre.htm
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

Date
Thu, 15 Feb 2024 18:38:08 GMT
Content-Encoding
gzip
Last-Modified
Thu, 15 Feb 2024 18:38:08 GMT
Server
Apache
Vary
Accept-Encoding
Content-Type
application/javascript
Cache-Control
public, max-age=604800
Connection
Keep-Alive
Keep-Alive
timeout=5, max=98
Content-Length
1023
Expires
Thu, 22 Feb 2024 18:38:08 GMT
barre90.gif
www.venez.fr/images/ Frame B153 		110 B
416 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.venez.fr/images/barre90.gif
Requested by
Host: www.venez.fr
URL: https://www.venez.fr/alternate-barre.htm
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
5.135.149.81 Le Chesnay, France, ASN16276 (OVH, FR),
Reverse DNS
web3.venez.net
Software
Apache /
Resource Hash
49d4ba84e10d9d1f2a83956dde4f20625fd11efc01f60a3a4552a9e09a05a74f

Request headers

accept-language
fr-FR,fr;q=0.9
Referer
https://www.venez.fr/alternate-barre.htm
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

Date
Thu, 15 Feb 2024 18:38:08 GMT
Last-Modified
Thu, 15 Nov 2018 22:06:23 GMT
Server
Apache
ETag
"6e-57abb42dff5c0"
Content-Type
image/gif
Cache-Control
max-age=604800, public
Connection
Keep-Alive
Accept-Ranges
bytes
Keep-Alive
timeout=5, max=97
Content-Length
110
gtm.js
www.googletagmanager.com/ Frame 2AA4 		171 KB
62 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtm.js?id=GTM-NVK252XV
Requested by
Host: payment.allopass.com
URL: https://payment.allopass.com/buy/checkout.apu?ids=357168&idd=1558039&lang=fr
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:81c::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
c38fe039d9873fb41a53bd0699d7eb0d5413bbdf7179ef8421a001f015a464c9
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

accept-language
fr-FR,fr;q=0.9
Referer
http://www.turf.dafun.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

date
Thu, 15 Feb 2024 18:38:09 GMT
content-encoding
br
strict-transport-security
max-age=31536000; includeSubDomains
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
63391
x-xss-protection
0
last-modified
Thu, 15 Feb 2024 18:00:00 GMT
server
Google Tag Manager
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
access-control-allow-headers
Cache-Control
expires
Thu, 15 Feb 2024 18:38:09 GMT
buy-button.css
payment.allopass.com/static/css/ Frame 2AA4 		2 KB
830 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://payment.allopass.com/static/css/buy-button.css?1
Requested by
Host: payment.allopass.com
URL: https://payment.allopass.com/buy/checkout.apu?ids=357168&idd=1558039&lang=fr
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
185.119.26.1 , France, ASN203544 (WEBDEVIIN-AS, FR),
Reverse DNS
1.26.119.185.in-addr.arpa
Software
Apache /
Resource Hash
95eb15e76b752a9c78d6281cd3b7c43a8fbc2931783edf3bf3703af55eff06e2

Request headers

accept-language
fr-FR,fr;q=0.9
Referer
http://www.turf.dafun.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

Date
Thu, 15 Feb 2024 18:38:08 GMT
Content-Encoding
gzip
Last-Modified
Mon, 21 Aug 2023 10:50:27 GMT
Server
Apache
ETag
"42312-69a-6036ca56d02c0"
Vary
Accept-Encoding
Content-Type
text/css
Connection
close
Accept-Ranges
bytes
Content-Length
546
162x56.png
payment.allopass.com/static/buy/button/fr/ Frame 2AA4 		6 KB
6 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://payment.allopass.com/static/buy/button/fr/162x56.png
Requested by
Host: www.turf.dafun.com
URL: http://www.turf.dafun.com/pronos/abonnesturf/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
185.119.26.1 , France, ASN203544 (WEBDEVIIN-AS, FR),
Reverse DNS
1.26.119.185.in-addr.arpa
Software
Apache /
Resource Hash
7dd9659e56e92abc376e04d427903b2cfca1d52d854d38e35fefa4cf9e7fd9db

Request headers

accept-language
fr-FR,fr;q=0.9
Referer
http://www.turf.dafun.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

Date
Thu, 15 Feb 2024 18:38:08 GMT
Last-Modified
Mon, 21 Aug 2023 10:50:27 GMT
Server
Apache
ETag
"216d8-1688-6036ca56d02c0"
Content-Type
image/png
Connection
close
Accept-Ranges
bytes
Content-Length
5768
ya-briand-1661.gif
www.zone-turf.fr/media/picture/casaque/ Frame 2AA4 		2 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.zone-turf.fr/media/picture/casaque/ya-briand-1661.gif
Requested by
Host: www.turf.dafun.com
URL: http://www.turf.dafun.com/pronos/abonnesturf/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
52.222.139.6 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-52-222-139-6.ams50.r.cloudfront.net
Software
/
Resource Hash
d185e609d4bfa7f49fc84175d39eac2261986d00f52c6754ff61255e9debee9c

Request headers

accept-language
fr-FR,fr;q=0.9
Referer
http://www.turf.dafun.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

date
Thu, 15 Feb 2024 17:05:06 GMT
via
1.1 40299f499171d28c4f5fd30234a9d098.cloudfront.net (CloudFront)
x-amz-cf-pop
AMS50-C1
age
36233
x-cache
Hit from cloudfront
alt-svc
h3=":443"; ma=86400
content-length
2506
last-modified
Sat, 20 Jan 2024 23:01:25 GMT
x-vcache
HIT (1)
etag
"9ca-60f68937cb940"
vary
Accept-Encoding
content-type
image/gif
cache-control
max-age=259200
accept-ranges
bytes
x-amz-cf-id
AS31vTL4GC4Cafr5kXAv2A0L7cXn5ATfqu0PdilKCrtKfpINME6z0Q==
expires
Sun, 18 Feb 2024 08:34:16 GMT
p-leveille-142454.gif
www.zone-turf.fr/media/picture/casaque/ Frame 2AA4 		2 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.zone-turf.fr/media/picture/casaque/p-leveille-142454.gif
Requested by
Host: www.turf.dafun.com
URL: http://www.turf.dafun.com/pronos/abonnesturf/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
52.222.139.6 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-52-222-139-6.ams50.r.cloudfront.net
Software
/
Resource Hash
44e4a28b71fa99bc5d4220ec68ee2044c8c5824254b1c9d2a11add736f7ca6cd

Request headers

accept-language
fr-FR,fr;q=0.9
Referer
http://www.turf.dafun.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

date
Thu, 15 Feb 2024 17:10:36 GMT
via
1.1 40299f499171d28c4f5fd30234a9d098.cloudfront.net (CloudFront)
x-amz-cf-pop
AMS50-C1
age
36499
x-cache
Hit from cloudfront
alt-svc
h3=":443"; ma=86400
content-length
1951
last-modified
Wed, 10 Jan 2024 22:58:54 GMT
x-vcache
HIT (1)
etag
"79f-60e9f600d6b28"
vary
Accept-Encoding
content-type
image/gif
cache-control
max-age=259200
accept-ranges
bytes
x-amz-cf-id
yNgw3Pc6Kd32KbVlGXk2y5kvcb09Inq2xW5udoJIX4R4N-xQZLIymg==
expires
Sun, 18 Feb 2024 08:29:50 GMT
d-alexandre-131628.gif
www.zone-turf.fr/media/picture/casaque/ Frame 2AA4 		2 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.zone-turf.fr/media/picture/casaque/d-alexandre-131628.gif
Requested by
Host: www.turf.dafun.com
URL: http://www.turf.dafun.com/pronos/abonnesturf/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
52.222.139.6 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-52-222-139-6.ams50.r.cloudfront.net
Software
/
Resource Hash
3075d1c35c2630566c49f938a8a3abdb48fa9bcd79b949a8d1c1e0af05ce692e

Request headers

accept-language
fr-FR,fr;q=0.9
Referer
http://www.turf.dafun.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

date
Thu, 15 Feb 2024 05:10:50 GMT
via
1.1 40299f499171d28c4f5fd30234a9d098.cloudfront.net (CloudFront)
last-modified
Sat, 20 Jan 2024 22:58:29 GMT
x-vcache
MISS
x-amz-cf-pop
AMS50-C1
age
48439
etag
"9ef-60f6888f95910"
x-cache
Hit from cloudfront
content-type
image/gif
cache-control
max-age=259200
accept-ranges
bytes
alt-svc
h3=":443"; ma=86400
content-length
2543
x-amz-cf-id
6ekzmmYqXfqXvDJ7QRcS3SJqWc1VFlukx5gvT6t83tv-wxEwShJfjw==
expires
Sun, 18 Feb 2024 05:10:50 GMT
p-dequeker-139884.gif
www.zone-turf.fr/media/picture/casaque/ Frame 2AA4 		2 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.zone-turf.fr/media/picture/casaque/p-dequeker-139884.gif
Requested by
Host: www.turf.dafun.com
URL: http://www.turf.dafun.com/pronos/abonnesturf/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
52.222.139.6 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-52-222-139-6.ams50.r.cloudfront.net
Software
/
Resource Hash
fdc39cc649bdf1fe14ec8b58930f4fb5530f84ef12660de1979103233cb4c985

Request headers

accept-language
fr-FR,fr;q=0.9
Referer
http://www.turf.dafun.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

date
Thu, 15 Feb 2024 17:21:46 GMT
via
1.1 40299f499171d28c4f5fd30234a9d098.cloudfront.net (CloudFront)
x-amz-cf-pop
AMS50-C1
age
36499
x-cache
Hit from cloudfront
alt-svc
h3=":443"; ma=86400
content-length
2229
last-modified
Wed, 10 Jan 2024 23:00:37 GMT
x-vcache
MISS
etag
"8b5-60e9f66376be8"
vary
Accept-Encoding
content-type
image/gif
cache-control
max-age=259200
accept-ranges
bytes
x-amz-cf-id
3g0W_4F6rJbtQwjxWtJUoU-0AI1YJypbF0lhZHDzpSfe1TmkfjUMSQ==
expires
Sun, 18 Feb 2024 08:29:50 GMT
mme-m-bounieux-36563.gif
www.zone-turf.fr/media/picture/casaque/ Frame 2AA4 		3 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.zone-turf.fr/media/picture/casaque/mme-m-bounieux-36563.gif
Requested by
Host: www.turf.dafun.com
URL: http://www.turf.dafun.com/pronos/abonnesturf/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
52.222.139.6 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-52-222-139-6.ams50.r.cloudfront.net
Software
/
Resource Hash
d5ece67295a0bd154deec56a6bbeef31f6fc8b2c69ef2b14cbbf1f35813b6f66

Request headers

accept-language
fr-FR,fr;q=0.9
Referer
http://www.turf.dafun.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

date
Thu, 15 Feb 2024 17:21:46 GMT
via
1.1 40299f499171d28c4f5fd30234a9d098.cloudfront.net (CloudFront)
x-amz-cf-pop
AMS50-C1
age
36499
x-cache
Hit from cloudfront
alt-svc
h3=":443"; ma=86400
content-length
2722
last-modified
Fri, 12 Jan 2024 23:00:46 GMT
x-vcache
MISS
etag
"aa2-60ec7a26ef388"
vary
Accept-Encoding
content-type
image/gif
cache-control
max-age=259200
accept-ranges
bytes
x-amz-cf-id
DTWDmHRwp3NziW0zZrRysFaEGZbPkjloKv0ZWgGdSuYE7BMV8gXzWg==
expires
Sun, 18 Feb 2024 08:29:50 GMT
ec-mz-534214.gif
www.zone-turf.fr/media/picture/casaque/ Frame 2AA4 		2 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.zone-turf.fr/media/picture/casaque/ec-mz-534214.gif
Requested by
Host: www.turf.dafun.com
URL: http://www.turf.dafun.com/pronos/abonnesturf/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
52.222.139.6 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-52-222-139-6.ams50.r.cloudfront.net
Software
/
Resource Hash
8159b51994f0f454b00cd0b7e5645ebf2e4a430a2ca41d55699e81b6b3259776

Request headers

accept-language
fr-FR,fr;q=0.9
Referer
http://www.turf.dafun.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

date
Thu, 15 Feb 2024 08:34:17 GMT
via
1.1 40299f499171d28c4f5fd30234a9d098.cloudfront.net (CloudFront)
last-modified
Sat, 20 Jan 2024 23:00:47 GMT
x-vcache
HIT (1)
x-amz-cf-pop
AMS50-C1
age
36499
etag
"907-60f6891308720"
x-cache
Hit from cloudfront
content-type
image/gif
cache-control
max-age=259200
accept-ranges
bytes
alt-svc
h3=":443"; ma=86400
content-length
2311
x-amz-cf-id
G_B0cfLBkfPn8EuZsI4zD5rQRnv33C2EqjonlEfYVaRdyMl42nef3A==
expires
Sun, 18 Feb 2024 08:29:50 GMT
ec-jean-paul-marmion-68.gif
www.zone-turf.fr/media/picture/casaque/ Frame 2AA4 		2 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.zone-turf.fr/media/picture/casaque/ec-jean-paul-marmion-68.gif
Requested by
Host: www.turf.dafun.com
URL: http://www.turf.dafun.com/pronos/abonnesturf/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
52.222.139.6 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-52-222-139-6.ams50.r.cloudfront.net
Software
/
Resource Hash
421f1dd0dccf088fdba166a7d41b1d11b71074389b7a5ffc329c6f438a7321d1

Request headers

accept-language
fr-FR,fr;q=0.9
Referer
http://www.turf.dafun.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

date
Thu, 15 Feb 2024 17:10:35 GMT
via
1.1 40299f499171d28c4f5fd30234a9d098.cloudfront.net (CloudFront)
x-amz-cf-pop
AMS50-C1
age
23127
x-cache
Hit from cloudfront
alt-svc
h3=":443"; ma=86400
content-length
2356
last-modified
Sat, 20 Jan 2024 23:18:46 GMT
x-vcache
HIT (3)
etag
"934-60f68d1822658"
vary
Accept-Encoding
content-type
image/gif
cache-control
max-age=259200
accept-ranges
bytes
x-amz-cf-id
imDAds8Z0wUZqNvtoPKJJrMSmwvUyYod_fbdfHU2mRC_uUWmVQLG3w==
expires
Sun, 18 Feb 2024 12:12:42 GMT
ec-d-l-240698.gif
www.zone-turf.fr/media/picture/casaque/ Frame 2AA4 		2 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.zone-turf.fr/media/picture/casaque/ec-d-l-240698.gif
Requested by
Host: www.turf.dafun.com
URL: http://www.turf.dafun.com/pronos/abonnesturf/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
52.222.139.6 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-52-222-139-6.ams50.r.cloudfront.net
Software
/
Resource Hash
f5242bb39b9e951c104d3cc2ff1e1edfc37796ae0d0a57652476d50e9f9c6d4a

Request headers

accept-language
fr-FR,fr;q=0.9
Referer
http://www.turf.dafun.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

date
Thu, 15 Feb 2024 17:08:54 GMT
via
1.1 40299f499171d28c4f5fd30234a9d098.cloudfront.net (CloudFront)
x-amz-cf-pop
AMS50-C1
age
36499
x-cache
Hit from cloudfront
alt-svc
h3=":443"; ma=86400
content-length
2451
last-modified
Thu, 18 Jan 2024 22:58:56 GMT
x-vcache
MISS
etag
"993-60f404eec2798"
vary
Accept-Encoding
content-type
image/gif
cache-control
max-age=259200
accept-ranges
bytes
x-amz-cf-id
5rI9IsY7hKT2K3RJnBnAygtejy9Cdi4Ra1SOf26KQU-BCX2WM19mbg==
expires
Sun, 18 Feb 2024 08:29:50 GMT
ecurie-jean-pascal-bragato-415426.gif
www.zone-turf.fr/media/picture/casaque/ Frame 2AA4 		2 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.zone-turf.fr/media/picture/casaque/ecurie-jean-pascal-bragato-415426.gif
Requested by
Host: www.turf.dafun.com
URL: http://www.turf.dafun.com/pronos/abonnesturf/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
52.222.139.6 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-52-222-139-6.ams50.r.cloudfront.net
Software
/
Resource Hash
3929c47095cafd002acc4378f5b4d1757719c2ad202f24fc1b2adad2a7a349a5

Request headers

accept-language
fr-FR,fr;q=0.9
Referer
http://www.turf.dafun.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

date
Thu, 15 Feb 2024 17:05:07 GMT
via
1.1 40299f499171d28c4f5fd30234a9d098.cloudfront.net (CloudFront)
x-amz-cf-pop
AMS50-C1
age
36499
x-cache
Hit from cloudfront
alt-svc
h3=":443"; ma=86400
content-length
2406
last-modified
Wed, 17 Jan 2024 17:27:20 GMT
x-vcache
MISS
etag
"966-60f278f2dedc8"
vary
Accept-Encoding
content-type
image/gif
cache-control
max-age=259200
accept-ranges
bytes
x-amz-cf-id
yfbbqXi4nY1f3FcUd0lHsnuBE00iAhQd19h0eY3YYDIfspOpPWglRw==
expires
Sun, 18 Feb 2024 08:29:50 GMT
ec-nixonn-491174.gif
www.zone-turf.fr/media/picture/casaque/ Frame 2AA4 		3 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.zone-turf.fr/media/picture/casaque/ec-nixonn-491174.gif
Requested by
Host: www.turf.dafun.com
URL: http://www.turf.dafun.com/pronos/abonnesturf/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
52.222.139.6 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-52-222-139-6.ams50.r.cloudfront.net
Software
/
Resource Hash
daecb73fb8de20c1dcaf16b4d570cb3450870546643322370547f92bc0b15d59

Request headers

accept-language
fr-FR,fr;q=0.9
Referer
http://www.turf.dafun.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

date
Thu, 15 Feb 2024 08:29:50 GMT
via
1.1 40299f499171d28c4f5fd30234a9d098.cloudfront.net (CloudFront)
last-modified
Wed, 17 Jan 2024 03:06:54 GMT
x-vcache
MISS
x-amz-cf-pop
AMS50-C1
age
36499
etag
"a2a-60f1b8a025048"
x-cache
Hit from cloudfront
content-type
image/gif
cache-control
max-age=259200
accept-ranges
bytes
alt-svc
h3=":443"; ma=86400
content-length
2602
x-amz-cf-id
IyA4hxQERh-P2eO4Nfx7hsXs43BCUB6Lj_r9qX6lTl8Ae7BjQsEA1Q==
expires
Sun, 18 Feb 2024 08:29:50 GMT
ec-gerard-marty-10606.gif
www.zone-turf.fr/media/picture/casaque/ Frame 2AA4 		2 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.zone-turf.fr/media/picture/casaque/ec-gerard-marty-10606.gif
Requested by
Host: www.turf.dafun.com
URL: http://www.turf.dafun.com/pronos/abonnesturf/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
52.222.139.6 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-52-222-139-6.ams50.r.cloudfront.net
Software
/
Resource Hash
beffeeba3f7d1d79baf077cd52ab14ff3003bd8280d0bc17784643c120e8f47a

Request headers

accept-language
fr-FR,fr;q=0.9
Referer
http://www.turf.dafun.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

date
Thu, 15 Feb 2024 17:19:02 GMT
via
1.1 40299f499171d28c4f5fd30234a9d098.cloudfront.net (CloudFront)
x-amz-cf-pop
AMS50-C1
age
36609
x-cache
Hit from cloudfront
alt-svc
h3=":443"; ma=86400
content-length
2170
last-modified
Sat, 20 Jan 2024 23:18:36 GMT
x-vcache
MISS
etag
"87a-60f68d0f21388"
vary
Accept-Encoding
content-type
image/gif
cache-control
max-age=259200
accept-ranges
bytes
x-amz-cf-id
WQy2c2iHA0TMPlgcPBE8BDlUy6YBEfrICAkzzuFbs8KY4LRMc9rtPg==
expires
Sun, 18 Feb 2024 08:28:00 GMT
g-lherpiniere-4565.gif
www.zone-turf.fr/media/picture/casaque/ Frame 2AA4 		2 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.zone-turf.fr/media/picture/casaque/g-lherpiniere-4565.gif
Requested by
Host: www.turf.dafun.com
URL: http://www.turf.dafun.com/pronos/abonnesturf/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
52.222.139.6 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-52-222-139-6.ams50.r.cloudfront.net
Software
/
Resource Hash
db90f7a66b4ee9862922b248cb952f3822b5c2bb80feb6ddd581bc022fcaff3a

Request headers

accept-language
fr-FR,fr;q=0.9
Referer
http://www.turf.dafun.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

date
Thu, 15 Feb 2024 17:51:21 GMT
via
1.1 40299f499171d28c4f5fd30234a9d098.cloudfront.net (CloudFront)
x-amz-cf-pop
AMS50-C1
age
36498
x-cache
Hit from cloudfront
alt-svc
h3=":443"; ma=86400
content-length
2418
last-modified
Fri, 19 Jan 2024 23:01:31 GMT
x-vcache
MISS
etag
"972-60f5475fa0508"
vary
Accept-Encoding
content-type
image/gif
cache-control
max-age=259200
accept-ranges
bytes
x-amz-cf-id
pLh-NmB-xaNSAC-0V8IDkRcJJwoxLRC_rMKcNut_hx7PLIhWuGU-DQ==
expires
Sun, 18 Feb 2024 08:29:50 GMT
ecurie-de-rougemont-275.gif
www.zone-turf.fr/media/picture/casaque/ Frame 2AA4 		2 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.zone-turf.fr/media/picture/casaque/ecurie-de-rougemont-275.gif
Requested by
Host: www.turf.dafun.com
URL: http://www.turf.dafun.com/pronos/abonnesturf/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
52.222.139.6 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-52-222-139-6.ams50.r.cloudfront.net
Software
/
Resource Hash
b0db93bf752f70958a36f457fcc61f87c567e5630c8fe6d66ae673efb3f50840

Request headers

accept-language
fr-FR,fr;q=0.9
Referer
http://www.turf.dafun.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

date
Thu, 15 Feb 2024 17:06:29 GMT
via
1.1 40299f499171d28c4f5fd30234a9d098.cloudfront.net (CloudFront)
x-amz-cf-pop
AMS50-C1
age
36498
x-cache
Hit from cloudfront
alt-svc
h3=":443"; ma=86400
content-length
2316
last-modified
Thu, 23 Nov 2023 16:01:49 GMT
x-vcache
MISS
etag
"90c-60ad3f40af540"
vary
Accept-Encoding
content-type
image/gif
cache-control
max-age=259200
accept-ranges
bytes
x-amz-cf-id
dWs-oRUsUvOFZExUwCWejDjjmwU-j7MGNjNoygEl2zaVkNBWSRN51A==
expires
Sun, 18 Feb 2024 08:29:51 GMT
d-raffini-18576.gif
www.zone-turf.fr/media/picture/casaque/ Frame 2AA4 		2 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.zone-turf.fr/media/picture/casaque/d-raffini-18576.gif
Requested by
Host: www.turf.dafun.com
URL: http://www.turf.dafun.com/pronos/abonnesturf/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
52.222.139.6 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-52-222-139-6.ams50.r.cloudfront.net
Software
/
Resource Hash
808b0623fa7bd2630522711cdc7c63114ff2c9a567183d594170c44ff5ce9ed5

Request headers

accept-language
fr-FR,fr;q=0.9
Referer
http://www.turf.dafun.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

date
Thu, 15 Feb 2024 17:06:12 GMT
via
1.1 40299f499171d28c4f5fd30234a9d098.cloudfront.net (CloudFront)
x-amz-cf-pop
AMS50-C1
age
23126
x-cache
Hit from cloudfront
alt-svc
h3=":443"; ma=86400
content-length
2476
last-modified
Sat, 20 Jan 2024 23:18:36 GMT
x-vcache
MISS
etag
"9ac-60f68d0f36f30"
vary
Accept-Encoding
content-type
image/gif
cache-control
max-age=259200
accept-ranges
bytes
x-amz-cf-id
EqHNtNtV-6xlVT-UkJn2xY2iBHgZ4bBNmW7aKdA7s_M5qsa5r8gqiQ==
expires
Sun, 18 Feb 2024 12:12:43 GMT
qb-verneuil-318530.gif
www.zone-turf.fr/media/picture/casaque/ Frame 2AA4 		2 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.zone-turf.fr/media/picture/casaque/qb-verneuil-318530.gif
Requested by
Host: www.turf.dafun.com
URL: http://www.turf.dafun.com/pronos/abonnesturf/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
52.222.139.6 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-52-222-139-6.ams50.r.cloudfront.net
Software
/
Resource Hash
aabf916f2bb90d83fed147825427ebfef05d677d146ae13982bfe0c63b5601db

Request headers

accept-language
fr-FR,fr;q=0.9
Referer
http://www.turf.dafun.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

date
Thu, 15 Feb 2024 08:28:00 GMT
via
1.1 40299f499171d28c4f5fd30234a9d098.cloudfront.net (CloudFront)
last-modified
Mon, 25 Dec 2023 23:01:29 GMT
x-vcache
MISS
x-amz-cf-pop
AMS50-C1
age
36609
etag
"9af-60d5d8bd9c7a8"
x-cache
Hit from cloudfront
content-type
image/gif
cache-control
max-age=259200
accept-ranges
bytes
alt-svc
h3=":443"; ma=86400
content-length
2479
x-amz-cf-id
bTuuqQGQ2DT8ozwUqE1SsdRI6ibRpan7S7OneJbsqVJTI88VyOtgEg==
expires
Sun, 18 Feb 2024 08:28:00 GMT
bt_ok.gif
payment.allopass.com/imgweb/common/ Frame 2AA4 		753 B
991 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://payment.allopass.com/imgweb/common/bt_ok.gif
Requested by
Host: www.turf.dafun.com
URL: http://www.turf.dafun.com/pronos/abonnesturf/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
185.119.26.1 , France, ASN203544 (WEBDEVIIN-AS, FR),
Reverse DNS
1.26.119.185.in-addr.arpa
Software
Apache /
Resource Hash
d1d6b5efe0d6c2540778435a8f7873cbec1eb76a2b107370388a8806cb5dda6a

Request headers

accept-language
fr-FR,fr;q=0.9
Referer
http://www.turf.dafun.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

Date
Thu, 15 Feb 2024 18:38:08 GMT
Last-Modified
Tue, 26 Nov 2019 14:39:46 GMT
Server
Apache
ETag
"432cd-2f1-59840d9fb3080"
Content-Type
image/gif
Connection
close
Accept-Ranges
bytes
Content-Length
753
arpnum.png
www.turf.dafun.com/pronos/abonnesturf/ Frame 2AA4 		28 KB
28 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
http://www.turf.dafun.com/pronos/abonnesturf/arpnum.png
Requested by
Host: www.turf.dafun.com
URL: http://www.turf.dafun.com/pronos/abonnesturf/
Protocol
HTTP/1.1
Server
194.150.236.165 , France, ASN44976 (HIWIT_AS, FR),
Reverse DNS
ns5.hiwit.net
Software
Apache /
Resource Hash
f2207fe2c468645234ccc51e5d925121bf6ad9075e84b3c898fd2855981fba10

Request headers

accept-language
fr-FR,fr;q=0.9
Referer
http://www.turf.dafun.com/pronos/abonnesturf/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

Date
Thu, 15 Feb 2024 18:38:09 GMT
Last-Modified
Thu, 22 Sep 2022 16:56:56 GMT
Server
Apache
ETag
"e75cc8-7055-5e946f2eaa600"
Vary
Host
Content-Type
image/png
Connection
Keep-Alive
Accept-Ranges
bytes
Keep-Alive
timeout=15, max=99
Content-Length
28757
show_ads_impl_with_ama_fy2021.js
pagead2.googlesyndication.com/pagead/managed/js/adsense/m202402120101/ Frame FC2B 		406 KB
138 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202402120101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-5203714787387788&plah=www.abonnesturf.1s.fr&aplac=true&bust=31081135
Requested by
Host: pagead2.googlesyndication.com
URL: http://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:806::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ffdf7c504a6a0101f891ff3f232db5f997f536b8f613e181eda16218f819c44f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
fr-FR,fr;q=0.9
Referer
http://www.abonnesturf.1s.fr/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

date
Thu, 15 Feb 2024 18:38:09 GMT
content-encoding
br
x-content-type-options
nosniff
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
141088
x-xss-protection
0
server
cafe
etag
18231364184175293381
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
cache-control
private, max-age=3600, stale-while-revalidate=3600
timing-allow-origin
*
expires
Thu, 15 Feb 2024 18:38:09 GMT
zrt_lookup_fy2021.html
googleads.g.doubleclick.net/pagead/html/r20240213/r20190131/ Frame 6176 		9 KB
5 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/html/r20240213/r20190131/zrt_lookup_fy2021.html
Requested by
Host: pagead2.googlesyndication.com
URL: http://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
9ba2c2b2479cc7044e4af1a0123ec24531e8ad57aa91d4d5655405a148271589
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
http://www.abonnesturf.1s.fr/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36
accept-language
fr-FR,fr;q=0.9

Response headers

age
67523
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, max-age=1209600
content-encoding
br
content-length
4209
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Wed, 14 Feb 2024 23:52:46 GMT
etag
3890843268177463596
expires
Wed, 28 Feb 2024 23:52:46 GMT
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server
cafe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
destination
www.googletagmanager.com/gtag/ Frame 2AA4 		296 KB
97 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtag/destination?id=G-QG320G96PZ&l=dataLayer&cx=c
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-NVK252XV
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:81c::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
98efbac9df324e5b7dff858f01d8c0c6205e40dde268a23e50ac03e7331b0c6f
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

accept-language
fr-FR,fr;q=0.9
Referer
http://www.turf.dafun.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

date
Thu, 15 Feb 2024 18:38:09 GMT
content-encoding
br
strict-transport-security
max-age=31536000; includeSubDomains
server
Google Tag Manager
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
access-control-allow-headers
Cache-Control
content-length
98975
x-xss-protection
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires
Thu, 15 Feb 2024 18:38:09 GMT
ads
googleads.g.doubleclick.net/pagead/ Frame 6D0A 		829 B
627 B 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5203714787387788&output=html&h=90&slotname=4563536207&adk=2647235303&adf=3604715433&pi=t.ma~as.4563536207&w=970&format=970x90&url=http%3A%2F%2Fwww.abonnesturf.1s.fr%2F&wgl=1&dt=1708022289294&bpp=1&bdt=508&idt=265&shv=r20240213&mjsv=m202402120101&ptt=9&saldr=aa&correlator=6267764554288&frm=23&ife=1&pv=2&ga_vid=1095074599.1708022290&ga_sid=1708022290&ga_hid=1707308006&ga_fc=0&nhd=1&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&adx=20&ady=0&biw=1600&bih=1200&isw=1600&ish=90&ifk=2071789444&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C44808398%2C31081186%2C44798934%2C95324580%2C95325068%2C31081135%2C95324154%2C95324161&oid=2&pvsid=890008726442931&tmod=1141072196&uas=0&nvt=1&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C90&vis=1&rsz=o%7Co%7CaeE%7C&abl=NA&pfx=0&fu=4&bc=23&bz=1&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=1&uci=1.m48hqfey12g6&fsb=1&dtd=272
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202402120101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-5203714787387788&plah=www.abonnesturf.1s.fr&aplac=true&bust=31081135
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
963d90c3d2adaa424f976d4210a1188b25a45e4082f3ce0bee4a6ae3bc9cb30c
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
http://www.abonnesturf.1s.fr/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36
accept-language
fr-FR,fr;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
private
content-encoding
br
content-length
406
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Thu, 15 Feb 2024 18:38:09 GMT
expires
Thu, 15 Feb 2024 18:38:09 GMT
observe-browsing-topics
?1
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server
cafe
timing-allow-origin
*
x-content-type-options
nosniff
x-xss-protection
0
sodar
pagead2.googlesyndication.com/getconfig/ Frame FC2B 		16 KB
12 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gda&tv=r20240213&st=env
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202402120101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-5203714787387788&plah=www.abonnesturf.1s.fr&aplac=true&bust=31081135
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:806::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
36acd202c3f12c9a0690340216b770e2166d39ca2e0f44c15716b886d7d6d553
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
fr-FR,fr;q=0.9
Referer
http://www.abonnesturf.1s.fr/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

date
Thu, 15 Feb 2024 18:38:10 GMT
content-encoding
br
x-content-type-options
nosniff
server
cafe
content-type
application/json; charset=UTF-8
access-control-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
12421
x-xss-protection
0
sodar2.js
tpc.googlesyndication.com/sodar/ Frame FC2B 		17 KB
7 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/sodar2.js
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202402120101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-5203714787387788&plah=www.abonnesturf.1s.fr&aplac=true&bust=31081135
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:806::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
fr-FR,fr;q=0.9
Referer
http://www.abonnesturf.1s.fr/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

date
Thu, 15 Feb 2024 18:38:10 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
6386
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
etag
"1637097310169751"
vary
Accept-Encoding
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
expires
Thu, 15 Feb 2024 18:38:10 GMT
runner.html
tpc.googlesyndication.com/sodar/sodar2/225/ Frame 33E7 		13 KB
5 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:806::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
http://www.abonnesturf.1s.fr/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36
accept-language
fr-FR,fr;q=0.9

Response headers

accept-ranges
bytes
age
35856
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, max-age=31536000
content-encoding
gzip
content-length
5046
content-type
text/html
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy
cross-origin
date
Thu, 15 Feb 2024 08:40:34 GMT
expires
Fri, 14 Feb 2025 08:40:34 GMT
last-modified
Mon, 21 Jun 2021 20:47:05 GMT
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server
sffe
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
aframe
www.google.com/recaptcha/api2/ Frame 6E43 		829 B
1 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://www.google.com/recaptcha/api2/aframe
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:830::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
GSE /
Resource Hash
7f01dd375855875c6a17b15f691afb82533cfe16db0a33cdf62ee6394867924d
Security Headers
Name Value
Content-Security-Policy script-src 'report-sample' 'nonce-H8w9NtjKgIm8E2ho-zzHsQ' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
http://www.abonnesturf.1s.fr/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36
accept-language
fr-FR,fr;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
private, max-age=300
content-encoding
gzip
content-security-policy
script-src 'report-sample' 'nonce-H8w9NtjKgIm8E2ho-zzHsQ' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-type
text/html; charset=utf-8
cross-origin-embedder-policy
require-corp
cross-origin-resource-policy
cross-origin
date
Thu, 15 Feb 2024 18:38:10 GMT
expires
Thu, 15 Feb 2024 18:38:10 GMT
report-to
{"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
server
GSE
x-content-type-options
nosniff
x-xss-protection
1; mode=block
Ke811GU8D9oP10uMu54EDqWuI5DGCOjC6vNIGcZJ2dY.js
pagead2.googlesyndication.com/bg/ Frame 33E7 		39 KB
15 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/bg/Ke811GU8D9oP10uMu54EDqWuI5DGCOjC6vNIGcZJ2dY.js
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:806::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
29ef35d4653c0fda0fd74b8cbb9e040ea5ae2390c608e8c2eaf34819c649d9d6
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
fr-FR,fr;q=0.9
Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

date
Thu, 15 Feb 2024 16:53:29 GMT
content-encoding
br
x-content-type-options
nosniff
age
6281
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
15261
x-xss-protection
0
last-modified
Mon, 12 Feb 2024 13:28:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="botguard-scs"
vary
Accept-Encoding
report-to
{"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Fri, 14 Feb 2025 16:53:29 GMT
generate_204
tpc.googlesyndication.com/ Frame 33E7 		0
10 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/generate_204?UgGZDw
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:806::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
fr-FR,fr;q=0.9
Referer
https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

date
Thu, 15 Feb 2024 18:38:10 GMT
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
sodar
pagead2.googlesyndication.com/pagead/ Frame 6E43 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&li=gda_r20240213&jk=890008726442931&rc=
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:806::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
fr-FR,fr;q=0.9
Referer
https://www.google.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers
sodar
pagead2.googlesyndication.com/pagead/ Frame FC2B 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&t=2&li=gda_r20240213&jk=890008726442931&bg=!wcKlwo3NAAZN4L4YbeA7ADQBe5WfOJSKE2uaXT8vrhwTGR4yPaogqnN5Snl3SBT-aFoi7sWUjDd8ADzhl7SYHzo1wuIKAgAAADlSAAAAAWgBB5kC5MoiPHox8lLfO7ul0-j-_OFK1BPDoVOEOVOlo9Y48xjqFLYO7ElQrsZ7w2FyQRjhObuhyyOOsroZkfYXZEGo33f27JTFm9FgmX4JbvhzOSHv6KmKw1X7G_8g_e4ym_pRFOb-OTSIjLZepWg5AUNz8yt-neJo2UwPvBrniOJ8fLgUw9_svTItmyq06I5CbVJotKqZAA91wUdjwjacA3lt3_0QbzTAGDgbYQTmuw9psZYXUwtETnjPzf4tkqitBEtCJEdmxvVz-UZ1gt5G4dnmU5XSKivbLAdqf5NQyAR8sXW9m6kEW2fY1Nlutvmmm6Nu53sWiEGzGzp2tliXX7Qyce2T5UGJXM87JlVR_tvH3VhTY6hoqNKK3S_jscS86sIjRLrZ7x6GHX5AM6HYmZKGu8BfUR3j8Cw3RQf4SMFNqzZBxNPKiBGHTT5tR07gnwD5BqTlt0Pu4MEpDZsc9zJ6FW2OEunOrk12F_90Ir40Jy7khJJALXoRBwaF1M8TKrIxctKb68fGScK7OefmS5r1BjwLhBRY5J92lAJKbKJBMoMSr0uhScmhOUe4RRyoykCwSkSF5Lp8xHAJ4MAsirvqE1h2CUd1IpFTLAirflNTUVtBL7NoBuIYp-_T3EFe_8ygEWZ1nyfRI1PjcyTFzLOzgEl5dm7x1ESLSqTsBEAbdCf1DVykkVlRqse1Z7u8Ve0-EGHb2wilS7K74PGpxoc8gE8D7xz0fDykizQz5VcZxdLrJaGiQj17Vbj9cKyVBm1kwuslepnikZ8isPG_k33cNz57xOsIC6uSxWW2qttxMM62mAb1T6BCmNDOueHvZ_8-Mywu55YUdqg404cL5GVie7-Q5grQJ9sc-xjurbzQopNE3iVnB8dagilCaZnrzm0D7kx8enbAm7tm-2KvPn6DwbUCrF7f7WbgFo6lE0XkHlAH4yqZKxx1CvQ0vzDV843u9oojiMs8Z048HMRrIyQDJ0NMvdwb
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:806::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
fr-FR,fr;q=0.9
Referer
http://www.abonnesturf.1s.fr/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

Verdicts & Comments Add Verdict or Comment

7 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| 0 object| 1 object| 2 object| google_reactive_ads_global_state object| google_ad_modifications number| google_global_correlator object| google_prev_clients

6 Cookies

Domain/Path Name / Value
payment.allopass.com/ Name: ShopSessionId
Value: f2bba413-4860-4c77-996d-4ba7d2bbf080
.allopass.com/ Name: AP_CUSK
Value: 3643553339
.doubleclick.net/ Name: test_cookie
Value: CheckForPermission
.1s.fr/ Name: __gads
Value: ID=4f0bb2312ce0a3a7:T=1708022289:RT=1708022289:S=ALNI_MYam42_YgST_kpYsz2nLxNhe1CbgA
.1s.fr/ Name: __gpi
Value: UID=00000d59177e2b3f:T=1708022289:RT=1708022289:S=ALNI_Madd3nLRDi1XblnFTOE6NoQ_s1Nhw
.1s.fr/ Name: __eoi
Value: ID=edf6670ee2ae9ea3:T=1708022289:RT=1708022289:S=AA-Afjb2IUMjy9SZxyaRDX_ARWvu

9 Console Messages

Source Level URL
Text
other warning URL: http://www.abonnesturf.1s.fr/
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: http://www.abonnesturf.1s.fr/
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: http://www.abonnesturf.1s.fr/
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: http://www.abonnesturf.1s.fr/
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: http://www.abonnesturf.1s.fr/
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: http://www.abonnesturf.1s.fr/
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: http://www.abonnesturf.1s.fr/
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: http://www.abonnesturf.1s.fr/
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: http://www.abonnesturf.1s.fr/
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

googleads.g.doubleclick.net
img.root-top.com
pagead2.googlesyndication.com
payment.allopass.com
script.starpass.fr
tpc.googlesyndication.com
www.abonnesturf.1s.fr
www.google.com
www.googletagmanager.com
www.turf.dafun.com
www.turfinfos.ouba.com
www.venez.fr
www.zone-turf.fr
185.119.26.1
194.0.255.28
194.150.236.165
194.150.236.166
2606:4700:3038::6815:ea1a
2606:4700:3038::6815:ea1b
2a00:1450:4001:806::2001
2a00:1450:4001:806::2002
2a00:1450:4001:812::2002
2a00:1450:4001:81c::2008
2a00:1450:4001:830::2004
5.135.149.81
52.222.139.6
0c91a24c2deb753c963c48cd9c3e5d16ee96128b30bce193c4324e121728c306
15feaa77519500c4652d3e9d362b607ca07af9126e7efb1a1c31abb1ea33e9c0
1dfedd383e1fc3d297e6a301ebd3045097c859b39b0c490bcff19527e05d56dd
1ed947cdf99e787184f5d2725c664ff7b46623860f42f9afea0a7432b84e3181
29ef35d4653c0fda0fd74b8cbb9e040ea5ae2390c608e8c2eaf34819c649d9d6
2b676b32222a68fd789f4d404ce9a333b1850fdab630197356c6cd813fcf462a
3075d1c35c2630566c49f938a8a3abdb48fa9bcd79b949a8d1c1e0af05ce692e
321e5e5af465f1753cdf0a077c1cfdc6eb72ca29f68d91496f184de7f1b0253f
3289fc83b622ca0a13683fa81b006a05de135d1938744d6e30e5c9be2f2d782a
36acd202c3f12c9a0690340216b770e2166d39ca2e0f44c15716b886d7d6d553
3929c47095cafd002acc4378f5b4d1757719c2ad202f24fc1b2adad2a7a349a5
3e20e61a1f7378e24c93f06d597540d4c2ece76f2f3ef182757f24be86de9034
421f1dd0dccf088fdba166a7d41b1d11b71074389b7a5ffc329c6f438a7321d1
44e4a28b71fa99bc5d4220ec68ee2044c8c5824254b1c9d2a11add736f7ca6cd
49d4ba84e10d9d1f2a83956dde4f20625fd11efc01f60a3a4552a9e09a05a74f
4b7fad91f5413c7460b5e04ea365d0bed0b91502482973fd34bfb3e204fe61e0
55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a
597b8d67ab1ae1248dc69b6ef66b49d95eedc1ab74ae74234d86e3668d72e58e
5b5cceed2cb716c00e2ac6a024cf27d7efad1d17dda764769105ef14d4fe9355
61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb
7dc792d48132ff15a9ad8c11a139bf26f8e13aa3df30a71582ae406ddffdab4f
7dd9659e56e92abc376e04d427903b2cfca1d52d854d38e35fefa4cf9e7fd9db
7f01dd375855875c6a17b15f691afb82533cfe16db0a33cdf62ee6394867924d
808b0623fa7bd2630522711cdc7c63114ff2c9a567183d594170c44ff5ce9ed5
8159b51994f0f454b00cd0b7e5645ebf2e4a430a2ca41d55699e81b6b3259776
9158177e6ef5e8394f55ba2a7ee77f10e7169db4386014a9bd1d80c3d011bacb
95eb15e76b752a9c78d6281cd3b7c43a8fbc2931783edf3bf3703af55eff06e2
963d90c3d2adaa424f976d4210a1188b25a45e4082f3ce0bee4a6ae3bc9cb30c
98efbac9df324e5b7dff858f01d8c0c6205e40dde268a23e50ac03e7331b0c6f
9ba2c2b2479cc7044e4af1a0123ec24531e8ad57aa91d4d5655405a148271589
9ec37f7a06412aa02f72942e4675e5b2a57cceaf03bbbef6c0c04d4f8fdb8d61
a0710d7ae8f4a0ab076452dc7c3882b1c553ee11603bc5f9cf9dce10400ae1ce
aabf916f2bb90d83fed147825427ebfef05d677d146ae13982bfe0c63b5601db
acb0939b88719c0a69a6333ed54b8be78afaa623f53873be5f698ae052aa7293
b0db93bf752f70958a36f457fcc61f87c567e5630c8fe6d66ae673efb3f50840
b3d1ff1c03e608adcedb1eb0620301291d21d70834b11c8e6f1d710351debd38
beffeeba3f7d1d79baf077cd52ab14ff3003bd8280d0bc17784643c120e8f47a
c38fe039d9873fb41a53bd0699d7eb0d5413bbdf7179ef8421a001f015a464c9
d185e609d4bfa7f49fc84175d39eac2261986d00f52c6754ff61255e9debee9c
d1d6b5efe0d6c2540778435a8f7873cbec1eb76a2b107370388a8806cb5dda6a
d5ece67295a0bd154deec56a6bbeef31f6fc8b2c69ef2b14cbbf1f35813b6f66
daecb73fb8de20c1dcaf16b4d570cb3450870546643322370547f92bc0b15d59
db90f7a66b4ee9862922b248cb952f3822b5c2bb80feb6ddd581bc022fcaff3a
df5cdebc0a7d48614d6f190500bbda96e20d67b329aa383c678e69d27ad8fe04
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
f2207fe2c468645234ccc51e5d925121bf6ad9075e84b3c898fd2855981fba10
f5242bb39b9e951c104d3cc2ff1e1edfc37796ae0d0a57652476d50e9f9c6d4a
fc2ff5c23a427ecbccbe4680238db0e20a6e2e014dee4d0e3214a5842da5a804
fdc39cc649bdf1fe14ec8b58930f4fb5530f84ef12660de1979103233cb4c985
ffdf7c504a6a0101f891ff3f232db5f997f536b8f613e181eda16218f819c44f