urlscan.io logo urlscan.io
SecurityTrails logo

promonautes.com Open in urlscan Pro
91.198.105.6  Public Scan

Go To Rescan Add Verdict Report
URL: http://promonautes.com/
Submission: On April 10 via manual from FR — Scanned from FR
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 10 IPs in 3 countries across 8 domains to perform 29 HTTP transactions. The main IP is 91.198.105.6, located in France and belongs to EURO-WEB-AS, FR. The main domain is promonautes.com.
This is the only time promonautes.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

11    91.198.105.6 (France)

ASN35393 (EURO-WEB-AS, FR)
PTR: ns1.point-communication.fr
promonautes.com
6    2a00:1450:4001:82a::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
pagead2.googlesyndication.com
1    2606:4700:3034::ac43:ccf4 (United States)

ASN13335 (CLOUDFLARENET, US)
cdn.kiwys.com
2    2a00:1450:4001:810::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.google-analytics.com
2    2a00:1450:4001:829::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
googleads.g.doubleclick.net
1    142.250.185.162 (United States)

ASN15169 (GOOGLE, US)
PTR: fra16s51-in-f2.1e100.net
partner.googleadservices.com
1    2a00:1450:4001:811::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
adservice.google.fr
1    2a00:1450:4001:813::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
adservice.google.com
3    2a00:1450:4001:831::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
tpc.googlesyndication.com
1    2a00:1450:4001:830::2004 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.google.com
Apex Domain
Subdomains		 Transfer
11 promonautes.com
promonautes.com
854 KB
9 googlesyndication.com
pagead2.googlesyndication.com — Cisco Umbrella Rank: 98
tpc.googlesyndication.com — Cisco Umbrella Rank: 128
197 KB
2 google.com
adservice.google.com — Cisco Umbrella Rank: 77
www.google.com — Cisco Umbrella Rank: 4
2 KB
2 doubleclick.net
googleads.g.doubleclick.net — Cisco Umbrella Rank: 40
5 KB
2 google-analytics.com
www.google-analytics.com — Cisco Umbrella Rank: 37
20 KB
1 google.fr
adservice.google.fr — Cisco Umbrella Rank: 26349
792 B
1 googleadservices.com
partner.googleadservices.com — Cisco Umbrella Rank: 794
648 B
1 kiwys.com
cdn.kiwys.com
29 8
Domain Requested by
11 promonautes.com promonautes.com
6 pagead2.googlesyndication.com promonautes.com
pagead2.googlesyndication.com
tpc.googlesyndication.com
3 tpc.googlesyndication.com pagead2.googlesyndication.com
tpc.googlesyndication.com
2 googleads.g.doubleclick.net pagead2.googlesyndication.com
2 www.google-analytics.com promonautes.com
www.google-analytics.com
1 www.google.com tpc.googlesyndication.com
1 adservice.google.com pagead2.googlesyndication.com
1 adservice.google.fr pagead2.googlesyndication.com
1 partner.googleadservices.com pagead2.googlesyndication.com
1 cdn.kiwys.com promonautes.com
29 10

This site contains links to these domains. Also see Links.

Domain
www.promonautes.com
Subject Issuer Validity Valid
*.g.doubleclick.net
GTS CA 1C3		 2022-03-21 -
2022-06-13		 3 months crt.sh
sni.cloudflaressl.com
Cloudflare Inc ECC CA-3		 2021-07-14 -
2022-07-13		 a year crt.sh
*.google-analytics.com
GTS CA 1C3		 2022-03-21 -
2022-06-13		 3 months crt.sh
*.googleadservices.com
GTS CA 1C3		 2022-03-21 -
2022-06-13		 3 months crt.sh
*.google.fr
GTS CA 1C3		 2022-03-21 -
2022-06-13		 3 months crt.sh
*.google.com
GTS CA 1C3		 2022-03-21 -
2022-06-13		 3 months crt.sh
tpc.googlesyndication.com
GTS CA 1C3		 2022-03-21 -
2022-06-13		 3 months crt.sh
www.google.com
GTS CA 1C3		 2022-03-21 -
2022-06-13		 3 months crt.sh

This page contains 5 frames:

Primary Page: http://promonautes.com/
Frame ID: CD7D868872E0904E617BC8027049CAD9
Requests: 22 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/html/r20220406/r20190131/zrt_lookup.html
Frame ID: C81D08BE96384C507AD161D93FFF0386
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-6794503095830329&output=html&adk=1812271804&adf=3025194257&lmt=1649602120&plat=9%3A32776%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32&format=0x0&url=http%3A%2F%2Fpromonautes.com%2F&ea=0&pra=5&wgl=1&dt=1649602120498&bpp=2&bdt=278&idt=102&shv=r20220406&mjsv=m202203300101&ptt=9&saldr=aa&abxe=1&nras=1&correlator=625580898624&frm=20&pv=2&ga_vid=972074287.1649602120&ga_sid=1649602121&ga_hid=897259216&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759842&oid=2&pvsid=245491118138905&pem=129&tmod=740135121&uas=0&nvt=1&eae=2&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=32768&bc=23&ifi=1&uci=a!1&fsb=1&dtd=119
Frame ID: EF88C6089F291D6DF959CD62F51FE667
Requests: 1 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Frame ID: 9DD91334798455452D412B59F172C8CB
Requests: 3 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/aframe
Frame ID: 0A8EFF20C48336FC930886455CDAD1EF
Requests: 2 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page Title

Promonautes

Detected technologies

Overall confidence: 100%
Detected patterns
  • <link[^>]* href=[^>]*?bootstrap(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)[^>]*?(?:\.min)?\.css
  • bootstrap(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)[^>]*?(?:\.min)?\.js
Overall confidence: 100%
Detected patterns
  • googlesyndication\.com/
Overall confidence: 100%
Detected patterns
  • google-analytics\.com/(?:ga|urchin|analytics)\.js
Overall confidence: 100%
Detected patterns
  • jquery[.-]([\d.]*\d)[^/]*\.js
  • jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

Page Statistics

29
Requests

59 %
HTTPS

80 %
IPv6

8
Domains

10
Subdomains

10
IPs

3
Countries

1079 kB
Transfer

1445 kB
Size

6
Cookies

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 10
  • http://www.google-analytics.com/analytics.js HTTP 307
  • https://www.google-analytics.com/analytics.js

29 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Primary Request /
promonautes.com/ 		6 KB
7 KB 		Document
General
Check archive.org
Download Go to
Full URL
http://promonautes.com/
Protocol
HTTP/1.1
Server
91.198.105.6 , France, ASN35393 (EURO-WEB-AS, FR),
Reverse DNS
ns1.point-communication.fr
Software
Apache/2.4.41 (Unix) OpenSSL/1.0.2k-fips PHP/7.3.13 / PHP/7.3.13
Resource Hash
5567b359ca66ec8569ae79bc5d89dc618e448b5329d81334e6aafbaae793531f

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36
accept-language
fr-FR,fr;q=0.9

Response headers

Cache-Control
no-store, no-cache, must-revalidate
Connection
Keep-Alive
Content-Length
6292
Content-Type
text/html; charset=utf-8
Date
Sun, 10 Apr 2022 14:48:40 GMT
Expires
Thu, 19 Nov 1981 08:52:00 GMT
Keep-Alive
timeout=6, max=2048
Pragma
no-cache
Server
Apache/2.4.41 (Unix) OpenSSL/1.0.2k-fips PHP/7.3.13
X-Powered-By
PHP/7.3.13
bootstrap.css
promonautes.com/css/ 		143 KB
143 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
http://promonautes.com/css/bootstrap.css
Requested by
Host: promonautes.com
URL: http://promonautes.com/
Protocol
HTTP/1.1
Server
91.198.105.6 , France, ASN35393 (EURO-WEB-AS, FR),
Reverse DNS
ns1.point-communication.fr
Software
Apache/2.4.41 (Unix) OpenSSL/1.0.2k-fips PHP/7.3.13 /
Resource Hash
cad52293a8980469a6d2a9f440dc8a1838b883109fd865c1a2365c12d32d35b8

Request headers

accept-language
fr-FR,fr;q=0.9
Referer
http://promonautes.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

Date
Sun, 10 Apr 2022 14:48:40 GMT
Last-Modified
Tue, 22 Nov 2016 14:58:06 GMT
Server
Apache/2.4.41 (Unix) OpenSSL/1.0.2k-fips PHP/7.3.13
Content-Type
text/css
Connection
Keep-Alive
Accept-Ranges
bytes
Keep-Alive
timeout=6, max=2047
Content-Length
146605
bootstrap.override.css
promonautes.com/css/ 		182 B
469 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
http://promonautes.com/css/bootstrap.override.css
Requested by
Host: promonautes.com
URL: http://promonautes.com/
Protocol
HTTP/1.1
Server
91.198.105.6 , France, ASN35393 (EURO-WEB-AS, FR),
Reverse DNS
ns1.point-communication.fr
Software
Apache/2.4.41 (Unix) OpenSSL/1.0.2k-fips PHP/7.3.13 /
Resource Hash
a0be07b966d27ad109e41d79ca08e0a3a82390ef5a35e2adbdd9bdf085c805d4

Request headers

accept-language
fr-FR,fr;q=0.9
Referer
http://promonautes.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

Date
Sun, 10 Apr 2022 14:48:40 GMT
Last-Modified
Fri, 04 Nov 2016 10:31:13 GMT
Server
Apache/2.4.41 (Unix) OpenSSL/1.0.2k-fips PHP/7.3.13
Content-Type
text/css
Connection
Keep-Alive
Accept-Ranges
bytes
Keep-Alive
timeout=6, max=2048
Content-Length
182
main.css
promonautes.com/css/ 		3 KB
3 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
http://promonautes.com/css/main.css
Requested by
Host: promonautes.com
URL: http://promonautes.com/
Protocol
HTTP/1.1
Server
91.198.105.6 , France, ASN35393 (EURO-WEB-AS, FR),
Reverse DNS
ns1.point-communication.fr
Software
Apache/2.4.41 (Unix) OpenSSL/1.0.2k-fips PHP/7.3.13 /
Resource Hash
fb524912f1073832f77ab9e80f1a31a10eb52ffe34c14520138550e4903bd343

Request headers

accept-language
fr-FR,fr;q=0.9
Referer
http://promonautes.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

Date
Sun, 10 Apr 2022 14:48:40 GMT
Last-Modified
Tue, 22 Nov 2016 14:58:01 GMT
Server
Apache/2.4.41 (Unix) OpenSSL/1.0.2k-fips PHP/7.3.13
Content-Type
text/css
Connection
Keep-Alive
Accept-Ranges
bytes
Keep-Alive
timeout=6, max=2048
Content-Length
2705
jquery-3.1.1.min.js
promonautes.com/js/ 		85 KB
85 KB 		Script
General
Check archive.org
Download Go to
Full URL
http://promonautes.com/js/jquery-3.1.1.min.js
Requested by
Host: promonautes.com
URL: http://promonautes.com/
Protocol
HTTP/1.1
Server
91.198.105.6 , France, ASN35393 (EURO-WEB-AS, FR),
Reverse DNS
ns1.point-communication.fr
Software
Apache/2.4.41 (Unix) OpenSSL/1.0.2k-fips PHP/7.3.13 /
Resource Hash
85556761a8800d14ced8fcd41a6b8b26bf012d44a318866c0d81a62092efd9bf

Request headers

accept-language
fr-FR,fr;q=0.9
Referer
http://promonautes.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

Date
Sun, 10 Apr 2022 14:48:40 GMT
Last-Modified
Tue, 22 Nov 2016 14:18:51 GMT
Server
Apache/2.4.41 (Unix) OpenSSL/1.0.2k-fips PHP/7.3.13
Content-Type
application/javascript
Connection
Keep-Alive
Accept-Ranges
bytes
Keep-Alive
timeout=6, max=2048
Content-Length
86709
bootstrap.min.js
promonautes.com/js/ 		36 KB
37 KB 		Script
General
Check archive.org
Download Go to
Full URL
http://promonautes.com/js/bootstrap.min.js
Requested by
Host: promonautes.com
URL: http://promonautes.com/
Protocol
HTTP/1.1
Server
91.198.105.6 , France, ASN35393 (EURO-WEB-AS, FR),
Reverse DNS
ns1.point-communication.fr
Software
Apache/2.4.41 (Unix) OpenSSL/1.0.2k-fips PHP/7.3.13 /
Resource Hash
626942999ce7e675a33e351669b739e465ba107e2f98326be5615113d0e24cbc

Request headers

accept-language
fr-FR,fr;q=0.9
Referer
http://promonautes.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

Date
Sun, 10 Apr 2022 14:48:40 GMT
Last-Modified
Tue, 22 Nov 2016 14:18:49 GMT
Server
Apache/2.4.41 (Unix) OpenSSL/1.0.2k-fips PHP/7.3.13
Content-Type
application/javascript
Connection
Keep-Alive
Accept-Ranges
bytes
Keep-Alive
timeout=6, max=2048
Content-Length
37330
adsbygoogle.js
pagead2.googlesyndication.com/pagead/js/ 		154 KB
53 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js
Requested by
Host: promonautes.com
URL: http://promonautes.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
7e5c9c8e56d78474c882633f0619f851b2d5b8c19902f2e9f72d43f8bd0f6f1d
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
fr-FR,fr;q=0.9
Referer
http://promonautes.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date
Sun, 10 Apr 2022 14:48:40 GMT
content-encoding
gzip
x-content-type-options
nosniff
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
53904
x-xss-protection
0
server
cafe
etag
18319320705924800785
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
private, max-age=3600
timing-allow-origin
*
expires
Sun, 10 Apr 2022 14:48:40 GMT
logo.png
promonautes.com/img/ 		18 KB
18 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
http://promonautes.com/img/logo.png
Requested by
Host: promonautes.com
URL: http://promonautes.com/
Protocol
HTTP/1.1
Server
91.198.105.6 , France, ASN35393 (EURO-WEB-AS, FR),
Reverse DNS
ns1.point-communication.fr
Software
Apache/2.4.41 (Unix) OpenSSL/1.0.2k-fips PHP/7.3.13 /
Resource Hash
5d411211b0a5f0d62a74a0cf8d5f0c64ee70ba948128b08d3a0e7c2c6cacf3c7

Request headers

accept-language
fr-FR,fr;q=0.9
Referer
http://promonautes.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

Date
Sun, 10 Apr 2022 14:48:40 GMT
Last-Modified
Tue, 22 Nov 2016 14:19:18 GMT
Server
Apache/2.4.41 (Unix) OpenSSL/1.0.2k-fips PHP/7.3.13
Content-Type
image/png
Connection
Keep-Alive
Accept-Ranges
bytes
Keep-Alive
timeout=6, max=2047
Content-Length
18478
promonautes_pagew1.png
promonautes.com/img/ 		248 KB
249 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
http://promonautes.com/img/promonautes_pagew1.png
Requested by
Host: promonautes.com
URL: http://promonautes.com/
Protocol
HTTP/1.1
Server
91.198.105.6 , France, ASN35393 (EURO-WEB-AS, FR),
Reverse DNS
ns1.point-communication.fr
Software
Apache/2.4.41 (Unix) OpenSSL/1.0.2k-fips PHP/7.3.13 /
Resource Hash
e35bea66f3a9e42650c2c33b5602e221b570acb651916272891e6a7fb1277f8e

Request headers

accept-language
fr-FR,fr;q=0.9
Referer
http://promonautes.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

Date
Sun, 10 Apr 2022 14:48:40 GMT
Last-Modified
Tue, 22 Nov 2016 14:19:26 GMT
Server
Apache/2.4.41 (Unix) OpenSSL/1.0.2k-fips PHP/7.3.13
Content-Type
image/png
Connection
Keep-Alive
Accept-Ranges
bytes
Keep-Alive
timeout=6, max=2046
Content-Length
254259
promonautes_pagew2.png
promonautes.com/img/ 		188 KB
188 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
http://promonautes.com/img/promonautes_pagew2.png
Requested by
Host: promonautes.com
URL: http://promonautes.com/
Protocol
HTTP/1.1
Server
91.198.105.6 , France, ASN35393 (EURO-WEB-AS, FR),
Reverse DNS
ns1.point-communication.fr
Software
Apache/2.4.41 (Unix) OpenSSL/1.0.2k-fips PHP/7.3.13 /
Resource Hash
a33cae5da19f86bac1205e2f21fb459bf80e1c85545514c2facc032026c76268

Request headers

accept-language
fr-FR,fr;q=0.9
Referer
http://promonautes.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

Date
Sun, 10 Apr 2022 14:48:40 GMT
Last-Modified
Tue, 22 Nov 2016 14:19:24 GMT
Server
Apache/2.4.41 (Unix) OpenSSL/1.0.2k-fips PHP/7.3.13
Content-Type
image/png
Connection
Keep-Alive
Accept-Ranges
bytes
Keep-Alive
timeout=6, max=2047
Content-Length
192313
kiwys.min.js
cdn.kiwys.com/build/ 		0
0 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.kiwys.com/build/kiwys.min.js?slot=11134
Requested by
Host: promonautes.com
URL: http://promonautes.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3034::ac43:ccf4 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
/
Resource Hash

Request headers

accept-language
fr-FR,fr;q=0.9
Referer
http://promonautes.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers
analytics.js
www.google-analytics.com/
Redirect Chain
  • http://www.google-analytics.com/analytics.js
  • https://www.google-analytics.com/analytics.js
49 KB
20 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/analytics.js
Requested by
Host: promonautes.com
URL: http://promonautes.com/
Protocol
H2
Server
2a00:1450:4001:810::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
a1925038db769477ab74b4df34350c35688a795bb718727b0f4292a4a78a6210
Security Headers
Name Value
Strict-Transport-Security max-age=10886400; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
fr-FR,fr;q=0.9
Referer
http://promonautes.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

strict-transport-security
max-age=10886400; includeSubDomains; preload
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Tue, 02 Nov 2021 17:39:06 GMT
server
Golfe2
age
4430
date
Sun, 10 Apr 2022 13:34:50 GMT
vary
Accept-Encoding
content-type
text/javascript
cache-control
public, max-age=7200
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
20006
expires
Sun, 10 Apr 2022 15:34:50 GMT

Redirect headers

Location
https://www.google-analytics.com/analytics.js
Non-Authoritative-Reason
HSTS
Cross-Origin-Resource-Policy
Cross-Origin
background.gif
promonautes.com/img/ 		62 KB
62 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
http://promonautes.com/img/background.gif
Requested by
Host: promonautes.com
URL: http://promonautes.com/css/main.css
Protocol
HTTP/1.1
Server
91.198.105.6 , France, ASN35393 (EURO-WEB-AS, FR),
Reverse DNS
ns1.point-communication.fr
Software
Apache/2.4.41 (Unix) OpenSSL/1.0.2k-fips PHP/7.3.13 /
Resource Hash
21ab2f8470d56718698a9aac2bcd1f12402495d0ead068a32e8d4c78d6ef47f9

Request headers

accept-language
fr-FR,fr;q=0.9
Referer
http://promonautes.com/css/main.css
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

Date
Sun, 10 Apr 2022 14:48:40 GMT
Last-Modified
Tue, 22 Nov 2016 14:19:18 GMT
Server
Apache/2.4.41 (Unix) OpenSSL/1.0.2k-fips PHP/7.3.13
Content-Type
image/gif
Connection
Keep-Alive
Accept-Ranges
bytes
Keep-Alive
timeout=6, max=2047
Content-Length
63343
cocon-light.ttf
promonautes.com/fonts/ 		62 KB
62 KB 		Font
General
Check archive.org
Download Go to
Full URL
http://promonautes.com/fonts/cocon-light.ttf
Requested by
Host: promonautes.com
URL: http://promonautes.com/css/main.css
Protocol
HTTP/1.1
Server
91.198.105.6 , France, ASN35393 (EURO-WEB-AS, FR),
Reverse DNS
ns1.point-communication.fr
Software
Apache/2.4.41 (Unix) OpenSSL/1.0.2k-fips PHP/7.3.13 /
Resource Hash
cdcaa2e08597eb5ae6d6a070791820333c195ef70c433381406958d09147c462

Request headers

Referer
http://promonautes.com/css/main.css
Origin
http://promonautes.com
accept-language
fr-FR,fr;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

Date
Sun, 10 Apr 2022 14:48:40 GMT
Last-Modified
Tue, 22 Nov 2016 14:22:06 GMT
Server
Apache/2.4.41 (Unix) OpenSSL/1.0.2k-fips PHP/7.3.13
Content-Type
font/ttf
Connection
Keep-Alive
Accept-Ranges
bytes
Keep-Alive
timeout=6, max=2047
Content-Length
63344
collect
www.google-analytics.com/j/ 		2 B
206 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/j/collect?v=1&_v=j96&a=897259216&t=pageview&_s=1&dl=http%3A%2F%2Fpromonautes.com%2F&ul=en-us&de=UTF-8&dt=Promonautes&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=IEBAAEABAAAAAC~&jid=1570084099&gjid=504193518&cid=972074287.1649602120&tid=UA-10672277-4&_gid=1694036108.1649602120&_r=1&_slc=1&z=445830760
Requested by
Host: www.google-analytics.com
URL: http://www.google-analytics.com/analytics.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:810::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
a048e640908046be06e00eab37742b5d5ff80964af58cfd22f7cb2de4dfe375f
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
http://promonautes.com/
accept-language
fr-FR,fr;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Sun, 10 Apr 2022 14:48:40 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
http://promonautes.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
2
expires
Fri, 01 Jan 1990 00:00:00 GMT
show_ads_impl_with_ama_fy2019.js
pagead2.googlesyndication.com/pagead/managed/js/adsense/m202203300101/ 		301 KB
108 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202203300101/show_ads_impl_with_ama_fy2019.js?client=ca-pub-6794503095830329&plah=promonautes.com
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
587621c881c2a6cc52eee5dbf4cd2d9c2e8b0f56d98535032e61ae959b7485e7
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
fr-FR,fr;q=0.9
Referer
http://promonautes.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date
Sun, 10 Apr 2022 14:48:40 GMT
content-encoding
gzip
x-content-type-options
nosniff
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
110328
x-xss-protection
0
server
cafe
etag
17430341061582348441
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
cache-control
private, max-age=3600, stale-while-revalidate=3600
timing-allow-origin
*
expires
Sun, 10 Apr 2022 14:48:40 GMT
zrt_lookup.html
googleads.g.doubleclick.net/pagead/html/r20220406/r20190131/ Frame C81D 		10 KB
5 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/html/r20220406/r20190131/zrt_lookup.html
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
340b20f9ff6d073c2fea911631d8a6e13af185d983cbe842ddca27df91d0f295
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
http://promonautes.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36
accept-language
fr-FR,fr;q=0.9

Response headers

age
76797
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
public, max-age=1209600
content-encoding
gzip
content-length
4398
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Sat, 09 Apr 2022 17:28:43 GMT
etag
14837630671339829333
expires
Sat, 23 Apr 2022 17:28:43 GMT
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server
cafe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
cookie.js
partner.googleadservices.com/gampad/ 		219 B
648 B 		Script
General
Check archive.org
Download Go to
Full URL
https://partner.googleadservices.com/gampad/cookie.js?domain=promonautes.com&callback=_gfp_s_&client=ca-pub-6794503095830329
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202203300101/show_ads_impl_with_ama_fy2019.js?client=ca-pub-6794503095830329&plah=promonautes.com
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.185.162 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s51-in-f2.1e100.net
Software
cafe /
Resource Hash
802f68d7e8dd32a7e2782e0107cf6874f2bffb67bc02b891fe0ad6b836edc80f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
fr-FR,fr;q=0.9
Referer
http://promonautes.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date
Sun, 10 Apr 2022 14:48:40 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-type
text/javascript; charset=UTF-8
cache-control
private
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
204
x-xss-protection
0
integrator.js
adservice.google.fr/adsid/ 		107 B
792 B 		Script
General
Check archive.org
Download Go to
Full URL
https://adservice.google.fr/adsid/integrator.js?domain=promonautes.com
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202203300101/show_ads_impl_with_ama_fy2019.js?client=ca-pub-6794503095830329&plah=promonautes.com
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:811::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
fr-FR,fr;q=0.9
Referer
http://promonautes.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

timing-allow-origin
*
date
Sun, 10 Apr 2022 14:48:40 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control
private, no-cache, no-store
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
application/javascript; charset=UTF-8
alt-svc
h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length
100
x-xss-protection
0
integrator.js
adservice.google.com/adsid/ 		107 B
549 B 		Script
General
Check archive.org
Download Go to
Full URL
https://adservice.google.com/adsid/integrator.js?domain=promonautes.com
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202203300101/show_ads_impl_with_ama_fy2019.js?client=ca-pub-6794503095830329&plah=promonautes.com
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
fr-FR,fr;q=0.9
Referer
http://promonautes.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

timing-allow-origin
*
date
Sun, 10 Apr 2022 14:48:40 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control
private, no-cache, no-store
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
application/javascript; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
100
x-xss-protection
0
ads
googleads.g.doubleclick.net/pagead/ Frame EF88 		603 B
68 B 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-6794503095830329&output=html&adk=1812271804&adf=3025194257&lmt=1649602120&plat=9%3A32776%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32&format=0x0&url=http%3A%2F%2Fpromonautes.com%2F&ea=0&pra=5&wgl=1&dt=1649602120498&bpp=2&bdt=278&idt=102&shv=r20220406&mjsv=m202203300101&ptt=9&saldr=aa&abxe=1&nras=1&correlator=625580898624&frm=20&pv=2&ga_vid=972074287.1649602120&ga_sid=1649602121&ga_hid=897259216&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759842&oid=2&pvsid=245491118138905&pem=129&tmod=740135121&uas=0&nvt=1&eae=2&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=32768&bc=23&ifi=1&uci=a!1&fsb=1&dtd=119
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202203300101/show_ads_impl_with_ama_fy2019.js?client=ca-pub-6794503095830329&plah=promonautes.com
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
00daef3b4a945d15f73efa05e0ce2ca51f2f8252e1da8fae5c2efb0f6dddacce
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
http://promonautes.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36
accept-language
fr-FR,fr;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
private
content-encoding
br
content-length
46
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Sun, 10 Apr 2022 14:48:40 GMT
expires
Sun, 10 Apr 2022 14:48:40 GMT
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server
cafe
timing-allow-origin
*
x-content-type-options
nosniff
x-xss-protection
0
sodar
pagead2.googlesyndication.com/getconfig/ 		14 KB
10 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gda&tv=r20220406&st=env
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202203300101/show_ads_impl_with_ama_fy2019.js?client=ca-pub-6794503095830329&plah=promonautes.com
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
9197d5cbf760f520c4942fdcbe6dc4792c860051a0d953d8d5c5c1666020581c
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
fr-FR,fr;q=0.9
Referer
http://promonautes.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

timing-allow-origin
*
date
Sun, 10 Apr 2022 14:48:40 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin
*
cache-control
private
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
application/json; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
10492
x-xss-protection
0
sodar2.js
tpc.googlesyndication.com/sodar/ 		17 KB
7 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/sodar2.js
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202203300101/show_ads_impl_with_ama_fy2019.js?client=ca-pub-6794503095830329&plah=promonautes.com
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:831::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
fr-FR,fr;q=0.9
Referer
http://promonautes.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date
Sun, 10 Apr 2022 14:48:40 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
6386
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
etag
"1637097310169751"
vary
Accept-Encoding
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
expires
Sun, 10 Apr 2022 14:48:40 GMT
runner.html
tpc.googlesyndication.com/sodar/sodar2/225/ Frame 9DD9 		13 KB
5 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:831::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
http://promonautes.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36
accept-language
fr-FR,fr;q=0.9

Response headers

accept-ranges
bytes
age
3006
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
public, max-age=31536000
content-encoding
gzip
content-length
5046
content-type
text/html
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy
cross-origin
date
Sun, 10 Apr 2022 13:58:34 GMT
expires
Mon, 10 Apr 2023 13:58:34 GMT
last-modified
Mon, 21 Jun 2021 20:47:05 GMT
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server
sffe
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
aframe
www.google.com/recaptcha/api2/ Frame 0A8E 		783 B
1 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://www.google.com/recaptcha/api2/aframe
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:830::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
GSE /
Resource Hash
99d326029f386ce0a556ff0db08f673905e2d2cfc3f51a6926e74ec89edf7ae7
Security Headers
Name Value
Content-Security-Policy script-src 'report-sample' 'nonce-3KhBv3G4GtK5nTs4GPrNCA' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
http://promonautes.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36
accept-language
fr-FR,fr;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
private, max-age=300
content-encoding
gzip
content-length
513
content-security-policy
script-src 'report-sample' 'nonce-3KhBv3G4GtK5nTs4GPrNCA' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-type
text/html; charset=utf-8
cross-origin-embedder-policy
require-corp
cross-origin-resource-policy
cross-origin
date
Sun, 10 Apr 2022 14:48:40 GMT
expires
Sun, 10 Apr 2022 14:48:40 GMT
report-to
{"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
server
GSE
x-content-type-options
nosniff
x-xss-protection
1; mode=block
UUQTj9cPGsMVMqvEOxLdokHV79mACYo3jc0rpEwmHZs.js
pagead2.googlesyndication.com/bg/ Frame 9DD9 		35 KB
13 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/bg/UUQTj9cPGsMVMqvEOxLdokHV79mACYo3jc0rpEwmHZs.js
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
5144138fd70f1ac31532abc43b12dda241d5efd980098a378dcd2ba44c261d9b
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
fr-FR,fr;q=0.9
Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date
Sun, 10 Apr 2022 11:39:20 GMT
content-encoding
br
x-content-type-options
nosniff
age
11360
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
13701
x-xss-protection
0
last-modified
Mon, 04 Apr 2022 12:48:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="botguard-scs"
vary
Accept-Encoding
report-to
{"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Mon, 10 Apr 2023 11:39:20 GMT
sodar
pagead2.googlesyndication.com/pagead/ Frame 0A8E 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&li=gda_r20220406&jk=245491118138905&rc=
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
fr-FR,fr;q=0.9
Referer
https://www.google.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers
generate_204
tpc.googlesyndication.com/ Frame 9DD9 		0
9 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/generate_204?pU6GNA
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:831::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
fr-FR,fr;q=0.9
Referer
https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date
Sun, 10 Apr 2022 14:48:41 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
gen_204
pagead2.googlesyndication.com/pagead/ 		0
20 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar2&v=225&t=2&li=gda_r20220406&jk=245491118138905&bg=!ZGelZyPNAAZAkm7qYJI7ACkAdvg8Ws376YhscefP_DwEET30MQJdKKDOLiKrb0Mez0iBxdJFt9WLUAIAAABLUgAAAAJoAQeZApIJMWidT_YVoaLg-9btzERmZtJQf5kvWiiHsknWS5thJ1I9PnsoSmAZ7mnWLMnnmODFH069siNLtRioMTtK3eDWV1hK1oge5vRLPdfReExU6uWHln41NzsiChH9buSvlLWciQiKczDZkCC7z7H1W2TgH2Jd_fk3s5gic3vrnI0FIoSRGgJulSr13LrOPzpkB6XqYhhyWF8cucE0A2o-8QOi-KOszVxqfv4KwyY2EVjI82JL_olZcOFR0EuDSlyaukUW-ZSZGyd_pOHj6cDommoA8RLwuTfFx6mYcYwE-Bnvj6O2RAE22GnmpAViw1c4NWmx0nELBWxUe7j8_CW0RVpCGdtYZbFUUWuB_ou6SHHTIxgN_AFfw9dAKWvJZIJBLsPZ4T2rDO7LY9v0UkhhgyIW48AlUZ_4ilgtbopm8O3Y_jM9rRjsGD0R_x-onLZzw2icdPc1ttHST7k6BHf27fyZ_hosFa59CGoJ0HVYW6LMecmfqX1EtLwhFrVEUGa63jpqB7Z45CCG1L675dj5MMHiPGKBKNIQA_9IvxLkR_wx6w9zekWhIqQB7nO_grNlbV7RTlU4hV_SJ5W31ifHEyh-1DqPmw7LQEPJrvh6bTP0drTDr9fQj7xLvCd2j0Vt0aognFlH9cnbFO3gPJhRay5aEUC_8UzyVsgzGC6lORe2FXY-x7tgJdACLY8-36V6aEWI43HtV9CtOtFFVk9WbbgNKcT39qQcmKfZfgGFhwPeBVDqQGoTrgqDlJpERi2x6B413J3eYJ-2CIM6AjGvQePXoked6UqObq9m8RRSj8ccKN53y4q_oUw4_lEUsMAHeICfpwYlM93G4pCz4glzbLI44fEFAlizj9hD28MEAQUd9-5o
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
fr-FR,fr;q=0.9
Referer
http://promonautes.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 10 Apr 2022 14:48:41 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Verdicts & Comments Add Verdict or Comment

41 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| 0 object| 1 object| 2 function| structuredClone object| oncontextlost object| oncontextrestored function| $ function| jQuery string| GoogleAnalyticsObject function| ga object| google_tag_data object| gaplugins object| gaGlobal object| gaData object| google_js_reporting_queue number| google_srt object| google_logging_queue number| tmod object| google_ad_modifications object| ggeac object| google_persistent_state_async boolean| google_measure_js_timing object| google_reactive_ads_global_state object| adsbygoogle boolean| _gfp_a_ object| google_sa_queue function| google_process_slots function| google_spfd number| google_unique_id object| google_sv_map function| google_sa_impl object| googleToken object| googleIMState boolean| _gfp_p_ function| processGoogleToken number| google_global_correlator object| google_prev_clients object| ampInaboxIframes object| ampInaboxPendingMessages object| GoogleGcLKhOms object| google_image_requests

6 Cookies

Domain/Path Name / Value
promonautes.com/ Name: PHPSESSID
Value: f83d30940706a4b5c94a11f5e75f5373
.promonautes.com/ Name: _ga
Value: GA1.2.972074287.1649602120
.promonautes.com/ Name: _gid
Value: GA1.2.1694036108.1649602120
.promonautes.com/ Name: _gat
Value: 1
.doubleclick.net/ Name: test_cookie
Value: CheckForPermission
.promonautes.com/ Name: __gads
Value: ID=aadfd2db81ce20e9-22bd0bcb73cd0053:T=1649602120:RT=1649602120:S=ALNI_MZhj4PdA-iNuy9Tn1V6sCnDyzVXwQ

1 Console Messages

Source Level URL
Text
network error URL: https://cdn.kiwys.com/build/kiwys.min.js?slot=11134
Message:
Failed to load resource: the server responded with a status of 526 ()

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

adservice.google.com
adservice.google.fr
cdn.kiwys.com
googleads.g.doubleclick.net
pagead2.googlesyndication.com
partner.googleadservices.com
promonautes.com
tpc.googlesyndication.com
www.google-analytics.com
www.google.com
142.250.185.162
2606:4700:3034::ac43:ccf4
2a00:1450:4001:810::200e
2a00:1450:4001:811::2002
2a00:1450:4001:813::2002
2a00:1450:4001:829::2002
2a00:1450:4001:82a::2002
2a00:1450:4001:830::2004
2a00:1450:4001:831::2001
91.198.105.6
00daef3b4a945d15f73efa05e0ce2ca51f2f8252e1da8fae5c2efb0f6dddacce
21ab2f8470d56718698a9aac2bcd1f12402495d0ead068a32e8d4c78d6ef47f9
340b20f9ff6d073c2fea911631d8a6e13af185d983cbe842ddca27df91d0f295
5144138fd70f1ac31532abc43b12dda241d5efd980098a378dcd2ba44c261d9b
5567b359ca66ec8569ae79bc5d89dc618e448b5329d81334e6aafbaae793531f
55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a
587621c881c2a6cc52eee5dbf4cd2d9c2e8b0f56d98535032e61ae959b7485e7
5d411211b0a5f0d62a74a0cf8d5f0c64ee70ba948128b08d3a0e7c2c6cacf3c7
61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb
626942999ce7e675a33e351669b739e465ba107e2f98326be5615113d0e24cbc
7e5c9c8e56d78474c882633f0619f851b2d5b8c19902f2e9f72d43f8bd0f6f1d
802f68d7e8dd32a7e2782e0107cf6874f2bffb67bc02b891fe0ad6b836edc80f
85556761a8800d14ced8fcd41a6b8b26bf012d44a318866c0d81a62092efd9bf
9197d5cbf760f520c4942fdcbe6dc4792c860051a0d953d8d5c5c1666020581c
99d326029f386ce0a556ff0db08f673905e2d2cfc3f51a6926e74ec89edf7ae7
a048e640908046be06e00eab37742b5d5ff80964af58cfd22f7cb2de4dfe375f
a0be07b966d27ad109e41d79ca08e0a3a82390ef5a35e2adbdd9bdf085c805d4
a1925038db769477ab74b4df34350c35688a795bb718727b0f4292a4a78a6210
a33cae5da19f86bac1205e2f21fb459bf80e1c85545514c2facc032026c76268
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
cad52293a8980469a6d2a9f440dc8a1838b883109fd865c1a2365c12d32d35b8
cdcaa2e08597eb5ae6d6a070791820333c195ef70c433381406958d09147c462
e35bea66f3a9e42650c2c33b5602e221b570acb651916272891e6a7fb1277f8e
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
fb524912f1073832f77ab9e80f1a31a10eb52ffe34c14520138550e4903bd343