sweetloversclub.com Open in urlscan Pro
195.123.240.187 Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
http://tefasexelo.medalgraphics.com/
Effective URL:
https://sweetloversclub.com/ayqseeqwikzzhr?s2=358f06ne86j1op2c
Submission: On September 03 via manual (September 3rd 2019, 12:04:30 pm UTC) from CA

Summary HTTP 45 Redirects Behaviour Indicators

Summary

This website contacted 22 IPs in 7 countries across 24 domains to perform 45 HTTP transactions. The main IP is 195.123.240.187, located in Los Angeles, United States and belongs to LAYER6, UA. The main domain is sweetloversclub.com.
TLS certificate: Issued by Let's Encrypt Authority X3 on September 2nd 2019. Valid for: 3 months.

This is the only time sweetloversclub.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
13	104.27.133.228 104.27.133.228	13335 (CLOUDFLAR...) (CLOUDFLARENET - Cloudflare)
1	2a00:1450:400... 2a00:1450:4001:81f::200a	15169 (GOOGLE) (GOOGLE - Google LLC)
1	2a00:1450:400... 2a00:1450:4001:81c::2001	15169 (GOOGLE) (GOOGLE - Google LLC)
1	95.131.136.119 95.131.136.119	47841 (OXALIDE) (OXALIDE)
1	2606:4700:20:... 2606:4700:20::681a:a58	13335 (CLOUDFLAR...) (CLOUDFLARENET - Cloudflare)
1	66.96.149.32 66.96.149.32	29873 (BIZLAND-SD) (BIZLAND-SD - The Endurance International Group)
1	104.111.252.249 104.111.252.249	16625 (AKAMAI-AS) (AKAMAI-AS - Akamai Technologies)
2 3	2.16.186.152 2.16.186.152	20940 (AKAMAI-ASN1) (AKAMAI-ASN1)
1	185.22.109.96 185.22.109.96	53589 (PLANETHOS...) (PLANETHOSTER-8 - PlanetHoster)
1	2606:4700:30:... 2606:4700:30::681b:9588	13335 (CLOUDFLAR...) (CLOUDFLARENET - Cloudflare)
1	2606:4700:10:... 2606:4700:10::6814:34b1	13335 (CLOUDFLAR...) (CLOUDFLARENET - Cloudflare)
1	91.203.187.6 91.203.187.6	41064 (SKYROCK) (SKYROCK)
1	45.60.124.86 45.60.124.86	19551 (INCAPSULA) (INCAPSULA - Incapsula Inc)
1	195.154.28.207 195.154.28.207	12876 (AS12876) (AS12876)
1 2	213.186.33.3 213.186.33.3	16276 (OVH) (OVH)
1	195.20.15.34 195.20.15.34	43424 (PROCEAU) (PROCEAU)
1	213.186.33.40 213.186.33.40	16276 (OVH) (OVH)
1 2	88.212.196.77 88.212.196.77	39134 (UNITEDNET) (UNITEDNET)
3	2a00:1450:400... 2a00:1450:4001:816::2003	15169 (GOOGLE) (GOOGLE - Google LLC)
1 1	104.27.188.236 104.27.188.236	13335 (CLOUDFLAR...) (CLOUDFLARENET - Cloudflare)
2	195.123.240.187 195.123.240.187	204957 (LAYER6) (LAYER6)
8	95.216.190.44 95.216.190.44	24940 (HETZNER-AS) (HETZNER-AS)
45	22

13 104.27.133.228 (United States)

ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US)

tefasexelo.medalgraphics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:81f::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE - Google LLC, US)

fonts.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:81c::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE - Google LLC, US)

2.bp.blogspot.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 95.131.136.119 (France)

ASN47841 (OXALIDE, FR)
PTR: not.updated.oxalide.net

www.secondechance.org	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700:20::681a:a58 (United States)

ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US)

g.otcdn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 66.96.149.32 (Burlington, United States)

ASN29873 (BIZLAND-SD - The Endurance International Group, Inc., US)
PTR: 32.149.96.66.static.eigbox.net

www.gauthierdebock.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 104.111.252.249 (Netherlands)

ASN16625 (AKAMAI-AS - Akamai Technologies, Inc., US)
PTR: a104-111-252-249.deploy.static.akamaitechnologies.com

i.f1g.fr	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2.16.186.152 (Ascension Island) 2 redirects

ASN20940 (AKAMAI-ASN1, US)
PTR: a2-16-186-152.deploy.static.akamaitechnologies.com

culturebox.francetvinfo.fr	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
www.francetvinfo.fr	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 185.22.109.96 (France)

ASN53589 (PLANETHOSTER-8 - PlanetHoster, CA)
PTR: world-332.fr.planethoster.net

www.magiesdumonde.fr	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700:30::681b:9588 (United States)

ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US)

static.culturepub.fr	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700:10::6814:34b1 (United States)

ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US)

img54.imagetwist.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 91.203.187.6 (France)

ASN41064 (SKYROCK, FR)
PTR: vip-p-skyrock-static-lbs.skyrock.net

i.skyrock.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 45.60.124.86 (United States)

ASN19551 (INCAPSULA - Incapsula Inc, US)

media.gemo.fr	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 195.154.28.207 (Paris, France)

ASN12876 (AS12876, FR)
PTR: www.plancul-gratuit.fr

www.plancul-gratuit.fr	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 213.186.33.3 (France) 1 redirects

ASN16276 (OVH, FR)
PTR: cluster015.ovh.net

www.alorsquoidefun.fr	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 195.20.15.34 (France)

ASN43424 (PROCEAU, FR)
PTR: pfs-lb1b.srv.proceau.net

img.over-blog-kiwi.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 213.186.33.40 (France)

ASN16276 (OVH, FR)
PTR: cluster011.ovh.net

ehpad-foucharupt.fr	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 88.212.196.77 (Russian Federation) 1 redirects

ASN39134 (UNITEDNET, RU)
PTR: host37.rax.ru

counter.yadro.ru	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1450:4001:816::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE - Google LLC, US)

fonts.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 104.27.188.236 (United States) 1 redirects

ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US)

bestzinka.site	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 195.123.240.187 (Los Angeles, United States)

ASN204957 (LAYER6, UA)
PTR: vds-353518.hosted-by-itldc.com

sweetloversclub.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

8 95.216.190.44 (Finland)

ASN24940 (HETZNER-AS, DE)
PTR: static.44.190.216.95.clients.your-server.de

t-r-f-k.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
13	medalgraphics.com tefasexelo.medalgraphics.com	153 KB
8	t-r-f-k.com t-r-f-k.com	754 KB
3	gstatic.com fonts.gstatic.com	27 KB
3	francetvinfo.fr 2 redirects culturebox.francetvinfo.fr www.francetvinfo.fr	256 B
2	sweetloversclub.com sweetloversclub.com	5 KB
2	yadro.ru 1 redirects counter.yadro.ru	1015 B
2	alorsquoidefun.fr 1 redirects www.alorsquoidefun.fr	39 KB
1	bestzinka.site 1 redirects bestzinka.site	871 B
1	ehpad-foucharupt.fr ehpad-foucharupt.fr	289 KB
1	over-blog-kiwi.com img.over-blog-kiwi.com	651 KB
1	plancul-gratuit.fr www.plancul-gratuit.fr	60 KB
1	gemo.fr media.gemo.fr	17 KB
1	skyrock.net i.skyrock.net	31 KB
1	imagetwist.com img54.imagetwist.com	42 KB
1	culturepub.fr static.culturepub.fr
1	magiesdumonde.fr www.magiesdumonde.fr	95 KB
1	f1g.fr i.f1g.fr	211 KB
1	gauthierdebock.com www.gauthierdebock.com	44 KB
1	otcdn.com g.otcdn.com	134 KB
1	secondechance.org www.secondechance.org	100 KB
1	blogspot.com 2.bp.blogspot.com	243 KB
1	googleapis.com fonts.googleapis.com	9 KB
0	rencontrelove.info Failed www.rencontrelove.info Failed
0	hostingpics.net Failed img11.hostingpics.net Failed
45	24

	Domain	Requested by
13	tefasexelo.medalgraphics.com	tefasexelo.medalgraphics.com
8	t-r-f-k.com	sweetloversclub.com
3	fonts.gstatic.com	tefasexelo.medalgraphics.com
2	sweetloversclub.com	tefasexelo.medalgraphics.com sweetloversclub.com
2	counter.yadro.ru	1 redirects tefasexelo.medalgraphics.com
2	www.alorsquoidefun.fr	1 redirects tefasexelo.medalgraphics.com
2	www.francetvinfo.fr	1 redirects tefasexelo.medalgraphics.com
1	bestzinka.site	1 redirects
1	ehpad-foucharupt.fr	tefasexelo.medalgraphics.com
1	img.over-blog-kiwi.com	tefasexelo.medalgraphics.com
1	www.plancul-gratuit.fr	tefasexelo.medalgraphics.com
1	media.gemo.fr	tefasexelo.medalgraphics.com
1	i.skyrock.net	tefasexelo.medalgraphics.com
1	img54.imagetwist.com	tefasexelo.medalgraphics.com
1	static.culturepub.fr	tefasexelo.medalgraphics.com
1	www.magiesdumonde.fr	tefasexelo.medalgraphics.com
1	culturebox.francetvinfo.fr	1 redirects
1	i.f1g.fr	tefasexelo.medalgraphics.com
1	www.gauthierdebock.com	tefasexelo.medalgraphics.com
1	g.otcdn.com	tefasexelo.medalgraphics.com
1	www.secondechance.org	tefasexelo.medalgraphics.com
1	2.bp.blogspot.com	tefasexelo.medalgraphics.com
1	fonts.googleapis.com	tefasexelo.medalgraphics.com
0	www.rencontrelove.info Failed	tefasexelo.medalgraphics.com
0	img11.hostingpics.net Failed	tefasexelo.medalgraphics.com
45	25

This site contains no links.

Subject Issuer	Validity	Valid
	`1970-01-01` - `1970-01-01`	a few seconds	crt.sh
*.googleusercontent.com GTS CA 1O1	`2019-08-13` - `2019-11-11`	3 months	crt.sh
secondechance.org Gandi Standard SSL CA 2	`2019-06-20` - `2020-07-20`	a year	crt.sh
otcdn.com CloudFlare Inc ECC CA-2	`2018-10-22` - `2019-10-22`	a year	crt.sh
a.f1g.fr Let's Encrypt Authority X3	`2019-07-11` - `2019-10-09`	3 months	crt.sh
www.francetvinfo.fr Let's Encrypt Authority X3	`2019-08-21` - `2019-11-19`	3 months	crt.sh
ssl746615.cloudflaressl.com COMODO ECC Domain Validation Secure Server CA 2	`2019-05-22` - `2019-11-28`	6 months	crt.sh
*.gemo.fr GeoTrust RSA CA 2018	`2019-04-17` - `2021-05-12`	2 years	crt.sh
alorsquoidefun.fr Let's Encrypt Authority X3	`2019-08-07` - `2019-11-05`	3 months	crt.sh
sweetloversclub.com Let's Encrypt Authority X3	`2019-09-02` - `2019-12-01`	3 months	crt.sh
t-r-f-k.com Let's Encrypt Authority X3	`2019-07-10` - `2019-10-08`	3 months	crt.sh

This page contains 1 frames:

Primary Page: https://sweetloversclub.com/ayqseeqwikzzhr?s2=358f06ne86j1op2c
Frame ID: 93BA600BE78B393430545B89B5D9D2F4
Requests: 45 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page URL History Show full URLs

http://tefasexelo.medalgraphics.com/ Page URL
http://bestzinka.site/p9Wd3g HTTP 302
https://sweetloversclub.com/ayqseeqwikzzhr?s2=358f06ne86j1op2c Page URL

Detected technologies

CloudFlare (CDN) Expand

Overall confidence: 100%
Detected patterns

headers server /^cloudflare$/i

Page Statistics

45
Requests

40 %
HTTPS

27 %
IPv6

24
Domains

25
Subdomains

22
IPs

7
Countries

2904 kB
Transfer

3619 kB
Size

2
Cookies

0 Outgoing links

These are links going to different origins than the main page.

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

http://tefasexelo.medalgraphics.com/ Page URL
http://bestzinka.site/p9Wd3g HTTP 302
https://sweetloversclub.com/ayqseeqwikzzhr?s2=358f06ne86j1op2c Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 17

https://culturebox.francetvinfo.fr/sites/default/files/assets/images/2012/12/taglioni.jpg HTTP 301
https://www.francetvinfo.fr/culture HTTP 301
http://www.francetvinfo.fr/culture/ HTTP 307
https://www.francetvinfo.fr/culture/

Request Chain 24

http://www.alorsquoidefun.fr/wp-content/uploads/2013/10/celib-velib-mairie-paris-femme-velo-celibataire-610x200.jpg HTTP 302
https://www.alorsquoidefun.fr/wp-content/uploads/2013/10/celib-velib-mairie-paris-femme-velo-celibataire-610x200.jpg

Request Chain 30

http://counter.yadro.ru/hit?r;s1600*1200*24;uhttp%3A//tefasexelo.medalgraphics.com/;hMon%20mari%20va%20sur%20des%20sites%20de%20rencontres%20%22Mon%20mari%20regarde%20des%20sites%20porno%20en%20cachette%22;0.42869147222412174 HTTP 302
http://counter.yadro.ru/hit?q;r;s1600*1200*24;uhttp%3A//tefasexelo.medalgraphics.com/;hMon%20mari%20va%20sur%20des%20sites%20de%20rencontres%20%22Mon%20mari%20regarde%20des%20sites%20porno%20en%20cachette%22;0.42869147222412174

45 HTTP transactions
0 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H/1.1 200
OK Cookie set / Show response
tefasexelo.medalgraphics.com/ 41 KB
9 KB 210ms
180ms Document
text/html 104.27.133.228
Cloudflare

General

Check archive.org

Show headers Download Go to

Full URL: http://tefasexelo.medalgraphics.com/
Protocol: HTTP/1.1
Server: 104.27.133.228 , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),
Reverse DNS
Software: cloudflare /
Resource Hash: 0edf31f19105d4c3dc2fcccbc17afb38e09ced7b7b161ffd616850d6befc0f21

Request headers

Host: tefasexelo.medalgraphics.com
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3
Accept-Encoding: gzip, deflate
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date: Tue, 03 Sep 2019 12:03:58 GMT
Content-Type: text/html; charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
Set-Cookie: __cfduid=ddc1e41f95d036fa2f7e6f1aeadd3e81d1567512238; expires=Wed, 02-Sep-20 12:03:58 GMT; path=/; domain=.medalgraphics.com; HttpOnly
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 510795641f6864af-FRA
Content-Encoding: gzip

GET
H/1.1 200
OK css
fonts.googleapis.com/ 122 KB
9 KB 31ms
21ms Stylesheet
text/css 2a00:1450:4001:81f::200a
Google LLC

General

Check archive.org

Show headers Download Go to

Full URL

http://fonts.googleapis.com/css?family=PT+Sans%3A300%2C400%2C600%2C700%2C800%2C900%7CRoboto%3A400%2C700%7CRoboto+Condensed%3A400%2C700%7COpen+Sans%7COverpass%7CMontserrat%3A300%2C400%2C600%2C700%2C800%2C900%7CPlayball%3A300%2C400%2C600%2C700%2C800%2C900%7CAlegreya%3A300%2C400%2C600%2C700%2C800%2C900%7CJulius+Sans+One%7CArsenal%7CSlabo%7CLato%7COverpass+Mono%7CSource+Sans+Pro%7CRaleway%7CMerriweather%7CDroid+Sans%7CRubik%7CLora%7CUbuntu%7CCabin%7CArimo%7CPlayfair+Display%7CQuicksand%7CPadauk%7CMuli%7CInconsolata%7CBitter%7CPacifico%7CIndie+Flower%7CVT323%7CDosis%7CFrank+Ruhl+Libre%7CFjalla+One%7COxygen%7CArvo%7CNoto+Serif%7CLobster%7CCrimson+Text%7CYanone+Kaffeesatz%7CAnton%7CLibre+Baskerville%7CBree+Serif%7CGloria+Hallelujah%7CJosefin+Sans%7CAbril+Fatface%7CVarela+Round%7CVampiro+One%7CShadows+Into+Light%7CCuprum%7CRokkitt%7CVollkorn%7CFrancois+One%7COrbitron%7CPatua+One%7CAcme%7CSatisfy%7CJosefin+Slab%7CQuattrocento+Sans%7CArchitects+Daughter%7CRusso+One%7CMonda%7CRighteous%7CLobster+Two%7CHammersmith+One%7CCourgette%7CPermanent+Marker%7CCherry+Swash%7CCormorant+Garamond%7CPoiret+One%7CBenchNine%7CEconomica%7CHandlee%7CCardo%7CAlfa+Slab+One%7CAveria+Serif+Libre%7CCookie%7CChewy%7CGreat+Vibes%7CComing+Soon%7CPhilosopher%7CDays+One%7CKanit%7CShrikhand%7CTangerine%7CIM+Fell+English+SC%7CBoogaloo%7CBangers%7CFredoka+One%7CBad+Script%7CVolkhov%7CShadows+Into+Light+Two%7CMarck+Script%7CSacramento%7CUnica+One%7CKarla%3A400%2C400i%2C700&ver=4.8

Requested by

Host: tefasexelo.medalgraphics.com
URL: http://tefasexelo.medalgraphics.com/

Protocol

HTTP/1.1

Security

, ,

Server

2a00:1450:4001:81f::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

Software

ESF /

Resource Hash

a041dae2e153c2b9b54aff02896557ae4c901de1d13c01d32850126e8cc2efe5

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: http://tefasexelo.medalgraphics.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date: Tue, 03 Sep 2019 12:03:58 GMT
Content-Encoding: gzip
Last-Modified: Tue, 03 Sep 2019 12:03:58 GMT
Server: ESF
X-Frame-Options: SAMEORIGIN
Content-Type: text/css; charset=utf-8
Access-Control-Allow-Origin: *
Cache-Control: private, max-age=86400, stale-while-revalidate=604800
Transfer-Encoding: chunked
Timing-Allow-Origin: *
Link: <http://fonts.gstatic.com>; rel=preconnect; crossorigin
X-XSS-Protection: 0
Expires: Tue, 03 Sep 2019 12:03:58 GMT

GET
H/1.1 200
OK bootstrap.css
tefasexelo.medalgraphics.com/wp-content/themes/advance-ecommerce-store/css/ 183 KB
23 KB 106ms
102ms Stylesheet
text/css 104.27.133.228
Cloudflare

General

Check archive.org

Show headers Download Go to

Full URL: http://tefasexelo.medalgraphics.com/wp-content/themes/advance-ecommerce-store/css/bootstrap.css?ver=4.8
Requested by: Host: tefasexelo.medalgraphics.com
URL: http://tefasexelo.medalgraphics.com/
Protocol: HTTP/1.1
Security: , ,
Server: 104.27.133.228 , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),
Reverse DNS
Software: cloudflare /
Resource Hash: c15647da5e2cc4fb6bc79881eb7d9da33ceb139678ab96c3417e752173000ba6

Request headers

Referer: http://tefasexelo.medalgraphics.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date: Tue, 03 Sep 2019 12:03:59 GMT
Content-Encoding: gzip
CF-Cache-Status: MISS
Last-Modified: Thu, 20 Dec 2018 13:24:22 GMT
Server: cloudflare
ETag: "2daf6-57d740c718d80-gzip"
Vary: Accept-Encoding
Content-Type: text/css
Cache-Control: public, max-age=14400
Connection: keep-alive
Accept-Ranges: bytes
CF-RAY: 5107956548f064af-FRA
Content-Length: 22816
Expires: Tue, 03 Sep 2019 16:03:58 GMT

GET
H/1.1 200
OK style.css
tefasexelo.medalgraphics.com/wp-content/themes/advance-ecommerce-store/ 26 KB
7 KB 87ms
79ms Stylesheet
text/css 104.27.133.228
Cloudflare

General

Check archive.org

Show headers Download Go to

Full URL: http://tefasexelo.medalgraphics.com/wp-content/themes/advance-ecommerce-store/style.css?ver=4.8
Requested by: Host: tefasexelo.medalgraphics.com
URL: http://tefasexelo.medalgraphics.com/
Protocol: HTTP/1.1
Security: , ,
Server: 104.27.133.228 , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),
Reverse DNS
Software: cloudflare /
Resource Hash: 48e80337a0d77a00c63bd5294fa32195eea810d6fe707194055c19846b34bc13

Request headers

Referer: http://tefasexelo.medalgraphics.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date: Tue, 03 Sep 2019 12:03:58 GMT
Content-Encoding: gzip
CF-Cache-Status: MISS
Last-Modified: Sun, 10 Feb 2019 03:48:28 GMT
Server: cloudflare
ETag: "6744-58182109cdb00-gzip"
Vary: Accept-Encoding
Content-Type: text/css
Cache-Control: public, max-age=14400
Connection: keep-alive
Accept-Ranges: bytes
CF-RAY: 510795654e32979c-FRA
Content-Length: 6585
Expires: Tue, 03 Sep 2019 16:03:58 GMT

GET
H/1.1 200
OK custom.css
tefasexelo.medalgraphics.com/wp-content/themes/advance-ecommerce-store/css/ 1 KB
919 B 80ms
72ms Stylesheet
text/css 104.27.133.228
Cloudflare

General

Check archive.org

Show headers Download Go to

Full URL: http://tefasexelo.medalgraphics.com/wp-content/themes/advance-ecommerce-store/css/custom.css?ver=4.8
Requested by: Host: tefasexelo.medalgraphics.com
URL: http://tefasexelo.medalgraphics.com/
Protocol: HTTP/1.1
Security: , ,
Server: 104.27.133.228 , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),
Reverse DNS
Software: cloudflare /
Resource Hash: 3a94e7decd3d60f105d886365fa994e74dbe593dc781aadc13531a6321c1e0cc

Request headers

Referer: http://tefasexelo.medalgraphics.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date: Tue, 03 Sep 2019 12:03:58 GMT
Content-Encoding: gzip
CF-Cache-Status: MISS
Last-Modified: Thu, 20 Dec 2018 13:24:22 GMT
Server: cloudflare
ETag: "538-57d740c718d80-gzip"
Vary: Accept-Encoding
Content-Type: text/css
Cache-Control: public, max-age=14400
Connection: keep-alive
Accept-Ranges: bytes
CF-RAY: 510795654bc9d6cd-FRA
Content-Length: 496
Expires: Tue, 03 Sep 2019 16:03:58 GMT

GET
H/1.1 200
OK fontawesome-all.css
tefasexelo.medalgraphics.com/wp-content/themes/advance-ecommerce-store/css/ 45 KB
8 KB 86ms
77ms Stylesheet
text/css 104.27.133.228
Cloudflare

General

Check archive.org

Show headers Download Go to

Full URL: http://tefasexelo.medalgraphics.com/wp-content/themes/advance-ecommerce-store/css/fontawesome-all.css?ver=4.8
Requested by: Host: tefasexelo.medalgraphics.com
URL: http://tefasexelo.medalgraphics.com/
Protocol: HTTP/1.1
Security: , ,
Server: 104.27.133.228 , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),
Reverse DNS
Software: cloudflare /
Resource Hash: 1a969426e95655a88aea6b40a6401d75e1c38eebd54aa913c931a3ddef8d452f

Request headers

Referer: http://tefasexelo.medalgraphics.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date: Tue, 03 Sep 2019 12:03:58 GMT
Content-Encoding: gzip
CF-Cache-Status: MISS
Last-Modified: Thu, 20 Dec 2018 13:24:22 GMT
Server: cloudflare
ETag: "b350-57d740c718d80-gzip"
Vary: Accept-Encoding
Content-Type: text/css
Cache-Control: public, max-age=14400
Connection: keep-alive
Accept-Ranges: bytes
CF-RAY: 510795654aee640d-FRA
Content-Length: 8015
Expires: Tue, 03 Sep 2019 16:03:58 GMT

GET
H/1.1 200
OK jquery.js Show response
tefasexelo.medalgraphics.com/wp-includes/js/jquery/ 95 KB
33 KB 124ms
116ms Script
application/javascript 104.27.133.228
Cloudflare

General

Check archive.org

Show headers Download Go to

Full URL: http://tefasexelo.medalgraphics.com/wp-includes/js/jquery/jquery.js?ver=1.12.4
Requested by: Host: tefasexelo.medalgraphics.com
URL: http://tefasexelo.medalgraphics.com/
Protocol: HTTP/1.1
Security: , ,
Server: 104.27.133.228 , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),
Reverse DNS
Software: cloudflare /
Resource Hash: fc48d1d80ece71a79a7b39877f4104d49d3da6c3665cf6dc203000fb7df4447e

Request headers

Referer: http://tefasexelo.medalgraphics.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date: Tue, 03 Sep 2019 12:03:59 GMT
Content-Encoding: gzip
CF-Cache-Status: MISS
Last-Modified: Thu, 20 Dec 2018 14:40:13 GMT
Server: cloudflare
ETag: "17ba0-57d751bb44d40-gzip"
Vary: Accept-Encoding
Content-Type: application/javascript
Cache-Control: public, max-age=14400
Connection: keep-alive
Accept-Ranges: bytes
CF-RAY: 51079565493896b6-FRA
Content-Length: 33766
Expires: Tue, 03 Sep 2019 16:03:59 GMT

GET
H/1.1 200
OK jquery-migrate.min.js Show response
tefasexelo.medalgraphics.com/wp-includes/js/jquery/ 10 KB
4 KB 77ms
69ms Script
application/javascript 104.27.133.228
Cloudflare

General

Check archive.org

Show headers Download Go to

Full URL: http://tefasexelo.medalgraphics.com/wp-includes/js/jquery/jquery-migrate.min.js?ver=1.4.1
Requested by: Host: tefasexelo.medalgraphics.com
URL: http://tefasexelo.medalgraphics.com/
Protocol: HTTP/1.1
Security: , ,
Server: 104.27.133.228 , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),
Reverse DNS
Software: cloudflare /
Resource Hash: 48eb8b500ae6a38617b5738d2b3faec481922a7782246e31d2755c034a45cd5d

Request headers

Referer: http://tefasexelo.medalgraphics.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date: Tue, 03 Sep 2019 12:03:58 GMT
Content-Encoding: gzip
CF-Cache-Status: MISS
Last-Modified: Thu, 20 Dec 2018 14:40:13 GMT
Server: cloudflare
ETag: "2748-57d751bb44d40-gzip"
Vary: Accept-Encoding
Content-Type: application/javascript
Cache-Control: public, max-age=14400
Connection: keep-alive
Accept-Ranges: bytes
CF-RAY: 510795654982d721-FRA
Content-Length: 4014
Expires: Tue, 03 Sep 2019 16:03:58 GMT

GET
H/1.1 200
OK SmoothScroll.js Show response
tefasexelo.medalgraphics.com/wp-content/themes/advance-ecommerce-store/js/ 22 KB
7 KB 150ms
70ms Script
application/javascript 104.27.133.228
Cloudflare

General

Check archive.org

Show headers Download Go to

Full URL: http://tefasexelo.medalgraphics.com/wp-content/themes/advance-ecommerce-store/js/SmoothScroll.js?ver=4.8
Requested by: Host: tefasexelo.medalgraphics.com
URL: http://tefasexelo.medalgraphics.com/
Protocol: HTTP/1.1
Security: , ,
Server: 104.27.133.228 , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),
Reverse DNS
Software: cloudflare /
Resource Hash: c75930bf2b158f6b59171596dfe685afbba59a71b9b5fb6eacb6e94bba599409

Request headers

Referer: http://tefasexelo.medalgraphics.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date: Tue, 03 Sep 2019 12:03:59 GMT
Content-Encoding: gzip
CF-Cache-Status: MISS
Last-Modified: Thu, 20 Dec 2018 13:24:24 GMT
Server: cloudflare
ETag: "577e-57d740c901200-gzip"
Vary: Accept-Encoding
Content-Type: application/javascript
Cache-Control: public, max-age=14400
Connection: keep-alive
Accept-Ranges: bytes
CF-RAY: 51079565cb44d721-FRA
Content-Length: 6588
Expires: Tue, 03 Sep 2019 16:03:59 GMT

GET
H/1.1 200
OK custom.js Show response
tefasexelo.medalgraphics.com/wp-content/themes/advance-ecommerce-store/js/ 3 KB
1 KB 144ms
62ms Script
application/javascript 104.27.133.228
Cloudflare

General

Check archive.org

Show headers Download Go to

Full URL: http://tefasexelo.medalgraphics.com/wp-content/themes/advance-ecommerce-store/js/custom.js?ver=4.8
Requested by: Host: tefasexelo.medalgraphics.com
URL: http://tefasexelo.medalgraphics.com/
Protocol: HTTP/1.1
Security: , ,
Server: 104.27.133.228 , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),
Reverse DNS
Software: cloudflare /
Resource Hash: 7bc888c8cd6b01db0f5eb0d0329ba3eec72f61036fd87c31b5210f9bd9988665

Request headers

Referer: http://tefasexelo.medalgraphics.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date: Tue, 03 Sep 2019 12:03:59 GMT
Content-Encoding: gzip
CF-Cache-Status: MISS
Last-Modified: Thu, 20 Dec 2018 13:24:24 GMT
Server: cloudflare
ETag: "a62-57d740c901200-gzip"
Vary: Accept-Encoding
Content-Type: application/javascript
Cache-Control: public, max-age=14400
Connection: keep-alive
Accept-Ranges: bytes
CF-RAY: 51079565cd7fd6cd-FRA
Content-Length: 592
Expires: Tue, 03 Sep 2019 16:03:59 GMT

GET
H/1.1 200
OK bootstrap.js Show response
tefasexelo.medalgraphics.com/wp-content/themes/advance-ecommerce-store/js/ 116 KB
20 KB 337ms
247ms Script
application/javascript 104.27.133.228
Cloudflare

General

Check archive.org

Show headers Download Go to

Full URL: http://tefasexelo.medalgraphics.com/wp-content/themes/advance-ecommerce-store/js/bootstrap.js?ver=4.8
Requested by: Host: tefasexelo.medalgraphics.com
URL: http://tefasexelo.medalgraphics.com/
Protocol: HTTP/1.1
Security: , ,
Server: 104.27.133.228 , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),
Reverse DNS
Software: cloudflare /
Resource Hash: d23e23341dd9ede31799ec9c3cf354c05b51a227ce4f8b8ae3d4409d5d36fb5e

Request headers

Referer: http://tefasexelo.medalgraphics.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date: Tue, 03 Sep 2019 12:03:59 GMT
Content-Encoding: gzip
CF-Cache-Status: MISS
Last-Modified: Thu, 20 Dec 2018 13:24:24 GMT
Server: cloudflare
ETag: "1d09e-57d740c901200-gzip"
Vary: Accept-Encoding
Content-Type: application/javascript
Cache-Control: public, max-age=14400
Connection: keep-alive
Accept-Ranges: bytes
CF-RAY: 51079565db5e640d-FRA
Content-Length: 20372
Expires: Tue, 03 Sep 2019 16:03:59 GMT

GET
H2 200 IMG_0993.JPG
2.bp.blogspot.com/-wQgi1ipHM5I/Vxif2mBv9HI/AAAAAAAAEJQ/Q3Cjqz4YngIdTn3MHOSoyL4p0muzLXAzgCLcB/s1600/ 243 KB
243 KB 390ms
367ms Image
image/jpeg 2a00:1450:4001:81c::2001
Google LLC

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://2.bp.blogspot.com/-wQgi1ipHM5I/Vxif2mBv9HI/AAAAAAAAEJQ/Q3Cjqz4YngIdTn3MHOSoyL4p0muzLXAzgCLcB/s1600/IMG_0993.JPG

Requested by

Host: tefasexelo.medalgraphics.com
URL: http://tefasexelo.medalgraphics.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:81c::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

Software

fife /

Resource Hash

64bec8c5a62bf047dbf2b9a2e6c4e758eeb72bb463ee1e4046cd69d64cffebfa

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Sec-Fetch-Mode: no-cors
Referer: http://tefasexelo.medalgraphics.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Tue, 03 Sep 2019 12:03:59 GMT
x-content-type-options: nosniff
status: 200
content-disposition: inline;filename="IMG_0993.JPG"
alt-svc: quic=":443"; ma=2592000; v="46,43,39"
content-length: 248746
x-xss-protection: 0
server: fife
etag: "v1097"
vary: Origin
content-type: image/jpeg
access-control-allow-origin: *
access-control-expose-headers: Content-Length
cache-control: public, max-age=86400, no-transform
timing-allow-origin: *
expires: Wed, 04 Sep 2019 12:03:59 GMT

GET
H/1.1 200
OK 5ab21980a8844592410539.jpg
www.secondechance.org/uploads/anim/ 101 KB
100 KB 199ms
28ms Image
image/jpeg 95.131.136.119
OXALIDE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.secondechance.org/uploads/anim/5ab21980a8844592410539.jpg
Requested by: Host: tefasexelo.medalgraphics.com
URL: http://tefasexelo.medalgraphics.com/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 95.131.136.119 , France, ASN47841 (OXALIDE, FR),
Reverse DNS: not.updated.oxalide.net
Software: nginx /
Resource Hash: c2baf7e285b3cfbd07a9aad9cbcf15b3c7752f96a387ac1fd299f321e4a09e6f

Request headers

Sec-Fetch-Mode: no-cors
Referer: http://tefasexelo.medalgraphics.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date: Tue, 03 Sep 2019 12:03:59 GMT
Content-Encoding: gzip
Last-Modified: Wed, 21 Mar 2018 08:36:16 GMT
Server: nginx
ETag: W/"1929a-567e815a3e38e"
Vary: Accept-Encoding
Content-Type: image/jpeg
Cache-Control: max-age=604800
Transfer-Encoding: chunked
Connection: close
Expires: Tue, 10 Sep 2019 12:03:59 GMT

GET
H2 200 apparthotel-1ere-avenue-val-senart-quincy-sous-senart-010.jpg
g.otcdn.com/imglib/hotelfotos/8/264/ 134 KB
134 KB 394ms
332ms Image
image/jpeg 2606:4700:20::681a:a58
Cloudflare

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://g.otcdn.com/imglib/hotelfotos/8/264/apparthotel-1ere-avenue-val-senart-quincy-sous-senart-010.jpg

Requested by

Host: tefasexelo.medalgraphics.com
URL: http://tefasexelo.medalgraphics.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:20::681a:a58 , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),

Reverse DNS

Software

cloudflare /

Resource Hash

85fdb91b90d8ac4c8148424f459584561d35b270445946eba8583dc10cccf785

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

Sec-Fetch-Mode: no-cors
Referer: http://tefasexelo.medalgraphics.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Tue, 03 Sep 2019 12:03:59 GMT
cf-cache-status: MISS
last-modified: Sat, 17 Oct 2015 00:48:58 GMT
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
x-cache: MISS
content-type: image/jpeg
status: 200
cache-control: public, max-age=578404316
strict-transport-security: max-age=31536000; includeSubDomains; preload
cf-ray: 51079567fca55a12-VIE
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET 95941420140203162952.jpg
img11.hostingpics.net/pics/ 0
0

GET
H/1.1 200
OK rostain.jpg
www.gauthierdebock.com/wp-content/uploads/2014/04/ 44 KB
44 KB 475ms
183ms Image
image/jpeg 66.96.149.32
The Endurance Int...

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://www.gauthierdebock.com/wp-content/uploads/2014/04/rostain.jpg
Requested by: Host: tefasexelo.medalgraphics.com
URL: http://tefasexelo.medalgraphics.com/
Protocol: HTTP/1.1
Security: , ,
Server: 66.96.149.32 Burlington, United States, ASN29873 (BIZLAND-SD - The Endurance International Group, Inc., US),
Reverse DNS: 32.149.96.66.static.eigbox.net
Software: Apache/2 /
Resource Hash: a7ae494e41f2124ae3f0df1ebf06e2ffa93d3ec0ef97fe1083bba6bb4c7b6888

Request headers

Referer: http://tefasexelo.medalgraphics.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date: Tue, 03 Sep 2019 12:03:59 GMT
Last-Modified: Thu, 10 Apr 2014 15:49:55 GMT
Server: Apache/2
Age: 0
ETag: "b067-4f6b22b2a1920"
Content-Type: image/jpeg
Cache-Control: max-age=14400
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 45159
Expires: Tue, 03 Sep 2019 16:03:59 GMT

GET
H2 200 diaporamaphoto-nicolassarkozyceciliaattias-6.jpg
i.f1g.fr/media/ext/1900x1900/madame.lefigaro.fr/sites/default/files/img/2013/10/ 211 KB
211 KB 157ms
120ms Image
image/jpeg 104.111.252.249
Akamai Technologies

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://i.f1g.fr/media/ext/1900x1900/madame.lefigaro.fr/sites/default/files/img/2013/10/diaporamaphoto-nicolassarkozyceciliaattias-6.jpg
Requested by: Host: tefasexelo.medalgraphics.com
URL: http://tefasexelo.medalgraphics.com/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 104.111.252.249 , Netherlands, ASN16625 (AKAMAI-AS - Akamai Technologies, Inc., US),
Reverse DNS: a104-111-252-249.deploy.static.akamaitechnologies.com
Software: /
Resource Hash: bae08bdc5ae2b8e7a449403839d9316eaeba80fb78f951c9663973714908ea30

Request headers

Sec-Fetch-Mode: no-cors
Referer: http://tefasexelo.medalgraphics.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Tue, 03 Sep 2019 12:03:59 GMT
last-modified: Mon, 17 Jun 2019 20:35:56 GMT
x-backend: fidji_img3
x-cacheable: YES : static content
x-real-age: 0
content-type: image/jpeg
status: 200
x-left-ttl: 2591988
cache-control: public, max-age=21600
content-length: 215620
accept-ranges: bytes
x-shard-target: proxy2
x-shard-entry: proxy1
expires: Tue, 03 Sep 2019 18:03:59 GMT

GET
H2

200

/
www.francetvinfo.fr/culture/
Redirect Chain

https://culturebox.francetvinfo.fr/sites/default/files/assets/images/2012/12/taglioni.jpg
https://www.francetvinfo.fr/culture
http://www.francetvinfo.fr/culture/
https://www.francetvinfo.fr/culture/

0
0

11ms
11ms

Image
text/html

2.16.186.152
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.francetvinfo.fr/culture/
Requested by: Host: tefasexelo.medalgraphics.com
URL: http://tefasexelo.medalgraphics.com/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2.16.186.152 , Ascension Island, ASN20940 (AKAMAI-ASN1, US),
Reverse DNS: a2-16-186-152.deploy.static.akamaitechnologies.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: http://tefasexelo.medalgraphics.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Redirect headers

Location: https://www.francetvinfo.fr/culture/
Non-Authoritative-Reason: HSTS

GET
H/1.1 200
OK maxresdefault-23.jpg
www.magiesdumonde.fr/wp-content/uploads/2017/07/ 95 KB
95 KB 148ms
80ms Image
image/jpeg 185.22.109.96
PlanetHoster

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://www.magiesdumonde.fr/wp-content/uploads/2017/07/maxresdefault-23.jpg
Requested by: Host: tefasexelo.medalgraphics.com
URL: http://tefasexelo.medalgraphics.com/
Protocol: HTTP/1.1
Security: , ,
Server: 185.22.109.96 , France, ASN53589 (PLANETHOSTER-8 - PlanetHoster, CA),
Reverse DNS: world-332.fr.planethoster.net
Software: Apache /
Resource Hash: 29c88ffd90e9e23a84b7d660aa11f936e97648ab52e84fdb8a1bef9b4e9b4586

Request headers

Referer: http://tefasexelo.medalgraphics.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date: Tue, 03 Sep 2019 12:03:59 GMT
Last-Modified: Sat, 15 Jul 2017 21:52:44 GMT
Server: Apache
Vary: Accept-Encoding
Upgrade: h2,h2c
Cache-Control: max-age=10368000, public
Connection: Upgrade, Keep-Alive
Accept-Ranges: bytes
Content-Type: image/jpeg
Keep-Alive: timeout=10, max=100
Content-Length: 96959
Expires: Wed, 01 Jan 2020 12:03:59 GMT

GET
H/1.1 403
Forbidden poster-23541-paco-rabanne-invictus-invictus.jpg
static.culturepub.fr/assets/2014/10/ 0
0 72ms
21ms Image
text/html 2606:4700:30::681b:9588
Cloudflare

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://static.culturepub.fr/assets/2014/10/poster-23541-paco-rabanne-invictus-invictus.jpg
Requested by: Host: tefasexelo.medalgraphics.com
URL: http://tefasexelo.medalgraphics.com/
Protocol: HTTP/1.1
Security: , ,
Server: 2606:4700:30::681b:9588 , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: http://tefasexelo.medalgraphics.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

GET
H2 200 2mx8vo9w6j2q.jpg
img54.imagetwist.com/th/04008/ 41 KB
42 KB 181ms
114ms Image
image/jpeg 2606:4700:10::6814:34b1
Cloudflare

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://img54.imagetwist.com/th/04008/2mx8vo9w6j2q.jpg
Requested by: Host: tefasexelo.medalgraphics.com
URL: http://tefasexelo.medalgraphics.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:10::6814:34b1 , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),
Reverse DNS
Software: cloudflare /
Resource Hash: c49ba1ec99b3fccdf8bde7e9ceff55eca35db9831ef46925d9e680e2c7422a5e

Request headers

Sec-Fetch-Mode: no-cors
Referer: http://tefasexelo.medalgraphics.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Tue, 03 Sep 2019 12:03:59 GMT
cf-cache-status: MISS
last-modified: Wed, 07 Aug 2013 13:19:09 GMT
server: cloudflare
etag: "774571109"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: image/jpeg
status: 200
cache-control: public, max-age=14400
accept-ranges: bytes
cf-ray: 510795680f2359a0-VIE
content-length: 42435
expires: Tue, 03 Sep 2019 16:03:59 GMT

GET
H/1.1 200
OK 3252566672_1_3_AIgAnRG2.jpg
i.skyrock.net/7518/3537518/pics/ 30 KB
31 KB 109ms
50ms Image
image/jpeg 91.203.187.6
SKYROCK

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://i.skyrock.net/7518/3537518/pics/3252566672_1_3_AIgAnRG2.jpg
Requested by: Host: tefasexelo.medalgraphics.com
URL: http://tefasexelo.medalgraphics.com/
Protocol: HTTP/1.1
Security: , ,
Server: 91.203.187.6 , France, ASN41064 (SKYROCK, FR),
Reverse DNS: vip-p-skyrock-static-lbs.skyrock.net
Software: nginx /
Resource Hash: 2c5d842708f52550e1d0a21787148827cf4d6de91fae3db960b048840e40f9af

Request headers

Referer: http://tefasexelo.medalgraphics.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date: Tue, 03 Sep 2019 12:03:59 GMT
Last-Modified: Sat, 06 Jun 2015 09:25:38 GMT
Server: nginx
Age: 961443
ETag: "5572bc92-7941"
Content-Type: image/jpeg
Cache-Control: public, max-age=31536000
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 31041

GET
H2 200 ATG03500_40689350196_1.jpg
media.gemo.fr/resize/product_main_carousel/193/ 16 KB
17 KB 294ms
255ms Image
image/jpeg 45.60.124.86
Incapsula Inc

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://media.gemo.fr/resize/product_main_carousel/193/ATG03500_40689350196_1.jpg

Requested by

Host: tefasexelo.medalgraphics.com
URL: http://tefasexelo.medalgraphics.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

45.60.124.86 , United States, ASN19551 (INCAPSULA - Incapsula Inc, US),

Reverse DNS

Software

nginx /

Resource Hash

d073d6fd3142e78bd33528f2613f2e557b31063a952501f1f7b4c41558392d63

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

Sec-Fetch-Mode: no-cors
Referer: http://tefasexelo.medalgraphics.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Tue, 03 Sep 2019 12:03:59 GMT
server: nginx
etag: "4f3ff37872964822598a6b885179f684698af668"
strict-transport-security: max-age=31536000
x-front: nfs02
content-type: image/jpeg
status: 200
x-iinfo: 3-22044341-22034969 2NNN RT(1567512238466 0) q(0 0 0 0) r(3 3) U18
expires: Wed, 04 Sep 2019 12:03:59 GMT
cache-control: max-age=86400,public
content-length: 16814
x-cdn: Incapsula
x-proxy-cache: EXPIRED

GET
H/1.1 200
OK 2015-06-17_5580b8c2895bc_20150418_2346031-e1436190115900.jpg
www.plancul-gratuit.fr/wp-content/uploads/2015/06/ 59 KB
60 KB 100ms
52ms Image
image/jpeg 195.154.28.207
AS12876

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://www.plancul-gratuit.fr/wp-content/uploads/2015/06/2015-06-17_5580b8c2895bc_20150418_2346031-e1436190115900.jpg
Requested by: Host: tefasexelo.medalgraphics.com
URL: http://tefasexelo.medalgraphics.com/
Protocol: HTTP/1.1
Security: , ,
Server: 195.154.28.207 Paris, France, ASN12876 (AS12876, FR),
Reverse DNS: www.plancul-gratuit.fr
Software: Apache /
Resource Hash: 7de0bc076c1b7e0836e537fe53b9ee0d424183a564c6ea9e818ce2c77e0f6293

Request headers

Referer: http://tefasexelo.medalgraphics.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date: Tue, 03 Sep 2019 12:03:59 GMT
Last-Modified: Fri, 15 Dec 2017 11:15:05 GMT
Server: Apache
Vary: Accept-Encoding
Content-Type: image/jpeg
Cache-Control: max-age=2592000, public
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=2, max=100
Content-Length: 60763
Expires: Thu, 03 Oct 2019 12:03:59 GMT

GET
H2

200

celib-velib-mairie-paris-femme-velo-celibataire-610x200.jpg
www.alorsquoidefun.fr/wp-content/uploads/2013/10/
Redirect Chain

http://www.alorsquoidefun.fr/wp-content/uploads/2013/10/celib-velib-mairie-paris-femme-velo-celibataire-610x200.jpg
https://www.alorsquoidefun.fr/wp-content/uploads/2013/10/celib-velib-mairie-paris-femme-velo-celibataire-610x200.jpg

39 KB
39 KB

63ms
28ms

Image
image/jpeg

213.186.33.3
OVH

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.alorsquoidefun.fr/wp-content/uploads/2013/10/celib-velib-mairie-paris-femme-velo-celibataire-610x200.jpg
Requested by: Host: tefasexelo.medalgraphics.com
URL: http://tefasexelo.medalgraphics.com/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 213.186.33.3 , France, ASN16276 (OVH, FR),
Reverse DNS: cluster015.ovh.net
Software: Apache /
Resource Hash: 07fe80f161cd63b0dfb6d8e7b990d03404656f7982b97e0c63a6c17b1c4eb5d8

Request headers

Referer: http://tefasexelo.medalgraphics.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Tue, 03 Sep 2019 12:03:59 GMT
last-modified: Wed, 09 Oct 2013 07:16:01 GMT
server: Apache
x-iplb-instance: 28277
content-type: image/jpeg
status: 200
cache-control: max-age=900
accept-ranges: bytes
content-length: 39631
expires: Tue, 03 Sep 2019 12:18:59 GMT

Redirect headers

Location: https://www.alorsquoidefun.fr/wp-content/uploads/2013/10/celib-velib-mairie-paris-femme-velo-celibataire-610x200.jpg
Date: Tue, 03 Sep 2019 12:03:59 GMT
Server: Apache
Content-Length: 300
X-IPLB-Instance: 28281
Content-Type: text/html; charset=iso-8859-1

GET 0674
www.rencontrelove.info/photos/ 0
0

GET
H/1.1 200
OK ob_765276_imgp6509.JPG
img.over-blog-kiwi.com/0/51/14/80/20140116/ 650 KB
651 KB 1544ms
1537ms Image
image/jpeg 195.20.15.34
PROCEAU

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://img.over-blog-kiwi.com/0/51/14/80/20140116/ob_765276_imgp6509.JPG
Requested by: Host: tefasexelo.medalgraphics.com
URL: http://tefasexelo.medalgraphics.com/
Protocol: HTTP/1.1
Security: , ,
Server: 195.20.15.34 , France, ASN43424 (PROCEAU, FR),
Reverse DNS: pfs-lb1b.srv.proceau.net
Software: /
Resource Hash: 992cf2e1377a0be0c4985ba72ce177679daeeca3a8e5b310b0a73f011d45d013

Request headers

Referer: http://tefasexelo.medalgraphics.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

X-iPhone-Fix: Flap=No, Rot=
Date: Tue, 03 Sep 2019 12:04:01 GMT
Last-Modified: Tue, 03 Sep 2019 12:03:59 GMT
Etag: 66705a2e6c04655b0e71cbc2ee8165fd-8fe6692d
X-Cache: CMiss
Content-Type: image/jpeg
Access-Control-Allow-Origin: *
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 665779
X-Resize: pfs-resize5
Expires: Sun, 16 Jul 51719 06:36:26 GMT

GET
H/1.1 200
OK DSCN0195-1024x768.jpg
ehpad-foucharupt.fr/wp-content/uploads/2016/04/ 289 KB
289 KB 112ms
71ms Image
image/jpeg 213.186.33.40
OVH

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://ehpad-foucharupt.fr/wp-content/uploads/2016/04/DSCN0195-1024x768.jpg
Requested by: Host: tefasexelo.medalgraphics.com
URL: http://tefasexelo.medalgraphics.com/
Protocol: HTTP/1.1
Security: , ,
Server: 213.186.33.40 , France, ASN16276 (OVH, FR),
Reverse DNS: cluster011.ovh.net
Software: Apache /
Resource Hash: 426fd2386eccd69783cae6988dde56dc74314d168a5b572f1bb621d6e84bda22

Request headers

Referer: http://tefasexelo.medalgraphics.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date: Tue, 03 Sep 2019 12:03:59 GMT
Last-Modified: Tue, 26 Apr 2016 11:22:30 GMT
Server: Apache
X-IPLB-Instance: 29552
Content-Type: image/jpeg
Cache-Control: max-age=900, private
Accept-Ranges: bytes
Content-Length: 295455
Expires: Tue, 03 Sep 2019 12:18:59 GMT

GET
H/1.1 404
Not Found wp-emoji-release.min.js
tefasexelo.medalgraphics.com/wp-includes/js/ 0
0 353ms
346ms Script
text/html 104.27.133.228
Cloudflare

General

Check archive.org

Show headers Download Go to

Full URL: http://tefasexelo.medalgraphics.com/wp-includes/js/wp-emoji-release.min.js?ver=4.8
Requested by: Host: tefasexelo.medalgraphics.com
URL: http://tefasexelo.medalgraphics.com/
Protocol: HTTP/1.1
Security: , ,
Server: 104.27.133.228 , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),
Reverse DNS
Software: cloudflare /
Resource Hash

Request headers

Referer: http://tefasexelo.medalgraphics.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date: Tue, 03 Sep 2019 12:03:59 GMT
Content-Encoding: gzip
CF-Cache-Status: MISS
Server: cloudflare
Vary: Accept-Encoding
Content-Type: text/html; charset=UTF-8
Cache-Control: public, max-age=14400
Transfer-Encoding: chunked
Connection: keep-alive
CF-RAY: 510795690df7c272-FRA
Expires: Tue, 03 Sep 2019 16:03:59 GMT

GET
H/1.1 200
OK wp-embed.min.js Show response
tefasexelo.medalgraphics.com/wp-includes/js/ 1 KB
1 KB 130ms
129ms Script
application/javascript 104.27.133.228
Cloudflare

General

Check archive.org

Show headers Download Go to

Full URL: http://tefasexelo.medalgraphics.com/wp-includes/js/wp-embed.min.js?ver=4.8
Requested by: Host: tefasexelo.medalgraphics.com
URL: http://tefasexelo.medalgraphics.com/
Protocol: HTTP/1.1
Security: , ,
Server: 104.27.133.228 , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),
Reverse DNS
Software: cloudflare /
Resource Hash: dcb5e540e62fc85857254a1066afb6a7e8999279c6d4c583eef855d39f9289c0

Request headers

Referer: http://tefasexelo.medalgraphics.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date: Tue, 03 Sep 2019 12:03:59 GMT
Content-Encoding: gzip
CF-Cache-Status: MISS
Last-Modified: Thu, 20 Dec 2018 14:40:13 GMT
Server: cloudflare
ETag: "576-57d751bb44d40-gzip"
Vary: Accept-Encoding
Content-Type: application/javascript
Cache-Control: public, max-age=14400
Connection: keep-alive
Accept-Ranges: bytes
CF-RAY: 51079566ae5ed721-FRA
Content-Length: 751
Expires: Tue, 03 Sep 2019 16:03:59 GMT

GET
H/1.1

200
OK

hit
counter.yadro.ru/
Redirect Chain

http://counter.yadro.ru/hit?r;s1600*1200*24;uhttp%3A//tefasexelo.medalgraphics.com/;hMon%20mari%20va%20sur%20des%20sites%20de%20rencontres%20%22Mon%20mari%20regarde%20des%20sites%20porno%20en%20cac...
http://counter.yadro.ru/hit?q;r;s1600*1200*24;uhttp%3A//tefasexelo.medalgraphics.com/;hMon%20mari%20va%20sur%20des%20sites%20de%20rencontres%20%22Mon%20mari%20regarde%20des%20sites%20porno%20en%20c...

43 B
411 B

50ms
50ms

Image
image/gif

88.212.196.77
UNITEDNET

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://counter.yadro.ru/hit?q;r;s1600*1200*24;uhttp%3A//tefasexelo.medalgraphics.com/;hMon%20mari%20va%20sur%20des%20sites%20de%20rencontres%20%22Mon%20mari%20regarde%20des%20sites%20porno%20en%20cachette%22;0.42869147222412174
Requested by: Host: tefasexelo.medalgraphics.com
URL: http://tefasexelo.medalgraphics.com/
Protocol: HTTP/1.1
Security: , ,
Server: 88.212.196.77 , Russian Federation, ASN39134 (UNITEDNET, RU),
Reverse DNS: host37.rax.ru
Software: 0W/0.8c /
Resource Hash: 2dfe28cbdb83f01c940de6a88ab86200154fd772d568035ac568664e52068363

Request headers

Referer: http://tefasexelo.medalgraphics.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Pragma: no-cache
Date: Tue, 03 Sep 2019 12:03:59 GMT
Server: 0W/0.8c
P3P: policyref="/w3c/p3p.xml", CP="UNI"
Cache-control: no-cache
Connection: Close
Content-Type: image/gif
Content-Length: 43
Expires: Sun, 02 Sep 2018 21:00:00 GMT

Redirect headers

Pragma: no-cache
Date: Tue, 03 Sep 2019 12:03:59 GMT
Server: 0W/0.8c
P3P: policyref="/w3c/p3p.xml", CP="UNI"
Location: http://counter.yadro.ru/hit?q;r;s1600*1200*24;uhttp%3A//tefasexelo.medalgraphics.com/;hMon%20mari%20va%20sur%20des%20sites%20de%20rencontres%20%22Mon%20mari%20regarde%20des%20sites%20porno%20en%20cachette%22;0.42869147222412174
Cache-control: no-cache
Content-Type: text/html
Content-Length: 32
Expires: Sun, 02 Sep 2018 21:00:00 GMT

GET
H/1.1 200
OK JTURjIg1_i6t8kCHKm45_dJE3gnD_vx3rCs.woff2
fonts.gstatic.com/s/montserrat/v14/ 13 KB
14 KB 14ms
5ms Font
font/woff2 2a00:1450:4001:816::2003
Google LLC

General

Check archive.org

Show headers Download Go to

Full URL

http://fonts.gstatic.com/s/montserrat/v14/JTURjIg1_i6t8kCHKm45_dJE3gnD_vx3rCs.woff2

Requested by

Host: tefasexelo.medalgraphics.com
URL: http://tefasexelo.medalgraphics.com/

Protocol

HTTP/1.1

Security

, ,

Server

2a00:1450:4001:816::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

Software

sffe /

Resource Hash

4c6cf0709b8e52572cae1fb57128acd0a5a453c9ce99dc3712a1860ff90c6bf8

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Referer: http://fonts.googleapis.com/css?family=PT+Sans%3A300%2C400%2C600%2C700%2C800%2C900%7CRoboto%3A400%2C700%7CRoboto+Condensed%3A400%2C700%7COpen+Sans%7COverpass%7CMontserrat%3A300%2C400%2C600%2C700%2C800%2C900%7CPlayball%3A300%2C400%2C600%2C700%2C800%2C900%7CAlegreya%3A300%2C400%2C600%2C700%2C800%2C900%7CJulius+Sans+One%7CArsenal%7CSlabo%7CLato%7COverpass+Mono%7CSource+Sans+Pro%7CRaleway%7CMerriweather%7CDroid+Sans%7CRubik%7CLora%7CUbuntu%7CCabin%7CArimo%7CPlayfair+Display%7CQuicksand%7CPadauk%7CMuli%7CInconsolata%7CBitter%7CPacifico%7CIndie+Flower%7CVT323%7CDosis%7CFrank+Ruhl+Libre%7CFjalla+One%7COxygen%7CArvo%7CNoto+Serif%7CLobster%7CCrimson+Text%7CYanone+Kaffeesatz%7CAnton%7CLibre+Baskerville%7CBree+Serif%7CGloria+Hallelujah%7CJosefin+Sans%7CAbril+Fatface%7CVarela+Round%7CVampiro+One%7CShadows+Into+Light%7CCuprum%7CRokkitt%7CVollkorn%7CFrancois+One%7COrbitron%7CPatua+One%7CAcme%7CSatisfy%7CJosefin+Slab%7CQuattrocento+Sans%7CArchitects+Daughter%7CRusso+One%7CMonda%7CRighteous%7CLobster+Two%7CHammersmith+One%7CCourgette%7CPermanent+Marker%7CCherry+Swash%7CCormorant+Garamond%7CPoiret+One%7CBenchNine%7CEconomica%7CHandlee%7CCardo%7CAlfa+Slab+One%7CAveria+Serif+Libre%7CCookie%7CChewy%7CGreat+Vibes%7CComing+Soon%7CPhilosopher%7CDays+One%7CKanit%7CShrikhand%7CTangerine%7CIM+Fell+English+SC%7CBoogaloo%7CBangers%7CFredoka+One%7CBad+Script%7CVolkhov%7CShadows+Into+Light+Two%7CMarck+Script%7CSacramento%7CUnica+One%7CKarla%3A400%2C400i%2C700&ver=4.8
Origin: http://tefasexelo.medalgraphics.com

Response headers

Date: Fri, 30 Aug 2019 05:22:51 GMT
X-Content-Type-Options: nosniff
Last-Modified: Tue, 23 Jul 2019 03:47:06 GMT
Server: sffe
Age: 369668
Content-Type: font/woff2
Access-Control-Allow-Origin: *
Cache-Control: public, max-age=31536000
Accept-Ranges: bytes
Timing-Allow-Origin: *
Content-Length: 13612
X-XSS-Protection: 0
Expires: Sat, 29 Aug 2020 05:22:51 GMT

GET
H/1.1 200
OK qkBbXvYC6trAT7RVLtyU5rZP.woff2
fonts.gstatic.com/s/karla/v8/ 6 KB
7 KB 13ms
6ms Font
font/woff2 2a00:1450:4001:816::2003
Google LLC

General

Check archive.org

Show headers Download Go to

Full URL

http://fonts.gstatic.com/s/karla/v8/qkBbXvYC6trAT7RVLtyU5rZP.woff2

Requested by

Host: tefasexelo.medalgraphics.com
URL: http://tefasexelo.medalgraphics.com/

Protocol

HTTP/1.1

Security

, ,

Server

2a00:1450:4001:816::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

Software

sffe /

Resource Hash

0e16c1755f809d290b0c5e746654f10169af40c580767e0765bdd43fc542dfce

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Referer: http://fonts.googleapis.com/css?family=PT+Sans%3A300%2C400%2C600%2C700%2C800%2C900%7CRoboto%3A400%2C700%7CRoboto+Condensed%3A400%2C700%7COpen+Sans%7COverpass%7CMontserrat%3A300%2C400%2C600%2C700%2C800%2C900%7CPlayball%3A300%2C400%2C600%2C700%2C800%2C900%7CAlegreya%3A300%2C400%2C600%2C700%2C800%2C900%7CJulius+Sans+One%7CArsenal%7CSlabo%7CLato%7COverpass+Mono%7CSource+Sans+Pro%7CRaleway%7CMerriweather%7CDroid+Sans%7CRubik%7CLora%7CUbuntu%7CCabin%7CArimo%7CPlayfair+Display%7CQuicksand%7CPadauk%7CMuli%7CInconsolata%7CBitter%7CPacifico%7CIndie+Flower%7CVT323%7CDosis%7CFrank+Ruhl+Libre%7CFjalla+One%7COxygen%7CArvo%7CNoto+Serif%7CLobster%7CCrimson+Text%7CYanone+Kaffeesatz%7CAnton%7CLibre+Baskerville%7CBree+Serif%7CGloria+Hallelujah%7CJosefin+Sans%7CAbril+Fatface%7CVarela+Round%7CVampiro+One%7CShadows+Into+Light%7CCuprum%7CRokkitt%7CVollkorn%7CFrancois+One%7COrbitron%7CPatua+One%7CAcme%7CSatisfy%7CJosefin+Slab%7CQuattrocento+Sans%7CArchitects+Daughter%7CRusso+One%7CMonda%7CRighteous%7CLobster+Two%7CHammersmith+One%7CCourgette%7CPermanent+Marker%7CCherry+Swash%7CCormorant+Garamond%7CPoiret+One%7CBenchNine%7CEconomica%7CHandlee%7CCardo%7CAlfa+Slab+One%7CAveria+Serif+Libre%7CCookie%7CChewy%7CGreat+Vibes%7CComing+Soon%7CPhilosopher%7CDays+One%7CKanit%7CShrikhand%7CTangerine%7CIM+Fell+English+SC%7CBoogaloo%7CBangers%7CFredoka+One%7CBad+Script%7CVolkhov%7CShadows+Into+Light+Two%7CMarck+Script%7CSacramento%7CUnica+One%7CKarla%3A400%2C400i%2C700&ver=4.8
Origin: http://tefasexelo.medalgraphics.com

Response headers

Date: Mon, 26 Aug 2019 14:46:58 GMT
X-Content-Type-Options: nosniff
Last-Modified: Tue, 16 Jul 2019 23:49:09 GMT
Server: sffe
Age: 681421
Content-Type: font/woff2
Access-Control-Allow-Origin: *
Cache-Control: public, max-age=31536000
Accept-Ranges: bytes
Timing-Allow-Origin: *
Content-Length: 6332
X-XSS-Protection: 0
Expires: Tue, 25 Aug 2020 14:46:58 GMT

GET
H/1.1 200
OK fa-solid-900.woff2
tefasexelo.medalgraphics.com/wp-content/themes/advance-ecommerce-store/webfonts/ 38 KB
38 KB 296ms
290ms Font
application/octet-stream 104.27.133.228
Cloudflare

General

Check archive.org

Show headers Download Go to

Full URL: http://tefasexelo.medalgraphics.com/wp-content/themes/advance-ecommerce-store/webfonts/fa-solid-900.woff2
Requested by: Host: tefasexelo.medalgraphics.com
URL: http://tefasexelo.medalgraphics.com/
Protocol: HTTP/1.1
Security: , ,
Server: 104.27.133.228 , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),
Reverse DNS
Software: cloudflare /
Resource Hash: 62554277d07b20c6bfae7c6267b3198b4846f604a37d4085bf9f54c392210b56

Request headers

User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Referer: http://tefasexelo.medalgraphics.com/wp-content/themes/advance-ecommerce-store/css/fontawesome-all.css?ver=4.8
Origin: http://tefasexelo.medalgraphics.com

Response headers

Date: Tue, 03 Sep 2019 12:03:59 GMT
CF-Cache-Status: MISS
Last-Modified: Thu, 20 Dec 2018 13:24:23 GMT
Server: cloudflare
ETag: "9780-57d740c80cfc0"
Vary: Accept-Encoding
Cache-Control: public, max-age=14400
Connection: keep-alive
Accept-Ranges: bytes
CF-RAY: 51079567ca34dfa9-FRA
Content-Length: 38784
Expires: Tue, 03 Sep 2019 16:03:59 GMT

GET
H/1.1 200
OK qkBWXvYC6trAT7zuC8m5xLtlmgzD.woff2
fonts.gstatic.com/s/karla/v8/ 7 KB
7 KB 12ms
6ms Font
font/woff2 2a00:1450:4001:816::2003
Google LLC

General

Check archive.org

Show headers Download Go to

Full URL

http://fonts.gstatic.com/s/karla/v8/qkBWXvYC6trAT7zuC8m5xLtlmgzD.woff2

Requested by

Host: tefasexelo.medalgraphics.com
URL: http://tefasexelo.medalgraphics.com/

Protocol

HTTP/1.1

Security

, ,

Server

2a00:1450:4001:816::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

Software

sffe /

Resource Hash

44a947b84d612dfbb0031de1b59f60bb6ba538445ae478cf4e0835ae856498c3

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Referer: http://fonts.googleapis.com/css?family=PT+Sans%3A300%2C400%2C600%2C700%2C800%2C900%7CRoboto%3A400%2C700%7CRoboto+Condensed%3A400%2C700%7COpen+Sans%7COverpass%7CMontserrat%3A300%2C400%2C600%2C700%2C800%2C900%7CPlayball%3A300%2C400%2C600%2C700%2C800%2C900%7CAlegreya%3A300%2C400%2C600%2C700%2C800%2C900%7CJulius+Sans+One%7CArsenal%7CSlabo%7CLato%7COverpass+Mono%7CSource+Sans+Pro%7CRaleway%7CMerriweather%7CDroid+Sans%7CRubik%7CLora%7CUbuntu%7CCabin%7CArimo%7CPlayfair+Display%7CQuicksand%7CPadauk%7CMuli%7CInconsolata%7CBitter%7CPacifico%7CIndie+Flower%7CVT323%7CDosis%7CFrank+Ruhl+Libre%7CFjalla+One%7COxygen%7CArvo%7CNoto+Serif%7CLobster%7CCrimson+Text%7CYanone+Kaffeesatz%7CAnton%7CLibre+Baskerville%7CBree+Serif%7CGloria+Hallelujah%7CJosefin+Sans%7CAbril+Fatface%7CVarela+Round%7CVampiro+One%7CShadows+Into+Light%7CCuprum%7CRokkitt%7CVollkorn%7CFrancois+One%7COrbitron%7CPatua+One%7CAcme%7CSatisfy%7CJosefin+Slab%7CQuattrocento+Sans%7CArchitects+Daughter%7CRusso+One%7CMonda%7CRighteous%7CLobster+Two%7CHammersmith+One%7CCourgette%7CPermanent+Marker%7CCherry+Swash%7CCormorant+Garamond%7CPoiret+One%7CBenchNine%7CEconomica%7CHandlee%7CCardo%7CAlfa+Slab+One%7CAveria+Serif+Libre%7CCookie%7CChewy%7CGreat+Vibes%7CComing+Soon%7CPhilosopher%7CDays+One%7CKanit%7CShrikhand%7CTangerine%7CIM+Fell+English+SC%7CBoogaloo%7CBangers%7CFredoka+One%7CBad+Script%7CVolkhov%7CShadows+Into+Light+Two%7CMarck+Script%7CSacramento%7CUnica+One%7CKarla%3A400%2C400i%2C700&ver=4.8
Origin: http://tefasexelo.medalgraphics.com

Response headers

Date: Tue, 27 Aug 2019 17:00:05 GMT
X-Content-Type-Options: nosniff
Last-Modified: Tue, 16 Jul 2019 23:49:25 GMT
Server: sffe
Age: 587034
Content-Type: font/woff2
Access-Control-Allow-Origin: *
Cache-Control: public, max-age=31536000
Accept-Ranges: bytes
Timing-Allow-Origin: *
Content-Length: 6796
X-XSS-Protection: 0
Expires: Wed, 26 Aug 2020 17:00:05 GMT

GET
H2

200

Primary Request ayqseeqwikzzhr Show response
sweetloversclub.com/
Redirect Chain

http://bestzinka.site/p9Wd3g
https://sweetloversclub.com/ayqseeqwikzzhr?s2=358f06ne86j1op2c

9 KB
4 KB

899ms
460ms

Document
text/html

195.123.240.187
LAYER6

General

Check archive.org

Show headers Download Go to

Full URL

https://sweetloversclub.com/ayqseeqwikzzhr?s2=358f06ne86j1op2c

Requested by

Host: tefasexelo.medalgraphics.com
URL: http://tefasexelo.medalgraphics.com/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

195.123.240.187 Los Angeles, United States, ASN204957 (LAYER6, UA),

Reverse DNS

vds-353518.hosted-by-itldc.com

Software

Resource Hash

36825644a52cb062a2ac1596571ee13ee3eb4646d7582646399f554d1ce63ed2

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

:method: GET
:authority: sweetloversclub.com
:scheme: https
:path: /ayqseeqwikzzhr?s2=358f06ne86j1op2c
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3
sec-fetch-site: cross-site
referer: http://tefasexelo.medalgraphics.com/
accept-encoding: gzip, deflate, br
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Referer: http://tefasexelo.medalgraphics.com/

Response headers

status: 200
date: Tue, 03 Sep 2019 12:04:15 GMT
content-type: text/html; charset=utf-8
vary: Accept-Encoding
cache-control: max-age=0, private, must-revalidate
cross-origin-window-policy: deny
set-cookie: k=SFMyNTY.g3QAAAAIbQAAAARhdW5xdAAAAAFtAAAABTEwNjU3bQAAAApLWEJteUp6VmRSbQAAAANoaWRtAAAAI2FPVVZzZ09HSEx6cXVPcUhFamVReVFFeVdnTmppUE1MQ2phbQAAAAJobGQAA25pbG0AAAACcmR0AAAABGQACl9fc3RydWN0X19kABhFbGl4aXIuVGRleC5Sb3RhdGlvbkRhdGFkAA5jbGlja2VkX29mZmVyc3QAAAAAZAAIbGFuZGluZ3NsAAAAAWIAAAPhamQAC3NlZW5fb2ZmZXJzbAAAAAFiAAApYWptAAAABXN1Yl8xZAADbmlsbQAAAAVzdWJfMm0AAAAQMzU4ZjA2bmU4Nmoxb3AyY20AAAAHdHJhY2tlcm0AAAAHbm90cmFja20AAAADdW5xbQAAAAxxcWhhWW5YT1pEVEQ.zG6Zo8ZEg50Y_-1m2xocpOwBbsIz8rncbENjWAf7_Jc; path=/; expires=Wed, 02 Sep 2020 12:04:15 GMT; max-age=31536000 uord=d5fb59fe3eed5c6a8846428e34535587; path=/; expires=Thu, 02 Sep 2021 12:04:15 GMT; max-age=63072000; HttpOnly
x-content-type-options: nosniff
x-download-options: noopen
x-permitted-cross-domain-policies: none
x-xss-protection: 1; mode=block
content-encoding: gzip

Redirect headers

Date: Tue, 03 Sep 2019 12:04:14 GMT
Content-Type: text/html; charset=utf-8
Transfer-Encoding: chunked
Connection: keep-alive
Set-Cookie: __cfduid=da9092f14234a408e4cb6f803be3567001567512254; expires=Wed, 02-Sep-20 12:04:14 GMT; path=/; domain=.bestzinka.site; HttpOnly 847ba=eyJ0eXAiOiJKV1QiLCJhbGciOiJIUzI1NiJ9.eyJkYXRhIjoie1wic3RyZWFtc1wiOntcIjE1N1wiOjE1Njc1MTIyNTR9LFwiY2FtcGFpZ25zXCI6e1wiMjRcIjoxNTY3NTEyMjU0fSxcInRpbWVcIjoxNTY3NTEyMjU0fSJ9.a1uIhDtE3_nRZlRO1w_4r19CwhOQoJVWsg4NJrLkBrE; expires=Fri, 04-Oct-2019 12:04:14 GMT; Max-Age=2678400; path=/; domain=.bestzinka.site
Expires: Thu, 21 Jul 1977 07:30:00 GMT
Last-Modified: Tue, 03 Sep 2019 12:04:14 GMT
Cache-Control: max-age=0
Pragma: no-cache
Location: https://sweetloversclub.com/ayqseeqwikzzhr?s2=358f06ne86j1op2c
Server: cloudflare
CF-RAY: 510795c80a67bebf-FRA

GET
H2 200 m1.jpg
t-r-f-k.com/assets/0383cf9f6b7fc05ccb21faa674e10ed1/images/ 73 KB
73 KB 206ms
102ms Image
image/jpeg 95.216.190.44
HETZNER-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://t-r-f-k.com/assets/0383cf9f6b7fc05ccb21faa674e10ed1/images/m1.jpg
Requested by: Host: sweetloversclub.com
URL: https://sweetloversclub.com/ayqseeqwikzzhr?s2=358f06ne86j1op2c
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 95.216.190.44 , Finland, ASN24940 (HETZNER-AS, DE),
Reverse DNS: static.44.190.216.95.clients.your-server.de
Software: /
Resource Hash: 8bcc773d5e53ce816fc37961d45abfa28cb0b59d640639496df4b9df64043994

Request headers

Sec-Fetch-Mode: no-cors
Referer: https://sweetloversclub.com/ayqseeqwikzzhr?s2=358f06ne86j1op2c
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Tue, 03 Sep 2019 12:04:15 GMT
last-modified: Wed, 31 Jul 2019 13:10:20 GMT
etag: "5d41933c-12280"
status: 200
access-control-allow-methods: GET, POST, OPTIONS
content-type: image/jpeg
access-control-allow-origin: *
access-control-expose-headers: Content-Length,Content-Range
accept-ranges: bytes
access-control-allow-headers: DNT,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range
content-length: 74368

GET
H2 200 m2.jpg
t-r-f-k.com/assets/0383cf9f6b7fc05ccb21faa674e10ed1/images/ 75 KB
76 KB 205ms
102ms Image
image/jpeg 95.216.190.44
HETZNER-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://t-r-f-k.com/assets/0383cf9f6b7fc05ccb21faa674e10ed1/images/m2.jpg
Requested by: Host: sweetloversclub.com
URL: https://sweetloversclub.com/ayqseeqwikzzhr?s2=358f06ne86j1op2c
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 95.216.190.44 , Finland, ASN24940 (HETZNER-AS, DE),
Reverse DNS: static.44.190.216.95.clients.your-server.de
Software: /
Resource Hash: 85ed44a04343d830f16444a99c987f3bdb8411995640460b3f43fa8852203d49

Request headers

Sec-Fetch-Mode: no-cors
Referer: https://sweetloversclub.com/ayqseeqwikzzhr?s2=358f06ne86j1op2c
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Tue, 03 Sep 2019 12:04:15 GMT
last-modified: Wed, 31 Jul 2019 13:10:20 GMT
etag: "5d41933c-12d29"
status: 200
access-control-allow-methods: GET, POST, OPTIONS
content-type: image/jpeg
access-control-allow-origin: *
access-control-expose-headers: Content-Length,Content-Range
accept-ranges: bytes
access-control-allow-headers: DNT,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range
content-length: 77097

GET
H2 200 m3.jpg
t-r-f-k.com/assets/0383cf9f6b7fc05ccb21faa674e10ed1/images/ 67 KB
68 KB 205ms
102ms Image
image/jpeg 95.216.190.44
HETZNER-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://t-r-f-k.com/assets/0383cf9f6b7fc05ccb21faa674e10ed1/images/m3.jpg
Requested by: Host: sweetloversclub.com
URL: https://sweetloversclub.com/ayqseeqwikzzhr?s2=358f06ne86j1op2c
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 95.216.190.44 , Finland, ASN24940 (HETZNER-AS, DE),
Reverse DNS: static.44.190.216.95.clients.your-server.de
Software: /
Resource Hash: 6398c4e45acf65d8dcf1dad876ce3dfcd721f1616cf5fc60cf79503d7dcf1a1c

Request headers

Sec-Fetch-Mode: no-cors
Referer: https://sweetloversclub.com/ayqseeqwikzzhr?s2=358f06ne86j1op2c
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Tue, 03 Sep 2019 12:04:15 GMT
last-modified: Wed, 31 Jul 2019 13:10:20 GMT
etag: "5d41933c-10c82"
status: 200
access-control-allow-methods: GET, POST, OPTIONS
content-type: image/jpeg
access-control-allow-origin: *
access-control-expose-headers: Content-Length,Content-Range
accept-ranges: bytes
access-control-allow-headers: DNT,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range
content-length: 68738

GET
H2 200 m4.jpg
t-r-f-k.com/assets/0383cf9f6b7fc05ccb21faa674e10ed1/images/ 71 KB
72 KB 205ms
102ms Image
image/jpeg 95.216.190.44
HETZNER-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://t-r-f-k.com/assets/0383cf9f6b7fc05ccb21faa674e10ed1/images/m4.jpg
Requested by: Host: sweetloversclub.com
URL: https://sweetloversclub.com/ayqseeqwikzzhr?s2=358f06ne86j1op2c
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 95.216.190.44 , Finland, ASN24940 (HETZNER-AS, DE),
Reverse DNS: static.44.190.216.95.clients.your-server.de
Software: /
Resource Hash: e6472bc8ba369c64247221ab66a7d5547dd9f00d1d3b2b9eeeeba72fda472404

Request headers

Sec-Fetch-Mode: no-cors
Referer: https://sweetloversclub.com/ayqseeqwikzzhr?s2=358f06ne86j1op2c
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Tue, 03 Sep 2019 12:04:15 GMT
last-modified: Wed, 31 Jul 2019 13:10:20 GMT
etag: "5d41933c-11d1b"
status: 200
access-control-allow-methods: GET, POST, OPTIONS
content-type: image/jpeg
access-control-allow-origin: *
access-control-expose-headers: Content-Length,Content-Range
accept-ranges: bytes
access-control-allow-headers: DNT,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range
content-length: 72987

GET
H2 200 m5.jpg
t-r-f-k.com/assets/0383cf9f6b7fc05ccb21faa674e10ed1/images/ 79 KB
79 KB 204ms
101ms Image
image/jpeg 95.216.190.44
HETZNER-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://t-r-f-k.com/assets/0383cf9f6b7fc05ccb21faa674e10ed1/images/m5.jpg
Requested by: Host: sweetloversclub.com
URL: https://sweetloversclub.com/ayqseeqwikzzhr?s2=358f06ne86j1op2c
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 95.216.190.44 , Finland, ASN24940 (HETZNER-AS, DE),
Reverse DNS: static.44.190.216.95.clients.your-server.de
Software: /
Resource Hash: c39eda18dc957624f1addebfd163bc938586be9dcec766aee8ca82ce3bcdc3b1

Request headers

Sec-Fetch-Mode: no-cors
Referer: https://sweetloversclub.com/ayqseeqwikzzhr?s2=358f06ne86j1op2c
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Tue, 03 Sep 2019 12:04:15 GMT
last-modified: Wed, 31 Jul 2019 13:10:20 GMT
etag: "5d41933c-13b7c"
status: 200
access-control-allow-methods: GET, POST, OPTIONS
content-type: image/jpeg
access-control-allow-origin: *
access-control-expose-headers: Content-Length,Content-Range
accept-ranges: bytes
access-control-allow-headers: DNT,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range
content-length: 80764

GET
H2 200 loader.gif
t-r-f-k.com/assets/0383cf9f6b7fc05ccb21faa674e10ed1/images/ 22 KB
22 KB 31ms
30ms Image
image/gif 95.216.190.44
HETZNER-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://t-r-f-k.com/assets/0383cf9f6b7fc05ccb21faa674e10ed1/images/loader.gif
Requested by: Host: sweetloversclub.com
URL: https://sweetloversclub.com/ayqseeqwikzzhr?s2=358f06ne86j1op2c
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 95.216.190.44 , Finland, ASN24940 (HETZNER-AS, DE),
Reverse DNS: static.44.190.216.95.clients.your-server.de
Software: /
Resource Hash: 0c8130be8dd00bd453b77db4f15b01490dcf41cf510c6467f9f9df0c0bb5a9c6

Request headers

Sec-Fetch-Mode: no-cors
Referer: https://sweetloversclub.com/ayqseeqwikzzhr?s2=358f06ne86j1op2c
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Tue, 03 Sep 2019 12:04:16 GMT
last-modified: Wed, 31 Jul 2019 13:10:17 GMT
etag: "5d419339-5854"
status: 200
access-control-allow-methods: GET, POST, OPTIONS
content-type: image/gif
access-control-allow-origin: *
access-control-expose-headers: Content-Length,Content-Range
accept-ranges: bytes
access-control-allow-headers: DNT,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range
content-length: 22612

GET
H2 200 script.min.js Show response
t-r-f-k.com/assets/0383cf9f6b7fc05ccb21faa674e10ed1/ 254 KB
76 KB 204ms
101ms Script
application/javascript 95.216.190.44
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://t-r-f-k.com/assets/0383cf9f6b7fc05ccb21faa674e10ed1/script.min.js
Requested by: Host: sweetloversclub.com
URL: https://sweetloversclub.com/ayqseeqwikzzhr?s2=358f06ne86j1op2c
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 95.216.190.44 , Finland, ASN24940 (HETZNER-AS, DE),
Reverse DNS: static.44.190.216.95.clients.your-server.de
Software: /
Resource Hash: 5251cf98254d41a97b0f43822b7b2d8400966db377fc7b0d2aacca902809847d

Request headers

Sec-Fetch-Mode: no-cors
Referer: https://sweetloversclub.com/ayqseeqwikzzhr?s2=358f06ne86j1op2c
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Tue, 03 Sep 2019 12:04:15 GMT
content-encoding: gzip
last-modified: Wed, 31 Jul 2019 13:09:33 GMT
status: 200
etag: W/"5d41930d-3f802"
vary: Accept-Encoding
access-control-allow-methods: GET, POST, OPTIONS
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
access-control-expose-headers: Content-Length,Content-Range
access-control-allow-headers: DNT,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range

GET
H2 200 p.js Show response
sweetloversclub.com/ 425 B
1 KB 455ms
454ms Script
application/javascript 195.123.240.187
LAYER6

General

Check archive.org

Show headers Download Go to

Full URL

https://sweetloversclub.com/p.js?a=143977&cr=9556&lid=3883&mh=YU9VVnNnT0dITHpxdU9xSEVqZVF5UUV5V2dOamlQTUxDamEtMTAwODc%3D&p=0

Requested by

Host: sweetloversclub.com
URL: https://sweetloversclub.com/ayqseeqwikzzhr?s2=358f06ne86j1op2c

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

195.123.240.187 Los Angeles, United States, ASN204957 (LAYER6, UA),

Reverse DNS

vds-353518.hosted-by-itldc.com

Software

Resource Hash

a7c1965e5e2c9be320ead18ed07bffe1daaaff9241166bc66e7b65d32f2a2ca6

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Sec-Fetch-Mode: no-cors
Referer: https://sweetloversclub.com/ayqseeqwikzzhr?s2=358f06ne86j1op2c
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Tue, 03 Sep 2019 12:04:16 GMT
x-content-type-options: nosniff
x-permitted-cross-domain-policies: none
cross-origin-window-policy: deny
x-download-options: noopen
content-type: application/javascript; charset=utf-8
status: 200
cache-control: max-age=0, private, must-revalidate
content-length: 425
x-xss-protection: 1; mode=block

GET
H2 200 bg.jpg
t-r-f-k.com/assets/0383cf9f6b7fc05ccb21faa674e10ed1/images/ 288 KB
289 KB 152ms
54ms Image
image/jpeg 95.216.190.44
HETZNER-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://t-r-f-k.com/assets/0383cf9f6b7fc05ccb21faa674e10ed1/images/bg.jpg
Requested by: Host: sweetloversclub.com
URL: https://sweetloversclub.com/ayqseeqwikzzhr?s2=358f06ne86j1op2c
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 95.216.190.44 , Finland, ASN24940 (HETZNER-AS, DE),
Reverse DNS: static.44.190.216.95.clients.your-server.de
Software: /
Resource Hash: 7d3d51fcfcc00f760bd4b42828806fb71c96fa76858b81b8a248fc8f434af1e5

Request headers

Sec-Fetch-Mode: no-cors
Referer: https://sweetloversclub.com/ayqseeqwikzzhr?s2=358f06ne86j1op2c
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Tue, 03 Sep 2019 12:04:15 GMT
last-modified: Wed, 31 Jul 2019 13:10:19 GMT
etag: "5d41933b-480dc"
status: 200
access-control-allow-methods: GET, POST, OPTIONS
content-type: image/jpeg
access-control-allow-origin: *
access-control-expose-headers: Content-Length,Content-Range
accept-ranges: bytes
access-control-allow-headers: DNT,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range
content-length: 295132

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain: img11.hostingpics.net
URL: http://img11.hostingpics.net/pics/95941420140203162952.jpg

Domain: www.rencontrelove.info
URL: http://www.rencontrelove.info/photos/0674

Verdicts & Comments Add Verdict or Comment

3 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

function| $ function| jQuery string| u

2 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

			Domain/Path	Expires	Name / Value
			sweetloversclub.com/	1970-01-19 12:10:48	Name: k Value: SFMyNTY.g3QAAAAIbQAAAARhdW5xdAAAAAFtAAAABTEwNjU3bQAAAApLWEJteUp6VmRSbQAAAANoaWRtAAAAI2FPVVZzZ09HSEx6cXVPcUhFamVReVFFeVdnTmppUE1MQ2phbQAAAAJobGEBbQAAAAJyZHQAAAAEZAAKX19zdHJ1Y3RfX2QAGEVsaXhpci5UZGV4LlJvdGF0aW9uRGF0YWQADmNsaWNrZWRfb2ZmZXJzdAAAAABkAAhsYW5kaW5nc2wAAAABYgAAA-FqZAALc2Vlbl9vZmZlcnNsAAAAAWIAAClham0AAAAFc3ViXzFkAANuaWxtAAAABXN1Yl8ybQAAABAzNThmMDZuZTg2ajFvcDJjbQAAAAd0cmFja2VybQAAAAdub3RyYWNrbQAAAAN1bnFtAAAADHFxaGFZblhPWkRURA.mbtov7nfYrwq23CFhXrE1PBMTvEaiulW4qpEhgaoD2U
			sweetloversclub.com/	1970-01-19 20:56:24	Name: uord Value: d5fb59fe3eed5c6a8846428e34535587

1 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
console-api	log	URL: http://tefasexelo.medalgraphics.com/wp-includes/js/jquery/jquery-migrate.min.js?ver=1.4.1(Line 2) Message: JQMIGRATE: Migrate is installed, version 1.4.1

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

2.bp.blogspot.com
bestzinka.site
counter.yadro.ru
culturebox.francetvinfo.fr
ehpad-foucharupt.fr
fonts.googleapis.com
fonts.gstatic.com
g.otcdn.com
i.f1g.fr
i.skyrock.net
img.over-blog-kiwi.com
img11.hostingpics.net
img54.imagetwist.com
media.gemo.fr
static.culturepub.fr
sweetloversclub.com
t-r-f-k.com
tefasexelo.medalgraphics.com
www.alorsquoidefun.fr
www.francetvinfo.fr
www.gauthierdebock.com
www.magiesdumonde.fr
www.plancul-gratuit.fr
www.rencontrelove.info
www.secondechance.org
img11.hostingpics.net
www.rencontrelove.info
104.111.252.249
104.27.133.228
104.27.188.236
185.22.109.96
195.123.240.187
195.154.28.207
195.20.15.34
2.16.186.152
213.186.33.3
213.186.33.40
2606:4700:10::6814:34b1
2606:4700:20::681a:a58
2606:4700:30::681b:9588
2a00:1450:4001:816::2003
2a00:1450:4001:81c::2001
2a00:1450:4001:81f::200a
45.60.124.86
66.96.149.32
88.212.196.77
91.203.187.6
95.131.136.119
95.216.190.44
07fe80f161cd63b0dfb6d8e7b990d03404656f7982b97e0c63a6c17b1c4eb5d8
0c8130be8dd00bd453b77db4f15b01490dcf41cf510c6467f9f9df0c0bb5a9c6
0e16c1755f809d290b0c5e746654f10169af40c580767e0765bdd43fc542dfce
0edf31f19105d4c3dc2fcccbc17afb38e09ced7b7b161ffd616850d6befc0f21
1a969426e95655a88aea6b40a6401d75e1c38eebd54aa913c931a3ddef8d452f
29c88ffd90e9e23a84b7d660aa11f936e97648ab52e84fdb8a1bef9b4e9b4586
2c5d842708f52550e1d0a21787148827cf4d6de91fae3db960b048840e40f9af
2dfe28cbdb83f01c940de6a88ab86200154fd772d568035ac568664e52068363
36825644a52cb062a2ac1596571ee13ee3eb4646d7582646399f554d1ce63ed2
3a94e7decd3d60f105d886365fa994e74dbe593dc781aadc13531a6321c1e0cc
426fd2386eccd69783cae6988dde56dc74314d168a5b572f1bb621d6e84bda22
44a947b84d612dfbb0031de1b59f60bb6ba538445ae478cf4e0835ae856498c3
48e80337a0d77a00c63bd5294fa32195eea810d6fe707194055c19846b34bc13
48eb8b500ae6a38617b5738d2b3faec481922a7782246e31d2755c034a45cd5d
4c6cf0709b8e52572cae1fb57128acd0a5a453c9ce99dc3712a1860ff90c6bf8
5251cf98254d41a97b0f43822b7b2d8400966db377fc7b0d2aacca902809847d
62554277d07b20c6bfae7c6267b3198b4846f604a37d4085bf9f54c392210b56
6398c4e45acf65d8dcf1dad876ce3dfcd721f1616cf5fc60cf79503d7dcf1a1c
64bec8c5a62bf047dbf2b9a2e6c4e758eeb72bb463ee1e4046cd69d64cffebfa
7bc888c8cd6b01db0f5eb0d0329ba3eec72f61036fd87c31b5210f9bd9988665
7d3d51fcfcc00f760bd4b42828806fb71c96fa76858b81b8a248fc8f434af1e5
7de0bc076c1b7e0836e537fe53b9ee0d424183a564c6ea9e818ce2c77e0f6293
85ed44a04343d830f16444a99c987f3bdb8411995640460b3f43fa8852203d49
85fdb91b90d8ac4c8148424f459584561d35b270445946eba8583dc10cccf785
8bcc773d5e53ce816fc37961d45abfa28cb0b59d640639496df4b9df64043994
992cf2e1377a0be0c4985ba72ce177679daeeca3a8e5b310b0a73f011d45d013
a041dae2e153c2b9b54aff02896557ae4c901de1d13c01d32850126e8cc2efe5
a7ae494e41f2124ae3f0df1ebf06e2ffa93d3ec0ef97fe1083bba6bb4c7b6888
a7c1965e5e2c9be320ead18ed07bffe1daaaff9241166bc66e7b65d32f2a2ca6
bae08bdc5ae2b8e7a449403839d9316eaeba80fb78f951c9663973714908ea30
c15647da5e2cc4fb6bc79881eb7d9da33ceb139678ab96c3417e752173000ba6
c2baf7e285b3cfbd07a9aad9cbcf15b3c7752f96a387ac1fd299f321e4a09e6f
c39eda18dc957624f1addebfd163bc938586be9dcec766aee8ca82ce3bcdc3b1
c49ba1ec99b3fccdf8bde7e9ceff55eca35db9831ef46925d9e680e2c7422a5e
c75930bf2b158f6b59171596dfe685afbba59a71b9b5fb6eacb6e94bba599409
d073d6fd3142e78bd33528f2613f2e557b31063a952501f1f7b4c41558392d63
d23e23341dd9ede31799ec9c3cf354c05b51a227ce4f8b8ae3d4409d5d36fb5e
dcb5e540e62fc85857254a1066afb6a7e8999279c6d4c583eef855d39f9289c0
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e6472bc8ba369c64247221ab66a7d5547dd9f00d1d3b2b9eeeeba72fda472404
fc48d1d80ece71a79a7b39877f4104d49d3da6c3665cf6dc203000fb7df4447e

sweetloversclub.com Open in urlscan Pro 195.123.240.187 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page URL History Show full URLs

Detected technologies

Page Statistics

45 Requests

40 %HTTPS

27 %IPv6

24 Domains

25 Subdomains

22 IPs

7 Countries

2904 kBTransfer

3619 kBSize

2 Cookies

0 Outgoing links

Page URL History

Redirected requests

45 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 0 data transactions

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

sweetloversclub.com Open in urlscan Pro
195.123.240.187 Public Scan

Screenshot
Live screenshot

Full Image

45
Requests

40 %
HTTPS

27 %
IPv6

24
Domains

25
Subdomains

22
IPs

7
Countries

2904 kB
Transfer

3619 kB
Size

2
Cookies

45 HTTP transactions
0 data transactions