urlscan.io logo urlscan.io
SecurityTrails logo

www.turfuniversel.com Open in urlscan Pro
195.154.21.70  Public Scan

Go To Rescan Add Verdict Report
URL: http://www.turfuniversel.com/passwordaccess/password/6414a5ebfe02c5ef5e2ddbc9/
Submission: On October 15 via manual from GA — Scanned from FR
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 8 IPs in 4 countries across 8 domains to perform 17 HTTP transactions. The main IP is 195.154.21.70, located in Paris, France and belongs to Online SAS, FR. The main domain is www.turfuniversel.com.
This is the only time www.turfuniversel.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
1 7 195.154.21.70 12876 (Online SAS)
2 2a00:1450:400... 15169 (GOOGLE)
1 173.233.137.44 7979 (SERVERS-COM)
3 139.45.197.239 9002 (RETN-AS)
2 2a00:1450:400... 15169 (GOOGLE)
1 2606:4700:303... 13335 (CLOUDFLAR...)
1 139.45.195.254 9002 (RETN-AS)
1 139.45.195.8 9002 (RETN-AS)
17 8
7    195.154.21.70 (Paris, France)

ASN12876 (Online SAS, FR)
www.turfuniversel.com
2    2a00:1450:4001:829::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
fonts.googleapis.com
1    173.233.137.44 (United States)

ASN7979 (SERVERS-COM, US)
pl17799999.highcpmrevenuegate.com
3    139.45.197.239 (United Kingdom)

ASN9002 (RETN-AS, GB)
gloaphoo.net
2    2a00:1450:4001:808::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
fonts.gstatic.com
1    2606:4700:3035::ac43:8693 (United States)

ASN13335 (CLOUDFLARENET, US)
tzegilo.com
1    139.45.195.254 (United Kingdom)

ASN9002 (RETN-AS, GB)
fleraprt.com
1    139.45.195.8 (United Kingdom)

ASN9002 (RETN-AS, GB)
my.rtmark.net
Apex Domain
Subdomains		 Transfer
7 turfuniversel.com
www.turfuniversel.com
726 KB
3 gloaphoo.net
gloaphoo.net — Cisco Umbrella Rank: 117084
35 KB
2 gstatic.com
fonts.gstatic.com
44 KB
2 googleapis.com
fonts.googleapis.com — Cisco Umbrella Rank: 49
2 KB
1 rtmark.net
my.rtmark.net — Cisco Umbrella Rank: 9763
549 B
1 fleraprt.com
fleraprt.com — Cisco Umbrella Rank: 16383
490 B
1 tzegilo.com
tzegilo.com — Cisco Umbrella Rank: 17690
8 KB
1 highcpmrevenuegate.com
pl17799999.highcpmrevenuegate.com
17 8
Domain Requested by
7 www.turfuniversel.com 1 redirects www.turfuniversel.com
3 gloaphoo.net www.turfuniversel.com
gloaphoo.net
2 fonts.gstatic.com fonts.googleapis.com
2 fonts.googleapis.com www.turfuniversel.com
1 my.rtmark.net gloaphoo.net
1 fleraprt.com tzegilo.com
1 tzegilo.com gloaphoo.net
1 pl17799999.highcpmrevenuegate.com www.turfuniversel.com
17 8

This site contains no links.

Subject Issuer Validity Valid
upload.video.google.com
GTS CA 1C3		 2023-09-18 -
2023-12-11		 3 months crt.sh
gloaphoo.net
R3		 2023-10-14 -
2024-01-12		 3 months crt.sh
*.gstatic.com
GTS CA 1C3		 2023-09-18 -
2023-12-11		 3 months crt.sh
tzegilo.com
GTS CA 1P5		 2023-10-05 -
2024-01-03		 3 months crt.sh
fleraprt.com
Sectigo RSA Domain Validation Secure Server CA		 2023-01-09 -
2024-01-14		 a year crt.sh
rtmark.net
R3		 2023-07-25 -
2023-10-23		 3 months crt.sh

This page contains 1 frames:

Primary Page: http://www.turfuniversel.com/passwordaccess/password/6414a5ebfe02c5ef5e2ddbc9/
Frame ID: EFAA573BDBAF740948EE95D92A592C56
Requests: 16 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page Title

Turf Universel

Page URL History Show full URLs

  1. http://www.turfuniversel.com/passwordaccess/password/6414a5ebfe02c5ef5e2ddbc9 HTTP 301
    http://www.turfuniversel.com/passwordaccess/password/6414a5ebfe02c5ef5e2ddbc9/ Page URL

Detected technologies

Overall confidence: 100%
Detected patterns
  • bootstrap(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)[^>]*?(?:\.min)?\.js
Overall confidence: 100%
Detected patterns
  • <link[^>]* href=[^>]+fonts\.(?:googleapis|google)\.com
Overall confidence: 100%
Detected patterns
  • jquery[.-]([\d.]*\d)[^/]*\.js
  • jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

Page Statistics

17
Requests

59 %
HTTPS

38 %
IPv6

8
Domains

8
Subdomains

8
IPs

4
Countries

815 kB
Transfer

1008 kB
Size

2
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. http://www.turfuniversel.com/passwordaccess/password/6414a5ebfe02c5ef5e2ddbc9 HTTP 301
    http://www.turfuniversel.com/passwordaccess/password/6414a5ebfe02c5ef5e2ddbc9/ Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

17 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Primary Request /
www.turfuniversel.com/passwordaccess/password/6414a5ebfe02c5ef5e2ddbc9/
Redirect Chain
  • http://www.turfuniversel.com/passwordaccess/password/6414a5ebfe02c5ef5e2ddbc9
  • http://www.turfuniversel.com/passwordaccess/password/6414a5ebfe02c5ef5e2ddbc9/
3 KB
4 KB 		Document
General
Check archive.org
Download Go to
Full URL
http://www.turfuniversel.com/passwordaccess/password/6414a5ebfe02c5ef5e2ddbc9/
Protocol
HTTP/1.1
Server
195.154.21.70 Paris, France, ASN12876 (Online SAS, FR),
Reverse DNS
Software
Apache / PHP/8.2.6
Resource Hash
4262e3d5c25abc6dbc01517ea16e3ec039dc0b5507900b687a0815401606a163
Security Headers
Name Value
X-Frame-Options sameorigin

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36
accept-language
fr-FR,fr;q=0.9

Response headers

Cache-Control
must-revalidate, no-cache, private
Connection
close
Content-Type
text/html; charset=UTF-8
Date
Sun, 15 Oct 2023 03:11:08 GMT
Expires
Sat, 26 Jul 1997 05:00:00 GMT
Pragma
no-cache
Server
Apache
Transfer-Encoding
chunked
X-EMS-Server
98
X-Frame-Options
sameorigin
X-Powered-By
PHP/8.2.6

Redirect headers

Connection
close
Content-Length
0
Content-Type
text/html; charset=UTF-8
Date
Sun, 15 Oct 2023 03:11:08 GMT
Location
http://www.turfuniversel.com/passwordaccess/password/6414a5ebfe02c5ef5e2ddbc9/
Server
Apache
X-EMS-Server
162
X-Frame-Options
sameorigin
X-Powered-By
PHP/8.2.6
css
fonts.googleapis.com/ 		11 KB
962 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css?family=Shanti:300,400,700%7CFira%20Sans:300,400,700%7CBarlow%20Condensed:300,400,700&display=swap
Requested by
Host: www.turfuniversel.com
URL: http://www.turfuniversel.com/passwordaccess/password/6414a5ebfe02c5ef5e2ddbc9/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:829::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
3686b6ecddb2dce45d886d2d21f8a9c6c7a21de7a9eab6e33a050fe0c9770bfb
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

accept-language
fr-FR,fr;q=0.9
Referer
http://www.turfuniversel.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
date
Sun, 15 Oct 2023 03:11:09 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection
0
last-modified
Sun, 15 Oct 2023 03:11:09 GMT
server
ESF
cross-origin-opener-policy
same-origin-allow-popups
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Sun, 15 Oct 2023 03:11:09 GMT
css
fonts.googleapis.com/ 		14 KB
1 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css?family=Fira%20Sans:300,300italic,400,400italic,700,700italic&display=swap
Requested by
Host: www.turfuniversel.com
URL: http://www.turfuniversel.com/passwordaccess/password/6414a5ebfe02c5ef5e2ddbc9/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:829::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
eb379323016b3acefbf8075512ddec36191195f7d2321585981bf7e0dd422c2d
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

accept-language
fr-FR,fr;q=0.9
Referer
http://www.turfuniversel.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
date
Sun, 15 Oct 2023 03:11:09 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection
0
last-modified
Sun, 15 Oct 2023 03:11:09 GMT
server
ESF
cross-origin-opener-policy
same-origin-allow-popups
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Sun, 15 Oct 2023 03:11:09 GMT
combined.css
www.turfuniversel.com/themes/ 		488 KB
488 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
http://www.turfuniversel.com/themes/combined.css?v=6_1642769533_230
Requested by
Host: www.turfuniversel.com
URL: http://www.turfuniversel.com/passwordaccess/password/6414a5ebfe02c5ef5e2ddbc9/
Protocol
HTTP/1.1
Server
195.154.21.70 Paris, France, ASN12876 (Online SAS, FR),
Reverse DNS
Software
Apache / PHP/8.2.6
Resource Hash
879cfc229c2eed203b42eea7d67239f922c5b809fdd8a8326be287cd163c46de
Security Headers
Name Value
X-Frame-Options sameorigin

Request headers

accept-language
fr-FR,fr;q=0.9
Referer
http://www.turfuniversel.com/passwordaccess/password/6414a5ebfe02c5ef5e2ddbc9/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

Pragma
no-cache
Date
Sun, 15 Oct 2023 03:11:08 GMT
X-EMS-Server
98
Server
Apache
X-Powered-By
PHP/8.2.6
Etag
6_1642769533_230
X-Frame-Options
sameorigin
Transfer-Encoding
chunked
Content-Type
text/css; charset=UTF-8
Cache-Control
must-revalidate, no-cache, private
Connection
close
Expires
Fri, 15 Dec 2023 00:09:15 GMT
jquery-3.6.3.min.js
www.turfuniversel.com/medias/static/themes/bootstrap_v4/js/ 		88 KB
31 KB 		Script
General
Check archive.org
Download Go to
Full URL
http://www.turfuniversel.com/medias/static/themes/bootstrap_v4/js/jquery-3.6.3.min.js?v=26012023
Requested by
Host: www.turfuniversel.com
URL: http://www.turfuniversel.com/passwordaccess/password/6414a5ebfe02c5ef5e2ddbc9/
Protocol
HTTP/1.1
Server
195.154.21.70 Paris, France, ASN12876 (Online SAS, FR),
Reverse DNS
Software
cloudflare /
Resource Hash
a6f3f0faea4b3d48e03176341bef0ed3151ffbf226d4c6635f1c6039c0500575
Security Headers
Name Value
Strict-Transport-Security max-age=0;
X-Frame-Options sameorigin

Request headers

accept-language
fr-FR,fr;q=0.9
Referer
http://www.turfuniversel.com/passwordaccess/password/6414a5ebfe02c5ef5e2ddbc9/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

Date
Sun, 15 Oct 2023 03:11:08 GMT
Strict-Transport-Security
max-age=0;
Content-Encoding
gzip
CF-Cache-Status
HIT
NEL
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
X-EMS-Server
70
Age
4472433
Transfer-Encoding
chunked
Connection
close
alt-svc
h3=":443"; ma=86400
Last-Modified
Thu, 24 Aug 2023 07:26:35 GMT
Server
cloudflare
Vary
Accept-Encoding
Report-To
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Kqca8S%2Bdo%2BzlcAB%2FVV8sJQwg43G%2Fz%2FFpsLDYtnvb1lVsouUmsmjb8wXiW3YcFR0oOZoUnlQuxBw7dzvZL4%2FpWxAlsJfyoALnP1S6o%2FyhgmoFaaoM6r7lJImAu7gqDkMh7VgZMSDTsQ%3D%3D"}],"group":"cf-nel","max_age":604800}
Content-Type
application/javascript
X-Frame-Options
sameorigin
Cache-Control
max-age=31536000
CF-RAY
8164df811c1101f3-CDG
Expires
Fri, 23 Aug 2024 07:57:07 GMT
popper.min.js
www.turfuniversel.com/medias/static/themes/bootstrap_v4/js/ 		20 KB
8 KB 		Script
General
Check archive.org
Download Go to
Full URL
http://www.turfuniversel.com/medias/static/themes/bootstrap_v4/js/popper.min.js?v=31012023
Requested by
Host: www.turfuniversel.com
URL: http://www.turfuniversel.com/passwordaccess/password/6414a5ebfe02c5ef5e2ddbc9/
Protocol
HTTP/1.1
Server
195.154.21.70 Paris, France, ASN12876 (Online SAS, FR),
Reverse DNS
Software
cloudflare /
Resource Hash
f8382a605d2dcc2b6330f43b29ca7237e0f7c2bbbfee2d3a8e22065693d30eff
Security Headers
Name Value
Strict-Transport-Security max-age=0;
X-Frame-Options sameorigin

Request headers

accept-language
fr-FR,fr;q=0.9
Referer
http://www.turfuniversel.com/passwordaccess/password/6414a5ebfe02c5ef5e2ddbc9/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

Date
Sun, 15 Oct 2023 03:11:08 GMT
Strict-Transport-Security
max-age=0;
Content-Encoding
gzip
CF-Cache-Status
HIT
NEL
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
X-EMS-Server
98
Age
4472369
Transfer-Encoding
chunked
Connection
close
alt-svc
h3=":443"; ma=86400
Last-Modified
Thu, 24 Aug 2023 07:26:35 GMT
Server
cloudflare
Vary
Accept-Encoding
Report-To
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Ti%2Fsp0UcYbjmVgDXQih6JGzm0u9YJUTXP2TwEmaHCtlaZmPY%2F1A4S%2FT3bjxEZVgtm3QL1aAip1e21v7XSBUlz4Te5CrSoUVMb4f52TZDJudGm5JBArKlHtdjORXrmAy9mqr5RCveQw%3D%3D"}],"group":"cf-nel","max_age":604800}
Content-Type
application/javascript
X-Frame-Options
sameorigin
Cache-Control
max-age=31536000
CF-RAY
8164df811e6b009e-CDG
Expires
Fri, 23 Aug 2024 07:58:11 GMT
bootstrap.min.js
www.turfuniversel.com/medias/static/themes/bootstrap_v4/js/ 		57 KB
16 KB 		Script
General
Check archive.org
Download Go to
Full URL
http://www.turfuniversel.com/medias/static/themes/bootstrap_v4/js/bootstrap.min.js?v=31012023
Requested by
Host: www.turfuniversel.com
URL: http://www.turfuniversel.com/passwordaccess/password/6414a5ebfe02c5ef5e2ddbc9/
Protocol
HTTP/1.1
Server
195.154.21.70 Paris, France, ASN12876 (Online SAS, FR),
Reverse DNS
Software
cloudflare /
Resource Hash
7209e11a45cef119e8d3539afb2689835d17b16a0a22f8334d867cf77a220d2a
Security Headers
Name Value
Strict-Transport-Security max-age=0;
X-Frame-Options sameorigin

Request headers

accept-language
fr-FR,fr;q=0.9
Referer
http://www.turfuniversel.com/passwordaccess/password/6414a5ebfe02c5ef5e2ddbc9/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

Date
Sun, 15 Oct 2023 03:11:08 GMT
Strict-Transport-Security
max-age=0;
Content-Encoding
gzip
CF-Cache-Status
HIT
NEL
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
X-EMS-Server
162
Age
4472433
Transfer-Encoding
chunked
Connection
close
alt-svc
h3=":443"; ma=86400
Last-Modified
Thu, 24 Aug 2023 07:26:35 GMT
Server
cloudflare
Vary
Accept-Encoding
Report-To
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=iK54FYIH5Mn99PvZNHpPqDxfc62ro5Gy%2BKr9Esct2R%2FrF8P1YAjrkZ0TbJLQM2mVD%2Fk2JuIPW0OlfS40Ia3kTRnY9newpRMYhUHU5Dbsba9gZUnt07puMAy0PQ1erLhgScMh7GV1fg%3D%3D"}],"group":"cf-nel","max_age":604800}
Content-Type
application/javascript
X-Frame-Options
sameorigin
Cache-Control
max-age=31536000
CF-RAY
8164df811eacd3f8-CDG
Expires
Fri, 23 Aug 2024 07:57:07 GMT
combined.js
www.turfuniversel.com/themes/ 		178 KB
178 KB 		Script
General
Check archive.org
Download Go to
Full URL
http://www.turfuniversel.com/themes/combined.js?v=6_1642769533_230&lang=fr
Requested by
Host: www.turfuniversel.com
URL: http://www.turfuniversel.com/passwordaccess/password/6414a5ebfe02c5ef5e2ddbc9/
Protocol
HTTP/1.1
Server
195.154.21.70 Paris, France, ASN12876 (Online SAS, FR),
Reverse DNS
Software
Apache / PHP/8.2.6
Resource Hash
15bb8206c9021642b156048f018bed6d1ab5a6bc8129026cdd921ee928b5acd6
Security Headers
Name Value
X-Frame-Options sameorigin

Request headers

accept-language
fr-FR,fr;q=0.9
Referer
http://www.turfuniversel.com/passwordaccess/password/6414a5ebfe02c5ef5e2ddbc9/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

Pragma
no-cache
Date
Sun, 15 Oct 2023 03:11:08 GMT
X-EMS-Server
70
Server
Apache
X-Powered-By
PHP/8.2.6
Etag
6_1642769533_230
X-Frame-Options
sameorigin
Transfer-Encoding
chunked
Content-Type
text/javascript; charset=UTF-8
Cache-Control
must-revalidate, no-cache, private
Connection
close
Expires
Fri, 15 Dec 2023 00:09:15 GMT
7007bbd52e6a2532d7f36a03c1037316.js
pl17799999.highcpmrevenuegate.com/70/07/bb/ 		0
0 		Script
General
Check archive.org
Download Go to
Full URL
http://pl17799999.highcpmrevenuegate.com/70/07/bb/7007bbd52e6a2532d7f36a03c1037316.js
Requested by
Host: www.turfuniversel.com
URL: http://www.turfuniversel.com/passwordaccess/password/6414a5ebfe02c5ef5e2ddbc9/
Protocol
HTTP/1.1
Server
173.233.137.44 , United States, ASN7979 (SERVERS-COM, US),
Reverse DNS
Software
nginx/1.21.6 /
Resource Hash

Request headers

accept-language
fr-FR,fr;q=0.9
Referer
http://www.turfuniversel.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

Date
Sun, 15 Oct 2023 03:11:10 GMT
Server
nginx/1.21.6
Accept-CH
Sec-CH-UA,Sec-CH-UA-Full-Version,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version,User-Agent
P3P
CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Access-Control-Allow-Origin
*
Content-Type
application/javascript
Connection
keep-alive
Content-Length
0
5797781
gloaphoo.net/401/ 		87 KB
34 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://gloaphoo.net/401/5797781
Requested by
Host: www.turfuniversel.com
URL: http://www.turfuniversel.com/passwordaccess/password/6414a5ebfe02c5ef5e2ddbc9/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
139.45.197.239 , United Kingdom, ASN9002 (RETN-AS, GB),
Reverse DNS
Software
nginx /
Resource Hash
078bc7616cc5153692509995b1658fb3af811214b7ddd807b66ac4af9fa4e92c
Security Headers
Name Value
Strict-Transport-Security max-age=1
X-Content-Type-Options nosniff

Request headers

accept-language
fr-FR,fr;q=0.9
Referer
http://www.turfuniversel.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

date
Sun, 15 Oct 2023 03:11:09 GMT
strict-transport-security
max-age=1
x-content-type-options
nosniff
content-encoding
gzip
x-trace-id
6a16e796b5e99cb99f40821ec1cfe517
pragma
no-cache
server
nginx
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version, Sec-CH-UA-Wow64
vary
Origin
content-type
application/javascript
access-control-allow-origin
*
access-control-expose-headers
Link
cache-control
no-cache, no-store, no-transform, must-revalidate, private, max-age=0
access-control-allow-credentials
true
timing-allow-origin
*, *
expires
Tue, 11 Jan 1994 10:00:00 GMT
HTx3L3I-JCGChYJ8VI-L6OO_au7B6xHT2g.woff2
fonts.gstatic.com/s/barlowcondensed/v12/ 		20 KB
20 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/barlowcondensed/v12/HTx3L3I-JCGChYJ8VI-L6OO_au7B6xHT2g.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Shanti:300,400,700%7CFira%20Sans:300,400,700%7CBarlow%20Condensed:300,400,700&display=swap
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:808::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
af91213cd670d6270b32ebdeb00a09625f6b74ccd780d12ff6724a14ea1efaff
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
http://www.turfuniversel.com
accept-language
fr-FR,fr;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

date
Sun, 08 Oct 2023 18:31:21 GMT
x-content-type-options
nosniff
age
549589
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
20200
x-xss-protection
0
last-modified
Tue, 19 Apr 2022 18:28:11 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Mon, 07 Oct 2024 18:31:21 GMT
t5thIREMM4uSDgzQVE2y.woff2
fonts.gstatic.com/s/shanti/v23/ 		24 KB
24 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/shanti/v23/t5thIREMM4uSDgzQVE2y.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Shanti:300,400,700%7CFira%20Sans:300,400,700%7CBarlow%20Condensed:300,400,700&display=swap
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:808::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
87f718653bd96456c31345e73468df2403a4173870788efd9f0532bbc1c18c09
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
http://www.turfuniversel.com
accept-language
fr-FR,fr;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

date
Sat, 14 Oct 2023 22:50:44 GMT
x-content-type-options
nosniff
age
15626
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
24380
x-xss-protection
0
last-modified
Wed, 27 Apr 2022 16:18:32 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Sun, 13 Oct 2024 22:50:44 GMT
stattag.js
tzegilo.com/ 		19 KB
8 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tzegilo.com/stattag.js
Requested by
Host: gloaphoo.net
URL: https://gloaphoo.net/401/5797781
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3035::ac43:8693 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
86da38693fcea056d36588a4146e85392f784c457511de416fec32034aafa4f9

Request headers

accept-language
fr-FR,fr;q=0.9
Referer
http://www.turfuniversel.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

date
Sun, 15 Oct 2023 03:11:10 GMT
content-encoding
br
cf-cache-status
HIT
last-modified
Thu, 07 Sep 2023 08:19:52 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
age
6979
etag
W/"64f987a8-4a4b"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=MYCynCM8yszoDBIiVGOE9HtkoUI%2FBJjRwjlCBiTmuBH6W%2F1lz9jZR0JtGV9NRwcxZgriqCmeRBl%2BMfCjSE%2FhF%2B2LG8YanWu6PUdQhR3XCh%2Bwdc1hP%2FC4f4KHo9a1DggK2NfJVZOcN%2FmkeQ%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
cache-control
max-age=14400
cf-ray
8164df8aa9c2d55c-CDG
link
<https://flerap.com/>; rel=preconnect; crossorigin, <https://fleraprt.com/>; rel=preconnect; crossorigin
alt-svc
h3=":443"; ma=86400
add
fleraprt.com/log/ 		12 B
490 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://fleraprt.com/log/add?cid=1db9169f-90f4-4b2d-b517-bc47aab19c1f
Requested by
Host: tzegilo.com
URL: https://tzegilo.com/stattag.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
139.45.195.254 , United Kingdom, ASN9002 (RETN-AS, GB),
Reverse DNS
Software
nginx/1.19.10 /
Resource Hash
21c1f682de27109caabcca9016511974defcec217c0441fd3f1b50ecdf8247ed

Request headers

Referer
http://www.turfuniversel.com/
accept-language
fr-FR,fr;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

Date
Sun, 15 Oct 2023 03:11:26 GMT
Server
nginx/1.19.10
Access-Control-Allow-Methods
POST, GET, OPTIONS, PUT, DELETE
Content-Type
application/json; charset=utf-8
Access-Control-Allow-Origin
http://www.turfuniversel.com
Access-Control-Allow-Credentials
true
Connection
keep-alive
Access-Control-Allow-Headers
Accept, Content-Type, Content-Length, Accept-Encoding, X-CSRF-Token, Authorization, X-Forwarded-For, If-None-Match
Content-Length
12
gid.js
my.rtmark.net/ 		65 B
549 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://my.rtmark.net/gid.js
Requested by
Host: gloaphoo.net
URL: https://gloaphoo.net/401/5797781
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
139.45.195.8 , United Kingdom, ASN9002 (RETN-AS, GB),
Reverse DNS
Software
nginx /
Resource Hash
a7691e8f01664800b97a4b717db51bb3e64b2148dc23002c781e500f2ca64346
Security Headers
Name Value
Strict-Transport-Security max-age=1
X-Content-Type-Options nosniff

Request headers

accept-language
fr-FR,fr;q=0.9
Referer
http://www.turfuniversel.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

date
Sun, 15 Oct 2023 03:11:10 GMT
strict-transport-security
max-age=1
x-content-type-options
nosniff
server
nginx
access-control-allow-methods
POST, GET, OPTIONS, PUT, DELETE
content-type
application/json; charset=utf-8
access-control-allow-origin
http://www.turfuniversel.com
access-control-expose-headers
Authorization
access-control-allow-credentials
true
timing-allow-origin
*, *
access-control-allow-headers
Accept, Content-Type, Content-Length, Accept-Encoding, Authorization,X-CSRF-Token
content-length
65
5797781
gloaphoo.net/500/ 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://gloaphoo.net/500/5797781?excludes=&oaid=1466fe7df6dc4881873358dbf100b5d8&fs=0&cf=0&sw=1600&sh=1200&sah=1200&wx=0&wy=0&ww=1600&wh=1200&cw=1600&wiw=1600&wih=1200&wfc=0&pl=http%3A%2F%2Fwww.turfuniversel.com%2Fpasswordaccess%2Fpassword%2F6414a5ebfe02c5ef5e2ddbc9%2F&drf=&np=1&pt=0&nb=1&ng=1&ix=0&nw=1&tb=false&tzofs=120&js_build=8&sw_version=v1.303.0
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
139.45.197.239 , United Kingdom, ASN9002 (RETN-AS, GB),
Reverse DNS
Software
nginx /
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=1
X-Content-Type-Options nosniff

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type
Access-Control-Request-Method
GET
Origin
http://www.turfuniversel.com
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version, Sec-CH-UA-Wow64
access-control-allow-credentials
true
access-control-allow-headers
Accept, Content-Type, Content-Length, Accept-Encoding, baggage, sentry-trace
access-control-allow-methods
GET, POST, OPTIONS
access-control-allow-origin
http://www.turfuniversel.com
access-control-max-age
600
allow
GET, OPTIONS
content-length
0
date
Sun, 15 Oct 2023 03:11:10 GMT
server
nginx
strict-transport-security
max-age=1
timing-allow-origin
*
vary
Origin Access-Control-Request-Method Access-Control-Request-Headers
x-content-type-options
nosniff
5797781
gloaphoo.net/500/ 		0
587 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://gloaphoo.net/500/5797781?excludes=&oaid=1466fe7df6dc4881873358dbf100b5d8&fs=0&cf=0&sw=1600&sh=1200&sah=1200&wx=0&wy=0&ww=1600&wh=1200&cw=1600&wiw=1600&wih=1200&wfc=0&pl=http%3A%2F%2Fwww.turfuniversel.com%2Fpasswordaccess%2Fpassword%2F6414a5ebfe02c5ef5e2ddbc9%2F&drf=&np=1&pt=0&nb=1&ng=1&ix=0&nw=1&tb=false&tzofs=120&js_build=8&sw_version=v1.303.0
Requested by
Host: gloaphoo.net
URL: https://gloaphoo.net/401/5797781
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
139.45.197.239 , United Kingdom, ASN9002 (RETN-AS, GB),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=1
X-Content-Type-Options nosniff

Request headers

Referer
http://www.turfuniversel.com/
accept-language
fr-FR,fr;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36
Content-Type
application/json

Response headers

x-trace-id
c959c9744c3965ef66e2ec48a59ff08c
pragma
no-cache
date
Sun, 15 Oct 2023 03:11:10 GMT
strict-transport-security
max-age=1
x-content-type-options
nosniff
server
nginx
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version, Sec-CH-UA-Wow64
vary
Origin
access-control-allow-origin
http://www.turfuniversel.com
access-control-expose-headers
Link
cache-control
no-cache, no-store, no-transform, must-revalidate, private, max-age=0
access-control-allow-credentials
true
timing-allow-origin
*, *
expires
Tue, 11 Jan 1994 10:00:00 GMT

Verdicts & Comments Add Verdict or Comment

30 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

function| $ function| jQuery function| Popper object| bootstrap object| fullCalendarTrads object| modules object| blocks object| plugins object| paymeans object| sliders object| datepickers object| forms object| layout object| theme object| emsChromeExtension object| blog object| menuh object| header object| sidebar function| DP_jQuery_1697339469576 function| jarallax function| VideoWorker object| zfgstorage object| xolazu8ckd object| zfgformats boolean| __lwkemfd9q__ object| webpushlogs object| __ds3dcV__ object| syncCallbacks number| __qwe33wweq__

2 Cookies

Domain/Path Name / Value
my.rtmark.net/ Name: ID
Value: 1466fe7df6dc4881873358dbf100b5d8
gloaphoo.net/ Name: OAID
Value: 1466fe7df6dc4881873358dbf100b5d8

2 Console Messages

Source Level URL
Text
network error URL: http://pl17799999.highcpmrevenuegate.com/70/07/bb/7007bbd52e6a2532d7f36a03c1037316.js
Message:
Failed to load resource: the server responded with a status of 403 (Forbidden)
javascript warning URL: https://tzegilo.com/stattag.js(Line 1)
Message:
getGamepad will now require Secure Context. Please update your application accordingly. For more information see https://github.com/w3c/gamepad/pull/120

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header Value
X-Frame-Options sameorigin