salesforce.romdenne.com Open in urlscan Pro
185.199.111.153 Public Scan

Go To Rescan
Add Verdict Report

URL:
https://salesforce.romdenne.com/
Submission: On January 13 via automatic, source certstream-suspicious (January 13th 2021, 5:14:51 pm UTC)

Summary HTTP 21 Redirects Links 1 Behaviour Indicators

Summary

This website contacted 9 IPs in 3 countries across 9 domains to perform 21 HTTP transactions. The main IP is 185.199.111.153, located in United States and belongs to FASTLY, US. The main domain is salesforce.romdenne.com.
TLS certificate: Issued by R3 on January 13th 2021. Valid for: 3 months.

This is the only time salesforce.romdenne.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
7	185.199.111.153 185.199.111.153	54113 (FASTLY) (FASTLY)
3	2001:4de0:ac1... 2001:4de0:ac19::1:b:3b	20446 (HIGHWINDS3) (HIGHWINDS3)
2	23.111.9.35 23.111.9.35	33438 (HIGHWINDS2) (HIGHWINDS2)
1	2a00:1450:400... 2a00:1450:4001:821::200a	15169 (GOOGLE) (GOOGLE)
3	2600:9000:205... 2600:9000:2057:7e00:0:5a51:64c9:c681	16509 (AMAZON-02) (AMAZON-02)
1	2600:9000:205... 2600:9000:2057:ac00:0:5a51:64c9:c681	16509 (AMAZON-02) (AMAZON-02)
1	2606:4700::68... 2606:4700::6810:125e	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1 2	2606:4700::68... 2606:4700::6810:7caf	13335 (CLOUDFLAR...) (CLOUDFLARENET)
2	2a00:1450:400... 2a00:1450:4001:818::2003	15169 (GOOGLE) (GOOGLE)
21	9

7 185.199.111.153 (United States)

ASN54113 (FASTLY, US)

salesforce.romdenne.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2001:4de0:ac19::1:b:3b (Netherlands)

ASN20446 (HIGHWINDS3, US)

maxcdn.bootstrapcdn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
code.jquery.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 23.111.9.35 (Phoenix, United States)

ASN33438 (HIGHWINDS2, US)

use.fontawesome.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:821::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2600:9000:2057:7e00:0:5a51:64c9:c681 (United States)

ASN16509 (AMAZON-02, US)

farm2.staticflickr.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2600:9000:2057:ac00:0:5a51:64c9:c681 (United States)

ASN16509 (AMAZON-02, US)

c1.staticflickr.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700::6810:125e (United States)

ASN13335 (CLOUDFLARENET, US)

cdnjs.cloudflare.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2606:4700::6810:7caf (United States) 1 redirects

ASN13335 (CLOUDFLARENET, US)

unpkg.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:818::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
7	romdenne.com salesforce.romdenne.com	42 KB
4	staticflickr.com farm2.staticflickr.com c1.staticflickr.com	636 KB
2	gstatic.com fonts.gstatic.com	21 KB
2	unpkg.com 1 redirects unpkg.com	24 KB
2	fontawesome.com use.fontawesome.com	54 KB
2	bootstrapcdn.com maxcdn.bootstrapcdn.com	33 KB
1	cloudflare.com cdnjs.cloudflare.com	6 KB
1	jquery.com code.jquery.com	30 KB
1	googleapis.com fonts.googleapis.com	667 B
21	9

	Domain	Requested by
7	salesforce.romdenne.com	salesforce.romdenne.com code.jquery.com
3	farm2.staticflickr.com	salesforce.romdenne.com
2	fonts.gstatic.com	fonts.googleapis.com
2	unpkg.com	1 redirects salesforce.romdenne.com
2	use.fontawesome.com	salesforce.romdenne.com use.fontawesome.com
2	maxcdn.bootstrapcdn.com	salesforce.romdenne.com
1	cdnjs.cloudflare.com	salesforce.romdenne.com
1	code.jquery.com	salesforce.romdenne.com
1	c1.staticflickr.com	salesforce.romdenne.com
1	fonts.googleapis.com	salesforce.romdenne.com
21	10

This site contains links to these domains. Also see Links.

Domain
cory.romdenne.com

Subject Issuer	Validity	Valid
salesforce.romdenne.com R3	`2021-01-13` - `2021-04-13`	3 months	crt.sh
*.bootstrapcdn.com Sectigo RSA Domain Validation Secure Server CA	`2020-09-22` - `2021-10-12`	a year	crt.sh
*.fontawesome.com DigiCert TLS RSA SHA256 2020 CA1	`2020-11-13` - `2021-12-14`	a year	crt.sh
upload.video.google.com GTS CA 1O1	`2020-12-15` - `2021-03-09`	3 months	crt.sh
static.flickr.com Amazon	`2020-03-11` - `2021-04-11`	a year	crt.sh
jquery.org Sectigo RSA Domain Validation Secure Server CA	`2020-10-06` - `2021-10-16`	a year	crt.sh
sni.cloudflaressl.com Cloudflare Inc ECC CA-3	`2020-10-21` - `2021-10-20`	a year	crt.sh
*.gstatic.com GTS CA 1O1	`2020-12-15` - `2021-03-09`	3 months	crt.sh

This page contains 1 frames:

Primary Page: https://salesforce.romdenne.com/
Frame ID: CBC4D2895BBA545E2613CE6B327BED18
Requests: 21 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Detected technologies

Ruby (Programming Languages) Expand

Overall confidence: 100%
Detected patterns

headers server /^GitHub\.com$/i

Bootstrap (Web Frameworks) Expand

Overall confidence: 100%
Detected patterns

html /<link[^>]+?href="[^"]*bootstrap(?:\.min)?\.css/i

Varnish (Cache Tools) Expand

Overall confidence: 100%
Detected patterns

headers via /varnish(?: $Varnish\/([\d.]+)$)?/i

Ruby on Rails (Web Frameworks) Expand

Overall confidence: 100%
Detected patterns

headers server /^GitHub\.com$/i

Font Awesome (Font Scripts) Expand

Overall confidence: 100%
Detected patterns

html /<link[^>]* href="https:\/\/use\.fontawesome\.com\/releases\/v([^>]+)\/css\//i

GitHub Pages (CDN) Expand

Overall confidence: 100%
Detected patterns

headers server /^GitHub\.com$/i

Google Font API (Font Scripts) Expand

Overall confidence: 100%
Detected patterns

html /<link[^>]* href=[^>]+fonts\.(?:googleapis|google)\.com/i

Page Statistics

21
Requests

100 %
HTTPS

78 %
IPv6

9
Domains

10
Subdomains

9
IPs

3
Countries

848 kB
Transfer

1231 kB
Size

0
Cookies

1 Outgoing links

These are links going to different origins than the main page.

URL: http://cory.romdenne.com/
Title: Cory Romdenne

Search URL Search Domain Scan URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 14

https://unpkg.com/lunr/lunr.js HTTP 302
https://unpkg.com/lunr@2.3.9/lunr.js

21 HTTP transactions
0 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2 200 Primary Request / Show response
salesforce.romdenne.com/ 12 KB
4 KB 240ms
141ms Document
text/html 185.199.111.153
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://salesforce.romdenne.com/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 185.199.111.153 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: GitHub.com /
Resource Hash: 53c03f9fc8eec5638da5b786e2dec480f6eba4a803356ad8c45c792ae08583fd

Request headers

:method: GET
:authority: salesforce.romdenne.com
:scheme: https
:path: /
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: none
sec-fetch-mode: navigate
sec-fetch-user: ?1
sec-fetch-dest: document
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

content-type: text/html; charset=utf-8
server: GitHub.com
last-modified: Wed, 13 Jan 2021 17:03:39 GMT
access-control-allow-origin: *
etag: W/"5fff27eb-2e70"
expires: Wed, 13 Jan 2021 17:24:23 GMT
cache-control: max-age=600
content-encoding: gzip
x-proxy-cache: MISS
x-github-request-id: C94A:F60E:407B6A:443503:5FFF2A6F
accept-ranges: bytes
date: Wed, 13 Jan 2021 17:14:23 GMT
via: 1.1 varnish
age: 0
x-served-by: cache-hhn4026-HHN
x-cache: MISS
x-cache-hits: 0
x-timer: S1610558064.687447,VS0,VE96
vary: Accept-Encoding
x-fastly-request-id: cc24fdc93267547dff0b11ae9dbe3811332078ff
content-length: 3419

GET
H2 200 bootstrap.min.css
maxcdn.bootstrapcdn.com/bootstrap/4.0.0/css/ 141 KB
20 KB 33ms
15ms Stylesheet
text/css 2001:4de0:ac19::1:b:3b
HIGHWINDS3

General

Check archive.org

Show headers Download Go to

Full URL

https://maxcdn.bootstrapcdn.com/bootstrap/4.0.0/css/bootstrap.min.css

Requested by

Host: salesforce.romdenne.com
URL: https://salesforce.romdenne.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2001:4de0:ac19::1:b:3b , Netherlands, ASN20446 (HIGHWINDS3, US),

Reverse DNS

Software

Resource Hash

2c0f3dcfe93d7e380c290fe4ab838ed8cadff1596d62697f5444be460d1f876d

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Origin: https://salesforce.romdenne.com
Referer: https://salesforce.romdenne.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Wed, 13 Jan 2021 17:14:23 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Wed, 12 Dec 2018 18:34:10 GMT
etag: "1544639650"
vary: Accept-Encoding
x-cache: HIT
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: public, max-age=31536000
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
timing-allow-origin: *
content-length: 20563

GET
H2 200 all.css
use.fontawesome.com/releases/v5.0.12/css/ 38 KB
10 KB 173ms
80ms Stylesheet
text/css 23.111.9.35
HIGHWINDS2

General

Check archive.org

Show headers Download Go to

Full URL: https://use.fontawesome.com/releases/v5.0.12/css/all.css
Requested by: Host: salesforce.romdenne.com
URL: https://salesforce.romdenne.com/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 23.111.9.35 Phoenix, United States, ASN33438 (HIGHWINDS2, US),
Reverse DNS
Software: NetDNA-cache/2.2 /
Resource Hash: 0ceee487a90eea3b0e52f01360b44e8b6ac0898062c143dbe724663efd3d6f63

Request headers

Origin: https://salesforce.romdenne.com
Referer: https://salesforce.romdenne.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Wed, 13 Jan 2021 17:14:23 GMT
content-encoding: gzip
last-modified: Thu, 03 May 2018 20:54:51 GMT
server: NetDNA-cache/2.2
etag: W/"d896a88b71aa2ba5d6bd670429bf1bad"
vary: Access-Control-Request-Headers, Access-Control-Request-Method, Accept-Encoding
access-control-allow-methods: GET
content-type: text/css
access-control-allow-origin: *
access-control-max-age: 3000
cache-control: max-age=31556926
x-cache: HIT

GET
H2 200 css
fonts.googleapis.com/ 3 KB
667 B 14ms
14ms Stylesheet
text/css 2a00:1450:4001:821::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Didact+Gothic|Gilda+Display

Requested by

Host: salesforce.romdenne.com
URL: https://salesforce.romdenne.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:821::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

0e71501a0845a168fc84aa075974d8ee1b6b6f5af59b60b59b2cbbb4da31ce00

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://salesforce.romdenne.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
last-modified: Wed, 13 Jan 2021 17:14:23 GMT
server: ESF
date: Wed, 13 Jan 2021 17:14:23 GMT
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Wed, 13 Jan 2021 17:14:23 GMT

GET
H2 200 main.css
salesforce.romdenne.com/css/ 9 KB
2 KB 134ms
133ms Stylesheet
text/css 185.199.111.153
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://salesforce.romdenne.com/css/main.css
Requested by: Host: salesforce.romdenne.com
URL: https://salesforce.romdenne.com/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 185.199.111.153 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: GitHub.com /
Resource Hash: 97c353ef310ea405205fe9db2c673555916e1b17c2a6d18a1af4b82d0652530a

Request headers

Referer: https://salesforce.romdenne.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

x-fastly-request-id: 52c9d961f6aa032c8cf700e7013a5f50a7c20ca8
date: Wed, 13 Jan 2021 17:14:23 GMT
content-encoding: gzip
age: 0
x-cache: MISS
content-length: 2322
x-served-by: cache-hhn4026-HHN
access-control-allow-origin: *
last-modified: Wed, 13 Jan 2021 17:03:39 GMT
server: GitHub.com
x-github-request-id: 9BC6:8693:92A0B:9FC83:5FFF2A6F
x-timer: S1610558064.834806,VS0,VE88
etag: W/"5fff27eb-23c9"
vary: Accept-Encoding
content-type: text/css; charset=utf-8
via: 1.1 varnish
expires: Wed, 13 Jan 2021 17:24:23 GMT
cache-control: max-age=600
accept-ranges: bytes
x-proxy-cache: MISS
x-cache-hits: 0

GET
H2 404 logo.png
salesforce.romdenne.com/images/ 9 KB
9 KB 139ms
137ms Image
text/html 185.199.111.153
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://salesforce.romdenne.com/images/logo.png

Requested by

Host: salesforce.romdenne.com
URL: https://salesforce.romdenne.com/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

185.199.111.153 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

GitHub.com /

Resource Hash

f04f89ad9d4d1a4e84531986d45ecff9d2a46395f8732e29f203d915eb25310b

Security Headers

Name	Value
Content-Security-Policy	default-src 'none'; style-src 'unsafe-inline'; img-src data:; connect-src 'self'

Request headers

Referer: https://salesforce.romdenne.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

x-fastly-request-id: 3de36acc4c4690dde64631a62f1bcbb158c453f3
content-security-policy: default-src 'none'; style-src 'unsafe-inline'; img-src data:; connect-src 'self'
content-encoding: gzip
etag: W/"5ececa4d-247b"
age: 0
x-cache: MISS
x-cache-hits: 0
content-length: 5232
x-served-by: cache-hhn4026-HHN
access-control-allow-origin: *
server: GitHub.com
x-github-request-id: 1C0E:80A3:7B86E9:824944:5FFF2A6F
x-timer: S1610558064.838283,VS0,VE89
date: Wed, 13 Jan 2021 17:14:23 GMT
vary: Accept-Encoding
content-type: text/html; charset=utf-8
via: 1.1 varnish
accept-ranges: bytes
x-proxy-cache: MISS

GET
H2 200 42389411611_f79bce0c55_b.jpg
farm2.staticflickr.com/1735/ 129 KB
130 KB 252ms
233ms Image
image/jpeg 2600:9000:2057:7e00:0:5a51:64c9:c681
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://farm2.staticflickr.com/1735/42389411611_f79bce0c55_b.jpg

Requested by

Host: salesforce.romdenne.com
URL: https://salesforce.romdenne.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:2057:7e00:0:5a51:64c9:c681 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Jubilee /

Resource Hash

aa8d7347887974a0b2f6c5a6965245ded9d3825c3321eb7a236b190ffe3a23bb

Security Headers

Name	Value
X-Frame-Options	DENY

Request headers

Referer: https://salesforce.romdenne.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Wed, 13 Jan 2021 17:14:24 GMT
via: 1.1 2ef0748a2a8fca13fd6065b6b046c33c.cloudfront.net (CloudFront)
mib: 2
x-ttfb: 0.1088
surrogate-control: public, max-age=31536000
ourvalues: Empower Passion (#5 of 5)
x-cache: Miss from cloudfront
p3p: CP="This is not a P3P policy. We respect your privacy."
streaming: false
edge-control: public, max-age=31536000
last-modified: Mon, 01 Apr 2019 13:06:19 GMT
imageheight: 683
powered-by: Mutation/1.0
imagewidth: 1024
x-ttdb-l: 132470
x-request-id: 967f6d97
x-ua-compatible: IE=edge
x-env: a=live, b=jubilee, c=4cf206a9, e=25b0076e119e3dc2918ce5d9458bc58df5eff8c3, f=25b0076e119e3dc2918ce5d9458bc58df5eff8c3
server: Jubilee
etag: "c8229ef18175ff1b6ee00a267c4a05bc.1"
x-frame-options: DENY
access-control-allow-methods: GET, OPTIONS
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
x-amz-cf-pop: FRA6-C1
hiring: Change the world of photography with us. https://www.flickr.com/jobs/
origintype: D
x-amz-cf-id: 7lZ0xPKHecS_aBm9XU97zP1gzPRYoxnyozao4QqPdW__IPP0sLzlXQ==
quote: "I'm not a kid anymore, I'm one of you, one of the X-Men. It means more to me than anything in the world."
expires: Thu, 13 Jan 2022 17:14:24 GMT

GET
H2 200 28515855458_1422778f2e_b.jpg
farm2.staticflickr.com/1750/ 260 KB
261 KB 254ms
235ms Image
image/jpeg 2600:9000:2057:7e00:0:5a51:64c9:c681
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://farm2.staticflickr.com/1750/28515855458_1422778f2e_b.jpg

Requested by

Host: salesforce.romdenne.com
URL: https://salesforce.romdenne.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:2057:7e00:0:5a51:64c9:c681 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Jubilee /

Resource Hash

f5f07e5fbf39b17885d8c101c9968cae3a494c2aba45a88643b37c4ec1b268ed

Security Headers

Name	Value
X-Frame-Options	DENY

Request headers

Referer: https://salesforce.romdenne.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Wed, 13 Jan 2021 17:14:24 GMT
via: 1.1 2ef0748a2a8fca13fd6065b6b046c33c.cloudfront.net (CloudFront)
mib: 2
x-ttfb: 0.1185
surrogate-control: public, max-age=31536000
ourvalues: Dare (#4 of 5)
x-cache: Miss from cloudfront
p3p: CP="This is not a P3P policy. We respect your privacy."
streaming: false
edge-control: public, max-age=31536000
last-modified: Mon, 25 Mar 2019 20:08:48 GMT
imageheight: 709
powered-by: Mutation/1.0
imagewidth: 1024
x-ttdb-l: 266119
x-request-id: b63a2c89
x-ua-compatible: IE=edge
x-env: a=live, b=jubilee, c=21738c41, e=25b0076e119e3dc2918ce5d9458bc58df5eff8c3, f=25b0076e119e3dc2918ce5d9458bc58df5eff8c3
server: Jubilee
etag: "e9f4a6e83675f1bf66b59dfbe9189466.1"
x-frame-options: DENY
access-control-allow-methods: GET, OPTIONS
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
x-amz-cf-pop: FRA6-C1
hiring: Change the world of photography with us. https://www.flickr.com/jobs/
origintype: D
x-amz-cf-id: uHyuCVOpocaQSwNc-GKgA-EbOOfks0N3zFINwLmNUUBEpxOYdMUNsw==
quote: "I'm not a kid anymore, I'm one of you, one of the X-Men. It means more to me than anything in the world."
expires: Thu, 13 Jan 2022 17:14:24 GMT

GET
H2 200 28515848928_f1befaa27b_b.jpg
farm2.staticflickr.com/1756/ 166 KB
167 KB 235ms
217ms Image
image/jpeg 2600:9000:2057:7e00:0:5a51:64c9:c681
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://farm2.staticflickr.com/1756/28515848928_f1befaa27b_b.jpg

Requested by

Host: salesforce.romdenne.com
URL: https://salesforce.romdenne.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:2057:7e00:0:5a51:64c9:c681 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Jubilee /

Resource Hash

56393b61b8ee52535a76767412fb140a382782d297b1a52ea82ecf5cb6f54747

Security Headers

Name	Value
X-Frame-Options	DENY

Request headers

Referer: https://salesforce.romdenne.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Wed, 13 Jan 2021 17:14:24 GMT
via: 1.1 2ef0748a2a8fca13fd6065b6b046c33c.cloudfront.net (CloudFront)
mib: 2
x-ttfb: 0.1148
surrogate-control: public, max-age=31536000
ourvalues: Dare (#4 of 5)
x-cache: Miss from cloudfront
p3p: CP="This is not a P3P policy. We respect your privacy."
streaming: false
edge-control: public, max-age=31536000
last-modified: Mon, 25 Mar 2019 15:18:49 GMT
imageheight: 683
powered-by: Mutation/1.0
imagewidth: 1024
x-ttdb-l: 169986
x-request-id: e356c096
x-ua-compatible: IE=edge
x-env: a=live, b=jubilee, c=77f4af62, e=25b0076e119e3dc2918ce5d9458bc58df5eff8c3, f=25b0076e119e3dc2918ce5d9458bc58df5eff8c3
server: Jubilee
etag: "39621979970655da5fe26f71c7cfc110.1"
x-frame-options: DENY
access-control-allow-methods: GET, OPTIONS
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
x-amz-cf-pop: FRA6-C1
hiring: Change the world of photography with us. https://www.flickr.com/jobs/
origintype: D
x-amz-cf-id: WjCMpwK6prTp0dVBAMK0hxClnnDrdpPIYikZs2jsoLxpwNRRc0hAuw==
quote: "I'm not a kid anymore, I'm one of you, one of the X-Men. It means more to me than anything in the world."
expires: Thu, 13 Jan 2022 17:14:24 GMT

GET
H2 200 27324202137_9dd276b960_b.jpg
c1.staticflickr.com/1/909/ 77 KB
78 KB 257ms
236ms Image
image/jpeg 2600:9000:2057:ac00:0:5a51:64c9:c681
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://c1.staticflickr.com/1/909/27324202137_9dd276b960_b.jpg

Requested by

Host: salesforce.romdenne.com
URL: https://salesforce.romdenne.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:2057:ac00:0:5a51:64c9:c681 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Jubilee /

Resource Hash

170d883b0b1dc39dee051bd66ca80c7a9125114395ded22e0a0b805172337818

Security Headers

Name	Value
X-Frame-Options	DENY

Request headers

Referer: https://salesforce.romdenne.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Wed, 13 Jan 2021 17:14:24 GMT
via: 1.1 b8e900270aa30d899882e71796feca9c.cloudfront.net (CloudFront)
mib: 2
x-ttfb: 0.1188
surrogate-control: public, max-age=31536000
ourvalues: Empower Passion (#5 of 5)
x-cache: Miss from cloudfront
p3p: CP="This is not a P3P policy. We respect your privacy."
streaming: false
edge-control: public, max-age=31536000
last-modified: Tue, 02 Apr 2019 03:51:41 GMT
imageheight: 683
powered-by: Mutation/1.0
imagewidth: 1024
x-ttdb-l: 78584
x-request-id: 8f2c9bf3
x-ua-compatible: IE=edge
x-env: a=live, b=jubilee, c=4cf206a9, e=25b0076e119e3dc2918ce5d9458bc58df5eff8c3, f=25b0076e119e3dc2918ce5d9458bc58df5eff8c3
server: Jubilee
etag: "1e56165b3e108d71b90ea22c8162396f.1"
x-frame-options: DENY
access-control-allow-methods: GET, OPTIONS
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
x-amz-cf-pop: FRA6-C1
hiring: Change the world of photography with us. https://www.flickr.com/jobs/
origintype: D
x-amz-cf-id: cbvy9vXYRjVKdQzUTUlFVCI0CBZ3D1jtggMrj0DZrsHXjO78Wes1-A==
quote: "I'm not a kid anymore, I'm one of you, one of the X-Men. It means more to me than anything in the world."
expires: Thu, 13 Jan 2022 17:14:24 GMT

GET
H2 200 intersection-observer.js Show response
salesforce.romdenne.com/js/ 21 KB
6 KB 145ms
142ms Script
application/javascript 185.199.111.153
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://salesforce.romdenne.com/js/intersection-observer.js
Requested by: Host: salesforce.romdenne.com
URL: https://salesforce.romdenne.com/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 185.199.111.153 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: GitHub.com /
Resource Hash: 1e1f53cbdc0eb700c8b6a7c587758a66430dfb947aa041d66d80fdcc36bcec97

Request headers

Referer: https://salesforce.romdenne.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

x-fastly-request-id: 2915a59acc601caccd18efdb6ab48459733898ff
date: Wed, 13 Jan 2021 17:14:23 GMT
content-encoding: gzip
age: 0
x-cache: MISS
content-length: 6334
x-served-by: cache-hhn4026-HHN
access-control-allow-origin: *
last-modified: Wed, 13 Jan 2021 17:03:35 GMT
server: GitHub.com
x-github-request-id: CBC2:80A1:1C1FAA:1DF0FE:5FFF2A6F
x-timer: S1610558064.838200,VS0,VE92
etag: W/"5fff27e7-55df"
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
via: 1.1 varnish
expires: Wed, 13 Jan 2021 17:24:23 GMT
cache-control: max-age=600
accept-ranges: bytes
x-proxy-cache: MISS
x-cache-hits: 0

GET
H2 200 jquery-3.3.1.min.js Show response
code.jquery.com/ 85 KB
30 KB 31ms
9ms Script
application/javascript 2001:4de0:ac19::1:b:3b
HIGHWINDS3

General

Check archive.org

Show headers Download Go to

Full URL: https://code.jquery.com/jquery-3.3.1.min.js
Requested by: Host: salesforce.romdenne.com
URL: https://salesforce.romdenne.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2001:4de0:ac19::1:b:3b , Netherlands, ASN20446 (HIGHWINDS3, US),
Reverse DNS
Software: nginx /
Resource Hash: 160a426ff2894252cd7cebbdd6d6b7da8fcd319c65b70468f10b6690c45d02ef

Request headers

Origin: https://salesforce.romdenne.com
Referer: https://salesforce.romdenne.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Wed, 13 Jan 2021 17:14:23 GMT
content-encoding: gzip
last-modified: Sat, 20 Jan 2018 17:26:44 GMT
server: nginx
etag: W/"5a637bd4-1538f"
vary: Accept-Encoding
x-hw: 1610558063.dop219.fr8.t,1610558063.cds226.fr8.hn,1610558063.cds002.fr8.c
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: max-age=315360000, public
accept-ranges: bytes
content-length: 30288

GET
H2 200 popper.min.js Show response
cdnjs.cloudflare.com/ajax/libs/popper.js/1.12.9/umd/ 19 KB
6 KB 35ms
32ms Script
application/javascript 2606:4700::6810:125e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdnjs.cloudflare.com/ajax/libs/popper.js/1.12.9/umd/popper.min.js

Requested by

Host: salesforce.romdenne.com
URL: https://salesforce.romdenne.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6810:125e , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

a52f7aa54d7bcaafa056ee0a050262dfc5694ae28dee8b4cac3429af37ff0d66

Security Headers

Name	Value
Strict-Transport-Security	max-age=15780000
X-Content-Type-Options	nosniff

Request headers

Origin: https://salesforce.romdenne.com
Referer: https://salesforce.romdenne.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Wed, 13 Jan 2021 17:14:23 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"report_to":"cf-nel","max_age":604800}
age: 1603012
cross-origin-resource-policy: cross-origin
vary: Accept-Encoding
content-length: 6157
cf-request-id: 079e56dcd000001f3959a73000000001
timing-allow-origin: *
last-modified: Mon, 04 May 2020 16:15:37 GMT
server: cloudflare
cf-cdnjs-via: cfworker/kv
etag: "5eb03fa9-4af4"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=15780000
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=wnXBBxpGJWcGfPZcTVL38xv666rWeysIWr%2FXrbPSuQCw6radfG%2Bak9yDakeEu0hJMYVtXUPduZischMRbYeIFnnDJ0KD6laQzOnKRXYaB1GsxR6ODx7R%2B3rTg4a5lTOOiw%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: public, max-age=30672000
accept-ranges: bytes
cf-ray: 6110c0daedba1f39-FRA
expires: Mon, 03 Jan 2022 17:14:23 GMT

GET
H2 200 bootstrap.min.js Show response
maxcdn.bootstrapcdn.com/bootstrap/4.0.0/js/ 48 KB
13 KB 25ms
9ms Script
text/javascript 2001:4de0:ac19::1:b:3b
HIGHWINDS3

General

Check archive.org

Show headers Download Go to

Full URL

https://maxcdn.bootstrapcdn.com/bootstrap/4.0.0/js/bootstrap.min.js

Requested by

Host: salesforce.romdenne.com
URL: https://salesforce.romdenne.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2001:4de0:ac19::1:b:3b , Netherlands, ASN20446 (HIGHWINDS3, US),

Reverse DNS

Software

Resource Hash

e7ed36ceee5450b4243bbc35188afabdfb4280c7c57597001de0ed167299b01b

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Origin: https://salesforce.romdenne.com
Referer: https://salesforce.romdenne.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Wed, 13 Jan 2021 17:14:23 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Wed, 12 Dec 2018 18:33:52 GMT
etag: "1544639632"
vary: Accept-Encoding
x-cache: HIT
content-type: text/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: public, max-age=31536000
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
timing-allow-origin: *
content-length: 13105

GET
H2 200 lazyload.js Show response
salesforce.romdenne.com/js/ 2 KB
945 B 144ms
142ms Script
application/javascript 185.199.111.153
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://salesforce.romdenne.com/js/lazyload.js
Requested by: Host: salesforce.romdenne.com
URL: https://salesforce.romdenne.com/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 185.199.111.153 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: GitHub.com /
Resource Hash: 3551ec3a521809e3cc4f5225ae58e60ea4db5342317c04bf75f0d8ad56854bba

Request headers

Referer: https://salesforce.romdenne.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

x-fastly-request-id: d270be002e9b02be25c24cb3d168ba19c0645d66
date: Wed, 13 Jan 2021 17:14:23 GMT
content-encoding: gzip
age: 0
x-cache: MISS
content-length: 621
x-served-by: cache-hhn4026-HHN
access-control-allow-origin: *
last-modified: Wed, 13 Jan 2021 17:03:35 GMT
server: GitHub.com
x-github-request-id: 9BC4:A9E6:7485A1:7AE29A:5FFF2A6E
x-timer: S1610558064.838184,VS0,VE92
etag: W/"5fff27e7-731"
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
via: 1.1 varnish
expires: Wed, 13 Jan 2021 17:24:23 GMT
cache-control: max-age=600
accept-ranges: bytes
x-proxy-cache: MISS
x-cache-hits: 0

GET
H2

200

lunr.js Show response
unpkg.com/lunr@2.3.9/
Redirect Chain

https://unpkg.com/lunr/lunr.js
https://unpkg.com/lunr@2.3.9/lunr.js

97 KB
24 KB

31ms
31ms

Script
application/javascript

2606:4700::6810:7caf
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://unpkg.com/lunr@2.3.9/lunr.js

Requested by

Host: salesforce.romdenne.com
URL: https://salesforce.romdenne.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6810:7caf , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

9431726f05c0eae2a6e54dc197709422869f25cad44f2430d2fb7ddae80cc717

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://salesforce.romdenne.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Wed, 13 Jan 2021 17:14:23 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
age: 1602441
vary: Accept-Encoding
cf-request-id: 079e56dcf70000323c32ae3000000001
last-modified: Wed, 19 Aug 2020 20:25:52 GMT
server: cloudflare
etag: W/"185dc-BNmcBo9ZE+oMHIzDUCK62iHp4xU"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
x-cloud-trace-context: 8fcba686ceab5458bb0226b1c8b59b2f
cache-control: public, max-age=31536000
cf-ray: 6110c0db2f9b323c-FRA

Redirect headers

date: Wed, 13 Jan 2021 17:14:23 GMT
x-content-type-options: nosniff
cf-cache-status: HIT
age: 172
vary: Accept, Accept-Encoding
content-length: 41
cf-request-id: 079e56dce00000323cbe94e000000001
server: cloudflare
location: /lunr@2.3.9/lunr.js
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-type: text/plain; charset=utf-8
access-control-allow-origin: *
x-cloud-trace-context: 75e462557936cd61b5831277155581c7
cache-control: public, s-maxage=600, max-age=60
cf-ray: 6110c0daff27323c-FRA

GET
H2 200 search.js Show response
salesforce.romdenne.com/js/ 3 KB
1 KB 143ms
141ms Script
application/javascript 185.199.111.153
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://salesforce.romdenne.com/js/search.js
Requested by: Host: salesforce.romdenne.com
URL: https://salesforce.romdenne.com/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 185.199.111.153 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: GitHub.com /
Resource Hash: ade832414ca354b74203c80fffbfe56d74e094b93edb31e80e62b222f849e8f0

Request headers

Referer: https://salesforce.romdenne.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

x-fastly-request-id: 7230b9f5dd457a6c8c5486b66841ef2b9a2df5e8
date: Wed, 13 Jan 2021 17:14:23 GMT
content-encoding: gzip
age: 0
x-cache: MISS
content-length: 1141
x-served-by: cache-hhn4026-HHN
access-control-allow-origin: *
last-modified: Wed, 13 Jan 2021 17:03:39 GMT
server: GitHub.com
x-github-request-id: D470:074C:43D56A:47B10F:5FFF2A6E
x-timer: S1610558064.838280,VS0,VE91
etag: W/"5fff27eb-aa3"
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
via: 1.1 varnish
expires: Wed, 13 Jan 2021 17:24:23 GMT
cache-control: max-age=600
accept-ranges: bytes
x-proxy-cache: MISS
x-cache-hits: 0

GET
H2 200 ahcfv8qz1zt6hCC5G4F_P4ASlUuYpmDmYyU.woff2
fonts.gstatic.com/s/didactgothic/v14/ 10 KB
10 KB 6ms
5ms Font
font/woff2 2a00:1450:4001:818::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/didactgothic/v14/ahcfv8qz1zt6hCC5G4F_P4ASlUuYpmDmYyU.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Didact+Gothic|Gilda+Display

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:818::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

91dd07bc10f672bacff7279b703866273ebd7e0eac0a6167bfc62d15e6da1cd3

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Origin: https://salesforce.romdenne.com
Referer: https://fonts.googleapis.com/css?family=Didact+Gothic|Gilda+Display
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Tue, 12 Jan 2021 02:37:11 GMT
x-content-type-options: nosniff
last-modified: Tue, 01 Sep 2020 04:59:52 GMT
server: sffe
age: 139033
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 10424
x-xss-protection: 0
expires: Wed, 12 Jan 2022 02:37:11 GMT

GET
H2 200 fa-solid-900.woff2
use.fontawesome.com/releases/v5.0.12/webfonts/ 44 KB
44 KB 54ms
54ms Font
font/woff2 23.111.9.35
HIGHWINDS2

General

Check archive.org

Show headers Download Go to

Full URL: https://use.fontawesome.com/releases/v5.0.12/webfonts/fa-solid-900.woff2
Requested by: Host: use.fontawesome.com
URL: https://use.fontawesome.com/releases/v5.0.12/css/all.css
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 23.111.9.35 Phoenix, United States, ASN33438 (HIGHWINDS2, US),
Reverse DNS
Software: NetDNA-cache/2.2 /
Resource Hash: 7d349f9e08a50336b6f398554e817e6921dd390ef9d8cacf3074a24d4379bd10

Request headers

Origin: https://salesforce.romdenne.com
Referer: https://use.fontawesome.com/releases/v5.0.12/css/all.css
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Wed, 13 Jan 2021 17:14:24 GMT
last-modified: Thu, 03 May 2018 20:55:16 GMT
server: NetDNA-cache/2.2
etag: "62e224193aeed0b428e83d1cccfd6d91"
vary: Access-Control-Request-Headers, Access-Control-Request-Method, Accept-Encoding
access-control-allow-methods: GET
content-type: font/woff2
access-control-allow-origin: *
access-control-max-age: 3000
cache-control: max-age=31556926
x-cache: HIT
accept-ranges: bytes
content-length: 45132

GET
H2 200 t5tmIRoYMoaYG0WEOh7HwMeR3T7Pr7GEch8.woff2
fonts.gstatic.com/s/gildadisplay/v8/ 11 KB
11 KB 7ms
6ms Font
font/woff2 2a00:1450:4001:818::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/gildadisplay/v8/t5tmIRoYMoaYG0WEOh7HwMeR3T7Pr7GEch8.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Didact+Gothic|Gilda+Display

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:818::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

14aa1be11f16d071e8027d7d8c16bd10769c8ff997e5911624a3d1cb602cd95b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Origin: https://salesforce.romdenne.com
Referer: https://fonts.googleapis.com/css?family=Didact+Gothic|Gilda+Display
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Thu, 07 Jan 2021 21:35:08 GMT
x-content-type-options: nosniff
last-modified: Thu, 23 Jul 2020 19:37:49 GMT
server: sffe
age: 502756
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 11136
x-xss-protection: 0
expires: Fri, 07 Jan 2022 21:35:08 GMT

GET
H2 200 search_data.json Show response
salesforce.romdenne.com/ 47 KB
18 KB 136ms
135ms XHR
application/json 185.199.111.153
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://salesforce.romdenne.com/search_data.json
Requested by: Host: code.jquery.com
URL: https://code.jquery.com/jquery-3.3.1.min.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 185.199.111.153 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: GitHub.com /
Resource Hash: cd96f53545779e40d8c1150b30086b20cd3ed584637e29c2f4628efd71b820b2

Request headers

Accept: application/json, text/javascript, */*; q=0.01
Referer: https://salesforce.romdenne.com/
X-Requested-With: XMLHttpRequest
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

x-fastly-request-id: dc147b82650ebb08540109d62f774b047b33301b
date: Wed, 13 Jan 2021 17:14:24 GMT
content-encoding: gzip
age: 0
x-cache: MISS
content-length: 18674
x-served-by: cache-hhn4026-HHN
access-control-allow-origin: *
last-modified: Wed, 13 Jan 2021 17:03:39 GMT
server: GitHub.com
x-github-request-id: 0A20:074C:43D580:47B176:5FFF2A70
x-timer: S1610558064.090804,VS0,VE90
etag: W/"5fff27eb-bd11"
vary: Accept-Encoding
content-type: application/json; charset=utf-8
via: 1.1 varnish
expires: Wed, 13 Jan 2021 17:24:24 GMT
cache-control: max-age=600
accept-ranges: bytes
x-origin-cache: HIT
x-proxy-cache: MISS
x-cache-hits: 0

Verdicts & Comments Add Verdict or Comment

16 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

0 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

c1.staticflickr.com
cdnjs.cloudflare.com
code.jquery.com
farm2.staticflickr.com
fonts.googleapis.com
fonts.gstatic.com
maxcdn.bootstrapcdn.com
salesforce.romdenne.com
unpkg.com
use.fontawesome.com
185.199.111.153
2001:4de0:ac19::1:b:3b
23.111.9.35
2600:9000:2057:7e00:0:5a51:64c9:c681
2600:9000:2057:ac00:0:5a51:64c9:c681
2606:4700::6810:125e
2606:4700::6810:7caf
2a00:1450:4001:818::2003
2a00:1450:4001:821::200a
0ceee487a90eea3b0e52f01360b44e8b6ac0898062c143dbe724663efd3d6f63
0e71501a0845a168fc84aa075974d8ee1b6b6f5af59b60b59b2cbbb4da31ce00
14aa1be11f16d071e8027d7d8c16bd10769c8ff997e5911624a3d1cb602cd95b
160a426ff2894252cd7cebbdd6d6b7da8fcd319c65b70468f10b6690c45d02ef
170d883b0b1dc39dee051bd66ca80c7a9125114395ded22e0a0b805172337818
1e1f53cbdc0eb700c8b6a7c587758a66430dfb947aa041d66d80fdcc36bcec97
2c0f3dcfe93d7e380c290fe4ab838ed8cadff1596d62697f5444be460d1f876d
3551ec3a521809e3cc4f5225ae58e60ea4db5342317c04bf75f0d8ad56854bba
53c03f9fc8eec5638da5b786e2dec480f6eba4a803356ad8c45c792ae08583fd
56393b61b8ee52535a76767412fb140a382782d297b1a52ea82ecf5cb6f54747
7d349f9e08a50336b6f398554e817e6921dd390ef9d8cacf3074a24d4379bd10
91dd07bc10f672bacff7279b703866273ebd7e0eac0a6167bfc62d15e6da1cd3
9431726f05c0eae2a6e54dc197709422869f25cad44f2430d2fb7ddae80cc717
97c353ef310ea405205fe9db2c673555916e1b17c2a6d18a1af4b82d0652530a
a52f7aa54d7bcaafa056ee0a050262dfc5694ae28dee8b4cac3429af37ff0d66
aa8d7347887974a0b2f6c5a6965245ded9d3825c3321eb7a236b190ffe3a23bb
ade832414ca354b74203c80fffbfe56d74e094b93edb31e80e62b222f849e8f0
cd96f53545779e40d8c1150b30086b20cd3ed584637e29c2f4628efd71b820b2
e7ed36ceee5450b4243bbc35188afabdfb4280c7c57597001de0ed167299b01b
f04f89ad9d4d1a4e84531986d45ecff9d2a46395f8732e29f203d915eb25310b
f5f07e5fbf39b17885d8c101c9968cae3a494c2aba45a88643b37c4ec1b268ed

salesforce.romdenne.com Open in urlscan Pro 185.199.111.153 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Detected technologies

Page Statistics

21 Requests

100 %HTTPS

78 %IPv6

9 Domains

10 Subdomains

9 IPs

3 Countries

848 kBTransfer

1231 kBSize

0 Cookies

1 Outgoing links

Redirected requests

21 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 0 data transactions

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Verdicts & Comments Add Verdict or Comment

16 JavaScript Global Variables

0 Cookies

Indicators

salesforce.romdenne.com Open in urlscan Pro
185.199.111.153 Public Scan

Screenshot
Live screenshot

Full Image

21
Requests

100 %
HTTPS

78 %
IPv6

9
Domains

10
Subdomains

9
IPs

3
Countries

848 kB
Transfer

1231 kB
Size

0
Cookies

21 HTTP transactions
0 data transactions