urlscan.io logo urlscan.io
SecurityTrails logo

topturf.fr Open in urlscan Pro
46.105.204.2  Public Scan

Go To Rescan Add Verdict Report
Submitted URL: http://topturf.fr/abomailwest.html
Effective URL: https://topturf.fr/
Submission: On April 30 via manual from MA — Scanned from FR
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 6 IPs in 2 countries across 5 domains to perform 30 HTTP transactions. The main IP is 46.105.204.2, located in France and belongs to OVH, FR. The main domain is topturf.fr.
TLS certificate: Issued by R3 on April 16th 2023. Valid for: 3 months.
This is the only time topturf.fr was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
2 3 46.105.204.2 16276 (OVH)
15 139.162.154.220 63949 (AKAMAI-LI...)
4 2a00:1450:400... 15169 (GOOGLE)
2 2a00:1450:400... 15169 (GOOGLE)
4 2a00:1450:400... 15169 (GOOGLE)
4 2a00:1450:400... 15169 (GOOGLE)
30 6
3    46.105.204.2 (France)

ASN16276 (OVH, FR)
PTR: cluster002.hosting.cdn.ovh.net
topturf.fr
15    139.162.154.220 (Frankfurt am Main, Germany)

ASN63949 (AKAMAI-LINODE-AP Akamai Connected Cloud, SG)
PTR: li1421-220.members.linode.com
1ar3hxx1n773i.cdn.shift8web.com
4    2a00:1450:4001:80f::2004 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.google.com
2    2a00:1450:4001:82f::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.google-analytics.com
4    2a00:1450:4001:806::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
fonts.gstatic.com
4    2a00:1450:4001:813::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.gstatic.com
Apex Domain
Subdomains		 Transfer
15 shift8web.com
1ar3hxx1n773i.cdn.shift8web.com
296 KB
8 gstatic.com
fonts.gstatic.com
www.gstatic.com
464 KB
4 google.com
www.google.com — Cisco Umbrella Rank: 16
46 KB
3 topturf.fr
topturf.fr
15 KB
2 google-analytics.com
www.google-analytics.com — Cisco Umbrella Rank: 91
21 KB
30 5
Domain Requested by
15 1ar3hxx1n773i.cdn.shift8web.com topturf.fr
4 www.gstatic.com www.google.com
www.gstatic.com
4 fonts.gstatic.com topturf.fr
www.google.com
4 www.google.com topturf.fr
www.gstatic.com
www.google.com
3 topturf.fr 2 redirects
2 www.google-analytics.com topturf.fr
www.google-analytics.com
30 6

This site contains links to these domains. Also see Links.

Domain
www.turf-qualite.com
base-pronoquinte.blogspot.com
Subject Issuer Validity Valid
topturf.fr
R3		 2023-04-16 -
2023-07-15		 3 months crt.sh
*.cdn.shift8web.com
RapidSSL Global TLS RSA4096 SHA256 2022 CA1		 2022-05-25 -
2023-05-25		 a year crt.sh
www.google.com
GTS CA 1C3		 2023-04-03 -
2023-06-26		 3 months crt.sh
*.google-analytics.com
GTS CA 1C3		 2023-04-03 -
2023-06-26		 3 months crt.sh
*.gstatic.com
GTS CA 1C3		 2023-04-03 -
2023-06-26		 3 months crt.sh
*.google.com
GTS CA 1C3		 2023-04-03 -
2023-06-26		 3 months crt.sh

This page contains 2 frames:

Primary Page: https://topturf.fr/
Frame ID: 6A31B223E72F858B3975A94305BD4485
Requests: 22 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/anchor?ar=1&k=6Ld8LuEdAAAAADnaHa6Msyaspc_sBW-Xks6odxd6&co=aHR0cHM6Ly90b3B0dXJmLmZyOjQ0Mw..&hl=fr&v=4q6CtudrwcI-LSEYlfoEbDXg&size=invisible&cb=rbswijba6hfo
Frame ID: A3F85A9EA1E3B2BE51CAA3B4A7682740
Requests: 8 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page Title

TURF PMU TOPTURF PRONOSTICS BASES BETON

Page URL History Show full URLs

  1. http://topturf.fr/abomailwest.html HTTP 301
    https://topturf.fr/abomailwest.html HTTP 301
    https://topturf.fr/ Page URL

Detected technologies

Overall confidence: 100%
Detected patterns
  • /wp-(?:content|includes)/
Overall confidence: 100%
Detected patterns
  • <!-- This site is optimized with the Yoast (?:WordPress )?SEO plugin v([\d.]+) -
Overall confidence: 100%
Detected patterns
  • google-analytics\.com/(?:ga|urchin|analytics)\.js
Overall confidence: 100%
Detected patterns
  • <link[^>]* href=[^>]+fonts\.(?:googleapis|google)\.com
Overall confidence: 100%
Detected patterns
  • /recaptcha/api\.js

Page Statistics

30
Requests

100 %
HTTPS

67 %
IPv6

5
Domains

6
Subdomains

6
IPs

2
Countries

841 kB
Transfer

2207 kB
Size

10
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. http://topturf.fr/abomailwest.html HTTP 301
    https://topturf.fr/abomailwest.html HTTP 301
    https://topturf.fr/ Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

30 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Primary Request /
topturf.fr/
Redirect Chain
  • http://topturf.fr/abomailwest.html
  • https://topturf.fr/abomailwest.html
  • https://topturf.fr/
167 KB
14 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://topturf.fr/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
46.105.204.2 , France, ASN16276 (OVH, FR),
Reverse DNS
cluster002.hosting.cdn.ovh.net
Software
/ PHP/8.0
Resource Hash
55ecd916f134f2672c04aa70ab501a1590a51691aafd324be98c440049fa99d2

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36
accept-language
fr-FR,fr;q=0.9

Response headers

accept-ranges
bytes
age
0
cache-control
no-cache
content-encoding
br
content-type
text/html; charset=UTF-8
date
Sun, 30 Apr 2023 10:59:03 GMT
last-modified
Sat, 29 Apr 2023 12:27:00 GMT
wpo-cache-status
cached
x-cdn-cache
MISS
x-cdn-pop
rbx
x-cdn-request-id
536648389
x-powered-by
PHP/8.0

Redirect headers

age
0
cache-control
no-cache
content-encoding
gzip
content-type
text/html; charset=UTF-8
date
Sun, 30 Apr 2023 10:59:03 GMT
expires
Wed, 11 Jan 1984 05:00:00 GMT
link
<https://topturf.fr/wp-json/>; rel="https://api.w.org/"
location
https://topturf.fr
x-cdn-cache
MISS
x-cdn-pop
rbx
x-cdn-request-id
536648388
x-powered-by
PHP/8.0
x-redirect-by
WordPress
wpo-minify-header-1d7f5a96.min.css
1ar3hxx1n773i.cdn.shift8web.com/wp-content/cache/wpo-minify/1682712092/assets/ 		430 KB
57 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://1ar3hxx1n773i.cdn.shift8web.com/wp-content/cache/wpo-minify/1682712092/assets/wpo-minify-header-1d7f5a96.min.css
Requested by
Host: topturf.fr
URL: https://topturf.fr/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
139.162.154.220 Frankfurt am Main, Germany, ASN63949 (AKAMAI-LINODE-AP Akamai Connected Cloud, SG),
Reverse DNS
li1421-220.members.linode.com
Software
Shift8_CDN /
Resource Hash
d84b38c957c1390651ff54f51243b5d9a531d7085701e9d778a1ff3223feea22

Request headers

accept-language
fr-FR,fr;q=0.9
Referer
https://topturf.fr/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

pragma
public
date
Sun, 30 Apr 2023 10:59:03 GMT
content-encoding
br
last-modified
Fri, 28 Apr 2023 20:01:41 GMT
server
Shift8_CDN
x-cdn-cache
MISS
age
0
content-type
text/css
access-control-allow-origin
https://topturf.fr
cache-control
max-age=31536000
x-cdn-pop
sbg
accept-ranges
bytes
x-cdn-request-id
719502654
x-shift8cdn-cache
MISS
expires
Mon, 29 Apr 2024 10:59:03 GMT
wpo-minify-header-c27f2cd4.min.js
1ar3hxx1n773i.cdn.shift8web.com/wp-content/cache/wpo-minify/1682712092/assets/ 		130 KB
40 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://1ar3hxx1n773i.cdn.shift8web.com/wp-content/cache/wpo-minify/1682712092/assets/wpo-minify-header-c27f2cd4.min.js
Requested by
Host: topturf.fr
URL: https://topturf.fr/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
139.162.154.220 Frankfurt am Main, Germany, ASN63949 (AKAMAI-LINODE-AP Akamai Connected Cloud, SG),
Reverse DNS
li1421-220.members.linode.com
Software
Shift8_CDN /
Resource Hash
521af4952d61d1b5df317d0d4c233a8018f68f0bdb9ec2bc3e468066fc9a834e

Request headers

accept-language
fr-FR,fr;q=0.9
Referer
https://topturf.fr/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

pragma
public
date
Sun, 30 Apr 2023 10:59:03 GMT
content-encoding
br
last-modified
Fri, 28 Apr 2023 20:01:33 GMT
server
Shift8_CDN
x-cdn-cache
MISS
age
0
content-type
application/javascript
access-control-allow-origin
https://topturf.fr
cache-control
max-age=31536000
x-cdn-pop
sbg
accept-ranges
bytes
x-cdn-request-id
933299037
x-shift8cdn-cache
MISS
expires
Mon, 29 Apr 2024 10:59:03 GMT
topturf.01-600x264.jpg
1ar3hxx1n773i.cdn.shift8web.com/wp-content/uploads/2021/03/ 		38 KB
37 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://1ar3hxx1n773i.cdn.shift8web.com/wp-content/uploads/2021/03/topturf.01-600x264.jpg
Requested by
Host: topturf.fr
URL: https://topturf.fr/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
139.162.154.220 Frankfurt am Main, Germany, ASN63949 (AKAMAI-LINODE-AP Akamai Connected Cloud, SG),
Reverse DNS
li1421-220.members.linode.com
Software
Shift8_CDN /
Resource Hash
c08d2cdd55fba5972b277c96b012c1de46b97f5fbe0ec1b95d77e0fdb523f86d

Request headers

accept-language
fr-FR,fr;q=0.9
Referer
https://topturf.fr/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

pragma
public
date
Sun, 30 Apr 2023 10:59:04 GMT
content-encoding
br
last-modified
Sun, 25 Dec 2022 19:51:28 GMT
server
Shift8_CDN
x-cdn-cache
MISS
age
0
vary
Accept-Encoding
content-type
image/jpeg
access-control-allow-origin
https://topturf.fr
cache-control
max-age=31536000
x-cdn-pop
sbg
x-cdn-request-id
908502279
x-shift8cdn-cache
MISS
expires
Mon, 29 Apr 2024 10:59:04 GMT
wpo-minify-footer-31be1194.min.css
1ar3hxx1n773i.cdn.shift8web.com/wp-content/cache/wpo-minify/1682712092/assets/ 		5 KB
2 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://1ar3hxx1n773i.cdn.shift8web.com/wp-content/cache/wpo-minify/1682712092/assets/wpo-minify-footer-31be1194.min.css
Requested by
Host: topturf.fr
URL: https://topturf.fr/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
139.162.154.220 Frankfurt am Main, Germany, ASN63949 (AKAMAI-LINODE-AP Akamai Connected Cloud, SG),
Reverse DNS
li1421-220.members.linode.com
Software
Shift8_CDN /
Resource Hash
c05fccac4c4ff2925afec40c903b97294f86f4a63a1b1252614101298d80398a

Request headers

accept-language
fr-FR,fr;q=0.9
Referer
https://topturf.fr/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

pragma
public
date
Sun, 30 Apr 2023 10:59:03 GMT
content-encoding
br
last-modified
Fri, 28 Apr 2023 20:01:32 GMT
server
Shift8_CDN
x-cdn-cache
MISS
age
0
content-type
text/css
access-control-allow-origin
https://topturf.fr
cache-control
max-age=31536000
x-cdn-pop
sbg
accept-ranges
bytes
x-cdn-request-id
88698217
x-shift8cdn-cache
MISS
expires
Mon, 29 Apr 2024 10:59:03 GMT
wpo-minify-footer-96670f32.min.js
1ar3hxx1n773i.cdn.shift8web.com/wp-content/cache/wpo-minify/1682712092/assets/ 		176 KB
46 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://1ar3hxx1n773i.cdn.shift8web.com/wp-content/cache/wpo-minify/1682712092/assets/wpo-minify-footer-96670f32.min.js
Requested by
Host: topturf.fr
URL: https://topturf.fr/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
139.162.154.220 Frankfurt am Main, Germany, ASN63949 (AKAMAI-LINODE-AP Akamai Connected Cloud, SG),
Reverse DNS
li1421-220.members.linode.com
Software
Shift8_CDN /
Resource Hash
9cf4e990ecb95c2f1870dd9810354aac58f8fdf75c204ac8dffb26acd57e0429

Request headers

accept-language
fr-FR,fr;q=0.9
Referer
https://topturf.fr/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

pragma
public
date
Sun, 30 Apr 2023 10:59:03 GMT
content-encoding
br
last-modified
Fri, 28 Apr 2023 20:01:41 GMT
server
Shift8_CDN
x-cdn-cache
MISS
age
0
content-type
application/javascript
access-control-allow-origin
https://topturf.fr
cache-control
max-age=31536000
x-cdn-pop
sbg
accept-ranges
bytes
x-cdn-request-id
630432756
x-shift8cdn-cache
MISS
expires
Mon, 29 Apr 2024 10:59:03 GMT
api.js
www.google.com/recaptcha/ 		884 B
903 B 		Script
General
Check archive.org
Download Go to
Full URL
https://www.google.com/recaptcha/api.js?render=6Ld8LuEdAAAAADnaHa6Msyaspc_sBW-Xks6odxd6&ver=3.0
Requested by
Host: topturf.fr
URL: https://topturf.fr/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80f::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
GSE /
Resource Hash
f86390833848eb094b3435174ea8b0a787ddffe13b07fe7b45bd14b3ce8e7bf6
Security Headers
Name Value
Content-Security-Policy frame-ancestors 'self'
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
fr-FR,fr;q=0.9
Referer
https://topturf.fr/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date
Sun, 30 Apr 2023 10:59:03 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy
frame-ancestors 'self'
server
GSE
x-frame-options
SAMEORIGIN
content-type
text/javascript; charset=UTF-8
cache-control
private, max-age=300
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
583
x-xss-protection
1; mode=block
expires
Sun, 30 Apr 2023 10:59:03 GMT
wpo-minify-footer-846b1d43.min.js
1ar3hxx1n773i.cdn.shift8web.com/wp-content/cache/wpo-minify/1682712092/assets/ 		33 KB
11 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://1ar3hxx1n773i.cdn.shift8web.com/wp-content/cache/wpo-minify/1682712092/assets/wpo-minify-footer-846b1d43.min.js
Requested by
Host: topturf.fr
URL: https://topturf.fr/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
139.162.154.220 Frankfurt am Main, Germany, ASN63949 (AKAMAI-LINODE-AP Akamai Connected Cloud, SG),
Reverse DNS
li1421-220.members.linode.com
Software
Shift8_CDN /
Resource Hash
8f3036e8045c1badb72a254adb9a3b60f9455b96209258d51a25820d62ad528d

Request headers

accept-language
fr-FR,fr;q=0.9
Referer
https://topturf.fr/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

pragma
public
date
Sun, 30 Apr 2023 10:59:03 GMT
content-encoding
br
last-modified
Fri, 28 Apr 2023 20:01:33 GMT
server
Shift8_CDN
x-cdn-cache
MISS
age
0
content-type
application/javascript
access-control-allow-origin
https://topturf.fr
cache-control
max-age=31536000
x-cdn-pop
sbg
accept-ranges
bytes
x-cdn-request-id
453090919
x-shift8cdn-cache
MISS
expires
Mon, 29 Apr 2024 10:59:03 GMT
analytics.js
www.google-analytics.com/ 		51 KB
21 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/analytics.js
Requested by
Host: topturf.fr
URL: https://topturf.fr/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82f::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
e7b90d32907f89c49e9e2a2ccca95133277f756f13a14187936d9b948ff67b44
Security Headers
Name Value
Strict-Transport-Security max-age=10886400; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
fr-FR,fr;q=0.9
Referer
https://topturf.fr/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

strict-transport-security
max-age=10886400; includeSubDomains; preload
content-encoding
gzip
x-content-type-options
nosniff
date
Sun, 30 Apr 2023 10:35:44 GMT
last-modified
Mon, 17 Apr 2023 22:36:01 GMT
server
Golfe2
age
1399
vary
Accept-Encoding
content-type
text/javascript
cache-control
public, max-age=7200
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
20737
expires
Sun, 30 Apr 2023 12:35:44 GMT
memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTS-mu0SC55I.woff2
fonts.gstatic.com/s/opensans/v34/ 		38 KB
39 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/opensans/v34/memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTS-mu0SC55I.woff2
Requested by
Host: topturf.fr
URL: https://topturf.fr/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:806::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
fbeb296c1ecc216a17bda77bf65e833cc0410cfbe1908e121f7a4549cc390675
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://topturf.fr/
Origin
https://topturf.fr
accept-language
fr-FR,fr;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date
Sat, 29 Apr 2023 17:49:30 GMT
x-content-type-options
nosniff
age
61773
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
39372
x-xss-protection
0
last-modified
Mon, 15 Aug 2022 18:20:48 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Sun, 28 Apr 2024 17:49:30 GMT
1Ptug8zYS_SKggPNyC0IT4ttDfA.woff2
fonts.gstatic.com/s/raleway/v28/ 		41 KB
41 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/raleway/v28/1Ptug8zYS_SKggPNyC0IT4ttDfA.woff2
Requested by
Host: topturf.fr
URL: https://topturf.fr/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:806::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
1c43b0ad19f388f2381cbbb9ed34cee414d5f74d35897d496f5806c45a02ae0a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://topturf.fr/
Origin
https://topturf.fr
accept-language
fr-FR,fr;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date
Wed, 26 Apr 2023 23:43:29 GMT
x-content-type-options
nosniff
age
299734
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
41852
x-xss-protection
0
last-modified
Mon, 18 Jul 2022 19:45:40 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Thu, 25 Apr 2024 23:43:29 GMT
qlun.jpg
1ar3hxx1n773i.cdn.shift8web.com/wp-content/uploads/2023/04/ 		10 KB
9 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://1ar3hxx1n773i.cdn.shift8web.com/wp-content/uploads/2023/04/qlun.jpg
Requested by
Host: topturf.fr
URL: https://topturf.fr/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
139.162.154.220 Frankfurt am Main, Germany, ASN63949 (AKAMAI-LINODE-AP Akamai Connected Cloud, SG),
Reverse DNS
li1421-220.members.linode.com
Software
Shift8_CDN /
Resource Hash
9aabc64211f26b5f794d60b423532e69c040512cd6d618fac354186daa78722c

Request headers

accept-language
fr-FR,fr;q=0.9
Referer
https://topturf.fr/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

pragma
public
date
Sun, 30 Apr 2023 10:59:04 GMT
content-encoding
br
last-modified
Tue, 18 Apr 2023 15:43:53 GMT
server
Shift8_CDN
x-cdn-cache
MISS
age
0
vary
Accept-Encoding
content-type
image/jpeg
access-control-allow-origin
https://topturf.fr
cache-control
max-age=31536000
x-cdn-pop
sbg
x-cdn-request-id
436511111
x-shift8cdn-cache
MISS
expires
Mon, 29 Apr 2024 10:59:04 GMT
qmar.jpg
1ar3hxx1n773i.cdn.shift8web.com/wp-content/uploads/2023/04/ 		10 KB
9 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://1ar3hxx1n773i.cdn.shift8web.com/wp-content/uploads/2023/04/qmar.jpg
Requested by
Host: topturf.fr
URL: https://topturf.fr/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
139.162.154.220 Frankfurt am Main, Germany, ASN63949 (AKAMAI-LINODE-AP Akamai Connected Cloud, SG),
Reverse DNS
li1421-220.members.linode.com
Software
Shift8_CDN /
Resource Hash
c228174d6618fab813dd10e38352c5c8fe448aaac4c486a9e59e74bb380d3d44

Request headers

accept-language
fr-FR,fr;q=0.9
Referer
https://topturf.fr/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

pragma
public
date
Sun, 30 Apr 2023 10:59:04 GMT
content-encoding
br
last-modified
Tue, 18 Apr 2023 16:38:06 GMT
server
Shift8_CDN
x-cdn-cache
MISS
age
0
vary
Accept-Encoding
content-type
image/jpeg
access-control-allow-origin
https://topturf.fr
cache-control
max-age=31536000
x-cdn-pop
sbg
x-cdn-request-id
691546119
x-shift8cdn-cache
MISS
expires
Mon, 29 Apr 2024 10:59:04 GMT
qmer.jpg
1ar3hxx1n773i.cdn.shift8web.com/wp-content/uploads/2023/04/ 		11 KB
10 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://1ar3hxx1n773i.cdn.shift8web.com/wp-content/uploads/2023/04/qmer.jpg
Requested by
Host: topturf.fr
URL: https://topturf.fr/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
139.162.154.220 Frankfurt am Main, Germany, ASN63949 (AKAMAI-LINODE-AP Akamai Connected Cloud, SG),
Reverse DNS
li1421-220.members.linode.com
Software
Shift8_CDN /
Resource Hash
1bfdce7fc2a777810bc44685769dd7f21481fd2c6ecef0064ba95f701a674931

Request headers

accept-language
fr-FR,fr;q=0.9
Referer
https://topturf.fr/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

pragma
public
date
Sun, 30 Apr 2023 10:59:03 GMT
content-encoding
br
last-modified
Tue, 18 Apr 2023 17:30:47 GMT
server
Shift8_CDN
x-cdn-cache
MISS
age
0
vary
Accept-Encoding
content-type
image/jpeg
access-control-allow-origin
https://topturf.fr
cache-control
max-age=31536000
x-cdn-pop
sbg
x-cdn-request-id
1000453338
x-shift8cdn-cache
MISS
expires
Mon, 29 Apr 2024 10:59:03 GMT
qjeu.jpg
1ar3hxx1n773i.cdn.shift8web.com/wp-content/uploads/2023/04/ 		10 KB
9 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://1ar3hxx1n773i.cdn.shift8web.com/wp-content/uploads/2023/04/qjeu.jpg
Requested by
Host: topturf.fr
URL: https://topturf.fr/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
139.162.154.220 Frankfurt am Main, Germany, ASN63949 (AKAMAI-LINODE-AP Akamai Connected Cloud, SG),
Reverse DNS
li1421-220.members.linode.com
Software
Shift8_CDN /
Resource Hash
6acf3bc22e1c415124aa199c6ea6191637a9eb0583ae8120b22b68811010d46b

Request headers

accept-language
fr-FR,fr;q=0.9
Referer
https://topturf.fr/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

pragma
public
date
Sun, 30 Apr 2023 10:59:03 GMT
content-encoding
br
last-modified
Tue, 18 Apr 2023 14:50:32 GMT
server
Shift8_CDN
x-cdn-cache
MISS
age
0
vary
Accept-Encoding
content-type
image/jpeg
access-control-allow-origin
https://topturf.fr
cache-control
max-age=31536000
x-cdn-pop
sbg
x-cdn-request-id
282959838
x-shift8cdn-cache
MISS
expires
Mon, 29 Apr 2024 10:59:03 GMT
qven.jpg
1ar3hxx1n773i.cdn.shift8web.com/wp-content/uploads/2023/04/ 		11 KB
10 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://1ar3hxx1n773i.cdn.shift8web.com/wp-content/uploads/2023/04/qven.jpg
Requested by
Host: topturf.fr
URL: https://topturf.fr/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
139.162.154.220 Frankfurt am Main, Germany, ASN63949 (AKAMAI-LINODE-AP Akamai Connected Cloud, SG),
Reverse DNS
li1421-220.members.linode.com
Software
Shift8_CDN /
Resource Hash
9487076bb4c1e15a2b69d6c07a0d0d7cc3608d5af93f2a92aaf4a029b7feb029

Request headers

accept-language
fr-FR,fr;q=0.9
Referer
https://topturf.fr/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

pragma
public
date
Sun, 30 Apr 2023 10:59:03 GMT
content-encoding
br
last-modified
Tue, 18 Apr 2023 19:16:50 GMT
server
Shift8_CDN
x-cdn-cache
MISS
age
0
vary
Accept-Encoding
content-type
image/jpeg
access-control-allow-origin
https://topturf.fr
cache-control
max-age=31536000
x-cdn-pop
sbg
x-cdn-request-id
222799893
x-shift8cdn-cache
MISS
expires
Mon, 29 Apr 2024 10:59:03 GMT
qsam.jpg
1ar3hxx1n773i.cdn.shift8web.com/wp-content/uploads/2023/04/ 		10 KB
9 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://1ar3hxx1n773i.cdn.shift8web.com/wp-content/uploads/2023/04/qsam.jpg
Requested by
Host: topturf.fr
URL: https://topturf.fr/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
139.162.154.220 Frankfurt am Main, Germany, ASN63949 (AKAMAI-LINODE-AP Akamai Connected Cloud, SG),
Reverse DNS
li1421-220.members.linode.com
Software
Shift8_CDN /
Resource Hash
675dd137924aebb2b43e33dd741971a26883a0f5a22e1db4cc4386c63bd137c2

Request headers

accept-language
fr-FR,fr;q=0.9
Referer
https://topturf.fr/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

pragma
public
date
Sun, 30 Apr 2023 10:59:04 GMT
content-encoding
br
last-modified
Tue, 18 Apr 2023 18:21:05 GMT
server
Shift8_CDN
x-cdn-cache
MISS
age
0
vary
Accept-Encoding
content-type
image/jpeg
access-control-allow-origin
https://topturf.fr
cache-control
max-age=31536000
x-cdn-pop
sbg
x-cdn-request-id
340139424
x-shift8cdn-cache
MISS
expires
Mon, 29 Apr 2024 10:59:04 GMT
qdim.jpg
1ar3hxx1n773i.cdn.shift8web.com/wp-content/uploads/2023/04/ 		11 KB
10 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://1ar3hxx1n773i.cdn.shift8web.com/wp-content/uploads/2023/04/qdim.jpg
Requested by
Host: topturf.fr
URL: https://topturf.fr/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
139.162.154.220 Frankfurt am Main, Germany, ASN63949 (AKAMAI-LINODE-AP Akamai Connected Cloud, SG),
Reverse DNS
li1421-220.members.linode.com
Software
Shift8_CDN /
Resource Hash
c319ecc0fa11086f4caf3781fc4c8220ca11432ad356d46bcd1bbda7760acd27

Request headers

accept-language
fr-FR,fr;q=0.9
Referer
https://topturf.fr/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

pragma
public
date
Sun, 30 Apr 2023 10:59:03 GMT
content-encoding
br
last-modified
Tue, 18 Apr 2023 13:57:19 GMT
server
Shift8_CDN
x-cdn-cache
MISS
age
0
vary
Accept-Encoding
content-type
image/jpeg
access-control-allow-origin
https://topturf.fr
cache-control
max-age=31536000
x-cdn-pop
sbg
x-cdn-request-id
959228991
x-shift8cdn-cache
MISS
expires
Mon, 29 Apr 2024 10:59:03 GMT
arnaques.jpg
1ar3hxx1n773i.cdn.shift8web.com/wp-content/uploads/2023/04/ 		20 KB
19 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://1ar3hxx1n773i.cdn.shift8web.com/wp-content/uploads/2023/04/arnaques.jpg
Requested by
Host: topturf.fr
URL: https://topturf.fr/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
139.162.154.220 Frankfurt am Main, Germany, ASN63949 (AKAMAI-LINODE-AP Akamai Connected Cloud, SG),
Reverse DNS
li1421-220.members.linode.com
Software
Shift8_CDN /
Resource Hash
e97f4f517295721e51adb9d2cbcefd7dede5e7883d5eacb35bea0f362baa335e

Request headers

accept-language
fr-FR,fr;q=0.9
Referer
https://topturf.fr/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

pragma
public
date
Sun, 30 Apr 2023 10:59:04 GMT
content-encoding
br
last-modified
Tue, 18 Apr 2023 20:11:19 GMT
server
Shift8_CDN
x-cdn-cache
MISS
age
0
vary
Accept-Encoding
content-type
image/jpeg
access-control-allow-origin
https://topturf.fr
cache-control
max-age=31536000
x-cdn-pop
sbg
x-cdn-request-id
240628030
x-shift8cdn-cache
MISS
expires
Mon, 29 Apr 2024 10:59:04 GMT
tq.jpg
1ar3hxx1n773i.cdn.shift8web.com/wp-content/uploads/2021/05/ 		18 KB
18 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://1ar3hxx1n773i.cdn.shift8web.com/wp-content/uploads/2021/05/tq.jpg
Requested by
Host: topturf.fr
URL: https://topturf.fr/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
139.162.154.220 Frankfurt am Main, Germany, ASN63949 (AKAMAI-LINODE-AP Akamai Connected Cloud, SG),
Reverse DNS
li1421-220.members.linode.com
Software
Shift8_CDN /
Resource Hash
0058fa44bfbd072262397e463876382ce6283dcb2b979b7f45c00ebdc119f1c7

Request headers

accept-language
fr-FR,fr;q=0.9
Referer
https://topturf.fr/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

pragma
public
date
Sun, 30 Apr 2023 10:59:04 GMT
content-encoding
br
last-modified
Sat, 22 May 2021 20:00:09 GMT
server
Shift8_CDN
x-cdn-cache
MISS
age
0
vary
Accept-Encoding
content-type
image/jpeg
access-control-allow-origin
https://topturf.fr
cache-control
max-age=31536000
x-cdn-pop
sbg
x-cdn-request-id
280048000
x-shift8cdn-cache
MISS
expires
Mon, 29 Apr 2024 10:59:04 GMT
recaptcha__fr.js
www.gstatic.com/recaptcha/releases/4q6CtudrwcI-LSEYlfoEbDXg/ 		409 KB
164 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.gstatic.com/recaptcha/releases/4q6CtudrwcI-LSEYlfoEbDXg/recaptcha__fr.js
Requested by
Host: www.google.com
URL: https://www.google.com/recaptcha/api.js?render=6Ld8LuEdAAAAADnaHa6Msyaspc_sBW-Xks6odxd6&ver=3.0
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:813::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
d8d98de0149ab9063107c2864f97801ad1082a81ffaa46be85db9372b3d67266
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://topturf.fr/
Origin
https://topturf.fr
accept-language
fr-FR,fr;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date
Tue, 25 Apr 2023 03:09:07 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
460196
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
167115
x-xss-protection
0
last-modified
Mon, 24 Apr 2023 20:17:33 GMT
server
sffe
cross-origin-opener-policy
same-origin-allow-popups; report-to="recaptcha"
vary
Accept-Encoding
report-to
{"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-type
text/javascript
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Wed, 24 Apr 2024 03:09:07 GMT
collect
www.google-analytics.com/j/ 		3 B
204 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/j/collect?v=1&_v=j100&a=1619904287&t=pageview&_s=1&dl=https%3A%2F%2Ftopturf.fr%2F&ul=en-us&de=UTF-8&dt=TURF%20PMU%20TOPTURF%20PRONOSTICS%20BASES%20BETON&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=IEBAAEABAAAAACAAI~&jid=2065947906&gjid=1466459289&cid=2134146767.1682852344&tid=UA-4843690-1&_gid=273924678.1682852344&_r=1&_slc=1&z=859954210
Requested by
Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82f::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
1cffc2b3146584685cd72751d7f28aa030ab9ae2f1bc78f2c27909f8d8287b26
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://topturf.fr/
accept-language
fr-FR,fr;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Sun, 30 Apr 2023 10:59:03 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://topturf.fr
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
3
expires
Fri, 01 Jan 1990 00:00:00 GMT
anchor
www.google.com/recaptcha/api2/ Frame A3F8 		49 KB
27 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://www.google.com/recaptcha/api2/anchor?ar=1&k=6Ld8LuEdAAAAADnaHa6Msyaspc_sBW-Xks6odxd6&co=aHR0cHM6Ly90b3B0dXJmLmZyOjQ0Mw..&hl=fr&v=4q6CtudrwcI-LSEYlfoEbDXg&size=invisible&cb=rbswijba6hfo
Requested by
Host: www.gstatic.com
URL: https://www.gstatic.com/recaptcha/releases/4q6CtudrwcI-LSEYlfoEbDXg/recaptcha__fr.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80f::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
GSE /
Resource Hash
0bb6bd363350ef7967dc25071b290aa38181dba4acef019ad66fdb86e0ccb13c
Security Headers
Name Value
Content-Security-Policy script-src 'report-sample' 'nonce-looRqjC3dLQKpkSm0yeFyQ' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://topturf.fr/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36
accept-language
fr-FR,fr;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
no-cache, no-store, max-age=0, must-revalidate
content-encoding
gzip
content-length
27346
content-security-policy
script-src 'report-sample' 'nonce-looRqjC3dLQKpkSm0yeFyQ' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-type
text/html; charset=utf-8
cross-origin-embedder-policy
require-corp
cross-origin-resource-policy
cross-origin
date
Sun, 30 Apr 2023 10:59:04 GMT
expires
Mon, 01 Jan 1990 00:00:00 GMT
pragma
no-cache
report-to
{"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
server
GSE
x-content-type-options
nosniff
x-xss-protection
1; mode=block
styles__ltr.css
www.gstatic.com/recaptcha/releases/4q6CtudrwcI-LSEYlfoEbDXg/ Frame A3F8 		55 KB
24 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://www.gstatic.com/recaptcha/releases/4q6CtudrwcI-LSEYlfoEbDXg/styles__ltr.css
Requested by
Host: www.google.com
URL: https://www.google.com/recaptcha/api2/anchor?ar=1&k=6Ld8LuEdAAAAADnaHa6Msyaspc_sBW-Xks6odxd6&co=aHR0cHM6Ly90b3B0dXJmLmZyOjQ0Mw..&hl=fr&v=4q6CtudrwcI-LSEYlfoEbDXg&size=invisible&cb=rbswijba6hfo
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:813::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
952833e41ba7a4b64c31a2d7b07dde81bf5bbacf5cbb967821cfe459d0c4a0d8
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
fr-FR,fr;q=0.9
Referer
https://www.google.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date
Tue, 25 Apr 2023 02:16:05 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
463379
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
24605
x-xss-protection
0
last-modified
Mon, 24 Apr 2023 20:17:33 GMT
server
sffe
cross-origin-opener-policy
same-origin-allow-popups; report-to="recaptcha"
vary
Accept-Encoding
report-to
{"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-type
text/css
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Wed, 24 Apr 2024 02:16:05 GMT
recaptcha__fr.js
www.gstatic.com/recaptcha/releases/4q6CtudrwcI-LSEYlfoEbDXg/ Frame A3F8 		409 KB
163 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.gstatic.com/recaptcha/releases/4q6CtudrwcI-LSEYlfoEbDXg/recaptcha__fr.js
Requested by
Host: www.google.com
URL: https://www.google.com/recaptcha/api2/anchor?ar=1&k=6Ld8LuEdAAAAADnaHa6Msyaspc_sBW-Xks6odxd6&co=aHR0cHM6Ly90b3B0dXJmLmZyOjQ0Mw..&hl=fr&v=4q6CtudrwcI-LSEYlfoEbDXg&size=invisible&cb=rbswijba6hfo
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:813::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
d8d98de0149ab9063107c2864f97801ad1082a81ffaa46be85db9372b3d67266
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
fr-FR,fr;q=0.9
Referer
https://www.google.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date
Tue, 25 Apr 2023 03:09:07 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
460197
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
167115
x-xss-protection
0
last-modified
Mon, 24 Apr 2023 20:17:33 GMT
server
sffe
cross-origin-opener-policy
same-origin-allow-popups; report-to="recaptcha"
vary
Accept-Encoding
report-to
{"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-type
text/javascript
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Wed, 24 Apr 2024 03:09:07 GMT
logo_48.png
www.gstatic.com/recaptcha/api2/ Frame A3F8 		2 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.gstatic.com/recaptcha/api2/logo_48.png
Requested by
Host: www.gstatic.com
URL: https://www.gstatic.com/recaptcha/releases/4q6CtudrwcI-LSEYlfoEbDXg/styles__ltr.css
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:813::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
1b9efb22c938500971aac2b2130a475fa23684dd69e43103894968df83145b8a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
fr-FR,fr;q=0.9
Referer
https://www.gstatic.com/recaptcha/releases/4q6CtudrwcI-LSEYlfoEbDXg/styles__ltr.css
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date
Sat, 29 Apr 2023 23:52:14 GMT
x-content-type-options
nosniff
age
40010
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
2228
x-xss-protection
0
last-modified
Tue, 03 Mar 2020 20:15:00 GMT
server
sffe
cross-origin-opener-policy
same-origin-allow-popups; report-to="recaptcha"
report-to
{"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-type
image/png
cache-control
public, max-age=604800
accept-ranges
bytes
expires
Sat, 06 May 2023 23:52:14 GMT
KFOmCnqEu92Fr1Mu4mxK.woff2
fonts.gstatic.com/s/roboto/v18/ Frame A3F8 		15 KB
15 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/roboto/v18/KFOmCnqEu92Fr1Mu4mxK.woff2
Requested by
Host: www.google.com
URL: https://www.google.com/recaptcha/api2/anchor?ar=1&k=6Ld8LuEdAAAAADnaHa6Msyaspc_sBW-Xks6odxd6&co=aHR0cHM6Ly90b3B0dXJmLmZyOjQ0Mw..&hl=fr&v=4q6CtudrwcI-LSEYlfoEbDXg&size=invisible&cb=rbswijba6hfo
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:806::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
3e253b66056519aa065b00a453bac37ac5ed8f3e6fe7b542e93a9dcdcc11d0bc
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.google.com/
Origin
https://www.google.com
accept-language
fr-FR,fr;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date
Sat, 29 Apr 2023 23:28:35 GMT
x-content-type-options
nosniff
age
41429
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
15344
x-xss-protection
0
last-modified
Mon, 16 Oct 2017 17:32:55 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Sun, 28 Apr 2024 23:28:35 GMT
KFOlCnqEu92Fr1MmEU9fBBc4.woff2
fonts.gstatic.com/s/roboto/v18/ Frame A3F8 		15 KB
15 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/roboto/v18/KFOlCnqEu92Fr1MmEU9fBBc4.woff2
Requested by
Host: www.google.com
URL: https://www.google.com/recaptcha/api2/anchor?ar=1&k=6Ld8LuEdAAAAADnaHa6Msyaspc_sBW-Xks6odxd6&co=aHR0cHM6Ly90b3B0dXJmLmZyOjQ0Mw..&hl=fr&v=4q6CtudrwcI-LSEYlfoEbDXg&size=invisible&cb=rbswijba6hfo
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:806::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
5a8c1e7681318caa29e9f44e8a6e271f6a4067a2703e9916dfd4fe9099241db7
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.google.com/
Origin
https://www.google.com
accept-language
fr-FR,fr;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date
Sat, 29 Apr 2023 23:30:46 GMT
x-content-type-options
nosniff
age
41298
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
15552
x-xss-protection
0
last-modified
Mon, 16 Oct 2017 17:33:02 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Sun, 28 Apr 2024 23:30:46 GMT
webworker.js
www.google.com/recaptcha/api2/ Frame A3F8 		102 B
133 B 		Other
General
Check archive.org
Download Go to
Full URL
https://www.google.com/recaptcha/api2/webworker.js?hl=fr&v=4q6CtudrwcI-LSEYlfoEbDXg
Requested by
Host: www.google.com
URL: https://www.google.com/recaptcha/api2/anchor?ar=1&k=6Ld8LuEdAAAAADnaHa6Msyaspc_sBW-Xks6odxd6&co=aHR0cHM6Ly90b3B0dXJmLmZyOjQ0Mw..&hl=fr&v=4q6CtudrwcI-LSEYlfoEbDXg&size=invisible&cb=rbswijba6hfo
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80f::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
GSE /
Resource Hash
b9f243efcfca4b4aae346113247a394f75473b1ec2a799d60421a7e512275ec2
Security Headers
Name Value
Content-Security-Policy frame-ancestors 'self'
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
fr-FR,fr;q=0.9
Referer
https://www.google.com/recaptcha/api2/anchor?ar=1&k=6Ld8LuEdAAAAADnaHa6Msyaspc_sBW-Xks6odxd6&co=aHR0cHM6Ly90b3B0dXJmLmZyOjQ0Mw..&hl=fr&v=4q6CtudrwcI-LSEYlfoEbDXg&size=invisible&cb=rbswijba6hfo
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date
Sun, 30 Apr 2023 10:59:04 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy
frame-ancestors 'self'
server
GSE
cross-origin-embedder-policy
require-corp
x-frame-options
SAMEORIGIN
report-to
{"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-type
text/javascript; charset=UTF-8
cache-control
private, max-age=300
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
111
x-xss-protection
1; mode=block
expires
Sun, 30 Apr 2023 10:59:04 GMT
reload
www.google.com/recaptcha/api2/ Frame A3F8 		32 KB
18 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://www.google.com/recaptcha/api2/reload?k=6Ld8LuEdAAAAADnaHa6Msyaspc_sBW-Xks6odxd6
Requested by
Host: www.gstatic.com
URL: https://www.gstatic.com/recaptcha/releases/4q6CtudrwcI-LSEYlfoEbDXg/recaptcha__fr.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80f::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
GSE /
Resource Hash
4d6137dd505ba316b728e80bddb41ef705cb32fe8020e2d85f633167c9a0b482
Security Headers
Name Value
Content-Security-Policy frame-ancestors 'self'
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Referer
https://www.google.com/recaptcha/api2/anchor?ar=1&k=6Ld8LuEdAAAAADnaHa6Msyaspc_sBW-Xks6odxd6&co=aHR0cHM6Ly90b3B0dXJmLmZyOjQ0Mw..&hl=fr&v=4q6CtudrwcI-LSEYlfoEbDXg&size=invisible&cb=rbswijba6hfo
accept-language
fr-FR,fr;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36
Content-Type
application/x-protobuffer

Response headers

date
Sun, 30 Apr 2023 10:59:04 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy
frame-ancestors 'self'
server
GSE
x-frame-options
SAMEORIGIN
content-type
application/json; charset=utf-8
cache-control
private, max-age=0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
18583
x-xss-protection
1; mode=block
expires
Sun, 30 Apr 2023 10:59:04 GMT

Verdicts & Comments Add Verdict or Comment

56 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| 0 object| 1 boolean| credentialless object| ajax_object_cf7pp object| Cli_Data object| cli_cookiebar_settings object| log_object object| icf7s_option object| CLI_Cookie object| CLI object| cliBlocker undefined| $ function| jQuery string| CLI_ACCEPT_COOKIE_NAME string| CLI_PREFERNCE_COOKIE number| CLI_ACCEPT_COOKIE_EXPIRE boolean| CLI_COOKIEBAR_AS_POPUP string| GoogleAnalyticsObject function| ga object| wpcf7 object| onepress_js_settings object| onepressIsMobile function| preload_images function| _to_number function| _to_bool function| isElementInViewport object| swv function| WOW function| Waypoint function| Tether function| EvEmitter function| imagesLoaded function| jarallax object| ___grecaptcha_cfg object| grecaptcha string| __recaptcha_api boolean| __google_recaptcha_client object| wpcf7_recaptcha object| runtime object| regeneratorRuntime function| setImmediate function| clearImmediate string| currentText string| categoryCookie object| categoryCookieValue object| cli_chkbox_elm string| cli_chkbox_data_id string| cli_chkbox_data_id_trimmed object| srcReplaceableElms boolean| current_nav_item object| google_tag_data object| gaplugins object| gaGlobal object| gaData object| recaptcha object| closure_lm_617596

10 Cookies

Domain/Path Name / Value
www.google.com/recaptcha Name: _GRECAPTCHA
Value: 09ABAvrlS76am5zlbKK_3SedAn55B3CGM8p193s2yGiefPU3OSLqMOrdElzXVAhXlEPeCgtilQ0zob3h8TPRV7ZBU
topturf.fr/ Name: cookielawinfo-checkbox-necessary
Value: yes
topturf.fr/ Name: cookielawinfo-checkbox-functional
Value: no
topturf.fr/ Name: cookielawinfo-checkbox-performance
Value: no
topturf.fr/ Name: cookielawinfo-checkbox-analytics
Value: no
topturf.fr/ Name: cookielawinfo-checkbox-advertisement
Value: no
topturf.fr/ Name: cookielawinfo-checkbox-others
Value: no
.topturf.fr/ Name: _ga
Value: GA1.2.2134146767.1682852344
.topturf.fr/ Name: _gid
Value: GA1.2.273924678.1682852344
.topturf.fr/ Name: _gat
Value: 1

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

1ar3hxx1n773i.cdn.shift8web.com
fonts.gstatic.com
topturf.fr
www.google-analytics.com
www.google.com
www.gstatic.com
139.162.154.220
2a00:1450:4001:806::2003
2a00:1450:4001:80f::2004
2a00:1450:4001:813::2003
2a00:1450:4001:82f::200e
46.105.204.2
0058fa44bfbd072262397e463876382ce6283dcb2b979b7f45c00ebdc119f1c7
0bb6bd363350ef7967dc25071b290aa38181dba4acef019ad66fdb86e0ccb13c
1b9efb22c938500971aac2b2130a475fa23684dd69e43103894968df83145b8a
1bfdce7fc2a777810bc44685769dd7f21481fd2c6ecef0064ba95f701a674931
1c43b0ad19f388f2381cbbb9ed34cee414d5f74d35897d496f5806c45a02ae0a
1cffc2b3146584685cd72751d7f28aa030ab9ae2f1bc78f2c27909f8d8287b26
3e253b66056519aa065b00a453bac37ac5ed8f3e6fe7b542e93a9dcdcc11d0bc
4d6137dd505ba316b728e80bddb41ef705cb32fe8020e2d85f633167c9a0b482
521af4952d61d1b5df317d0d4c233a8018f68f0bdb9ec2bc3e468066fc9a834e
55ecd916f134f2672c04aa70ab501a1590a51691aafd324be98c440049fa99d2
5a8c1e7681318caa29e9f44e8a6e271f6a4067a2703e9916dfd4fe9099241db7
675dd137924aebb2b43e33dd741971a26883a0f5a22e1db4cc4386c63bd137c2
6acf3bc22e1c415124aa199c6ea6191637a9eb0583ae8120b22b68811010d46b
8f3036e8045c1badb72a254adb9a3b60f9455b96209258d51a25820d62ad528d
9487076bb4c1e15a2b69d6c07a0d0d7cc3608d5af93f2a92aaf4a029b7feb029
952833e41ba7a4b64c31a2d7b07dde81bf5bbacf5cbb967821cfe459d0c4a0d8
9aabc64211f26b5f794d60b423532e69c040512cd6d618fac354186daa78722c
9cf4e990ecb95c2f1870dd9810354aac58f8fdf75c204ac8dffb26acd57e0429
b9f243efcfca4b4aae346113247a394f75473b1ec2a799d60421a7e512275ec2
c05fccac4c4ff2925afec40c903b97294f86f4a63a1b1252614101298d80398a
c08d2cdd55fba5972b277c96b012c1de46b97f5fbe0ec1b95d77e0fdb523f86d
c228174d6618fab813dd10e38352c5c8fe448aaac4c486a9e59e74bb380d3d44
c319ecc0fa11086f4caf3781fc4c8220ca11432ad356d46bcd1bbda7760acd27
d84b38c957c1390651ff54f51243b5d9a531d7085701e9d778a1ff3223feea22
d8d98de0149ab9063107c2864f97801ad1082a81ffaa46be85db9372b3d67266
e7b90d32907f89c49e9e2a2ccca95133277f756f13a14187936d9b948ff67b44
e97f4f517295721e51adb9d2cbcefd7dede5e7883d5eacb35bea0f362baa335e
f86390833848eb094b3435174ea8b0a787ddffe13b07fe7b45bd14b3ce8e7bf6
fbeb296c1ecc216a17bda77bf65e833cc0410cfbe1908e121f7a4549cc390675