urlscan.io logo urlscan.io
SecurityTrails logo

www.turfuniversel.com Open in urlscan Pro
195.154.21.70  Public Scan

Go To Rescan Add Verdict Report
Submitted URL: http://www.turfuniversel.com/pages/pronostics-des-abonnes.html
Effective URL: http://www.turfuniversel.com/passwordaccess/password/6414a5ebfe02c5ef5e2ddbc9/
Submission: On August 04 via manual from BF — Scanned from FR
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 8 IPs in 4 countries across 8 domains to perform 17 HTTP transactions. The main IP is 195.154.21.70, located in Paris, France and belongs to Online SAS, FR. The main domain is www.turfuniversel.com.
This is the only time www.turfuniversel.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
1 7 195.154.21.70 12876 (Online SAS)
2 2a00:1450:400... 15169 (GOOGLE)
1 192.243.59.13 39572 (ADVANCEDH...)
3 139.45.197.236 9002 (RETN-AS)
2 2a00:1450:400... 15169 (GOOGLE)
1 2606:4700:303... 13335 (CLOUDFLAR...)
1 139.45.195.254 9002 (RETN-AS)
1 139.45.195.8 9002 (RETN-AS)
17 8
7    195.154.21.70 (Paris, France)

ASN12876 (Online SAS, FR)
www.turfuniversel.com
2    2a00:1450:4001:82a::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
fonts.googleapis.com
1    192.243.59.13 (Ashburn, United States)

ASN39572 (ADVANCEDHOSTERS-AS, NL)
pl17799999.highrevenuegate.com
3    139.45.197.236 (United Kingdom)

ASN9002 (RETN-AS, GB)
glizauvo.net
2    2a00:1450:4001:810::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
fonts.gstatic.com
1    2606:4700:3030::ac43:cfe0 (United States)

ASN13335 (CLOUDFLARENET, US)
tzegilo.com
1    139.45.195.254 (United Kingdom)

ASN9002 (RETN-AS, GB)
fleraprt.com
1    139.45.195.8 (United Kingdom)

ASN9002 (RETN-AS, GB)
my.rtmark.net
Apex Domain
Subdomains		 Transfer
7 turfuniversel.com
www.turfuniversel.com
728 KB
3 glizauvo.net
glizauvo.net — Cisco Umbrella Rank: 79066
35 KB
2 gstatic.com
fonts.gstatic.com
44 KB
2 googleapis.com
fonts.googleapis.com — Cisco Umbrella Rank: 77
2 KB
1 rtmark.net
my.rtmark.net — Cisco Umbrella Rank: 10960
548 B
1 fleraprt.com
fleraprt.com — Cisco Umbrella Rank: 18496
490 B
1 tzegilo.com
tzegilo.com — Cisco Umbrella Rank: 20132
7 KB
1 highrevenuegate.com
pl17799999.highrevenuegate.com
17 8
Domain Requested by
7 www.turfuniversel.com 1 redirects www.turfuniversel.com
3 glizauvo.net www.turfuniversel.com
glizauvo.net
2 fonts.gstatic.com fonts.googleapis.com
2 fonts.googleapis.com www.turfuniversel.com
1 my.rtmark.net glizauvo.net
1 fleraprt.com tzegilo.com
1 tzegilo.com glizauvo.net
1 pl17799999.highrevenuegate.com www.turfuniversel.com
17 8

This site contains no links.

Subject Issuer Validity Valid
upload.video.google.com
GTS CA 1C3		 2023-07-10 -
2023-10-02		 3 months crt.sh
glizauvo.net
R3		 2023-06-18 -
2023-09-16		 3 months crt.sh
*.gstatic.com
GTS CA 1C3		 2023-07-10 -
2023-10-02		 3 months crt.sh
tzegilo.com
GTS CA 1P5		 2023-06-09 -
2023-09-07		 3 months crt.sh
fleraprt.com
Sectigo RSA Domain Validation Secure Server CA		 2023-01-09 -
2024-01-14		 a year crt.sh
rtmark.net
R3		 2023-07-25 -
2023-10-23		 3 months crt.sh

This page contains 1 frames:

Primary Page: http://www.turfuniversel.com/passwordaccess/password/6414a5ebfe02c5ef5e2ddbc9/
Frame ID: BAD19CAD86D9BBD5C387FFDF3FC3D02A
Requests: 16 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page Title

Turf Universel

Page URL History Show full URLs

  1. http://www.turfuniversel.com/pages/pronostics-des-abonnes.html HTTP 302
    http://www.turfuniversel.com/passwordaccess/password/6414a5ebfe02c5ef5e2ddbc9/ Page URL

Detected technologies

Overall confidence: 100%
Detected patterns
  • bootstrap(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)[^>]*?(?:\.min)?\.js
Overall confidence: 100%
Detected patterns
  • <link[^>]* href=[^>]+fonts\.(?:googleapis|google)\.com
Overall confidence: 100%
Detected patterns
  • jquery[.-]([\d.]*\d)[^/]*\.js
  • jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

Page Statistics

17
Requests

59 %
HTTPS

38 %
IPv6

8
Domains

8
Subdomains

8
IPs

4
Countries

817 kB
Transfer

1009 kB
Size

3
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. http://www.turfuniversel.com/pages/pronostics-des-abonnes.html HTTP 302
    http://www.turfuniversel.com/passwordaccess/password/6414a5ebfe02c5ef5e2ddbc9/ Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

17 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Primary Request /
www.turfuniversel.com/passwordaccess/password/6414a5ebfe02c5ef5e2ddbc9/
Redirect Chain
  • http://www.turfuniversel.com/pages/pronostics-des-abonnes.html
  • http://www.turfuniversel.com/passwordaccess/password/6414a5ebfe02c5ef5e2ddbc9/
4 KB
4 KB 		Document
General
Check archive.org
Download Go to
Full URL
http://www.turfuniversel.com/passwordaccess/password/6414a5ebfe02c5ef5e2ddbc9/
Protocol
HTTP/1.1
Server
195.154.21.70 Paris, France, ASN12876 (Online SAS, FR),
Reverse DNS
Software
Apache / PHP/8.2.6
Resource Hash
453d3c37d46ac7646e8befb0c3606dad13fcfb39931144c3b15d79ffa358a9f4
Security Headers
Name Value
X-Frame-Options sameorigin

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36
accept-language
fr-FR,fr;q=0.9

Response headers

Cache-Control
must-revalidate, no-cache, private
Connection
close
Content-Type
text/html; charset=UTF-8
Date
Fri, 04 Aug 2023 11:00:01 GMT
Expires
Sat, 26 Jul 1997 05:00:00 GMT
Pragma
no-cache
Server
Apache
Transfer-Encoding
chunked
X-EMS-Server
70
X-Frame-Options
sameorigin
X-Powered-By
PHP/8.2.6

Redirect headers

Connection
close
Content-Length
0
Content-Type
text/html; charset=UTF-8
Date
Fri, 04 Aug 2023 11:00:00 GMT
Location
http://www.turfuniversel.com/passwordaccess/password/6414a5ebfe02c5ef5e2ddbc9/
Server
Apache
X-EMS-Server
70
X-Frame-Options
sameorigin
X-Powered-By
PHP/8.2.6
css
fonts.googleapis.com/ 		11 KB
962 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css?family=Shanti:300,400,700%7CFira%20Sans:300,400,700%7CBarlow%20Condensed:300,400,700&display=swap
Requested by
Host: www.turfuniversel.com
URL: http://www.turfuniversel.com/passwordaccess/password/6414a5ebfe02c5ef5e2ddbc9/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82a::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
3686b6ecddb2dce45d886d2d21f8a9c6c7a21de7a9eab6e33a050fe0c9770bfb
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

accept-language
fr-FR,fr;q=0.9
Referer
http://www.turfuniversel.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
date
Fri, 04 Aug 2023 11:00:01 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection
0
last-modified
Fri, 04 Aug 2023 11:00:01 GMT
server
ESF
cross-origin-opener-policy
same-origin-allow-popups
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Fri, 04 Aug 2023 11:00:01 GMT
css
fonts.googleapis.com/ 		14 KB
1 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css?family=Fira%20Sans:300,300italic,400,400italic,700,700italic&display=swap
Requested by
Host: www.turfuniversel.com
URL: http://www.turfuniversel.com/passwordaccess/password/6414a5ebfe02c5ef5e2ddbc9/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82a::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
eb379323016b3acefbf8075512ddec36191195f7d2321585981bf7e0dd422c2d
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

accept-language
fr-FR,fr;q=0.9
Referer
http://www.turfuniversel.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
date
Fri, 04 Aug 2023 11:00:01 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection
0
last-modified
Fri, 04 Aug 2023 11:00:01 GMT
server
ESF
cross-origin-opener-policy
same-origin-allow-popups
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Fri, 04 Aug 2023 11:00:01 GMT
combined.css
www.turfuniversel.com/themes/ 		490 KB
490 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
http://www.turfuniversel.com/themes/combined.css?v=6_1642769533_225
Requested by
Host: www.turfuniversel.com
URL: http://www.turfuniversel.com/passwordaccess/password/6414a5ebfe02c5ef5e2ddbc9/
Protocol
HTTP/1.1
Server
195.154.21.70 Paris, France, ASN12876 (Online SAS, FR),
Reverse DNS
Software
Apache / PHP/8.2.6
Resource Hash
1977e5d07b4d8c55a08c755ff6d210467648f508aa6608fccafcb38eb2f8187f
Security Headers
Name Value
X-Frame-Options sameorigin

Request headers

accept-language
fr-FR,fr;q=0.9
Referer
http://www.turfuniversel.com/passwordaccess/password/6414a5ebfe02c5ef5e2ddbc9/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

Pragma
no-cache
Date
Fri, 04 Aug 2023 11:00:01 GMT
X-EMS-Server
98
Server
Apache
X-Powered-By
PHP/8.2.6
Etag
6_1642769533_225
X-Frame-Options
sameorigin
Transfer-Encoding
chunked
Content-Type
text/css;charset=UTF-8
Cache-Control
no-cache
Connection
close
Expires
Wed, 04 Oct 2023 07:58:07 GMT
jquery-3.6.3.min.js
www.turfuniversel.com/medias/static/themes/bootstrap_v4/js/ 		88 KB
31 KB 		Script
General
Check archive.org
Download Go to
Full URL
http://www.turfuniversel.com/medias/static/themes/bootstrap_v4/js/jquery-3.6.3.min.js?v=26012023
Requested by
Host: www.turfuniversel.com
URL: http://www.turfuniversel.com/passwordaccess/password/6414a5ebfe02c5ef5e2ddbc9/
Protocol
HTTP/1.1
Server
195.154.21.70 Paris, France, ASN12876 (Online SAS, FR),
Reverse DNS
Software
cloudflare /
Resource Hash
a6f3f0faea4b3d48e03176341bef0ed3151ffbf226d4c6635f1c6039c0500575
Security Headers
Name Value
Strict-Transport-Security max-age=0;
X-Frame-Options sameorigin

Request headers

accept-language
fr-FR,fr;q=0.9
Referer
http://www.turfuniversel.com/passwordaccess/password/6414a5ebfe02c5ef5e2ddbc9/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

Date
Fri, 04 Aug 2023 11:00:01 GMT
Strict-Transport-Security
max-age=0;
Content-Encoding
gzip
CF-Cache-Status
HIT
NEL
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
X-EMS-Server
70
Age
15719432
Transfer-Encoding
chunked
Connection
close
alt-svc
h3=":443"; ma=86400
Last-Modified
Mon, 30 Jan 2023 08:19:43 GMT
Server
cloudflare
Vary
Accept-Encoding
Report-To
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=hFM3idT1XC1wlxRaPv4cTTZzyhd85CWqwRY2X95SGFl2lzP8gBHrgIATv7rIXttEXdI0mstS%2Bj6b3f5wwh11eHfbtckfhZVsT4iQ72DgtDBGDi7QaNJwJdLUxqVP7EnsvK%2FqkJw%2BJQ%3D%3D"}],"group":"cf-nel","max_age":604800}
Content-Type
application/javascript
X-Frame-Options
sameorigin
Cache-Control
max-age=31536000
CF-RAY
7f164b538a69f0f0-CDG
Expires
Sat, 03 Feb 2024 11:50:58 GMT
popper.min.js
www.turfuniversel.com/medias/static/themes/bootstrap_v4/js/ 		20 KB
8 KB 		Script
General
Check archive.org
Download Go to
Full URL
http://www.turfuniversel.com/medias/static/themes/bootstrap_v4/js/popper.min.js?v=31012023
Requested by
Host: www.turfuniversel.com
URL: http://www.turfuniversel.com/passwordaccess/password/6414a5ebfe02c5ef5e2ddbc9/
Protocol
HTTP/1.1
Server
195.154.21.70 Paris, France, ASN12876 (Online SAS, FR),
Reverse DNS
Software
cloudflare /
Resource Hash
f8382a605d2dcc2b6330f43b29ca7237e0f7c2bbbfee2d3a8e22065693d30eff
Security Headers
Name Value
Strict-Transport-Security max-age=0;
X-Frame-Options sameorigin

Request headers

accept-language
fr-FR,fr;q=0.9
Referer
http://www.turfuniversel.com/passwordaccess/password/6414a5ebfe02c5ef5e2ddbc9/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

Date
Fri, 04 Aug 2023 11:00:01 GMT
Strict-Transport-Security
max-age=0;
Content-Encoding
gzip
CF-Cache-Status
HIT
NEL
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
X-EMS-Server
162
Age
12807857
Transfer-Encoding
chunked
Connection
close
alt-svc
h3=":443"; ma=86400
Last-Modified
Mon, 06 Mar 2023 08:19:36 GMT
Server
cloudflare
Vary
Accept-Encoding
Report-To
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=cwTKNRD6e6e0jaThMrBKtn5EchDNStUnqs9OoXGWIn5ljw%2F4sOxkHUuV%2Fjh6KpqHiZbDUmmrWcWoXvjdLn83swCkFc66ELEwPZHfD3GlslRASmElTsf3TTgjUw3AkRIDmTN9pwTMfA%3D%3D"}],"group":"cf-nel","max_age":604800}
Content-Type
application/javascript
X-Frame-Options
sameorigin
Cache-Control
max-age=31536000
CF-RAY
7f164b539faf02ad-CDG
Expires
Fri, 08 Mar 2024 04:34:44 GMT
bootstrap.min.js
www.turfuniversel.com/medias/static/themes/bootstrap_v4/js/ 		57 KB
16 KB 		Script
General
Check archive.org
Download Go to
Full URL
http://www.turfuniversel.com/medias/static/themes/bootstrap_v4/js/bootstrap.min.js?v=31012023
Requested by
Host: www.turfuniversel.com
URL: http://www.turfuniversel.com/passwordaccess/password/6414a5ebfe02c5ef5e2ddbc9/
Protocol
HTTP/1.1
Server
195.154.21.70 Paris, France, ASN12876 (Online SAS, FR),
Reverse DNS
Software
cloudflare /
Resource Hash
7209e11a45cef119e8d3539afb2689835d17b16a0a22f8334d867cf77a220d2a
Security Headers
Name Value
Strict-Transport-Security max-age=0;
X-Frame-Options sameorigin

Request headers

accept-language
fr-FR,fr;q=0.9
Referer
http://www.turfuniversel.com/passwordaccess/password/6414a5ebfe02c5ef5e2ddbc9/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

Date
Fri, 04 Aug 2023 11:00:01 GMT
Strict-Transport-Security
max-age=0;
Content-Encoding
gzip
CF-Cache-Status
HIT
NEL
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
X-EMS-Server
98
Age
15903101
Transfer-Encoding
chunked
Connection
close
alt-svc
h3=":443"; ma=86400
Last-Modified
Mon, 30 Jan 2023 08:19:43 GMT
Server
cloudflare
Vary
Accept-Encoding
Report-To
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=%2F6xqks9Yk65B3RIrTXMRMLw75%2FLwkkPXXSmd4WBZfzSi%2FPMFGGlhO2XEfMqiF27WVfzW0p5ntpJPHsXH7jryq3vP2R0ythvzHnBOca6M7l%2FADInJ7gXlVxx5zlRwTNId16rBffLcjA%3D%3D"}],"group":"cf-nel","max_age":604800}
Content-Type
application/javascript
X-Frame-Options
sameorigin
Cache-Control
max-age=31536000
CF-RAY
7f164b538804d62e-CDG
Expires
Thu, 01 Feb 2024 08:49:58 GMT
combined.js
www.turfuniversel.com/themes/ 		178 KB
178 KB 		Script
General
Check archive.org
Download Go to
Full URL
http://www.turfuniversel.com/themes/combined.js?v=6_1642769533_225&lang=fr
Requested by
Host: www.turfuniversel.com
URL: http://www.turfuniversel.com/passwordaccess/password/6414a5ebfe02c5ef5e2ddbc9/
Protocol
HTTP/1.1
Server
195.154.21.70 Paris, France, ASN12876 (Online SAS, FR),
Reverse DNS
Software
Apache / PHP/8.2.6
Resource Hash
15bb8206c9021642b156048f018bed6d1ab5a6bc8129026cdd921ee928b5acd6
Security Headers
Name Value
X-Frame-Options sameorigin

Request headers

accept-language
fr-FR,fr;q=0.9
Referer
http://www.turfuniversel.com/passwordaccess/password/6414a5ebfe02c5ef5e2ddbc9/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

Pragma
no-cache
Date
Fri, 04 Aug 2023 11:00:01 GMT
X-EMS-Server
70
Server
Apache
X-Powered-By
PHP/8.2.6
Etag
6_1642769533_225
X-Frame-Options
sameorigin
Transfer-Encoding
chunked
Content-Type
text/javascript;charset=UTF-8
Cache-Control
no-cache
Connection
close
Expires
Wed, 04 Oct 2023 07:58:07 GMT
7007bbd52e6a2532d7f36a03c1037316.js
pl17799999.highrevenuegate.com/70/07/bb/ 		0
0 		Script
General
Check archive.org
Download Go to
Full URL
http://pl17799999.highrevenuegate.com/70/07/bb/7007bbd52e6a2532d7f36a03c1037316.js
Requested by
Host: www.turfuniversel.com
URL: http://www.turfuniversel.com/passwordaccess/password/6414a5ebfe02c5ef5e2ddbc9/
Protocol
HTTP/1.1
Server
192.243.59.13 Ashburn, United States, ASN39572 (ADVANCEDHOSTERS-AS, NL),
Reverse DNS
Software
nginx/1.19.5 /
Resource Hash

Request headers

accept-language
fr-FR,fr;q=0.9
Referer
http://www.turfuniversel.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

Date
Fri, 04 Aug 2023 11:00:01 GMT
Server
nginx/1.19.5
Accept-CH
Device-Stock-UA,Sec-CH-UA,Sec-CH-UA-Full-Version,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version,User-Agent,X-Device-User-Agent,X-OperaMini-Phone-UA,X-UCBrowser-Device-UA
P3P
CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Access-Control-Allow-Origin
*
Content-Type
application/javascript
Connection
keep-alive
Content-Length
0
5797781
glizauvo.net/401/ 		88 KB
34 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://glizauvo.net/401/5797781
Requested by
Host: www.turfuniversel.com
URL: http://www.turfuniversel.com/passwordaccess/password/6414a5ebfe02c5ef5e2ddbc9/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
139.45.197.236 , United Kingdom, ASN9002 (RETN-AS, GB),
Reverse DNS
Software
nginx /
Resource Hash
3ae3c48f08b190b2fadd9de27ffe31c35b1dbc2d03aa43ab88d491acc875d20b
Security Headers
Name Value
Strict-Transport-Security max-age=1
X-Content-Type-Options nosniff

Request headers

accept-language
fr-FR,fr;q=0.9
Referer
http://www.turfuniversel.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date
Fri, 04 Aug 2023 11:00:01 GMT
strict-transport-security
max-age=1
x-content-type-options
nosniff
content-encoding
gzip
x-trace-id
08ec373ce7f2a6ed3299349f66d92ae1
pragma
no-cache
server
nginx
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version, Sec-CH-UA-Wow64
vary
Origin
content-type
application/javascript
access-control-allow-origin
*
access-control-expose-headers
Link
cache-control
no-cache, no-store, no-transform, must-revalidate, private, max-age=0
access-control-allow-credentials
true
timing-allow-origin
*, *
expires
Tue, 11 Jan 1994 10:00:00 GMT
t5thIREMM4uSDgzQVE2y.woff2
fonts.gstatic.com/s/shanti/v23/ 		24 KB
24 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/shanti/v23/t5thIREMM4uSDgzQVE2y.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Shanti:300,400,700%7CFira%20Sans:300,400,700%7CBarlow%20Condensed:300,400,700&display=swap
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:810::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
87f718653bd96456c31345e73468df2403a4173870788efd9f0532bbc1c18c09
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
http://www.turfuniversel.com
accept-language
fr-FR,fr;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date
Fri, 04 Aug 2023 09:47:12 GMT
x-content-type-options
nosniff
age
4369
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
24380
x-xss-protection
0
last-modified
Wed, 27 Apr 2022 16:18:32 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Sat, 03 Aug 2024 09:47:12 GMT
HTx3L3I-JCGChYJ8VI-L6OO_au7B6xHT2g.woff2
fonts.gstatic.com/s/barlowcondensed/v12/ 		20 KB
20 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/barlowcondensed/v12/HTx3L3I-JCGChYJ8VI-L6OO_au7B6xHT2g.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Shanti:300,400,700%7CFira%20Sans:300,400,700%7CBarlow%20Condensed:300,400,700&display=swap
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:810::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
af91213cd670d6270b32ebdeb00a09625f6b74ccd780d12ff6724a14ea1efaff
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
http://www.turfuniversel.com
accept-language
fr-FR,fr;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date
Fri, 28 Jul 2023 15:25:44 GMT
x-content-type-options
nosniff
age
588857
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
20200
x-xss-protection
0
last-modified
Tue, 19 Apr 2022 18:28:11 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Sat, 27 Jul 2024 15:25:44 GMT
stattag.js
tzegilo.com/ 		17 KB
7 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tzegilo.com/stattag.js
Requested by
Host: glizauvo.net
URL: https://glizauvo.net/401/5797781
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3030::ac43:cfe0 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
63f957dde1ae04a83eaff7e442e693725562c4aa1062bc072b7509640ec4f663

Request headers

accept-language
fr-FR,fr;q=0.9
Referer
http://www.turfuniversel.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date
Fri, 04 Aug 2023 11:00:01 GMT
content-encoding
br
cf-cache-status
HIT
last-modified
Fri, 19 May 2023 08:43:59 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
age
2836
etag
W/"646736cf-4447"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=SNBaPr%2FtgvXTZFKiCUqOA1%2B0UkzLCgPvTtUjdhp3nsBRrD5hNahPP5C0dbO6PsPMpKG5mQt16Zoe2701NJJ5tT6x0%2FmDt1K74pvPuxrqg0ialBD3uX5a5M3qpovMASkMEEj0aNeYMZGCzA%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
cache-control
max-age=14400
cf-ray
7f164b575823020c-CDG
link
<https://flerap.com/>; rel=preconnect; crossorigin, <https://fleraprt.com/>; rel=preconnect; crossorigin
alt-svc
h3=":443"; ma=86400
add
fleraprt.com/log/ 		12 B
490 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://fleraprt.com/log/add?cid=1db9169f-90f4-4b2d-b517-bc47aab19c1f
Requested by
Host: tzegilo.com
URL: https://tzegilo.com/stattag.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
139.45.195.254 , United Kingdom, ASN9002 (RETN-AS, GB),
Reverse DNS
Software
nginx/1.19.10 /
Resource Hash
21c1f682de27109caabcca9016511974defcec217c0441fd3f1b50ecdf8247ed

Request headers

Referer
http://www.turfuniversel.com/
accept-language
fr-FR,fr;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

Date
Fri, 04 Aug 2023 11:00:43 GMT
Server
nginx/1.19.10
Access-Control-Allow-Methods
POST, GET, OPTIONS, PUT, DELETE
Content-Type
application/json; charset=utf-8
Access-Control-Allow-Origin
http://www.turfuniversel.com
Access-Control-Allow-Credentials
true
Connection
keep-alive
Access-Control-Allow-Headers
Accept, Content-Type, Content-Length, Accept-Encoding, X-CSRF-Token, Authorization, X-Forwarded-For, If-None-Match
Content-Length
12
gid.js
my.rtmark.net/ 		65 B
548 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://my.rtmark.net/gid.js
Requested by
Host: glizauvo.net
URL: https://glizauvo.net/401/5797781
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
139.45.195.8 , United Kingdom, ASN9002 (RETN-AS, GB),
Reverse DNS
Software
nginx /
Resource Hash
42b0c1f48035722369ceacb625270edde048e8d474316486816210a65d9a2160
Security Headers
Name Value
Strict-Transport-Security max-age=1
X-Content-Type-Options nosniff

Request headers

accept-language
fr-FR,fr;q=0.9
Referer
http://www.turfuniversel.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date
Fri, 04 Aug 2023 11:00:02 GMT
strict-transport-security
max-age=1
x-content-type-options
nosniff
server
nginx
access-control-allow-methods
POST, GET, OPTIONS, PUT, DELETE
content-type
application/json; charset=utf-8
access-control-allow-origin
http://www.turfuniversel.com
access-control-expose-headers
Authorization
access-control-allow-credentials
true
timing-allow-origin
*, *
access-control-allow-headers
Accept, Content-Type, Content-Length, Accept-Encoding, Authorization,X-CSRF-Token
content-length
65
5797781
glizauvo.net/500/ 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://glizauvo.net/500/5797781?excludes=&oaid=87b24caeb76645d59f2b8c51e62bca47&fs=0&cf=0&sw=1600&sh=1200&sah=1200&wx=0&wy=0&ww=1600&wh=1200&cw=1600&wiw=1600&wih=1200&wfc=0&pl=http%3A%2F%2Fwww.turfuniversel.com%2Fpasswordaccess%2Fpassword%2F6414a5ebfe02c5ef5e2ddbc9%2F&drf=&np=1&pt=0&nb=1&ng=1&ix=0&nw=1&tb=false
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
139.45.197.236 , United Kingdom, ASN9002 (RETN-AS, GB),
Reverse DNS
Software
nginx /
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=1
X-Content-Type-Options nosniff

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type
Access-Control-Request-Method
GET
Origin
http://www.turfuniversel.com
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version, Sec-CH-UA-Wow64
access-control-allow-credentials
true
access-control-allow-headers
Accept, Content-Type, Content-Length, Accept-Encoding, baggage, sentry-trace
access-control-allow-methods
GET, POST, OPTIONS
access-control-allow-origin
http://www.turfuniversel.com
access-control-max-age
600
allow
GET, OPTIONS
content-length
0
date
Fri, 04 Aug 2023 11:00:02 GMT
server
nginx
strict-transport-security
max-age=1
timing-allow-origin
*
vary
Origin Access-Control-Request-Method Access-Control-Request-Headers
x-content-type-options
nosniff
5797781
glizauvo.net/500/ 		0
587 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://glizauvo.net/500/5797781?excludes=&oaid=87b24caeb76645d59f2b8c51e62bca47&fs=0&cf=0&sw=1600&sh=1200&sah=1200&wx=0&wy=0&ww=1600&wh=1200&cw=1600&wiw=1600&wih=1200&wfc=0&pl=http%3A%2F%2Fwww.turfuniversel.com%2Fpasswordaccess%2Fpassword%2F6414a5ebfe02c5ef5e2ddbc9%2F&drf=&np=1&pt=0&nb=1&ng=1&ix=0&nw=1&tb=false
Requested by
Host: glizauvo.net
URL: https://glizauvo.net/401/5797781
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
139.45.197.236 , United Kingdom, ASN9002 (RETN-AS, GB),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=1
X-Content-Type-Options nosniff

Request headers

Referer
http://www.turfuniversel.com/
accept-language
fr-FR,fr;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36
Content-Type
application/json

Response headers

x-trace-id
5f3ee1aebd344f079f1dad59d980449c
pragma
no-cache
date
Fri, 04 Aug 2023 11:00:02 GMT
strict-transport-security
max-age=1
x-content-type-options
nosniff
server
nginx
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version, Sec-CH-UA-Wow64
vary
Origin
access-control-allow-origin
http://www.turfuniversel.com
access-control-expose-headers
Link
cache-control
no-cache, no-store, no-transform, must-revalidate, private, max-age=0
access-control-allow-credentials
true
timing-allow-origin
*, *
expires
Tue, 11 Jan 1994 10:00:00 GMT

Verdicts & Comments Add Verdict or Comment

30 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

function| $ function| jQuery function| Popper object| bootstrap object| fullCalendarTrads object| modules object| blocks object| plugins object| paymeans object| sliders object| datepickers object| forms object| layout object| theme object| emsChromeExtension object| blog object| menuh object| header object| sidebar function| DP_jQuery_1691146801413 function| jarallax function| VideoWorker object| zfgstorage object| j1y9l94v6dp object| zfgformats boolean| __lwkemfd9q__ object| webpushlogs object| __ds3dcV__ object| syncCallbacks number| __qwe33wweq__

3 Cookies

Domain/Path Name / Value
www.turfuniversel.com/ Name: af373de94e22d8456d78fff64c8d4e84
Value: 64ccda30fcb9b22190b3b747
my.rtmark.net/ Name: ID
Value: 87b24caeb76645d59f2b8c51e62bca47
glizauvo.net/ Name: OAID
Value: 87b24caeb76645d59f2b8c51e62bca47

2 Console Messages

Source Level URL
Text
network error URL: http://pl17799999.highrevenuegate.com/70/07/bb/7007bbd52e6a2532d7f36a03c1037316.js
Message:
Failed to load resource: the server responded with a status of 403 (Forbidden)
javascript warning URL: https://tzegilo.com/stattag.js
Message:
getGamepad will now require Secure Context. Please update your application accordingly. For more information see https://github.com/w3c/gamepad/pull/120

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header Value
X-Frame-Options sameorigin