lepronosticsur.com Open in urlscan Pro
173.225.100.28 Public Scan

Go To Rescan
Add Verdict Report

URL:
https://lepronosticsur.com/
Submission: On September 30 via manual (September 30th 2023, 4:15:50 am UTC) from ML — Scanned from DE

Summary HTTP 49 Redirects Links 7 Behaviour Indicators

Summary

This website contacted 15 IPs in 4 countries across 15 domains to perform 49 HTTP transactions. The main IP is 173.225.100.28, located in United States and belongs to IS-AS-1, US. The main domain is lepronosticsur.com.
TLS certificate: Issued by cPanel, Inc. Certification Authority on September 22nd 2023. Valid for: 3 months.

This is the only time lepronosticsur.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
5	173.225.100.28 173.225.100.28	19318 (IS-AS-1) (IS-AS-1)
7	2a00:1450:400... 2a00:1450:4001:82a::2002	15169 (GOOGLE) (GOOGLE)
7	2606:4700::68... 2606:4700::6810:5814	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	2a00:1450:400... 2a00:1450:4001:80b::2001	15169 (GOOGLE) (GOOGLE)
6	2a00:7ee0:8:0... 2a00:7ee0:8:0:3:77:0:5b1	210403 (LWS) (LWS)
2	2a00:1450:400... 2a00:1450:4001:810::2001	15169 (GOOGLE) (GOOGLE)
1	192.0.72.31 192.0.72.31	2635 (AUTOMATTIC) (AUTOMATTIC)
3	2a00:1450:400... 2a00:1450:4001:828::2001	15169 (GOOGLE) (GOOGLE)
2	94.73.150.218 94.73.150.218	34619 (CIZGI) (CIZGI)
1	2a04:4e42:200... 2a04:4e42:200::649	54113 (FASTLY) (FASTLY)
1	2a00:1450:400... 2a00:1450:4001:82f::200a	15169 (GOOGLE) (GOOGLE)
2	2a00:1450:400... 2a00:1450:4001:82f::2002	15169 (GOOGLE) (GOOGLE)
7	2a00:1450:400... 2a00:1450:4001:811::2003	15169 (GOOGLE) (GOOGLE)
3	2a00:1450:400... 2a00:1450:4001:82b::2001	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:801::2004	15169 (GOOGLE) (GOOGLE)
49	15

5 173.225.100.28 (United States)

ASN19318 (IS-AS-1, US)

lepronosticsur.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

7 2a00:1450:4001:82a::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

pagead2.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
partner.googleadservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

7 2606:4700::6810:5814 (United States)

ASN13335 (CLOUDFLARENET, US)

cdn.jsdelivr.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:80b::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

cdn.ampproject.org	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 2a00:7ee0:8:0:3:77:0:5b1 (France)

ASN210403 (LWS, FR)

kvturf.parissur.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
ainebeturf.parissur.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
astrodefi.parissur.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
infopmu32.parissur.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
okplus.parissur.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
parissur.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:810::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

1.bp.blogspot.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 192.0.72.31 (San Francisco, United States)

ASN2635 (AUTOMATTIC, US)

gifsdomi.files.wordpress.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1450:4001:828::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

lh3.googleusercontent.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
blogger.googleusercontent.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 94.73.150.218 (Turkey)

ASN34619 (CIZGI, TR)
PTR: 94-73-150-218.cizgibilgisayar.com

evigetir.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a04:4e42:200::649 (United States)

ASN54113 (FASTLY, US)

code.jquery.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:82f::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:82f::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

googleads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

7 2a00:1450:4001:811::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1450:4001:82b::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

tpc.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:801::2004 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
9	googlesyndication.com pagead2.googlesyndication.com — Cisco Umbrella Rank: 122 tpc.googlesyndication.com — Cisco Umbrella Rank: 169	217 KB
7	gstatic.com fonts.gstatic.com	99 KB
7	jsdelivr.net cdn.jsdelivr.net — Cisco Umbrella Rank: 558	244 KB
6	parissur.com kvturf.parissur.com ainebeturf.parissur.com astrodefi.parissur.com infopmu32.parissur.com okplus.parissur.com parissur.com	223 KB
5	lepronosticsur.com lepronosticsur.com	487 KB
3	googleusercontent.com lh3.googleusercontent.com — Cisco Umbrella Rank: 120 blogger.googleusercontent.com — Cisco Umbrella Rank: 10565	30 KB
2	doubleclick.net googleads.g.doubleclick.net — Cisco Umbrella Rank: 66	5 KB
2	evigetir.com evigetir.com
2	blogspot.com 1.bp.blogspot.com — Cisco Umbrella Rank: 10530	153 KB
1	google.com www.google.com — Cisco Umbrella Rank: 11	1 KB
1	googleadservices.com partner.googleadservices.com — Cisco Umbrella Rank: 1368	610 B
1	googleapis.com fonts.googleapis.com — Cisco Umbrella Rank: 113	30 KB
1	jquery.com code.jquery.com — Cisco Umbrella Rank: 1243	24 KB
1	wordpress.com gifsdomi.files.wordpress.com	78 KB
1	ampproject.org cdn.ampproject.org — Cisco Umbrella Rank: 331	8 KB
49	15

	Domain	Requested by
7	fonts.gstatic.com	fonts.googleapis.com
7	cdn.jsdelivr.net	lepronosticsur.com cdn.jsdelivr.net
6	pagead2.googlesyndication.com	lepronosticsur.com pagead2.googlesyndication.com tpc.googlesyndication.com
5	lepronosticsur.com	lepronosticsur.com
3	tpc.googlesyndication.com	pagead2.googlesyndication.com tpc.googlesyndication.com
2	googleads.g.doubleclick.net	pagead2.googlesyndication.com
2	evigetir.com	lepronosticsur.com
2	lh3.googleusercontent.com	lepronosticsur.com
2	1.bp.blogspot.com	lepronosticsur.com
1	www.google.com	tpc.googlesyndication.com
1	partner.googleadservices.com	pagead2.googlesyndication.com
1	fonts.googleapis.com	lepronosticsur.com
1	code.jquery.com	lepronosticsur.com
1	blogger.googleusercontent.com	lepronosticsur.com
1	gifsdomi.files.wordpress.com	lepronosticsur.com
1	parissur.com	lepronosticsur.com
1	okplus.parissur.com	lepronosticsur.com
1	infopmu32.parissur.com	lepronosticsur.com
1	astrodefi.parissur.com	lepronosticsur.com
1	ainebeturf.parissur.com	lepronosticsur.com
1	kvturf.parissur.com	lepronosticsur.com
1	cdn.ampproject.org	lepronosticsur.com
49	22

This site contains links to these domains. Also see Links.

Domain
kvturf.parissur.com
ainebeturf.parissur.com
astrodefi.parissur.com
infopmu32.parissur.com
okplus.parissur.com
parissur.com
lepronos-en-or.blogspot.com

Subject Issuer	Validity	Valid
lepronosticsur.com cPanel, Inc. Certification Authority	`2023-09-22` - `2023-12-21`	3 months	crt.sh
*.g.doubleclick.net GTS CA 1C3	`2023-09-04` - `2023-11-27`	3 months	crt.sh
sni.cloudflaressl.com Cloudflare Inc ECC CA-3	`2023-05-02` - `2024-05-01`	a year	crt.sh
misc-sni.google.com GTS CA 1C3	`2023-09-04` - `2023-11-27`	3 months	crt.sh
parissur.com R3	`2023-08-14` - `2023-11-12`	3 months	crt.sh
misc-sni.blogspot.com GTS CA 1C3	`2023-09-04` - `2023-11-27`	3 months	crt.sh
*.files.wordpress.com Sectigo ECC Domain Validation Secure Server CA	`2022-11-23` - `2023-12-24`	a year	crt.sh
*.googleusercontent.com GTS CA 1C3	`2023-09-04` - `2023-11-27`	3 months	crt.sh
evigetir.com Sectigo RSA Domain Validation Secure Server CA	`2023-06-09` - `2024-06-08`	a year	crt.sh
*.jquery.com Sectigo RSA Domain Validation Secure Server CA	`2023-07-11` - `2024-07-14`	a year	crt.sh
upload.video.google.com GTS CA 1C3	`2023-09-04` - `2023-11-27`	3 months	crt.sh
*.gstatic.com GTS CA 1C3	`2023-09-04` - `2023-11-27`	3 months	crt.sh
*.googleadservices.com GTS CA 1C3	`2023-09-04` - `2023-11-27`	3 months	crt.sh
tpc.googlesyndication.com GTS CA 1C3	`2023-09-04` - `2023-11-27`	3 months	crt.sh
www.google.com GTS CA 1C3	`2023-09-04` - `2023-11-27`	3 months	crt.sh

This page contains 5 frames:

Primary Page: https://lepronosticsur.com/
Frame ID: F934B861166A72B0C0A07D95F6441EF0
Requests: 42 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/html/r20230927/r20190131/zrt_lookup.html
Frame ID: 2CD9B8A58504C537C30F1303761947EF
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8526546483212704&output=html&adk=1812271804&adf=3025194257&lmt=1696040146&plat=3%3A16%2C4%3A16%2C9%3A32776%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32%2C41%3A32%2C42%3A32&format=0x0&url=https%3A%2F%2Flepronosticsur.com%2F&ea=0&pra=5&wgl=1&easpi=0&asro=0&asiscm=1&aslmt=0.4&asamt=-1&asedf=0&asefa=1&aseiel=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1696047345840&bpp=7&bdt=170&idt=206&shv=r20230927&mjsv=m202309260101&ptt=9&saldr=aa&abxe=1&nras=1&correlator=6235789625662&frm=20&pv=2&ga_vid=706235578.1696047346&ga_sid=1696047346&ga_hid=80816889&ga_fc=0&u_tz=120&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759926%2C44759837%2C44759875%2C31077328%2C31078144%2C31078272%2C31078297&oid=2&pvsid=2429674304495727&tmod=976793852&uas=0&nvt=1&fsapi=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=32768&bc=31&ifi=1&uci=a!1&fsb=1&dtd=232
Frame ID: 3881FEAF610A65E5B4D583B4C8C0CC10
Requests: 1 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Frame ID: 1A8B3927282E9E121A94C9F3E15B7A00
Requests: 3 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/aframe
Frame ID: B94C07F876419AAB55017CAF7AE60838
Requests: 2 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

LE PRONOSTIC SUR :: Annuaire hippique des pronostics sûrs

Detected technologies

Bootstrap (Web Frameworks) Expand

Overall confidence: 100%
Detected patterns

<link[^>]* href=[^>]*?bootstrap(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)[^>]*?(?:\.min)?\.css
bootstrap(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)[^>]*?(?:\.min)?\.js

Google AdSense (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

googlesyndication\.com/

jQuery (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

jquery[.-]([\d.]*\d)[^/]*\.js
jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

jsDelivr (CDN) Expand

Overall confidence: 100%
Detected patterns

<link [^>]*?href="?[a-zA-Z]*?:?//cdn\.jsdelivr\.net/
//cdn\.jsdelivr\.net/

Page Statistics

49
Requests

100 %
HTTPS

80 %
IPv6

15
Domains

22
Subdomains

15
IPs

4
Countries

1598 kB
Transfer

2430 kB
Size

4
Cookies

7 Outgoing links

These are links going to different origins than the main page.

URL: https://kvturf.parissur.com/

Search URL Search Domain Scan URL

URL: https://ainebeturf.parissur.com/

Search URL Search Domain Scan URL

URL: https://astrodefi.parissur.com/

Search URL Search Domain Scan URL

URL: https://infopmu32.parissur.com/

Search URL Search Domain Scan URL

URL: https://okplus.parissur.com/

Search URL Search Domain Scan URL

URL: https://parissur.com/

Search URL Search Domain Scan URL

URL: https://lepronos-en-or.blogspot.com/

Search URL Search Domain Scan URL

Redirected requests

There were HTTP redirect chains for the following requests:

49 HTTP transactions
0 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2 200 Primary Request / Show response
lepronosticsur.com/ 20 KB
6 KB 966ms
129ms Document
text/html 173.225.100.28
IS-AS-1

General

Check archive.org

Show headers Download Go to

Full URL: https://lepronosticsur.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 173.225.100.28 , United States, ASN19318 (IS-AS-1, US),
Reverse DNS
Software: LiteSpeed / PHP/8.0.25
Resource Hash: e02d6d2aeb471c7b7ff952f1db0e48c6e31e149c7d754f37cce05f5f47d26a79

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000, h3-29=":443"; ma=2592000, h3-Q050=":443"; ma=2592000, h3-Q046=":443"; ma=2592000, h3-Q043=":443"; ma=2592000, quic=":443"; ma=2592000; v="43,46"
cache-control: no-store, no-cache, must-revalidate
content-encoding: br
content-type: text/html; charset=UTF-8
date: Sat, 30 Sep 2023 04:15:45 GMT
expires: Thu, 19 Nov 1981 08:52:00 GMT
pragma: no-cache
server: LiteSpeed
vary: Accept-Encoding
x-powered-by: PHP/8.0.25

GET
H2 200 adsbygoogle.js Show response
pagead2.googlesyndication.com/pagead/js/ 145 KB
50 KB 112ms
42ms Script
text/javascript 2a00:1450:4001:82a::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js?client=ca-pub-8526546483212704

Requested by

Host: lepronosticsur.com
URL: https://lepronosticsur.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

1dde1375974491ce3d7479b63537f9b87c500f10b8ecfa5f897cd270cc4b696f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://lepronosticsur.com/
Origin: https://lepronosticsur.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36

Response headers

date: Sat, 30 Sep 2023 04:15:45 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 50802
x-xss-protection: 0
server: cafe
etag: 889511680357783340
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=3600
timing-allow-origin: *
expires: Sat, 30 Sep 2023 04:15:45 GMT

GET
H2 200 bootstrap.min.css
cdn.jsdelivr.net/npm/bootstrap@4.1.3/dist/css/ 138 KB
22 KB 80ms
33ms Stylesheet
text/css 2606:4700::6810:5814
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.jsdelivr.net/npm/bootstrap@4.1.3/dist/css/bootstrap.min.css

Requested by

Host: lepronosticsur.com
URL: https://lepronosticsur.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6810:5814 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

7928b5ab63c6e89ee0ee26f5ef201a58c72baf91abb688580a1aa26eb57b3c11

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://lepronosticsur.com/
Origin: https://lepronosticsur.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36

Response headers

date: Sat, 30 Sep 2023 04:15:45 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
age: 18992519
x-jsd-version: 4.1.3
content-encoding: br
x-cache: HIT, HIT
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
x-served-by: cache-fra-eddf8230071-FRA, cache-yyz4531-YYZ
x-jsd-version-type: version
server: cloudflare
etag: W/"22688-Z1/PKPn783E507LAtnb5b2AaQgM"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=ngr3jVWTcS8Pt38DnKZ8pydUbz%2BNNDG0dXKfyqEkR2XE8lFM78A4lJEVc5VNaoDySoveoX7TrER55nw6xhFZqVx77b7JDDKIA3iTeZ4%2BdCJi%2B5twRIPadPsHmeoSUFCkR5wDJv6fCmP1hV3t%2BH4%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/css; charset=utf-8
access-control-allow-origin: *
access-control-expose-headers: *
cache-control: public, max-age=31536000, s-maxage=31536000, immutable
timing-allow-origin: *
cf-ray: 80e9a586c98903f4-FRA

GET
H2 200 bootstrap-icons.css
cdn.jsdelivr.net/npm/bootstrap-icons@1.7.2/font/ 72 KB
11 KB 80ms
33ms Stylesheet
text/css 2606:4700::6810:5814
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.jsdelivr.net/npm/bootstrap-icons@1.7.2/font/bootstrap-icons.css

Requested by

Host: lepronosticsur.com
URL: https://lepronosticsur.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6810:5814 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

bb18ec4bd71814b4e39a5afc8f98be0eabce2c206e811cc4796c5431665e6174

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://lepronosticsur.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36

Response headers

date: Sat, 30 Sep 2023 04:15:45 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
age: 7081933
x-jsd-version: 1.7.2
content-encoding: br
x-cache: HIT, HIT
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
x-served-by: cache-fra-eddf8230114-FRA, cache-yyz4544-YYZ
x-jsd-version-type: version
server: cloudflare
etag: W/"11e37-gaZqnrLenLCs4BvyXVKzdrhY6WA"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=%2Fd8Lizafrt%2Bbm0zS2so4uTxzbZSfJRkYuCRWIyiA5Ljpso8GLFv0prOPbR2p6K7jbMLHnF6RSZzKTJmE77%2FgqjDquscKAMge%2BKMnw%2FGiM0v2UjmvVB2NTpeS6YmXeFqx7Qrr2dcvsuhwdaJ9tbk%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/css; charset=utf-8
access-control-allow-origin: *
access-control-expose-headers: *
cache-control: public, max-age=31536000, s-maxage=31536000, immutable
timing-allow-origin: *
cf-ray: 80e9a586ccfa4d40-FRA

GET
H2 200 style.css
lepronosticsur.com/css/ 8 KB
2 KB 117ms
116ms Stylesheet
text/css 173.225.100.28
IS-AS-1

General

Check archive.org

Show headers Download Go to

Full URL: https://lepronosticsur.com/css/style.css
Requested by: Host: lepronosticsur.com
URL: https://lepronosticsur.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 173.225.100.28 , United States, ASN19318 (IS-AS-1, US),
Reverse DNS
Software: LiteSpeed /
Resource Hash: ad7e0dfa851c5039adc4d6648d73f74abe94ec66a0df82dec23bf1544b41a590

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://lepronosticsur.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36

Response headers

date: Sat, 30 Sep 2023 04:15:45 GMT
content-encoding: br
last-modified: Thu, 31 Mar 2022 03:37:24 GMT
server: LiteSpeed
vary: Accept-Encoding
content-type: text/css
cache-control: public, max-age=604800
accept-ranges: bytes
content-length: 2213
expires: Sat, 07 Oct 2023 04:15:45 GMT

GET
H2 200 amp-auto-ads-0.1.js Show response
cdn.ampproject.org/v0/ 24 KB
8 KB 131ms
30ms Script
text/javascript 2a00:1450:4001:80b::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/v0/amp-auto-ads-0.1.js

Requested by

Host: lepronosticsur.com
URL: https://lepronosticsur.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

94fd3c9bd8a8f2d3e8925e8f24dd8b476dbaa0be710cd24de5a4d0139a48d1db

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cdnjs.cloudflare.com/ajax/libs/font-awesome/ https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://lepronosticsur.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36

Response headers

content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cdnjs.cloudflare.com/ajax/libs/font-awesome/ https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding: br
x-content-type-options: nosniff
date: Sat, 30 Sep 2023 04:15:45 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 7575
x-xss-protection: 0
server: sffe
etag: "f82fa3d15088e56e"
vary: Accept-Encoding
report-to: {"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=604800, stale-while-revalidate=604800
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="amphtml-china-available"
expires: Sat, 30 Sep 2023 04:15:45 GMT

GET
H2 200 IMG1.png
lepronosticsur.com/image/ 232 KB
232 KB 119ms
117ms Image
image/png 173.225.100.28
IS-AS-1

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://lepronosticsur.com/image/IMG1.png
Requested by: Host: lepronosticsur.com
URL: https://lepronosticsur.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 173.225.100.28 , United States, ASN19318 (IS-AS-1, US),
Reverse DNS
Software: LiteSpeed /
Resource Hash: 3dfd279c1250d95fd9fed1aff56a1ec47bc8000ab4bc622e8c50c28103799238

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://lepronosticsur.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36

Response headers

date: Sat, 30 Sep 2023 04:15:45 GMT
last-modified: Thu, 31 Mar 2022 03:31:50 GMT
server: LiteSpeed
content-type: image/png
cache-control: public, max-age=604800
accept-ranges: bytes
content-length: 237159
expires: Sat, 07 Oct 2023 04:15:45 GMT

GET
H2 200 IMG2.png
lepronosticsur.com/image/ 232 KB
232 KB 236ms
233ms Image
image/png 173.225.100.28
IS-AS-1

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://lepronosticsur.com/image/IMG2.png
Requested by: Host: lepronosticsur.com
URL: https://lepronosticsur.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 173.225.100.28 , United States, ASN19318 (IS-AS-1, US),
Reverse DNS
Software: LiteSpeed /
Resource Hash: a373d02a6c5a31cde77a20c06287913ed041f381282c6fb0310d57f20a52febc

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://lepronosticsur.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36

Response headers

date: Sat, 30 Sep 2023 04:15:45 GMT
last-modified: Thu, 31 Mar 2022 03:32:42 GMT
server: LiteSpeed
content-type: image/png
cache-control: public, max-age=604800
accept-ranges: bytes
content-length: 237153
expires: Sat, 07 Oct 2023 04:15:45 GMT

GET
H2 200 kvturf.gif
kvturf.parissur.com/ 30 KB
30 KB 334ms
122ms Image
image/gif 2a00:7ee0:8:0:3:77:0:5b1
LWS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://kvturf.parissur.com/kvturf.gif
Requested by: Host: lepronosticsur.com
URL: https://lepronosticsur.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a00:7ee0:8:0:3:77:0:5b1 , France, ASN210403 (LWS, FR),
Reverse DNS
Software: /
Resource Hash: 3581fea87b88f3ed5a0038ef932fe75c9be6e2c8c12f6f3116cbc8a1405ee8b2

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://lepronosticsur.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36

Response headers

date: Sat, 30 Sep 2023 04:15:45 GMT
last-modified: Wed, 12 Jul 2023 19:56:58 GMT
accept-ranges: bytes
etag: "7706-6004f9e4c9fd2"
content-length: 30470
content-type: image/gif

GET
H2 200 ainebeturf.gif
ainebeturf.parissur.com/ 37 KB
37 KB 250ms
82ms Image
image/gif 2a00:7ee0:8:0:3:77:0:5b1
LWS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ainebeturf.parissur.com/ainebeturf.gif
Requested by: Host: lepronosticsur.com
URL: https://lepronosticsur.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a00:7ee0:8:0:3:77:0:5b1 , France, ASN210403 (LWS, FR),
Reverse DNS
Software: /
Resource Hash: e5f53f442f57af8ff38aeb84f9d158abd6e3699dc4ff898f9a1062d4336517ea

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://lepronosticsur.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36

Response headers

date: Sat, 30 Sep 2023 04:15:45 GMT
last-modified: Sun, 18 Jun 2023 10:30:36 GMT
accept-ranges: bytes
etag: "920d-5fe64e899005c"
content-length: 37389
content-type: image/gif

GET
H2 200 astrodefi.gif
astrodefi.parissur.com/ 25 KB
25 KB 266ms
82ms Image
image/gif 2a00:7ee0:8:0:3:77:0:5b1
LWS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://astrodefi.parissur.com/astrodefi.gif
Requested by: Host: lepronosticsur.com
URL: https://lepronosticsur.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a00:7ee0:8:0:3:77:0:5b1 , France, ASN210403 (LWS, FR),
Reverse DNS
Software: /
Resource Hash: 0de248bd56a558f104d0a54c75b7145d817166290b452db16c72d6d05c12ca7e

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://lepronosticsur.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36

Response headers

date: Sat, 30 Sep 2023 04:15:45 GMT
last-modified: Mon, 19 Jun 2023 09:52:23 GMT
accept-ranges: bytes
etag: "649a-5fe787dcb1d5b"
content-length: 25754
content-type: image/gif

GET
H2 200 infopmu32.gif
infopmu32.parissur.com/ 70 KB
70 KB 255ms
82ms Image
image/gif 2a00:7ee0:8:0:3:77:0:5b1
LWS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://infopmu32.parissur.com/infopmu32.gif
Requested by: Host: lepronosticsur.com
URL: https://lepronosticsur.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a00:7ee0:8:0:3:77:0:5b1 , France, ASN210403 (LWS, FR),
Reverse DNS
Software: /
Resource Hash: 9c2b866bb93649dd2611dc6a4f4a695589129e57a24b76c932c05c531a2ddc63

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://lepronosticsur.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36

Response headers

date: Sat, 30 Sep 2023 04:15:45 GMT
last-modified: Sat, 01 Jul 2023 13:23:32 GMT
accept-ranges: bytes
etag: "118b4-5ff6cd70b1164"
content-length: 71860
content-type: image/gif

GET
H2 200 okplus.gif
okplus.parissur.com/ 28 KB
28 KB 310ms
114ms Image
image/gif 2a00:7ee0:8:0:3:77:0:5b1
LWS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://okplus.parissur.com/okplus.gif
Requested by: Host: lepronosticsur.com
URL: https://lepronosticsur.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a00:7ee0:8:0:3:77:0:5b1 , France, ASN210403 (LWS, FR),
Reverse DNS
Software: /
Resource Hash: 3c2d876e3606673346afd17d841dcc8448f898abf457d42728e03bfe763bd09e

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://lepronosticsur.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36

Response headers

date: Sat, 30 Sep 2023 04:15:45 GMT
last-modified: Fri, 14 Jul 2023 16:59:06 GMT
accept-ranges: bytes
etag: "7059-600755ddf72e2"
content-length: 28761
content-type: image/gif

GET
H2 200 parissurp.gif
parissur.com/ 32 KB
32 KB 200ms
81ms Image
image/gif 2a00:7ee0:8:0:3:77:0:5b1
LWS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://parissur.com/parissurp.gif
Requested by: Host: lepronosticsur.com
URL: https://lepronosticsur.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a00:7ee0:8:0:3:77:0:5b1 , France, ASN210403 (LWS, FR),
Reverse DNS
Software: /
Resource Hash: c89fb2c5f7ffecf06bdc3c535d474d92285f324f89223b35f27c75970d55e4a0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://lepronosticsur.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36

Response headers

date: Sat, 30 Sep 2023 04:15:45 GMT
last-modified: Tue, 13 Jun 2023 12:02:08 GMT
accept-ranges: bytes
etag: "7f93-5fe019ac04e9f"
content-length: 32659
content-type: image/gif

GET
H2 200 1.gif
1.bp.blogspot.com/-os6FpXM2jIY/YMpDEyaFVrI/AAAAAAAABHc/22ZBsd2LLTsNC_-WrCNx1H0XfM0gri89wCLcBGAsYHQ/ 81 KB
82 KB 126ms
22ms Image
image/gif 2a00:1450:4001:810::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://1.bp.blogspot.com/-os6FpXM2jIY/YMpDEyaFVrI/AAAAAAAABHc/22ZBsd2LLTsNC_-WrCNx1H0XfM0gri89wCLcBGAsYHQ/1.gif

Requested by

Host: lepronosticsur.com
URL: https://lepronosticsur.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:810::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

fife /

Resource Hash

eb8d60e97e7a1033f586520840484782ba7290caa9d8ef9b482e4ecd37081b8d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://lepronosticsur.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36

Response headers

date: Sat, 30 Sep 2023 04:06:02 GMT
x-content-type-options: nosniff
age: 583
content-disposition: inline;filename="1.gif"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 83233
x-xss-protection: 0
server: fife
etag: "v478"
vary: Origin
content-type: image/gif
access-control-allow-origin: *
access-control-expose-headers: Content-Length
cache-control: public, max-age=86400, no-transform
timing-allow-origin: *
expires: Sun, 01 Oct 2023 04:06:02 GMT

GET
H2 200 lepronosticsur.gif
lepronosticsur.com/lien/ 15 KB
15 KB 235ms
233ms Image
image/gif 173.225.100.28
IS-AS-1

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://lepronosticsur.com/lien/lepronosticsur.gif
Requested by: Host: lepronosticsur.com
URL: https://lepronosticsur.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 173.225.100.28 , United States, ASN19318 (IS-AS-1, US),
Reverse DNS
Software: LiteSpeed /
Resource Hash: 72d6edc21111a06e609c0df86bbc9b150e2a4eee7bd24307267d86dd7f3e03d2

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://lepronosticsur.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36

Response headers

date: Sat, 30 Sep 2023 04:15:45 GMT
last-modified: Tue, 12 Apr 2022 19:28:52 GMT
server: LiteSpeed
content-type: image/gif
cache-control: public, max-age=604800
accept-ranges: bytes
content-length: 14913
expires: Sat, 07 Oct 2023 04:15:45 GMT

GET
H2 200 LOGO.gif
1.bp.blogspot.com/-GliFXhY3yuk/YMonVsvw18I/AAAAAAAAAJ0/-Rdf2rbg7tIOopnNUDESGcuiDIH8lgCfwCLcBGAsYHQ/ 71 KB
71 KB 149ms
64ms Image
image/gif 2a00:1450:4001:810::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://1.bp.blogspot.com/-GliFXhY3yuk/YMonVsvw18I/AAAAAAAAAJ0/-Rdf2rbg7tIOopnNUDESGcuiDIH8lgCfwCLcBGAsYHQ/LOGO.gif

Requested by

Host: lepronosticsur.com
URL: https://lepronosticsur.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:810::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

fife /

Resource Hash

f891b93af4803826f8796ae7814e9bf22c240bd3cfedab7545211d78dd9baeb2

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://lepronosticsur.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36

Response headers

date: Sat, 30 Sep 2023 04:15:45 GMT
x-content-type-options: nosniff
age: 0
content-disposition: inline;filename="LOGO.gif"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 72629
x-xss-protection: 0
server: fife
etag: "v9e"
vary: Origin
content-type: image/gif
access-control-allow-origin: *
access-control-expose-headers: Content-Length
cache-control: public, max-age=86400, no-transform
timing-allow-origin: *
expires: Sun, 01 Oct 2023 04:15:45 GMT

GET
H2 200 cid_a111.gif
gifsdomi.files.wordpress.com/2011/10/ 78 KB
78 KB 111ms
22ms Image
image/webp 192.0.72.31
AUTOMATTIC

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://gifsdomi.files.wordpress.com/2011/10/cid_a111.gif

Requested by

Host: lepronosticsur.com
URL: https://lepronosticsur.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

192.0.72.31 San Francisco, United States, ASN2635 (AUTOMATTIC, US),

Reverse DNS

Software

nginx /

Resource Hash

47f96d6edf9d568cb918f82275fff91f91dfdbd736b335475b03c48efeab3269

Security Headers

Name	Value
X-Content-Type-Options	nosniff, nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://lepronosticsur.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36

Response headers

x-nc: HIT hhn 31 np
date: Sat, 30 Sep 2023 04:15:45 GMT
x-content-type-options: nosniff, nosniff
last-modified: Sun, 04 Dec 2011 23:26:30 GMT
server: nginx
x-orig-src: 0_imageresize
vary: Accept, Origin
content-type: image/webp
access-control-allow-origin: https://gifsdomi.wordpress.com
access-control-allow-credentials: true
accept-ranges: bytes
content-length: 79746
expires: Sat, 14 Oct 2023 04:45:36 GMT

GET
H2 200 2ikGCSW4bt-09eRDW5AIghhfT8BwrKSI3ladfVBcYCoHz1A_8izZucT98EdQAr6sUl2bEEXDPg=s0-d
lh3.googleusercontent.com/proxy/ 25 KB
25 KB 95ms
31ms Image
image/gif 2a00:1450:4001:828::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://lh3.googleusercontent.com/proxy/2ikGCSW4bt-09eRDW5AIghhfT8BwrKSI3ladfVBcYCoHz1A_8izZucT98EdQAr6sUl2bEEXDPg=s0-d

Requested by

Host: lepronosticsur.com
URL: https://lepronosticsur.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:828::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

fife /

Resource Hash

bc1b47a22f3ea13634aaf015c3a7fe64ae80a642ca5375a6cd9bbff2e0c93d05

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://lepronosticsur.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36

Response headers

date: Sat, 30 Sep 2023 04:15:45 GMT
x-content-type-options: nosniff
server: fife
vary: Origin
content-type: image/gif
access-control-allow-origin: *
access-control-expose-headers: Content-Length
cache-control: public, max-age=86400, no-transform
content-disposition: attachment;filename="unnamed.gif"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 25242
x-xss-protection: 0
expires: Sun, 01 Oct 2023 04:15:45 GMT

GET
H2 403 ABLy4EyEVlbvzMp5DjMV7-W4kA0f1xgVaFIVD8Bbn2HreERuW-pUDmdq4zWbEZ_LaJq3s4PPr2hXIaex6MJ8XysMBvHPMW5DRqW_QvWm6lDyGQ8guGmpe2TAIT6ZC7L-7IngJY7RvIjbJf4H4_tlD1WL=s0-d
lh3.googleusercontent.com/blogger_img_proxy/ 0
0 33ms
33ms Image
text/html 2a00:1450:4001:828::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://lh3.googleusercontent.com/blogger_img_proxy/ABLy4EyEVlbvzMp5DjMV7-W4kA0f1xgVaFIVD8Bbn2HreERuW-pUDmdq4zWbEZ_LaJq3s4PPr2hXIaex6MJ8XysMBvHPMW5DRqW_QvWm6lDyGQ8guGmpe2TAIT6ZC7L-7IngJY7RvIjbJf4H4_tlD1WL=s0-d
Requested by: Host: lepronosticsur.com
URL: https://lepronosticsur.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a00:1450:4001:828::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://lepronosticsur.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36

Response headers

GET
H3 200 s120
blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEjbR3wiQCmbUHmZDDz3TEAk7ZoPTfGKI_M3TlCu0alTTZC-mcFMAGk8CAe882DZzBEAn1ObqKE86TUOPGruWT79Baxb6kEqmtCKVdukLY2HpJexdQ8bgdZIDeYZPYq0_m6h3O8z4TvcbrZ0rYXE... 5 KB
5 KB 274ms
200ms Image
image/gif 2a00:1450:4001:828::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEjbR3wiQCmbUHmZDDz3TEAk7ZoPTfGKI_M3TlCu0alTTZC-mcFMAGk8CAe882DZzBEAn1ObqKE86TUOPGruWT79Baxb6kEqmtCKVdukLY2HpJexdQ8bgdZIDeYZPYq0_m6h3O8z4TvcbrZ0rYXEcclHiBqhLe1iXQvr4k-_XcHVi1qtYL_C96w35dYd/s120

Requested by

Host: lepronosticsur.com
URL: https://lepronosticsur.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

fife /

Resource Hash

baa0b88f37939a9f1927e651e49eac578f4ae7e8c5710e505e2f725cfa56ded2

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://lepronosticsur.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36

Response headers

date: Sat, 30 Sep 2023 04:15:46 GMT
x-content-type-options: nosniff
server: fife
etag: "v1a9"
vary: Origin
content-type: image/gif
access-control-expose-headers: Content-Length
cache-control: public, max-age=86400, no-transform
content-disposition: inline;filename="baseprono5.gif"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 4762
x-xss-protection: 0
expires: Sun, 01 Oct 2023 04:15:46 GMT

GET
H2 200 Zeytinburnu-Nakliyeci-cl-se
evigetir.com/ 0
0 209ms
70ms Image
text/html 94.73.150.218
CIZGI

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://evigetir.com/Zeytinburnu-Nakliyeci-cl-se
Requested by: Host: lepronosticsur.com
URL: https://lepronosticsur.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 94.73.150.218 , Turkey, ASN34619 (CIZGI, TR),
Reverse DNS: 94-73-150-218.cizgibilgisayar.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://lepronosticsur.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36

Response headers

GET
H2 200 Zeytinburnu-Evden-Eve-Nakliyat-br-mt
evigetir.com/ 0
0 262ms
131ms Image
text/html 94.73.150.218
CIZGI

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://evigetir.com/Zeytinburnu-Evden-Eve-Nakliyat-br-mt
Requested by: Host: lepronosticsur.com
URL: https://lepronosticsur.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 94.73.150.218 , Turkey, ASN34619 (CIZGI, TR),
Reverse DNS: 94-73-150-218.cizgibilgisayar.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://lepronosticsur.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36

Response headers

GET
H2 200 jquery-3.3.1.slim.min.js Show response
code.jquery.com/ 68 KB
24 KB 91ms
32ms Script
application/javascript 2a04:4e42:200::649
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://code.jquery.com/jquery-3.3.1.slim.min.js
Requested by: Host: lepronosticsur.com
URL: https://lepronosticsur.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a04:4e42:200::649 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: nginx /
Resource Hash: dde76b9b2b90d30eb97fc81f06caa8c338c97b688cea7d2729c88f529f32fbb1

Request headers

Referer: https://lepronosticsur.com/
Origin: https://lepronosticsur.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36

Response headers

date: Sat, 30 Sep 2023 04:15:45 GMT
content-encoding: gzip
via: 1.1 varnish, 1.1 varnish
age: 1246745
x-cache: HIT, HIT
content-length: 24038
x-served-by: cache-lga21982-LGA, cache-fra-eddf8230124-FRA
last-modified: Fri, 18 Oct 1991 12:00:00 GMT
server: nginx
x-timer: S1696047346.749454,VS0,VE0
etag: W/"28feccc0-1111d"
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: public, max-age=31536000, stale-while-revalidate=604800
accept-ranges: bytes
x-cache-hits: 116, 32872

GET
H2 200 popper.min.js Show response
cdn.jsdelivr.net/npm/popper.js@1.14.3/dist/umd/ 20 KB
8 KB 75ms
32ms Script
application/javascript 2606:4700::6810:5814
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.jsdelivr.net/npm/popper.js@1.14.3/dist/umd/popper.min.js

Requested by

Host: lepronosticsur.com
URL: https://lepronosticsur.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6810:5814 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

f7cbc01a310318defd4e31e4616543e2cf3baef5a47562c73ece4c0b716f157e

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://lepronosticsur.com/
Origin: https://lepronosticsur.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36

Response headers

date: Sat, 30 Sep 2023 04:15:45 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
age: 18992464
x-jsd-version: 1.14.3
content-encoding: br
x-cache: HIT, HIT
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
x-served-by: cache-fra-eddf8230036-FRA, cache-yyz4548-YYZ
x-jsd-version-type: version
server: cloudflare
etag: W/"4f71-2FA2RcF/mFaGin3vPcBQXhmpXsc"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=hWqFr%2FVxRU2zlYRHLRFDWvcHd7XdIT%2BDjNZhOwFRw1pQ3JoZa6aeMAzEXFIesLTl5BA4HVbkLG4%2Bz1WQCh7hex19JjCGlfQXKKen8MH6hGWweFYh%2FrT9D%2BKolXjB0f5wJFBkO7jfJXXsMj9Caxo%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
access-control-expose-headers: *
cache-control: public, max-age=31536000, s-maxage=31536000, immutable
timing-allow-origin: *
cf-ray: 80e9a586c98a03f4-FRA

GET
H2 200 bootstrap.min.js Show response
cdn.jsdelivr.net/npm/bootstrap@4.1.3/dist/js/ 50 KB
15 KB 73ms
30ms Script
application/javascript 2606:4700::6810:5814
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.jsdelivr.net/npm/bootstrap@4.1.3/dist/js/bootstrap.min.js

Requested by

Host: lepronosticsur.com
URL: https://lepronosticsur.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6810:5814 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

56c12a125b021d21a69e61d7190cefa168d6c28ce715265cea1b3b0112d169c4

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://lepronosticsur.com/
Origin: https://lepronosticsur.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36

Response headers

date: Sat, 30 Sep 2023 04:15:45 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
age: 18992527
x-jsd-version: 4.1.3
content-encoding: br
x-cache: HIT, HIT
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
x-served-by: cache-fra-eddf8230057-FRA, cache-yyz4552-YYZ
x-jsd-version-type: version
server: cloudflare
etag: W/"c75f-J6cbADg9Ye88SJMms1ZNaY/BInw"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=1F0imo4lvE5aooqMirHlpT%2BrCqy3REBNfephPzREve5lbS6Qu4aakAepXB2sgdMdnuXPaTkgNUw75fZxKN4ZcLVnkm6LCp3YDv8f4wXi%2FPPjvZ4kcnouMKvxy32nPa8vGDQyAb03KKpT54aRBOM%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
access-control-expose-headers: *
cache-control: public, max-age=31536000, s-maxage=31536000, immutable
timing-allow-origin: *
cf-ray: 80e9a586c98b03f4-FRA

GET
H2 200 css2
fonts.googleapis.com/ 113 KB
30 KB 90ms
32ms Stylesheet
text/css 2a00:1450:4001:82f::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css2?family=Noto+Sans+JP&display=swap

Requested by

Host: lepronosticsur.com
URL: https://lepronosticsur.com/css/style.css

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82f::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

31622123aa1c32760dc301e3ce1daac38605234de71a454962e2704ea793b4a1

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://lepronosticsur.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Sat, 30 Sep 2023 04:15:45 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
last-modified: Sat, 30 Sep 2023 03:56:02 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Sat, 30 Sep 2023 04:15:45 GMT

GET
H2 200 bootstrap-icons.css
cdn.jsdelivr.net/npm/bootstrap-icons@1.5.0/font/ 64 KB
9 KB 31ms
30ms Stylesheet
text/css 2606:4700::6810:5814
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.jsdelivr.net/npm/bootstrap-icons@1.5.0/font/bootstrap-icons.css

Requested by

Host: lepronosticsur.com
URL: https://lepronosticsur.com/css/style.css

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6810:5814 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

3c325075337b768950583012228055ae392e384688d77ec5235e6ca88dcec6ef

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://lepronosticsur.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36

Response headers

date: Sat, 30 Sep 2023 04:15:45 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
age: 308431
x-jsd-version: 1.5.0
content-encoding: br
x-cache: HIT, HIT
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
x-served-by: cache-fra-eddf8230101-FRA, cache-yyz4567-YYZ
x-jsd-version-type: version
server: cloudflare
etag: W/"100a0-GGXd3Lt7Z9zvQlDlkMyalXSrpnM"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=j523M%2F90HZP0qFKdM%2FwUxds%2BDy83r8EwoHo8pO4cMDujeN%2FFrgtLYm5cZYcsGDGiXxl6PCAk5kMXnprAZZvytn9bnYWZ8I%2BL83p7zZsiCS8yMkW0gMlXzvgibi9BpmylTonwG5%2FI4xMN92uP9go%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/css; charset=utf-8
access-control-allow-origin: *
access-control-expose-headers: *
cache-control: public, max-age=31536000, s-maxage=31536000, immutable
timing-allow-origin: *
cf-ray: 80e9a5873d3b4d40-FRA

GET
H3 200 show_ads_impl_with_ama_fy2021.js Show response
pagead2.googlesyndication.com/pagead/managed/js/adsense/m202309260101/ 380 KB
129 KB 127ms
84ms Script
text/javascript 2a00:1450:4001:82a::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202309260101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-8526546483212704&plah=lepronosticsur.com&bust=31078272

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js?client=ca-pub-8526546483212704

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

4a8693606f71aae5b8a8350f57b17683b7f09b5d2d7593b033264468567e7617

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://lepronosticsur.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36

Response headers

date: Sat, 30 Sep 2023 04:15:45 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 131781
x-xss-protection: 0
server: cafe
etag: 16847902583318218990
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=3600, stale-while-revalidate=3600
timing-allow-origin: *
expires: Sat, 30 Sep 2023 04:15:45 GMT

GET
H2 200 bootstrap-icons.woff2
cdn.jsdelivr.net/npm/bootstrap-icons@1.7.2/font/fonts/ 90 KB
90 KB 28ms
26ms Font
font/woff2 2606:4700::6810:5814
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.jsdelivr.net/npm/bootstrap-icons@1.7.2/font/fonts/bootstrap-icons.woff2?30af91bf14e37666a085fb8a161ff36d

Requested by

Host: cdn.jsdelivr.net
URL: https://cdn.jsdelivr.net/npm/bootstrap-icons@1.7.2/font/bootstrap-icons.css

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6810:5814 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

e9829fbbcc18407deb28b49dac24d8146981b22b4a4813f1699c7773e80c01b9

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://cdn.jsdelivr.net/npm/bootstrap-icons@1.7.2/font/bootstrap-icons.css
Origin: https://lepronosticsur.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36

Response headers

date: Sat, 30 Sep 2023 04:15:45 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
age: 18992518
x-jsd-version: 1.7.2
x-cache: HIT, HIT
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 92064
x-served-by: cache-fra-eddf8230020-FRA, cache-jnb7020-JNB
x-jsd-version-type: version
server: cloudflare
etag: W/"167a0-ABUDSebr2vJiivnqTlbWsC29o5M"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=FXVV4DUcacOfsYdhlplgGyzrzikKijpMRWMPX0jHhiwHeSpeYt%2FtxQD%2FyWS3e3GeDzQTsjHgB93yfnYy7heyo7R9dW7cGImBmRgjO92svbcz%2FNkP97YTxyfDGfk3S9xPDFCTAF7EH5fBFppc%2BVw%3D"}],"group":"cf-nel","max_age":604800}
content-type: font/woff2
access-control-allow-origin: *
access-control-expose-headers: *
cache-control: public, max-age=31536000, s-maxage=31536000, immutable
accept-ranges: bytes
timing-allow-origin: *
cf-ray: 80e9a5879a1f03f4-FRA

GET
H2 200 zrt_lookup.html Show response
googleads.g.doubleclick.net/pagead/html/r20230927/r20190131/ Frame 2CD9 10 KB
5 KB 87ms
22ms Document
text/html 2a00:1450:4001:82f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/html/r20230927/r20190131/zrt_lookup.html

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js?client=ca-pub-8526546483212704

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

041fe6e516177e777c651a95708ee4961723db34a974e8be9e6ba597a1313e51

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://lepronosticsur.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

age: 63098
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=1209600
content-encoding: br
content-length: 4471
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Fri, 29 Sep 2023 10:44:07 GMT
etag: 2603938475786422795
expires: Fri, 13 Oct 2023 10:44:07 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 -F6jfjtqLzI2JPCgQBnw7HFyzSD-AsregP8VFBEj756wwr4v0qHnANADNsISRDl2PRkiiWsg.118.woff2
fonts.gstatic.com/s/notosansjp/v52/ 10 KB
10 KB 83ms
23ms Font
font/woff2 2a00:1450:4001:811::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/notosansjp/v52/-F6jfjtqLzI2JPCgQBnw7HFyzSD-AsregP8VFBEj756wwr4v0qHnANADNsISRDl2PRkiiWsg.118.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css2?family=Noto+Sans+JP&display=swap

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:811::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

fc7fe45db078b8395d7995216bc97c7ebf483b939096068d1f6494d6fd1056da

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://lepronosticsur.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36

Response headers

date: Tue, 26 Sep 2023 09:58:05 GMT
x-content-type-options: nosniff
age: 325060
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 9836
x-xss-protection: 0
last-modified: Tue, 02 May 2023 15:29:02 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 25 Sep 2024 09:58:05 GMT

GET
H3 200 bootstrap-icons.woff2
cdn.jsdelivr.net/npm/bootstrap-icons@1.5.0/font/fonts/ 88 KB
89 KB 30ms
29ms Font
font/woff2 2606:4700::6810:5814
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.jsdelivr.net/npm/bootstrap-icons@1.5.0/font/fonts/bootstrap-icons.woff2?856008caa5eb66df68595e734e59580d

Requested by

Host: cdn.jsdelivr.net
URL: https://cdn.jsdelivr.net/npm/bootstrap-icons@1.5.0/font/bootstrap-icons.css

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700::6810:5814 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

76506e128f2b47b7179f5037bd885a1674455ffeb6b5093cdb4c7eefbf436ce8

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://cdn.jsdelivr.net/npm/bootstrap-icons@1.5.0/font/bootstrap-icons.css
Origin: https://lepronosticsur.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36

Response headers

date: Sat, 30 Sep 2023 04:15:45 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
age: 18992518
x-jsd-version: 1.5.0
x-cache: HIT, HIT
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 90528
x-served-by: cache-fra-eddf8230031-FRA, cache-jnb7023-JNB
x-jsd-version-type: version
server: cloudflare
etag: W/"161a0-RkmHeGigBozlCxBdDSojXoAQyY8"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=AUrneuNFz%2B3KhEPnes0%2BkQFpRD78pucunohODYLXlG0pl3wbIVG60uALcpJdgqtK5hBZc16GXXODBHzHYAqQE8iaVxwrTvAeMZistPeeV4djIufjAD74NtE%2B54mPBmvYo9chc3RinstWVR3HAtg%3D"}],"group":"cf-nel","max_age":604800}
content-type: font/woff2
access-control-allow-origin: *
access-control-expose-headers: *
cache-control: public, max-age=31536000, s-maxage=31536000, immutable
accept-ranges: bytes
timing-allow-origin: *
cf-ray: 80e9a587fd1e1b35-FRA

GET
H2 200 -F6jfjtqLzI2JPCgQBnw7HFyzSD-AsregP8VFBEj756wwr4v0qHnANADNsISRDl2PRkiiWsg.119.woff2
fonts.gstatic.com/s/notosansjp/v52/ 42 KB
42 KB 116ms
57ms Font
font/woff2 2a00:1450:4001:811::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/notosansjp/v52/-F6jfjtqLzI2JPCgQBnw7HFyzSD-AsregP8VFBEj756wwr4v0qHnANADNsISRDl2PRkiiWsg.119.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css2?family=Noto+Sans+JP&display=swap

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:811::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

c1ef167e3112a81527dac4791653d424da6848e92d7c642fa2ebd2e64f5656ae

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://lepronosticsur.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36

Response headers

date: Fri, 29 Sep 2023 04:02:55 GMT
x-content-type-options: nosniff
age: 87170
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42600
x-xss-protection: 0
last-modified: Tue, 02 May 2023 16:11:13 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Sat, 28 Sep 2024 04:02:55 GMT

GET
H2 200 -F6jfjtqLzI2JPCgQBnw7HFyzSD-AsregP8VFBEj756wwr4v0qHnANADNsISRDl2PRkiiWsg.117.woff2
fonts.gstatic.com/s/notosansjp/v52/ 7 KB
7 KB 109ms
54ms Font
font/woff2 2a00:1450:4001:811::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/notosansjp/v52/-F6jfjtqLzI2JPCgQBnw7HFyzSD-AsregP8VFBEj756wwr4v0qHnANADNsISRDl2PRkiiWsg.117.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css2?family=Noto+Sans+JP&display=swap

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:811::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

5be922c61278c45cc283eabbf51616c700e5faf818106af7b1f3bd4dbaeac87d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://lepronosticsur.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36

Response headers

date: Thu, 28 Sep 2023 21:29:28 GMT
x-content-type-options: nosniff
age: 110777
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 7352
x-xss-protection: 0
last-modified: Tue, 02 May 2023 15:40:24 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Fri, 27 Sep 2024 21:29:28 GMT

GET
H2 200 -F6jfjtqLzI2JPCgQBnw7HFyzSD-AsregP8VFBEj756wwr4v0qHnANADNsISRDl2PRkiiWsg.59.woff2
fonts.gstatic.com/s/notosansjp/v52/ 10 KB
10 KB 73ms
26ms Font
font/woff2 2a00:1450:4001:811::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/notosansjp/v52/-F6jfjtqLzI2JPCgQBnw7HFyzSD-AsregP8VFBEj756wwr4v0qHnANADNsISRDl2PRkiiWsg.59.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css2?family=Noto+Sans+JP&display=swap

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:811::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

0ea03adcebfb49b6761f1a08692a22bda05e305ca61e8e2ac225007fabf28e07

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://lepronosticsur.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36

Response headers

date: Fri, 29 Sep 2023 23:21:23 GMT
x-content-type-options: nosniff
age: 17662
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 10240
x-xss-protection: 0
last-modified: Tue, 02 May 2023 15:34:36 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Sat, 28 Sep 2024 23:21:23 GMT

GET
H2 200 -F6jfjtqLzI2JPCgQBnw7HFyzSD-AsregP8VFBEj756wwr4v0qHnANADNsISRDl2PRkiiWsg.110.woff2
fonts.gstatic.com/s/notosansjp/v52/ 10 KB
10 KB 91ms
44ms Font
font/woff2 2a00:1450:4001:811::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/notosansjp/v52/-F6jfjtqLzI2JPCgQBnw7HFyzSD-AsregP8VFBEj756wwr4v0qHnANADNsISRDl2PRkiiWsg.110.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css2?family=Noto+Sans+JP&display=swap

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:811::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

801e002ecc49cda34ba6522e68b42677d5c66a3213d3cc031a719d1e704d20e9

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://lepronosticsur.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36

Response headers

date: Mon, 25 Sep 2023 09:08:23 GMT
x-content-type-options: nosniff
age: 414442
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 9872
x-xss-protection: 0
last-modified: Tue, 02 May 2023 16:06:18 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Tue, 24 Sep 2024 09:08:23 GMT

GET
H2 200 -F6jfjtqLzI2JPCgQBnw7HFyzSD-AsregP8VFBEj756wwr4v0qHnANADNsISRDl2PRkiiWsg.111.woff2
fonts.gstatic.com/s/notosansjp/v52/ 10 KB
10 KB 85ms
40ms Font
font/woff2 2a00:1450:4001:811::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/notosansjp/v52/-F6jfjtqLzI2JPCgQBnw7HFyzSD-AsregP8VFBEj756wwr4v0qHnANADNsISRDl2PRkiiWsg.111.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css2?family=Noto+Sans+JP&display=swap

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:811::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

fe4da0ee63d24cd5275b5e9fa83c1cf1ac6a49f6ab7f3b28264d8b0d17193cb0

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://lepronosticsur.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36

Response headers

date: Thu, 28 Sep 2023 21:34:35 GMT
x-content-type-options: nosniff
age: 110470
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 10424
x-xss-protection: 0
last-modified: Tue, 02 May 2023 16:11:07 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Fri, 27 Sep 2024 21:34:35 GMT

GET
H2 200 -F6jfjtqLzI2JPCgQBnw7HFyzSD-AsregP8VFBEj756wwr4v0qHnANADNsISRDl2PRkiiWsg.116.woff2
fonts.gstatic.com/s/notosansjp/v52/ 9 KB
10 KB 85ms
49ms Font
font/woff2 2a00:1450:4001:811::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/notosansjp/v52/-F6jfjtqLzI2JPCgQBnw7HFyzSD-AsregP8VFBEj756wwr4v0qHnANADNsISRDl2PRkiiWsg.116.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css2?family=Noto+Sans+JP&display=swap

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:811::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

9a04927eed0d57c4cad3d56e933bdeb5a9e06de9d9ebabbe99a732547f341e77

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://lepronosticsur.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36

Response headers

date: Sat, 23 Sep 2023 05:18:47 GMT
x-content-type-options: nosniff
age: 601018
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 9688
x-xss-protection: 0
last-modified: Tue, 02 May 2023 15:40:23 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Sun, 22 Sep 2024 05:18:47 GMT

GET
H2 200 cookie.js Show response
partner.googleadservices.com/gampad/ 403 B
610 B 81ms
30ms Script
text/javascript 2a00:1450:4001:82a::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://partner.googleadservices.com/gampad/cookie.js?domain=lepronosticsur.com&callback=_gfp_s_&client=ca-pub-8526546483212704

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202309260101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-8526546483212704&plah=lepronosticsur.com&bust=31078272

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

fb77a88512ef017210995cc6d5b8da219d7006c6d77e7792abe5b5fec48dfee8

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://lepronosticsur.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36

Response headers

date: Sat, 30 Sep 2023 04:15:46 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-type: text/javascript; charset=UTF-8
cache-control: private
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 258
x-xss-protection: 0

GET
H2 200 ads Show response
googleads.g.doubleclick.net/pagead/ Frame 3881 603 B
245 B 73ms
72ms Document
text/html 2a00:1450:4001:82f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8526546483212704&output=html&adk=1812271804&adf=3025194257&lmt=1696040146&plat=3%3A16%2C4%3A16%2C9%3A32776%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32%2C41%3A32%2C42%3A32&format=0x0&url=https%3A%2F%2Flepronosticsur.com%2F&ea=0&pra=5&wgl=1&easpi=0&asro=0&asiscm=1&aslmt=0.4&asamt=-1&asedf=0&asefa=1&aseiel=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1696047345840&bpp=7&bdt=170&idt=206&shv=r20230927&mjsv=m202309260101&ptt=9&saldr=aa&abxe=1&nras=1&correlator=6235789625662&frm=20&pv=2&ga_vid=706235578.1696047346&ga_sid=1696047346&ga_hid=80816889&ga_fc=0&u_tz=120&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759926%2C44759837%2C44759875%2C31077328%2C31078144%2C31078272%2C31078297&oid=2&pvsid=2429674304495727&tmod=976793852&uas=0&nvt=1&fsapi=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=32768&bc=31&ifi=1&uci=a!1&fsb=1&dtd=232

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

00daef3b4a945d15f73efa05e0ce2ca51f2f8252e1da8fae5c2efb0f6dddacce

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://lepronosticsur.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private
content-encoding: br
content-length: 46
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Sat, 30 Sep 2023 04:15:46 GMT
expires: Sat, 30 Sep 2023 04:15:46 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 sodar Show response
pagead2.googlesyndication.com/getconfig/ 16 KB
12 KB 37ms
37ms XHR
application/json 2a00:1450:4001:82a::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gda&tv=r20230927&st=env

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3d0b69010e51c02015da907d4bc4a09306b0ab0fe479fc4f1fe915383129be12

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://lepronosticsur.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36

Response headers

date: Sat, 30 Sep 2023 04:15:46 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
content-type: application/json; charset=UTF-8
access-control-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 12192
x-xss-protection: 0

GET
H2 200 sodar2.js Show response
tpc.googlesyndication.com/sodar/ 17 KB
7 KB 107ms
28ms Script
text/javascript 2a00:1450:4001:82b::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://lepronosticsur.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36

Response headers

date: Sat, 30 Sep 2023 04:15:46 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 6386
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
etag: "1637097310169751"
vary: Accept-Encoding
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Sat, 30 Sep 2023 04:15:46 GMT

GET
H2 200 runner.html Show response
tpc.googlesyndication.com/sodar/sodar2/225/ Frame 1A8B 13 KB
5 KB 22ms
21ms Document
text/html 2a00:1450:4001:82b::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://lepronosticsur.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
age: 66192
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=31536000
content-encoding: gzip
content-length: 5046
content-type: text/html
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy: cross-origin
date: Fri, 29 Sep 2023 09:52:34 GMT
expires: Sat, 28 Sep 2024 09:52:34 GMT
last-modified: Mon, 21 Jun 2021 20:47:05 GMT
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server: sffe
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 aframe Show response
www.google.com/recaptcha/api2/ Frame B94C 829 B
1 KB 83ms
30ms Document
text/html 2a00:1450:4001:801::2004
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/recaptcha/api2/aframe

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:801::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

GSE /

Resource Hash

27ae63140c2d084fae3b5cc3c007a9d2c8abebcd5fabf7ff48f61b356bba2a17

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-ccg0dogNMy9sjFDgvXpi5w' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://lepronosticsur.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private, max-age=300
content-encoding: gzip
content-security-policy: script-src 'report-sample' 'nonce-ccg0dogNMy9sjFDgvXpi5w' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-type: text/html; charset=utf-8
cross-origin-embedder-policy: require-corp
cross-origin-resource-policy: cross-origin
date: Sat, 30 Sep 2023 04:15:46 GMT
expires: Sat, 30 Sep 2023 04:15:46 GMT
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
server: GSE
x-content-type-options: nosniff
x-xss-protection: 1; mode=block

GET
H3 200 BAadeGEE1qHjsQ6c_rqFtjeXulPdvwUFIKdhRpM9mgY.js Show response
pagead2.googlesyndication.com/bg/ Frame 1A8B 37 KB
14 KB 21ms
21ms Script
text/javascript 2a00:1450:4001:82a::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/BAadeGEE1qHjsQ6c_rqFtjeXulPdvwUFIKdhRpM9mgY.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

04069d786104d6a1e3b10e9cfeba85b63797ba53ddbf050520a76146933d9a06

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36

Response headers

date: Fri, 29 Sep 2023 10:18:06 GMT
content-encoding: br
x-content-type-options: nosniff
age: 64660
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 14550
x-xss-protection: 0
last-modified: Mon, 25 Sep 2023 09:28:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Sat, 28 Sep 2024 10:18:06 GMT

GET
H3 204 sodar
pagead2.googlesyndication.com/pagead/ Frame B94C 0
0 54ms
54ms Image
text/html 2a00:1450:4001:82a::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&li=gda_r20230927&jk=2429674304495727&rc=
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36

Response headers

GET
H3 204 generate_204
tpc.googlesyndication.com/ Frame 1A8B 0
10 B 22ms
22ms Image
text/plain 2a00:1450:4001:82b::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://tpc.googlesyndication.com/generate_204?8o0W4A
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:82b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36

Response headers

date: Sat, 30 Sep 2023 04:15:46 GMT
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0

GET
H3 204 sodar
pagead2.googlesyndication.com/pagead/ 0
0 59ms
58ms Image
text/html 2a00:1450:4001:82a::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&t=2&li=gda_r20230927&jk=2429674304495727&bg=!cXKlcj3NAAYEJRtnJCU7ADQBe5WfOCY_wSB1pPP07PEBU5M3oJsmuI2MUQu6JzHMEneTxpT4XjTvPdSO5sVBOA9f1U2VAgAAAEpSAAAACWgBBwoAmT7KIyO_qldcpaLTIZvwevUXmnj3o_GZLNVHcIP6g7AJAMmauZVSu4Yuqvy7_ai4dHWun3bFwGO4dDTIM6rGktdKm82W8gWQHbINBwDvaVGem3YBIPriGs3ZuLPYh9ZYAmwXQsmvhGyF3S_LpLB6qwSIFk2a-9NCKA3KwMLdmWN9D0D8grHtPuJ6N2V8U8_RYK7r83Kq8spUYZkCs80ui8VuwoiCmJopoqHxWrtURrxnfZX5KkOPuHVSURZZVdXuz73_5Ve6WySH8u_y0EQbjP0OM2k4Zh0T2WdkV7r9nlpPi0Try9vwjQLH0FZXO3AaxKdxJVTyqxZ6UL0TiEjVKnyCPqsHr2n2CxhguP-QY3qAuvODixekYlVHlz_9WnKA4HVRpm7sf0_xHAmqVub5QD1YPBJhmYqhREx3bBvbn-sNGKDmUalRPoaLUmuLjD48LzUEP8mt2R8u-cuqWud_40nBTqEGmG1oCjhiCWojANWYVvMR82UOOc2UStoawT5eMcA9eA3IkITkKozcjGrd95x2KwL0_4efG7Kn2wMYvf-UAR9e_S8rQKlMHcwVRz6tMeh3f5vtntiwPPxgkRuZIcLDSFiVl8bvXZoBmg7xfiVGGZCxSEjutO7ZqHpSMpc23B3cL-nKXKuJ0I14Z-tMP3fFvegcUDxE7aP-lq_40mNSrRAMQNSxuexmhwIm52QGUdd8WQ40aAj4n-XHSTg4BDt3EBex1mQmluj9KbEHIeDfPhMjAQV_j6gCLNaWpeoHiWSYomxNZa8bVZydtXINJhxBaon8zqV3wDYKQSk6gHKVi0VYtp1qVym7AsfXgstsJ4WsYvYf6pgIb0eKCmr1jpyC0xygDGZs00GshMve92HWyBAjMPqpljRPbdM9xcV8OAAdKcCIShG5tbLSwr70dED1mQnOS6hgPe-AZoaB7O0vBUE-7Nw_CmFqpL0eRpuAewuNWHn0JgDK_dZ_q1CZP_NX0vng1oC7aPuTvct5-z8v2xfFevamMeKzft12DgT78YzcmKqo_YXvhB8u6Y-VGFTHg5H_T619TazKj8ERqEL_rofz2ai2Wtx0E4KLRm6j-DQ-d7w9zqjSZdaxdK13Eao77eIyzX5i-AmZ0zZbSP4
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://lepronosticsur.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36

Response headers

Verdicts & Comments Add Verdict or Comment

36 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

4 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
lepronosticsur.com/	1969-12-31 23:59:59	Name: PHPSESSID Value: 5rvla4taubgat286js4mprh408
.lepronosticsur.com/	1970-01-21 00:29:03	Name: __gads Value: ID=ac07fe959f5dd984-226f3fbeafde00b9:T=1696047346:RT=1696047346:S=ALNI_MYmnX0YE14HT830WJDDMRnIW3FMEA
.lepronosticsur.com/	1970-01-21 00:29:03	Name: __gpi Value: UID=00000c8853042e0c:T=1696047346:RT=1696047346:S=ALNI_Mb9c12GybXJ1Gfoa_UepPbxMK_b7g
.doubleclick.net/	1970-01-20 15:07:28	Name: test_cookie Value: CheckForPermission

3 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
security	warning	URL: https://lepronosticsur.com/ Message: Mixed Content: The page at 'https://lepronosticsur.com/' was loaded over HTTPS, but requested an insecure element 'http://lepronosticsur.com/lien/lepronosticsur.gif'. This request was automatically upgraded to HTTPS, For more information see https://blog.chromium.org/2019/10/no-more-mixed-messages-about-https.html
security	warning	URL: https://lepronosticsur.com/(Line 544) Message: Mixed Content: The page at 'https://lepronosticsur.com/' was loaded over HTTPS, but requested an insecure element 'http://lepronosticsur.com/lien/lepronosticsur.gif'. This request was automatically upgraded to HTTPS, For more information see https://blog.chromium.org/2019/10/no-more-mixed-messages-about-https.html
network	error	URL: https://lh3.googleusercontent.com/blogger_img_proxy/ABLy4EyEVlbvzMp5DjMV7-W4kA0f1xgVaFIVD8Bbn2HreERuW-pUDmdq4zWbEZ_LaJq3s4PPr2hXIaex6MJ8XysMBvHPMW5DRqW_QvWm6lDyGQ8guGmpe2TAIT6ZC7L-7IngJY7RvIjbJf4H4_tlD1WL=s0-d Message: Failed to load resource: the server responded with a status of 403 ()

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

1.bp.blogspot.com
ainebeturf.parissur.com
astrodefi.parissur.com
blogger.googleusercontent.com
cdn.ampproject.org
cdn.jsdelivr.net
code.jquery.com
evigetir.com
fonts.googleapis.com
fonts.gstatic.com
gifsdomi.files.wordpress.com
googleads.g.doubleclick.net
infopmu32.parissur.com
kvturf.parissur.com
lepronosticsur.com
lh3.googleusercontent.com
okplus.parissur.com
pagead2.googlesyndication.com
parissur.com
partner.googleadservices.com
tpc.googlesyndication.com
www.google.com
173.225.100.28
192.0.72.31
2606:4700::6810:5814
2a00:1450:4001:801::2004
2a00:1450:4001:80b::2001
2a00:1450:4001:810::2001
2a00:1450:4001:811::2003
2a00:1450:4001:828::2001
2a00:1450:4001:82a::2002
2a00:1450:4001:82b::2001
2a00:1450:4001:82f::2002
2a00:1450:4001:82f::200a
2a00:7ee0:8:0:3:77:0:5b1
2a04:4e42:200::649
94.73.150.218
00daef3b4a945d15f73efa05e0ce2ca51f2f8252e1da8fae5c2efb0f6dddacce
04069d786104d6a1e3b10e9cfeba85b63797ba53ddbf050520a76146933d9a06
041fe6e516177e777c651a95708ee4961723db34a974e8be9e6ba597a1313e51
0de248bd56a558f104d0a54c75b7145d817166290b452db16c72d6d05c12ca7e
0ea03adcebfb49b6761f1a08692a22bda05e305ca61e8e2ac225007fabf28e07
1dde1375974491ce3d7479b63537f9b87c500f10b8ecfa5f897cd270cc4b696f
27ae63140c2d084fae3b5cc3c007a9d2c8abebcd5fabf7ff48f61b356bba2a17
31622123aa1c32760dc301e3ce1daac38605234de71a454962e2704ea793b4a1
3581fea87b88f3ed5a0038ef932fe75c9be6e2c8c12f6f3116cbc8a1405ee8b2
3c2d876e3606673346afd17d841dcc8448f898abf457d42728e03bfe763bd09e
3c325075337b768950583012228055ae392e384688d77ec5235e6ca88dcec6ef
3d0b69010e51c02015da907d4bc4a09306b0ab0fe479fc4f1fe915383129be12
3dfd279c1250d95fd9fed1aff56a1ec47bc8000ab4bc622e8c50c28103799238
47f96d6edf9d568cb918f82275fff91f91dfdbd736b335475b03c48efeab3269
4a8693606f71aae5b8a8350f57b17683b7f09b5d2d7593b033264468567e7617
55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a
56c12a125b021d21a69e61d7190cefa168d6c28ce715265cea1b3b0112d169c4
5be922c61278c45cc283eabbf51616c700e5faf818106af7b1f3bd4dbaeac87d
61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb
72d6edc21111a06e609c0df86bbc9b150e2a4eee7bd24307267d86dd7f3e03d2
76506e128f2b47b7179f5037bd885a1674455ffeb6b5093cdb4c7eefbf436ce8
7928b5ab63c6e89ee0ee26f5ef201a58c72baf91abb688580a1aa26eb57b3c11
801e002ecc49cda34ba6522e68b42677d5c66a3213d3cc031a719d1e704d20e9
94fd3c9bd8a8f2d3e8925e8f24dd8b476dbaa0be710cd24de5a4d0139a48d1db
9a04927eed0d57c4cad3d56e933bdeb5a9e06de9d9ebabbe99a732547f341e77
9c2b866bb93649dd2611dc6a4f4a695589129e57a24b76c932c05c531a2ddc63
a373d02a6c5a31cde77a20c06287913ed041f381282c6fb0310d57f20a52febc
ad7e0dfa851c5039adc4d6648d73f74abe94ec66a0df82dec23bf1544b41a590
baa0b88f37939a9f1927e651e49eac578f4ae7e8c5710e505e2f725cfa56ded2
bb18ec4bd71814b4e39a5afc8f98be0eabce2c206e811cc4796c5431665e6174
bc1b47a22f3ea13634aaf015c3a7fe64ae80a642ca5375a6cd9bbff2e0c93d05
c1ef167e3112a81527dac4791653d424da6848e92d7c642fa2ebd2e64f5656ae
c89fb2c5f7ffecf06bdc3c535d474d92285f324f89223b35f27c75970d55e4a0
dde76b9b2b90d30eb97fc81f06caa8c338c97b688cea7d2729c88f529f32fbb1
e02d6d2aeb471c7b7ff952f1db0e48c6e31e149c7d754f37cce05f5f47d26a79
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e5f53f442f57af8ff38aeb84f9d158abd6e3699dc4ff898f9a1062d4336517ea
e9829fbbcc18407deb28b49dac24d8146981b22b4a4813f1699c7773e80c01b9
eb8d60e97e7a1033f586520840484782ba7290caa9d8ef9b482e4ecd37081b8d
f7cbc01a310318defd4e31e4616543e2cf3baef5a47562c73ece4c0b716f157e
f891b93af4803826f8796ae7814e9bf22c240bd3cfedab7545211d78dd9baeb2
fb77a88512ef017210995cc6d5b8da219d7006c6d77e7792abe5b5fec48dfee8
fc7fe45db078b8395d7995216bc97c7ebf483b939096068d1f6494d6fd1056da
fe4da0ee63d24cd5275b5e9fa83c1cf1ac6a49f6ab7f3b28264d8b0d17193cb0

lepronosticsur.com Open in urlscan Pro 173.225.100.28 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Detected technologies

Page Statistics

49 Requests

100 %HTTPS

80 %IPv6

15 Domains

22 Subdomains

15 IPs

4 Countries

1598 kBTransfer

2430 kBSize

4 Cookies

7 Outgoing links

Redirected requests

49 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 0 data transactions

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

lepronosticsur.com Open in urlscan Pro
173.225.100.28 Public Scan

Screenshot
Live screenshot

Full Image

49
Requests

100 %
HTTPS

80 %
IPv6

15
Domains

22
Subdomains

15
IPs

4
Countries

1598 kB
Transfer

2430 kB
Size

4
Cookies

49 HTTP transactions
0 data transactions