urlscan.io logo urlscan.io
SecurityTrails logo

www.pleinderreduc.com Open in urlscan Pro
52.215.57.68  Public Scan

Go To Rescan Add Verdict Report
Submitted URL: http://mld.pleinderreduc.com/
Effective URL: https://www.pleinderreduc.com/
Submission: On March 13 via manual from FR — Scanned from FR
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 5 IPs in 3 countries across 4 domains to perform 18 HTTP transactions. The main IP is 52.215.57.68, located in Dublin, Ireland and belongs to AMAZON-02, US. The main domain is www.pleinderreduc.com.
TLS certificate: Issued by Amazon RSA 2048 M02 on August 9th 2023. Valid for: a year.
This is the only time www.pleinderreduc.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
1 1 52.30.13.244 16509 (AMAZON-02)
1 1 52.210.250.148 16509 (AMAZON-02)
6 52.215.57.68 16509 (AMAZON-02)
2 108.138.7.125 16509 (AMAZON-02)
4 2a00:1450:400... 15169 (GOOGLE)
4 2a00:1450:400... 15169 (GOOGLE)
2 2a00:1450:400... 15169 (GOOGLE)
18 5
1    52.30.13.244 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-52-30-13-244.eu-west-1.compute.amazonaws.com
mld.pleinderreduc.com
1    52.210.250.148 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-52-210-250-148.eu-west-1.compute.amazonaws.com
mld.pleinderreduc.com
6    52.215.57.68 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-52-215-57-68.eu-west-1.compute.amazonaws.com
www.pleinderreduc.com
2    108.138.7.125 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-108-138-7-125.fra56.r.cloudfront.net
static.mailipost.net
4    2a00:1450:4001:80b::2004 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.google.com
4    2a00:1450:4001:81c::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.gstatic.com
2    2a00:1450:4001:80b::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
fonts.gstatic.com
Apex Domain
Subdomains		 Transfer
8 pleinderreduc.com
mld.pleinderreduc.com
www.pleinderreduc.com
27 KB
6 gstatic.com
www.gstatic.com
fonts.gstatic.com
449 KB
4 google.com
www.google.com — Cisco Umbrella Rank: 2
37 KB
2 mailipost.net
static.mailipost.net
70 KB
18 4
Domain Requested by
6 www.pleinderreduc.com www.pleinderreduc.com
4 www.gstatic.com www.google.com
www.gstatic.com
4 www.google.com www.pleinderreduc.com
www.gstatic.com
www.google.com
2 fonts.gstatic.com www.google.com
2 static.mailipost.net www.pleinderreduc.com
2 mld.pleinderreduc.com 2 redirects
18 6

This site contains links to these domains. Also see Links.

Domain
conso.bloctel.fr
Subject Issuer Validity Valid
www.pleinderreduc.com
Amazon RSA 2048 M02		 2023-08-09 -
2024-09-07		 a year crt.sh
*.mailipost.net
Amazon RSA 2048 M03		 2024-01-15 -
2025-02-11		 a year crt.sh
www.google.com
GTS CA 1C3		 2024-02-19 -
2024-05-13		 3 months crt.sh
*.gstatic.com
GTS CA 1C3		 2024-02-19 -
2024-05-13		 3 months crt.sh
*.google.com
GTS CA 1C3		 2024-02-19 -
2024-05-13		 3 months crt.sh

This page contains 2 frames:

Primary Page: https://www.pleinderreduc.com/
Frame ID: BC2623E0BA287A3FD4191FA2CE780A17
Requests: 10 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/anchor?ar=1&k=6Ld6ITseAAAAAE4bBYvguAp-24KYz6-Ss5P1zmMN&co=aHR0cHM6Ly93d3cucGxlaW5kZXJyZWR1Yy5jb206NDQz&hl=fr&v=QquE1_MNjnFHgZF4HPsEcf_2&size=invisible&cb=gq5v3pdhndsk
Frame ID: AC0240CC38B32B194B244996665EA709
Requests: 8 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page Title

Plein de reduc

Page URL History Show full URLs

  1. http://mld.pleinderreduc.com/ HTTP 301
    https://mld.pleinderreduc.com/ HTTP 302
    https://www.pleinderreduc.com/ Page URL

Detected technologies

Overall confidence: 100%
Detected patterns
  • /recaptcha/api\.js

Page Statistics

18
Requests

100 %
HTTPS

43 %
IPv6

4
Domains

6
Subdomains

5
IPs

3
Countries

583 kB
Transfer

1268 kB
Size

2
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. http://mld.pleinderreduc.com/ HTTP 301
    https://mld.pleinderreduc.com/ HTTP 302
    https://www.pleinderreduc.com/ Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

18 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Primary Request /
www.pleinderreduc.com/
Redirect Chain
  • http://mld.pleinderreduc.com/
  • https://mld.pleinderreduc.com/
  • https://www.pleinderreduc.com/
37 KB
11 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://www.pleinderreduc.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.215.57.68 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-215-57-68.eu-west-1.compute.amazonaws.com
Software
nginx /
Resource Hash
7710b952f1d5fb32c003c6e2c6eb20ae0b46f668114e5aa0332d1852fe2a008b

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36
accept-language
fr-FR,fr;q=0.9

Response headers

cache-control
max-age=0, must-revalidate, private
content-encoding
gzip
content-type
text/html; charset=UTF-8
date
Wed, 13 Mar 2024 11:10:43 GMT
expires
Wed, 13 Mar 2024 11:10:43 GMT
server
nginx
vary
Accept-Encoding

Redirect headers

cache-control
no-cache
content-type
text/html; charset=UTF-8
date
Wed, 13 Mar 2024 11:10:42 GMT
location
https://www.pleinderreduc.com/
server
nginx
x-riverline-app
Mailody
minisite_regie2.166acc92.css
www.pleinderreduc.com/build/ 		10 KB
3 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://www.pleinderreduc.com/build/minisite_regie2.166acc92.css
Requested by
Host: www.pleinderreduc.com
URL: https://www.pleinderreduc.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.215.57.68 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-215-57-68.eu-west-1.compute.amazonaws.com
Software
nginx /
Resource Hash
28c6b688beeae6c1dfab81e301f128dd80e0c95ed47c51942abbbe2e7537e945

Request headers

accept-language
fr-FR,fr;q=0.9
Referer
https://www.pleinderreduc.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36

Response headers

date
Wed, 13 Mar 2024 11:10:43 GMT
content-encoding
gzip
last-modified
Wed, 06 Mar 2024 10:52:39 GMT
server
nginx
etag
W/"65e84af7-287e"
vary
Accept-Encoding
content-type
text/css
logo.png
static.mailipost.net/minisites/pleindereduc/ 		14 KB
15 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static.mailipost.net/minisites/pleindereduc/logo.png
Requested by
Host: www.pleinderreduc.com
URL: https://www.pleinderreduc.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
108.138.7.125 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-108-138-7-125.fra56.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
1ebaf786d71fd906ce65295c794cd20c934e0d456f5e0c9e85ec742ddfa7a4ed

Request headers

accept-language
fr-FR,fr;q=0.9
Referer
https://www.pleinderreduc.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36

Response headers

date
Wed, 13 Mar 2024 05:44:01 GMT
via
1.1 e96aebc8d7c9ec82b88c3160a18fed96.cloudfront.net (CloudFront)
last-modified
Thu, 02 Jun 2022 09:33:53 GMT
server
AmazonS3
x-amz-cf-pop
FRA56-P6
age
19603
x-amz-server-side-encryption
AES256
etag
"c84d35f4aa7249d40a85b2e2c05a8e09"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
image/jpeg
accept-ranges
bytes
content-length
14512
x-amz-cf-id
kYZQwSR4NJHfE5AG8su1fzaL7uGPgTVBPjCrz209q9tkHrVc0hYmzA==
banner.jpg
static.mailipost.net/minisites/pleindereduc/ 		55 KB
55 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static.mailipost.net/minisites/pleindereduc/banner.jpg
Requested by
Host: www.pleinderreduc.com
URL: https://www.pleinderreduc.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
108.138.7.125 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-108-138-7-125.fra56.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
84cf99c2941be29ee2822cad881af05623bd6e021b4bf28749dcb638577dc379

Request headers

accept-language
fr-FR,fr;q=0.9
Referer
https://www.pleinderreduc.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36

Response headers

date
Wed, 13 Mar 2024 08:00:48 GMT
via
1.1 e96aebc8d7c9ec82b88c3160a18fed96.cloudfront.net (CloudFront)
last-modified
Thu, 02 Jun 2022 09:33:53 GMT
server
AmazonS3
x-amz-cf-pop
FRA56-P6
age
11396
x-amz-server-side-encryption
AES256
etag
"356b106c1ee4d0999982af31f6a8498d"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
image/jpeg
accept-ranges
bytes
content-length
56381
x-amz-cf-id
mitOIO1jEJ0J8wtZtPVO0oqE4MFlmcsh9W2PmBFc6ft1I_CmvFRevA==
api.js
www.google.com/recaptcha/ 		1 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.google.com/recaptcha/api.js?render=6Ld6ITseAAAAAE4bBYvguAp-24KYz6-Ss5P1zmMN
Requested by
Host: www.pleinderreduc.com
URL: https://www.pleinderreduc.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80b::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
GSE /
Resource Hash
cd28f985e13e0d0c810ee642f1ce05d9aa884b449b4866c29a4ada8230870b8f
Security Headers
Name Value
Content-Security-Policy frame-ancestors 'self'
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
fr-FR,fr;q=0.9
Referer
https://www.pleinderreduc.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36

Response headers

date
Wed, 13 Mar 2024 11:10:43 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy
frame-ancestors 'self'
server
GSE
x-frame-options
SAMEORIGIN
content-type
text/javascript; charset=utf-8
cache-control
private, max-age=300
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection
1; mode=block
expires
Wed, 13 Mar 2024 11:10:43 GMT
x.png
www.pleinderreduc.com/build/minisite/images/ 		1 KB
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.pleinderreduc.com/build/minisite/images/x.png
Requested by
Host: www.pleinderreduc.com
URL: https://www.pleinderreduc.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.215.57.68 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-215-57-68.eu-west-1.compute.amazonaws.com
Software
nginx /
Resource Hash
d46c0a1fd715a3b29ac80d94880915058f3504348c20b6839607a78b2b3312b3

Request headers

accept-language
fr-FR,fr;q=0.9
Referer
https://www.pleinderreduc.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36

Response headers

date
Wed, 13 Mar 2024 11:10:43 GMT
last-modified
Wed, 06 Mar 2024 10:52:39 GMT
server
nginx
accept-ranges
bytes
etag
"65e84af7-42a"
content-length
1066
content-type
image/png
dpo_email.jpg
www.pleinderreduc.com/build/minisite/images/ 		7 KB
7 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.pleinderreduc.com/build/minisite/images/dpo_email.jpg
Requested by
Host: www.pleinderreduc.com
URL: https://www.pleinderreduc.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.215.57.68 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-215-57-68.eu-west-1.compute.amazonaws.com
Software
nginx /
Resource Hash
ed4213ee3f28b05d12a03c80ff8e8afad3c3ddff0e6835cd178be6e5114e30fe

Request headers

accept-language
fr-FR,fr;q=0.9
Referer
https://www.pleinderreduc.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36

Response headers

date
Wed, 13 Mar 2024 11:10:43 GMT
last-modified
Wed, 06 Mar 2024 10:52:39 GMT
server
nginx
accept-ranges
bytes
etag
"65e84af7-1c32"
content-length
7218
content-type
image/jpeg
runtime.7576e7bf.js
www.pleinderreduc.com/build/ 		1 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.pleinderreduc.com/build/runtime.7576e7bf.js
Requested by
Host: www.pleinderreduc.com
URL: https://www.pleinderreduc.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.215.57.68 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-215-57-68.eu-west-1.compute.amazonaws.com
Software
nginx /
Resource Hash
b4fa567cbf1260f3a3eb142e37b6201533a0112b85b8986d1c78d773a8e955ad

Request headers

accept-language
fr-FR,fr;q=0.9
Referer
https://www.pleinderreduc.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36

Response headers

date
Wed, 13 Mar 2024 11:10:43 GMT
last-modified
Wed, 06 Mar 2024 10:52:39 GMT
server
nginx
accept-ranges
bytes
etag
"65e84af7-5e1"
content-length
1505
content-type
application/javascript
minisite_regie2.61ca3f11.js
www.pleinderreduc.com/build/ 		2 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.pleinderreduc.com/build/minisite_regie2.61ca3f11.js
Requested by
Host: www.pleinderreduc.com
URL: https://www.pleinderreduc.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.215.57.68 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-215-57-68.eu-west-1.compute.amazonaws.com
Software
nginx /
Resource Hash
6f1d044a6b2823315f2490f644b949726edb77e98f194674ba3a11d989d87a12

Request headers

accept-language
fr-FR,fr;q=0.9
Referer
https://www.pleinderreduc.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36

Response headers

date
Wed, 13 Mar 2024 11:10:43 GMT
last-modified
Wed, 06 Mar 2024 10:52:39 GMT
server
nginx
accept-ranges
bytes
etag
"65e84af7-893"
content-length
2195
content-type
application/javascript
recaptcha__fr.js
www.gstatic.com/recaptcha/releases/QquE1_MNjnFHgZF4HPsEcf_2/ 		495 KB
196 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.gstatic.com/recaptcha/releases/QquE1_MNjnFHgZF4HPsEcf_2/recaptcha__fr.js
Requested by
Host: www.google.com
URL: https://www.google.com/recaptcha/api.js?render=6Ld6ITseAAAAAE4bBYvguAp-24KYz6-Ss5P1zmMN
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:81c::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
173bb5afd44c175a47112d8a55f0bcfdbd625730b76dbadfac296a9cc74c30cc
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.pleinderreduc.com/
Origin
https://www.pleinderreduc.com
accept-language
fr-FR,fr;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36

Response headers

date
Mon, 11 Mar 2024 19:54:55 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
141348
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
200455
x-xss-protection
0
last-modified
Mon, 04 Mar 2024 05:02:47 GMT
server
sffe
cross-origin-opener-policy
same-origin-allow-popups; report-to="recaptcha"
vary
Accept-Encoding
report-to
{"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-type
text/javascript
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Tue, 11 Mar 2025 19:54:55 GMT
anchor
www.google.com/recaptcha/api2/ Frame AC02 		45 KB
29 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://www.google.com/recaptcha/api2/anchor?ar=1&k=6Ld6ITseAAAAAE4bBYvguAp-24KYz6-Ss5P1zmMN&co=aHR0cHM6Ly93d3cucGxlaW5kZXJyZWR1Yy5jb206NDQz&hl=fr&v=QquE1_MNjnFHgZF4HPsEcf_2&size=invisible&cb=gq5v3pdhndsk
Requested by
Host: www.gstatic.com
URL: https://www.gstatic.com/recaptcha/releases/QquE1_MNjnFHgZF4HPsEcf_2/recaptcha__fr.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80b::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
GSE /
Resource Hash
33c90076e79a22a115470ca02953225740f52a78a83b0875faee755a10c90f98
Security Headers
Name Value
Content-Security-Policy script-src 'report-sample' 'nonce-_67vCRbzF2H4wqIqCaGnTQ' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://www.pleinderreduc.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36
accept-language
fr-FR,fr;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
no-cache, no-store, max-age=0, must-revalidate
content-encoding
gzip
content-security-policy
script-src 'report-sample' 'nonce-_67vCRbzF2H4wqIqCaGnTQ' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-type
text/html; charset=utf-8
cross-origin-embedder-policy
require-corp
cross-origin-resource-policy
cross-origin
date
Wed, 13 Mar 2024 11:10:43 GMT
expires
Mon, 01 Jan 1990 00:00:00 GMT
pragma
no-cache
report-to
{"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
server
GSE
x-content-type-options
nosniff
x-xss-protection
1; mode=block
styles__ltr.css
www.gstatic.com/recaptcha/releases/QquE1_MNjnFHgZF4HPsEcf_2/ Frame AC02 		55 KB
24 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://www.gstatic.com/recaptcha/releases/QquE1_MNjnFHgZF4HPsEcf_2/styles__ltr.css
Requested by
Host: www.google.com
URL: https://www.google.com/recaptcha/api2/anchor?ar=1&k=6Ld6ITseAAAAAE4bBYvguAp-24KYz6-Ss5P1zmMN&co=aHR0cHM6Ly93d3cucGxlaW5kZXJyZWR1Yy5jb206NDQz&hl=fr&v=QquE1_MNjnFHgZF4HPsEcf_2&size=invisible&cb=gq5v3pdhndsk
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:81c::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
7859a62e04b0acb06516eb12454de6673883ecfaeaed6c254659bca7cd59c050
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
fr-FR,fr;q=0.9
Referer
https://www.google.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36

Response headers

date
Wed, 13 Mar 2024 10:45:59 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
1484
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
24606
x-xss-protection
0
last-modified
Mon, 04 Mar 2024 05:02:47 GMT
server
sffe
cross-origin-opener-policy
same-origin-allow-popups; report-to="recaptcha"
vary
Accept-Encoding
report-to
{"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-type
text/css
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Thu, 13 Mar 2025 10:45:59 GMT
recaptcha__fr.js
www.gstatic.com/recaptcha/releases/QquE1_MNjnFHgZF4HPsEcf_2/ Frame AC02 		495 KB
196 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.gstatic.com/recaptcha/releases/QquE1_MNjnFHgZF4HPsEcf_2/recaptcha__fr.js
Requested by
Host: www.google.com
URL: https://www.google.com/recaptcha/api2/anchor?ar=1&k=6Ld6ITseAAAAAE4bBYvguAp-24KYz6-Ss5P1zmMN&co=aHR0cHM6Ly93d3cucGxlaW5kZXJyZWR1Yy5jb206NDQz&hl=fr&v=QquE1_MNjnFHgZF4HPsEcf_2&size=invisible&cb=gq5v3pdhndsk
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:81c::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
173bb5afd44c175a47112d8a55f0bcfdbd625730b76dbadfac296a9cc74c30cc
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
fr-FR,fr;q=0.9
Referer
https://www.google.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36

Response headers

date
Mon, 11 Mar 2024 19:54:55 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
141348
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
200455
x-xss-protection
0
last-modified
Mon, 04 Mar 2024 05:02:47 GMT
server
sffe
cross-origin-opener-policy
same-origin-allow-popups; report-to="recaptcha"
vary
Accept-Encoding
report-to
{"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-type
text/javascript
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Tue, 11 Mar 2025 19:54:55 GMT
v77SiQbcxtK1O5ek11TdloiB5zZ00UAxE3PsP-319e4.js
www.google.com/js/bg/ Frame AC02 		17 KB
7 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.google.com/js/bg/v77SiQbcxtK1O5ek11TdloiB5zZ00UAxE3PsP-319e4.js
Requested by
Host: www.gstatic.com
URL: https://www.gstatic.com/recaptcha/releases/QquE1_MNjnFHgZF4HPsEcf_2/recaptcha__fr.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80b::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
bfbed28906dcc6d2b53b97a4d754dd968881e73674d140311373ec3fedf5f5ee
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
fr-FR,fr;q=0.9
Referer
https://www.google.com/recaptcha/api2/anchor?ar=1&k=6Ld6ITseAAAAAE4bBYvguAp-24KYz6-Ss5P1zmMN&co=aHR0cHM6Ly93d3cucGxlaW5kZXJyZWR1Yy5jb206NDQz&hl=fr&v=QquE1_MNjnFHgZF4HPsEcf_2&size=invisible&cb=gq5v3pdhndsk
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36

Response headers

date
Sun, 10 Mar 2024 10:09:48 GMT
content-encoding
br
x-content-type-options
nosniff
age
262855
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
7341
x-xss-protection
0
last-modified
Mon, 04 Mar 2024 15:30:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="botguard-scs"
vary
Accept-Encoding
report-to
{"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Mon, 10 Mar 2025 10:09:48 GMT
logo_48.png
www.gstatic.com/recaptcha/api2/ Frame AC02 		2 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.gstatic.com/recaptcha/api2/logo_48.png
Requested by
Host: www.gstatic.com
URL: https://www.gstatic.com/recaptcha/releases/QquE1_MNjnFHgZF4HPsEcf_2/styles__ltr.css
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:81c::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
1b9efb22c938500971aac2b2130a475fa23684dd69e43103894968df83145b8a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
fr-FR,fr;q=0.9
Referer
https://www.gstatic.com/recaptcha/releases/QquE1_MNjnFHgZF4HPsEcf_2/styles__ltr.css
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36

Response headers

date
Tue, 12 Mar 2024 03:45:28 GMT
x-content-type-options
nosniff
age
113115
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
2228
x-xss-protection
0
last-modified
Tue, 03 Mar 2020 20:15:00 GMT
server
sffe
cross-origin-opener-policy
same-origin-allow-popups; report-to="recaptcha"
report-to
{"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-type
image/png
cache-control
public, max-age=604800
accept-ranges
bytes
expires
Tue, 19 Mar 2024 03:45:28 GMT
KFOmCnqEu92Fr1Mu4mxK.woff2
fonts.gstatic.com/s/roboto/v18/ Frame AC02 		15 KB
15 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/roboto/v18/KFOmCnqEu92Fr1Mu4mxK.woff2
Requested by
Host: www.google.com
URL: https://www.google.com/recaptcha/api2/anchor?ar=1&k=6Ld6ITseAAAAAE4bBYvguAp-24KYz6-Ss5P1zmMN&co=aHR0cHM6Ly93d3cucGxlaW5kZXJyZWR1Yy5jb206NDQz&hl=fr&v=QquE1_MNjnFHgZF4HPsEcf_2&size=invisible&cb=gq5v3pdhndsk
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80b::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
3e253b66056519aa065b00a453bac37ac5ed8f3e6fe7b542e93a9dcdcc11d0bc
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.google.com/
Origin
https://www.google.com
accept-language
fr-FR,fr;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36

Response headers

date
Mon, 11 Mar 2024 21:26:23 GMT
x-content-type-options
nosniff
age
135861
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
15344
x-xss-protection
0
last-modified
Mon, 16 Oct 2017 17:32:55 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Tue, 11 Mar 2025 21:26:23 GMT
KFOlCnqEu92Fr1MmEU9fBBc4.woff2
fonts.gstatic.com/s/roboto/v18/ Frame AC02 		15 KB
16 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/roboto/v18/KFOlCnqEu92Fr1MmEU9fBBc4.woff2
Requested by
Host: www.google.com
URL: https://www.google.com/recaptcha/api2/anchor?ar=1&k=6Ld6ITseAAAAAE4bBYvguAp-24KYz6-Ss5P1zmMN&co=aHR0cHM6Ly93d3cucGxlaW5kZXJyZWR1Yy5jb206NDQz&hl=fr&v=QquE1_MNjnFHgZF4HPsEcf_2&size=invisible&cb=gq5v3pdhndsk
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80b::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
5a8c1e7681318caa29e9f44e8a6e271f6a4067a2703e9916dfd4fe9099241db7
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.google.com/
Origin
https://www.google.com
accept-language
fr-FR,fr;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36

Response headers

date
Tue, 12 Mar 2024 09:11:37 GMT
x-content-type-options
nosniff
age
93547
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
15552
x-xss-protection
0
last-modified
Mon, 16 Oct 2017 17:33:02 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Wed, 12 Mar 2025 09:11:37 GMT
webworker.js
www.google.com/recaptcha/api2/ Frame AC02 		102 B
135 B 		Other
General
Check archive.org
Download Go to
Full URL
https://www.google.com/recaptcha/api2/webworker.js?hl=fr&v=QquE1_MNjnFHgZF4HPsEcf_2
Requested by
Host: www.google.com
URL: https://www.google.com/recaptcha/api2/anchor?ar=1&k=6Ld6ITseAAAAAE4bBYvguAp-24KYz6-Ss5P1zmMN&co=aHR0cHM6Ly93d3cucGxlaW5kZXJyZWR1Yy5jb206NDQz&hl=fr&v=QquE1_MNjnFHgZF4HPsEcf_2&size=invisible&cb=gq5v3pdhndsk
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80b::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
GSE /
Resource Hash
5c11dda0ad0c080331472b2ff203079897e47ad6724251914c49a41ab8bc5462
Security Headers
Name Value
Content-Security-Policy frame-ancestors 'self'
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
fr-FR,fr;q=0.9
Referer
https://www.google.com/recaptcha/api2/anchor?ar=1&k=6Ld6ITseAAAAAE4bBYvguAp-24KYz6-Ss5P1zmMN&co=aHR0cHM6Ly93d3cucGxlaW5kZXJyZWR1Yy5jb206NDQz&hl=fr&v=QquE1_MNjnFHgZF4HPsEcf_2&size=invisible&cb=gq5v3pdhndsk
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36

Response headers

date
Wed, 13 Mar 2024 11:10:43 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy
frame-ancestors 'self'
server
GSE
cross-origin-embedder-policy
require-corp
x-frame-options
SAMEORIGIN
report-to
{"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-type
text/javascript; charset=utf-8
cache-control
private, max-age=300
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection
1; mode=block
expires
Wed, 13 Mar 2024 11:10:43 GMT

Verdicts & Comments Add Verdict or Comment

11 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| 0 object| 1 object| ___grecaptcha_cfg object| grecaptcha string| __recaptcha_api boolean| __google_recaptcha_client object| grecaptchaInput object| grecaptchaForm object| webpackJsonp object| recaptcha object| closure_lm_803550

2 Cookies

Domain/Path Name / Value
mld.pleinderreduc.com/ Name: device_view
Value: full
www.pleinderreduc.com/ Name: PHPSESSID
Value: ca742aa3a1d56765e5eb50e71f6c2ec6

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

fonts.gstatic.com
mld.pleinderreduc.com
static.mailipost.net
www.google.com
www.gstatic.com
www.pleinderreduc.com
108.138.7.125
2a00:1450:4001:80b::2003
2a00:1450:4001:80b::2004
2a00:1450:4001:81c::2003
52.210.250.148
52.215.57.68
52.30.13.244
173bb5afd44c175a47112d8a55f0bcfdbd625730b76dbadfac296a9cc74c30cc
1b9efb22c938500971aac2b2130a475fa23684dd69e43103894968df83145b8a
1ebaf786d71fd906ce65295c794cd20c934e0d456f5e0c9e85ec742ddfa7a4ed
28c6b688beeae6c1dfab81e301f128dd80e0c95ed47c51942abbbe2e7537e945
33c90076e79a22a115470ca02953225740f52a78a83b0875faee755a10c90f98
3e253b66056519aa065b00a453bac37ac5ed8f3e6fe7b542e93a9dcdcc11d0bc
5a8c1e7681318caa29e9f44e8a6e271f6a4067a2703e9916dfd4fe9099241db7
5c11dda0ad0c080331472b2ff203079897e47ad6724251914c49a41ab8bc5462
6f1d044a6b2823315f2490f644b949726edb77e98f194674ba3a11d989d87a12
7710b952f1d5fb32c003c6e2c6eb20ae0b46f668114e5aa0332d1852fe2a008b
7859a62e04b0acb06516eb12454de6673883ecfaeaed6c254659bca7cd59c050
84cf99c2941be29ee2822cad881af05623bd6e021b4bf28749dcb638577dc379
b4fa567cbf1260f3a3eb142e37b6201533a0112b85b8986d1c78d773a8e955ad
bfbed28906dcc6d2b53b97a4d754dd968881e73674d140311373ec3fedf5f5ee
cd28f985e13e0d0c810ee642f1ce05d9aa884b449b4866c29a4ada8230870b8f
d46c0a1fd715a3b29ac80d94880915058f3504348c20b6839607a78b2b3312b3
ed4213ee3f28b05d12a03c80ff8e8afad3c3ddff0e6835cd178be6e5114e30fe