URL: https://isromainelettucesafe.com/
Submission: On March 14 via automatic, source certstream-suspicious

Summary

This website contacted 8 IPs in 2 countries across 8 domains to perform 14 HTTP transactions. The main IP is 2606:4700:3030::681f:48f6, located in United States and belongs to CLOUDFLARENET, US. The main domain is isromainelettucesafe.com.
TLS certificate: Issued by CloudFlare Inc ECC CA-2 on May 2nd 2019. Valid for: a year.
This is the only time isromainelettucesafe.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
1 2606:4700:303... 13335 (CLOUDFLAR...)
1 2a00:1450:400... 15169 (GOOGLE)
3 13.224.197.58 16509 (AMAZON-02)
1 2606:4700::68... 13335 (CLOUDFLAR...)
1 2606:4700::68... 13335 (CLOUDFLAR...)
1 2a00:1450:400... 15169 (GOOGLE)
4 2a00:1450:400... 15169 (GOOGLE)
2 2a00:1450:400... 15169 (GOOGLE)
14 8
Domain Requested by
4 fonts.gstatic.com isromainelettucesafe.com
3 d1qmdf3vop2l07.cloudfront.net isromainelettucesafe.com
ajax.cloudflare.com
2 www.google-analytics.com www.googletagmanager.com
1 www.googletagmanager.com ajax.cloudflare.com
1 unpkg.com ajax.cloudflare.com
1 ajax.cloudflare.com isromainelettucesafe.com
1 fonts.googleapis.com isromainelettucesafe.com
1 isromainelettucesafe.com
14 8

This site contains links to these domains. Also see Links.

Domain
www.cdc.gov
Subject Issuer Validity Valid
isromainelettucesafe.com
CloudFlare Inc ECC CA-2
2019-05-02 -
2020-05-02
a year crt.sh
*.storage.googleapis.com
GTS CA 1O1
2020-02-25 -
2020-05-19
3 months crt.sh
*.cloudfront.net
DigiCert Global CA G2
2019-07-17 -
2020-07-05
a year crt.sh
cloudflare.com
CloudFlare Inc ECC CA-2
2020-01-07 -
2020-10-09
9 months crt.sh
ssl714328.cloudflaressl.com
COMODO ECC Domain Validation Secure Server CA 2
2020-02-18 -
2020-08-26
6 months crt.sh
*.google-analytics.com
GTS CA 1O1
2020-02-25 -
2020-05-19
3 months crt.sh
*.google.com
GTS CA 1O1
2020-02-25 -
2020-05-19
3 months crt.sh

This page contains 1 frames:

Primary Page: https://isromainelettucesafe.com/
Frame ID: A7F9EB8EE4CFAAA4A139D32963588392
Requests: 14 HTTP requests in this frame

Screenshot


Detected technologies

Overall confidence: 100%
Detected patterns
  • headers server /^cloudflare$/i

Overall confidence: 100%
Detected patterns
  • script /google-analytics\.com\/(?:ga|urchin|analytics)\.js/i

Overall confidence: 100%
Detected patterns
  • html /<link[^>]* href=[^>]+fonts\.(?:googleapis|google)\.com/i

Overall confidence: 100%
Detected patterns
  • script /scrollreveal(?:\.min)(?:\.js)/i

Page Statistics

14
Requests

100 %
HTTPS

88 %
IPv6

8
Domains

8
Subdomains

8
IPs

2
Countries

166 kB
Transfer

289 kB
Size

1
Cookies

Redirected requests

There were HTTP redirect chains for the following requests:

14 HTTP transactions

Resource
Path
Size
x-fer
Type
MIME-Type
Primary Request /
isromainelettucesafe.com/
17 KB
4 KB
Document
General
Full URL
https://isromainelettucesafe.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3030::681f:48f6 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
22a365edf2e168f8fdd8865666c43e5e7d76eab56f5d674d2aa249e0c811bbe3

Request headers

:method
GET
:authority
isromainelettucesafe.com
:scheme
https
:path
/
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
sec-fetch-dest
document
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
none
sec-fetch-mode
navigate
sec-fetch-user
?1
accept-encoding
gzip, deflate, br
accept-language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest
document

Response headers

status
200
date
Sat, 14 Mar 2020 18:50:45 GMT
content-type
text/html; charset=utf-8
set-cookie
__cfduid=d9c0c17f45ac883d07027100b38892a131584211844; expires=Mon, 13-Apr-20 18:50:44 GMT; path=/; domain=.isromainelettucesafe.com; HttpOnly; SameSite=Lax; Secure
cc-stable-domain
spring-resonance.cloudvent.net
cache-control
s-maxage=2419200, max-age=0, must-revalidate, public
last-modified
Wed Nov 28 2018 15:51:38 GMT+0000 (UTC)
vary
Accept-Encoding
age
300883
access-control-allow-headers
X-CSRF-Token
access-control-allow-origin
*
cc-cache-status
HIT
cf-cache-status
DYNAMIC
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
server
cloudflare
cf-ray
57402e9e2d699760-FRA
content-encoding
br
css
fonts.googleapis.com/
10 KB
931 B
Stylesheet
General
Full URL
https://fonts.googleapis.com/css?family=Fira+Sans:400,400i,500,700
Requested by
Host: isromainelettucesafe.com
URL: https://isromainelettucesafe.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:808::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
8c4fa83f92100cb28a531241f1cfef547d59b78d0cc7c5eb9e7134708a080004
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Referer
https://isromainelettucesafe.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest
style

Response headers

strict-transport-security
max-age=31536000
content-encoding
gzip
x-content-type-options
nosniff
status
200
alt-svc
quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
x-xss-protection
0
last-modified
Sat, 14 Mar 2020 18:50:45 GMT
server
ESF
date
Sat, 14 Mar 2020 18:50:45 GMT
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Sat, 14 Mar 2020 18:50:45 GMT
d778812a369393287dcf539ffb669666.css
d1qmdf3vop2l07.cloudfront.net/spring-resonance.cloudvent.net/compressed/
16 KB
5 KB
Stylesheet
General
Full URL
https://d1qmdf3vop2l07.cloudfront.net/spring-resonance.cloudvent.net/compressed/d778812a369393287dcf539ffb669666.css
Requested by
Host: isromainelettucesafe.com
URL: https://isromainelettucesafe.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
13.224.197.58 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-224-197-58.fra2.r.cloudfront.net
Software
nginx /
Resource Hash
8837b8f5d63d409d64683ed40c70534668ad3a6061c2fa8010e7eb1825ce59b9

Request headers

Referer
https://isromainelettucesafe.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest
style

Response headers

date
Sat, 14 Mar 2020 18:50:45 GMT
content-encoding
gzip
age
0
x-cache
Miss from cloudfront
status
200
via
1.1 7a3193ebce69450274ae629ce856b09d.cloudfront.net (CloudFront)
last-modified
Wed, 21 Nov 2018 05:01:22 GMT
server
nginx
etag
"d778812a369393287dcf539ffb669666"
vary
Accept-Encoding,Accept-Encoding
access-control-allow-methods
GET
content-type
text/css
access-control-allow-origin
*
cache-control
max-age=31557600, public
x-amz-cf-pop
FRA2-C1
accept-ranges
bytes
access-control-allow-headers
X-CSRF-Token
x-amz-cf-id
1BM1SUSxncrmRS41WqMVgA0SO2rmHGpxRHrlOzN0EvZ0uUAnyQi4sQ==
cc-cache-status
MISS
expires
Thu, 31 Dec 2037 23:55:55 GMT
a826411a788898e4db040d57bedcc02e.jpg
d1qmdf3vop2l07.cloudfront.net/spring-resonance.cloudvent.net/compressed/
38 KB
38 KB
Image
General
Full URL
https://d1qmdf3vop2l07.cloudfront.net/spring-resonance.cloudvent.net/compressed/a826411a788898e4db040d57bedcc02e.jpg
Requested by
Host: isromainelettucesafe.com
URL: https://isromainelettucesafe.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
13.224.197.58 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-224-197-58.fra2.r.cloudfront.net
Software
nginx /
Resource Hash
6bbd73f509a1c7dfb3d3523bc1435a697bd415abe3c93c01220c9880ed7878e9

Request headers

Referer
https://isromainelettucesafe.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest
image

Response headers

date
Sat, 14 Mar 2020 18:50:45 GMT
via
1.1 7a3193ebce69450274ae629ce856b09d.cloudfront.net (CloudFront)
age
0
x-cache
Miss from cloudfront
status
200
content-length
38648
last-modified
Wed, 21 Nov 2018 04:51:04 GMT
server
nginx
etag
"a826411a788898e4db040d57bedcc02e"
vary
Accept-Encoding
access-control-allow-methods
GET
content-type
image/jpeg
access-control-allow-origin
*
cache-control
max-age=31557600, public
x-amz-cf-pop
FRA2-C1
accept-ranges
bytes
access-control-allow-headers
X-CSRF-Token
x-amz-cf-id
HZsH94KR4XQCZDxsK5RTQioR2PEdU7jBQX1XhbBZs8WeXGSlhGVtuw==
cc-cache-status
MISS
expires
Thu, 31 Dec 2037 23:55:55 GMT
rocket-loader.min.js
ajax.cloudflare.com/cdn-cgi/scripts/7089c43e/cloudflare-static/
12 KB
4 KB
Script
General
Full URL
https://ajax.cloudflare.com/cdn-cgi/scripts/7089c43e/cloudflare-static/rocket-loader.min.js
Requested by
Host: isromainelettucesafe.com
URL: https://isromainelettucesafe.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6811:4104 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b08cdbc2d30e656a86b20f8342428d5863f70f4b30135b4f4061f754ce932f5e
Security Headers
Name Value
Strict-Transport-Security max-age=15780000; includeSubDomains
X-Frame-Options SAMEORIGIN

Request headers

Referer
https://isromainelettucesafe.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest
script

Response headers

date
Sat, 14 Mar 2020 18:50:45 GMT
content-encoding
gzip
vary
Accept-Encoding
last-modified
Fri, 06 Mar 2020 12:22:46 GMT
server
cloudflare
etag
W/"5e624096-3016"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
x-frame-options
SAMEORIGIN
content-type
application/javascript
status
200
cache-control
max-age=172800, public
strict-transport-security
max-age=15780000; includeSubDomains
cf-ray
57402ea0fa71d6d5-FRA
expires
Mon, 16 Mar 2020 18:50:45 GMT
2aa36c686ec5a51d94f0f9989766867d.js
d1qmdf3vop2l07.cloudfront.net/spring-resonance.cloudvent.net/compressed/
878 B
978 B
Script
General
Full URL
https://d1qmdf3vop2l07.cloudfront.net/spring-resonance.cloudvent.net/compressed/2aa36c686ec5a51d94f0f9989766867d.js
Requested by
Host: ajax.cloudflare.com
URL: https://ajax.cloudflare.com/cdn-cgi/scripts/7089c43e/cloudflare-static/rocket-loader.min.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
13.224.197.58 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-224-197-58.fra2.r.cloudfront.net
Software
nginx /
Resource Hash
2fe77657e98021aae5c3f174acf5a71046c4fdede53fd80e03914a826d143027

Request headers

Referer
https://isromainelettucesafe.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest
script

Response headers

date
Sat, 14 Mar 2020 18:50:45 GMT
content-encoding
gzip
age
0
x-cache
Miss from cloudfront
status
200
via
1.1 7a3193ebce69450274ae629ce856b09d.cloudfront.net (CloudFront)
last-modified
Wed, 21 Nov 2018 05:01:22 GMT
server
nginx
etag
W/"2aa36c686ec5a51d94f0f9989766867d"
vary
Accept-Encoding,Accept-Encoding
access-control-allow-methods
GET
content-type
application/javascript
access-control-allow-origin
*
cache-control
max-age=31557600, public
x-amz-cf-pop
FRA2-C1
accept-ranges
bytes
access-control-allow-headers
X-CSRF-Token
x-amz-cf-id
W7Lrw2f2T6IaRhfqfA8NTjvjD-LMF5ylgkeWeMBDuKOQlqPI61GJ_Q==
cc-cache-status
MISS
expires
Thu, 31 Dec 2037 23:55:55 GMT
scrollreveal.min.js
unpkg.com/scrollreveal@4.0.0/dist/
16 KB
6 KB
Script
General
Full URL
https://unpkg.com/scrollreveal@4.0.0/dist/scrollreveal.min.js
Requested by
Host: ajax.cloudflare.com
URL: https://ajax.cloudflare.com/cdn-cgi/scripts/7089c43e/cloudflare-static/rocket-loader.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6810:7baf , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
9272231d83750052eb424ba589b26945e892c4a8541a1215521c74198b083e33
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://isromainelettucesafe.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest
script

Response headers

date
Sat, 14 Mar 2020 18:50:45 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
HIT
age
11054175
status
200
strict-transport-security
max-age=31536000; includeSubDomains; preload
last-modified
Sat, 26 Oct 1985 08:15:00 GMT
server
cloudflare
etag
W/"4009-olFGSVMkRiWLiX8td2OR9arAZMQ"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
x-cloud-trace-context
6e2177a66d8c28def1f0f092eb9fe88c
cache-control
public, max-age=31536000
cf-ray
57402ea139ed3250-FRA
js
www.googletagmanager.com/gtag/
75 KB
28 KB
Script
General
Full URL
https://www.googletagmanager.com/gtag/js?id=UA-79539454-5
Requested by
Host: ajax.cloudflare.com
URL: https://ajax.cloudflare.com/cdn-cgi/scripts/7089c43e/cloudflare-static/rocket-loader.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:81d::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
8b78e45ce0f235a7c0bbffd45820185e8ca6236b253acc488250288c5e84675e
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

Referer
https://isromainelettucesafe.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest
script

Response headers

date
Sat, 14 Mar 2020 18:50:45 GMT
content-encoding
br
status
200
strict-transport-security
max-age=31536000; includeSubDomains
alt-svc
quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length
28540
x-xss-protection
0
last-modified
Sat, 14 Mar 2020 18:00:00 GMT
server
Google Tag Manager
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
http://www.googletagmanager.com
cache-control
private, max-age=900
access-control-allow-credentials
true
access-control-allow-headers
Cache-Control
expires
Sat, 14 Mar 2020 18:50:45 GMT
va9B4kDNxMZdWfMOD5VnLK3eRhf6Xl7Glw.woff2
fonts.gstatic.com/s/firasans/v10/
15 KB
15 KB
Font
General
Full URL
https://fonts.gstatic.com/s/firasans/v10/va9B4kDNxMZdWfMOD5VnLK3eRhf6Xl7Glw.woff2
Requested by
Host: isromainelettucesafe.com
URL: https://isromainelettucesafe.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:814::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
2c03d09c7c1cf3c86111f528e2d120592aaef6354ceb55c8e406319c30a765ed
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/css?family=Fira+Sans:400,400i,500,700
Origin
https://isromainelettucesafe.com
Sec-Fetch-Dest
font
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Thu, 05 Mar 2020 00:02:31 GMT
x-content-type-options
nosniff
last-modified
Mon, 22 Jul 2019 19:22:08 GMT
server
sffe
age
845294
content-type
font/woff2
status
200
alt-svc
quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
access-control-allow-origin
*
content-length
15372
x-xss-protection
0
expires
Fri, 05 Mar 2021 00:02:31 GMT
va9E4kDNxMZdWfMOD5Vvl4jLazX3dA.woff2
fonts.gstatic.com/s/firasans/v10/
15 KB
15 KB
Font
General
Full URL
https://fonts.gstatic.com/s/firasans/v10/va9E4kDNxMZdWfMOD5Vvl4jLazX3dA.woff2
Requested by
Host: isromainelettucesafe.com
URL: https://isromainelettucesafe.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:814::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
c25407149a8c6d1fb034c5af2d3e00f2d39abc4766125ee810285a22a59f9489
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/css?family=Fira+Sans:400,400i,500,700
Origin
https://isromainelettucesafe.com
Sec-Fetch-Dest
font
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Thu, 27 Feb 2020 09:29:04 GMT
x-content-type-options
nosniff
last-modified
Mon, 22 Jul 2019 19:21:53 GMT
server
sffe
age
1416101
content-type
font/woff2
status
200
alt-svc
quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
access-control-allow-origin
*
content-length
15212
x-xss-protection
0
expires
Fri, 26 Feb 2021 09:29:04 GMT
va9C4kDNxMZdWfMOD5VvkrjJYTLVdlTO.woff2
fonts.gstatic.com/s/firasans/v10/
15 KB
16 KB
Font
General
Full URL
https://fonts.gstatic.com/s/firasans/v10/va9C4kDNxMZdWfMOD5VvkrjJYTLVdlTO.woff2
Requested by
Host: isromainelettucesafe.com
URL: https://isromainelettucesafe.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:814::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
117fb246e78e88869752d0be3b989aab6547f56fa87dfbb6647734ad2b2fbb9a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/css?family=Fira+Sans:400,400i,500,700
Origin
https://isromainelettucesafe.com
Sec-Fetch-Dest
font
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Fri, 06 Mar 2020 09:22:58 GMT
x-content-type-options
nosniff
last-modified
Mon, 22 Jul 2019 19:20:53 GMT
server
sffe
age
725267
content-type
font/woff2
status
200
alt-svc
quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
access-control-allow-origin
*
content-length
15864
x-xss-protection
0
expires
Sat, 06 Mar 2021 09:22:58 GMT
va9B4kDNxMZdWfMOD5VnZKveRhf6Xl7Glw.woff2
fonts.gstatic.com/s/firasans/v10/
15 KB
15 KB
Font
General
Full URL
https://fonts.gstatic.com/s/firasans/v10/va9B4kDNxMZdWfMOD5VnZKveRhf6Xl7Glw.woff2
Requested by
Host: isromainelettucesafe.com
URL: https://isromainelettucesafe.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:814::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
2da7bd2aa1105b4c8f6e02d99cf67255fa07f3a99e06f001c50267f965bb26d0
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/css?family=Fira+Sans:400,400i,500,700
Origin
https://isromainelettucesafe.com
Sec-Fetch-Dest
font
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Tue, 10 Mar 2020 17:00:53 GMT
x-content-type-options
nosniff
last-modified
Mon, 22 Jul 2019 19:22:40 GMT
server
sffe
age
352192
content-type
font/woff2
status
200
alt-svc
quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
access-control-allow-origin
*
content-length
15448
x-xss-protection
0
expires
Wed, 10 Mar 2021 17:00:53 GMT
analytics.js
www.google-analytics.com/
44 KB
18 KB
Script
General
Full URL
https://www.google-analytics.com/analytics.js
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=UA-79539454-5
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:817::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
eaf1b128b927ac2868755cb7366d35554255c8af362235afe270f9614f8c806d
Security Headers
Name Value
Strict-Transport-Security max-age=10886400; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://isromainelettucesafe.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest
script

Response headers

strict-transport-security
max-age=10886400; includeSubDomains; preload
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Thu, 06 Feb 2020 00:21:02 GMT
server
Golfe2
age
730
date
Sat, 14 Mar 2020 18:38:35 GMT
vary
Accept-Encoding
content-type
text/javascript
status
200
cache-control
public, max-age=7200
alt-svc
quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length
18174
expires
Sat, 14 Mar 2020 20:38:35 GMT
collect
www.google-analytics.com/r/
35 B
109 B
Image
General
Full URL
https://www.google-analytics.com/r/collect?v=1&_v=j81&a=207209483&t=pageview&_s=1&dl=https%3A%2F%2Fisromainelettucesafe.com%2F&ul=en-us&de=UTF-8&dt=Is%20Romaine%20Lettuce%20Safe%3F&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=IEBAAUAB~&jid=1019046764&gjid=1263656439&cid=21413374.1584211846&tid=UA-79539454-5&_gid=144796302.1584211846&_r=1&gtm=2ou340&z=459021317
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:817::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://isromainelettucesafe.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest
image

Response headers

pragma
no-cache
date
Sat, 14 Mar 2020 18:50:45 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
access-control-allow-origin
*
content-type
image/gif
status
200
cache-control
no-cache, no-store, must-revalidate
alt-svc
quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length
35
expires
Fri, 01 Jan 1990 00:00:00 GMT

Verdicts & Comments Add Verdict or Comment

15 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| onformdata object| onpointerrawupdate object| __cfQR function| gtag object| dataLayer object| google_tag_manager function| ScrollReveal object| sr boolean| __cfRLUnblockHandlers string| GoogleAnalyticsObject function| ga object| google_tag_data object| gaplugins object| gaGlobal object| gaData

1 Cookies

Domain/Path Name / Value
.isromainelettucesafe.com/ Name: __cfduid
Value: d9c0c17f45ac883d07027100b38892a131584211844