www.leewardspacefoundation.org Open in urlscan Pro
172.67.175.130 Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
http://leewardspacefoundation.org/
Effective URL:
https://www.leewardspacefoundation.org/
Submission: On April 02 via api (April 2nd 2024, 3:39:52 pm UTC) from US — Scanned from DE

Summary HTTP 22 Redirects Links 5 Behaviour Indicators

Summary

This website contacted 7 IPs in 3 countries across 5 domains to perform 22 HTTP transactions. The main IP is 172.67.175.130, located in United States and belongs to CLOUDFLARENET, US. The main domain is www.leewardspacefoundation.org.
TLS certificate: Issued by GTS CA 1P5 on February 17th 2024. Valid for: 3 months.

This is the only time www.leewardspacefoundation.org was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
2 12	172.67.175.130 172.67.175.130	13335 (CLOUDFLAR...) (CLOUDFLARENET)
3	2a00:1450:400... 2a00:1450:4001:81c::2001	15169 (GOOGLE) (GOOGLE)
5	2a00:1450:400... 2a00:1450:4001:80e::2001	15169 (GOOGLE) (GOOGLE)
1	188.114.96.3 188.114.96.3	13335 (CLOUDFLAR...) (CLOUDFLARENET)
2	142.250.184.225 142.250.184.225	15169 (GOOGLE) (GOOGLE)
1	172.67.134.137 172.67.134.137	13335 (CLOUDFLAR...) (CLOUDFLARENET)
22	7

12 172.67.175.130 (United States) 2 redirects

ASN13335 (CLOUDFLARENET, US)

leewardspacefoundation.org	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
www.leewardspacefoundation.org	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1450:4001:81c::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

cdn.ampproject.org	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 2a00:1450:4001:80e::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

3.bp.blogspot.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 188.114.96.3 (Amsterdam, Netherlands)

ASN13335 (CLOUDFLARENET, US)

imbwlbank.mytestme.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 142.250.184.225 (United States)

ASN15169 (GOOGLE, US)
PTR: fra24s12-in-f1.1e100.net

cdn.ampproject.org	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 172.67.134.137 (United States)

ASN13335 (CLOUDFLARENET, US)

tabelpakde.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
12	leewardspacefoundation.org 2 redirects leewardspacefoundation.org www.leewardspacefoundation.org	304 KB
5	blogspot.com 3.bp.blogspot.com — Cisco Umbrella Rank: 17894	192 KB
5	ampproject.org cdn.ampproject.org — Cisco Umbrella Rank: 389	98 KB
1	tabelpakde.com tabelpakde.com — Cisco Umbrella Rank: 455694
1	mytestme.com imbwlbank.mytestme.com	36 KB
22	5

	Domain	Requested by
11	www.leewardspacefoundation.org	1 redirects www.leewardspacefoundation.org
5	3.bp.blogspot.com	www.leewardspacefoundation.org
5	cdn.ampproject.org	www.leewardspacefoundation.org cdn.ampproject.org
1	tabelpakde.com	cdn.ampproject.org
1	imbwlbank.mytestme.com	www.leewardspacefoundation.org
1	leewardspacefoundation.org	1 redirects
22	6

This site contains links to these domains. Also see Links.

Domain
cutt.ly
www.google.com

Subject Issuer	Validity	Valid
leewardspacefoundation.org GTS CA 1P5	`2024-02-17` - `2024-05-17`	3 months	crt.sh
misc-sni.google.com GTS CA 1C3	`2024-03-04` - `2024-05-27`	3 months	crt.sh
misc-sni.blogspot.com GTS CA 1C3	`2024-03-04` - `2024-05-27`	3 months	crt.sh
mytestme.com E1	`2024-02-14` - `2024-05-14`	3 months	crt.sh
tabelpakde.com E1	`2024-02-22` - `2024-05-22`	3 months	crt.sh

This page contains 2 frames:

Primary Page: https://www.leewardspacefoundation.org/
Frame ID: 73B07405A8094E135EEDC213DB52B5DC
Requests: 22 HTTP requests in this frame

Frame: https://tabelpakde.com/
Frame ID: 1F39D23B1449D4EF9929C131E291B40B
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

Data SGP - Togel Singapore - Keluaran SGP - Toto SGP Hari Ini

Page URL History Show full URLs

http://leewardspacefoundation.org/ HTTP 307
https://leewardspacefoundation.org/ HTTP 301
http://www.leewardspacefoundation.org/ HTTP 307
https://www.leewardspacefoundation.org/ Page URL

Detected technologies

Lightbox (JavaScript Libraries) Expand

Page Statistics

22
Requests

95 %
HTTPS

33 %
IPv6

5
Domains

6
Subdomains

7
IPs

3
Countries

628 kB
Transfer

913 kB
Size

0
Cookies

5 Outgoing links

These are links going to different origins than the main page.

URL: https://cutt.ly/daftarsalju4d
Title: DAFTAR

Search URL Search Domain Scan URL

URL: https://cutt.ly/salju4d
Title: LOGIN

Search URL Search Domain Scan URL

URL: https://cutt.ly/wasalju4d
Title: <img src="https://www.leewardspacefoundation.org/img/Whatsapp.png" width="25" height="25" class="nc">WA Resmi

Search URL Search Domain Scan URL

URL: https://www.google.com/
Title: google

Search URL Search Domain Scan URL

URL: https://cutt.ly/Cs-Salju4d
Title: <img src="https://www.leewardspacefoundation.org/img/livechat.webp" width="20" height="25" class="ce nc">LIVECHAT

Search URL Search Domain Scan URL

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

http://leewardspacefoundation.org/ HTTP 307
https://leewardspacefoundation.org/ HTTP 301
http://www.leewardspacefoundation.org/ HTTP 307
https://www.leewardspacefoundation.org/ Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 13

https://www.leewardspacefoundation.org/img/Whatsapp.png HTTP 302
https://www.leewardspacefoundation.org/

22 HTTP transactions
1 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H3

200

Primary Request / Show response
www.leewardspacefoundation.org/
Redirect Chain

http://leewardspacefoundation.org/
https://leewardspacefoundation.org/
http://www.leewardspacefoundation.org/
https://www.leewardspacefoundation.org/

46 KB
12 KB

467ms
342ms

Document
text/html

172.67.175.130
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://www.leewardspacefoundation.org/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 172.67.175.130 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 3b7713650e4745bf7444dbce7c1c44210cecf2053f1ad4b20d5c670ca3143bbe

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=86400
cf-cache-status: DYNAMIC
cf-ray: 86e1e9df4b863803-FRA
content-encoding: br
content-type: text/html
date: Tue, 02 Apr 2024 15:39:46 GMT
last-modified: Wed, 02 Nov 2022 18:25:23 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=tx6V7g7JH2IV9pFJ6nwj7wd2LQtg%2FLuslHnoNrgABUvNiA77UhyWKNGdgu6OIOCFg3jVb3JI9BpalnBnjiX4cVcy7rvdwfgeaRL%2FnEbLHExVrog%2F1mRATFMT0aXCi8Moxw9P4tOYm0lqbgCs5KewmS8%3D"}],"group":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding

Redirect headers

Location: https://www.leewardspacefoundation.org/
Non-Authoritative-Reason: HttpsUpgrades

GET
H2 200 v0.js Show response
cdn.ampproject.org/ 278 KB
72 KB 163ms
78ms Script
text/javascript 2a00:1450:4001:81c::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/v0.js

Requested by

Host: www.leewardspacefoundation.org
URL: https://www.leewardspacefoundation.org/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:81c::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

7494b7d3bd7ebd4397018fb47a1afaad0d91140252ccdc13ace040f63ae3c5d2

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cdnjs.cloudflare.com/ajax/libs/font-awesome/ https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://www.leewardspacefoundation.org/
accept-language: de-DE,de;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cdnjs.cloudflare.com/ajax/libs/font-awesome/ https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding: br
x-content-type-options: nosniff
date: Tue, 02 Apr 2024 15:39:46 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 73162
x-xss-protection: 0
server: sffe
etag: "e1a7433a07fbec30"
vary: Accept-Encoding
report-to: {"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=3000, stale-while-revalidate=1206600
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="amphtml-china-available"
expires: Tue, 02 Apr 2024 15:39:46 GMT

GET
H3 200 slider2.webp
www.leewardspacefoundation.org/img/ 54 KB
55 KB 636ms
635ms Image
image/webp 172.67.175.130
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.leewardspacefoundation.org/img/slider2.webp
Requested by: Host: www.leewardspacefoundation.org
URL: https://www.leewardspacefoundation.org/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 172.67.175.130 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: dd11971c32adc6595e87e7c81626fb2628e462007bbaf10973960654872c3481

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://www.leewardspacefoundation.org/
accept-language: de-DE,de;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Tue, 02 Apr 2024 15:39:47 GMT
cf-cache-status: MISS
last-modified: Wed, 02 Nov 2022 17:55:37 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
etag: "d98c-6362af19-1f9a2a;;;"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=a5DRj%2FFG2UfS78hMK9V%2FuMRyMmcHj0GZcqqCTBmSChla4wyrXqTbDpb0dyTHKhEn9bsY47gQ5MjDvTnwqAcLCmYK7e3XkEFeAULSSyfc5KcHxu9FhQ4w0XeYf7ld8YlMqcGME8PfisHU4Ulnng%2FpgV8%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/webp
cache-control: public, max-age=604800
accept-ranges: bytes
cf-ray: 86e1e9e16dc03803-FRA
alt-svc: h3=":443"; ma=86400
content-length: 55692
expires: Tue, 09 Apr 2024 15:39:46 GMT

GET
H2 200 amp-sidebar-0.1.js Show response
cdn.ampproject.org/v0/ 31 KB
10 KB 143ms
67ms Script
text/javascript 2a00:1450:4001:81c::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/v0/amp-sidebar-0.1.js

Requested by

Host: www.leewardspacefoundation.org
URL: https://www.leewardspacefoundation.org/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:81c::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

228229aa5e0c8171fe119212e63c5683cde9917ec73b77471f063aae224a5517

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cdnjs.cloudflare.com/ajax/libs/font-awesome/ https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://www.leewardspacefoundation.org/
accept-language: de-DE,de;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cdnjs.cloudflare.com/ajax/libs/font-awesome/ https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding: br
x-content-type-options: nosniff
date: Tue, 02 Apr 2024 15:39:46 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 9634
x-xss-protection: 0
server: sffe
etag: "d5593fab4f46576b"
vary: Accept-Encoding
report-to: {"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=604800, stale-while-revalidate=604800
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="amphtml-china-available"
expires: Tue, 02 Apr 2024 15:39:46 GMT

GET
H2 200 amp-iframe-0.1.js Show response
cdn.ampproject.org/v0/ 25 KB
9 KB 194ms
119ms Script
text/javascript 2a00:1450:4001:81c::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/v0/amp-iframe-0.1.js

Requested by

Host: www.leewardspacefoundation.org
URL: https://www.leewardspacefoundation.org/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:81c::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

4f64967a98fb4f6ad153ead2036924dd5cfc931367e3a0378801b8a4bf175132

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cdnjs.cloudflare.com/ajax/libs/font-awesome/ https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://www.leewardspacefoundation.org/
accept-language: de-DE,de;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cdnjs.cloudflare.com/ajax/libs/font-awesome/ https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding: br
x-content-type-options: nosniff
date: Tue, 02 Apr 2024 15:39:46 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 8923
x-xss-protection: 0
server: sffe
etag: "d186a93ee9245627"
vary: Accept-Encoding
report-to: {"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=604800, stale-while-revalidate=604800
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="amphtml-china-available"
expires: Tue, 02 Apr 2024 15:39:46 GMT

GET
DATA 200
OK truncated
/ 198 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 9e833c2bb524b75edd90f3203dca8b9ccad32cd0c897b397bcee372728046a05

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36

Response headers

Content-Type: image/svg+xml;charset=utf8

GET
H2 200 togel.gif
3.bp.blogspot.com/-_0bWgarSPGs/XWOjh7HnRkI/AAAAAAAAAtc/GGKO3dMxtbcAaQEwNYHBQR81F977LJG4QCLcBGAs/s1600/ 38 KB
38 KB 234ms
150ms Image
image/gif 2a00:1450:4001:80e::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://3.bp.blogspot.com/-_0bWgarSPGs/XWOjh7HnRkI/AAAAAAAAAtc/GGKO3dMxtbcAaQEwNYHBQR81F977LJG4QCLcBGAs/s1600/togel.gif

Requested by

Host: www.leewardspacefoundation.org
URL: https://www.leewardspacefoundation.org/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80e::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

fife /

Resource Hash

3c1cd97930da74d4f4ca210f09306f86f516c74e6d1cf73d87f40799e2d1990c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://www.leewardspacefoundation.org/
accept-language: de-DE,de;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Tue, 02 Apr 2024 15:39:46 GMT
x-content-type-options: nosniff
server: fife
etag: "v2da"
vary: Origin
content-type: image/gif
access-control-allow-origin: *
access-control-expose-headers: Content-Length
cache-control: public, max-age=86400, no-transform
content-disposition: inline;filename="togel.gif"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 39007
x-xss-protection: 0
expires: Wed, 03 Apr 2024 15:39:46 GMT

GET
H2 200 slot.gif
3.bp.blogspot.com/-iytd9_3HDV4/XWOjdjO_ojI/AAAAAAAAAtQ/UEpF18ZjjQErvjFTXKeFpAi26HzfwvV1ACLcBGAs/s1600/ 44 KB
44 KB 217ms
132ms Image
image/gif 2a00:1450:4001:80e::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://3.bp.blogspot.com/-iytd9_3HDV4/XWOjdjO_ojI/AAAAAAAAAtQ/UEpF18ZjjQErvjFTXKeFpAi26HzfwvV1ACLcBGAs/s1600/slot.gif

Requested by

Host: www.leewardspacefoundation.org
URL: https://www.leewardspacefoundation.org/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80e::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

fife /

Resource Hash

b51748142cfc428b429c740b8e3b13c838ae6b4c87029916f96393a200b016c2

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://www.leewardspacefoundation.org/
accept-language: de-DE,de;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Tue, 02 Apr 2024 15:39:46 GMT
x-content-type-options: nosniff
age: 0
content-disposition: inline;filename="slot.gif"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 45325
x-xss-protection: 0
server: fife
etag: "v2d9"
vary: Origin
content-type: image/gif
access-control-allow-origin: *
access-control-expose-headers: Content-Length
cache-control: public, max-age=86400, no-transform
timing-allow-origin: *
expires: Wed, 03 Apr 2024 15:39:46 GMT

GET
H2 200 liveball.gif
3.bp.blogspot.com/-GDdxyxW_6rI/XWOjMWA1QaI/AAAAAAAAAtA/e0btj0kcgYQOVmj_eOTiuAO4SyNngxPcgCLcBGAs/s1600/ 33 KB
33 KB 201ms
117ms Image
image/gif 2a00:1450:4001:80e::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://3.bp.blogspot.com/-GDdxyxW_6rI/XWOjMWA1QaI/AAAAAAAAAtA/e0btj0kcgYQOVmj_eOTiuAO4SyNngxPcgCLcBGAs/s1600/liveball.gif

Requested by

Host: www.leewardspacefoundation.org
URL: https://www.leewardspacefoundation.org/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80e::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

fife /

Resource Hash

ccd1583253bb19156dd1af5dccbf4d1c41112f7e861599b62c1bfb10e5b02ddc

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://www.leewardspacefoundation.org/
accept-language: de-DE,de;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Tue, 02 Apr 2024 15:39:46 GMT
x-content-type-options: nosniff
age: 0
content-disposition: inline;filename="liveball.gif"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 33751
x-xss-protection: 0
server: fife
etag: "v2d5"
vary: Origin
content-type: image/gif
access-control-allow-origin: *
access-control-expose-headers: Content-Length
cache-control: public, max-age=86400, no-transform
timing-allow-origin: *
expires: Wed, 03 Apr 2024 15:39:46 GMT

GET
H2 200 casino.gif
3.bp.blogspot.com/-E0glU4zRNxg/XWOjIAjEoWI/AAAAAAAAAs8/cgOeVpPKnekvd6IrVcLvEShb9ddHNAGUgCLcBGAs/s1600/ 34 KB
34 KB 177ms
93ms Image
image/gif 2a00:1450:4001:80e::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://3.bp.blogspot.com/-E0glU4zRNxg/XWOjIAjEoWI/AAAAAAAAAs8/cgOeVpPKnekvd6IrVcLvEShb9ddHNAGUgCLcBGAs/s1600/casino.gif

Requested by

Host: www.leewardspacefoundation.org
URL: https://www.leewardspacefoundation.org/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80e::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

fife /

Resource Hash

12c4c7d12f5381fb40aba3873373fd84a1eee9b4f5e75389731e35e43dc02df4

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://www.leewardspacefoundation.org/
accept-language: de-DE,de;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Tue, 02 Apr 2024 15:39:46 GMT
x-content-type-options: nosniff
server: fife
etag: "v2d3"
vary: Origin
content-type: image/gif
access-control-allow-origin: *
access-control-expose-headers: Content-Length
cache-control: public, max-age=86400, no-transform
content-disposition: inline;filename="casino.gif"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 34900
x-xss-protection: 0
expires: Wed, 03 Apr 2024 15:39:46 GMT

GET
H2 200 sport.gif
3.bp.blogspot.com/-E-DITzkdA7Y/XWOjWikg5VI/AAAAAAAAAtI/1BIX3roSdmESOB9D9A7NiNmTN7cP3VtEACLcBGAs/s1600/ 41 KB
42 KB 131ms
47ms Image
image/gif 2a00:1450:4001:80e::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://3.bp.blogspot.com/-E-DITzkdA7Y/XWOjWikg5VI/AAAAAAAAAtI/1BIX3roSdmESOB9D9A7NiNmTN7cP3VtEACLcBGAs/s1600/sport.gif

Requested by

Host: www.leewardspacefoundation.org
URL: https://www.leewardspacefoundation.org/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80e::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

fife /

Resource Hash

f2a14b4ba8d6b9a2b7b313e3dbcc7db535e84f70a37ecf46608644d86f726383

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://www.leewardspacefoundation.org/
accept-language: de-DE,de;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Tue, 02 Apr 2024 15:39:46 GMT
x-content-type-options: nosniff
server: fife
etag: "v2d8"
vary: Origin
content-type: image/gif
access-control-allow-origin: *
access-control-expose-headers: Content-Length
cache-control: public, max-age=86400, no-transform
content-disposition: inline;filename="sport.gif"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42438
x-xss-protection: 0
expires: Wed, 03 Apr 2024 15:39:46 GMT

GET
H3 200 banner-salju4d-pkv.gif
imbwlbank.mytestme.com/img/Agent/ 35 KB
36 KB 368ms
332ms Image
image/gif 188.114.96.3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://imbwlbank.mytestme.com/img/Agent/banner-salju4d-pkv.gif
Requested by: Host: www.leewardspacefoundation.org
URL: https://www.leewardspacefoundation.org/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 188.114.96.3 Amsterdam, Netherlands, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / ASP.NET
Resource Hash: 6b7c7a8ec9eef33e776049e8549a9dd468fe557ed123f09e59022c2958317557

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://www.leewardspacefoundation.org/
accept-language: de-DE,de;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Tue, 02 Apr 2024 15:39:47 GMT
cf-cache-status: REVALIDATED
last-modified: Mon, 24 Jan 2022 16:21:02 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
etag: "ac4173613e11d81:0"
x-powered-by: ASP.NET
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=xajhzeEbGVNQukE2T8e0apNOVUNoYxS5ac%2F5JlI8qV9RBwNvyPXWzgilf345w6jReHWv00I6%2BVx9GYLkgdofJ%2BT8zYkjgz%2BzsjJEXY%2BkLR0wdMjfh54sQwJsDkvMIJ0mTWi%2FbzT9y9ic"}],"group":"cf-nel","max_age":604800}
content-type: image/gif
cache-control: max-age=7200
accept-ranges: bytes
cf-ray: 86e1e9e1baa02a37-CDG
alt-svc: h3=":443"; ma=86400
content-length: 35992

GET
H3 200 logo1.png
www.leewardspacefoundation.org/img/ 18 KB
19 KB 487ms
486ms Image
image/png 172.67.175.130
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.leewardspacefoundation.org/img/logo1.png
Requested by: Host: www.leewardspacefoundation.org
URL: https://www.leewardspacefoundation.org/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 172.67.175.130 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: df1b9a961f9803681453681106061dec1962f0db83dc08a635a6bfe25c00d46f

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://www.leewardspacefoundation.org/
accept-language: de-DE,de;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Tue, 02 Apr 2024 15:39:47 GMT
cf-cache-status: MISS
last-modified: Wed, 02 Nov 2022 17:30:11 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
etag: "4811-6362a923-1f9a41;;;"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=6PtdkmHz39pVCM6gRlEKZf50lFi4yxs%2BIEScg03kh%2BuwRBpLgiQX7cmEoCS3HaFXFaWQuvLkFP4Goy2gA8zH45QTPo3QPuVS%2FDPBPidlJXTmK5M%2BxgTZPcRU0DtdpnxUtZNTXUeurq8LVtuxk7T4qDo%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/png
cache-control: public, max-age=604800
accept-ranges: bytes
cf-ray: 86e1e9e32f5a3803-FRA
alt-svc: h3=":443"; ma=86400
content-length: 18449
expires: Tue, 09 Apr 2024 15:39:47 GMT

GET
H3 200 speaker.webp
www.leewardspacefoundation.org/img/ 2 KB
3 KB 346ms
345ms Image
image/webp 172.67.175.130
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.leewardspacefoundation.org/img/speaker.webp
Requested by: Host: www.leewardspacefoundation.org
URL: https://www.leewardspacefoundation.org/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 172.67.175.130 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 567cd4c0dd18a0abe18b956ac5556b2818d7b65c0b0e483938af36bfdf8ae5dd

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://www.leewardspacefoundation.org/
accept-language: de-DE,de;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Tue, 02 Apr 2024 15:39:47 GMT
cf-cache-status: MISS
last-modified: Wed, 02 Nov 2022 17:51:35 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
etag: "83e-6362ae27-1f9a31;;;"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=TBahF6yUhLQT9%2Fj0ofBA9UD6dFR7x4Ym2sfYmB4cDG4dWtAbCteuiOQlT36L68EXQpV0lrJEweFJk6b8slWytuUi34um2P8DRViKoYxZqgL8rKbQS2IXVHpt8fhvAed8IhgTiWlA%2B1QzH5a4rPd9Zz0%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/webp
cache-control: public, max-age=604800
accept-ranges: bytes
cf-ray: 86e1e9e32f5d3803-FRA
alt-svc: h3=":443"; ma=86400
content-length: 2110
expires: Tue, 09 Apr 2024 15:39:47 GMT

GET
H3

200

/
www.leewardspacefoundation.org/
Redirect Chain

https://www.leewardspacefoundation.org/img/Whatsapp.png
https://www.leewardspacefoundation.org/

46 KB
46 KB

175ms
174ms

Image
text/html

172.67.175.130
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.leewardspacefoundation.org/
Requested by: Host: www.leewardspacefoundation.org
URL: https://www.leewardspacefoundation.org/
Protocol: H3
Server: 172.67.175.130 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.leewardspacefoundation.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36

Response headers

date: Tue, 02 Apr 2024 15:39:47 GMT
content-encoding: br
cf-cache-status: DYNAMIC
last-modified: Wed, 02 Nov 2022 18:25:23 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=C29OEi7ivj1UOcV05oF3xorj09H2HKV572qRiXmSmOGxhWeksV3LRrAqBu4Dgd6kwgF12XUZ%2Bazq%2BwFYtDzUQN3x6C0EdmlXKnUJfM%2Ba8oHZem%2FosLY5J4ZV0UK%2BOxQK3psY5BFNvt4UKqoPZOqc8Lk%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/html
cf-ray: 86e1e9e5392c3803-FRA
alt-svc: h3=":443"; ma=86400

Redirect headers

date: Tue, 02 Apr 2024 15:39:47 GMT
cf-cache-status: BYPASS
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=bvPRpQsGrc8zfmogXwvDrnNeWY3YpFsEPUbhhkEF3UfE2tptOhE0UWviAxDZzO5r%2BB2Do9t4TixbgjuenZ0fmENiVl7Oc7hhKOBp%2Fk6kBOyrosYT%2Fw7BGN4RI7MF1tBUUTkvF%2FLT898KKpnLd11fqcc%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/html
location: https://www.leewardspacefoundation.org/
cf-ray: 86e1e9e32f5f3803-FRA
alt-svc: h3=":443"; ma=86400

GET
H3 200 home.webp
www.leewardspacefoundation.org/img/ 2 KB
3 KB 331ms
330ms Image
image/webp 172.67.175.130
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.leewardspacefoundation.org/img/home.webp
Requested by: Host: www.leewardspacefoundation.org
URL: https://www.leewardspacefoundation.org/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 172.67.175.130 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 7fb75fb0db537b5e99ca80b79483a4d3c583b199ce31889ecffcf2c6fcf6800b

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://www.leewardspacefoundation.org/
accept-language: de-DE,de;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Tue, 02 Apr 2024 15:39:47 GMT
cf-cache-status: MISS
last-modified: Wed, 02 Nov 2022 17:51:35 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
etag: "882-6362ae27-1f9a2f;;;"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=dVFCISFqrF1byo9ghBYGaeqQPohxckj7al4I4eU4mYzP2wUieSulg22sxvNhodwO7iz2nJm9LJAN815IFoMVGFBJBcLhIvdRwx44tAhJlhaYWBEsJ9aTT%2BERYkkiIgNrqyJlkf%2BEaD%2BgLm8H6EwQ1R0%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/webp
cache-control: public, max-age=604800
accept-ranges: bytes
cf-ray: 86e1e9e32f603803-FRA
alt-svc: h3=":443"; ma=86400
content-length: 2178
expires: Tue, 09 Apr 2024 15:39:47 GMT

GET
H3 200 daftar.webp
www.leewardspacefoundation.org/img/ 2 KB
3 KB 375ms
374ms Image
image/webp 172.67.175.130
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.leewardspacefoundation.org/img/daftar.webp
Requested by: Host: www.leewardspacefoundation.org
URL: https://www.leewardspacefoundation.org/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 172.67.175.130 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 44a0f6b1e1060e519f78bdbfba62cf3a0935272b9445ae461ce81d1429fa4a32

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://www.leewardspacefoundation.org/
accept-language: de-DE,de;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Tue, 02 Apr 2024 15:39:47 GMT
cf-cache-status: MISS
last-modified: Wed, 02 Nov 2022 17:51:35 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
etag: "900-6362ae27-1f9a2d;;;"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=xEASardWEVewLzYWwR0K1dnG9V8GDoEC6UMVVQyXe743TPwQnTKGq4RV92ymCXnt8%2Fuy9l2M9W8KYggC8J2OR%2BD%2BpDpNl3Q6sVe4kjGsSQMUianaeMgjAf4ijr1S3IkxcJG0bsYPyASyare3zaa%2BKy4%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/webp
cache-control: public, max-age=604800
accept-ranges: bytes
cf-ray: 86e1e9e32f623803-FRA
alt-svc: h3=":443"; ma=86400
content-length: 2304
expires: Tue, 09 Apr 2024 15:39:47 GMT

GET
H3 200 Whatsapp.webp
www.leewardspacefoundation.org/img/ 2 KB
2 KB 348ms
347ms Image
image/webp 172.67.175.130
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.leewardspacefoundation.org/img/Whatsapp.webp
Requested by: Host: www.leewardspacefoundation.org
URL: https://www.leewardspacefoundation.org/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 172.67.175.130 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 4cabd806936ac7f50f887e7e1c277e60d5de4502fe0cf572326fdb183933e6f0

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://www.leewardspacefoundation.org/
accept-language: de-DE,de;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Tue, 02 Apr 2024 15:39:47 GMT
cf-cache-status: MISS
last-modified: Wed, 02 Nov 2022 17:51:35 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
etag: "636-6362ae27-1f9a32;;;"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=oLICtmyJ3wvMIC9h6WNz%2FKvJKUWC97BPrju1gzhlhMhYwDYhLKUKc21pbufgiG9Q9hV1teYhcSObYVCyq75mBxlPX5yBV%2BDZsfeEbGFP%2B1WJh06JEVLBfQf4qY0dWcuWopOiI70%2BQwPI2MphPphoYt4%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/webp
cache-control: public, max-age=604800
accept-ranges: bytes
cf-ray: 86e1e9e32f643803-FRA
alt-svc: h3=":443"; ma=86400
content-length: 1590
expires: Tue, 09 Apr 2024 15:39:47 GMT

GET
H3 200 livechat.webp
www.leewardspacefoundation.org/img/ 2 KB
3 KB 406ms
406ms Image
image/webp 172.67.175.130
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.leewardspacefoundation.org/img/livechat.webp
Requested by: Host: www.leewardspacefoundation.org
URL: https://www.leewardspacefoundation.org/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 172.67.175.130 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: fe219e8d07fdf276b455a5fcefc83b02d03f3f5c2b5344ae4c983d80c13ae24a

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://www.leewardspacefoundation.org/
accept-language: de-DE,de;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Tue, 02 Apr 2024 15:39:47 GMT
cf-cache-status: MISS
last-modified: Wed, 02 Nov 2022 17:51:35 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
etag: "94e-6362ae27-1f9a30;;;"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=Vrvunssg7eVpEcq9fQ1rKC%2FDcXE2J8at8EKPzNkaELQt%2BImVfJhH8qfnItT2bFmEfdsTGB1pcVH%2Bv7EqTNPMKGHik3R7WQPcnHHeoHmrylpv63M%2FVLN8HkQySev%2F%2BpxVHYpC5xcoxnRXLWXGX3FxiGg%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/webp
cache-control: public, max-age=604800
accept-ranges: bytes
cf-ray: 86e1e9e32f663803-FRA
alt-svc: h3=":443"; ma=86400
content-length: 2382
expires: Tue, 09 Apr 2024 15:39:47 GMT

GET
H3 200 amp-auto-lightbox-0.1.js Show response
cdn.ampproject.org/rtv/012403142137000/v0/ 8 KB
3 KB 117ms
42ms Script
text/javascript 142.250.184.225
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/rtv/012403142137000/v0/amp-auto-lightbox-0.1.js

Requested by

Host: cdn.ampproject.org
URL: https://cdn.ampproject.org/v0.js

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.184.225 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s12-in-f1.1e100.net

Software

sffe /

Resource Hash

c7ed15f521ee86b63ad6b3454fa36cee32d8fa9293519db0477ded0afe883ffa

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cdnjs.cloudflare.com/ajax/libs/font-awesome/ https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://www.leewardspacefoundation.org/
Origin: https://www.leewardspacefoundation.org
accept-language: de-DE,de;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cdnjs.cloudflare.com/ajax/libs/font-awesome/ https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding: br
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains; preload
date: Sat, 30 Mar 2024 07:36:31 GMT
age: 288196
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 2974
x-xss-protection: 0
server: sffe
etag: "82f1150541de42e0"
vary: Accept-Encoding
report-to: {"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="amphtml-china-available"
expires: Sun, 30 Mar 2025 07:36:31 GMT

GET
H3 200 amp-loader-0.1.js Show response
cdn.ampproject.org/rtv/012403142137000/v0/ 12 KB
4 KB 109ms
37ms Script
text/javascript 142.250.184.225
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/rtv/012403142137000/v0/amp-loader-0.1.js

Requested by

Host: cdn.ampproject.org
URL: https://cdn.ampproject.org/v0.js

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.184.225 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s12-in-f1.1e100.net

Software

sffe /

Resource Hash

1dc762115b07cf20154e69d9aa7291f10a3dc8657a37c731d9e89914340dcb6f

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cdnjs.cloudflare.com/ajax/libs/font-awesome/ https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://www.leewardspacefoundation.org/
Origin: https://www.leewardspacefoundation.org
accept-language: de-DE,de;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cdnjs.cloudflare.com/ajax/libs/font-awesome/ https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding: br
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains; preload
date: Sat, 30 Mar 2024 17:18:36 GMT
age: 253271
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 3927
x-xss-protection: 0
server: sffe
etag: "35199fe22a6880b4"
vary: Accept-Encoding
report-to: {"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="amphtml-china-available"
expires: Sun, 30 Mar 2025 17:18:36 GMT

GET
H3 200 /
tabelpakde.com/ Frame 1F39 0
0 358ms
335ms Document
text/html 172.67.134.137
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://tabelpakde.com/
Requested by: Host: cdn.ampproject.org
URL: https://cdn.ampproject.org/v0/amp-iframe-0.1.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 172.67.134.137 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash

Request headers

Referer: https://www.leewardspacefoundation.org/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
accept-language: de-DE,de;q=0.9
sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
sec-ch-ua-mobile: ?0
sec-ch-ua-platform: "Win32"

Response headers

alt-svc: h3=":443"; ma=86400
cache-control: max-age=120
cf-cache-status: EXPIRED
cf-ray: 86e1e9e36b1330c4-FRA
content-encoding: br
content-type: text/html; charset=UTF-8
date: Tue, 02 Apr 2024 15:39:47 GMT
last-modified: Tue, 02 Apr 2024 15:17:37 GMT
link: <https://tabelpakde.com/wp-json/>; rel="https://api.w.org/" <https://tabelpakde.com/wp-json/wp/v2/pages/6>; rel="alternate"; type="application/json" <https://tabelpakde.com/>; rel=shortlink
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=oz4VN7zkGzzqc%2BRLUjkaJD7Fd%2B6VLXhPvXcPv7HHlfg8XjGRkM2zQVbiw94%2B3JpQz5F6cP5al65KLRjm3DDZ%2F7e2TV71DwuxgZMRinK8q1%2B70fEsSA9O5cQe%2B4H69cjePg%3D%3D"}],"group":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
x-litespeed-cache: hit

GET
H3 200 favicon1.png
www.leewardspacefoundation.org/img/ 159 KB
160 KB 792ms
792ms Other
image/png 172.67.175.130
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://www.leewardspacefoundation.org/img/favicon1.png
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 172.67.175.130 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: f70823500dbb33c0c46701bff77db1a2762a76e9fba8ab68840aa97222d22f9c

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://www.leewardspacefoundation.org/
accept-language: de-DE,de;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Tue, 02 Apr 2024 15:39:48 GMT
cf-cache-status: MISS
last-modified: Wed, 02 Nov 2022 17:30:11 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
etag: "27c31-6362a923-1f9a42;;;"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=GgMccsIWMVTHVmLE5datrtGUxJhEq7PwJb%2BXpcCLa9y3OOnefDZO20SDOR%2B%2BhoIYCf8PgKAe%2Bg4pVzRc5mabJfsS8c92Jqar0fnH03ayJXnzE%2Fehig4DDSifsoD8QS4BQEqH3vbZCgSDPB11hKLV%2B6Y%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/png
cache-control: public, max-age=604800
accept-ranges: bytes
cf-ray: 86e1e9e96cbb3803-FRA
alt-svc: h3=":443"; ma=86400
content-length: 162865
expires: Tue, 09 Apr 2024 15:39:48 GMT

Verdicts & Comments Add Verdict or Comment

18 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

0 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

3.bp.blogspot.com
cdn.ampproject.org
imbwlbank.mytestme.com
leewardspacefoundation.org
tabelpakde.com
www.leewardspacefoundation.org
142.250.184.225
172.67.134.137
172.67.175.130
188.114.96.3
2a00:1450:4001:80e::2001
2a00:1450:4001:81c::2001
12c4c7d12f5381fb40aba3873373fd84a1eee9b4f5e75389731e35e43dc02df4
1dc762115b07cf20154e69d9aa7291f10a3dc8657a37c731d9e89914340dcb6f
228229aa5e0c8171fe119212e63c5683cde9917ec73b77471f063aae224a5517
3b7713650e4745bf7444dbce7c1c44210cecf2053f1ad4b20d5c670ca3143bbe
3c1cd97930da74d4f4ca210f09306f86f516c74e6d1cf73d87f40799e2d1990c
44a0f6b1e1060e519f78bdbfba62cf3a0935272b9445ae461ce81d1429fa4a32
4cabd806936ac7f50f887e7e1c277e60d5de4502fe0cf572326fdb183933e6f0
4f64967a98fb4f6ad153ead2036924dd5cfc931367e3a0378801b8a4bf175132
567cd4c0dd18a0abe18b956ac5556b2818d7b65c0b0e483938af36bfdf8ae5dd
6b7c7a8ec9eef33e776049e8549a9dd468fe557ed123f09e59022c2958317557
7494b7d3bd7ebd4397018fb47a1afaad0d91140252ccdc13ace040f63ae3c5d2
7fb75fb0db537b5e99ca80b79483a4d3c583b199ce31889ecffcf2c6fcf6800b
9e833c2bb524b75edd90f3203dca8b9ccad32cd0c897b397bcee372728046a05
b51748142cfc428b429c740b8e3b13c838ae6b4c87029916f96393a200b016c2
c7ed15f521ee86b63ad6b3454fa36cee32d8fa9293519db0477ded0afe883ffa
ccd1583253bb19156dd1af5dccbf4d1c41112f7e861599b62c1bfb10e5b02ddc
dd11971c32adc6595e87e7c81626fb2628e462007bbaf10973960654872c3481
df1b9a961f9803681453681106061dec1962f0db83dc08a635a6bfe25c00d46f
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
f2a14b4ba8d6b9a2b7b313e3dbcc7db535e84f70a37ecf46608644d86f726383
f70823500dbb33c0c46701bff77db1a2762a76e9fba8ab68840aa97222d22f9c
fe219e8d07fdf276b455a5fcefc83b02d03f3f5c2b5344ae4c983d80c13ae24a

www.leewardspacefoundation.org Open in urlscan Pro 172.67.175.130 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Page URL History Show full URLs

Detected technologies

Page Statistics

22 Requests

95 %HTTPS

33 %IPv6

5 Domains

6 Subdomains

7 IPs

3 Countries

628 kBTransfer

913 kBSize

0 Cookies

5 Outgoing links

Page URL History

Redirected requests

22 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 1 data transactions

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Verdicts & Comments Add Verdict or Comment

18 JavaScript Global Variables

0 Cookies

Indicators

www.leewardspacefoundation.org Open in urlscan Pro
172.67.175.130 Public Scan

Screenshot
Live screenshot

Full Image

22
Requests

95 %
HTTPS

33 %
IPv6

5
Domains

6
Subdomains

7
IPs

3
Countries

628 kB
Transfer

913 kB
Size

0
Cookies

22 HTTP transactions
1 data transactions