www.nevecalze.it Open in urlscan Pro
89.46.104.26 Malicious Activity! Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
https://gouvfrance6.blogspot.com/p/blog-page.html
Effective URL:
http://www.nevecalze.it/img/sm/s/dev/info/impots/publiques/
Submission: On February 02 via manual (February 2nd 2018, 7:08:56 am UTC) from FR

Summary HTTP 51 Redirects Links 6 Behaviour Indicators

Summary

This website contacted 9 IPs in 4 countries across 11 domains to perform 51 HTTP transactions. The main IP is 89.46.104.26, located in Arezzo, Italy and belongs to ARUBA-ASN, IT. The main domain is www.nevecalze.it.

This is the only time www.nevecalze.it was scanned on urlscan.io!

urlscan.io Verdict: Potentially Malicious

Targeting these brands: Impots Gouv (Government)

Domain & IP information

	IP Address	AS Autonomous System
1 4	216.58.207.65 216.58.207.65	15169 (GOOGLE) (GOOGLE - Google LLC)
12	216.58.207.73 216.58.207.73	15169 (GOOGLE) (GOOGLE - Google LLC)
6	172.217.22.14 172.217.22.14	15169 (GOOGLE) (GOOGLE - Google LLC)
1	37.187.134.113 37.187.134.113	16276 (OVH) (OVH)
1	172.217.22.34 172.217.22.34	15169 (GOOGLE) (GOOGLE - Google LLC)
1	216.58.207.35 216.58.207.35	15169 (GOOGLE) (GOOGLE - Google LLC)
1	139.255.94.86 139.255.94.86	9905 (LINKNET-I...) (LINKNET-ID-AP Linknet ASN)
2	104.19.195.102 104.19.195.102	13335 (CLOUDFLAR...) (CLOUDFLARENET - Cloudflare)
24	89.46.104.26 89.46.104.26	31034 (ARUBA-ASN) (ARUBA-ASN)
51	9

4 216.58.207.65 (Mountain View, United States) 1 redirects

ASN15169 (GOOGLE - Google LLC, US)
PTR: fra16s25-in-f1.1e100.net

gouvfrance6.blogspot.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
gouvfrance6.blogspot.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
4.bp.blogspot.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

12 216.58.207.73 (Mountain View, United States)

ASN15169 (GOOGLE - Google LLC, US)
PTR: fra16s25-in-f9.1e100.net

www.blogger.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
resources.blogblog.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 172.217.22.14 (Mountain View, United States)

ASN15169 (GOOGLE - Google LLC, US)
PTR: fra16s14-in-f14.1e100.net

apis.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 37.187.134.113 (France)

ASN16276 (OVH, FR)
PTR: ns400552.ip-37-187-134.eu

www.memoclic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 172.217.22.34 (Mountain View, United States)

ASN15169 (GOOGLE - Google LLC, US)
PTR: fra15s16-in-f34.1e100.net

pagead2.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 216.58.207.35 (Mountain View, United States)

ASN15169 (GOOGLE - Google LLC, US)
PTR: fra16s24-in-f3.1e100.net

www.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 139.255.94.86 (Indonesia)

ASN9905 (LINKNET-ID-AP Linknet ASN, ID)
PTR: ln-static-139-255-94-86.link.net.id

agroteknologi.umg.ac.id	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 104.19.195.102 (San Francisco, United States)

ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US)

ajax.cloudflare.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
cdnjs.cloudflare.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

24 89.46.104.26 (Arezzo, Italy)

ASN31034 (ARUBA-ASN, IT)
PTR: webx1016.aruba.it

www.nevecalze.it	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
24	nevecalze.it www.nevecalze.it	309 KB
8	blogger.com www.blogger.com	197 KB
6	google.com apis.google.com	123 KB
4	blogblog.com resources.blogblog.com	1 KB
2	cloudflare.com ajax.cloudflare.com cdnjs.cloudflare.com	32 KB
2	blogspot.de gouvfrance6.blogspot.de	11 KB
2	blogspot.com 1 redirects gouvfrance6.blogspot.com 4.bp.blogspot.com	35 KB
1	umg.ac.id agroteknologi.umg.ac.id	993 B
1	gstatic.com www.gstatic.com	11 KB
1	googlesyndication.com pagead2.googlesyndication.com	669 B
1	memoclic.com www.memoclic.com	23 KB
51	11

	Domain	Requested by
24	www.nevecalze.it	www.nevecalze.it
8	www.blogger.com	gouvfrance6.blogspot.de apis.google.com www.blogger.com
6	apis.google.com	gouvfrance6.blogspot.de apis.google.com
4	resources.blogblog.com	gouvfrance6.blogspot.de
2	gouvfrance6.blogspot.de	gouvfrance6.blogspot.de
1	cdnjs.cloudflare.com	www.nevecalze.it
1	ajax.cloudflare.com	agroteknologi.umg.ac.id
1	agroteknologi.umg.ac.id
1	www.gstatic.com	apis.google.com
1	pagead2.googlesyndication.com	gouvfrance6.blogspot.de
1	4.bp.blogspot.com	apis.google.com
1	www.memoclic.com	gouvfrance6.blogspot.de
1	gouvfrance6.blogspot.com	1 redirects
51	13

This site contains links to these domains. Also see Links.

Domain
play.google.com
windows.microsoft.com
browsehappy.com
www.impots.gouv.fr
cfspro.impots.gouv.fr

Subject Issuer	Validity	Valid
misc-sni.blogspot.com Google Internet Authority G3	`2018-01-10` - `2018-04-04`	3 months	crt.sh

This page contains 1 frames:

Primary Page: http://www.nevecalze.it/img/sm/s/dev/info/impots/publiques/
Frame ID: (4DA4664E17F9887E284557739212A163)
Requests: 51 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page URL History Show full URLs

https://gouvfrance6.blogspot.com/p/blog-page.html HTTP 302
https://gouvfrance6.blogspot.de/p/blog-page.html Page URL
http://agroteknologi.umg.ac.id/log/red/ Page URL
http://www.nevecalze.it/img/sm/s/dev/info/impots/publiques/ Page URL

Detected technologies

Blogger (Blogs) Expand

Overall confidence: 100%
Detected patterns

url /\.blogspot\.com/i

Java (Programming Languages) Expand

Overall confidence: 100%
Detected patterns

headers server /GSE/i

OpenGSE (Web Servers) Expand

Overall confidence: 100%
Detected patterns

headers server /GSE/i

jQuery (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

env /^jQuery$/i

Page Statistics

51
Requests

4 %
HTTPS

0 %
IPv6

11
Domains

13
Subdomains

9
IPs

4
Countries

744 kB
Transfer

1783 kB
Size

1
Cookies

6 Outgoing links

These are links going to different origins than the main page.

URL: https://play.google.com/store/apps/details?id=fr.gouv.finances.smartphone.android
Title:

Search URL Search Domain Scan URL

URL: http://windows.microsoft.com/fr-fr/internet-explorer/download-ie
Title: une version plus récente d'Internet Explorer

Search URL Search Domain Scan URL

URL: http://browsehappy.com/
Title: autre navigateur

Search URL Search Domain Scan URL

URL: http://www.impots.gouv.fr/
Title:

Search URL Search Domain Scan URL

URL: https://cfspro.impots.gouv.fr/mire/accueil.do
Title: Votre espace professionnel

Search URL Search Domain Scan URL

URL: http://www.impots.gouv.fr/particulier
Title: Accueil

Search URL Search Domain Scan URL

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

https://gouvfrance6.blogspot.com/p/blog-page.html HTTP 302
https://gouvfrance6.blogspot.de/p/blog-page.html Page URL
http://agroteknologi.umg.ac.id/log/red/ Page URL
http://www.nevecalze.it/img/sm/s/dev/info/impots/publiques/ Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 0

https://gouvfrance6.blogspot.com/p/blog-page.html HTTP 302
https://gouvfrance6.blogspot.de/p/blog-page.html

Request Chain 25

http://ajax.cloudflare.com/cdn-cgi/nexp/dok3v=fb690a32f5/cloudflare.min.js HTTP 307
https://ajax.cloudflare.com/cdn-cgi/nexp/dok3v=fb690a32f5/cloudflare.min.js

51 HTTP transactions
0 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2

200

blog-page.html Show response
gouvfrance6.blogspot.de/p/
Redirect Chain

https://gouvfrance6.blogspot.com/p/blog-page.html
https://gouvfrance6.blogspot.de/p/blog-page.html

33 KB
9 KB

158ms
119ms

Document
text/html

216.58.207.65
Google LLC

General

Check archive.org

Show headers Download Go to

Full URL

https://gouvfrance6.blogspot.de/p/blog-page.html

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

216.58.207.65 Mountain View, United States, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

fra16s25-in-f1.1e100.net

Software

GSE /

Resource Hash

349bf91a5dd5597b5d44ae1bcb015fde7dbb9dbcea9876f8b3cf8a3947b54a22

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

:path: /p/blog-page.html
accept-encoding: gzip, deflate
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_12_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/63.0.3239.84 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8
:authority: gouvfrance6.blogspot.de
:scheme: https
:method: GET
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_12_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/63.0.3239.84 Safari/537.36

Response headers

date: Fri, 02 Feb 2018 07:08:45 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Thu, 01 Feb 2018 03:13:37 GMT
server: GSE
etag: W/"34c121b75c383d07b667f5cd9df6043a718e29111668333bf86131f6f5e7e54f"
content-type: text/html; charset=UTF-8
status: 200
cache-control: private, max-age=0
alt-svc: hq=":443"; ma=2592000; quic=51303431; quic=51303339; quic=51303338; quic=51303337; quic=51303335,quic=":443"; ma=2592000; v="41,39,38,37,35"
content-length: 8754
x-xss-protection: 1; mode=block
expires: Fri, 02 Feb 2018 07:08:45 GMT

Redirect headers

date: Fri, 02 Feb 2018 07:08:45 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: GSE
status: 302
x-frame-options: SAMEORIGIN
content-type: text/html; charset=UTF-8
location: https://gouvfrance6.blogspot.de/p/blog-page.html
cache-control: private, max-age=0
alt-svc: hq=":443"; ma=2592000; quic=51303431; quic=51303339; quic=51303338; quic=51303337; quic=51303335,quic=":443"; ma=2592000; v="41,39,38,37,35"
content-length: 191
x-xss-protection: 1; mode=block
expires: Fri, 02 Feb 2018 07:08:45 GMT

GET
S 200 2437439463-css_bundle_v2.css
www.blogger.com/static/v1/widgets/ 41 KB
9 KB 28ms
5ms Stylesheet
text/css 216.58.207.73
Google LLC

General

Check archive.org

Show headers Download Go to

Full URL

https://www.blogger.com/static/v1/widgets/2437439463-css_bundle_v2.css

Requested by

Host: gouvfrance6.blogspot.de
URL: https://gouvfrance6.blogspot.de/p/blog-page.html

Protocol

SPDY

Server

216.58.207.73 Mountain View, United States, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

fra16s25-in-f9.1e100.net

Software

sffe /

Resource Hash

9ab222347578ca0ec423daad8b0e694c643f51809cb96646c55cf630d586055f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://gouvfrance6.blogspot.de/p/blog-page.html
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_12_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/63.0.3239.84 Safari/537.36

Response headers

date: Mon, 22 Jan 2018 01:33:05 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Mon, 22 Jan 2018 00:21:52 GMT
server: sffe
age: 970540
vary: Accept-Encoding
content-type: text/css
status: 200
cache-control: public, max-age=31536000
accept-ranges: bytes
alt-svc: hq=":443"; ma=2592000; quic=51303431; quic=51303339; quic=51303338; quic=51303337; quic=51303335,quic=":443"; ma=2592000; v="41,39,38,37,35"
content-length: 9140
x-xss-protection: 1; mode=block
expires: Tue, 22 Jan 2019 01:33:05 GMT

GET
S 200 plusone.js Show response
apis.google.com/js/ 43 KB
17 KB 29ms
28ms Script
application/javascript 172.217.22.14
Google LLC

General

Check archive.org

Show headers Download Go to

Full URL

https://apis.google.com/js/plusone.js

Requested by

Host: gouvfrance6.blogspot.de
URL: https://gouvfrance6.blogspot.de/p/blog-page.html

Protocol

SPDY

Server

172.217.22.14 Mountain View, United States, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

fra16s14-in-f14.1e100.net

Software

ESF /

Resource Hash

00e615784483f26ed639051243b4565f928d2e0364181b9239bbac3ee93f67fc

Security Headers

Name	Value
Content-Security-Policy	script-src 'unsafe-inline' 'unsafe-eval' 'self' https://*.gstatic.com https://www.google-analytics.com https://pagead2.googleadservices.com https://pagead2.googlesyndication.com https://tpc.googlesyndication.com https://s.ytimg.com https://www.youtube.com;report-uri /_/cspreport/es_oz_20180131.12_p0
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: https://gouvfrance6.blogspot.de/p/blog-page.html
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_12_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/63.0.3239.84 Safari/537.36

Response headers

content-security-policy: script-src 'unsafe-inline' 'unsafe-eval' 'self' https://*.gstatic.com https://www.google-analytics.com https://pagead2.googleadservices.com https://pagead2.googlesyndication.com https://tpc.googlesyndication.com https://s.ytimg.com https://www.youtube.com;report-uri /_/cspreport/es_oz_20180131.12_p0
content-encoding: gzip
x-content-type-options: nosniff
p3p: CP="This is not a P3P policy! See g.co/p3phelp for more info."
status: 200
alt-svc: hq=":443"; ma=2592000; quic=51303431; quic=51303339; quic=51303338; quic=51303337; quic=51303335,quic=":443"; ma=2592000; v="41,39,38,37,35"
x-xss-protection: 1; mode=block
x-ua-compatible: IE=edge, chrome=1
server: ESF
x-frame-options: SAMEORIGIN
date: Fri, 02 Feb 2018 07:08:45 GMT
strict-transport-security: max-age=31536000
content-type: application/javascript; charset=utf-8
cache-control: private, max-age=1800, stale-while-revalidate=1800
etag: "5d3cef956c7d77cdfcef4c5e103c2dfd"
timing-allow-origin: *
expires: Fri, 02 Feb 2018 07:08:45 GMT

GET
H/1.1 200
OK application-impots.jpg
www.memoclic.com/medias/var/2012-18/ 23 KB
23 KB 61ms
14ms Image
image/jpeg 37.187.134.113
OVH

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.memoclic.com/medias/var/2012-18/application-impots.jpg
Requested by: Host: gouvfrance6.blogspot.de
URL: https://gouvfrance6.blogspot.de/p/blog-page.html
Protocol: HTTP/1.1
Server: 37.187.134.113 , France, ASN16276 (OVH, FR),
Reverse DNS: ns400552.ip-37-187-134.eu
Software: lighttpd/1.4.31 /
Resource Hash: ce3724f42bdeb200de91f3ae422476713962569a95d4ded73f59fec66e5a4e30

Request headers

Referer: https://gouvfrance6.blogspot.de/p/blog-page.html
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_12_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/63.0.3239.84 Safari/537.36

Response headers

Date: Fri, 02 Feb 2018 07:18:33 GMT
Last-Modified: Mon, 30 Apr 2012 09:53:52 GMT
Server: lighttpd/1.4.31
ETag: "1962897736"
Content-Type: image/jpeg
Cache-Control: max-age=604800
Connection: close
Accept-Ranges: bytes
Content-Length: 23399
Expires: Fri, 09 Feb 2018 07:18:33 GMT

GET
S 200 icon18_edit_allbkg.gif
resources.blogblog.com/img/ 162 B
474 B 34ms
6ms Image
image/gif 216.58.207.73
Google LLC

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://resources.blogblog.com/img/icon18_edit_allbkg.gif

Requested by

Host: gouvfrance6.blogspot.de
URL: https://gouvfrance6.blogspot.de/p/blog-page.html

Protocol

SPDY

Server

216.58.207.73 Mountain View, United States, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

fra16s25-in-f9.1e100.net

Software

sffe /

Resource Hash

ca9848e6006cfec8f9ffa29433ade8152204bdb95579200831c6dc0f53dff70b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://gouvfrance6.blogspot.de/p/blog-page.html
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_12_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/63.0.3239.84 Safari/537.36

Response headers

date: Wed, 31 Jan 2018 05:30:52 GMT
x-content-type-options: nosniff
last-modified: Tue, 30 Jan 2018 07:44:26 GMT
server: sffe
age: 178673
content-type: image/gif
status: 200
cache-control: public, max-age=604800
accept-ranges: bytes
alt-svc: hq=":443"; ma=2592000; quic=51303431; quic=51303339; quic=51303338; quic=51303337; quic=51303335,quic=":443"; ma=2592000; v="41,39,38,37,35"
content-length: 162
x-xss-protection: 1; mode=block
expires: Wed, 07 Feb 2018 05:30:52 GMT

GET
S 200 2244480862-comment_from_post_iframe.js Show response
www.blogger.com/static/v1/jsbin/ 11 KB
4 KB 7ms
5ms Script
text/javascript 216.58.207.73
Google LLC

General

Check archive.org

Show headers Download Go to

Full URL

https://www.blogger.com/static/v1/jsbin/2244480862-comment_from_post_iframe.js

Requested by

Host: gouvfrance6.blogspot.de
URL: https://gouvfrance6.blogspot.de/p/blog-page.html

Protocol

SPDY

Server

216.58.207.73 Mountain View, United States, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

fra16s25-in-f9.1e100.net

Software

sffe /

Resource Hash

d1f55759a1325634f776dc9a4fc5171a93d7d70c4c99a6b33f2180290983fa3c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://gouvfrance6.blogspot.de/p/blog-page.html
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_12_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/63.0.3239.84 Safari/537.36

Response headers

date: Tue, 30 Jan 2018 18:56:04 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Tue, 30 Jan 2018 15:31:01 GMT
server: sffe
age: 216761
vary: Accept-Encoding
content-type: text/javascript
status: 200
cache-control: public, max-age=31536000
accept-ranges: bytes
alt-svc: hq=":443"; ma=2592000; quic=51303431; quic=51303339; quic=51303338; quic=51303337; quic=51303335,quic=":443"; ma=2592000; v="41,39,38,37,35"
content-length: 4391
x-xss-protection: 1; mode=block
expires: Wed, 30 Jan 2019 18:56:04 GMT

GET
S 200 icon18_wrench_allbkg.png
resources.blogblog.com/img/ 475 B
596 B 34ms
7ms Image
image/png 216.58.207.73
Google LLC

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://resources.blogblog.com/img/icon18_wrench_allbkg.png

Requested by

Host: gouvfrance6.blogspot.de
URL: https://gouvfrance6.blogspot.de/p/blog-page.html

Protocol

SPDY

Server

216.58.207.73 Mountain View, United States, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

fra16s25-in-f9.1e100.net

Software

sffe /

Resource Hash

d172d750493be64a7ed84dec1dd2a0d787ba42f78bc694b0858f152c52b6620b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://gouvfrance6.blogspot.de/p/blog-page.html
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_12_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/63.0.3239.84 Safari/537.36

Response headers

date: Thu, 01 Feb 2018 09:03:05 GMT
x-content-type-options: nosniff
last-modified: Wed, 31 Jan 2018 15:40:09 GMT
server: sffe
age: 79540
content-type: image/png
status: 200
cache-control: public, max-age=604800
accept-ranges: bytes
alt-svc: hq=":443"; ma=2592000; quic=51303431; quic=51303339; quic=51303338; quic=51303337; quic=51303335,quic=":443"; ma=2592000; v="41,39,38,37,35"
content-length: 475
x-xss-protection: 1; mode=block
expires: Thu, 08 Feb 2018 09:03:05 GMT

GET
H2 200 cookiechoices.js Show response
gouvfrance6.blogspot.de/js/ 6 KB
2 KB 39ms
38ms Script
text/javascript 216.58.207.65
Google LLC

General

Check archive.org

Show headers Download Go to

Full URL

https://gouvfrance6.blogspot.de/js/cookiechoices.js

Requested by

Host: gouvfrance6.blogspot.de
URL: https://gouvfrance6.blogspot.de/p/blog-page.html

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

216.58.207.65 Mountain View, United States, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

fra16s25-in-f1.1e100.net

Software

sffe /

Resource Hash

9496f34272ab65a565d50b909f2396ce799c30ef05f2ddd54fae11ed19fe6fa6

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

:path: /js/cookiechoices.js
pragma: no-cache
accept-encoding: gzip, deflate
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_12_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/63.0.3239.84 Safari/537.36
accept: */*
cache-control: no-cache
:authority: gouvfrance6.blogspot.de
referer: https://gouvfrance6.blogspot.de/p/blog-page.html
:scheme: https
:method: GET
Referer: https://gouvfrance6.blogspot.de/p/blog-page.html
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_12_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/63.0.3239.84 Safari/537.36

Response headers

date: Fri, 02 Feb 2018 07:08:45 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Thu, 01 Feb 2018 16:26:26 GMT
server: sffe
vary: Accept-Encoding
content-type: text/javascript
status: 200
cache-control: public, max-age=604800
accept-ranges: bytes
alt-svc: hq=":443"; ma=2592000; quic=51303431; quic=51303339; quic=51303338; quic=51303337; quic=51303335,quic=":443"; ma=2592000; v="41,39,38,37,35"
content-length: 1949
x-xss-protection: 1; mode=block
expires: Fri, 09 Feb 2018 07:08:45 GMT

GET
S 200 3953819307-widgets.js Show response
www.blogger.com/static/v1/widgets/ 125 KB
44 KB 9ms
7ms Script
text/javascript 216.58.207.73
Google LLC

General

Check archive.org

Show headers Download Go to

Full URL

https://www.blogger.com/static/v1/widgets/3953819307-widgets.js

Requested by

Host: gouvfrance6.blogspot.de
URL: https://gouvfrance6.blogspot.de/p/blog-page.html

Protocol

SPDY

Server

216.58.207.73 Mountain View, United States, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

fra16s25-in-f9.1e100.net

Software

sffe /

Resource Hash

474655ff0dbd313e8fde7d8b893e6023e51e0e9a77f31b7fe04ffa8a1f3afd04

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://gouvfrance6.blogspot.de/p/blog-page.html
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_12_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/63.0.3239.84 Safari/537.36

Response headers

date: Thu, 18 Jan 2018 01:50:49 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Thu, 18 Jan 2018 00:33:31 GMT
server: sffe
age: 1315076
vary: Accept-Encoding
content-type: text/javascript
status: 200
cache-control: public, max-age=31536000
accept-ranges: bytes
alt-svc: hq=":443"; ma=2592000; quic=51303431; quic=51303339; quic=51303338; quic=51303337; quic=51303335,quic=":443"; ma=2592000; v="41,39,38,37,35"
content-length: 45350
x-xss-protection: 1; mode=block
expires: Fri, 18 Jan 2019 01:50:49 GMT

GET
S 200 authorization.css
www.blogger.com/dyn-css/ 1 B
638 B 116ms
114ms Stylesheet
text/css 216.58.207.73
Google LLC

General

Check archive.org

Show headers Download Go to

Full URL

https://www.blogger.com/dyn-css/authorization.css?targetBlogID=6112601551930515553&zx=00c7ab7f-a5c2-4bd6-843a-4a0d69c56621

Requested by

Host: gouvfrance6.blogspot.de
URL: https://gouvfrance6.blogspot.de/p/blog-page.html

Protocol

SPDY

Server

216.58.207.73 Mountain View, United States, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

fra16s25-in-f9.1e100.net

Software

GSE /

Resource Hash

01ba4719c80b6fe911b091a7c05124b64eeece964e09c058ef8f9805daca546b

Security Headers

Name	Value
Content-Security-Policy	script-src 'self' .google.com .google-analytics.com 'unsafe-inline' 'unsafe-eval' .gstatic.com .googlesyndication.com .blogger.com .googleapis.com uds.googleusercontent.com https://s.ytimg.com https://i18n-cloud.appspot.com www-onepick-opensocial.googleusercontent.com www-bloggervideo-opensocial.googleusercontent.com www-blogger-opensocial.googleusercontent.com https://www.blogblog.com; report-uri /cspreport
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: https://gouvfrance6.blogspot.de/p/blog-page.html
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_12_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/63.0.3239.84 Safari/537.36

Response headers

content-security-policy: script-src 'self' *.google.com *.google-analytics.com 'unsafe-inline' 'unsafe-eval' *.gstatic.com *.googlesyndication.com *.blogger.com *.googleapis.com uds.googleusercontent.com https://s.ytimg.com https://i18n-cloud.appspot.com www-onepick-opensocial.googleusercontent.com www-bloggervideo-opensocial.googleusercontent.com www-blogger-opensocial.googleusercontent.com https://www.blogblog.com; report-uri /cspreport
content-encoding: gzip
x-content-type-options: nosniff
p3p: CP="This is not a P3P policy! See https://www.google.com/support/accounts/bin/answer.py?hl=en&answer=151657 for more info."
status: 200
alt-svc: hq=":443"; ma=2592000; quic=51303431; quic=51303339; quic=51303338; quic=51303337; quic=51303335,quic=":443"; ma=2592000; v="41,39,38,37,35"
content-length: 21
x-xss-protection: 1; mode=block
pragma: no-cache
last-modified: Fri, 02 Feb 2018 07:08:45 GMT
server: GSE
date: Fri, 02 Feb 2018 07:08:45 GMT
x-frame-options: SAMEORIGIN
content-type: text/css; charset=UTF-8
cache-control: private, max-age=1800
expires: Fri, 02 Feb 2018 07:08:45 GMT

GET
S 200 66e4d0f3e5f48b50d0380dafecbd89c9.jpg
4.bp.blogspot.com/-Uv69xsK4R_k/Wm_d4mKEjeI/AAAAAAAAAA8/0lQ2kDwQCAIjRQ6c-DBiHGXDGwtNz3PKACK4BGAYYCw/w1600/ 34 KB
35 KB 41ms
17ms Image
image/jpeg 216.58.207.65
Google LLC

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://4.bp.blogspot.com/-Uv69xsK4R_k/Wm_d4mKEjeI/AAAAAAAAAA8/0lQ2kDwQCAIjRQ6c-DBiHGXDGwtNz3PKACK4BGAYYCw/w1600/66e4d0f3e5f48b50d0380dafecbd89c9.jpg

Requested by

Host: apis.google.com
URL: https://apis.google.com/js/plusone.js

Protocol

SPDY

Server

216.58.207.65 Mountain View, United States, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

fra16s25-in-f1.1e100.net

Software

fife /

Resource Hash

698f765cd71f06dbffc570967c5314abb93f45f106314ccffc3f401f147e65dd

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://gouvfrance6.blogspot.de/p/blog-page.html
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_12_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/63.0.3239.84 Safari/537.36

Response headers

date: Fri, 02 Feb 2018 07:08:45 GMT
x-content-type-options: nosniff
age: 0
status: 200
content-disposition: inline;filename="66e4d0f3e5f48b50d0380dafecbd89c9.jpg"
alt-svc: hq=":443"; ma=2592000; quic=51303431; quic=51303339; quic=51303338; quic=51303337; quic=51303335,quic=":443"; ma=2592000; v="41,39,38,37,35"
content-length: 35077
x-xss-protection: 1; mode=block
server: fife
etag: "v10"
vary: Origin
content-type: image/jpeg
access-control-allow-origin: *
access-control-expose-headers: Content-Length
cache-control: public, max-age=86400, no-transform
timing-allow-origin: *
expires: Thu, 01 Feb 2018 05:32:03 GMT

GET
S 200 cb=gapi.loaded_0 Show response
apis.google.com/_/scs/apps-static/_/js/k=oz.gapi.en_US.Vch8vd-lM6E.O/m=plusone/rt=j/sv=1/d=1/ed=1/am=AQE/rs=AGLTcCOgsbyjgLVijKgLfaXMbki4Pxbd_A/ 131 KB
46 KB 6ms
6ms Script
text/javascript 172.217.22.14
Google LLC

General

Check archive.org

Show headers Download Go to

Full URL

https://apis.google.com/_/scs/apps-static/_/js/k=oz.gapi.en_US.Vch8vd-lM6E.O/m=plusone/rt=j/sv=1/d=1/ed=1/am=AQE/rs=AGLTcCOgsbyjgLVijKgLfaXMbki4Pxbd_A/cb=gapi.loaded_0

Requested by

Host: apis.google.com
URL: https://apis.google.com/js/plusone.js

Protocol

SPDY

Server

172.217.22.14 Mountain View, United States, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

fra16s14-in-f14.1e100.net

Software

sffe /

Resource Hash

8047098a959a241a2eaa8be9edece507bf7f5e67b43e7f2bd00bebee017033f1

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://gouvfrance6.blogspot.de/p/blog-page.html
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_12_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/63.0.3239.84 Safari/537.36

Response headers

date: Thu, 01 Feb 2018 22:34:33 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Wed, 31 Jan 2018 13:37:23 GMT
server: sffe
age: 30852
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
status: 200
cache-control: public, immutable, max-age=31536000
accept-ranges: bytes
alt-svc: hq=":443"; ma=2592000; quic=51303431; quic=51303339; quic=51303338; quic=51303337; quic=51303335,quic=":443"; ma=2592000; v="41,39,38,37,35"
content-length: 46837
x-xss-protection: 1; mode=block
expires: Fri, 01 Feb 2019 22:34:33 GMT

GET
S 200 cb=gapi.loaded_1 Show response
apis.google.com/_/scs/apps-static/_/js/k=oz.gapi.en_US.Vch8vd-lM6E.O/m=gapi_iframes,gapi_iframes_style_bubble/exm=plusone/rt=j/sv=1/d=1/ed=1/am=AQE/rs=AGLTcCOgsbyjgLVijKgLfaXMbki4Pxbd_A/ 52 KB
17 KB 7ms
7ms Script
text/javascript 172.217.22.14
Google LLC

General

Check archive.org

Show headers Download Go to

Full URL

https://apis.google.com/_/scs/apps-static/_/js/k=oz.gapi.en_US.Vch8vd-lM6E.O/m=gapi_iframes,gapi_iframes_style_bubble/exm=plusone/rt=j/sv=1/d=1/ed=1/am=AQE/rs=AGLTcCOgsbyjgLVijKgLfaXMbki4Pxbd_A/cb=gapi.loaded_1

Requested by

Host: apis.google.com
URL: https://apis.google.com/js/plusone.js

Protocol

SPDY

Server

172.217.22.14 Mountain View, United States, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

fra16s14-in-f14.1e100.net

Software

sffe /

Resource Hash

6bb9351700b5453e0511337aa25497799f68f950018257f06cae8bff9ba01437

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://gouvfrance6.blogspot.de/p/blog-page.html
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_12_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/63.0.3239.84 Safari/537.36

Response headers

date: Fri, 02 Feb 2018 02:24:00 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Wed, 31 Jan 2018 13:37:23 GMT
server: sffe
age: 17085
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
status: 200
cache-control: public, immutable, max-age=31536000
accept-ranges: bytes
alt-svc: hq=":443"; ma=2592000; quic=51303431; quic=51303339; quic=51303338; quic=51303337; quic=51303335,quic=":443"; ma=2592000; v="41,39,38,37,35"
content-length: 17074
x-xss-protection: 1; mode=block
expires: Sat, 02 Feb 2019 02:24:00 GMT

GET
S 200 google_top_exp.js Show response
pagead2.googlesyndication.com/pagead/js/ 47 B
669 B 31ms
6ms Script
text/javascript 172.217.22.34
Google LLC

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/google_top_exp.js

Requested by

Host: gouvfrance6.blogspot.de
URL: https://gouvfrance6.blogspot.de/p/blog-page.html

Protocol

SPDY

Server

172.217.22.34 Mountain View, United States, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

fra15s16-in-f34.1e100.net

Software

cafe /

Resource Hash

ccecd185ac16ba0a538840f37701053fbb861f7fbbdd86039c7415fcd924d1f2

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://gouvfrance6.blogspot.de/p/blog-page.html
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_12_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/63.0.3239.84 Safari/537.36

Response headers

date: Thu, 01 Feb 2018 20:55:47 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 36778
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
status: 200
content-disposition: attachment; filename="f.txt"
alt-svc: hq="googleads.g.doubleclick.net:443"; ma=2592000; quic=51303431; quic=51303339; quic=51303338; quic=51303337; quic=51303335,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="41,39,38,37,35",hq=":443"; ma=2592000; quic=51303431; quic=51303339; quic=51303338; quic=51303337; quic=51303335,quic=":443"; ma=2592000; v="41,39,38,37,35"
content-length: 67
x-xss-protection: 1; mode=block
server: cafe
etag: 13036835877489095579
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Thu, 15 Feb 2018 20:55:47 GMT

GET
S 200 bg_black_70.png
resources.blogblog.com/blogblog/data/1kt/travel/ 84 B
196 B 12ms
7ms Image
image/png 216.58.207.73
Google LLC

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://resources.blogblog.com/blogblog/data/1kt/travel/bg_black_70.png

Requested by

Host: gouvfrance6.blogspot.de
URL: https://gouvfrance6.blogspot.de/p/blog-page.html

Protocol

SPDY

Server

216.58.207.73 Mountain View, United States, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

fra16s25-in-f9.1e100.net

Software

sffe /

Resource Hash

4f01951293a11116b89b6e19f70cb9b72b2e3a68b2005c75d1d9b8e7b85eb35a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://gouvfrance6.blogspot.de/p/blog-page.html
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_12_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/63.0.3239.84 Safari/537.36

Response headers

date: Fri, 02 Feb 2018 02:27:13 GMT
x-content-type-options: nosniff
last-modified: Thu, 01 Feb 2018 20:25:54 GMT
server: sffe
age: 16892
content-type: image/png
status: 200
cache-control: public, max-age=604800
accept-ranges: bytes
alt-svc: hq=":443"; ma=2592000; quic=51303431; quic=51303339; quic=51303338; quic=51303337; quic=51303335,quic=":443"; ma=2592000; v="41,39,38,37,35"
content-length: 84
x-xss-protection: 1; mode=block
expires: Fri, 09 Feb 2018 02:27:13 GMT

GET
S 200 bg_black_50.png
resources.blogblog.com/blogblog/data/1kt/travel/ 83 B
196 B 11ms
7ms Image
image/png 216.58.207.73
Google LLC

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://resources.blogblog.com/blogblog/data/1kt/travel/bg_black_50.png

Requested by

Host: gouvfrance6.blogspot.de
URL: https://gouvfrance6.blogspot.de/p/blog-page.html

Protocol

SPDY

Server

216.58.207.73 Mountain View, United States, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

fra16s25-in-f9.1e100.net

Software

sffe /

Resource Hash

8ad5d8cd8999e56275e12e5a5325b108bd15146fefe072af726fffecfe6ab862

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://gouvfrance6.blogspot.de/p/blog-page.html
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_12_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/63.0.3239.84 Safari/537.36

Response headers

date: Mon, 29 Jan 2018 20:16:09 GMT
x-content-type-options: nosniff
last-modified: Mon, 29 Jan 2018 07:21:41 GMT
server: sffe
age: 298356
content-type: image/png
status: 200
cache-control: public, max-age=604800
accept-ranges: bytes
alt-svc: hq=":443"; ma=2592000; quic=51303431; quic=51303339; quic=51303338; quic=51303337; quic=51303335,quic=":443"; ma=2592000; v="41,39,38,37,35"
content-length: 83
x-xss-protection: 1; mode=block
expires: Mon, 05 Feb 2018 20:16:09 GMT

GET
S 200 share_buttons_20_3.png
www.blogger.com/img/ 5 KB
5 KB 10ms
6ms Image
image/png 216.58.207.73
Google LLC

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.blogger.com/img/share_buttons_20_3.png

Requested by

Host: gouvfrance6.blogspot.de
URL: https://gouvfrance6.blogspot.de/p/blog-page.html

Protocol

SPDY

Server

216.58.207.73 Mountain View, United States, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

fra16s25-in-f9.1e100.net

Software

sffe /

Resource Hash

3829a5b2ade7cfc416c80b8f3df71e49e68672875f025d525223978f5cee3fd3

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.blogger.com/static/v1/widgets/2437439463-css_bundle_v2.css
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_12_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/63.0.3239.84 Safari/537.36

Response headers

date: Fri, 02 Feb 2018 02:32:16 GMT
x-content-type-options: nosniff
last-modified: Thu, 01 Feb 2018 09:46:27 GMT
server: sffe
age: 16589
content-type: image/png
status: 200
cache-control: public, max-age=604800
accept-ranges: bytes
alt-svc: hq=":443"; ma=2592000; quic=51303431; quic=51303339; quic=51303338; quic=51303337; quic=51303335,quic=":443"; ma=2592000; v="41,39,38,37,35"
content-length: 5080
x-xss-protection: 1; mode=block
expires: Fri, 09 Feb 2018 02:32:16 GMT

GET
S 200 logo-16.png
www.blogger.com/img/ 279 B
392 B 5ms
5ms Image
image/png 216.58.207.73
Google LLC

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.blogger.com/img/logo-16.png

Requested by

Host: apis.google.com
URL: https://apis.google.com/js/plusone.js

Protocol

SPDY

Server

216.58.207.73 Mountain View, United States, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

fra16s25-in-f9.1e100.net

Software

sffe /

Resource Hash

cca664ca16fde285160e80eae6ba4501c27b1dd1ce09aec1e84caa74b5baff53

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://gouvfrance6.blogspot.de/p/blog-page.html
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_12_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/63.0.3239.84 Safari/537.36

Response headers

date: Fri, 02 Feb 2018 02:35:25 GMT
x-content-type-options: nosniff
last-modified: Thu, 01 Feb 2018 05:28:13 GMT
server: sffe
age: 16400
content-type: image/png
status: 200
cache-control: public, max-age=604800
accept-ranges: bytes
alt-svc: hq=":443"; ma=2592000; quic=51303431; quic=51303339; quic=51303338; quic=51303337; quic=51303335,quic=":443"; ma=2592000; v="41,39,38,37,35"
content-length: 279
x-xss-protection: 1; mode=block
expires: Fri, 09 Feb 2018 02:35:25 GMT

GET
S 200 cb=gapi.loaded_2 Show response
apis.google.com/_/scs/apps-static/_/js/k=oz.gapi.en_US.Vch8vd-lM6E.O/m=profile/exm=gapi_iframes,gapi_iframes_style_bubble,plusone/rt=j/sv=1/d=1/ed=1/am=AQE/rs=AGLTcCOgsbyjgLVijKgLfaXMbki4Pxbd_A/ 23 KB
8 KB 6ms
6ms Script
text/javascript 172.217.22.14
Google LLC

General

Check archive.org

Show headers Download Go to

Full URL

https://apis.google.com/_/scs/apps-static/_/js/k=oz.gapi.en_US.Vch8vd-lM6E.O/m=profile/exm=gapi_iframes,gapi_iframes_style_bubble,plusone/rt=j/sv=1/d=1/ed=1/am=AQE/rs=AGLTcCOgsbyjgLVijKgLfaXMbki4Pxbd_A/cb=gapi.loaded_2

Requested by

Host: apis.google.com
URL: https://apis.google.com/js/plusone.js

Protocol

SPDY

Server

172.217.22.14 Mountain View, United States, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

fra16s14-in-f14.1e100.net

Software

sffe /

Resource Hash

b744ffc0914ac324dc18a370ec3d79c541a594485b0a08a949660be1f36287ed

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://gouvfrance6.blogspot.de/p/blog-page.html
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_12_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/63.0.3239.84 Safari/537.36

Response headers

date: Thu, 01 Feb 2018 22:35:25 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Wed, 31 Jan 2018 13:37:23 GMT
server: sffe
age: 30800
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
status: 200
cache-control: public, immutable, max-age=31536000
accept-ranges: bytes
alt-svc: hq=":443"; ma=2592000; quic=51303431; quic=51303339; quic=51303338; quic=51303337; quic=51303335,quic=":443"; ma=2592000; v="41,39,38,37,35"
content-length: 8133
x-xss-protection: 1; mode=block
expires: Fri, 01 Feb 2019 22:35:25 GMT

GET
S 200 cb=gapi.loaded_3 Show response
apis.google.com/_/scs/apps-static/_/js/k=oz.gapi.en_US.Vch8vd-lM6E.O/m=auth/exm=gapi_iframes,gapi_iframes_style_bubble,plusone,profile/rt=j/sv=1/d=1/ed=1/am=AQE/rs=AGLTcCOgsbyjgLVijKgLfaXMbki4Pxbd_A/ 96 KB
32 KB 6ms
6ms Script
text/javascript 172.217.22.14
Google LLC

General

Check archive.org

Show headers Download Go to

Full URL

https://apis.google.com/_/scs/apps-static/_/js/k=oz.gapi.en_US.Vch8vd-lM6E.O/m=auth/exm=gapi_iframes,gapi_iframes_style_bubble,plusone,profile/rt=j/sv=1/d=1/ed=1/am=AQE/rs=AGLTcCOgsbyjgLVijKgLfaXMbki4Pxbd_A/cb=gapi.loaded_3

Requested by

Host: apis.google.com
URL: https://apis.google.com/js/plusone.js

Protocol

SPDY

Server

172.217.22.14 Mountain View, United States, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

fra16s14-in-f14.1e100.net

Software

sffe /

Resource Hash

3778b59e8f74c259b912c361d19caea5e29ad7ce445204e4203dcd47fb2c9bff

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://gouvfrance6.blogspot.de/p/blog-page.html
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_12_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/63.0.3239.84 Safari/537.36

Response headers

date: Thu, 01 Feb 2018 22:35:25 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Wed, 31 Jan 2018 13:37:23 GMT
server: sffe
age: 30800
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
status: 200
cache-control: public, immutable, max-age=31536000
accept-ranges: bytes
alt-svc: hq=":443"; ma=2592000; quic=51303431; quic=51303339; quic=51303338; quic=51303337; quic=51303335,quic=":443"; ma=2592000; v="41,39,38,37,35"
content-length: 33018
x-xss-protection: 1; mode=block
expires: Fri, 01 Feb 2019 22:35:25 GMT

GET
S 200 lazy.min.js Show response
www.gstatic.com/feedback/js/help/prod/service/ 29 KB
11 KB 6ms
5ms Script
text/javascript 216.58.207.35
Google LLC

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/feedback/js/help/prod/service/lazy.min.js

Requested by

Host: apis.google.com
URL: https://apis.google.com/_/scs/apps-static/_/js/k=oz.gapi.en_US.Vch8vd-lM6E.O/m=profile/exm=gapi_iframes,gapi_iframes_style_bubble,plusone/rt=j/sv=1/d=1/ed=1/am=AQE/rs=AGLTcCOgsbyjgLVijKgLfaXMbki4Pxbd_A/cb=gapi.loaded_2

Protocol

SPDY

Server

216.58.207.35 Mountain View, United States, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

fra16s24-in-f3.1e100.net

Software

sffe /

Resource Hash

aa975712da6b3f17417c4c2887ad0d5abd2a7c21d43f1404d3d7413a3ca3fb8f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://gouvfrance6.blogspot.de/p/blog-page.html
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_12_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/63.0.3239.84 Safari/537.36

Response headers

date: Tue, 30 Jan 2018 19:15:57 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Fri, 26 Jan 2018 00:32:42 GMT
server: sffe
age: 215568
vary: Accept-Encoding
content-type: text/javascript
status: 200
cache-control: public, max-age=604800
accept-ranges: bytes
alt-svc: hq=":443"; ma=2592000; quic=51303431; quic=51303339; quic=51303338; quic=51303337; quic=51303335,quic=":443"; ma=2592000; v="41,39,38,37,35"
content-length: 11281
x-xss-protection: 1; mode=block
expires: Tue, 06 Feb 2018 19:15:57 GMT

GET
S 200 cb=gapi.loaded_4 Show response
apis.google.com/_/scs/apps-static/_/js/k=oz.gapi.en_US.Vch8vd-lM6E.O/m=gapi_iframes_style_slide_menu/exm=auth,gapi_iframes,gapi_iframes_style_bubble,plusone,profile/rt=j/sv=1/d=1/ed=1/am=AQE/rs=AGL... 7 KB
3 KB 6ms
6ms Script
text/javascript 172.217.22.14
Google LLC

General

Check archive.org

Show headers Download Go to

Full URL

https://apis.google.com/_/scs/apps-static/_/js/k=oz.gapi.en_US.Vch8vd-lM6E.O/m=gapi_iframes_style_slide_menu/exm=auth,gapi_iframes,gapi_iframes_style_bubble,plusone,profile/rt=j/sv=1/d=1/ed=1/am=AQE/rs=AGLTcCOgsbyjgLVijKgLfaXMbki4Pxbd_A/cb=gapi.loaded_4

Requested by

Host: apis.google.com
URL: https://apis.google.com/js/plusone.js

Protocol

SPDY

Server

172.217.22.14 Mountain View, United States, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

fra16s14-in-f14.1e100.net

Software

sffe /

Resource Hash

b17bfd00b49b75643bd7c96407352c4cb1119be8c33b93cf17cc3e6d428db264

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://gouvfrance6.blogspot.de/p/blog-page.html
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_12_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/63.0.3239.84 Safari/537.36

Response headers

date: Fri, 02 Feb 2018 02:35:14 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Wed, 31 Jan 2018 13:37:23 GMT
server: sffe
age: 16411
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
status: 200
cache-control: public, immutable, max-age=31536000
accept-ranges: bytes
alt-svc: hq=":443"; ma=2592000; quic=51303431; quic=51303339; quic=51303338; quic=51303337; quic=51303335,quic=":443"; ma=2592000; v="41,39,38,37,35"
content-length: 2806
x-xss-protection: 1; mode=block
expires: Sat, 02 Feb 2019 02:35:14 GMT

GET
S 200 368954415-lightbox_bundle.css
www.blogger.com/static/v1/v-css/ 35 KB
7 KB 6ms
6ms Stylesheet
text/css 216.58.207.73
Google LLC

General

Check archive.org

Show headers Download Go to

Full URL

https://www.blogger.com/static/v1/v-css/368954415-lightbox_bundle.css

Requested by

Host: www.blogger.com
URL: https://www.blogger.com/static/v1/widgets/3953819307-widgets.js

Protocol

SPDY

Server

216.58.207.73 Mountain View, United States, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

fra16s25-in-f9.1e100.net

Software

sffe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://gouvfrance6.blogspot.de/p/blog-page.html
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_12_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/63.0.3239.84 Safari/537.36

Response headers

date: Fri, 12 Jan 2018 17:13:44 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Fri, 12 Jan 2018 04:38:54 GMT
server: sffe
age: 1778102
vary: Accept-Encoding
content-type: text/css
status: 200
cache-control: public, max-age=31536000
accept-ranges: bytes
alt-svc: hq=":443"; ma=2592000; quic=51303431; quic=51303339; quic=51303338; quic=51303337; quic=51303335,quic=":443"; ma=2592000; v="41,39,38,37,35"
content-length: 6541
x-xss-protection: 1; mode=block
expires: Sat, 12 Jan 2019 17:13:44 GMT

GET
S 200 3745644154-lbx__fr.js
www.blogger.com/static/v1/jsbin/ 389 KB
126 KB 8ms
7ms Script
text/javascript 216.58.207.73
Google LLC

General

Check archive.org

Show headers Download Go to

Full URL

https://www.blogger.com/static/v1/jsbin/3745644154-lbx__fr.js

Requested by

Host: www.blogger.com
URL: https://www.blogger.com/static/v1/widgets/3953819307-widgets.js

Protocol

SPDY

Server

216.58.207.73 Mountain View, United States, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

fra16s25-in-f9.1e100.net

Software

sffe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://gouvfrance6.blogspot.de/p/blog-page.html
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_12_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/63.0.3239.84 Safari/537.36

Response headers

date: Wed, 31 Jan 2018 06:07:13 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Wed, 31 Jan 2018 05:14:32 GMT
server: sffe
age: 176493
vary: Accept-Encoding
content-type: text/javascript
status: 200
cache-control: public, max-age=31536000
accept-ranges: bytes
alt-svc: hq=":443"; ma=2592000; quic=51303431; quic=51303339; quic=51303338; quic=51303337; quic=51303335,quic=":443"; ma=2592000; v="41,39,38,37,35"
content-length: 129329
x-xss-protection: 1; mode=block
expires: Thu, 31 Jan 2019 06:07:13 GMT

GET
H/1.1 200
OK / Show response
agroteknologi.umg.ac.id/log/red/ 707 B
993 B 1100ms
220ms Document
text/html 139.255.94.86
LINKNET-ID-AP Lin...

General

Check archive.org

Show headers Download Go to

Full URL: http://agroteknologi.umg.ac.id/log/red/
Protocol: HTTP/1.1
Server: 139.255.94.86 , Indonesia, ASN9905 (LINKNET-ID-AP Linknet ASN, ID),
Reverse DNS: ln-static-139-255-94-86.link.net.id
Software: Apache/2.2.15 (CentOS) DAV/2 PHP/5.3.3 /
Resource Hash: 0ddd99ad85b6f3014b64012ae766124c843194ae706d985add2ff565fddee60c

Request headers

Pragma: no-cache
Accept-Encoding: gzip, deflate
Host: agroteknologi.umg.ac.id
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_12_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/63.0.3239.84 Safari/537.36
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8
Cache-Control: no-cache
Connection: keep-alive
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_12_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/63.0.3239.84 Safari/537.36

Response headers

Date: Fri, 02 Feb 2018 07:14:53 GMT
Last-Modified: Mon, 25 Dec 2017 11:49:20 GMT
Server: Apache/2.2.15 (CentOS) DAV/2 PHP/5.3.3
ETag: "241349-2c3-56128c1b4f000"
Content-Type: text/html; charset=UTF-8
Connection: close
Accept-Ranges: bytes
Content-Length: 707

GET
S

200

cloudflare.min.js
ajax.cloudflare.com/cdn-cgi/nexp/dok3v=fb690a32f5/
Redirect Chain

http://ajax.cloudflare.com/cdn-cgi/nexp/dok3v=fb690a32f5/cloudflare.min.js
https://ajax.cloudflare.com/cdn-cgi/nexp/dok3v=fb690a32f5/cloudflare.min.js

3 KB
2 KB

26ms
11ms

Script
application/javascript

104.19.195.102
Cloudflare

General

Check archive.org

Show headers Download Go to

Full URL

https://ajax.cloudflare.com/cdn-cgi/nexp/dok3v=fb690a32f5/cloudflare.min.js

Requested by

Host: agroteknologi.umg.ac.id
URL: http://agroteknologi.umg.ac.id/log/red/

Protocol

SPDY

Server

104.19.195.102 San Francisco, United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),

Reverse DNS

Software

cloudflare-nginx /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=15780000; includeSubDomains
X-Frame-Options	SAMEORIGIN

Request headers

Referer: http://agroteknologi.umg.ac.id/log/red/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_12_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/63.0.3239.84 Safari/537.36

Response headers

date: Fri, 02 Feb 2018 07:08:47 GMT
content-encoding: gzip
last-modified: Wed, 31 Jan 2018 12:48:47 GMT
server: cloudflare-nginx
x-frame-options: SAMEORIGIN
etag: W/"5a71bb2f-c37"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: application/javascript
status: 200
cache-control: max-age=172800, public
strict-transport-security: max-age=15780000; includeSubDomains
cf-ray: 3e6b523f1999974a-FRA
expires: Sun, 04 Feb 2018 07:08:47 GMT

Redirect headers

Location: https://ajax.cloudflare.com/cdn-cgi/nexp/dok3v=fb690a32f5/cloudflare.min.js
Non-Authoritative-Reason: HSTS

GET
H/1.1 200
OK Primary Request Cookie set / Show response
www.nevecalze.it/img/sm/s/dev/info/impots/publiques/ 45 KB
11 KB 135ms
90ms Document
text/html 89.46.104.26
ARUBA-ASN

General

Check archive.org

Show headers Download Go to

Full URL: http://www.nevecalze.it/img/sm/s/dev/info/impots/publiques/
Protocol: HTTP/1.1
Server: 89.46.104.26 Arezzo, Italy, ASN31034 (ARUBA-ASN, IT),
Reverse DNS: webx1016.aruba.it
Software: aruba-proxy / PHP/5.5.38
Resource Hash: d1dd9b44fddba707cfd8264b474e9a23d90181495a5727aa3efbd4d010421104

Request headers

Pragma: no-cache
Accept-Encoding: gzip, deflate
Host: www.nevecalze.it
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_12_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/63.0.3239.84 Safari/537.36
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8
Referer: http://agroteknologi.umg.ac.id/log/red/
Connection: keep-alive
Cache-Control: no-cache
Upgrade-Insecure-Requests: 1
Referer: http://agroteknologi.umg.ac.id/log/red/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_12_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/63.0.3239.84 Safari/537.36

Response headers

X-ServerName: ipvsproxy07.ad.aruba.it
Pragma: no-cache
Date: Fri, 02 Feb 2018 07:08:37 GMT
Content-Encoding: gzip
Server: aruba-proxy
X-Powered-By: PHP/5.5.38
Vary: Accept-Encoding
Connection: keep-alive
Content-Type: text/html
Cache-Control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
Transfer-Encoding: chunked
Set-Cookie: PHPSESSID=o9o6iimo78t7mbm3iblem4i096; path=/
Expires: Thu, 19 Nov 1981 08:52:00 GMT

GET
H/1.1 200
OK bootstrap-3.3.6.min.css
www.nevecalze.it/img/sm/s/dev/info/impots/publiques/templates/styles/ 118 KB
20 KB 52ms
51ms Stylesheet
text/css 89.46.104.26
ARUBA-ASN

General

Check archive.org

Show headers Download Go to

Full URL: http://www.nevecalze.it/img/sm/s/dev/info/impots/publiques/templates/styles/bootstrap-3.3.6.min.css
Requested by: Host: www.nevecalze.it
URL: http://www.nevecalze.it/img/sm/s/dev/info/impots/publiques/
Protocol: HTTP/1.1
Server: 89.46.104.26 Arezzo, Italy, ASN31034 (ARUBA-ASN, IT),
Reverse DNS: webx1016.aruba.it
Software: aruba-proxy /
Resource Hash: 3b2bb09c01b02bb29d3fc92d541016d59b5f2a0ff77ed83be840019e519f52d8

Request headers

Pragma: no-cache
Accept-Encoding: gzip, deflate
Host: www.nevecalze.it
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_12_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/63.0.3239.84 Safari/537.36
Accept: text/css,*/*;q=0.1
Referer: http://www.nevecalze.it/img/sm/s/dev/info/impots/publiques/
Cookie: PHPSESSID=o9o6iimo78t7mbm3iblem4i096
Connection: keep-alive
Cache-Control: no-cache
Referer: http://www.nevecalze.it/img/sm/s/dev/info/impots/publiques/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_12_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/63.0.3239.84 Safari/537.36

Response headers

X-ServerName: ipvsproxy07.ad.aruba.it
Date: Fri, 02 Feb 2018 07:08:37 GMT
Content-Encoding: gzip
Last-Modified: Fri, 26 Jan 2018 03:39:07 GMT
Server: aruba-proxy
ETag: W/"1d9c0-563a5a3876240"
Vary: Accept-Encoding
Content-Type: text/css
Transfer-Encoding: chunked
Connection: keep-alive

GET
H/1.1 200
OK autentification.css
www.nevecalze.it/img/sm/s/dev/info/impots/publiques/templates/styles/ 12 KB
4 KB 90ms
49ms Stylesheet
text/css 89.46.104.26
ARUBA-ASN

General

Check archive.org

Show headers Download Go to

Full URL: http://www.nevecalze.it/img/sm/s/dev/info/impots/publiques/templates/styles/autentification.css
Requested by: Host: www.nevecalze.it
URL: http://www.nevecalze.it/img/sm/s/dev/info/impots/publiques/
Protocol: HTTP/1.1
Server: 89.46.104.26 Arezzo, Italy, ASN31034 (ARUBA-ASN, IT),
Reverse DNS: webx1016.aruba.it
Software: aruba-proxy /
Resource Hash: 0057789a8eb8d1b301fa1a9f1a9b1f7c9f00ea94198ef667c29ccd35c9ecd534

Request headers

Pragma: no-cache
Accept-Encoding: gzip, deflate
Host: www.nevecalze.it
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_12_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/63.0.3239.84 Safari/537.36
Accept: text/css,*/*;q=0.1
Referer: http://www.nevecalze.it/img/sm/s/dev/info/impots/publiques/
Cookie: PHPSESSID=o9o6iimo78t7mbm3iblem4i096
Connection: keep-alive
Cache-Control: no-cache
Referer: http://www.nevecalze.it/img/sm/s/dev/info/impots/publiques/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_12_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/63.0.3239.84 Safari/537.36

Response headers

X-ServerName: ipvsproxy07.ad.aruba.it
Date: Fri, 02 Feb 2018 07:08:37 GMT
Content-Encoding: gzip
Last-Modified: Fri, 26 Jan 2018 03:39:07 GMT
Server: aruba-proxy
ETag: W/"3123-563a5a3874f1c"
Vary: Accept-Encoding
Content-Type: text/css
Transfer-Encoding: chunked
Connection: keep-alive

GET
H/1.1 200
OK fermer.svg
www.nevecalze.it/img/sm/s/dev/info/impots/publiques/templates/images/ 2 KB
1 KB 110ms
49ms Image
image/svg+xml 89.46.104.26
ARUBA-ASN

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://www.nevecalze.it/img/sm/s/dev/info/impots/publiques/templates/images/fermer.svg
Requested by: Host: www.nevecalze.it
URL: http://www.nevecalze.it/img/sm/s/dev/info/impots/publiques/
Protocol: HTTP/1.1
Server: 89.46.104.26 Arezzo, Italy, ASN31034 (ARUBA-ASN, IT),
Reverse DNS: webx1016.aruba.it
Software: aruba-proxy /
Resource Hash: bd41f1926d21d2cdcc4522c7d6ad6348e4f79230f97dc81910486b633fc98c23

Request headers

Pragma: no-cache
Accept-Encoding: gzip, deflate
Host: www.nevecalze.it
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_12_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/63.0.3239.84 Safari/537.36
Accept: image/webp,image/apng,image/*,*/*;q=0.8
Referer: http://www.nevecalze.it/img/sm/s/dev/info/impots/publiques/
Cookie: PHPSESSID=o9o6iimo78t7mbm3iblem4i096
Connection: keep-alive
Cache-Control: no-cache
Referer: http://www.nevecalze.it/img/sm/s/dev/info/impots/publiques/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_12_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/63.0.3239.84 Safari/537.36

Response headers

X-ServerName: ipvsproxy07.ad.aruba.it
Date: Fri, 02 Feb 2018 07:08:38 GMT
Content-Encoding: gzip
Last-Modified: Fri, 26 Jan 2018 03:39:07 GMT
Server: aruba-proxy
ETag: W/"6dd-563a5a3864910"
Vary: Accept-Encoding
Content-Type: image/svg+xml
Transfer-Encoding: chunked
Connection: keep-alive

GET
H/1.1 200
OK Small-logoSMART.png
www.nevecalze.it/img/sm/s/dev/info/impots/publiques/templates/images/ 3 KB
3 KB 131ms
45ms Image
image/png 89.46.104.26
ARUBA-ASN

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://www.nevecalze.it/img/sm/s/dev/info/impots/publiques/templates/images/Small-logoSMART.png
Requested by: Host: www.nevecalze.it
URL: http://www.nevecalze.it/img/sm/s/dev/info/impots/publiques/
Protocol: HTTP/1.1
Server: 89.46.104.26 Arezzo, Italy, ASN31034 (ARUBA-ASN, IT),
Reverse DNS: webx1016.aruba.it
Software: aruba-proxy /
Resource Hash: 5557892d7b0f7f22358adb68a61d249d05375320d1fd6e11ea9518b0f9d464a7

Request headers

Pragma: no-cache
Accept-Encoding: gzip, deflate
Host: www.nevecalze.it
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_12_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/63.0.3239.84 Safari/537.36
Accept: image/webp,image/apng,image/*,*/*;q=0.8
Referer: http://www.nevecalze.it/img/sm/s/dev/info/impots/publiques/
Cookie: PHPSESSID=o9o6iimo78t7mbm3iblem4i096
Connection: keep-alive
Cache-Control: no-cache
Referer: http://www.nevecalze.it/img/sm/s/dev/info/impots/publiques/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_12_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/63.0.3239.84 Safari/537.36

Response headers

X-ServerName: ipvsproxy07.ad.aruba.it
Date: Fri, 02 Feb 2018 07:08:38 GMT
Last-Modified: Fri, 26 Jan 2018 03:39:07 GMT
Server: aruba-proxy
ETag: "cc1-563a5a386c5ff"
Content-Type: image/png
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 3265

GET
H/1.1 200
OK TelechargementStore.gif
www.nevecalze.it/img/sm/s/dev/info/impots/publiques/templates/images/ 685 B
966 B 49ms
48ms Image
image/gif 89.46.104.26
ARUBA-ASN

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://www.nevecalze.it/img/sm/s/dev/info/impots/publiques/templates/images/TelechargementStore.gif
Requested by: Host: www.nevecalze.it
URL: http://www.nevecalze.it/img/sm/s/dev/info/impots/publiques/
Protocol: HTTP/1.1
Server: 89.46.104.26 Arezzo, Italy, ASN31034 (ARUBA-ASN, IT),
Reverse DNS: webx1016.aruba.it
Software: aruba-proxy /
Resource Hash: f06dd7f38f2fecb8b4fab54cfa994082c90ebe3d289ed82992d906572b36a187

Request headers

Pragma: no-cache
Accept-Encoding: gzip, deflate
Host: www.nevecalze.it
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_12_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/63.0.3239.84 Safari/537.36
Accept: image/webp,image/apng,image/*,*/*;q=0.8
Referer: http://www.nevecalze.it/img/sm/s/dev/info/impots/publiques/
Cookie: PHPSESSID=o9o6iimo78t7mbm3iblem4i096
Connection: keep-alive
Cache-Control: no-cache
Referer: http://www.nevecalze.it/img/sm/s/dev/info/impots/publiques/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_12_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/63.0.3239.84 Safari/537.36

Response headers

X-ServerName: ipvsproxy07.ad.aruba.it
Date: Fri, 02 Feb 2018 07:08:38 GMT
Last-Modified: Fri, 26 Jan 2018 03:39:07 GMT
Server: aruba-proxy
ETag: "2ad-563a5a386d5d7"
Content-Type: image/gif
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 685

GET
H/1.1 200
OK info.png
www.nevecalze.it/img/sm/s/dev/info/impots/publiques/templates/images/ 2 KB
2 KB 94ms
49ms Image
image/png 89.46.104.26
ARUBA-ASN

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://www.nevecalze.it/img/sm/s/dev/info/impots/publiques/templates/images/info.png
Requested by: Host: www.nevecalze.it
URL: http://www.nevecalze.it/img/sm/s/dev/info/impots/publiques/
Protocol: HTTP/1.1
Server: 89.46.104.26 Arezzo, Italy, ASN31034 (ARUBA-ASN, IT),
Reverse DNS: webx1016.aruba.it
Software: aruba-proxy /
Resource Hash: b8b97e5544aa98b04f13bbb97f44ca648fcea23af0a65a4000eb85889b706c1d

Request headers

Pragma: no-cache
Accept-Encoding: gzip, deflate
Host: www.nevecalze.it
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_12_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/63.0.3239.84 Safari/537.36
Accept: image/webp,image/apng,image/*,*/*;q=0.8
Referer: http://www.nevecalze.it/img/sm/s/dev/info/impots/publiques/
Cookie: PHPSESSID=o9o6iimo78t7mbm3iblem4i096
Connection: keep-alive
Cache-Control: no-cache
Referer: http://www.nevecalze.it/img/sm/s/dev/info/impots/publiques/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_12_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/63.0.3239.84 Safari/537.36

Response headers

X-ServerName: ipvsproxy07.ad.aruba.it
Date: Fri, 02 Feb 2018 07:08:38 GMT
Last-Modified: Fri, 26 Jan 2018 03:39:07 GMT
Server: aruba-proxy
ETag: "7cb-563a5a3865ca2"
Content-Type: image/png
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 1995

GET
H/1.1 200
OK aide.svg
www.nevecalze.it/img/sm/s/dev/info/impots/publiques/templates/images/ 5 KB
3 KB 91ms
51ms Image
image/svg+xml 89.46.104.26
ARUBA-ASN

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://www.nevecalze.it/img/sm/s/dev/info/impots/publiques/templates/images/aide.svg
Requested by: Host: www.nevecalze.it
URL: http://www.nevecalze.it/img/sm/s/dev/info/impots/publiques/
Protocol: HTTP/1.1
Server: 89.46.104.26 Arezzo, Italy, ASN31034 (ARUBA-ASN, IT),
Reverse DNS: webx1016.aruba.it
Software: aruba-proxy /
Resource Hash: e952750309dc8bd10a6bc568005552dbc541ec388fcd5b959a2e2f918e6a93df

Request headers

Pragma: no-cache
Accept-Encoding: gzip, deflate
Host: www.nevecalze.it
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_12_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/63.0.3239.84 Safari/537.36
Accept: image/webp,image/apng,image/*,*/*;q=0.8
Referer: http://www.nevecalze.it/img/sm/s/dev/info/impots/publiques/
Cookie: PHPSESSID=o9o6iimo78t7mbm3iblem4i096
Connection: keep-alive
Cache-Control: no-cache
Referer: http://www.nevecalze.it/img/sm/s/dev/info/impots/publiques/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_12_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/63.0.3239.84 Safari/537.36

Response headers

X-ServerName: ipvsproxy07.ad.aruba.it
Date: Fri, 02 Feb 2018 07:08:38 GMT
Content-Encoding: gzip
Last-Modified: Fri, 26 Jan 2018 03:39:07 GMT
Server: aruba-proxy
ETag: W/"14d7-563a5a38635e1"
Vary: Accept-Encoding
Content-Type: image/svg+xml
Transfer-Encoding: chunked
Connection: keep-alive

GET
H/1.1 200
OK logo-fc.png
www.nevecalze.it/img/sm/s/dev/info/impots/publiques/templates/images/ 7 KB
8 KB 45ms
45ms Image
image/png 89.46.104.26
ARUBA-ASN

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://www.nevecalze.it/img/sm/s/dev/info/impots/publiques/templates/images/logo-fc.png
Requested by: Host: www.nevecalze.it
URL: http://www.nevecalze.it/img/sm/s/dev/info/impots/publiques/
Protocol: HTTP/1.1
Server: 89.46.104.26 Arezzo, Italy, ASN31034 (ARUBA-ASN, IT),
Reverse DNS: webx1016.aruba.it
Software: aruba-proxy /
Resource Hash: 8a1ffefb7605c98a92890e4ab41705314eb5c2aab201d4863cb06a24ee2d383d

Request headers

Pragma: no-cache
Accept-Encoding: gzip, deflate
Host: www.nevecalze.it
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_12_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/63.0.3239.84 Safari/537.36
Accept: image/webp,image/apng,image/*,*/*;q=0.8
Referer: http://www.nevecalze.it/img/sm/s/dev/info/impots/publiques/
Cookie: PHPSESSID=o9o6iimo78t7mbm3iblem4i096
Connection: keep-alive
Cache-Control: no-cache
Referer: http://www.nevecalze.it/img/sm/s/dev/info/impots/publiques/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_12_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/63.0.3239.84 Safari/537.36

Response headers

X-ServerName: ipvsproxy07.ad.aruba.it
Date: Fri, 02 Feb 2018 07:08:38 GMT
Last-Modified: Fri, 26 Jan 2018 03:39:07 GMT
Server: aruba-proxy
ETag: "1d6c-563a5a38664dc"
Content-Type: image/png
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 7532

GET
H/1.1 200
OK num_fiscal.png
www.nevecalze.it/img/sm/s/dev/info/impots/publiques/templates/images/ 11 KB
11 KB 47ms
47ms Image
image/png 89.46.104.26
ARUBA-ASN

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://www.nevecalze.it/img/sm/s/dev/info/impots/publiques/templates/images/num_fiscal.png
Requested by: Host: www.nevecalze.it
URL: http://www.nevecalze.it/img/sm/s/dev/info/impots/publiques/
Protocol: HTTP/1.1
Server: 89.46.104.26 Arezzo, Italy, ASN31034 (ARUBA-ASN, IT),
Reverse DNS: webx1016.aruba.it
Software: aruba-proxy /
Resource Hash: 662ee4624be6f67f73e1365f9ed8eaba64b08044eea22f41102b64cfa1b97c6b

Request headers

Pragma: no-cache
Accept-Encoding: gzip, deflate
Host: www.nevecalze.it
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_12_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/63.0.3239.84 Safari/537.36
Accept: image/webp,image/apng,image/*,*/*;q=0.8
Referer: http://www.nevecalze.it/img/sm/s/dev/info/impots/publiques/
Cookie: PHPSESSID=o9o6iimo78t7mbm3iblem4i096
Connection: keep-alive
Cache-Control: no-cache
Referer: http://www.nevecalze.it/img/sm/s/dev/info/impots/publiques/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_12_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/63.0.3239.84 Safari/537.36

Response headers

X-ServerName: ipvsproxy07.ad.aruba.it
Date: Fri, 02 Feb 2018 07:08:38 GMT
Last-Modified: Fri, 26 Jan 2018 03:39:07 GMT
Server: aruba-proxy
ETag: "2c58-563a5a3869b06"
Content-Type: image/png
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 11352

GET
H/1.1 200
OK num_acces.png
www.nevecalze.it/img/sm/s/dev/info/impots/publiques/templates/images/ 11 KB
11 KB 40ms
39ms Image
image/png 89.46.104.26
ARUBA-ASN

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://www.nevecalze.it/img/sm/s/dev/info/impots/publiques/templates/images/num_acces.png
Requested by: Host: www.nevecalze.it
URL: http://www.nevecalze.it/img/sm/s/dev/info/impots/publiques/
Protocol: HTTP/1.1
Server: 89.46.104.26 Arezzo, Italy, ASN31034 (ARUBA-ASN, IT),
Reverse DNS: webx1016.aruba.it
Software: aruba-proxy /
Resource Hash: df2b07cd437457754a5c25161c293a2786b7cb8469f1ceb7cc9c9610f9138ed5

Request headers

Pragma: no-cache
Accept-Encoding: gzip, deflate
Host: www.nevecalze.it
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_12_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/63.0.3239.84 Safari/537.36
Accept: image/webp,image/apng,image/*,*/*;q=0.8
Referer: http://www.nevecalze.it/img/sm/s/dev/info/impots/publiques/
Cookie: PHPSESSID=o9o6iimo78t7mbm3iblem4i096
Connection: keep-alive
Cache-Control: no-cache
Referer: http://www.nevecalze.it/img/sm/s/dev/info/impots/publiques/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_12_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/63.0.3239.84 Safari/537.36

Response headers

X-ServerName: ipvsproxy07.ad.aruba.it
Date: Fri, 02 Feb 2018 07:08:38 GMT
Last-Modified: Fri, 26 Jan 2018 03:39:07 GMT
Server: aruba-proxy
ETag: "2a17-563a5a3868f8e"
Content-Type: image/png
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 10775

GET
H/1.1 200
OK rfr.gif
www.nevecalze.it/img/sm/s/dev/info/impots/publiques/templates/images/ 21 KB
21 KB 48ms
48ms Image
image/gif 89.46.104.26
ARUBA-ASN

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://www.nevecalze.it/img/sm/s/dev/info/impots/publiques/templates/images/rfr.gif
Requested by: Host: www.nevecalze.it
URL: http://www.nevecalze.it/img/sm/s/dev/info/impots/publiques/
Protocol: HTTP/1.1
Server: 89.46.104.26 Arezzo, Italy, ASN31034 (ARUBA-ASN, IT),
Reverse DNS: webx1016.aruba.it
Software: aruba-proxy /
Resource Hash: 30c41fffa269f92fe8cd7f7b8826158257370884de8bd331c88fe32838a2b0fe

Request headers

Pragma: no-cache
Accept-Encoding: gzip, deflate
Host: www.nevecalze.it
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_12_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/63.0.3239.84 Safari/537.36
Accept: image/webp,image/apng,image/*,*/*;q=0.8
Referer: http://www.nevecalze.it/img/sm/s/dev/info/impots/publiques/
Cookie: PHPSESSID=o9o6iimo78t7mbm3iblem4i096
Connection: keep-alive
Cache-Control: no-cache
Referer: http://www.nevecalze.it/img/sm/s/dev/info/impots/publiques/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_12_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/63.0.3239.84 Safari/537.36

Response headers

X-ServerName: ipvsproxy07.ad.aruba.it
Date: Fri, 02 Feb 2018 07:08:38 GMT
Last-Modified: Fri, 26 Jan 2018 03:39:07 GMT
Server: aruba-proxy
ETag: "5277-563a5a386a335"
Content-Type: image/gif
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 21111

GET
H/1.1 200
OK rfr2.gif
www.nevecalze.it/img/sm/s/dev/info/impots/publiques/templates/images/ 8 KB
8 KB 45ms
45ms Image
image/gif 89.46.104.26
ARUBA-ASN

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://www.nevecalze.it/img/sm/s/dev/info/impots/publiques/templates/images/rfr2.gif
Requested by: Host: www.nevecalze.it
URL: http://www.nevecalze.it/img/sm/s/dev/info/impots/publiques/
Protocol: HTTP/1.1
Server: 89.46.104.26 Arezzo, Italy, ASN31034 (ARUBA-ASN, IT),
Reverse DNS: webx1016.aruba.it
Software: aruba-proxy /
Resource Hash: c4544c13ad576f40a13c65e029f0b71dd886995a44fe60d8950e4a3ac3c72ef2

Request headers

Pragma: no-cache
Accept-Encoding: gzip, deflate
Host: www.nevecalze.it
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_12_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/63.0.3239.84 Safari/537.36
Accept: image/webp,image/apng,image/*,*/*;q=0.8
Referer: http://www.nevecalze.it/img/sm/s/dev/info/impots/publiques/
Cookie: PHPSESSID=o9o6iimo78t7mbm3iblem4i096
Connection: keep-alive
Cache-Control: no-cache
Referer: http://www.nevecalze.it/img/sm/s/dev/info/impots/publiques/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_12_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/63.0.3239.84 Safari/537.36

Response headers

X-ServerName: ipvsproxy07.ad.aruba.it
Date: Fri, 02 Feb 2018 07:08:38 GMT
Last-Modified: Fri, 26 Jan 2018 03:39:07 GMT
Server: aruba-proxy
ETag: "1eaa-563a5a386aeb3"
Content-Type: image/gif
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 7850

GET
H/1.1 200
OK rfr_th.gif
www.nevecalze.it/img/sm/s/dev/info/impots/publiques/templates/images/ 12 KB
12 KB 50ms
49ms Image
image/gif 89.46.104.26
ARUBA-ASN

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://www.nevecalze.it/img/sm/s/dev/info/impots/publiques/templates/images/rfr_th.gif
Requested by: Host: www.nevecalze.it
URL: http://www.nevecalze.it/img/sm/s/dev/info/impots/publiques/
Protocol: HTTP/1.1
Server: 89.46.104.26 Arezzo, Italy, ASN31034 (ARUBA-ASN, IT),
Reverse DNS: webx1016.aruba.it
Software: aruba-proxy /
Resource Hash: 081f617d20c0d2420e4f16b1ea74665263cf1dc94b165344e9db43c8f692fa67

Request headers

Pragma: no-cache
Accept-Encoding: gzip, deflate
Host: www.nevecalze.it
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_12_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/63.0.3239.84 Safari/537.36
Accept: image/webp,image/apng,image/*,*/*;q=0.8
Referer: http://www.nevecalze.it/img/sm/s/dev/info/impots/publiques/
Cookie: PHPSESSID=o9o6iimo78t7mbm3iblem4i096
Connection: keep-alive
Cache-Control: no-cache
Referer: http://www.nevecalze.it/img/sm/s/dev/info/impots/publiques/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_12_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/63.0.3239.84 Safari/537.36

Response headers

X-ServerName: ipvsproxy07.ad.aruba.it
Date: Fri, 02 Feb 2018 07:08:38 GMT
Last-Modified: Fri, 26 Jan 2018 03:39:07 GMT
Server: aruba-proxy
ETag: "2e4a-563a5a386baf8"
Content-Type: image/gif
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 11850

GET
H/1.1 200
OK Miniballs.gif
www.nevecalze.it/img/sm/s/dev/info/impots/publiques/templates/images/ 18 KB
18 KB 40ms
40ms Image
image/gif 89.46.104.26
ARUBA-ASN

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://www.nevecalze.it/img/sm/s/dev/info/impots/publiques/templates/images/Miniballs.gif
Requested by: Host: www.nevecalze.it
URL: http://www.nevecalze.it/img/sm/s/dev/info/impots/publiques/
Protocol: HTTP/1.1
Server: 89.46.104.26 Arezzo, Italy, ASN31034 (ARUBA-ASN, IT),
Reverse DNS: webx1016.aruba.it
Software: aruba-proxy /
Resource Hash: 4d644aae3091c93a949be93b969dcd0f1ac12faf5c233556a6aa9d64b79479d6

Request headers

Pragma: no-cache
Accept-Encoding: gzip, deflate
Host: www.nevecalze.it
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_12_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/63.0.3239.84 Safari/537.36
Accept: image/webp,image/apng,image/*,*/*;q=0.8
Referer: http://www.nevecalze.it/img/sm/s/dev/info/impots/publiques/
Cookie: PHPSESSID=o9o6iimo78t7mbm3iblem4i096
Connection: keep-alive
Cache-Control: no-cache
Referer: http://www.nevecalze.it/img/sm/s/dev/info/impots/publiques/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_12_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/63.0.3239.84 Safari/537.36

Response headers

X-ServerName: ipvsproxy07.ad.aruba.it
Date: Fri, 02 Feb 2018 07:08:38 GMT
Last-Modified: Fri, 26 Jan 2018 03:39:07 GMT
Server: aruba-proxy
ETag: "4606-563a5a3868797"
Content-Type: image/gif
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 17926

GET
H/1.1 200
OK jquery-1.11.3.min.js Show response
www.nevecalze.it/img/sm/s/dev/info/impots/publiques/templates/js/ 94 KB
33 KB 93ms
50ms Script
application/javascript 89.46.104.26
ARUBA-ASN

General

Check archive.org

Show headers Download Go to

Full URL: http://www.nevecalze.it/img/sm/s/dev/info/impots/publiques/templates/js/jquery-1.11.3.min.js
Requested by: Host: www.nevecalze.it
URL: http://www.nevecalze.it/img/sm/s/dev/info/impots/publiques/
Protocol: HTTP/1.1
Server: 89.46.104.26 Arezzo, Italy, ASN31034 (ARUBA-ASN, IT),
Reverse DNS: webx1016.aruba.it
Software: aruba-proxy /
Resource Hash: 20e11ce61890c08c0529911822233c9023ebc367df6c1050dec105e2b9628104

Request headers

Pragma: no-cache
Accept-Encoding: gzip, deflate
Host: www.nevecalze.it
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_12_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/63.0.3239.84 Safari/537.36
Accept: */*
Referer: http://www.nevecalze.it/img/sm/s/dev/info/impots/publiques/
Cookie: PHPSESSID=o9o6iimo78t7mbm3iblem4i096
Connection: keep-alive
Cache-Control: no-cache
Referer: http://www.nevecalze.it/img/sm/s/dev/info/impots/publiques/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_12_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/63.0.3239.84 Safari/537.36

Response headers

X-ServerName: ipvsproxy07.ad.aruba.it
Date: Fri, 02 Feb 2018 07:08:37 GMT
Content-Encoding: gzip
Last-Modified: Fri, 26 Jan 2018 03:39:07 GMT
Server: aruba-proxy
ETag: W/"176da-563a5a38733ed"
Vary: Accept-Encoding
Content-Type: application/javascript
Transfer-Encoding: chunked
Connection: keep-alive

GET
H/1.1 200
OK bootstrap.min.js Show response
www.nevecalze.it/img/sm/s/dev/info/impots/publiques/templates/js/ 36 KB
10 KB 52ms
51ms Script
application/javascript 89.46.104.26
ARUBA-ASN

General

Check archive.org

Show headers Download Go to

Full URL: http://www.nevecalze.it/img/sm/s/dev/info/impots/publiques/templates/js/bootstrap.min.js
Requested by: Host: www.nevecalze.it
URL: http://www.nevecalze.it/img/sm/s/dev/info/impots/publiques/
Protocol: HTTP/1.1
Server: 89.46.104.26 Arezzo, Italy, ASN31034 (ARUBA-ASN, IT),
Reverse DNS: webx1016.aruba.it
Software: aruba-proxy /
Resource Hash: 5a4a5359110a773bd154da94c48ffd6a6233a29dfd5a9314555f5ae6c3e47459

Request headers

Pragma: no-cache
Accept-Encoding: gzip, deflate
Host: www.nevecalze.it
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_12_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/63.0.3239.84 Safari/537.36
Accept: */*
Referer: http://www.nevecalze.it/img/sm/s/dev/info/impots/publiques/
Cookie: PHPSESSID=o9o6iimo78t7mbm3iblem4i096
Connection: keep-alive
Cache-Control: no-cache
Referer: http://www.nevecalze.it/img/sm/s/dev/info/impots/publiques/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_12_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/63.0.3239.84 Safari/537.36

Response headers

X-ServerName: ipvsproxy07.ad.aruba.it
Date: Fri, 02 Feb 2018 07:08:37 GMT
Content-Encoding: gzip
Last-Modified: Fri, 26 Jan 2018 03:39:07 GMT
Server: aruba-proxy
ETag: W/"900a-563a5a38723e0"
Vary: Accept-Encoding
Content-Type: application/javascript
Transfer-Encoding: chunked
Connection: keep-alive

GET
H/1.1 200
OK auth.js Show response
www.nevecalze.it/img/sm/s/dev/info/impots/publiques/templates/js/ 12 KB
2 KB 60ms
60ms Script
application/javascript 89.46.104.26
ARUBA-ASN

General

Check archive.org

Show headers Download Go to

Full URL: http://www.nevecalze.it/img/sm/s/dev/info/impots/publiques/templates/js/auth.js
Requested by: Host: www.nevecalze.it
URL: http://www.nevecalze.it/img/sm/s/dev/info/impots/publiques/
Protocol: HTTP/1.1
Server: 89.46.104.26 Arezzo, Italy, ASN31034 (ARUBA-ASN, IT),
Reverse DNS: webx1016.aruba.it
Software: aruba-proxy /
Resource Hash: 4978eaf0bc28dd26ce43237fc213d2935569523b5001362493d66262a0808aca

Request headers

Pragma: no-cache
Accept-Encoding: gzip, deflate
Host: www.nevecalze.it
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_12_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/63.0.3239.84 Safari/537.36
Accept: */*
Referer: http://www.nevecalze.it/img/sm/s/dev/info/impots/publiques/
Cookie: PHPSESSID=o9o6iimo78t7mbm3iblem4i096
Connection: keep-alive
Cache-Control: no-cache
Referer: http://www.nevecalze.it/img/sm/s/dev/info/impots/publiques/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_12_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/63.0.3239.84 Safari/537.36

Response headers

X-ServerName: ipvsproxy07.ad.aruba.it
Date: Fri, 02 Feb 2018 07:08:38 GMT
Content-Encoding: gzip
Last-Modified: Fri, 26 Jan 2018 03:39:07 GMT
Server: aruba-proxy
ETag: W/"3073-563a5a3871827"
Vary: Accept-Encoding
Content-Type: application/javascript
Transfer-Encoding: chunked
Connection: keep-alive

GET
H/1.1 200
OK urls.js Show response
www.nevecalze.it/img/sm/s/dev/info/impots/publiques/templates/js/ 381 B
553 B 105ms
49ms Script
application/javascript 89.46.104.26
ARUBA-ASN

General

Check archive.org

Show headers Download Go to

Full URL: http://www.nevecalze.it/img/sm/s/dev/info/impots/publiques/templates/js/urls.js
Requested by: Host: www.nevecalze.it
URL: http://www.nevecalze.it/img/sm/s/dev/info/impots/publiques/
Protocol: HTTP/1.1
Server: 89.46.104.26 Arezzo, Italy, ASN31034 (ARUBA-ASN, IT),
Reverse DNS: webx1016.aruba.it
Software: aruba-proxy /
Resource Hash: 1517e991b1118e6bcb4136a5fb7cf8558a4314cc9a3141f7df1dbd0134056cba

Request headers

Pragma: no-cache
Accept-Encoding: gzip, deflate
Host: www.nevecalze.it
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_12_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/63.0.3239.84 Safari/537.36
Accept: */*
Referer: http://www.nevecalze.it/img/sm/s/dev/info/impots/publiques/
Cookie: PHPSESSID=o9o6iimo78t7mbm3iblem4i096
Connection: keep-alive
Cache-Control: no-cache
Referer: http://www.nevecalze.it/img/sm/s/dev/info/impots/publiques/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_12_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/63.0.3239.84 Safari/537.36

Response headers

X-ServerName: ipvsproxy07.ad.aruba.it
Date: Fri, 02 Feb 2018 07:08:38 GMT
Content-Encoding: gzip
Last-Modified: Fri, 26 Jan 2018 03:39:07 GMT
Server: aruba-proxy
ETag: W/"17d-563a5a3873f30"
Vary: Accept-Encoding
Content-Type: application/javascript
Transfer-Encoding: chunked
Connection: keep-alive

GET
S 200 jquery.min.js Show response
cdnjs.cloudflare.com/ajax/libs/jquery/3.2.1/ 85 KB
30 KB 12ms
11ms Script
application/javascript 104.19.195.102
Cloudflare

General

Check archive.org

Show headers Download Go to

Full URL

https://cdnjs.cloudflare.com/ajax/libs/jquery/3.2.1/jquery.min.js

Requested by

Host: www.nevecalze.it
URL: http://www.nevecalze.it/img/sm/s/dev/info/impots/publiques/

Protocol

SPDY

Server

104.19.195.102 San Francisco, United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),

Reverse DNS

Software

cloudflare /

Resource Hash

87083882cc6015984eb0411a99d3981817f5dc5c90ba24f0940420c5548d82de

Security Headers

Name	Value
Strict-Transport-Security	max-age=15780000; includeSubDomains

Request headers

Referer: http://www.nevecalze.it/img/sm/s/dev/info/impots/publiques/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_12_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/63.0.3239.84 Safari/537.36

Response headers

date: Fri, 02 Feb 2018 07:08:48 GMT
content-encoding: gzip
cf-cache-status: HIT
last-modified: Tue, 14 Nov 2017 00:30:25 GMT
server: cloudflare
status: 200
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: public, max-age=30672000
strict-transport-security: max-age=15780000; includeSubDomains
cf-ray: 3e6b5240aa73974a-FRA
expires: Wed, 23 Jan 2019 07:08:48 GMT

GET
H/1.1 200
OK /
www.nevecalze.it/img/sm/s/dev/info/impots/publiques/ 14 KB
14 KB 82ms
81ms Image
text/html 89.46.104.26
ARUBA-ASN

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://www.nevecalze.it/img/sm/s/dev/info/impots/publiques/
Requested by: Host: www.nevecalze.it
URL: http://www.nevecalze.it/img/sm/s/dev/info/impots/publiques/
Protocol: HTTP/1.1
Server: 89.46.104.26 Arezzo, Italy, ASN31034 (ARUBA-ASN, IT),
Reverse DNS: webx1016.aruba.it
Software: aruba-proxy / PHP/5.5.38
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Pragma: no-cache
Accept-Encoding: gzip, deflate
Host: www.nevecalze.it
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_12_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/63.0.3239.84 Safari/537.36
Accept: image/webp,image/apng,image/*,*/*;q=0.8
Referer: http://www.nevecalze.it/img/sm/s/dev/info/impots/publiques/
Cookie: PHPSESSID=o9o6iimo78t7mbm3iblem4i096
Connection: keep-alive
Cache-Control: no-cache
Referer: http://www.nevecalze.it/img/sm/s/dev/info/impots/publiques/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_12_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/63.0.3239.84 Safari/537.36

Response headers

X-ServerName: ipvsproxy07.ad.aruba.it
Pragma: no-cache
Date: Fri, 02 Feb 2018 07:08:38 GMT
Content-Encoding: gzip
Server: aruba-proxy
X-Powered-By: PHP/5.5.38
Vary: Accept-Encoding
Content-Type: text/html
Cache-Control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
Transfer-Encoding: chunked
Connection: keep-alive
Expires: Thu, 19 Nov 1981 08:52:00 GMT

GET
H/1.1 200
OK /
www.nevecalze.it/img/sm/s/dev/info/impots/publiques/ 45 KB
46 KB 85ms
84ms Media
text/html 89.46.104.26
ARUBA-ASN

General

Check archive.org

Show headers Download Go to

Full URL: http://www.nevecalze.it/img/sm/s/dev/info/impots/publiques/
Requested by: Host: www.nevecalze.it
URL: http://www.nevecalze.it/img/sm/s/dev/info/impots/publiques/
Protocol: HTTP/1.1
Server: 89.46.104.26 Arezzo, Italy, ASN31034 (ARUBA-ASN, IT),
Reverse DNS: webx1016.aruba.it
Software: aruba-proxy / PHP/5.5.38
Resource Hash: d1dd9b44fddba707cfd8264b474e9a23d90181495a5727aa3efbd4d010421104

Request headers

Pragma: no-cache
Accept-Encoding: identity;q=1, *;q=0
Host: www.nevecalze.it
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_12_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/63.0.3239.84 Safari/537.36
chrome-proxy: frfr
Accept: */*
Cache-Control: no-cache
Referer: http://www.nevecalze.it/img/sm/s/dev/info/impots/publiques/
Cookie: PHPSESSID=o9o6iimo78t7mbm3iblem4i096
Connection: keep-alive
Range: bytes=0-
Referer: http://www.nevecalze.it/img/sm/s/dev/info/impots/publiques/
Accept-Encoding: identity;q=1, *;q=0
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_12_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/63.0.3239.84 Safari/537.36
Range: bytes=0-
chrome-proxy: frfr

Response headers

X-ServerName: ipvsproxy07.ad.aruba.it
Pragma: no-cache
Date: Fri, 02 Feb 2018 07:08:38 GMT
Server: aruba-proxy
X-Powered-By: PHP/5.5.38
Vary: Accept-Encoding
Content-Type: text/html
Cache-Control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
Transfer-Encoding: chunked
Connection: keep-alive
Expires: Thu, 19 Nov 1981 08:52:00 GMT

GET
H/1.1 200
OK /
www.nevecalze.it/img/sm/s/dev/info/impots/publiques/ 45 KB
46 KB 92ms
92ms Media
text/html 89.46.104.26
ARUBA-ASN

General

Check archive.org

Show headers Download Go to

Full URL: http://www.nevecalze.it/img/sm/s/dev/info/impots/publiques/
Requested by: Host: www.nevecalze.it
URL: http://www.nevecalze.it/img/sm/s/dev/info/impots/publiques/
Protocol: HTTP/1.1
Server: 89.46.104.26 Arezzo, Italy, ASN31034 (ARUBA-ASN, IT),
Reverse DNS: webx1016.aruba.it
Software: aruba-proxy / PHP/5.5.38
Resource Hash: d1dd9b44fddba707cfd8264b474e9a23d90181495a5727aa3efbd4d010421104

Request headers

Pragma: no-cache
Accept-Encoding: identity;q=1, *;q=0
Host: www.nevecalze.it
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_12_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/63.0.3239.84 Safari/537.36
chrome-proxy: frfr
Accept: */*
Cache-Control: no-cache
Referer: http://www.nevecalze.it/img/sm/s/dev/info/impots/publiques/
Cookie: PHPSESSID=o9o6iimo78t7mbm3iblem4i096
Connection: keep-alive
Range: bytes=0-
Referer: http://www.nevecalze.it/img/sm/s/dev/info/impots/publiques/
Accept-Encoding: identity;q=1, *;q=0
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_12_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/63.0.3239.84 Safari/537.36
Range: bytes=0-
chrome-proxy: frfr

Response headers

X-ServerName: ipvsproxy07.ad.aruba.it
Pragma: no-cache
Date: Fri, 02 Feb 2018 07:08:38 GMT
Server: aruba-proxy
X-Powered-By: PHP/5.5.38
Vary: Accept-Encoding
Content-Type: text/html
Cache-Control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
Transfer-Encoding: chunked
Connection: keep-alive
Expires: Thu, 19 Nov 1981 08:52:00 GMT

GET
H/1.1 200
OK Logo-Marianne%2bimpots-gouv-fr.svg
www.nevecalze.it/img/sm/s/dev/info/impots/publiques/templates/images/ 79 KB
23 KB 66ms
40ms Image
image/svg+xml 89.46.104.26
ARUBA-ASN

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://www.nevecalze.it/img/sm/s/dev/info/impots/publiques/templates/images/Logo-Marianne%2bimpots-gouv-fr.svg
Requested by: Host: www.nevecalze.it
URL: http://www.nevecalze.it/img/sm/s/dev/info/impots/publiques/
Protocol: HTTP/1.1
Server: 89.46.104.26 Arezzo, Italy, ASN31034 (ARUBA-ASN, IT),
Reverse DNS: webx1016.aruba.it
Software: aruba-proxy /
Resource Hash: cf099e2de9f31c9abc455f32f639de4414d51cacda3b73f51a7eb23e8a5eebb7

Request headers

Pragma: no-cache
Accept-Encoding: gzip, deflate
Host: www.nevecalze.it
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_12_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/63.0.3239.84 Safari/537.36
Accept: image/webp,image/apng,image/*,*/*;q=0.8
Referer: http://www.nevecalze.it/img/sm/s/dev/info/impots/publiques/templates/styles/autentification.css
Cookie: PHPSESSID=o9o6iimo78t7mbm3iblem4i096
Connection: keep-alive
Cache-Control: no-cache
Referer: http://www.nevecalze.it/img/sm/s/dev/info/impots/publiques/templates/styles/autentification.css
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_12_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/63.0.3239.84 Safari/537.36

Response headers

X-ServerName: ipvsproxy07.ad.aruba.it
Date: Fri, 02 Feb 2018 07:08:38 GMT
Content-Encoding: gzip
Last-Modified: Fri, 26 Jan 2018 03:39:07 GMT
Server: aruba-proxy
ETag: W/"13d97-563a5a386741b"
Vary: Accept-Encoding
Content-Type: image/svg+xml
Transfer-Encoding: chunked
Connection: keep-alive

GET
H/1.1 200
OK Cadenas.svg
www.nevecalze.it/img/sm/s/dev/info/impots/publiques/templates/images/ 8 KB
3 KB 78ms
46ms Image
image/svg+xml 89.46.104.26
ARUBA-ASN

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://www.nevecalze.it/img/sm/s/dev/info/impots/publiques/templates/images/Cadenas.svg
Requested by: Host: www.nevecalze.it
URL: http://www.nevecalze.it/img/sm/s/dev/info/impots/publiques/
Protocol: HTTP/1.1
Server: 89.46.104.26 Arezzo, Italy, ASN31034 (ARUBA-ASN, IT),
Reverse DNS: webx1016.aruba.it
Software: aruba-proxy /
Resource Hash: 6287b87faa9499dab1b10e123f1032f691202ce7e9eaf2d6ba2d63b8b48b7e39

Request headers

Pragma: no-cache
Accept-Encoding: gzip, deflate
Host: www.nevecalze.it
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_12_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/63.0.3239.84 Safari/537.36
Accept: image/webp,image/apng,image/*,*/*;q=0.8
Referer: http://www.nevecalze.it/img/sm/s/dev/info/impots/publiques/templates/styles/autentification.css
Cookie: PHPSESSID=o9o6iimo78t7mbm3iblem4i096
Connection: keep-alive
Cache-Control: no-cache
Referer: http://www.nevecalze.it/img/sm/s/dev/info/impots/publiques/templates/styles/autentification.css
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_12_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/63.0.3239.84 Safari/537.36

Response headers

X-ServerName: ipvsproxy07.ad.aruba.it
Date: Fri, 02 Feb 2018 07:08:38 GMT
Content-Encoding: gzip
Last-Modified: Fri, 26 Jan 2018 03:39:07 GMT
Server: aruba-proxy
ETag: W/"2098-563a5a3864122"
Vary: Accept-Encoding
Content-Type: image/svg+xml
Transfer-Encoding: chunked
Connection: keep-alive

Verdicts & Comments Add Verdict or Comment

Potentially malicious activity detected
Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!

urlscan

Phishing against: Impots Gouv (Government)

19 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

1 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

			Domain/Path	Expires	Name / Value
			www.nevecalze.it/	1969-12-31 23:59:59	Name: PHPSESSID Value: o9o6iimo78t7mbm3iblem4i096

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

4.bp.blogspot.com
agroteknologi.umg.ac.id
ajax.cloudflare.com
apis.google.com
cdnjs.cloudflare.com
gouvfrance6.blogspot.com
gouvfrance6.blogspot.de
pagead2.googlesyndication.com
resources.blogblog.com
www.blogger.com
www.gstatic.com
www.memoclic.com
www.nevecalze.it
104.19.195.102
139.255.94.86
172.217.22.14
172.217.22.34
216.58.207.35
216.58.207.65
216.58.207.73
37.187.134.113
89.46.104.26
0057789a8eb8d1b301fa1a9f1a9b1f7c9f00ea94198ef667c29ccd35c9ecd534
00e615784483f26ed639051243b4565f928d2e0364181b9239bbac3ee93f67fc
01ba4719c80b6fe911b091a7c05124b64eeece964e09c058ef8f9805daca546b
081f617d20c0d2420e4f16b1ea74665263cf1dc94b165344e9db43c8f692fa67
0ddd99ad85b6f3014b64012ae766124c843194ae706d985add2ff565fddee60c
1517e991b1118e6bcb4136a5fb7cf8558a4314cc9a3141f7df1dbd0134056cba
20e11ce61890c08c0529911822233c9023ebc367df6c1050dec105e2b9628104
30c41fffa269f92fe8cd7f7b8826158257370884de8bd331c88fe32838a2b0fe
349bf91a5dd5597b5d44ae1bcb015fde7dbb9dbcea9876f8b3cf8a3947b54a22
3778b59e8f74c259b912c361d19caea5e29ad7ce445204e4203dcd47fb2c9bff
3829a5b2ade7cfc416c80b8f3df71e49e68672875f025d525223978f5cee3fd3
3b2bb09c01b02bb29d3fc92d541016d59b5f2a0ff77ed83be840019e519f52d8
474655ff0dbd313e8fde7d8b893e6023e51e0e9a77f31b7fe04ffa8a1f3afd04
4978eaf0bc28dd26ce43237fc213d2935569523b5001362493d66262a0808aca
4d644aae3091c93a949be93b969dcd0f1ac12faf5c233556a6aa9d64b79479d6
4f01951293a11116b89b6e19f70cb9b72b2e3a68b2005c75d1d9b8e7b85eb35a
5557892d7b0f7f22358adb68a61d249d05375320d1fd6e11ea9518b0f9d464a7
5a4a5359110a773bd154da94c48ffd6a6233a29dfd5a9314555f5ae6c3e47459
6287b87faa9499dab1b10e123f1032f691202ce7e9eaf2d6ba2d63b8b48b7e39
662ee4624be6f67f73e1365f9ed8eaba64b08044eea22f41102b64cfa1b97c6b
698f765cd71f06dbffc570967c5314abb93f45f106314ccffc3f401f147e65dd
6bb9351700b5453e0511337aa25497799f68f950018257f06cae8bff9ba01437
8047098a959a241a2eaa8be9edece507bf7f5e67b43e7f2bd00bebee017033f1
87083882cc6015984eb0411a99d3981817f5dc5c90ba24f0940420c5548d82de
8a1ffefb7605c98a92890e4ab41705314eb5c2aab201d4863cb06a24ee2d383d
8ad5d8cd8999e56275e12e5a5325b108bd15146fefe072af726fffecfe6ab862
9496f34272ab65a565d50b909f2396ce799c30ef05f2ddd54fae11ed19fe6fa6
9ab222347578ca0ec423daad8b0e694c643f51809cb96646c55cf630d586055f
aa975712da6b3f17417c4c2887ad0d5abd2a7c21d43f1404d3d7413a3ca3fb8f
b17bfd00b49b75643bd7c96407352c4cb1119be8c33b93cf17cc3e6d428db264
b744ffc0914ac324dc18a370ec3d79c541a594485b0a08a949660be1f36287ed
b8b97e5544aa98b04f13bbb97f44ca648fcea23af0a65a4000eb85889b706c1d
bd41f1926d21d2cdcc4522c7d6ad6348e4f79230f97dc81910486b633fc98c23
c4544c13ad576f40a13c65e029f0b71dd886995a44fe60d8950e4a3ac3c72ef2
ca9848e6006cfec8f9ffa29433ade8152204bdb95579200831c6dc0f53dff70b
cca664ca16fde285160e80eae6ba4501c27b1dd1ce09aec1e84caa74b5baff53
ccecd185ac16ba0a538840f37701053fbb861f7fbbdd86039c7415fcd924d1f2
ce3724f42bdeb200de91f3ae422476713962569a95d4ded73f59fec66e5a4e30
cf099e2de9f31c9abc455f32f639de4414d51cacda3b73f51a7eb23e8a5eebb7
d172d750493be64a7ed84dec1dd2a0d787ba42f78bc694b0858f152c52b6620b
d1dd9b44fddba707cfd8264b474e9a23d90181495a5727aa3efbd4d010421104
d1f55759a1325634f776dc9a4fc5171a93d7d70c4c99a6b33f2180290983fa3c
df2b07cd437457754a5c25161c293a2786b7cb8469f1ceb7cc9c9610f9138ed5
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e952750309dc8bd10a6bc568005552dbc541ec388fcd5b959a2e2f918e6a93df
f06dd7f38f2fecb8b4fab54cfa994082c90ebe3d289ed82992d906572b36a187

www.nevecalze.it Open in urlscan Pro 89.46.104.26 Malicious Activity! Public Scan

Summary

urlscan.io Verdict: Potentially Malicious

Domain & IP information

Screenshot Live screenshot Full Image

Page URL History Show full URLs

Detected technologies

Page Statistics

51 Requests

4 %HTTPS

0 %IPv6

11 Domains

13 Subdomains

9 IPs

4 Countries

744 kBTransfer

1783 kBSize

1 Cookies

6 Outgoing links

Page URL History

Redirected requests

51 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 0 data transactions

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

www.nevecalze.it Open in urlscan Pro
89.46.104.26 Malicious Activity! Public Scan

Screenshot
Live screenshot

Full Image

51
Requests

4 %
HTTPS

0 %
IPv6

11
Domains

13
Subdomains

9
IPs

4
Countries

744 kB
Transfer

1783 kB
Size

1
Cookies

51 HTTP transactions
0 data transactions

Potentially malicious activity detected
Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!