URL: https://school.le-rosh.com/
Submission: On April 14 via api from US — Scanned from DE

Summary

This website contacted 8 IPs in 4 countries across 7 domains to perform 15 HTTP transactions. The main IP is 23.229.186.193, located in United States and belongs to AS-26496-GO-DADDY-COM-LLC, US. The main domain is school.le-rosh.com.
TLS certificate: Issued by school.le-rosh.com on March 2nd 2024. Valid for: a year.
This is the only time school.le-rosh.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
2 23.229.186.193 26496 (AS-26496-...)
1 2a00:1450:400... 15169 (GOOGLE)
1 188.114.96.3 13335 (CLOUDFLAR...)
1 2 95.101.74.93 20940 (AKAMAI-ASN1)
1 51.158.151.173 12876 (Online SAS)
3 2a00:1450:400... 15169 (GOOGLE)
2 2a02:26f0:170... 20940 (AKAMAI-ASN1)
4 2a02:26f0:350... 20940 (AKAMAI-ASN1)
15 8
Apex Domain
Subdomains
Transfer
6 secureserver.net
events.api.secureserver.net — Cisco Umbrella Rank: 12901
csp.secureserver.net — Cisco Umbrella Rank: 12949
568 B
3 gstatic.com
fonts.gstatic.com
39 KB
2 wsimg.com
img1.wsimg.com — Cisco Umbrella Rank: 10190
21 KB
2 le-rosh.com
school.le-rosh.com
14 KB
1 kosred.com
kosred.com
1 0zz0.com
www7.0zz0.com
398 KB
1 googleapis.com
fonts.googleapis.com — Cisco Umbrella Rank: 35
912 B
15 7
Domain Requested by
4 csp.secureserver.net img1.wsimg.com
3 fonts.gstatic.com school.le-rosh.com
fonts.googleapis.com
2 events.api.secureserver.net img1.wsimg.com
2 img1.wsimg.com 1 redirects school.le-rosh.com
2 school.le-rosh.com
1 kosred.com school.le-rosh.com
1 www7.0zz0.com school.le-rosh.com
1 fonts.googleapis.com school.le-rosh.com
15 8

This site contains links to these domains. Also see Links.

Domain
twitter.com
instagram.com
Subject Issuer Validity Valid
school.le-rosh.com
school.le-rosh.com
2024-03-02 -
2025-03-02
a year crt.sh
upload.video.google.com
GTS CA 1C3
2024-03-04 -
2024-05-27
3 months crt.sh
0zz0.com
GTS CA 1P5
2024-04-14 -
2024-07-13
3 months crt.sh
kosred.com
R3
2024-04-13 -
2024-07-12
3 months crt.sh
*.gstatic.com
GTS CA 1C3
2024-03-04 -
2024-05-27
3 months crt.sh
*.api.secureserver.net
Starfield Secure Certificate Authority - G2
2023-07-10 -
2024-08-10
a year crt.sh
*.secureserver.net
Starfield Secure Certificate Authority - G2
2023-10-10 -
2024-11-10
a year crt.sh

This page contains 2 frames:

Primary Page: https://school.le-rosh.com/
Frame ID: CAAEFC7B82FF0B9D0F205F9FB82326BA
Requests: 12 HTTP requests in this frame

Frame: https://kosred.com/a/lfgmzt.mp3
Frame ID: C44E1F82D35B2C84AAFBFAC4036744F9
Requests: 1 HTTP requests in this frame

Screenshot


Detected technologies

Overall confidence: 100%
Detected patterns
  • <link[^>]* href=[^>]+fonts\.(?:googleapis|google)\.com

Page Statistics

15
Requests

80 %
HTTPS

50 %
IPv6

7
Domains

8
Subdomains

8
IPs

4
Countries

473 kB
Transfer

591 kB
Size

3
Cookies

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 2
  • https://img1.wsimg.com/traffic-assets/js/tccl.min.js HTTP 301
  • https://img1.wsimg.com/signals/js/clients/scc-c2/scc-c2.min.js

15 HTTP transactions

Resource
Path
Size
x-fer
Type
MIME-Type
Primary Request /
school.le-rosh.com/
25 KB
7 KB
Document
General
Full URL
https://school.le-rosh.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
23.229.186.193 , United States, ASN26496 (AS-26496-GO-DADDY-COM-LLC, US),
Reverse DNS
193.186.229.23.host.secureserver.net
Software
Apache / PHP/8.2.16
Resource Hash
b7bcbe18d679394cbe8aa4ae9f7caeb1d4f826e0cc6c4a448dbe7538a59d7847

Request headers

Accept-Language
de-DE,de;q=0.9;q=0.9
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
sec-ch-ua-mobile
?0
sec-ch-ua-platform
"Win32"

Response headers

content-encoding
br
content-length
6904
content-type
text/html; charset=UTF-8
date
Sun, 14 Apr 2024 08:06:46 GMT
server
Apache
vary
Accept-Encoding
x-powered-by
PHP/8.2.16
css2
fonts.googleapis.com/
2 KB
912 B
Stylesheet
General
Full URL
https://fonts.googleapis.com/css2?family=Iceland&family=Kalam:wght@300&display=swap
Requested by
Host: school.le-rosh.com
URL: https://school.le-rosh.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:828::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
7b0bbabd4f71130adc55a0ef006eab585f56b6ef3abb4a1a5353db46bbb96d10
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer
https://school.le-rosh.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

strict-transport-security
max-age=31536000
date
Sun, 14 Apr 2024 08:06:46 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection
0
last-modified
Sun, 14 Apr 2024 08:06:46 GMT
server
ESF
cross-origin-opener-policy
same-origin-allow-popups
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Sun, 14 Apr 2024 08:06:46 GMT
818718642.gif
www7.0zz0.com/2023/11/11/21/
398 KB
398 KB
Image
General
Full URL
https://www7.0zz0.com/2023/11/11/21/818718642.gif
Requested by
Host: school.le-rosh.com
URL: https://school.le-rosh.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
188.114.96.3 Amsterdam, Netherlands, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
8cd5b1cec5f4bd169823c23927bdaa7de4eca6336b2299f8806dd6e0f98a9d09
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer
https://school.le-rosh.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Sun, 14 Apr 2024 08:06:47 GMT
strict-transport-security
max-age=15552000; includeSubDomains; preload
x-content-type-options
nosniff
cf-cache-status
REVALIDATED
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
alt-svc
h3=":443"; ma=86400
content-length
407304
last-modified
Sat, 11 Nov 2023 21:15:11 GMT
server
cloudflare
etag
"63708-609e6eeaa79a1"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=WOC%2FkSE3Jy%2BvtD%2BOmf9niZjRxyaGCzkXQzvbiCE8VKiRR1q8aqT2Hf19oYbiRc%2BIkImuMlk%2FOsZWhiaUWywAnGbevv7S28MKYwIoFxTP4yK21GIKsXON0szfrHwP36%2Bh"}],"group":"cf-nel","max_age":604800}
content-type
image/gif
cache-control
max-age=31536000
accept-ranges
bytes
cf-ray
874232cf4a038eda-FRA
scc-c2.min.js
img1.wsimg.com/signals/js/clients/scc-c2/
Redirect Chain
  • https://img1.wsimg.com/traffic-assets/js/tccl.min.js
  • https://img1.wsimg.com/signals/js/clients/scc-c2/scc-c2.min.js
103 KB
20 KB
Script
General
Full URL
https://img1.wsimg.com/signals/js/clients/scc-c2/scc-c2.min.js
Requested by
Host: school.le-rosh.com
URL: https://school.le-rosh.com/
Protocol
H2
Server
95.101.74.93 Schiphol, Netherlands, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
a95-101-74-93.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
e301943f5f3cb3486ab3f4c75c0315e96891268a76b8663b6a490324e39d1664

Request headers

Accept-Language
de-DE,de;q=0.9;q=0.9
Referer
https://school.le-rosh.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36

Response headers

x-amz-version-id
NUbpk_ypfZoRQFFJE7rB4qpj7fMsB7r1
content-encoding
gzip
date
Sun, 14 Apr 2024 08:06:47 GMT
x-amz-request-id
R39N6B5E91M0GGDM
x-amz-server-side-encryption
AES256
x-amz-meta-version
0.2.5
content-length
20488
x-amz-id-2
e0NlYAgD1rTj9zgFq4lLjgKcA7s+RnFFvNsH4eumV7/W7td+ywEKplxAniIwJlAm1R2Y2P9pz54=
last-modified
Fri, 22 Mar 2024 13:06:20 GMT
etag
"fdf3f3c180ae2aa6864f9c46a83a37a9"
vary
Accept-Encoding
content-type
text/javascript
access-control-allow-origin
*
cache-control
max-age=1800
accept-ranges
bytes
timing-allow-origin
*
expires
Sun, 14 Apr 2024 08:36:47 GMT

Redirect headers

location
https://img1.wsimg.com/signals/js/clients/scc-c2/scc-c2.min.js
access-control-allow-origin
*
date
Sun, 14 Apr 2024 08:06:47 GMT
cache-control
max-age=31536000
timing-allow-origin
*
content-length
0
expires
Mon, 14 Apr 2025 08:06:47 GMT
lfgmzt.mp3
kosred.com/a/ Frame C44E
0
0
Document
General
Full URL
https://kosred.com/a/lfgmzt.mp3
Requested by
Host: school.le-rosh.com
URL: https://school.le-rosh.com/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
51.158.151.173 Paris, France, ASN12876 (Online SAS, FR),
Reverse DNS
51-158-151-173.rev.poneytelecom.eu
Software
Apache/2.4.41 (Ubuntu) /
Resource Hash

Request headers

Accept-Language
de-DE,de;q=0.9;q=0.9
Referer
https://school.le-rosh.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
sec-ch-ua-mobile
?0
sec-ch-ua-platform
"Win32"

Response headers

Connection
Keep-Alive
Content-Length
273
Content-Type
text/html; charset=iso-8859-1
Date
Sun, 14 Apr 2024 08:06:47 GMT
Keep-Alive
timeout=5, max=100
Server
Apache/2.4.41 (Ubuntu)
8QIJdijAiM7o-qnZiI8EqprnEO0.woff2
fonts.gstatic.com/s/iceberg/v7/
6 KB
7 KB
Font
General
Full URL
https://fonts.gstatic.com/s/iceberg/v7/8QIJdijAiM7o-qnZiI8EqprnEO0.woff2
Requested by
Host: school.le-rosh.com
URL: https://school.le-rosh.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:831::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
1932e0513d5227893a2618af699ee42daeb4510f6d17c263a055f175e89c384e
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer
https://school.le-rosh.com/
Origin
https://school.le-rosh.com
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Sat, 13 Apr 2024 07:46:28 GMT
x-content-type-options
nosniff
age
87618
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
6188
x-xss-protection
0
last-modified
Tue, 16 Jul 2019 03:09:06 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Sun, 13 Apr 2025 07:46:28 GMT
rax9HiuFsdMNOnWPaKtMAQ.woff2
fonts.gstatic.com/s/iceland/v20/
11 KB
11 KB
Font
General
Full URL
https://fonts.gstatic.com/s/iceland/v20/rax9HiuFsdMNOnWPaKtMAQ.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css2?family=Iceland&family=Kalam:wght@300&display=swap
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:831::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
d07a894337a83ac4df03d593c8fe94197a4e73f8b27c10229fd00d816d58e1c6
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer
https://fonts.googleapis.com/
Origin
https://school.le-rosh.com
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Mon, 08 Apr 2024 20:26:28 GMT
x-content-type-options
nosniff
age
474018
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
11576
x-xss-protection
0
last-modified
Thu, 24 Aug 2023 17:22:07 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Tue, 08 Apr 2025 20:26:28 GMT
YA9Qr0Wd4kDdMtD6GjLMkiQ.woff2
fonts.gstatic.com/s/kalam/v16/
21 KB
21 KB
Font
General
Full URL
https://fonts.gstatic.com/s/kalam/v16/YA9Qr0Wd4kDdMtD6GjLMkiQ.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css2?family=Iceland&family=Kalam:wght@300&display=swap
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:831::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
19f8586a22fbcb870f9d2490381d76b9f2e868c56e44b7bbc28d9efe05522a41
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer
https://fonts.googleapis.com/
Origin
https://school.le-rosh.com
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Mon, 08 Apr 2024 21:44:31 GMT
x-content-type-options
nosniff
age
469335
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
21476
x-xss-protection
0
last-modified
Tue, 26 Apr 2022 15:49:21 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Tue, 08 Apr 2025 21:44:31 GMT
event
events.api.secureserver.net/t/1/tl/
43 B
284 B
Fetch
General
Full URL
https://events.api.secureserver.net/t/1/tl/event?dh=school.le-rosh.com&dr=&ua=Mozilla%2F5.0%20(Windows%20NT%2010.0%3B%20Win64%3B%20x64)%20AppleWebKit%2F537.36%20(KHTML%2C%20like%20Gecko)%20Chrome%2F123.0.0.0%20Safari%2F537.36&client_name=scc-c2&cv=0.2.5&vg=4cee4fb5-1085-4456-b042-b1f1c3554a9e&vtg=4cee4fb5-1085-4456-b042-b1f1c3554a9e&dp=%2F&trace_id=d2393f84668649438288daf069cc171e&cts=2024-04-14T08%3A06%3A47.097Z&hit_id=cb73a221-5550-4d65-b5da-27a807b2ff38&ht=pageview&trfd=%7B%22ap%22%3A%22cpsh%22%2C%22server%22%3A%22p3plcpnl0516%22%2C%22dcenter%22%3A%22p3%22%2C%22cp_id%22%3A%226471629%22%2C%22cp_cache%22%3A%22%22%2C%22cp_cl%22%3A%226%22%7D&ap=cpsh&vci=415540984&z=140674454
Requested by
Host: img1.wsimg.com
URL: https://img1.wsimg.com/traffic-assets/js/tccl.min.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2a02:26f0:1700:11::b856:678c Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
/
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b
Security Headers
Name Value
Strict-Transport-Security max-age=31536000 ; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 1; mode=block

Request headers

sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer
https://school.le-rosh.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

strict-transport-security
max-age=31536000 ; includeSubDomains
date
Sun, 14 Apr 2024 08:06:47 GMT
x-content-type-options
nosniff
x-frame-options
DENY
content-type
image/gif
access-control-allow-origin
https://school.le-rosh.com
cache-control
private
access-control-allow-credentials
true
x-robots-tag
noindex, nofollow
content-length
43
x-xss-protection
1; mode=block
event
events.api.secureserver.net/t/1/tl/
43 B
284 B
Fetch
General
Full URL
https://events.api.secureserver.net/t/1/tl/event?dh=school.le-rosh.com&dr=&ua=Mozilla%2F5.0%20(Windows%20NT%2010.0%3B%20Win64%3B%20x64)%20AppleWebKit%2F537.36%20(KHTML%2C%20like%20Gecko)%20Chrome%2F123.0.0.0%20Safari%2F537.36&client_name=scc-c2&cv=0.2.5&vg=4cee4fb5-1085-4456-b042-b1f1c3554a9e&vtg=4cee4fb5-1085-4456-b042-b1f1c3554a9e&dp=%2F&trace_id=d2393f84668649438288daf069cc171e&cts=2024-04-14T08%3A06%3A47.116Z&hit_id=c756e643-932a-4d3f-a834-840375b30b32&ea=pageperf&ht=perf&eid=traffic.tcc.instrumentation.navigation.timing&trfd=%7B%22ap%22%3A%22cpsh%22%2C%22server%22%3A%22p3plcpnl0516%22%2C%22dcenter%22%3A%22p3%22%2C%22cp_id%22%3A%226471629%22%2C%22cp_cache%22%3A%22%22%2C%22cp_cl%22%3A%226%22%7D&ap=cpsh&vci=415540984&z=773711265&tce=1713082006686&tcs=1713082006253&tdc=1713082007111&tdclee=1713082007111&tdcles=1713082007100&tdi=1713082007100&tdl=1713082006876&tdle=1713082006253&tdls=1713082006253&tfs=1713082006232&tns=1713082006232&trqs=1713082006687&tre=1713082006874&trps=1713082006873&tles=1713082007111&tlee=0&nt=navigate&nav_type=hard
Requested by
Host: img1.wsimg.com
URL: https://img1.wsimg.com/traffic-assets/js/tccl.min.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2a02:26f0:1700:11::b856:678c Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
/
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b
Security Headers
Name Value
Strict-Transport-Security max-age=31536000 ; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 1; mode=block

Request headers

sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer
https://school.le-rosh.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

strict-transport-security
max-age=31536000 ; includeSubDomains
date
Sun, 14 Apr 2024 08:06:47 GMT
x-content-type-options
nosniff
x-frame-options
DENY
content-type
image/gif
access-control-allow-origin
https://school.le-rosh.com
cache-control
private
access-control-allow-credentials
true
x-robots-tag
noindex, nofollow
content-length
43
x-xss-protection
1; mode=block
favicon.ico
school.le-rosh.com/
25 KB
7 KB
Other
General
Full URL
https://school.le-rosh.com/favicon.ico
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
23.229.186.193 , United States, ASN26496 (AS-26496-GO-DADDY-COM-LLC, US),
Reverse DNS
193.186.229.23.host.secureserver.net
Software
Apache / PHP/8.2.16
Resource Hash
b7bcbe18d679394cbe8aa4ae9f7caeb1d4f826e0cc6c4a448dbe7538a59d7847

Request headers

sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer
https://school.le-rosh.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Sun, 14 Apr 2024 08:06:47 GMT
content-encoding
br
server
Apache
x-powered-by
PHP/8.2.16
content-length
6904
vary
Accept-Encoding
content-type
text/html; charset=UTF-8
eventbus
csp.secureserver.net/ Frame
0
0
Preflight
General
Full URL
https://csp.secureserver.net/eventbus
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2a02:26f0:3500:899::228b Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
/
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=86400 ; includeSubDomains ; preload

Request headers

Accept
*/*
Access-Control-Request-Headers
authorization,content-type
Access-Control-Request-Method
POST
Origin
https://school.le-rosh.com
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36

Response headers

Access-Control-Allow-Headers
content-type,authorization
Access-Control-Allow-Methods
OPTIONS,POST
Access-Control-Allow-Origin
*
Cache-Control
max-age=0, no-cache, no-store
Connection
keep-alive
Content-Length
0
Content-Type
application/json
Date
Sun, 14 Apr 2024 08:06:47 GMT
Expires
Sun, 14 Apr 2024 08:06:47 GMT
Pragma
no-cache
Strict-Transport-Security
max-age=86400 ; includeSubDomains ; preload
x-amz-apigw-id
WNM3tEFiIAMEKaw=
x-amzn-requestid
6eb01350-78a3-4942-8586-bd572423e192
x-amzn-trace-id
Root=1-661b8e97-350738db1d6d753f69fc2219
x-envoy-upstream-service-time
6
eventbus
csp.secureserver.net/
0
0
Fetch
General
Full URL
https://csp.secureserver.net/eventbus
Requested by
Host: img1.wsimg.com
URL: https://img1.wsimg.com/traffic-assets/js/tccl.min.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2a02:26f0:3500:899::228b Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
/
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=86400 ; includeSubDomains ; preload

Request headers

sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
Authorization
api-key b18ef4f046435b64a469b32c3c1c20a3
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
Content-Type
application/json
Referer
https://school.le-rosh.com/
sec-ch-ua-platform
"Win32"

Response headers

Pragma
no-cache
Date
Sun, 14 Apr 2024 08:06:47 GMT
Strict-Transport-Security
max-age=86400 ; includeSubDomains ; preload
x-amzn-trace-id
Root=1-661b8e97-53fe645c751e51da15b4f16b
x-amzn-requestid
77a10272-9d8e-4287-b83b-cc91726d145b
Content-Type
application/json
Access-Control-Allow-Origin
*
Cache-Control
max-age=0, no-cache, no-store
x-envoy-upstream-service-time
97
Connection
keep-alive
x-amz-apigw-id
WNM3uEEeoAMEllg=
Content-Length
0
Expires
Sun, 14 Apr 2024 08:06:47 GMT
eventbus
csp.secureserver.net/
0
0
Fetch
General
Full URL
https://csp.secureserver.net/eventbus
Requested by
Host: img1.wsimg.com
URL: https://img1.wsimg.com/traffic-assets/js/tccl.min.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2a02:26f0:3500:899::228b Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
/
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=86400 ; includeSubDomains ; preload

Request headers

sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
Authorization
api-key 8da2217409854bee82e12dc4ca0b39fb
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
Content-Type
application/json
Referer
https://school.le-rosh.com/
sec-ch-ua-platform
"Win32"

Response headers

Pragma
no-cache
Date
Sun, 14 Apr 2024 08:06:47 GMT
Strict-Transport-Security
max-age=86400 ; includeSubDomains ; preload
x-amzn-trace-id
Root=1-661b8e97-4c7fa236710c65a50f5bde6a
x-amzn-requestid
62bd8fe8-946d-4a10-8c90-95f4ff37fdd9
Content-Type
application/json
Access-Control-Allow-Origin
*
Cache-Control
max-age=0, no-cache, no-store
x-envoy-upstream-service-time
100
Connection
keep-alive
x-amz-apigw-id
WNM3uFeaIAMEoRA=
Content-Length
0
Expires
Sun, 14 Apr 2024 08:06:47 GMT
eventbus
csp.secureserver.net/ Frame
0
0
Preflight
General
Full URL
https://csp.secureserver.net/eventbus
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2a02:26f0:3500:899::228b Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
/
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=86400 ; includeSubDomains ; preload

Request headers

Accept
*/*
Access-Control-Request-Headers
authorization,content-type
Access-Control-Request-Method
POST
Origin
https://school.le-rosh.com
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36

Response headers

Access-Control-Allow-Headers
content-type,authorization
Access-Control-Allow-Methods
OPTIONS,POST
Access-Control-Allow-Origin
*
Cache-Control
max-age=0, no-cache, no-store
Connection
keep-alive
Content-Length
0
Content-Type
application/json
Date
Sun, 14 Apr 2024 08:06:47 GMT
Expires
Sun, 14 Apr 2024 08:06:47 GMT
Pragma
no-cache
Strict-Transport-Security
max-age=86400 ; includeSubDomains ; preload
x-amz-apigw-id
WNM3tHukoAMEuyg=
x-amzn-requestid
46055af6-48ba-441c-b121-8c4360c9b443
x-amzn-trace-id
Root=1-661b8e97-3593b7846ff87fa24aafce29
x-envoy-upstream-service-time
5

Verdicts & Comments Add Verdict or Comment

12 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| 0 object| snowStorm function| SnowStorm function| IE function| NS function| playMyAudio object| _trfd object| _tcclInternal object| _expDataLayer object| _signalsDataLayer object| scc-c2 object| _trfq

3 Cookies

Domain/Path Name / Value
.le-rosh.com/ Name: _tccl_visitor
Value: 4cee4fb5-1085-4456-b042-b1f1c3554a9e
.le-rosh.com/ Name: _tccl_visit
Value: 4cee4fb5-1085-4456-b042-b1f1c3554a9e
.le-rosh.com/ Name: _scc_session
Value: pc=1&C_TOUCH=2024-04-14T08:06:47.096Z