isromainelettucesafe.com Open in urlscan Pro
2606:4700:3030::681f:48f6 Public Scan

Go To Rescan
Add Verdict Report

URL:
https://isromainelettucesafe.com/
Submission: On March 14 via automatic, source certstream-suspicious (March 14th 2020, 6:51:01 pm UTC)

Summary HTTP 14 Redirects Links 1 Behaviour Indicators

Summary

This website contacted 8 IPs in 2 countries across 8 domains to perform 14 HTTP transactions. The main IP is 2606:4700:3030::681f:48f6, located in United States and belongs to CLOUDFLARENET, US. The main domain is isromainelettucesafe.com.
TLS certificate: Issued by CloudFlare Inc ECC CA-2 on May 2nd 2019. Valid for: a year.

This is the only time isromainelettucesafe.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
1	2606:4700:303... 2606:4700:3030::681f:48f6	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	2a00:1450:400... 2a00:1450:4001:808::200a	15169 (GOOGLE) (GOOGLE)
3	13.224.197.58 13.224.197.58	16509 (AMAZON-02) (AMAZON-02)
1	2606:4700::68... 2606:4700::6811:4104	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	2606:4700::68... 2606:4700::6810:7baf	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	2a00:1450:400... 2a00:1450:4001:81d::2008	15169 (GOOGLE) (GOOGLE)
4	2a00:1450:400... 2a00:1450:4001:814::2003	15169 (GOOGLE) (GOOGLE)
2	2a00:1450:400... 2a00:1450:4001:817::200e	15169 (GOOGLE) (GOOGLE)
14	8

1 2606:4700:3030::681f:48f6 (United States)

ASN13335 (CLOUDFLARENET, US)

isromainelettucesafe.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:808::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 13.224.197.58 (Seattle, United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-224-197-58.fra2.r.cloudfront.net

d1qmdf3vop2l07.cloudfront.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700::6811:4104 (United States)

ASN13335 (CLOUDFLARENET, US)

ajax.cloudflare.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700::6810:7baf (United States)

ASN13335 (CLOUDFLARENET, US)

unpkg.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:81d::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.googletagmanager.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2a00:1450:4001:814::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:817::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
4	gstatic.com fonts.gstatic.com	61 KB
3	cloudfront.net d1qmdf3vop2l07.cloudfront.net	44 KB
2	google-analytics.com www.google-analytics.com	18 KB
1	googletagmanager.com www.googletagmanager.com	28 KB
1	unpkg.com unpkg.com	6 KB
1	cloudflare.com ajax.cloudflare.com	4 KB
1	googleapis.com fonts.googleapis.com	931 B
1	isromainelettucesafe.com isromainelettucesafe.com	4 KB
14	8

	Domain	Requested by
4	fonts.gstatic.com	isromainelettucesafe.com
3	d1qmdf3vop2l07.cloudfront.net	isromainelettucesafe.com ajax.cloudflare.com
2	www.google-analytics.com	www.googletagmanager.com
1	www.googletagmanager.com	ajax.cloudflare.com
1	unpkg.com	ajax.cloudflare.com
1	ajax.cloudflare.com	isromainelettucesafe.com
1	fonts.googleapis.com	isromainelettucesafe.com
1	isromainelettucesafe.com
14	8

This site contains links to these domains. Also see Links.

Domain
www.cdc.gov

Subject Issuer	Validity	Valid
isromainelettucesafe.com CloudFlare Inc ECC CA-2	`2019-05-02` - `2020-05-02`	a year	crt.sh
*.storage.googleapis.com GTS CA 1O1	`2020-02-25` - `2020-05-19`	3 months	crt.sh
*.cloudfront.net DigiCert Global CA G2	`2019-07-17` - `2020-07-05`	a year	crt.sh
cloudflare.com CloudFlare Inc ECC CA-2	`2020-01-07` - `2020-10-09`	9 months	crt.sh
ssl714328.cloudflaressl.com COMODO ECC Domain Validation Secure Server CA 2	`2020-02-18` - `2020-08-26`	6 months	crt.sh
*.google-analytics.com GTS CA 1O1	`2020-02-25` - `2020-05-19`	3 months	crt.sh
*.google.com GTS CA 1O1	`2020-02-25` - `2020-05-19`	3 months	crt.sh

This page contains 1 frames:

Primary Page: https://isromainelettucesafe.com/
Frame ID: A7F9EB8EE4CFAAA4A139D32963588392
Requests: 14 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Detected technologies

CloudFlare (CDN) Expand

Overall confidence: 100%
Detected patterns

headers server /^cloudflare$/i

Google Analytics (Analytics) Expand

Overall confidence: 100%
Detected patterns

script /google-analytics\.com\/(?:ga|urchin|analytics)\.js/i

Google Font API (Font Scripts) Expand

Overall confidence: 100%
Detected patterns

html /<link[^>]* href=[^>]+fonts\.(?:googleapis|google)\.com/i

scrollreveal (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

script /scrollreveal(?:\.min)(?:\.js)/i

Page Statistics

14
Requests

100 %
HTTPS

88 %
IPv6

8
Domains

8
Subdomains

8
IPs

2
Countries

166 kB
Transfer

289 kB
Size

1
Cookies

1 Outgoing links

These are links going to different origins than the main page.

URL: https://www.cdc.gov/ecoli/2018/o157h7-11-18/index.html
Title: Read more here.

Search URL Search Domain Scan URL

Redirected requests

There were HTTP redirect chains for the following requests:

14 HTTP transactions
0 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2 200 Primary Request / Show response
isromainelettucesafe.com/ 17 KB
4 KB 509ms
438ms Document
text/html 2606:4700:3030::681f:48f6
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://isromainelettucesafe.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3030::681f:48f6 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 22a365edf2e168f8fdd8865666c43e5e7d76eab56f5d674d2aa249e0c811bbe3

Request headers

:method: GET
:authority: isromainelettucesafe.com
:scheme: https
:path: /
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
sec-fetch-dest: document
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: none
sec-fetch-mode: navigate
sec-fetch-user: ?1
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: document

Response headers

status: 200
date: Sat, 14 Mar 2020 18:50:45 GMT
content-type: text/html; charset=utf-8
set-cookie: __cfduid=d9c0c17f45ac883d07027100b38892a131584211844; expires=Mon, 13-Apr-20 18:50:44 GMT; path=/; domain=.isromainelettucesafe.com; HttpOnly; SameSite=Lax; Secure
cc-stable-domain: spring-resonance.cloudvent.net
cache-control: s-maxage=2419200, max-age=0, must-revalidate, public
last-modified: Wed Nov 28 2018 15:51:38 GMT+0000 (UTC)
vary: Accept-Encoding
age: 300883
access-control-allow-headers: X-CSRF-Token
access-control-allow-origin: *
cc-cache-status: HIT
cf-cache-status: DYNAMIC
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
server: cloudflare
cf-ray: 57402e9e2d699760-FRA
content-encoding: br

GET
H2 200 css
fonts.googleapis.com/ 10 KB
931 B 18ms
15ms Stylesheet
text/css 2a00:1450:4001:808::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Fira+Sans:400,400i,500,700

Requested by

Host: isromainelettucesafe.com
URL: https://isromainelettucesafe.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:808::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

8c4fa83f92100cb28a531241f1cfef547d59b78d0cc7c5eb9e7134708a080004

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://isromainelettucesafe.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: style

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
x-content-type-options: nosniff
status: 200
alt-svc: quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
x-xss-protection: 0
last-modified: Sat, 14 Mar 2020 18:50:45 GMT
server: ESF
date: Sat, 14 Mar 2020 18:50:45 GMT
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Sat, 14 Mar 2020 18:50:45 GMT

GET
H2 200 d778812a369393287dcf539ffb669666.css
d1qmdf3vop2l07.cloudfront.net/spring-resonance.cloudvent.net/compressed/ 16 KB
5 KB 393ms
346ms Stylesheet
text/css 13.224.197.58
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://d1qmdf3vop2l07.cloudfront.net/spring-resonance.cloudvent.net/compressed/d778812a369393287dcf539ffb669666.css
Requested by: Host: isromainelettucesafe.com
URL: https://isromainelettucesafe.com/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 13.224.197.58 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-224-197-58.fra2.r.cloudfront.net
Software: nginx /
Resource Hash: 8837b8f5d63d409d64683ed40c70534668ad3a6061c2fa8010e7eb1825ce59b9

Request headers

Referer: https://isromainelettucesafe.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: style

Response headers

date: Sat, 14 Mar 2020 18:50:45 GMT
content-encoding: gzip
age: 0
x-cache: Miss from cloudfront
status: 200
via: 1.1 7a3193ebce69450274ae629ce856b09d.cloudfront.net (CloudFront)
last-modified: Wed, 21 Nov 2018 05:01:22 GMT
server: nginx
etag: "d778812a369393287dcf539ffb669666"
vary: Accept-Encoding,Accept-Encoding
access-control-allow-methods: GET
content-type: text/css
access-control-allow-origin: *
cache-control: max-age=31557600, public
x-amz-cf-pop: FRA2-C1
accept-ranges: bytes
access-control-allow-headers: X-CSRF-Token
x-amz-cf-id: 1BM1SUSxncrmRS41WqMVgA0SO2rmHGpxRHrlOzN0EvZ0uUAnyQi4sQ==
cc-cache-status: MISS
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 a826411a788898e4db040d57bedcc02e.jpg
d1qmdf3vop2l07.cloudfront.net/spring-resonance.cloudvent.net/compressed/ 38 KB
38 KB 408ms
362ms Image
image/jpeg 13.224.197.58
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://d1qmdf3vop2l07.cloudfront.net/spring-resonance.cloudvent.net/compressed/a826411a788898e4db040d57bedcc02e.jpg
Requested by: Host: isromainelettucesafe.com
URL: https://isromainelettucesafe.com/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 13.224.197.58 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-224-197-58.fra2.r.cloudfront.net
Software: nginx /
Resource Hash: 6bbd73f509a1c7dfb3d3523bc1435a697bd415abe3c93c01220c9880ed7878e9

Request headers

Referer: https://isromainelettucesafe.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: image

Response headers

date: Sat, 14 Mar 2020 18:50:45 GMT
via: 1.1 7a3193ebce69450274ae629ce856b09d.cloudfront.net (CloudFront)
age: 0
x-cache: Miss from cloudfront
status: 200
content-length: 38648
last-modified: Wed, 21 Nov 2018 04:51:04 GMT
server: nginx
etag: "a826411a788898e4db040d57bedcc02e"
vary: Accept-Encoding
access-control-allow-methods: GET
content-type: image/jpeg
access-control-allow-origin: *
cache-control: max-age=31557600, public
x-amz-cf-pop: FRA2-C1
accept-ranges: bytes
access-control-allow-headers: X-CSRF-Token
x-amz-cf-id: HZsH94KR4XQCZDxsK5RTQioR2PEdU7jBQX1XhbBZs8WeXGSlhGVtuw==
cc-cache-status: MISS
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 rocket-loader.min.js Show response
ajax.cloudflare.com/cdn-cgi/scripts/7089c43e/cloudflare-static/ 12 KB
4 KB 11ms
8ms Script
application/javascript 2606:4700::6811:4104
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://ajax.cloudflare.com/cdn-cgi/scripts/7089c43e/cloudflare-static/rocket-loader.min.js

Requested by

Host: isromainelettucesafe.com
URL: https://isromainelettucesafe.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6811:4104 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

b08cdbc2d30e656a86b20f8342428d5863f70f4b30135b4f4061f754ce932f5e

Security Headers

Name	Value
Strict-Transport-Security	max-age=15780000; includeSubDomains
X-Frame-Options	SAMEORIGIN

Request headers

Referer: https://isromainelettucesafe.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: script

Response headers

date: Sat, 14 Mar 2020 18:50:45 GMT
content-encoding: gzip
vary: Accept-Encoding
last-modified: Fri, 06 Mar 2020 12:22:46 GMT
server: cloudflare
etag: W/"5e624096-3016"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
x-frame-options: SAMEORIGIN
content-type: application/javascript
status: 200
cache-control: max-age=172800, public
strict-transport-security: max-age=15780000; includeSubDomains
cf-ray: 57402ea0fa71d6d5-FRA
expires: Mon, 16 Mar 2020 18:50:45 GMT

GET
H2 200 2aa36c686ec5a51d94f0f9989766867d.js Show response
d1qmdf3vop2l07.cloudfront.net/spring-resonance.cloudvent.net/compressed/ 878 B
978 B 389ms
365ms Script
application/javascript 13.224.197.58
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://d1qmdf3vop2l07.cloudfront.net/spring-resonance.cloudvent.net/compressed/2aa36c686ec5a51d94f0f9989766867d.js
Requested by: Host: ajax.cloudflare.com
URL: https://ajax.cloudflare.com/cdn-cgi/scripts/7089c43e/cloudflare-static/rocket-loader.min.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 13.224.197.58 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-224-197-58.fra2.r.cloudfront.net
Software: nginx /
Resource Hash: 2fe77657e98021aae5c3f174acf5a71046c4fdede53fd80e03914a826d143027

Request headers

Referer: https://isromainelettucesafe.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: script

Response headers

date: Sat, 14 Mar 2020 18:50:45 GMT
content-encoding: gzip
age: 0
x-cache: Miss from cloudfront
status: 200
via: 1.1 7a3193ebce69450274ae629ce856b09d.cloudfront.net (CloudFront)
last-modified: Wed, 21 Nov 2018 05:01:22 GMT
server: nginx
etag: W/"2aa36c686ec5a51d94f0f9989766867d"
vary: Accept-Encoding,Accept-Encoding
access-control-allow-methods: GET
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=31557600, public
x-amz-cf-pop: FRA2-C1
accept-ranges: bytes
access-control-allow-headers: X-CSRF-Token
x-amz-cf-id: W7Lrw2f2T6IaRhfqfA8NTjvjD-LMF5ylgkeWeMBDuKOQlqPI61GJ_Q==
cc-cache-status: MISS
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 scrollreveal.min.js Show response
unpkg.com/scrollreveal@4.0.0/dist/ 16 KB
6 KB 45ms
22ms Script
application/javascript 2606:4700::6810:7baf
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://unpkg.com/scrollreveal@4.0.0/dist/scrollreveal.min.js

Requested by

Host: ajax.cloudflare.com
URL: https://ajax.cloudflare.com/cdn-cgi/scripts/7089c43e/cloudflare-static/rocket-loader.min.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6810:7baf , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

9272231d83750052eb424ba589b26945e892c4a8541a1215521c74198b083e33

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://isromainelettucesafe.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: script

Response headers

date: Sat, 14 Mar 2020 18:50:45 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
age: 11054175
status: 200
strict-transport-security: max-age=31536000; includeSubDomains; preload
last-modified: Sat, 26 Oct 1985 08:15:00 GMT
server: cloudflare
etag: W/"4009-olFGSVMkRiWLiX8td2OR9arAZMQ"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
x-cloud-trace-context: 6e2177a66d8c28def1f0f092eb9fe88c
cache-control: public, max-age=31536000
cf-ray: 57402ea139ed3250-FRA

GET
H2 200 js Show response
www.googletagmanager.com/gtag/ 75 KB
28 KB 42ms
42ms Script
application/javascript 2a00:1450:4001:81d::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=UA-79539454-5

Requested by

Host: ajax.cloudflare.com
URL: https://ajax.cloudflare.com/cdn-cgi/scripts/7089c43e/cloudflare-static/rocket-loader.min.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:81d::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

8b78e45ce0f235a7c0bbffd45820185e8ca6236b253acc488250288c5e84675e

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

Referer: https://isromainelettucesafe.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: script

Response headers

date: Sat, 14 Mar 2020 18:50:45 GMT
content-encoding: br
status: 200
strict-transport-security: max-age=31536000; includeSubDomains
alt-svc: quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length: 28540
x-xss-protection: 0
last-modified: Sat, 14 Mar 2020 18:00:00 GMT
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: http://www.googletagmanager.com
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Sat, 14 Mar 2020 18:50:45 GMT

GET
H2 200 va9B4kDNxMZdWfMOD5VnLK3eRhf6Xl7Glw.woff2
fonts.gstatic.com/s/firasans/v10/ 15 KB
15 KB 6ms
6ms Font
font/woff2 2a00:1450:4001:814::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/firasans/v10/va9B4kDNxMZdWfMOD5VnLK3eRhf6Xl7Glw.woff2

Requested by

Host: isromainelettucesafe.com
URL: https://isromainelettucesafe.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:814::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

2c03d09c7c1cf3c86111f528e2d120592aaef6354ceb55c8e406319c30a765ed

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/css?family=Fira+Sans:400,400i,500,700
Origin: https://isromainelettucesafe.com
Sec-Fetch-Dest: font
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Thu, 05 Mar 2020 00:02:31 GMT
x-content-type-options: nosniff
last-modified: Mon, 22 Jul 2019 19:22:08 GMT
server: sffe
age: 845294
content-type: font/woff2
status: 200
alt-svc: quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
access-control-allow-origin: *
content-length: 15372
x-xss-protection: 0
expires: Fri, 05 Mar 2021 00:02:31 GMT

GET
H2 200 va9E4kDNxMZdWfMOD5Vvl4jLazX3dA.woff2
fonts.gstatic.com/s/firasans/v10/ 15 KB
15 KB 7ms
7ms Font
font/woff2 2a00:1450:4001:814::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/firasans/v10/va9E4kDNxMZdWfMOD5Vvl4jLazX3dA.woff2

Requested by

Host: isromainelettucesafe.com
URL: https://isromainelettucesafe.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:814::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

c25407149a8c6d1fb034c5af2d3e00f2d39abc4766125ee810285a22a59f9489

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/css?family=Fira+Sans:400,400i,500,700
Origin: https://isromainelettucesafe.com
Sec-Fetch-Dest: font
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Thu, 27 Feb 2020 09:29:04 GMT
x-content-type-options: nosniff
last-modified: Mon, 22 Jul 2019 19:21:53 GMT
server: sffe
age: 1416101
content-type: font/woff2
status: 200
alt-svc: quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
access-control-allow-origin: *
content-length: 15212
x-xss-protection: 0
expires: Fri, 26 Feb 2021 09:29:04 GMT

GET
H2 200 va9C4kDNxMZdWfMOD5VvkrjJYTLVdlTO.woff2
fonts.gstatic.com/s/firasans/v10/ 15 KB
16 KB 7ms
7ms Font
font/woff2 2a00:1450:4001:814::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/firasans/v10/va9C4kDNxMZdWfMOD5VvkrjJYTLVdlTO.woff2

Requested by

Host: isromainelettucesafe.com
URL: https://isromainelettucesafe.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:814::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

117fb246e78e88869752d0be3b989aab6547f56fa87dfbb6647734ad2b2fbb9a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/css?family=Fira+Sans:400,400i,500,700
Origin: https://isromainelettucesafe.com
Sec-Fetch-Dest: font
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Fri, 06 Mar 2020 09:22:58 GMT
x-content-type-options: nosniff
last-modified: Mon, 22 Jul 2019 19:20:53 GMT
server: sffe
age: 725267
content-type: font/woff2
status: 200
alt-svc: quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
access-control-allow-origin: *
content-length: 15864
x-xss-protection: 0
expires: Sat, 06 Mar 2021 09:22:58 GMT

GET
H2 200 va9B4kDNxMZdWfMOD5VnZKveRhf6Xl7Glw.woff2
fonts.gstatic.com/s/firasans/v10/ 15 KB
15 KB 6ms
6ms Font
font/woff2 2a00:1450:4001:814::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/firasans/v10/va9B4kDNxMZdWfMOD5VnZKveRhf6Xl7Glw.woff2

Requested by

Host: isromainelettucesafe.com
URL: https://isromainelettucesafe.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:814::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

2da7bd2aa1105b4c8f6e02d99cf67255fa07f3a99e06f001c50267f965bb26d0

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/css?family=Fira+Sans:400,400i,500,700
Origin: https://isromainelettucesafe.com
Sec-Fetch-Dest: font
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Tue, 10 Mar 2020 17:00:53 GMT
x-content-type-options: nosniff
last-modified: Mon, 22 Jul 2019 19:22:40 GMT
server: sffe
age: 352192
content-type: font/woff2
status: 200
alt-svc: quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
access-control-allow-origin: *
content-length: 15448
x-xss-protection: 0
expires: Wed, 10 Mar 2021 17:00:53 GMT

GET
H2 200 analytics.js Show response
www.google-analytics.com/ 44 KB
18 KB 6ms
5ms Script
text/javascript 2a00:1450:4001:817::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/analytics.js

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=UA-79539454-5

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:817::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

eaf1b128b927ac2868755cb7366d35554255c8af362235afe270f9614f8c806d

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://isromainelettucesafe.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: script

Response headers

strict-transport-security: max-age=10886400; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Thu, 06 Feb 2020 00:21:02 GMT
server: Golfe2
age: 730
date: Sat, 14 Mar 2020 18:38:35 GMT
vary: Accept-Encoding
content-type: text/javascript
status: 200
cache-control: public, max-age=7200
alt-svc: quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length: 18174
expires: Sat, 14 Mar 2020 20:38:35 GMT

GET
H2 200 collect
www.google-analytics.com/r/ 35 B
109 B 14ms
14ms Image
image/gif 2a00:1450:4001:817::200e
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google-analytics.com/r/collect?v=1&_v=j81&a=207209483&t=pageview&_s=1&dl=https%3A%2F%2Fisromainelettucesafe.com%2F&ul=en-us&de=UTF-8&dt=Is%20Romaine%20Lettuce%20Safe%3F&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=IEBAAUAB~&jid=1019046764&gjid=1263656439&cid=21413374.1584211846&tid=UA-79539454-5&_gid=144796302.1584211846&_r=1&gtm=2ou340&z=459021317

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:817::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://isromainelettucesafe.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: image

Response headers

pragma: no-cache
date: Sat, 14 Mar 2020 18:50:45 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
access-control-allow-origin: *
content-type: image/gif
status: 200
cache-control: no-cache, no-store, must-revalidate
alt-svc: quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length: 35
expires: Fri, 01 Jan 1990 00:00:00 GMT

Verdicts & Comments Add Verdict or Comment

15 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

1 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

			Domain/Path	Expires	Name / Value
			.isromainelettucesafe.com/	1970-01-19 08:46:43	Name: __cfduid Value: d9c0c17f45ac883d07027100b38892a131584211844

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

ajax.cloudflare.com
d1qmdf3vop2l07.cloudfront.net
fonts.googleapis.com
fonts.gstatic.com
isromainelettucesafe.com
unpkg.com
www.google-analytics.com
www.googletagmanager.com
13.224.197.58
2606:4700:3030::681f:48f6
2606:4700::6810:7baf
2606:4700::6811:4104
2a00:1450:4001:808::200a
2a00:1450:4001:814::2003
2a00:1450:4001:817::200e
2a00:1450:4001:81d::2008
117fb246e78e88869752d0be3b989aab6547f56fa87dfbb6647734ad2b2fbb9a
22a365edf2e168f8fdd8865666c43e5e7d76eab56f5d674d2aa249e0c811bbe3
2c03d09c7c1cf3c86111f528e2d120592aaef6354ceb55c8e406319c30a765ed
2da7bd2aa1105b4c8f6e02d99cf67255fa07f3a99e06f001c50267f965bb26d0
2fe77657e98021aae5c3f174acf5a71046c4fdede53fd80e03914a826d143027
6bbd73f509a1c7dfb3d3523bc1435a697bd415abe3c93c01220c9880ed7878e9
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
8837b8f5d63d409d64683ed40c70534668ad3a6061c2fa8010e7eb1825ce59b9
8b78e45ce0f235a7c0bbffd45820185e8ca6236b253acc488250288c5e84675e
8c4fa83f92100cb28a531241f1cfef547d59b78d0cc7c5eb9e7134708a080004
9272231d83750052eb424ba589b26945e892c4a8541a1215521c74198b083e33
b08cdbc2d30e656a86b20f8342428d5863f70f4b30135b4f4061f754ce932f5e
c25407149a8c6d1fb034c5af2d3e00f2d39abc4766125ee810285a22a59f9489
eaf1b128b927ac2868755cb7366d35554255c8af362235afe270f9614f8c806d

isromainelettucesafe.com Open in urlscan Pro 2606:4700:3030::681f:48f6 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Detected technologies

Page Statistics

14 Requests

100 %HTTPS

88 %IPv6

8 Domains

8 Subdomains

8 IPs

2 Countries

166 kBTransfer

289 kBSize

1 Cookies

1 Outgoing links

Redirected requests

14 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 0 data transactions

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Verdicts & Comments Add Verdict or Comment

15 JavaScript Global Variables

1 Cookies

Indicators

isromainelettucesafe.com Open in urlscan Pro
2606:4700:3030::681f:48f6 Public Scan

Screenshot
Live screenshot

Full Image

14
Requests

100 %
HTTPS

88 %
IPv6

8
Domains

8
Subdomains

8
IPs

2
Countries

166 kB
Transfer

289 kB
Size

1
Cookies

14 HTTP transactions
0 data transactions