urlscan.io logo urlscan.io
SecurityTrails logo

www.turfuniversel.com Open in urlscan Pro
195.154.21.70  Public Scan

Go To Rescan Add Verdict Report
URL: http://www.turfuniversel.com/passwordaccess/password/5d939c763f38298a66c223c9/
Submission: On June 17 via manual from BF — Scanned from FR
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 9 IPs in 3 countries across 6 domains to perform 19 HTTP transactions. The main IP is 195.154.21.70, located in Paris, France and belongs to Online SAS, FR. The main domain is www.turfuniversel.com.
This is the only time www.turfuniversel.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
8 195.154.21.70 12876 (Online SAS)
2 2a00:1450:400... 15169 (GOOGLE)
1 2606:4700::68... 13335 (CLOUDFLAR...)
2 2a02:2638:1::3 44788 (ASN-CRITE...)
2 2a00:1450:400... 15169 (GOOGLE)
1 178.250.0.145 44788 (ASN-CRITE...)
1 2 2a02:2638::1c 44788 (ASN-CRITE...)
1 178.250.0.163 44788 (ASN-CRITE...)
1 178.250.0.157 44788 (ASN-CRITE...)
19 9
8    195.154.21.70 (Paris, France)

ASN12876 (Online SAS, FR)
www.turfuniversel.com
2    2a00:1450:4001:828::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
fonts.googleapis.com
1    2606:4700::6812:bcf (United States)

ASN13335 (CLOUDFLARENET, US)
maxcdn.bootstrapcdn.com
2    2a02:2638:1::3 (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)
static.criteo.net
2    2a00:1450:4001:809::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
fonts.gstatic.com
1    178.250.0.145 (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)
cas.criteo.com
2    2a02:2638::1c (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)
gum.criteo.com
1    178.250.0.163 (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)
widget.fr.eu.criteo.com
1    178.250.0.157 (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)
mug.criteo.com
Apex Domain
Subdomains		 Transfer
8 turfuniversel.com
www.turfuniversel.com
296 KB
5 criteo.com
cas.criteo.com — Cisco Umbrella Rank: 16186
gum.criteo.com — Cisco Umbrella Rank: 394
widget.fr.eu.criteo.com — Cisco Umbrella Rank: 15882
mug.criteo.com — Cisco Umbrella Rank: 2507
10 KB
2 gstatic.com
fonts.gstatic.com
75 KB
2 criteo.net
static.criteo.net — Cisco Umbrella Rank: 605
39 KB
2 googleapis.com
fonts.googleapis.com — Cisco Umbrella Rank: 67
2 KB
1 bootstrapcdn.com
maxcdn.bootstrapcdn.com — Cisco Umbrella Rank: 793
7 KB
19 6
Domain Requested by
8 www.turfuniversel.com www.turfuniversel.com
2 gum.criteo.com 1 redirects static.criteo.net
2 fonts.gstatic.com fonts.googleapis.com
2 static.criteo.net www.turfuniversel.com
2 fonts.googleapis.com www.turfuniversel.com
client
1 mug.criteo.com www.turfuniversel.com
1 widget.fr.eu.criteo.com www.turfuniversel.com
1 cas.criteo.com static.criteo.net
1 maxcdn.bootstrapcdn.com www.turfuniversel.com
19 9

This site contains links to these domains. Also see Links.

Domain
support.google.com
www.oracle.com
Subject Issuer Validity Valid
upload.video.google.com
GTS CA 1C3		 2022-05-30 -
2022-08-22		 3 months crt.sh
sni.cloudflaressl.com
Cloudflare Inc ECC CA-3		 2022-01-29 -
2023-01-29		 a year crt.sh
*.criteo.net
DigiCert TLS Hybrid ECC SHA384 2020 CA1		 2022-04-11 -
2022-07-13		 3 months crt.sh
*.gstatic.com
GTS CA 1C3		 2022-05-25 -
2022-08-17		 3 months crt.sh
*.criteo.com
DigiCert TLS Hybrid ECC SHA384 2020 CA1		 2022-06-15 -
2022-09-18		 3 months crt.sh
*.fr.eu.criteo.com
DigiCert TLS Hybrid ECC SHA384 2020 CA1		 2022-05-18 -
2022-08-13		 3 months crt.sh

This page contains 3 frames:

Primary Page: http://www.turfuniversel.com/passwordaccess/password/5d939c763f38298a66c223c9/
Frame ID: 3545D99C47FF22E97760BEE79ECC33CA
Requests: 16 HTTP requests in this frame

Frame: https://gum.criteo.com/syncframe?origin=publishertag&topUrl=www.turfuniversel.com
Frame ID: F434EBDFF697EE0F8DE56C6E2C43B7A8
Requests: 2 HTTP requests in this frame

Frame: https://widget.fr.eu.criteo.com/dis/dis.aspx?pu=1356753&cb=62ac3c95110a1d25a6d9597917684215
Frame ID: 4FC649F3E3A5FA73AF7319FF25743632
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page Title

Turf Universel

Detected technologies

Overall confidence: 100%
Detected patterns
  • <link[^>]* href=[^>]*?bootstrap(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)[^>]*?(?:\.min)?\.css
  • bootstrap(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)[^>]*?(?:\.min)?\.js
Overall confidence: 100%
Detected patterns
  • //(?:cas\.criteo\.com|(?:[^/]\.)?criteo\.net)/
Overall confidence: 100%
Detected patterns
  • <link[^>]* href=[^>]+(?:([\d.]+)/)?(?:css/)?font-awesome(?:\.min)?\.css
  • <link[^>]* href=[^>]*?(?:F|f)o(?:n|r)t-?(?:A|a)wesome(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)
  • (?:F|f)o(?:n|r)t-?(?:A|a)wesome(?:.*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)
Overall confidence: 100%
Detected patterns
  • <link[^>]* href=[^>]+fonts\.(?:googleapis|google)\.com
Overall confidence: 100%
Detected patterns
  • jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

Page Statistics

19
Requests

47 %
HTTPS

56 %
IPv6

6
Domains

9
Subdomains

9
IPs

3
Countries

429 kB
Transfer

909 kB
Size

3
Cookies

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 11
  • http://static.criteo.net/images/criteo/publishertag/close.png HTTP 307
  • https://static.criteo.net/images/criteo/publishertag/close.png
Request Chain 17
  • https://gum.criteo.com/sid/json?origin=publishertag&domain=turfuniversel.com&sn=ChromeSyncframe&so=0&topUrl=www.turfuniversel.com&cw=1&lsw=1&topicsavail=0&fledgeavail=0 HTTP 302
  • https://mug.criteo.com/sid?cpp=zC-0IHxzaENRWnViYmJaci9lY1dwTTBaQWpKcFduVEFZajYzVm50ODVjRmV1RlhkMmJuYTZnUlJleUE0YUN1Z1QzZ2JSMnBjd0VnQzE0aUJuYmdobWx0SzlCejRIN0tzVWpZclQ3bXVVK3V0ZDVWZVhuaXd5bERRbFVuRWpreUFwY1MxTDZ1OXV5YkxORnMzRlF1TGdsaExVTXRwbGhOaGxOemo5V3JpT0dLWm9BaHdXU2wwelBkR1JVajZtLzhNNUh4d0ZGZzR5aCtmY28zczZ0em5SZzFIVVdNdENSUUttVzhIK3BqT1lqTTJZQ1gybGdzY0JDaHlKdnRadTViS1puWXpPMTZVVUlLdDBGaHVvUGFrTzJrYzhoQT09fA&cppv=2

19 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Primary Request /
www.turfuniversel.com/passwordaccess/password/5d939c763f38298a66c223c9/ 		7 KB
3 KB 		Document
General
Check archive.org
Download Go to
Full URL
http://www.turfuniversel.com/passwordaccess/password/5d939c763f38298a66c223c9/
Protocol
HTTP/1.1
Server
195.154.21.70 Paris, France, ASN12876 (Online SAS, FR),
Reverse DNS
Software
Apache / PHP/8.0.9
Resource Hash
8b99b8f8e1a0a7131e7f36d9e6e2c0c1ba2f9bc55c448c9d7f0fa2227761f8b0
Security Headers
Name Value
X-Frame-Options sameorigin

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36
accept-language
fr-FR,fr;q=0.9

Response headers

Cache-Control
must-revalidate, no-cache, private
Connection
close
Content-Encoding
gzip
Content-Length
2610
Content-Type
text/html; charset=UTF-8
Date
Fri, 17 Jun 2022 08:34:29 GMT
Expires
Sat, 26 Jul 1997 05:00:00 GMT
Pragma
no-cache
Server
Apache
Vary
Accept-Encoding
X-EMS-Server
35
X-Frame-Options
sameorigin
X-Powered-By
PHP/8.0.9
css
fonts.googleapis.com/ 		8 KB
1 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css?family=Montserrat:300,400,700%7CInknut%20Antiqua:300,400,700&display=swap
Requested by
Host: www.turfuniversel.com
URL: http://www.turfuniversel.com/passwordaccess/password/5d939c763f38298a66c223c9/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:828::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
c67ce956e5d38c0dfd94a84c68909a01618bd7627c918471bc4fde9c6f69016c
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

accept-language
fr-FR,fr;q=0.9
Referer
http://www.turfuniversel.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection
0
last-modified
Fri, 17 Jun 2022 08:34:29 GMT
server
ESF
cross-origin-opener-policy
same-origin-allow-popups
date
Fri, 17 Jun 2022 08:34:29 GMT
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Fri, 17 Jun 2022 08:34:29 GMT
font-awesome.min.css
maxcdn.bootstrapcdn.com/font-awesome/4.7.0/css/ 		30 KB
7 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://maxcdn.bootstrapcdn.com/font-awesome/4.7.0/css/font-awesome.min.css
Requested by
Host: www.turfuniversel.com
URL: http://www.turfuniversel.com/passwordaccess/password/5d939c763f38298a66c223c9/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:bcf , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
799aeb25cc0373fdee0e1b1db7ad6c2f6a0e058dfadaa3379689f583213190bd
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
fr-FR,fr;q=0.9
Referer
http://www.turfuniversel.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36

Response headers

date
Fri, 17 Jun 2022 08:34:29 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
HIT
cdn-edgestorageid
723, 617
age
29056745
cdn-cachedat
2021-07-16 02:05:22
cdn-pullzone
252412
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
timing-allow-origin
*
access-control-allow-origin
*
last-modified
Mon, 25 Jan 2021 22:04:55 GMT
server
cloudflare
cdn-requestpullcode
200
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=31536000; includeSubDomains; preload
content-type
text/css; charset=utf-8
cdn-cache
HIT
vary
Accept-Encoding
cache-control
public, max-age=31919000
cdn-uid
b1941f61-b576-4f40-80de-5677acb38f74
cdn-requestid
fd6f36efeb8a69a6a6931679416a77d0
cf-ray
71ca7246ee7b99bc-CDG
cdn-requestcountrycode
FR
cdn-requestpullsuccess
True
combined.css
www.turfuniversel.com/themes/ 		134 KB
134 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
http://www.turfuniversel.com/themes/combined.css?v=6_1646067834_220
Requested by
Host: www.turfuniversel.com
URL: http://www.turfuniversel.com/passwordaccess/password/5d939c763f38298a66c223c9/
Protocol
HTTP/1.1
Server
195.154.21.70 Paris, France, ASN12876 (Online SAS, FR),
Reverse DNS
Software
Apache / PHP/8.0.9
Resource Hash
d5f0945828ad218573cc520955ccce89260318423ac5747dbea535f4f92ff1f8
Security Headers
Name Value
X-Frame-Options sameorigin

Request headers

accept-language
fr-FR,fr;q=0.9
Referer
http://www.turfuniversel.com/passwordaccess/password/5d939c763f38298a66c223c9/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36

Response headers

Pragma
no-cache
Date
Fri, 17 Jun 2022 08:34:29 GMT
X-EMS-Server
70
Server
Apache
X-Powered-By
PHP/8.0.9
X-Frame-Options
sameorigin
Content-Type
text/css;charset=UTF-8
Cache-Control
no-cache
Transfer-Encoding
chunked
Connection
close
Etag
6_1646067834_220
Expires
Wed, 17 Aug 2022 05:32:35 GMT
jquery.min.js
www.turfuniversel.com/medias/static/themes/ems_framework/js/ 		94 KB
34 KB 		Script
General
Check archive.org
Download Go to
Full URL
http://www.turfuniversel.com/medias/static/themes/ems_framework/js/jquery.min.js
Requested by
Host: www.turfuniversel.com
URL: http://www.turfuniversel.com/passwordaccess/password/5d939c763f38298a66c223c9/
Protocol
HTTP/1.1
Server
195.154.21.70 Paris, France, ASN12876 (Online SAS, FR),
Reverse DNS
Software
cloudflare /
Resource Hash
aec3d419d50f05781a96f223e18289aeb52598b5db39be82a7b71dc67d6a7947
Security Headers
Name Value
Strict-Transport-Security max-age=0;
X-Frame-Options sameorigin

Request headers

accept-language
fr-FR,fr;q=0.9
Referer
http://www.turfuniversel.com/passwordaccess/password/5d939c763f38298a66c223c9/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36

Response headers

Strict-Transport-Security
max-age=0;
Content-Encoding
gzip
X-EMS-Server
78
CF-Cache-Status
HIT
NEL
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Age
3958430
Transfer-Encoding
chunked
Connection
close
Vary
Accept-Encoding
Last-Modified
Mon, 02 May 2022 12:29:40 GMT
Server
cloudflare
Date
Fri, 17 Jun 2022 08:34:29 GMT
Expect-CT
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
X-Frame-Options
sameorigin
Report-To
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=EhmD0xijTU%2FP69dEZn%2FBQDKKq%2B0XmX6dmqTw5nT6%2BwRf%2BNi36WNucjeciqPCAz8LLg6NVEuMOybX1odGTpjJOFI7Yl%2F4aVzIZ9i6PwUC3V2YR6GhnIlYqkbPZttNKlbz0h4CsUzc"}],"group":"cf-nel","max_age":604800}
Content-Type
application/javascript
Cache-Control
max-age=31536000
CF-RAY
71ca7246dfa4ee33-CDG
Expires
Tue, 02 May 2023 12:42:32 GMT
ems-framework.min.js
www.turfuniversel.com/medias/static/themes/ems_framework/js/ 		62 KB
14 KB 		Script
General
Check archive.org
Download Go to
Full URL
http://www.turfuniversel.com/medias/static/themes/ems_framework/js/ems-framework.min.js?v=864
Requested by
Host: www.turfuniversel.com
URL: http://www.turfuniversel.com/passwordaccess/password/5d939c763f38298a66c223c9/
Protocol
HTTP/1.1
Server
195.154.21.70 Paris, France, ASN12876 (Online SAS, FR),
Reverse DNS
Software
cloudflare /
Resource Hash
aa06dba4fbe11b63d5cd1c400a6ff9de0395e6f082f4ce57a23902806847f687
Security Headers
Name Value
Strict-Transport-Security max-age=0;
X-Frame-Options sameorigin

Request headers

accept-language
fr-FR,fr;q=0.9
Referer
http://www.turfuniversel.com/passwordaccess/password/5d939c763f38298a66c223c9/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36

Response headers

Strict-Transport-Security
max-age=0;
Content-Encoding
gzip
X-EMS-Server
162
CF-Cache-Status
HIT
NEL
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Age
177471
Transfer-Encoding
chunked
Connection
close
Vary
Accept-Encoding
Last-Modified
Tue, 14 Jun 2022 07:22:56 GMT
Server
cloudflare
Date
Fri, 17 Jun 2022 08:34:29 GMT
Expect-CT
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
X-Frame-Options
sameorigin
Report-To
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=ffwh2KO80qrA3Qz7UFbLWg9AT0JhwSolcQmFb%2FiEkgMQH0Wl5N1EatTaCZQFU137sLTpCw0WKbpHAIjoD0VswqMc86M2Fw%2FCFUu7TJsqov2s0nq2kgP0JeBFq1hvCiFEb3PgSHbF"}],"group":"cf-nel","max_age":604800}
Content-Type
application/javascript
Cache-Control
max-age=31536000
CF-RAY
71ca7246da7a3b5b-CDG
Expires
Thu, 15 Jun 2023 06:55:17 GMT
content.js
www.turfuniversel.com/themes/ 		147 KB
46 KB 		Script
General
Check archive.org
Download Go to
Full URL
http://www.turfuniversel.com/themes/content.js?v=6_1646067834_220
Requested by
Host: www.turfuniversel.com
URL: http://www.turfuniversel.com/passwordaccess/password/5d939c763f38298a66c223c9/
Protocol
HTTP/1.1
Server
195.154.21.70 Paris, France, ASN12876 (Online SAS, FR),
Reverse DNS
Software
Apache / PHP/8.0.9
Resource Hash
0fe04896a7b44cbf6fba6d658fc96dc15f882eb624e711e0829141df6d4ef839
Security Headers
Name Value
X-Frame-Options sameorigin

Request headers

accept-language
fr-FR,fr;q=0.9
Referer
http://www.turfuniversel.com/passwordaccess/password/5d939c763f38298a66c223c9/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36

Response headers

Pragma
no-cache
Date
Fri, 17 Jun 2022 08:34:29 GMT
Content-Encoding
gzip
X-EMS-Server
35
Server
Apache
X-Frame-Options
sameorigin
X-Powered-By
PHP/8.0.9
Vary
Accept-Encoding
Content-Type
text/javascript; charset=UTF-8
Cache-Control
must-revalidate, no-cache, private
Connection
close
Content-Length
47041
Etag
6_1646067834_220
Expires
Wed, 17 Aug 2022 05:32:36 GMT
jquery.rgpd-cookies.js
www.turfuniversel.com/medias/static/js/rgpd-cookies/ 		170 KB
38 KB 		Script
General
Check archive.org
Download Go to
Full URL
http://www.turfuniversel.com/medias/static/js/rgpd-cookies/jquery.rgpd-cookies.js?v=864
Requested by
Host: www.turfuniversel.com
URL: http://www.turfuniversel.com/passwordaccess/password/5d939c763f38298a66c223c9/
Protocol
HTTP/1.1
Server
195.154.21.70 Paris, France, ASN12876 (Online SAS, FR),
Reverse DNS
Software
cloudflare /
Resource Hash
a7f4ba277ae64d1e3e9c5d6912f9b3f822bd1864f30e2848f3aaf43a20ce9a3a
Security Headers
Name Value
Strict-Transport-Security max-age=0;
X-Frame-Options sameorigin

Request headers

accept-language
fr-FR,fr;q=0.9
Referer
http://www.turfuniversel.com/passwordaccess/password/5d939c763f38298a66c223c9/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36

Response headers

Date
Fri, 17 Jun 2022 08:34:29 GMT
Content-Encoding
gzip
X-EMS-Server
98
CF-Cache-Status
HIT
NEL
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Age
177169
Cf-Polished
origSize=173834
Transfer-Encoding
chunked
Connection
close
Vary
Accept-Encoding
Last-Modified
Tue, 14 Jun 2022 07:25:18 GMT
Server
cloudflare
X-Frame-Options
sameorigin
Expect-CT
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
Strict-Transport-Security
max-age=0;
Report-To
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=AvUCfTWWmprsuvuoQF%2Fb3IYWqgQKvLeYzTo6vK6DzZ%2FlpCx288GHs9ny%2FMzvQdg%2FC7bnY3HvwRMClTG7VWxsK4JWhZCkc8aHCHUJsreMhzYbDLMIfD0PBY7x8M5x7%2F71pMhTQPXV"}],"group":"cf-nel","max_age":604800}
Content-Type
application/javascript
Cf-Bgj
minify
Cache-Control
max-age=31536000
CF-RAY
71ca7246dad2084b-CDG
Expires
Thu, 15 Jun 2023 07:00:20 GMT
jquery.mobile.custom.min.js
www.turfuniversel.com/medias/static/themes/ems_framework/js/ 		25 KB
10 KB 		Script
General
Check archive.org
Download Go to
Full URL
http://www.turfuniversel.com/medias/static/themes/ems_framework/js/jquery.mobile.custom.min.js
Requested by
Host: www.turfuniversel.com
URL: http://www.turfuniversel.com/passwordaccess/password/5d939c763f38298a66c223c9/
Protocol
HTTP/1.1
Server
195.154.21.70 Paris, France, ASN12876 (Online SAS, FR),
Reverse DNS
Software
cloudflare /
Resource Hash
6e3cd0d6a67783d5edebf54214ae078c5ee70155b9caa354212fab2a0e947bfa
Security Headers
Name Value
Strict-Transport-Security max-age=0;
X-Frame-Options sameorigin

Request headers

accept-language
fr-FR,fr;q=0.9
Referer
http://www.turfuniversel.com/passwordaccess/password/5d939c763f38298a66c223c9/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36

Response headers

Strict-Transport-Security
max-age=0;
Content-Encoding
gzip
X-EMS-Server
70
CF-Cache-Status
HIT
NEL
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Age
3958290
Transfer-Encoding
chunked
Connection
close
Vary
Accept-Encoding
Last-Modified
Mon, 02 May 2022 12:29:40 GMT
Server
cloudflare
Date
Fri, 17 Jun 2022 08:34:29 GMT
Expect-CT
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
X-Frame-Options
sameorigin
Report-To
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=qPjZFc2C8CNrvH4mIXV99VvKLMdKkBWRv7cVg5i17DjhFyoJ2WW7mWndfVuI8GydtzxuMo%2BZlWnXQxwSGldYy7mAphUx%2Bi5ZVQY%2BxEpYBG5pGbWJ8i%2B%2FR8yBuDycxLMkuftx8x3n"}],"group":"cf-nel","max_age":604800}
Content-Type
application/javascript
Cache-Control
max-age=31536000
CF-RAY
71ca7246d9b34055-CDG
Expires
Tue, 02 May 2023 12:44:52 GMT
custom.js
www.turfuniversel.com/themes/ 		17 KB
17 KB 		Script
General
Check archive.org
Download Go to
Full URL
http://www.turfuniversel.com/themes/custom.js
Requested by
Host: www.turfuniversel.com
URL: http://www.turfuniversel.com/passwordaccess/password/5d939c763f38298a66c223c9/
Protocol
HTTP/1.1
Server
195.154.21.70 Paris, France, ASN12876 (Online SAS, FR),
Reverse DNS
Software
Apache / PHP/8.0.9
Resource Hash
e039f44b09ba153d21475ac13c5bb592e4e9fc071b3d2c54c48194d9493f38f0
Security Headers
Name Value
X-Frame-Options sameorigin

Request headers

accept-language
fr-FR,fr;q=0.9
Referer
http://www.turfuniversel.com/passwordaccess/password/5d939c763f38298a66c223c9/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36

Response headers

Pragma
no-cache
Date
Fri, 17 Jun 2022 08:34:29 GMT
X-EMS-Server
162
Server
Apache
X-Powered-By
PHP/8.0.9
X-Frame-Options
sameorigin
Content-Type
text/javascript; charset=UTF-8
Cache-Control
must-revalidate, no-cache, private
Transfer-Encoding
chunked
Connection
close
Etag
6_1646067834_220
Expires
Wed, 17 Aug 2022 05:32:35 GMT
publishertag.js
static.criteo.net/js/ld/ 		119 KB
39 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.criteo.net/js/ld/publishertag.js
Requested by
Host: www.turfuniversel.com
URL: http://www.turfuniversel.com/passwordaccess/password/5d939c763f38298a66c223c9/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638:1::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
nginx /
Resource Hash
850a150239aa319a9c772f1e6e71c15680d670c980c3daf41734c6ce8e0e8255
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
fr-FR,fr;q=0.9
Referer
http://www.turfuniversel.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36

Response headers

date
Fri, 17 Jun 2022 08:34:29 GMT
content-encoding
gzip
last-modified
Tue, 03 May 2022 11:21:03 GMT
server
nginx
etag
W/"6271101f-1dc01"
strict-transport-security
max-age=31536000; preload;
content-type
text/javascript
access-control-allow-origin
*
cache-control
max-age=86400, public
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
expires
Sat, 18 Jun 2022 08:34:29 GMT
JTUSjIg1_i6t8kCHKm459Wlhyw.woff2
fonts.gstatic.com/s/montserrat/v24/ 		30 KB
31 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/montserrat/v24/JTUSjIg1_i6t8kCHKm459Wlhyw.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Montserrat:300,400,700%7CInknut%20Antiqua:300,400,700&display=swap
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:809::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
c8f7c04f8d691138d54380550d91349271ca19cfc0f3f6666c401cfa892a12f8
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
http://www.turfuniversel.com
accept-language
fr-FR,fr;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36

Response headers

date
Tue, 14 Jun 2022 17:07:05 GMT
x-content-type-options
nosniff
age
228445
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
30876
x-xss-protection
0
last-modified
Tue, 26 Apr 2022 14:37:35 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Wed, 14 Jun 2023 17:07:05 GMT
close.png
static.criteo.net/images/criteo/publishertag/
Redirect Chain
  • http://static.criteo.net/images/criteo/publishertag/close.png
  • https://static.criteo.net/images/criteo/publishertag/close.png
200 B
523 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static.criteo.net/images/criteo/publishertag/close.png
Requested by
Host: www.turfuniversel.com
URL: http://www.turfuniversel.com/passwordaccess/password/5d939c763f38298a66c223c9/
Protocol
H2
Server
2a02:2638:1::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
nginx /
Resource Hash
8666e1edfc2a36e3b6f4e41b5178d52f4e1164c89342c95e62ae904a6029c1f6
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
fr-FR,fr;q=0.9
Referer
http://www.turfuniversel.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36

Response headers

date
Fri, 17 Jun 2022 08:34:30 GMT
last-modified
Tue, 20 Dec 2016 12:52:39 GMT
server
nginx
cross-origin-embedder-policy
require-corp
etag
"58592997-c8"
strict-transport-security
max-age=31536000; preload;
content-type
image/png
access-control-allow-origin
*
cache-control
max-age=31104000, public
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
timing-allow-origin
*
content-length
200
expires
Mon, 12 Jun 2023 08:34:30 GMT

Redirect headers

Location
https://static.criteo.net/images/criteo/publishertag/close.png
Non-Authoritative-Reason
HSTS
Cross-Origin-Resource-Policy
Cross-Origin
ajs.php
cas.criteo.com/delivery/ 		2 KB
2 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://cas.criteo.com/delivery/ajs.php?ptv=123&containerid=cto_sticky&zoneid=1356753&cb=11660728043&nodis=1&charset=UTF-8&dlp=1&dc=3&atfr=1&loc=http%3A%2F%2Fwww.turfuniversel.com%2Fpasswordaccess%2Fpassword%2F5d939c763f38298a66c223c9%2F
Requested by
Host: static.criteo.net
URL: https://static.criteo.net/js/ld/publishertag.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
178.250.0.145 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
Kestrel /
Resource Hash
69f122d5b99e43c9c892aad85c1d7ecee3e8691ab1ae3d72548504e22995b015
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
fr-FR,fr;q=0.9
Referer
http://www.turfuniversel.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36

Response headers

date
Fri, 17 Jun 2022 08:34:29 GMT
content-encoding
gzip
vary
Origin, Accept-Encoding
p3p
CP='CUR ADM OUR NOR STA NID'
cross-origin-resource-policy
cross-origin
server-processing-duration-in-ticks
4138061
strict-transport-security
max-age=31536000; preload;
pragma
no-cache
server
Kestrel
access-control-max-age
1000
access-control-allow-methods
GET, POST, OPTIONS
content-type
text/javascript; charset=utf-8
access-control-allow-origin
http://www.turfuniversel.com
cache-control
private, max-age=0, no-cache
access-control-allow-credentials
true
access-control-allow-headers
Origin, X-Requested-With, Content-Type, Accept
expires
Mon, 26 Jul 1997 05:00:00 GMT
css2
fonts.googleapis.com/ 		6 KB
779 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css2?family=Open+Sans:wght@400;700&display=swap
Requested by
Host: client
URL: about:client
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:828::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
4ad2c33946a64961fc97d9785d565098943cfc0b122e809fe6c7e2353ca11b01
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

accept-language
fr-FR,fr;q=0.9
Referer
http://www.turfuniversel.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection
0
last-modified
Fri, 17 Jun 2022 06:47:29 GMT
server
ESF
cross-origin-opener-policy
same-origin-allow-popups
date
Fri, 17 Jun 2022 08:34:30 GMT
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Fri, 17 Jun 2022 08:34:30 GMT
syncframe
gum.criteo.com/ Frame F434 		15 KB
6 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://gum.criteo.com/syncframe?origin=publishertag&topUrl=www.turfuniversel.com
Requested by
Host: static.criteo.net
URL: https://static.criteo.net/js/ld/publishertag.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638::1c , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
/
Resource Hash
cf123b4d7a9a20f1cd0a1e41dd39841845abb4350e5d466adb592f4bdf5b9be3
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Referer
http://www.turfuniversel.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36
accept-language
fr-FR,fr;q=0.9

Response headers

cache-control
private, max-age=3600
content-encoding
gzip
content-length
6149
content-type
text/html; charset=utf-8
cross-origin-embedder-policy
require-corp
cross-origin-resource-policy
cross-origin
date
Fri, 17 Jun 2022 08:34:29 GMT
server-processing-duration-in-ticks
1875
strict-transport-security
max-age=31536000; preload;
vary
Accept-Encoding
memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTS-muw.woff2
fonts.gstatic.com/s/opensans/v29/ 		44 KB
44 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/opensans/v29/memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTS-muw.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css2?family=Open+Sans:wght@400;700&display=swap
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:809::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
a658b2be7323c57d4bd5c4197b657e1f5360d1b950131dc377efec1d5111ffd0
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
http://www.turfuniversel.com
accept-language
fr-FR,fr;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36

Response headers

date
Mon, 13 Jun 2022 23:32:09 GMT
x-content-type-options
nosniff
age
291741
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
44800
x-xss-protection
0
last-modified
Wed, 11 May 2022 19:25:14 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Tue, 13 Jun 2023 23:32:09 GMT
dis.aspx
widget.fr.eu.criteo.com/dis/ Frame 4FC6 		28 B
425 B 		Document
General
Check archive.org
Download Go to
Full URL
https://widget.fr.eu.criteo.com/dis/dis.aspx?pu=1356753&cb=62ac3c95110a1d25a6d9597917684215
Requested by
Host: www.turfuniversel.com
URL: http://www.turfuniversel.com/passwordaccess/password/5d939c763f38298a66c223c9/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
178.250.0.163 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
Kestrel /
Resource Hash
28246fc455ed80a6d38f2779e518e2fb49031680c01ae393a7cae3d04462daf0
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Referer
http://www.turfuniversel.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36
accept-language
fr-FR,fr;q=0.9

Response headers

cache-control
no-cache
content-encoding
gzip
content-type
text/html
cross-origin-embedder-policy
require-corp
cross-origin-resource-policy
cross-origin
date
Fri, 17 Jun 2022 08:34:29 GMT
expires
Mon, 26 Jul 1997 05:00:00 GMT
p3p
CP='CUR ADM OUR NOR STA NID'
pragma
no-cache
server
Kestrel
server-processing-duration-in-ticks
3723830
strict-transport-security
max-age=31536000; preload;
timing-allow-origin
*
vary
Accept-Encoding
sid
mug.criteo.com/ Frame F434
Redirect Chain
  • https://gum.criteo.com/sid/json?origin=publishertag&domain=turfuniversel.com&sn=ChromeSyncframe&so=0&topUrl=www.turfuniversel.com&cw=1&lsw=1&topicsavail=0&fledgeavail=0
  • https://mug.criteo.com/sid?cpp=zC-0IHxzaENRWnViYmJaci9lY1dwTTBaQWpKcFduVEFZajYzVm50ODVjRmV1RlhkMmJuYTZnUlJleUE0YUN1Z1QzZ2JSMnBjd0VnQzE0aUJuYmdobWx0SzlCejRIN0tzVWpZclQ3bXVVK3V0ZDVWZVhuaXd5bERRbFVuRW...
465 B
657 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://mug.criteo.com/sid?cpp=zC-0IHxzaENRWnViYmJaci9lY1dwTTBaQWpKcFduVEFZajYzVm50ODVjRmV1RlhkMmJuYTZnUlJleUE0YUN1Z1QzZ2JSMnBjd0VnQzE0aUJuYmdobWx0SzlCejRIN0tzVWpZclQ3bXVVK3V0ZDVWZVhuaXd5bERRbFVuRWpreUFwY1MxTDZ1OXV5YkxORnMzRlF1TGdsaExVTXRwbGhOaGxOemo5V3JpT0dLWm9BaHdXU2wwelBkR1JVajZtLzhNNUh4d0ZGZzR5aCtmY28zczZ0em5SZzFIVVdNdENSUUttVzhIK3BqT1lqTTJZQ1gybGdzY0JDaHlKdnRadTViS1puWXpPMTZVVUlLdDBGaHVvUGFrTzJrYzhoQT09fA&cppv=2
Requested by
Host: www.turfuniversel.com
URL: http://www.turfuniversel.com/passwordaccess/password/5d939c763f38298a66c223c9/
Protocol
H2
Server
178.250.0.157 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
/
Resource Hash
b9c778b275b21dcb67843c5e0eaa040d3bd351bf17b4e9d69410c150b5006d15
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
fr-FR,fr;q=0.9
Referer
https://gum.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 17 Jun 2022 08:34:30 GMT
content-encoding
gzip
vary
Accept-Encoding
access-control-allow-methods
GET
content-type
application/json; charset=utf-8
access-control-allow-origin
https://gum.criteo.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
server-processing-duration-in-ticks
3820
strict-transport-security
max-age=31536000; preload;
expires
0

Redirect headers

pragma
no-cache
date
Fri, 17 Jun 2022 08:34:30 GMT
strict-transport-security
max-age=31536000; preload;
content-type
text/html; charset=utf-8
location
https://mug.criteo.com/sid?cpp=zC-0IHxzaENRWnViYmJaci9lY1dwTTBaQWpKcFduVEFZajYzVm50ODVjRmV1RlhkMmJuYTZnUlJleUE0YUN1Z1QzZ2JSMnBjd0VnQzE0aUJuYmdobWx0SzlCejRIN0tzVWpZclQ3bXVVK3V0ZDVWZVhuaXd5bERRbFVuRWpreUFwY1MxTDZ1OXV5YkxORnMzRlF1TGdsaExVTXRwbGhOaGxOemo5V3JpT0dLWm9BaHdXU2wwelBkR1JVajZtLzhNNUh4d0ZGZzR5aCtmY28zczZ0em5SZzFIVVdNdENSUUttVzhIK3BqT1lqTTJZQ1gybGdzY0JDaHlKdnRadTViS1puWXpPMTZVVUlLdDBGaHVvUGFrTzJrYzhoQT09fA&cppv=2
cache-control
no-cache, no-store, must-revalidate
server-processing-duration-in-ticks
1523
content-length
541
expires
0

Verdicts & Comments Add Verdict or Comment

42 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| 0 object| 1 object| oncontextlost object| oncontextrestored function| structuredClone object| launchQueue object| onbeforematch object| navigation function| $ function| jQuery object| forms object| ems object| jQuery11130033581785582974755 function| Carousel function| Collapse function| Dropdown function| Fix function| Validate function| Modal function| Parallax function| Scrollspy function| Subnav function| Tooltip object| $fullCalendarTrads object| modules object| plugins object| layout object| $zoomIn object| paymeans object| theme object| emsChromeExtension function| DP_jQuery_1655454870084 object| lightbox number| width boolean| isMobile object| Criteo object| observer object| criteo_syncframe_state object| criteo_pubtag object| criteo_pubtag_123 object| Criteo_123 object| RGPDCookies

3 Cookies

Domain/Path Name / Value
.criteo.com/ Name: zdi
Value: %2A14XfoLameelIa%252fgHy2%252bp3WQ%253d%253d
.criteo.com/ Name: uid
Value: 5e8f4afa-f8f8-4390-b5a0-4ced735c5e19
.turfuniversel.com/ Name: cto_bundle
Value: MOJLIF9MS1ZhNG9YNGFqclpGd3Y1MCUyQlo1bFI4QU5FcUlzJTJCZlEwUXRadHBvNEwxb241OEglMkZQeDluTEFMaTVCeGV0RENYS2E1U1Q3SkNtT09la1MydHptNUZpZFFWdCUyQlliS2ZhTXRabjFqZnZGNlZCRWdRN2tZWjJNWFdIMjIydiUyQktIeSUyRm1xRnR4SXdjdzczbnQlMkZSTG1sT294TnpacXdSVHVXWjBuemxjSWNNeWFUbyUzRA

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header Value
X-Frame-Options sameorigin

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

cas.criteo.com
fonts.googleapis.com
fonts.gstatic.com
gum.criteo.com
maxcdn.bootstrapcdn.com
mug.criteo.com
static.criteo.net
widget.fr.eu.criteo.com
www.turfuniversel.com
178.250.0.145
178.250.0.157
178.250.0.163
195.154.21.70
2606:4700::6812:bcf
2a00:1450:4001:809::2003
2a00:1450:4001:828::200a
2a02:2638:1::3
2a02:2638::1c
0fe04896a7b44cbf6fba6d658fc96dc15f882eb624e711e0829141df6d4ef839
28246fc455ed80a6d38f2779e518e2fb49031680c01ae393a7cae3d04462daf0
4ad2c33946a64961fc97d9785d565098943cfc0b122e809fe6c7e2353ca11b01
69f122d5b99e43c9c892aad85c1d7ecee3e8691ab1ae3d72548504e22995b015
6e3cd0d6a67783d5edebf54214ae078c5ee70155b9caa354212fab2a0e947bfa
799aeb25cc0373fdee0e1b1db7ad6c2f6a0e058dfadaa3379689f583213190bd
850a150239aa319a9c772f1e6e71c15680d670c980c3daf41734c6ce8e0e8255
8666e1edfc2a36e3b6f4e41b5178d52f4e1164c89342c95e62ae904a6029c1f6
8b99b8f8e1a0a7131e7f36d9e6e2c0c1ba2f9bc55c448c9d7f0fa2227761f8b0
a658b2be7323c57d4bd5c4197b657e1f5360d1b950131dc377efec1d5111ffd0
a7f4ba277ae64d1e3e9c5d6912f9b3f822bd1864f30e2848f3aaf43a20ce9a3a
aa06dba4fbe11b63d5cd1c400a6ff9de0395e6f082f4ce57a23902806847f687
aec3d419d50f05781a96f223e18289aeb52598b5db39be82a7b71dc67d6a7947
b9c778b275b21dcb67843c5e0eaa040d3bd351bf17b4e9d69410c150b5006d15
c67ce956e5d38c0dfd94a84c68909a01618bd7627c918471bc4fde9c6f69016c
c8f7c04f8d691138d54380550d91349271ca19cfc0f3f6666c401cfa892a12f8
cf123b4d7a9a20f1cd0a1e41dd39841845abb4350e5d466adb592f4bdf5b9be3
d5f0945828ad218573cc520955ccce89260318423ac5747dbea535f4f92ff1f8
e039f44b09ba153d21475ac13c5bb592e4e9fc071b3d2c54c48194d9493f38f0