urlscan.io logo urlscan.io
SecurityTrails logo

ldaht.location-bonaparte-ajaccio.fr Open in urlscan Pro
2606:4700:3035::ac43:b724  Public Scan

Go To Rescan Add Verdict Report
Submitted URL: http://ldaht.location-bonaparte-ajaccio.fr/
Effective URL: https://ldaht.location-bonaparte-ajaccio.fr/
Submission: On November 29 via api from US — Scanned from US
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 10 IPs in 4 countries across 10 domains to perform 15 HTTP transactions. The main IP is 2606:4700:3035::ac43:b724, located in United States and belongs to CLOUDFLARENET, US. The main domain is ldaht.location-bonaparte-ajaccio.fr.
TLS certificate: Issued by GTS CA 1P5 on November 22nd 2022. Valid for: 3 months.
This is the only time ldaht.location-bonaparte-ajaccio.fr was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
1 3 2606:4700:303... 13335 (CLOUDFLAR...)
3 2606:4700:e2:... 13335 (CLOUDFLAR...)
2 2606:4700::68... 13335 (CLOUDFLAR...)
2 2607:f8b0:400... 15169 (GOOGLE)
1 195.181.166.177 60068 (CDN77 ^_^)
1 2606:4700:303... 13335 (CLOUDFLAR...)
1 212.175.170.116 9121 (TTNET)
1 176.236.13.148 34984 (TELLCOM-AS)
1 51.81.107.96 16276 (OVH)
1 2001:4de0:ac1... 20446 (STACKPATH...)
15 10
3    2606:4700:3035::ac43:b724 (United States)

ASN13335 (CLOUDFLARENET, US)
ldaht.location-bonaparte-ajaccio.fr
3    2606:4700:e2::ac40:850f (United States)

ASN13335 (CLOUDFLARENET, US)
use.fontawesome.com
2    2606:4700::6812:bcf (United States)

ASN13335 (CLOUDFLARENET, US)
stackpath.bootstrapcdn.com
2    2607:f8b0:4006:822::2001 (Hudson Falls, United States)

ASN15169 (GOOGLE, US)
3.bp.blogspot.com
1.bp.blogspot.com
1    195.181.166.177 (Stockholm, Sweden)

ASN60068 (CDN77 ^_^, GB)
PTR: unn-195-181-166-177.datapacket.com
img3.aksam.com.tr
1    2606:4700:3037::ac43:d5af (United States)

ASN13335 (CLOUDFLARENET, US)
www.doctormito.com
1    212.175.170.116 (Cankaya, Turkey)

ASN9121 (TTNET, TR)
PTR: ftp.meb.gov.tr
cariksarayshtbekiraksozoo.meb.k12.tr
1    176.236.13.148 (Istanbul, Turkey)

ASN34984 (TELLCOM-AS, TR)
www.libresensor.com
1    51.81.107.96 (Warrenton, United States)

ASN16276 (OVH, FR)
PTR: ns1000014.ip-51-81-107.us
im.haberturk.com
1    2001:4de0:ac18::1:a:2b (Netherlands)

ASN20446 (STACKPATH-CDN, US)
code.jquery.com
Apex Domain
Subdomains		 Transfer
3 fontawesome.com
use.fontawesome.com — Cisco Umbrella Rank: 1277
120 KB
3 location-bonaparte-ajaccio.fr
ldaht.location-bonaparte-ajaccio.fr
14 KB
2 blogspot.com
3.bp.blogspot.com — Cisco Umbrella Rank: 12084
1.bp.blogspot.com — Cisco Umbrella Rank: 9060
175 KB
2 bootstrapcdn.com
stackpath.bootstrapcdn.com — Cisco Umbrella Rank: 2619
37 KB
1 jquery.com
code.jquery.com — Cisco Umbrella Rank: 839
30 KB
1 haberturk.com
im.haberturk.com — Cisco Umbrella Rank: 54739
29 KB
1 libresensor.com
www.libresensor.com
295 KB
1 meb.k12.tr
cariksarayshtbekiraksozoo.meb.k12.tr
43 KB
1 doctormito.com
www.doctormito.com
29 KB
1 aksam.com.tr
img3.aksam.com.tr — Cisco Umbrella Rank: 311168
10 KB
15 10
Domain Requested by
3 use.fontawesome.com ldaht.location-bonaparte-ajaccio.fr
use.fontawesome.com
3 ldaht.location-bonaparte-ajaccio.fr 1 redirects ldaht.location-bonaparte-ajaccio.fr
2 stackpath.bootstrapcdn.com ldaht.location-bonaparte-ajaccio.fr
1 code.jquery.com ldaht.location-bonaparte-ajaccio.fr
1 im.haberturk.com ldaht.location-bonaparte-ajaccio.fr
1 1.bp.blogspot.com ldaht.location-bonaparte-ajaccio.fr
1 www.libresensor.com ldaht.location-bonaparte-ajaccio.fr
1 cariksarayshtbekiraksozoo.meb.k12.tr ldaht.location-bonaparte-ajaccio.fr
1 www.doctormito.com ldaht.location-bonaparte-ajaccio.fr
1 img3.aksam.com.tr ldaht.location-bonaparte-ajaccio.fr
1 3.bp.blogspot.com ldaht.location-bonaparte-ajaccio.fr
15 11
Subject Issuer Validity Valid
*.location-bonaparte-ajaccio.fr
GTS CA 1P5		 2022-11-22 -
2023-02-20		 3 months crt.sh
sni.cloudflaressl.com
Cloudflare Inc ECC CA-3		 2022-06-06 -
2023-06-05		 a year crt.sh
misc-sni.blogspot.com
GTS CA 1C3		 2022-11-02 -
2023-01-25		 3 months crt.sh
img3.aksam.com.tr
R3		 2022-10-08 -
2023-01-06		 3 months crt.sh
*.meb.k12.tr
AlphaSSL CA - SHA256 - G2		 2022-11-25 -
2023-12-27		 a year crt.sh
libresensor.com
RapidSSL TLS DV RSA Mixed SHA256 2020 CA-1		 2022-02-09 -
2023-02-09		 a year crt.sh
*.haberturk.com
RapidSSL Global TLS RSA4096 SHA256 2022 CA1		 2022-07-11 -
2023-07-11		 a year crt.sh
*.jquery.com
Sectigo RSA Domain Validation Secure Server CA		 2022-08-03 -
2023-07-14		 a year crt.sh

This page contains 1 frames:

Primary Page: https://ldaht.location-bonaparte-ajaccio.fr/
Frame ID: 32BCA9084ED0B88A290AFB644587BC5F
Requests: 15 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page Title

Diyabet Günü Şiirleri

Page URL History Show full URLs

  1. http://ldaht.location-bonaparte-ajaccio.fr/ HTTP 301
    https://ldaht.location-bonaparte-ajaccio.fr/ Page URL

Detected technologies

Overall confidence: 100%
Detected patterns
  • <link[^>]* href=[^>]*?bootstrap(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)[^>]*?(?:\.min)?\.css
  • bootstrap(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)[^>]*?(?:\.min)?\.js
Overall confidence: 100%
Detected patterns
  • <link[^>]* href=[^>]*?(?:F|f)o(?:n|r)t-?(?:A|a)wesome(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)
  • (?:F|f)o(?:n|r)t-?(?:A|a)wesome(?:.*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)
Overall confidence: 100%
Detected patterns
  • jquery[.-]([\d.]*\d)[^/]*\.js
  • jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

Page Statistics

15
Requests

100 %
HTTPS

60 %
IPv6

10
Domains

11
Subdomains

10
IPs

4
Countries

781 kB
Transfer

1037 kB
Size

1
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. http://ldaht.location-bonaparte-ajaccio.fr/ HTTP 301
    https://ldaht.location-bonaparte-ajaccio.fr/ Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

15 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Primary Request /
ldaht.location-bonaparte-ajaccio.fr/
Redirect Chain
  • http://ldaht.location-bonaparte-ajaccio.fr/
  • https://ldaht.location-bonaparte-ajaccio.fr/
24 KB
10 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://ldaht.location-bonaparte-ajaccio.fr/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3035::ac43:b724 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
ecca00b031a1f7f7578778d31772a983ae5e445bed8b0179bcdd29115678e30e

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
cache-control
max-age=604800
cf-cache-status
DYNAMIC
cf-ray
771b293cbf570325-MIA
content-encoding
br
content-type
text/html; charset=UTF-8
date
Tue, 29 Nov 2022 11:56:37 GMT
expires
Tue, 06 Dec 2022 11:56:37 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
pragma
no-cache
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=41nAz8Lsr9ztkGE9gMXT5OQzRIfmFavDOnWGyZ3MD0veSX6w9XNJ5JaPI7qlAfLDpe%2BAnYLhh2t00zvrF9hJEJK5j68WZQvR0%2BNbsSwo%2F1OGlblHyVuDVfFy7%2BO6FmB17%2FjxvNfnzPiQ5HxKblzSob%2FmGbvTYna4gaLKbzGTrxsjUQ%3D%3D"}],"group":"cf-nel","max_age":604800}
server
cloudflare

Redirect headers

CF-Cache-Status
DYNAMIC
CF-RAY
771b29381ee8db29-MIA
Cache-Control
max-age=604800
Connection
keep-alive
Content-Type
text/html; charset=UTF-8
Date
Tue, 29 Nov 2022 11:56:36 GMT
Expires
Tue, 06 Dec 2022 11:56:36 GMT
Location
https://ldaht.location-bonaparte-ajaccio.fr/
NEL
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Report-To
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=MFAufZCSXduW%2BI6k1ycoXwyKn6pZX3GaJ9hpScBrrwGx%2ByyIGfdQKVcX0%2FZCJIodJM6CLtmN4xabA31FnTPoICIvboUatQE28A05flpZwWMbSW24Mxlc9BnC9OnPuu2IIMwCVEvaoM924WN2pEGlkFUM%2Btr8bwMfjT4mwBF4L6jRfA%3D%3D"}],"group":"cf-nel","max_age":604800}
Server
cloudflare
Transfer-Encoding
chunked
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
all.css
use.fontawesome.com/releases/v5.0.13/css/ 		40 KB
9 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://use.fontawesome.com/releases/v5.0.13/css/all.css
Requested by
Host: ldaht.location-bonaparte-ajaccio.fr
URL: https://ldaht.location-bonaparte-ajaccio.fr/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:e2::ac40:850f , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
43730866612149a27f49159d7c4f19185c8694bb91bf41abc884a6fe1346e96e

Request headers

accept-language
en-US,en;q=0.9
Referer
https://ldaht.location-bonaparte-ajaccio.fr/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36

Response headers

date
Tue, 29 Nov 2022 11:56:37 GMT
content-encoding
br
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-amz-request-id
RXYPGTXN1S87RWD3
age
28170318
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-amz-id-2
6wxJIXDfYOr21MjNYYqlP6OVT6zapYhvuCqOPP0+McUbfbpdXijbzBMd7pSY/jIkLu0pkViKTjA=
last-modified
Wed, 30 Jun 2021 15:27:31 GMT
server
cloudflare
etag
W/"d61bfe9b56c13ecff5313ee3abb45e8b"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=AGN18L8CaJhcQhZ94uKa8btkO1wD%2Bh9twx8Z9fgGznlKvKLES%2ByGMIZus9fUfrWxduVZIxWKab9l8t3BQF2BP0djjQqUKDN7kUAzHk1JrXb0OafuuZfgGkYXqDoOKQVmfg%2BXpnwPAdSzB9hkJEshUT1v"}],"group":"cf-nel","max_age":604800}
content-type
text/css
cache-control
max-age=31556926
cf-ray
771b2940e95f8de4-MIA
bootstrap.min.css
stackpath.bootstrapcdn.com/bootstrap/4.1.1/css/ 		138 KB
22 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://stackpath.bootstrapcdn.com/bootstrap/4.1.1/css/bootstrap.min.css
Requested by
Host: ldaht.location-bonaparte-ajaccio.fr
URL: https://ldaht.location-bonaparte-ajaccio.fr/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:bcf , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
31df1e69ea3aece8a8bae5c08bcb7f5e977cb76f886897b301355359b66a48ec
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
en-US,en;q=0.9
Referer
https://ldaht.location-bonaparte-ajaccio.fr/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36

Response headers

date
Tue, 29 Nov 2022 11:56:37 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
x-content-type-options
nosniff
cf-cache-status
HIT
content-encoding
br
cdn-edgestorageid
625
age
8406767
cdn-cachedat
07/15/2022 01:29:14
cdn-pullzone
252412
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
last-modified
Mon, 25 Jan 2021 22:04:05 GMT
cdn-proxyver
1.02
cdn-requestpullcode
200
server
cloudflare
etag
W/"a7022c6fa83d91db67738d6e3cd3252d"
vary
Accept-Encoding
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cdn-cache
HIT
cdn-uid
b1941f61-b576-4f40-80de-5677acb38f74
cache-control
public, max-age=31919000
cdn-requestid
d0b15289a00689889c4e10730257c48a
timing-allow-origin
*
cdn-requestcountrycode
US
cdn-status
200
cf-ray
771b2940ea9e6dc8-MIA
cdn-requestpullsuccess
True
jquery.min.js
ldaht.location-bonaparte-ajaccio.fr/js/ 		13 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://ldaht.location-bonaparte-ajaccio.fr/js/jquery.min.js
Requested by
Host: ldaht.location-bonaparte-ajaccio.fr
URL: https://ldaht.location-bonaparte-ajaccio.fr/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3035::ac43:b724 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
20105cdc4ce8f30c07d1d599db81fd10ef5e0db5131945c0a39462cc70f8f79a

Request headers

accept-language
en-US,en;q=0.9
Referer
https://ldaht.location-bonaparte-ajaccio.fr/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 29 Nov 2022 11:56:37 GMT
content-encoding
br
cf-cache-status
MISS
last-modified
Tue, 29 Nov 2022 11:56:37GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=l0BrP7MQrnhTwSw%2Bti8vtqBxJLxMwOW3CaazbwQSQwVy%2BDk01sdl1fwitCCamN8cgMllXuh%2Bw3HGGEqBYr8reKrG2%2BzjFVV9BaLyCsmoMfYReUI239wsx1ZsWUN%2FUK5d%2F7ICYxvZ5OkTCT3Jg8KsaPsQRVh6F4cfsdXdwyIYelL7pA%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
text/html; charset=UTF-8
cache-control
max-age=604800
cf-ray
771b293f4a8d0325-MIA
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
expires
Tue, 06 Dec 2022 11:56:37 GMT
dilegi_olan_ruyada_gormek_icin_bu_terkibi_yapar.jpg
3.bp.blogspot.com/-7qm6WQkbkl8/WWs7pI2tLfI/AAAAAAAAGkk/Bgz_r4asEu8u5W9yXbjka2eDsLvgpw6VgCLcBGAs/s1600/ 		64 KB
65 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://3.bp.blogspot.com/-7qm6WQkbkl8/WWs7pI2tLfI/AAAAAAAAGkk/Bgz_r4asEu8u5W9yXbjka2eDsLvgpw6VgCLcBGAs/s1600/dilegi_olan_ruyada_gormek_icin_bu_terkibi_yapar.jpg
Requested by
Host: ldaht.location-bonaparte-ajaccio.fr
URL: https://ldaht.location-bonaparte-ajaccio.fr/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4006:822::2001 Hudson Falls, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
fife /
Resource Hash
b1576ddda85ab82b280bdf1980efa8f913606b742831baaf057ee6ca531c7715
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://ldaht.location-bonaparte-ajaccio.fr/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36

Response headers

date
Tue, 29 Nov 2022 11:56:38 GMT
x-content-type-options
nosniff
server
fife
etag
"v1a66"
vary
Origin
content-type
image/jpeg
access-control-allow-origin
*
access-control-expose-headers
Content-Length
cache-control
public, max-age=86400, no-transform
content-disposition
inline;filename="dilegi_olan_ruyada_gormek_icin_bu_terkibi_yapar.jpg"
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
65598
x-xss-protection
0
expires
Wed, 30 Nov 2022 11:56:38 GMT
5c08f4040f25442cb8aab4af-1411202016053429360bcf25c3.jpg
img3.aksam.com.tr/imgsdisk/2020/11/14/ 		9 KB
10 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://img3.aksam.com.tr/imgsdisk/2020/11/14/5c08f4040f25442cb8aab4af-1411202016053429360bcf25c3.jpg
Requested by
Host: ldaht.location-bonaparte-ajaccio.fr
URL: https://ldaht.location-bonaparte-ajaccio.fr/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
195.181.166.177 Stockholm, Sweden, ASN60068 (CDN77 ^_^, GB),
Reverse DNS
unn-195-181-166-177.datapacket.com
Software
MerlinCDN / ASP.NET
Resource Hash
9c95746d06119f8fdd246c8b1df13477ab01ad2bc8b877575f61b706e40e303f

Request headers

accept-language
en-US,en;q=0.9
Referer
https://ldaht.location-bonaparte-ajaccio.fr/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36

Response headers

date
Tue, 29 Nov 2022 11:56:39 GMT
via
HTTP/2.0 Merlin CDN
age
0
x-midtier
de-fra-lea-s01
x-powered-by
ASP.NET
content-length
9454
last-modified
Thu, 10 Jun 2021 12:29:03 GMT
server
MerlinCDN
etag
W/"8091fa32f45dd71:0"
allow
GET, HEAD
content-type
image/webp
access-control-allow-origin
*
x-edge
se-sto-dp-s01
cache-control
max-age=86400
x-ecache
MISS
accept-ranges
bytes
x-mcache
MISS
diyabet-hastalari-icin-gida-takviyeleri-onerileri.jpg
www.doctormito.com/asset/images/blog/ 		29 KB
29 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.doctormito.com/asset/images/blog/diyabet-hastalari-icin-gida-takviyeleri-onerileri.jpg
Requested by
Host: ldaht.location-bonaparte-ajaccio.fr
URL: https://ldaht.location-bonaparte-ajaccio.fr/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3037::ac43:d5af , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / PleskLin
Resource Hash
c9b2e4f6e87c5c8f3308b10913af07bdd22ef2252bb179e8b12fafbb88709027
Security Headers
Name Value
Strict-Transport-Security max-age=15768000; includeSubDomains

Request headers

accept-language
en-US,en;q=0.9
Referer
https://ldaht.location-bonaparte-ajaccio.fr/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36

Response headers

date
Tue, 29 Nov 2022 11:56:38 GMT
strict-transport-security
max-age=15768000; includeSubDomains
cf-cache-status
MISS
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-powered-by
PleskLin
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
29242
last-modified
Wed, 23 Feb 2022 23:24:16 GMT
server
cloudflare
etag
"6216c220-723a"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=ejTk1hjjCVf2ykt79%2FRsVsvno0J8xSXNLDLD99mdECILbKLXaxCiCjvTO54ACxu5PDH0BeTvj86XOzMCM8A2JvSXocL%2ByeqOu%2FNBbqqf1tAHrj5wp8%2B4dMCi36WK6zD%2B8gXr0jUjD%2BRwW4K%2BBZfkQvM%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/jpeg
cache-control
max-age=31536000
accept-ranges
bytes
cf-ray
771b29422a6e8da8-MIA
expires
Wed, 29 Nov 2023 11:56:38 GMT
k_21090107_5.jpg
cariksarayshtbekiraksozoo.meb.k12.tr/meb_iys_dosyalar/32/09/706868/resimler/2018_11/ 		43 KB
43 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cariksarayshtbekiraksozoo.meb.k12.tr/meb_iys_dosyalar/32/09/706868/resimler/2018_11/k_21090107_5.jpg
Requested by
Host: ldaht.location-bonaparte-ajaccio.fr
URL: https://ldaht.location-bonaparte-ajaccio.fr/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
212.175.170.116 Cankaya, Turkey, ASN9121 (TTNET, TR),
Reverse DNS
ftp.meb.gov.tr
Software
Microsoft-IIS/10.0 / ASP.NET
Resource Hash
ae73e4d86aa7d93b93382defbd116be7c57616590cf42fd6ffb88b542e8ec53e

Request headers

accept-language
en-US,en;q=0.9
Referer
https://ldaht.location-bonaparte-ajaccio.fr/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36

Response headers

date
Tue, 29 Nov 2022 11:56:37 GMT
last-modified
Fri, 24 Dec 2021 12:26:59 GMT
server
Microsoft-IIS/10.0
etag
"341c618cc1f8d71:0"
x-powered-by
ASP.NET
content-type
image/jpeg
accept-ranges
bytes
content-length
43922
1-1278x374_diyabettanisinasilanlasilir_jo04gz.jpg
www.libresensor.com/Admin/Uploads/Cms/ 		294 KB
295 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.libresensor.com/Admin/Uploads/Cms/1-1278x374_diyabettanisinasilanlasilir_jo04gz.jpg
Requested by
Host: ldaht.location-bonaparte-ajaccio.fr
URL: https://ldaht.location-bonaparte-ajaccio.fr/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
176.236.13.148 Istanbul, Turkey, ASN34984 (TELLCOM-AS, TR),
Reverse DNS
Software
Microsoft-IIS/10.0 / ASP.NET
Resource Hash
59a08ae02c4702af684bb42aff5384ab549e55a24eb5381b0f6e4d8593fd8d64

Request headers

accept-language
en-US,en;q=0.9
Referer
https://ldaht.location-bonaparte-ajaccio.fr/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36

Response headers

date
Tue, 29 Nov 2022 11:56:38 GMT
last-modified
Tue, 08 Mar 2022 09:03:42 GMT
server
Microsoft-IIS/10.0
etag
"f1f8e268cb32d81:0"
x-powered-by
ASP.NET
content-type
image/jpeg
access-control-allow-origin
*
cache-control
max-age=15552000
accept-ranges
bytes
content-length
301402
diyabette-diyet.png
1.bp.blogspot.com/-v-V5xxRFJx4/YBQyOV4OJOI/AAAAAAAABLs/z_L2c4DBed4UN-c-f-DELju0PQGxgfDrQCLcBGAsYHQ/s16000/ 		111 KB
111 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://1.bp.blogspot.com/-v-V5xxRFJx4/YBQyOV4OJOI/AAAAAAAABLs/z_L2c4DBed4UN-c-f-DELju0PQGxgfDrQCLcBGAsYHQ/s16000/diyabette-diyet.png
Requested by
Host: ldaht.location-bonaparte-ajaccio.fr
URL: https://ldaht.location-bonaparte-ajaccio.fr/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4006:822::2001 Hudson Falls, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
fife /
Resource Hash
444b2c8e7dbf0a3f573c828e86568d865cefe4191e15eae82710b03c9381ea30
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://ldaht.location-bonaparte-ajaccio.fr/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36

Response headers

date
Tue, 29 Nov 2022 11:56:38 GMT
x-content-type-options
nosniff
server
fife
etag
"v4c3"
vary
Origin
content-type
image/png
access-control-allow-origin
*
access-control-expose-headers
Content-Length
cache-control
public, max-age=86400, no-transform
content-disposition
inline;filename="diyabette-diyet.png"
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
113164
x-xss-protection
0
expires
Wed, 30 Nov 2022 11:56:38 GMT
1229198_620x410.jpg
im.haberturk.com/2016/04/23/ver1461371497/ 		29 KB
29 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://im.haberturk.com/2016/04/23/ver1461371497/1229198_620x410.jpg
Requested by
Host: ldaht.location-bonaparte-ajaccio.fr
URL: https://ldaht.location-bonaparte-ajaccio.fr/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
51.81.107.96 Warrenton, United States, ASN16276 (OVH, FR),
Reverse DNS
ns1000014.ip-51-81-107.us
Software
MerlinCDN /
Resource Hash
26b83a078c138aadf573d3efc3da45ab0a66ffded0e478a05f1d99e2057a77b4

Request headers

accept-language
en-US,en;q=0.9
Referer
https://ldaht.location-bonaparte-ajaccio.fr/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36

Response headers

date
Tue, 29 Nov 2022 11:56:38 GMT
via
HTTP/2.0 Merlin CDN
x-backend
S-23-166
age
0
x-midtier
de-fra-lea-s01
content-length
29822
last-modified
Sat, 23 Apr 2016 00:03:14 GMT
server
MerlinCDN
etag
"571abbc2-747e"
allow
GET, HEAD, OPTIONS
content-type
image/jpeg
access-control-allow-origin
*
x-edge
us-vga-ovc-s04
cache-control
max-age=604800
x-ecache
MISS
accept-ranges
bytes
x-mcache
MISS
jquery-3.3.1.min.js
code.jquery.com/ 		85 KB
30 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://code.jquery.com/jquery-3.3.1.min.js
Requested by
Host: ldaht.location-bonaparte-ajaccio.fr
URL: https://ldaht.location-bonaparte-ajaccio.fr/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2001:4de0:ac18::1:a:2b , Netherlands, ASN20446 (STACKPATH-CDN, US),
Reverse DNS
Software
nginx /
Resource Hash
160a426ff2894252cd7cebbdd6d6b7da8fcd319c65b70468f10b6690c45d02ef

Request headers

accept-language
en-US,en;q=0.9
Referer
https://ldaht.location-bonaparte-ajaccio.fr/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36

Response headers

date
Tue, 29 Nov 2022 11:56:38 GMT
content-encoding
gzip
last-modified
Wed, 16 Feb 2022 10:50:39 GMT
server
nginx
etag
W/"620cd6ff-1538f"
vary
Accept-Encoding
x-hw
1669722998.dop051.mi1.t,1669722998.cds234.mi1.hn,1669722998.cds247.mi1.c
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
max-age=315360000, public
accept-ranges
bytes
content-length
30288
bootstrap.min.js
stackpath.bootstrapcdn.com/bootstrap/4.1.1/js/ 		50 KB
15 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://stackpath.bootstrapcdn.com/bootstrap/4.1.1/js/bootstrap.min.js
Requested by
Host: ldaht.location-bonaparte-ajaccio.fr
URL: https://ldaht.location-bonaparte-ajaccio.fr/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700::6812:bcf , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
c5a17d46976d471cf060c5a0e25749a323d6ab20cf0910f40afed81047ba21ef
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
en-US,en;q=0.9
Referer
https://ldaht.location-bonaparte-ajaccio.fr/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36

Response headers

date
Tue, 29 Nov 2022 11:56:38 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
x-content-type-options
nosniff
cf-cache-status
HIT
content-encoding
br
cdn-edgestorageid
625, 617, 617
age
16101859
cdn-cachedat
2021-04-07 07:34:06
cdn-pullzone
252412
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
last-modified
Mon, 25 Jan 2021 22:04:05 GMT
server
cloudflare
cdn-requestpullcode
200
vary
Accept-Encoding
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
cdn-cache
HIT
cdn-uid
b1941f61-b576-4f40-80de-5677acb38f74
cache-control
public, max-age=31919000
cdn-requestid
59d3a89c722f0be8e2e5ff7d615de096
timing-allow-origin
*
cdn-requestcountrycode
US
cf-ray
771b2941bf55b3e5-MIA
cdn-requestpullsuccess
True
fa-solid-900.woff2
use.fontawesome.com/releases/v5.0.13/webfonts/ 		49 KB
50 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://use.fontawesome.com/releases/v5.0.13/webfonts/fa-solid-900.woff2
Requested by
Host: use.fontawesome.com
URL: https://use.fontawesome.com/releases/v5.0.13/css/all.css
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:e2::ac40:850f , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
cbbca7d9888b4a9eab7d479756d2924f9b067fd38dab376797029df741f96ee4

Request headers

Referer
https://use.fontawesome.com/releases/v5.0.13/css/all.css
Origin
https://ldaht.location-bonaparte-ajaccio.fr
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36

Response headers

date
Tue, 29 Nov 2022 11:56:38 GMT
cf-cache-status
MISS
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-amz-request-id
2BA1GTG5HTBS9963
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
50372
x-amz-id-2
mR48K2BYqT8+SJ561Ill9PvaORhrxiDEQYfFDPW/4/EECDEUFxaUO6nqiKcMUBG30xLK38HKLQI=
last-modified
Wed, 30 Jun 2021 15:27:47 GMT
server
cloudflare
etag
"8a8c0474283e0d9ef41743e5e486bf05"
access-control-max-age
3000
access-control-allow-methods
GET
content-type
font/woff2
access-control-allow-origin
*
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=L68KSNRzgf6TMdeRQ3reNegDwsH0LPOUP8xbbgM3hfBaATuQJ%2BjUKi14m3D3DPYWwfXBaKPZ%2F%2FBgsfZ8ZIT8JJ5ZRzQPuPgkB06HkgndKAzQS23MZFK8dgAJhHWccvRdhdkMTnOxKj%2BwYhriuhVAPc6e"}],"group":"cf-nel","max_age":604800}
vary
Origin, Access-Control-Request-Headers, Access-Control-Request-Method, Accept-Encoding
cache-control
max-age=31556926
accept-ranges
bytes
cf-ray
771b29444ea3b3eb-MIA
fa-brands-400.woff2
use.fontawesome.com/releases/v5.0.13/webfonts/ 		60 KB
60 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://use.fontawesome.com/releases/v5.0.13/webfonts/fa-brands-400.woff2
Requested by
Host: use.fontawesome.com
URL: https://use.fontawesome.com/releases/v5.0.13/css/all.css
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:e2::ac40:850f , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
1ddd3b7b68a96da02979f972e4e9a8b6af63b5a17c75d7c7e0e3901d9f3a729c

Request headers

Referer
https://use.fontawesome.com/releases/v5.0.13/css/all.css
Origin
https://ldaht.location-bonaparte-ajaccio.fr
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36

Response headers

date
Tue, 29 Nov 2022 11:56:38 GMT
cf-cache-status
MISS
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-amz-request-id
2BAD86Q3C5WWVSWQ
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
61336
x-amz-id-2
K7+GHoH5VQ7JkFENeIIyynqgxBavDX8wZQ9WENC18u1TY1Yjh2jZ9xx/4pJ83+kHG+qb5ucMvcI=
last-modified
Wed, 30 Jun 2021 15:27:47 GMT
server
cloudflare
etag
"3654744dc6d6c37c9b3582b57622df5e"
access-control-max-age
3000
access-control-allow-methods
GET
content-type
font/woff2
access-control-allow-origin
*
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=NBjZSsdIUiXL6VC%2FTxlH%2Bg%2BEY%2B4mDtwwlhU7udVjdAo2z2CSjc%2FGqayletXJHblstUgtU25GcYlJioZISfmfj5DKNL2AtHZCggSGYXntsYmp8XCoSsA4vls1yIaB6JYb1MNkiD9vnFNVJxEKd5FIHD%2FB"}],"group":"cf-nel","max_age":604800}
vary
Origin, Access-Control-Request-Headers, Access-Control-Request-Method, Accept-Encoding
cache-control
max-age=31556926
accept-ranges
bytes
cf-ray
771b2944ff84b3eb-MIA

Verdicts & Comments Add Verdict or Comment

8 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

string| q string| t string| s object| bGR string| ref object| bootstrap function| $ function| jQuery

1 Cookies

Domain/Path Name / Value
ldaht.location-bonaparte-ajaccio.fr/ Name: id
Value: 2e9fc6b2f1830ca11b01444eea712bb3

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

1.bp.blogspot.com
3.bp.blogspot.com
cariksarayshtbekiraksozoo.meb.k12.tr
code.jquery.com
im.haberturk.com
img3.aksam.com.tr
ldaht.location-bonaparte-ajaccio.fr
stackpath.bootstrapcdn.com
use.fontawesome.com
www.doctormito.com
www.libresensor.com
176.236.13.148
195.181.166.177
2001:4de0:ac18::1:a:2b
212.175.170.116
2606:4700:3035::ac43:b724
2606:4700:3037::ac43:d5af
2606:4700::6812:bcf
2606:4700:e2::ac40:850f
2607:f8b0:4006:822::2001
51.81.107.96
160a426ff2894252cd7cebbdd6d6b7da8fcd319c65b70468f10b6690c45d02ef
1ddd3b7b68a96da02979f972e4e9a8b6af63b5a17c75d7c7e0e3901d9f3a729c
20105cdc4ce8f30c07d1d599db81fd10ef5e0db5131945c0a39462cc70f8f79a
26b83a078c138aadf573d3efc3da45ab0a66ffded0e478a05f1d99e2057a77b4
31df1e69ea3aece8a8bae5c08bcb7f5e977cb76f886897b301355359b66a48ec
43730866612149a27f49159d7c4f19185c8694bb91bf41abc884a6fe1346e96e
444b2c8e7dbf0a3f573c828e86568d865cefe4191e15eae82710b03c9381ea30
59a08ae02c4702af684bb42aff5384ab549e55a24eb5381b0f6e4d8593fd8d64
9c95746d06119f8fdd246c8b1df13477ab01ad2bc8b877575f61b706e40e303f
ae73e4d86aa7d93b93382defbd116be7c57616590cf42fd6ffb88b542e8ec53e
b1576ddda85ab82b280bdf1980efa8f913606b742831baaf057ee6ca531c7715
c5a17d46976d471cf060c5a0e25749a323d6ab20cf0910f40afed81047ba21ef
c9b2e4f6e87c5c8f3308b10913af07bdd22ef2252bb179e8b12fafbb88709027
cbbca7d9888b4a9eab7d479756d2924f9b067fd38dab376797029df741f96ee4
ecca00b031a1f7f7578778d31772a983ae5e445bed8b0179bcdd29115678e30e