urlscan.io logo urlscan.io
SecurityTrails logo

leportailfermier.com Open in urlscan Pro
172.67.201.22  Public Scan

Go To Rescan Add Verdict Report
Submitted URL: http://leportailfermier.com/les-arbres-poussent-ils-en-hiver
Effective URL: https://leportailfermier.com/les-arbres-poussent-ils-en-hiver
Submission: On August 18 via api from US — Scanned from DE
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 6 IPs in 4 countries across 7 domains to perform 13 HTTP transactions. The main IP is 172.67.201.22, located in United States and belongs to CLOUDFLARENET, US. The main domain is leportailfermier.com.
TLS certificate: Issued by WE1 on July 29th 2024. Valid for: 3 months.
This is the only time leportailfermier.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
2 172.67.201.22 13335 (CLOUDFLAR...)
2 188.114.97.9 13335 (CLOUDFLAR...)
1 101.99.75.138 45839 (SHINJIRU-...)
5 11 2a02:6b8::1:119 13238 (YANDEX)
1 172.67.144.219 13335 (CLOUDFLAR...)
1 172.67.164.190 13335 (CLOUDFLAR...)
13 6
2    172.67.201.22 (United States)

ASN13335 (CLOUDFLARENET, US)
leportailfermier.com
2    188.114.97.9 (Amsterdam, Netherlands)

ASN13335 (CLOUDFLARENET, US)
flow.recordsbluemountain.com
1    101.99.75.138 (Malaysia)

ASN45839 (SHINJIRU-MY-AS-AP Shinjiru Technology Sdn Bhd, MY)
PTR: server1.kamon.la
cache.cloudswiftcdn.com
11    2a02:6b8::1:119 (Moscow, Russian Federation)

ASN13238 (YANDEX, RU)
mc.yandex.ru
mc.yandex.com
1    172.67.144.219 (United States)

ASN13335 (CLOUDFLARENET, US)
records.perfectlinestarter.com
1    172.67.164.190 (United States)

ASN13335 (CLOUDFLARENET, US)
wave.rdntocdns.com
Apex Domain
Subdomains		 Transfer
6 yandex.com
mc.yandex.com — Cisco Umbrella Rank: 6787
4 KB
5 yandex.ru
mc.yandex.ru — Cisco Umbrella Rank: 2503
72 KB
2 recordsbluemountain.com
flow.recordsbluemountain.com
2 KB
2 leportailfermier.com
leportailfermier.com
10 KB
1 rdntocdns.com
wave.rdntocdns.com
15 KB
1 perfectlinestarter.com
records.perfectlinestarter.com
7 KB
1 cloudswiftcdn.com
cache.cloudswiftcdn.com
1 KB
13 7
Domain Requested by
6 mc.yandex.com 3 redirects leportailfermier.com
mc.yandex.ru
5 mc.yandex.ru 2 redirects cache.cloudswiftcdn.com
leportailfermier.com
2 flow.recordsbluemountain.com leportailfermier.com
wave.rdntocdns.com
2 leportailfermier.com
1 wave.rdntocdns.com records.perfectlinestarter.com
1 records.perfectlinestarter.com leportailfermier.com
1 cache.cloudswiftcdn.com leportailfermier.com
13 7

This site contains no links.

Subject Issuer Validity Valid
leportailfermier.com
WE1		 2024-07-29 -
2024-10-27		 3 months crt.sh
recordsbluemountain.com
WE1		 2024-07-17 -
2024-10-15		 3 months crt.sh
cache.cloudswiftcdn.com
R11		 2024-07-31 -
2024-10-29		 3 months crt.sh
mc.yandex.ru
GlobalSign ECC OV SSL CA 2018		 2024-05-23 -
2024-11-02		 5 months crt.sh
perfectlinestarter.com
WE1		 2024-07-14 -
2024-10-12		 3 months crt.sh
rdntocdns.com
WE1		 2024-07-31 -
2024-10-29		 3 months crt.sh

This page contains 2 frames:

Primary Page: https://leportailfermier.com/les-arbres-poussent-ils-en-hiver
Frame ID: 493379ADDE1D3FCEEEEC682B1DDD987A
Requests: 12 HTTP requests in this frame

Frame: https://mc.yandex.com/metrika/metrika_match.html
Frame ID: 773D4699068F769C8A96FB936C5E334F
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page URL History Show full URLs

  1. http://leportailfermier.com/les-arbres-poussent-ils-en-hiver HTTP 307
    https://leportailfermier.com/les-arbres-poussent-ils-en-hiver Page URL

Detected technologies

Overall confidence: 100%
Detected patterns
  • mc\.yandex\.ru/metrika/(?:tag|watch)\.js

Page Statistics

13
Requests

77 %
HTTPS

17 %
IPv6

7
Domains

7
Subdomains

6
IPs

4
Countries

108 kB
Transfer

279 kB
Size

23
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. http://leportailfermier.com/les-arbres-poussent-ils-en-hiver HTTP 307
    https://leportailfermier.com/les-arbres-poussent-ils-en-hiver Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 3
  • https://mc.yandex.ru/watch/96299872 HTTP 302
  • https://mc.yandex.ru/watch/96299872/1?redirnss=1
Request Chain 7
  • https://mc.yandex.com/sync_cookie_image_check HTTP 302
  • https://mc.yandex.ru/sync_cookie_image_start?redirect_domain=mc.yandex.com&token=10464._6Jitg-aFpHMSMdtEuVi2hE2hgH_F1UfsSxNjVaYJMSD_PMeNRaE9QFfdFV64AES.xOAIrRqG5FVdAmS92biGi0GKK4o%2C HTTP 302
  • https://mc.yandex.com/sync_cookie_image_decide?token=10464.V8pJzEJT6SKnjKAQ8jM4GY5b8biUKvyhOM-uMnAkkQrPZK27Gx3OC2e6w7ofyxEK4S5QGdJ4HjdiUFu1snGpd4jMuj7O1fmJkbEj8e2UdDE8EnuTFliBrhdm7pDff-Ku5CA18B9na5Uk0o683CB1GQeJ8nK0fPdrb0a3JbWvFQpGHvIZ-tYDeTGjWKZsZPgOE9sJ5_6Cbn2j5gSgbemU9agkRntbsGY7UwMaFhiJqqE%2C.dlx7t5B3LjUU93qT-h3hNQ65sSo%2C HTTP 302
  • https://mc.yandex.ru/sync_cookie_image_finish?redirect_domain=mc.yandex.com&token=10464.7eGzEc8MBrowmarr_fj7-r4gbwkPA01dFlC3WydMtW-xem8gptJT71zf9hg_knZMKaThEn9BXDlxyfNqCFiFB-YM93roBhNEzbSNOKNLwAOcG9Qh-hTg8rmKggfdNSf7hbb0q5D4WNGRvglFjxiwUWMtQFNZBpgFqrT0mKVTsn4O6Rer9OCyA9_vZBd948ZlhAl8W-29-M_m21e6MZ-DYg%2C%2C.KXtt8Nx5Y-RcBi48bEiEQYQRHhQ%2C
Request Chain 10
  • https://mc.yandex.com/watch/96299872?wmode=7&page-url=https%3A%2F%2Fleportailfermier.com%2Fles-arbres-poussent-ils-en-hiver&charset=utf-8&uah=chm%0A%3F0&browser-info=pv%3A1%3Avf%3Acstsejpcztnbm4xas7mgj8ug9n%3Afu%3A0%3Aen%3Autf-8%3Ala%3Ade-DE%3Av%3A1410%3Acn%3A1%3Adp%3A0%3Als%3A1059811796645%3Ahid%3A946499211%3Az%3A120%3Ai%3A20240818033327%3Aet%3A1723944808%3Ac%3A1%3Arn%3A792706400%3Arqn%3A1%3Au%3A1723944808144990324%3Aw%3A1600x1200%3As%3A1600x1200x24%3Ask%3A1%3Awv%3A2%3Ads%3A39%2C15%2C121%2C108%2C4%2C0%2C%2C275%2C0%2C%2C%2C%2C564%3Aco%3A0%3Acpf%3A1%3Ans%3A1723944806858%3Aadb%3A2%3Arqnl%3A1%3Ast%3A1723944808%3At%3A&t=gdpr(14)clc(0-0-0)rqnt(1)aw(1)rcm(1)cdl(na)eco(21037572)ti(1) HTTP 302
  • https://mc.yandex.com/watch/96299872/1?wmode=7&page-url=https%3A%2F%2Fleportailfermier.com%2Fles-arbres-poussent-ils-en-hiver&charset=utf-8&uah=chm%0A%3F0&browser-info=pv%3A1%3Avf%3Acstsejpcztnbm4xas7mgj8ug9n%3Afu%3A0%3Aen%3Autf-8%3Ala%3Ade-DE%3Av%3A1410%3Acn%3A1%3Adp%3A0%3Als%3A1059811796645%3Ahid%3A946499211%3Az%3A120%3Ai%3A20240818033327%3Aet%3A1723944808%3Ac%3A1%3Arn%3A792706400%3Arqn%3A1%3Au%3A1723944808144990324%3Aw%3A1600x1200%3As%3A1600x1200x24%3Ask%3A1%3Awv%3A2%3Ads%3A39%2C15%2C121%2C108%2C4%2C0%2C%2C275%2C0%2C%2C%2C%2C564%3Aco%3A0%3Acpf%3A1%3Ans%3A1723944806858%3Aadb%3A2%3Arqnl%3A1%3Ast%3A1723944808%3At%3A&t=gdpr%2814%29clc%280-0-0%29rqnt%281%29aw%281%29rcm%281%29cdl%28na%29eco%2821037572%29ti%281%29

13 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Primary Request les-arbres-poussent-ils-en-hiver
leportailfermier.com/
Redirect Chain
  • http://leportailfermier.com/les-arbres-poussent-ils-en-hiver
  • https://leportailfermier.com/les-arbres-poussent-ils-en-hiver
11 KB
5 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://leportailfermier.com/les-arbres-poussent-ils-en-hiver
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.67.201.22 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b8b2d41c9b8a8a8ea99b56d611ebc5188c03fcf398cf53981ce85e25ac868645

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

alt-svc
h3=":443"; ma=86400
cf-cache-status
DYNAMIC
cf-ray
8b4e27e34b023815-FRA
content-encoding
br
content-type
text/html; charset=UTF-8
date
Sun, 18 Aug 2024 01:33:27 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=fem%2FKhLj5vFTDhIjoIcTdaTefJ2vcrEqqCpr2NPYTskDGVchzUOvgmdDUAiGdpK1XfrSjRNrJ%2Bukh3M7pQmcGkB8r5h9oxocwHO7Lcuh5n21YQ44j6yZiRP%2BKzcbwHbhX3wB2BsBFA%3D%3D"}],"group":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding

Redirect headers

Location
https://leportailfermier.com/les-arbres-poussent-ils-en-hiver
Non-Authoritative-Reason
HttpsUpgrades
WFnwB6
flow.recordsbluemountain.com/ 		0
809 B 		Script
General
Check archive.org
Download Go to
Full URL
https://flow.recordsbluemountain.com/WFnwB6?&se_referrer=&default_keyword=&&_cid=c31797c3-1a2f-5188-d1c0-97e3c0fa52f6&frm=script
Requested by
Host: leportailfermier.com
URL: https://leportailfermier.com/les-arbres-poussent-ils-en-hiver
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
188.114.97.9 Amsterdam, Netherlands, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / PHP/7.4.33
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://leportailfermier.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date
Sun, 18 Aug 2024 01:33:27 GMT
cf-cache-status
DYNAMIC
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
x-powered-by
PHP/7.4.33
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=FgAUyxQLIU0pGsZwHhmb7BmGjTBkyPbWILHEZTBF%2FKvUCb8ujXuO19Yog%2FsPphPGMa0UGYToHKXwhzk18jZuqGemUur86OY40T%2BEy4TIMwBdEdges63PYTYPDgcxuNE9t6trYcjyMZE8l4MpdCAA"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate
cf-ray
8b4e27e49fc09010-FRA
alt-svc
h3=":443"; ma=86400
content-length
0
expires
Sun, 18 Aug 2024 01:33:27 GMT
/
cache.cloudswiftcdn.com/ 		1 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cache.cloudswiftcdn.com/
Requested by
Host: leportailfermier.com
URL: https://leportailfermier.com/les-arbres-poussent-ils-en-hiver
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
101.99.75.138 , Malaysia, ASN45839 (SHINJIRU-MY-AS-AP Shinjiru Technology Sdn Bhd, MY),
Reverse DNS
server1.kamon.la
Software
nginx/1.18.0 (Ubuntu) /
Resource Hash
aab06f07d645295baa4c503c0b7f40972b3e4678b27aae74171b6177ce4f1c33

Request headers

Referer
https://leportailfermier.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

Date
Sun, 18 Aug 2024 01:33:27 GMT
Server
nginx/1.18.0 (Ubuntu)
Connection
keep-alive
Transfer-Encoding
chunked
Content-Type
application/javascript; charset=UTF-8
tag.js
mc.yandex.ru/metrika/ 		202 KB
70 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://mc.yandex.ru/metrika/tag.js
Requested by
Host: cache.cloudswiftcdn.com
URL: https://cache.cloudswiftcdn.com/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:6b8::1:119 Moscow, Russian Federation, ASN13238 (YANDEX, RU),
Reverse DNS
Software
/
Resource Hash
dca271e5c10ab729dbf7e10ccb7c82ba4b87625a821dd4bd640279b6807f2033
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

Referer
https://leportailfermier.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date
Sun, 18 Aug 2024 01:33:27 GMT
strict-transport-security
max-age=31536000
content-encoding
br
last-modified
Tue, 06 Aug 2024 09:26:33 GMT
accept-ch
Sec-CH-UA-Bitness, Sec-CH-UA-Arch, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Platform, Sec-CH-UA, UA-Bitness, UA-Arch, UA-Full-Version, UA-Mobile, UA-Model, UA-Platform-Version, UA-Platform, UA
etag
"66b1ec49-11660"
content-type
application/javascript
access-control-allow-origin
*
cache-control
max-age=3600
timing-allow-origin
*
content-length
71264
expires
Sun, 18 Aug 2024 02:33:27 GMT
1
mc.yandex.ru/watch/96299872/
Redirect Chain
  • https://mc.yandex.ru/watch/96299872
  • https://mc.yandex.ru/watch/96299872/1?redirnss=1
43 B
84 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://mc.yandex.ru/watch/96299872/1?redirnss=1
Requested by
Host: leportailfermier.com
URL: https://leportailfermier.com/les-arbres-poussent-ils-en-hiver
Protocol
H2
Server
2a02:6b8::1:119 Moscow, Russian Federation, ASN13238 (YANDEX, RU),
Reverse DNS
Software
/
Resource Hash
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Xss-Protection 1; mode=block

Request headers

Referer
https://leportailfermier.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 18 Aug 2024 01:33:27 GMT
strict-transport-security
max-age=31536000
last-modified
Sun, 18-Aug-2024 01:33:27 GMT
accept-ch
Sec-CH-UA-Bitness, Sec-CH-UA-Arch, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Platform, Sec-CH-UA, UA-Bitness, UA-Arch, UA-Full-Version, UA-Mobile, UA-Model, UA-Platform-Version, UA-Platform, UA
content-type
image/gif
cache-control
private, no-cache, no-store, must-revalidate, max-age=0
content-length
43
x-xss-protection
1; mode=block
expires
Sun, 18-Aug-2024 01:33:27 GMT

Redirect headers

pragma
no-cache
date
Sun, 18 Aug 2024 01:33:27 GMT
strict-transport-security
max-age=31536000
last-modified
Sun, 18-Aug-2024 01:33:27 GMT
accept-ch
Sec-CH-UA-Bitness, Sec-CH-UA-Arch, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Platform, Sec-CH-UA, UA-Bitness, UA-Arch, UA-Full-Version, UA-Mobile, UA-Model, UA-Platform-Version, UA-Platform, UA
location
/watch/96299872/1?redirnss=1
cache-control
private, no-cache, no-store, must-revalidate, max-age=0
x-xss-protection
1; mode=block
expires
Sun, 18-Aug-2024 01:33:27 GMT
turn.js
records.perfectlinestarter.com/scripts/ 		16 KB
7 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://records.perfectlinestarter.com/scripts/turn.js
Requested by
Host: leportailfermier.com
URL: https://leportailfermier.com/les-arbres-poussent-ils-en-hiver
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.67.144.219 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
aa986bc52b8410a764fe32b4ce6c2ce81f69c55219780fa39c03c5ede3817935

Request headers

Referer
https://leportailfermier.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date
Sun, 18 Aug 2024 01:33:27 GMT
content-encoding
gzip
cf-cache-status
HIT
last-modified
Fri, 02 Aug 2024 14:37:59 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
age
1335258
etag
W/"66acef47-410c"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=fjoKPTrjolvERNtg4KzfqhnrQf8lEZyIwIuKzE6OvcDB0LpED9Ga375iU4NI8pppMfzHHO3c7FnUaWlUbRHk7CmGbvY5wyrWvcBcqDwIMnXKRyWFSlVJ59pzjug8Go303fgbOtnDXwYUW6X0JGgCtR4%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript; charset=utf-8
cache-control
max-age=315360000
cf-ray
8b4e27e69bef1cc3-FRA
alt-svc
h3=":443"; ma=86400
expires
Thu, 31 Dec 2037 23:55:55 GMT
inputs.js
wave.rdntocdns.com/rps/ 		37 KB
15 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://wave.rdntocdns.com/rps/inputs.js
Requested by
Host: records.perfectlinestarter.com
URL: https://records.perfectlinestarter.com/scripts/turn.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.67.164.190 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
2074758a7dd10c06f9ae635adad8fd4882ef09c52e8cb2ff54f41c5b24877b8b

Request headers

Referer
https://leportailfermier.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date
Sun, 18 Aug 2024 01:33:27 GMT
content-encoding
gzip
cf-cache-status
HIT
last-modified
Fri, 02 Aug 2024 14:19:30 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
age
1335951
etag
W/"66aceaf2-931f"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=6UvQ3lqFh8vaCb3SjNiPgqODR%2FoWG7%2Fp0aLOPWx4chasqmXfCK2NzM2BeMRZRByZ05b53ogXqsAdcpJDXq4Mu1WuUvx8JlTQFjzlGOySgusvhVZWVflmiZU6U3xRCW5bDWxhgXs%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript; charset=utf-8
cache-control
max-age=315360000
cf-ray
8b4e27e70e4da070-FRA
alt-svc
h3=":443"; ma=86400
expires
Thu, 31 Dec 2037 23:55:55 GMT
8YkzBStf
flow.recordsbluemountain.com/ 		0
770 B 		Script
General
Check archive.org
Download Go to
Full URL
https://flow.recordsbluemountain.com/8YkzBStf?q=leportailfermier.com
Requested by
Host: wave.rdntocdns.com
URL: https://wave.rdntocdns.com/rps/inputs.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
188.114.97.9 Amsterdam, Netherlands, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / PHP/7.4.33
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://leportailfermier.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date
Sun, 18 Aug 2024 01:33:27 GMT
cf-cache-status
DYNAMIC
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
x-powered-by
PHP/7.4.33
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=dR8a3fSFxZXcDGa1CLT4fwyYRGW%2BWQ%2F98lYPyWviJdmb13tUBHur3CoEzkS5BsdulmlO4mCRNNfSzOZ%2Fy2tPh9MsoaxZ8nuwY8WAMH5eqtz6DRMZ9fvgEaRAmG1uaseEuiucFmREn%2FeXOTQx5Zlp"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate
cf-ray
8b4e27e778e49010-FRA
alt-svc
h3=":443"; ma=86400
content-length
0
expires
Sun, 18 Aug 2024 01:33:27 GMT
sync_cookie_image_finish
mc.yandex.ru/
Redirect Chain
  • https://mc.yandex.com/sync_cookie_image_check
  • https://mc.yandex.ru/sync_cookie_image_start?redirect_domain=mc.yandex.com&token=10464._6Jitg-aFpHMSMdtEuVi2hE2hgH_F1UfsSxNjVaYJMSD_PMeNRaE9QFfdFV64AES.xOAIrRqG5FVdAmS92biGi0GKK4o%2C
  • https://mc.yandex.com/sync_cookie_image_decide?token=10464.V8pJzEJT6SKnjKAQ8jM4GY5b8biUKvyhOM-uMnAkkQrPZK27Gx3OC2e6w7ofyxEK4S5QGdJ4HjdiUFu1snGpd4jMuj7O1fmJkbEj8e2UdDE8EnuTFliBrhdm7pDff-Ku5CA18B9na5...
  • https://mc.yandex.ru/sync_cookie_image_finish?redirect_domain=mc.yandex.com&token=10464.7eGzEc8MBrowmarr_fj7-r4gbwkPA01dFlC3WydMtW-xem8gptJT71zf9hg_knZMKaThEn9BXDlxyfNqCFiFB-YM93roBhNEzbSNOKNLwAOcG...
43 B
651 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://mc.yandex.ru/sync_cookie_image_finish?redirect_domain=mc.yandex.com&token=10464.7eGzEc8MBrowmarr_fj7-r4gbwkPA01dFlC3WydMtW-xem8gptJT71zf9hg_knZMKaThEn9BXDlxyfNqCFiFB-YM93roBhNEzbSNOKNLwAOcG9Qh-hTg8rmKggfdNSf7hbb0q5D4WNGRvglFjxiwUWMtQFNZBpgFqrT0mKVTsn4O6Rer9OCyA9_vZBd948ZlhAl8W-29-M_m21e6MZ-DYg%2C%2C.KXtt8Nx5Y-RcBi48bEiEQYQRHhQ%2C
Requested by
Host: leportailfermier.com
URL: https://leportailfermier.com/les-arbres-poussent-ils-en-hiver
Protocol
H2
Server
2a02:6b8::1:119 Moscow, Russian Federation, ASN13238 (YANDEX, RU),
Reverse DNS
Software
/
Resource Hash
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Xss-Protection 1; mode=block

Request headers

Referer
https://leportailfermier.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date
Sun, 18 Aug 2024 01:33:28 GMT
strict-transport-security
max-age=31536000
content-length
43
x-xss-protection
1; mode=block
content-type
image/gif

Redirect headers

location
https://mc.yandex.ru/sync_cookie_image_finish?redirect_domain=mc.yandex.com&token=10464.7eGzEc8MBrowmarr_fj7-r4gbwkPA01dFlC3WydMtW-xem8gptJT71zf9hg_knZMKaThEn9BXDlxyfNqCFiFB-YM93roBhNEzbSNOKNLwAOcG9Qh-hTg8rmKggfdNSf7hbb0q5D4WNGRvglFjxiwUWMtQFNZBpgFqrT0mKVTsn4O6Rer9OCyA9_vZBd948ZlhAl8W-29-M_m21e6MZ-DYg%2C%2C.KXtt8Nx5Y-RcBi48bEiEQYQRHhQ%2C
strict-transport-security
max-age=31536000
date
Sun, 18 Aug 2024 01:33:27 GMT
x-xss-protection
1; mode=block
advert.gif
mc.yandex.com/metrika/ 		43 B
840 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://mc.yandex.com/metrika/advert.gif
Requested by
Host: leportailfermier.com
URL: https://leportailfermier.com/les-arbres-poussent-ils-en-hiver
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:6b8::1:119 Moscow, Russian Federation, ASN13238 (YANDEX, RU),
Reverse DNS
Software
/
Resource Hash
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

Referer
https://leportailfermier.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date
Sun, 18 Aug 2024 01:33:27 GMT
strict-transport-security
max-age=31536000
last-modified
Tue, 06 Aug 2024 09:26:33 GMT
accept-ch
Sec-CH-UA-Bitness, Sec-CH-UA-Arch, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Platform, Sec-CH-UA, UA-Bitness, UA-Arch, UA-Full-Version, UA-Mobile, UA-Model, UA-Platform-Version, UA-Platform, UA
etag
"66b1ec49-2b"
content-type
image/gif
access-control-allow-origin
*
cache-control
max-age=3600
accept-ranges
bytes
timing-allow-origin
*
content-length
43
expires
Sun, 18 Aug 2024 02:33:27 GMT
metrika_match.html
mc.yandex.com/metrika/ Frame 773D 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://mc.yandex.com/metrika/metrika_match.html
Requested by
Host: mc.yandex.ru
URL: https://mc.yandex.ru/metrika/tag.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:6b8::1:119 Moscow, Russian Federation, ASN13238 (YANDEX, RU),
Reverse DNS
Software
/
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

Referer
https://leportailfermier.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

accept-ch
Sec-CH-UA-Bitness, Sec-CH-UA-Arch, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Platform, Sec-CH-UA, UA-Bitness, UA-Arch, UA-Full-Version, UA-Mobile, UA-Model, UA-Platform-Version, UA-Platform, UA
access-control-allow-origin
*
cache-control
max-age=3600
content-encoding
br
content-length
1046
content-type
text/html
date
Sun, 18 Aug 2024 01:33:28 GMT
etag
"66b1ec49-416"
expires
Sun, 18 Aug 2024 02:33:28 GMT
last-modified
Tue, 06 Aug 2024 09:26:33 GMT
strict-transport-security
max-age=31536000
timing-allow-origin
*
1
mc.yandex.com/watch/96299872/
Redirect Chain
  • https://mc.yandex.com/watch/96299872?wmode=7&page-url=https%3A%2F%2Fleportailfermier.com%2Fles-arbres-poussent-ils-en-hiver&charset=utf-8&uah=chm%0A%3F0&browser-info=pv%3A1%3Avf%3Acstsejpcztnbm4xas...
  • https://mc.yandex.com/watch/96299872/1?wmode=7&page-url=https%3A%2F%2Fleportailfermier.com%2Fles-arbres-poussent-ils-en-hiver&charset=utf-8&uah=chm%0A%3F0&browser-info=pv%3A1%3Avf%3Acstsejpcztnbm4x...
1 KB
1 KB 		Fetch
General
Check archive.org
Download Go to
Full URL
https://mc.yandex.com/watch/96299872/1?wmode=7&page-url=https%3A%2F%2Fleportailfermier.com%2Fles-arbres-poussent-ils-en-hiver&charset=utf-8&uah=chm%0A%3F0&browser-info=pv%3A1%3Avf%3Acstsejpcztnbm4xas7mgj8ug9n%3Afu%3A0%3Aen%3Autf-8%3Ala%3Ade-DE%3Av%3A1410%3Acn%3A1%3Adp%3A0%3Als%3A1059811796645%3Ahid%3A946499211%3Az%3A120%3Ai%3A20240818033327%3Aet%3A1723944808%3Ac%3A1%3Arn%3A792706400%3Arqn%3A1%3Au%3A1723944808144990324%3Aw%3A1600x1200%3As%3A1600x1200x24%3Ask%3A1%3Awv%3A2%3Ads%3A39%2C15%2C121%2C108%2C4%2C0%2C%2C275%2C0%2C%2C%2C%2C564%3Aco%3A0%3Acpf%3A1%3Ans%3A1723944806858%3Aadb%3A2%3Arqnl%3A1%3Ast%3A1723944808%3At%3A&t=gdpr%2814%29clc%280-0-0%29rqnt%281%29aw%281%29rcm%281%29cdl%28na%29eco%2821037572%29ti%281%29
Protocol
H2
Server
2a02:6b8::1:119 Moscow, Russian Federation, ASN13238 (YANDEX, RU),
Reverse DNS
Software
/
Resource Hash
b6e7c0872d8fb98bc30d13d6ff668864b24b8a372672d7ec3e12aacd7928ee25
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://leportailfermier.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

pragma
no-cache
strict-transport-security
max-age=31536000
date
Sun, 18 Aug 2024 01:33:28 GMT
x-content-type-options
nosniff
last-modified
Sun, 18-Aug-2024 01:33:28 GMT
accept-ch
Sec-CH-UA-Bitness, Sec-CH-UA-Arch, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Platform, Sec-CH-UA, UA-Bitness, UA-Arch, UA-Full-Version, UA-Mobile, UA-Model, UA-Platform-Version, UA-Platform, UA
content-type
application/json; charset=utf-8
access-control-allow-origin
https://leportailfermier.com
cache-control
private, no-cache, no-store, must-revalidate, max-age=0
access-control-allow-credentials
true
content-length
1071
x-xss-protection
1; mode=block
expires
Sun, 18-Aug-2024 01:33:28 GMT

Redirect headers

pragma
no-cache
strict-transport-security
max-age=31536000
date
Sun, 18 Aug 2024 01:33:28 GMT
last-modified
Sun, 18-Aug-2024 01:33:28 GMT
accept-ch
Sec-CH-UA-Bitness, Sec-CH-UA-Arch, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Platform, Sec-CH-UA, UA-Bitness, UA-Arch, UA-Full-Version, UA-Mobile, UA-Model, UA-Platform-Version, UA-Platform, UA
location
/watch/96299872/1?wmode=7&page-url=https%3A%2F%2Fleportailfermier.com%2Fles-arbres-poussent-ils-en-hiver&charset=utf-8&uah=chm%0A%3F0&browser-info=pv%3A1%3Avf%3Acstsejpcztnbm4xas7mgj8ug9n%3Afu%3A0%3Aen%3Autf-8%3Ala%3Ade-DE%3Av%3A1410%3Acn%3A1%3Adp%3A0%3Als%3A1059811796645%3Ahid%3A946499211%3Az%3A120%3Ai%3A20240818033327%3Aet%3A1723944808%3Ac%3A1%3Arn%3A792706400%3Arqn%3A1%3Au%3A1723944808144990324%3Aw%3A1600x1200%3As%3A1600x1200x24%3Ask%3A1%3Awv%3A2%3Ads%3A39%2C15%2C121%2C108%2C4%2C0%2C%2C275%2C0%2C%2C%2C%2C564%3Aco%3A0%3Acpf%3A1%3Ans%3A1723944806858%3Aadb%3A2%3Arqnl%3A1%3Ast%3A1723944808%3At%3A&t=gdpr%2814%29clc%280-0-0%29rqnt%281%29aw%281%29rcm%281%29cdl%28na%29eco%2821037572%29ti%281%29
access-control-allow-origin
https://leportailfermier.com
cache-control
private, no-cache, no-store, must-revalidate, max-age=0
access-control-allow-credentials
true
x-xss-protection
1; mode=block
expires
Sun, 18-Aug-2024 01:33:28 GMT
favicon.ico
leportailfermier.com/ 		11 KB
5 KB 		Other
General
Check archive.org
Download Go to
Full URL
https://leportailfermier.com/favicon.ico
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.67.201.22 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b8b2d41c9b8a8a8ea99b56d611ebc5188c03fcf398cf53981ce85e25ac868645

Request headers

Referer
https://leportailfermier.com/les-arbres-poussent-ils-en-hiver
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date
Sun, 18 Aug 2024 01:33:28 GMT
content-encoding
br
cf-cache-status
MISS
last-modified
Sun, 18 Aug 2024 01:33:28 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=7ncuIyObnN6C5Xrw8cPdOv7NoOy21xTr9AymcfUp3JDFRcw1YAuEGskFoIhws67DpWEYhkyCokPSiLii7pZPfvJL36FBSRpsgQbH0END9DWFNn7BMMErKTyfOXS%2FEJqhYVRReBvmZQ%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
text/html; charset=UTF-8
cache-control
max-age=14400
cf-ray
8b4e27ecd9093815-FRA
alt-svc
h3=":443"; ma=86400

Verdicts & Comments Add Verdict or Comment

42 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

function| _0x3b19 function| _0x5f2865 function| _0x2652fc function| _0x130b08 object| _0x6fb26d object| _0x101182 function| _0x4aa273 function| _0x5111 function| _0x153b9d object| div object| img function| ym function| _0x1f4840 function| swerwer function| _0x1ca2 function| _0x56ac function| _0xb635e7 function| _0x2432 function| _0x196ab2 function| _0x768838 function| _0x24a9 function| _0x5109 function| _0x40f5 function| _0x1574 function| _0xded731 function| _0x2d00 function| _0x3d04b9 function| _0x3b1ff3 function| _0x305cec function| _0x18fd11 function| _0x578f60 function| _0x3364 function| _0x4ba91c function| _0x6c9887 function| _0x1a079f function| _0x5cc362 function| _0x31e5 string| _0x1873bf string| _0x2f77b4 function| _0x27aa2f object| Ya object| yaCounter96299872

23 Cookies

Domain/Path Name / Value
mc.yandex.ru/ Name: yabs-sid
Value: 855682681723944807
.yandex.ru/ Name: receive-cookie-deprecation
Value: 1
.yandex.ru/ Name: yashr
Value: 4865987701723944807
.leportailfermier.com/ Name: _ym_uid
Value: 1723944808144990324
.leportailfermier.com/ Name: _ym_d
Value: 1723944808
.mc.yandex.com/ Name: sync_cookie_csrf
Value: 790641469fake
.yandex.com/ Name: i
Value: VyAQ1J5H8Fp08t3ZcnTWbnz0CF1UrWfr1sslNS0gFfwzIIIxGYOI5XLLSZURQxOplH+y7o5LRu8hU8SMwPQ1UCelfuA=
.yandex.com/ Name: yandexuid
Value: 1068577851723944807
.yandex.com/ Name: yashr
Value: 6475070741723944807
.leportailfermier.com/ Name: _ym_isad
Value: 2
.mc.yandex.ru/ Name: sync_cookie_csrf
Value: 548774371fake
.mc.yandex.com/ Name: sync_cookie_ok
Value: synced
.yandex.ru/ Name: yandexuid
Value: 1068577851723944807
.yandex.ru/ Name: yuidss
Value: 1068577851723944807
.yandex.ru/ Name: i
Value: VyAQ1J5H8Fp08t3ZcnTWbnz0CF1UrWfr1sslNS0gFfwzIIIxGYOI5XLLSZURQxOplH+y7o5LRu8hU8SMwPQ1UCelfuA=
.yandex.ru/ Name: yp
Value: 1724031208.yu.1368745571723944807
.yandex.ru/ Name: ymex
Value: 1726536808.oyu.1368745571723944807#1755480807.yrts.1723944807#1755480807.yrtsi.1723944807
mc.yandex.com/ Name: yabs-sid
Value: 2036095321723944808
.yandex.com/ Name: yuidss
Value: 1068577851723944807
.yandex.com/ Name: ymex
Value: 1755480808.yrts.1723944808
.yandex.com/ Name: receive-cookie-deprecation
Value: 1
.yandex.com/ Name: bh
Value: KgI/MGDonoW2Bg==
.leportailfermier.com/ Name: _ym_visorc
Value: b