best-hot-men1.com Open in urlscan Pro
185.89.103.6 Malicious Activity! Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
http://www.gadgetfactory.eu/
Effective URL:
https://best-hot-men1.com/?u=cmwkae3&o=k5g8fnx&t=08-01-frgzip&cid=gay;3e234a5aca
Submission: On June 03 via manual (June 3rd 2019, 3:31:09 am UTC) from SG

Summary HTTP 30 Redirects Behaviour Indicators

Summary

This website contacted 6 IPs in 4 countries across 6 domains to perform 30 HTTP transactions. The main IP is 185.89.103.6, located in Spain and belongs to LLHOST // M247, RO. The main domain is best-hot-men1.com.
TLS certificate: Issued by Let's Encrypt Authority X3 on April 23rd 2019. Valid for: 3 months.

This is the only time best-hot-men1.com was scanned on urlscan.io!

urlscan.io Verdict: Potentially Malicious

Targeting these brands: Generic Porn Scam (Online)

Domain & IP information

	IP Address	AS Autonomous System
1 1	2606:4700:30:... 2606:4700:30::6818:6277	13335 (CLOUDFLAR...) (CLOUDFLARENET - Cloudflare)
1 13	2606:4700:30:... 2606:4700:30::6818:6377	13335 (CLOUDFLAR...) (CLOUDFLARENET - Cloudflare)
2	2a00:1450:400... 2a00:1450:4001:819::200a	15169 (GOOGLE) (GOOGLE - Google LLC)
1 2	88.212.196.66 88.212.196.66	39134 (UNITEDNET) (UNITEDNET)
2	2a00:1450:400... 2a00:1450:4001:808::2003	15169 (GOOGLE) (GOOGLE - Google LLC)
1 1	2606:4700:30:... 2606:4700:30::681c:394	13335 (CLOUDFLAR...) (CLOUDFLARENET - Cloudflare)
1 13	185.89.103.6 185.89.103.6	202023 (LLHOST //...) (LLHOST // M247)
30	6

1 2606:4700:30::6818:6277 (United States) 1 redirects

ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US)

www.gadgetfactory.eu	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

13 2606:4700:30::6818:6377 (United States) 1 redirects

ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US)

www.gadgetfactory.eu	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
gadgetfactory.eu	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:819::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE - Google LLC, US)

fonts.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 88.212.196.66 (Russian Federation) 1 redirects

ASN39134 (UNITEDNET, RU)
PTR: host26.rax.ru

counter.yadro.ru	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:808::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE - Google LLC, US)

fonts.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700:30::681c:394 (United States) 1 redirects

ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US)

hosttracker.top	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

13 185.89.103.6 (Spain) 1 redirects

ASN202023 (LLHOST // M247, RO)

best-hot-men1.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
14	gadgetfactory.eu 2 redirects www.gadgetfactory.eu gadgetfactory.eu	94 KB
13	best-hot-men1.com 1 redirects best-hot-men1.com	732 KB
2	gstatic.com fonts.gstatic.com	25 KB
2	yadro.ru 1 redirects counter.yadro.ru	969 B
2	googleapis.com fonts.googleapis.com	1 KB
1	hosttracker.top 1 redirects hosttracker.top	548 B
30	6

	Domain	Requested by
13	best-hot-men1.com	1 redirects gadgetfactory.eu best-hot-men1.com
12	gadgetfactory.eu	gadgetfactory.eu
2	fonts.gstatic.com	gadgetfactory.eu best-hot-men1.com
2	counter.yadro.ru	1 redirects
2	fonts.googleapis.com	gadgetfactory.eu best-hot-men1.com
2	www.gadgetfactory.eu	2 redirects
1	hosttracker.top	1 redirects
30	7

This site contains no links.

Subject Issuer	Validity	Valid
sni.cloudflaressl.com CloudFlare Inc ECC CA-2	`2019-01-04` - `2020-01-04`	a year	crt.sh
*.googleapis.com Google Internet Authority G3	`2019-05-14` - `2019-08-06`	3 months	crt.sh
counter.yadro.ru COMODO ECC Domain Validation Secure Server CA	`2018-04-09` - `2020-04-08`	2 years	crt.sh
*.google.com Google Internet Authority G3	`2019-05-14` - `2019-08-06`	3 months	crt.sh
best-hot-men1.com Let's Encrypt Authority X3	`2019-04-23` - `2019-07-22`	3 months	crt.sh

This page contains 1 frames:

Primary Page: https://best-hot-men1.com/?u=cmwkae3&o=k5g8fnx&t=08-01-frgzip&cid=gay;3e234a5aca
Frame ID: E2BEB5254C9B11D4133A17FCC8E80395
Requests: 30 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page URL History Show full URLs

http://www.gadgetfactory.eu/ HTTP 301
https://www.gadgetfactory.eu/ HTTP 301
https://gadgetfactory.eu/ Page URL
http://hosttracker.top/gay/08-01-frgzip HTTP 302
http://best-hot-men1.com/?u=cmwkae3&o=k5g8fnx&t=08-01-frgzip&cid=gay;3e234a5aca HTTP 301
https://best-hot-men1.com/?u=cmwkae3&o=k5g8fnx&t=08-01-frgzip&cid=gay;3e234a5aca Page URL

Detected technologies

CloudFlare (CDN) Expand

Overall confidence: 100%
Detected patterns

headers server /cloudflare/i

jQuery (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

env /^jQuery$/i

Page Statistics

30
Requests

97 %
HTTPS

71 %
IPv6

6
Domains

7
Subdomains

6
IPs

4
Countries

852 kB
Transfer

1156 kB
Size

1
Cookies

0 Outgoing links

These are links going to different origins than the main page.

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

http://www.gadgetfactory.eu/ HTTP 301
https://www.gadgetfactory.eu/ HTTP 301
https://gadgetfactory.eu/ Page URL
http://hosttracker.top/gay/08-01-frgzip HTTP 302
http://best-hot-men1.com/?u=cmwkae3&o=k5g8fnx&t=08-01-frgzip&cid=gay;3e234a5aca HTTP 301
https://best-hot-men1.com/?u=cmwkae3&o=k5g8fnx&t=08-01-frgzip&cid=gay;3e234a5aca Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 0

http://www.gadgetfactory.eu/ HTTP 301
https://www.gadgetfactory.eu/ HTTP 301
https://gadgetfactory.eu/

Request Chain 14

https://counter.yadro.ru/hit;frgay?r;s1600*1200*24;uhttps%3A//gadgetfactory.eu/;hSauna%20montreuil%20-%20gadgetfactory.eu;0.8799471279796298 HTTP 302
https://counter.yadro.ru/hit;frgay?q;r;s1600*1200*24;uhttps%3A//gadgetfactory.eu/;hSauna%20montreuil%20-%20gadgetfactory.eu;0.8799471279796298

30 HTTP transactions
0 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2

200

/ Show response
gadgetfactory.eu/
Redirect Chain

http://www.gadgetfactory.eu/
https://www.gadgetfactory.eu/
https://gadgetfactory.eu/

80 KB
15 KB

326ms
298ms

Document
text/html

2606:4700:30::6818:6377
Cloudflare

General

Check archive.org

Show headers Download Go to

Full URL: https://gadgetfactory.eu/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:30::6818:6377 , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),
Reverse DNS
Software: cloudflare / PHP/5.6.40
Resource Hash: cfabd87c2b3a1d962fbea13c093dd4aef47684b93dc0a8db439a2a28f26d0a5f

Request headers

:method: GET
:authority: gadgetfactory.eu
:scheme: https
:path: /
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3
accept-encoding: gzip, deflate, br
cookie: __cfduid=d58749abe05577751e7c7a441843ef1091559532651
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

status: 200
date: Mon, 03 Jun 2019 03:30:51 GMT
content-type: text/html; charset=UTF-8
x-powered-by: PHP/5.6.40
set-cookie: js=on
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
server: cloudflare
cf-ray: 4e0e973fc85f27a2-FRA
content-encoding: br

Redirect headers

status: 301
date: Mon, 03 Jun 2019 03:30:51 GMT
content-type: text/html; charset=iso-8859-1
location: https://gadgetfactory.eu/
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
server: cloudflare
cf-ray: 4e0e973f782d27a2-FRA

GET
H2 200 font-awesome.min.css
gadgetfactory.eu/wp-content/themes/oviyan-lite/assets/css/ 30 KB
7 KB 14ms
13ms Stylesheet
text/css 2606:4700:30::6818:6377
Cloudflare

General

Check archive.org

Show headers Download Go to

Full URL: https://gadgetfactory.eu/wp-content/themes/oviyan-lite/assets/css/font-awesome.min.css?ver=1.0.3
Requested by: Host: gadgetfactory.eu
URL: https://gadgetfactory.eu/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:30::6818:6377 , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),
Reverse DNS
Software: cloudflare /
Resource Hash: 820e169ce24824066d9973fd4b6561aae9dcd6dbef6435da905d5a1d6482997c

Request headers

Referer: https://gadgetfactory.eu/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Mon, 03 Jun 2019 03:30:51 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Tue, 08 Jan 2019 15:56:30 GMT
server: cloudflare
etag: W/"5c34c82e-791c"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: text/css
status: 200
cache-control: public, max-age=315360000
cf-ray: 4e0e9741b90227a2-FRA
expires: Thu, 31 May 2029 03:30:51 GMT

GET
H2 200 custombox.min.css
gadgetfactory.eu/wp-content/themes/oviyan-lite/assets/css/ 41 KB
4 KB 33ms
32ms Stylesheet
text/css 2606:4700:30::6818:6377
Cloudflare

General

Check archive.org

Show headers Download Go to

Full URL: https://gadgetfactory.eu/wp-content/themes/oviyan-lite/assets/css/custombox.min.css?ver=1.0.3
Requested by: Host: gadgetfactory.eu
URL: https://gadgetfactory.eu/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:30::6818:6377 , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),
Reverse DNS
Software: cloudflare /
Resource Hash: deb3d40a52e939dc606cacea278753f149b56d19b6619994069659687e3a7728

Request headers

Referer: https://gadgetfactory.eu/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Mon, 03 Jun 2019 03:30:51 GMT
content-encoding: br
cf-cache-status: MISS
last-modified: Tue, 08 Jan 2019 15:56:30 GMT
server: cloudflare
etag: W/"5c34c82e-a3b3"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: text/css
status: 200
cache-control: public, max-age=315360000
cf-ray: 4e0e9741b90327a2-FRA
expires: Thu, 31 May 2029 03:30:51 GMT

GET
H2 200 css
fonts.googleapis.com/ 8 KB
877 B 15ms
14ms Stylesheet
text/css 2a00:1450:4001:819::200a
Google LLC

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Poppins%3A400%2C500%2C700%7CRoboto%3A400%2C500&subset=latin%2Clatin-ext

Requested by

Host: gadgetfactory.eu
URL: https://gadgetfactory.eu/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:819::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

Software

ESF /

Resource Hash

3f826fd1cbe141e9e2cd04970f5a99de4c58a367bf3ecffdc69461ebaa5d015c

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://gadgetfactory.eu/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: br
last-modified: Mon, 03 Jun 2019 03:30:51 GMT
server: ESF
access-control-allow-origin: *
date: Mon, 03 Jun 2019 03:30:51 GMT
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
status: 200
alt-svc: quic=":443"; ma=2592000; v="46,44,43,39"
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
x-xss-protection: 0
expires: Mon, 03 Jun 2019 03:30:51 GMT

GET
H2 200 style.css
gadgetfactory.eu/wp-content/themes/oviyan-lite/ 65 KB
13 KB 40ms
39ms Stylesheet
text/css 2606:4700:30::6818:6377
Cloudflare

General

Check archive.org

Show headers Download Go to

Full URL: https://gadgetfactory.eu/wp-content/themes/oviyan-lite/style.css?ver=1.0.3
Requested by: Host: gadgetfactory.eu
URL: https://gadgetfactory.eu/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:30::6818:6377 , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),
Reverse DNS
Software: cloudflare /
Resource Hash: fbd5a3c340ef46a98a86a35a914f4208dfe385d9460a5348d5b69b9221f7e8ca

Request headers

Referer: https://gadgetfactory.eu/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Mon, 03 Jun 2019 03:30:51 GMT
content-encoding: br
cf-cache-status: MISS
last-modified: Tue, 08 Jan 2019 15:56:30 GMT
server: cloudflare
etag: W/"5c34c82e-10240"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: text/css
status: 200
cache-control: public, max-age=315360000
cf-ray: 4e0e9741b90427a2-FRA
expires: Thu, 31 May 2029 03:30:51 GMT

GET
H2 200 jquery.js Show response
gadgetfactory.eu/wp-includes/js/jquery/ 95 KB
32 KB 48ms
47ms Script
application/javascript 2606:4700:30::6818:6377
Cloudflare

General

Check archive.org

Show headers Download Go to

Full URL: https://gadgetfactory.eu/wp-includes/js/jquery/jquery.js?ver=1.12.4
Requested by: Host: gadgetfactory.eu
URL: https://gadgetfactory.eu/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:30::6818:6377 , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),
Reverse DNS
Software: cloudflare /
Resource Hash: d7af201ae6da72fba3c5804dfa407006fdb642622c86dd9c2bcbac72789eabf2

Request headers

Referer: https://gadgetfactory.eu/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Mon, 03 Jun 2019 03:30:51 GMT
content-encoding: br
cf-cache-status: MISS
last-modified: Tue, 08 Jan 2019 15:56:32 GMT
server: cloudflare
etag: W/"5c34c830-17b9a"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: application/javascript
status: 200
cache-control: public, max-age=315360000
cf-ray: 4e0e9741b90527a2-FRA
expires: Thu, 31 May 2029 03:30:51 GMT

GET
H2 200 jquery-migrate.min.js Show response
gadgetfactory.eu/wp-includes/js/jquery/ 10 KB
4 KB 66ms
65ms Script
application/javascript 2606:4700:30::6818:6377
Cloudflare

General

Check archive.org

Show headers Download Go to

Full URL: https://gadgetfactory.eu/wp-includes/js/jquery/jquery-migrate.min.js?ver=1.4.1
Requested by: Host: gadgetfactory.eu
URL: https://gadgetfactory.eu/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:30::6818:6377 , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),
Reverse DNS
Software: cloudflare /
Resource Hash: 48eb8b500ae6a38617b5738d2b3faec481922a7782246e31d2755c034a45cd5d

Request headers

Referer: https://gadgetfactory.eu/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Mon, 03 Jun 2019 03:30:51 GMT
content-encoding: br
cf-cache-status: MISS
last-modified: Tue, 08 Jan 2019 15:56:32 GMT
server: cloudflare
etag: W/"5c34c830-2748"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: application/javascript
status: 200
cache-control: public, max-age=315360000
cf-ray: 4e0e9741b90627a2-FRA
expires: Thu, 31 May 2029 03:30:51 GMT

GET
H2 200 custombox.min.js Show response
gadgetfactory.eu/wp-content/themes/oviyan-lite/assets/js/ 15 KB
4 KB 32ms
32ms Script
application/javascript 2606:4700:30::6818:6377
Cloudflare

General

Check archive.org

Show headers Download Go to

Full URL: https://gadgetfactory.eu/wp-content/themes/oviyan-lite/assets/js/custombox.min.js?ver=4.8
Requested by: Host: gadgetfactory.eu
URL: https://gadgetfactory.eu/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:30::6818:6377 , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),
Reverse DNS
Software: cloudflare /
Resource Hash: 28c82d6f31afa407f0b1617b8c49854d7882795c828c8be1b307a6d7a8c359da

Request headers

Referer: https://gadgetfactory.eu/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Mon, 03 Jun 2019 03:30:51 GMT
content-encoding: br
cf-cache-status: MISS
last-modified: Tue, 08 Jan 2019 15:56:30 GMT
server: cloudflare
etag: W/"5c34c82e-3cc6"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: application/javascript
status: 200
cache-control: public, max-age=315360000
cf-ray: 4e0e9741b90727a2-FRA
expires: Thu, 31 May 2029 03:30:51 GMT

GET wp-emoji-release.min.js
gadgetfactory.eu/wp-includes/js/ 0
0

GET
H2 200 imagesloaded.min.js Show response
gadgetfactory.eu/wp-includes/js/ 8 KB
2 KB 40ms
39ms Script
application/javascript 2606:4700:30::6818:6377
Cloudflare

General

Check archive.org

Show headers Download Go to

Full URL: https://gadgetfactory.eu/wp-includes/js/imagesloaded.min.js?ver=3.2.0
Requested by: Host: gadgetfactory.eu
URL: https://gadgetfactory.eu/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:30::6818:6377 , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),
Reverse DNS
Software: cloudflare /
Resource Hash: 854d677b850907cd851eac7e3f02f05a1e056f05bd5563199c5d93044ff16840

Request headers

Referer: https://gadgetfactory.eu/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Mon, 03 Jun 2019 03:30:51 GMT
content-encoding: br
cf-cache-status: MISS
last-modified: Tue, 08 Jan 2019 15:56:32 GMT
server: cloudflare
etag: W/"5c34c830-1f3a"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: application/javascript
status: 200
cache-control: public, max-age=315360000
cf-ray: 4e0e9741d90d27a2-FRA
expires: Thu, 31 May 2029 03:30:51 GMT

GET
H2 200 masonry.min.js
gadgetfactory.eu/wp-includes/js/ 28 KB
8 KB 79ms
78ms Script
application/javascript 2606:4700:30::6818:6377
Cloudflare

General

Check archive.org

Show headers Download Go to

Full URL: https://gadgetfactory.eu/wp-includes/js/masonry.min.js?ver=3.3.2
Requested by: Host: gadgetfactory.eu
URL: https://gadgetfactory.eu/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:30::6818:6377 , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),
Reverse DNS
Software: cloudflare /
Resource Hash

Request headers

Referer: https://gadgetfactory.eu/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Mon, 03 Jun 2019 03:30:51 GMT
content-encoding: br
cf-cache-status: MISS
last-modified: Tue, 08 Jan 2019 15:56:32 GMT
server: cloudflare
etag: W/"5c34c830-711a"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: application/javascript
status: 200
cache-control: public, max-age=315360000
cf-ray: 4e0e9741d90e27a2-FRA
expires: Thu, 31 May 2029 03:30:51 GMT

GET
H2 200 theia-sticky-sidebar.js
gadgetfactory.eu/wp-content/themes/oviyan-lite/assets/js/ 15 KB
3 KB 77ms
76ms Script
application/javascript 2606:4700:30::6818:6377
Cloudflare

General

Check archive.org

Show headers Download Go to

Full URL: https://gadgetfactory.eu/wp-content/themes/oviyan-lite/assets/js/theia-sticky-sidebar.js?ver=1.0.3
Requested by: Host: gadgetfactory.eu
URL: https://gadgetfactory.eu/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:30::6818:6377 , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),
Reverse DNS
Software: cloudflare /
Resource Hash

Request headers

Referer: https://gadgetfactory.eu/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Mon, 03 Jun 2019 03:30:51 GMT
content-encoding: br
cf-cache-status: MISS
last-modified: Tue, 08 Jan 2019 15:56:30 GMT
server: cloudflare
etag: W/"5c34c82e-3de6"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: application/javascript
status: 200
cache-control: public, max-age=315360000
cf-ray: 4e0e9741d90f27a2-FRA
expires: Thu, 31 May 2029 03:30:51 GMT

GET
H2 200 public.js Show response
gadgetfactory.eu/wp-content/themes/oviyan-lite/assets/js/ 5 KB
2 KB 41ms
40ms Script
application/javascript 2606:4700:30::6818:6377
Cloudflare

General

Check archive.org

Show headers Download Go to

Full URL: https://gadgetfactory.eu/wp-content/themes/oviyan-lite/assets/js/public.js?ver=1.0.3
Requested by: Host: gadgetfactory.eu
URL: https://gadgetfactory.eu/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:30::6818:6377 , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),
Reverse DNS
Software: cloudflare /
Resource Hash: 99c7bee79bf1630c4a589d83b11b1b81a51e2c23c50c0df76aa6c38b20040545

Request headers

Referer: https://gadgetfactory.eu/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Mon, 03 Jun 2019 03:30:51 GMT
content-encoding: br
cf-cache-status: MISS
last-modified: Tue, 08 Jan 2019 15:56:30 GMT
server: cloudflare
etag: W/"5c34c82e-1375"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: application/javascript
status: 200
cache-control: public, max-age=315360000
cf-ray: 4e0e9741d91027a2-FRA
expires: Thu, 31 May 2029 03:30:51 GMT

GET
H2 200 wp-embed.min.js
gadgetfactory.eu/wp-includes/js/ 1 KB
708 B 63ms
63ms Script
application/javascript 2606:4700:30::6818:6377
Cloudflare

General

Check archive.org

Show headers Download Go to

Full URL: https://gadgetfactory.eu/wp-includes/js/wp-embed.min.js?ver=4.8
Requested by: Host: gadgetfactory.eu
URL: https://gadgetfactory.eu/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:30::6818:6377 , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),
Reverse DNS
Software: cloudflare /
Resource Hash

Request headers

Referer: https://gadgetfactory.eu/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Mon, 03 Jun 2019 03:30:51 GMT
content-encoding: br
cf-cache-status: MISS
last-modified: Tue, 08 Jan 2019 15:56:32 GMT
server: cloudflare
etag: W/"5c34c830-576"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: application/javascript
status: 200
cache-control: public, max-age=315360000
cf-ray: 4e0e9741d91227a2-FRA
expires: Thu, 31 May 2029 03:30:51 GMT

GET
H/1.1

200
OK

hit;frgay
counter.yadro.ru/
Redirect Chain

https://counter.yadro.ru/hit;frgay?r;s1600*1200*24;uhttps%3A//gadgetfactory.eu/;hSauna%20montreuil%20-%20gadgetfactory.eu;0.8799471279796298
https://counter.yadro.ru/hit;frgay?q;r;s1600*1200*24;uhttps%3A//gadgetfactory.eu/;hSauna%20montreuil%20-%20gadgetfactory.eu;0.8799471279796298

43 B
421 B

47ms
47ms

Image
image/gif

88.212.196.66
UNITEDNET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://counter.yadro.ru/hit;frgay?q;r;s1600*1200*24;uhttps%3A//gadgetfactory.eu/;hSauna%20montreuil%20-%20gadgetfactory.eu;0.8799471279796298
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 88.212.196.66 , Russian Federation, ASN39134 (UNITEDNET, RU),
Reverse DNS: host26.rax.ru
Software: nginx/1.11.1 /
Resource Hash

Request headers

Referer: https://gadgetfactory.eu/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Pragma: no-cache
Date: Mon, 03 Jun 2019 03:30:52 GMT
Server: nginx/1.11.1
P3P: policyref="/w3c/p3p.xml", CP="UNI"
Cache-control: no-cache
Connection: keep-alive
Content-Type: image/gif
Content-Length: 43
Expires: Sat, 02 Jun 2018 21:00:00 GMT

Redirect headers

Pragma: no-cache
Date: Mon, 03 Jun 2019 03:30:51 GMT
Server: nginx/1.11.1
P3P: policyref="/w3c/p3p.xml", CP="UNI"
Location: https://counter.yadro.ru/hit;frgay?q;r;s1600*1200*24;uhttps%3A//gadgetfactory.eu/;hSauna%20montreuil%20-%20gadgetfactory.eu;0.8799471279796298
Cache-control: no-cache
Connection: keep-alive
Content-Type: text/html
Content-Length: 32
Expires: Sat, 02 Jun 2018 21:00:00 GMT

GET
H2 200 KFOmCnqEu92Fr1Mu4mxKKTU1Kg.woff2
fonts.gstatic.com/s/roboto/v19/ 11 KB
11 KB 6ms
6ms Font
font/woff2 2a00:1450:4001:808::2003
Google LLC

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v19/KFOmCnqEu92Fr1Mu4mxKKTU1Kg.woff2

Requested by

Host: gadgetfactory.eu
URL: https://gadgetfactory.eu/wp-includes/js/jquery/jquery.js?ver=1.12.4

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:808::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

Software

sffe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Referer: https://fonts.googleapis.com/css?family=Poppins%3A400%2C500%2C700%7CRoboto%3A400%2C500&subset=latin%2Clatin-ext
Origin: https://gadgetfactory.eu

Response headers

date: Sun, 02 Jun 2019 04:36:10 GMT
x-content-type-options: nosniff
last-modified: Mon, 25 Mar 2019 20:13:33 GMT
server: sffe
age: 82481
content-type: font/woff2
status: 200
alt-svc: quic=":443"; ma=2592000; v="46,44,43,39"
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
access-control-allow-origin: *
content-length: 11016
x-xss-protection: 0
expires: Mon, 01 Jun 2020 04:36:10 GMT

GET
H/1.1

200
OK

Primary Request

Cookie set / Show response
best-hot-men1.com/
Redirect Chain

http://hosttracker.top/gay/08-01-frgzip
http://best-hot-men1.com/?u=cmwkae3&o=k5g8fnx&t=08-01-frgzip&cid=gay;3e234a5aca
https://best-hot-men1.com/?u=cmwkae3&o=k5g8fnx&t=08-01-frgzip&cid=gay;3e234a5aca

5 KB
5 KB

223ms
119ms

Document
text/html

185.89.103.6
LLHOST // M247

General

Check archive.org

Show headers Download Go to

Full URL: https://best-hot-men1.com/?u=cmwkae3&o=k5g8fnx&t=08-01-frgzip&cid=gay;3e234a5aca
Requested by: Host: gadgetfactory.eu
URL: https://gadgetfactory.eu/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305
Server: 185.89.103.6 , Spain, ASN202023 (LLHOST // M247, RO),
Reverse DNS
Software: nginx/1.12.0 / ASP.NET
Resource Hash: 1ac9dcfc50dde6a8ae2764cc6b671dee82158afc2ee7545d48cb3374ef334aa5

Request headers

Host: best-hot-men1.com
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3
Referer: https://gadgetfactory.eu/
Accept-Encoding: gzip, deflate, br
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Referer: https://gadgetfactory.eu/

Response headers

Server: nginx/1.12.0
Date: Mon, 03 Jun 2019 03:30:52 GMT
Content-Type: text/html
Content-Length: 5084
Connection: keep-alive
Cache-Control: private
Set-Cookie: ASP.NET_SessionId=uxabbomnlk3skq2ci3l2yxu1; path=/; HttpOnly
X-AspNet-Version: 4.0.30319
X-Powered-By: ASP.NET

Redirect headers

Server: nginx/1.12.0
Date: Mon, 03 Jun 2019 03:30:52 GMT
Content-Type: text/html
Content-Length: 185
Connection: keep-alive
Location: https://best-hot-men1.com/?u=cmwkae3&o=k5g8fnx&t=08-01-frgzip&cid=gay;3e234a5aca

GET
H/1.1 200
OK main.css
best-hot-men1.com/media/gay-dating/casualblue/ 17 KB
17 KB 117ms
117ms Stylesheet
text/css 185.89.103.6
LLHOST // M247

General

Check archive.org

Show headers Download Go to

Full URL: https://best-hot-men1.com/media/gay-dating/casualblue/main.css
Requested by: Host: best-hot-men1.com
URL: https://best-hot-men1.com/?u=cmwkae3&o=k5g8fnx&t=08-01-frgzip&cid=gay;3e234a5aca
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305
Server: 185.89.103.6 , Spain, ASN202023 (LLHOST // M247, RO),
Reverse DNS
Software: nginx/1.12.0 / ASP.NET
Resource Hash: 56af7a068812205e353c4ff5dae20cb0cd0af377d46426445fc2e9f913379523

Request headers

Referer: https://best-hot-men1.com/?u=cmwkae3&o=k5g8fnx&t=08-01-frgzip&cid=gay;3e234a5aca
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date: Mon, 03 Jun 2019 03:30:52 GMT
Last-Modified: Thu, 14 Jun 2018 08:04:49 GMT
Server: nginx/1.12.0
X-Powered-By: ASP.NET
ETag: "80a69b5db63d41:0"
Content-Type: text/css
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 17173

GET
H/1.1 200
OK script.min.js Show response
best-hot-men1.com/media/gay-dating/casualblue/ 252 KB
252 KB 203ms
115ms Script
application/javascript 185.89.103.6
LLHOST // M247

General

Check archive.org

Show headers Download Go to

Full URL: https://best-hot-men1.com/media/gay-dating/casualblue/script.min.js
Requested by: Host: best-hot-men1.com
URL: https://best-hot-men1.com/?u=cmwkae3&o=k5g8fnx&t=08-01-frgzip&cid=gay;3e234a5aca
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305
Server: 185.89.103.6 , Spain, ASN202023 (LLHOST // M247, RO),
Reverse DNS
Software: nginx/1.12.0 / ASP.NET
Resource Hash: a89a643bb3381c19af071b02a48d17d9bed190c73892482a70191ae2979bcabc

Request headers

Referer: https://best-hot-men1.com/?u=cmwkae3&o=k5g8fnx&t=08-01-frgzip&cid=gay;3e234a5aca
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date: Mon, 03 Jun 2019 03:30:52 GMT
Last-Modified: Wed, 17 Oct 2018 12:58:38 GMT
Server: nginx/1.12.0
X-Powered-By: ASP.NET
ETag: "a2f7161f1966d41:0"
Content-Type: application/javascript
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 257555

GET
H/1.1 200
OK function.js Show response
best-hot-men1.com/media/gay-dating/casualblue/ 770 B
1 KB 214ms
118ms Script
application/javascript 185.89.103.6
LLHOST // M247

General

Check archive.org

Show headers Download Go to

Full URL: https://best-hot-men1.com/media/gay-dating/casualblue/function.js
Requested by: Host: best-hot-men1.com
URL: https://best-hot-men1.com/?u=cmwkae3&o=k5g8fnx&t=08-01-frgzip&cid=gay;3e234a5aca
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305
Server: 185.89.103.6 , Spain, ASN202023 (LLHOST // M247, RO),
Reverse DNS
Software: nginx/1.12.0 / ASP.NET
Resource Hash: e9b6ef34d09410121159f6966b08997629af9383335be392dc86946a692855b3

Request headers

Referer: https://best-hot-men1.com/?u=cmwkae3&o=k5g8fnx&t=08-01-frgzip&cid=gay;3e234a5aca
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date: Mon, 03 Jun 2019 03:30:52 GMT
Last-Modified: Wed, 17 Oct 2018 12:51:34 GMT
Server: nginx/1.12.0
X-Powered-By: ASP.NET
ETag: "f2d156221866d41:0"
Content-Type: application/javascript
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 770

GET
H2 200 css
fonts.googleapis.com/ 767 B
435 B 16ms
16ms Stylesheet
text/css 2a00:1450:4001:819::200a
Google LLC

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Lato&subset=latin-ext

Requested by

Host: best-hot-men1.com
URL: https://best-hot-men1.com/?u=cmwkae3&o=k5g8fnx&t=08-01-frgzip&cid=gay;3e234a5aca

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:819::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

Software

ESF /

Resource Hash

2939d607a8ad67edbc7ade28075844c18c904d4b2b87145db848382a50af0214

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://best-hot-men1.com/?u=cmwkae3&o=k5g8fnx&t=08-01-frgzip&cid=gay;3e234a5aca
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: br
last-modified: Mon, 03 Jun 2019 03:30:52 GMT
server: ESF
access-control-allow-origin: *
date: Mon, 03 Jun 2019 03:30:52 GMT
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
status: 200
alt-svc: quic=":443"; ma=2592000; v="46,44,43,39"
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
x-xss-protection: 0
expires: Mon, 03 Jun 2019 03:30:52 GMT

GET
H/1.1 200
OK no.png
best-hot-men1.com/media/gay-dating/casualblue/ 3 KB
3 KB 115ms
114ms Image
image/png 185.89.103.6
LLHOST // M247

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://best-hot-men1.com/media/gay-dating/casualblue/no.png
Requested by: Host: best-hot-men1.com
URL: https://best-hot-men1.com/?u=cmwkae3&o=k5g8fnx&t=08-01-frgzip&cid=gay;3e234a5aca
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305
Server: 185.89.103.6 , Spain, ASN202023 (LLHOST // M247, RO),
Reverse DNS
Software: nginx/1.12.0 / ASP.NET
Resource Hash: fedd7527d1cceee3052bf4bb62e76d56e8200a115d8a2affae23a125578b7ad1

Request headers

Referer: https://best-hot-men1.com/media/gay-dating/casualblue/main.css
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date: Mon, 03 Jun 2019 03:30:53 GMT
Last-Modified: Tue, 10 Apr 2018 08:55:11 GMT
Server: nginx/1.12.0
X-Powered-By: ASP.NET
ETag: "80812a2a9d0d31:0"
Content-Type: image/png
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 3134

GET
H/1.1 200
OK yes.png
best-hot-men1.com/media/gay-dating/casualblue/ 3 KB
4 KB 120ms
119ms Image
image/png 185.89.103.6
LLHOST // M247

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://best-hot-men1.com/media/gay-dating/casualblue/yes.png
Requested by: Host: best-hot-men1.com
URL: https://best-hot-men1.com/?u=cmwkae3&o=k5g8fnx&t=08-01-frgzip&cid=gay;3e234a5aca
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305
Server: 185.89.103.6 , Spain, ASN202023 (LLHOST // M247, RO),
Reverse DNS
Software: nginx/1.12.0 / ASP.NET
Resource Hash: 6bfdecff876226c1e233f71e7b0b1a6e0eb238281a52156c39f051691dd88a43

Request headers

Referer: https://best-hot-men1.com/media/gay-dating/casualblue/main.css
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date: Mon, 03 Jun 2019 03:30:53 GMT
Last-Modified: Tue, 10 Apr 2018 08:55:04 GMT
Server: nginx/1.12.0
X-Powered-By: ASP.NET
ETag: "064d69da9d0d31:0"
Content-Type: image/png
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 3480

GET
H/1.1 200
OK 1.jpg
best-hot-men1.com/media/gay-dating/casualblue/ 165 KB
165 KB 188ms
187ms Image
image/jpeg 185.89.103.6
LLHOST // M247

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://best-hot-men1.com/media/gay-dating/casualblue/1.jpg
Requested by: Host: best-hot-men1.com
URL: https://best-hot-men1.com/?u=cmwkae3&o=k5g8fnx&t=08-01-frgzip&cid=gay;3e234a5aca
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305
Server: 185.89.103.6 , Spain, ASN202023 (LLHOST // M247, RO),
Reverse DNS
Software: nginx/1.12.0 / ASP.NET
Resource Hash: ed30589998d2025cac925b2841e0d9ea6166574d45bcb284588b6cb8fae62e80

Request headers

Referer: https://best-hot-men1.com/media/gay-dating/casualblue/main.css
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date: Mon, 03 Jun 2019 03:30:53 GMT
Last-Modified: Wed, 18 Apr 2018 20:59:11 GMT
Server: nginx/1.12.0
X-Powered-By: ASP.NET
ETag: "8079921958d7d31:0"
Content-Type: image/jpeg
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 168773

GET
H/1.1 200
OK pattern.png
best-hot-men1.com/media/gay-dating/casualblue/ 3 KB
3 KB 218ms
114ms Image
image/png 185.89.103.6
LLHOST // M247

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://best-hot-men1.com/media/gay-dating/casualblue/pattern.png
Requested by: Host: best-hot-men1.com
URL: https://best-hot-men1.com/?u=cmwkae3&o=k5g8fnx&t=08-01-frgzip&cid=gay;3e234a5aca
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305
Server: 185.89.103.6 , Spain, ASN202023 (LLHOST // M247, RO),
Reverse DNS
Software: nginx/1.12.0 / ASP.NET
Resource Hash: 5cbc28ef1cf07ab8956014b581aa2b96baac861237975813702e63c886b0c004

Request headers

Referer: https://best-hot-men1.com/media/gay-dating/casualblue/main.css
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date: Mon, 03 Jun 2019 03:30:53 GMT
Last-Modified: Tue, 10 Apr 2018 08:53:54 GMT
Server: nginx/1.12.0
X-Powered-By: ASP.NET
ETag: "03d1d74a9d0d31:0"
Content-Type: image/png
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 2801

GET
H/1.1 200
OK 2.jpg
best-hot-men1.com/media/gay-dating/casualblue/ 85 KB
85 KB 223ms
119ms Image
image/jpeg 185.89.103.6
LLHOST // M247

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://best-hot-men1.com/media/gay-dating/casualblue/2.jpg
Requested by: Host: best-hot-men1.com
URL: https://best-hot-men1.com/?u=cmwkae3&o=k5g8fnx&t=08-01-frgzip&cid=gay;3e234a5aca
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305
Server: 185.89.103.6 , Spain, ASN202023 (LLHOST // M247, RO),
Reverse DNS
Software: nginx/1.12.0 / ASP.NET
Resource Hash: 6aea8f591cc7f2f25d11946cbc7b5377dbbe86cc6f221a3814574e3601056911

Request headers

Referer: https://best-hot-men1.com/media/gay-dating/casualblue/main.css
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date: Mon, 03 Jun 2019 03:30:53 GMT
Last-Modified: Wed, 18 Apr 2018 20:59:12 GMT
Server: nginx/1.12.0
X-Powered-By: ASP.NET
ETag: "0102b1a58d7d31:0"
Content-Type: image/jpeg
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 86768

GET
H/1.1 200
OK 3.jpg
best-hot-men1.com/media/gay-dating/casualblue/ 100 KB
101 KB 269ms
157ms Image
image/jpeg 185.89.103.6
LLHOST // M247

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://best-hot-men1.com/media/gay-dating/casualblue/3.jpg
Requested by: Host: best-hot-men1.com
URL: https://best-hot-men1.com/?u=cmwkae3&o=k5g8fnx&t=08-01-frgzip&cid=gay;3e234a5aca
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305
Server: 185.89.103.6 , Spain, ASN202023 (LLHOST // M247, RO),
Reverse DNS
Software: nginx/1.12.0 / ASP.NET
Resource Hash: 4eba2a4dfde4563485621c4864756ba08463da0b97df844867fba552dbfd81a0

Request headers

Referer: https://best-hot-men1.com/media/gay-dating/casualblue/main.css
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date: Mon, 03 Jun 2019 03:30:53 GMT
Last-Modified: Wed, 18 Apr 2018 20:59:13 GMT
Server: nginx/1.12.0
X-Powered-By: ASP.NET
ETag: "80a6c31a58d7d31:0"
Content-Type: image/jpeg
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 102660

GET
H/1.1 200
OK 4.jpg
best-hot-men1.com/media/gay-dating/casualblue/ 95 KB
95 KB 153ms
152ms Image
image/jpeg 185.89.103.6
LLHOST // M247

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://best-hot-men1.com/media/gay-dating/casualblue/4.jpg
Requested by: Host: best-hot-men1.com
URL: https://best-hot-men1.com/?u=cmwkae3&o=k5g8fnx&t=08-01-frgzip&cid=gay;3e234a5aca
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305
Server: 185.89.103.6 , Spain, ASN202023 (LLHOST // M247, RO),
Reverse DNS
Software: nginx/1.12.0 / ASP.NET
Resource Hash: 646e18aae71f710fe7477d827310609b22b35a07ace0033a92c2043418d6dbda

Request headers

Referer: https://best-hot-men1.com/media/gay-dating/casualblue/main.css
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date: Mon, 03 Jun 2019 03:30:53 GMT
Last-Modified: Wed, 18 Apr 2018 20:59:13 GMT
Server: nginx/1.12.0
X-Powered-By: ASP.NET
ETag: "80a6c31a58d7d31:0"
Content-Type: image/jpeg
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 97054

GET
H2 200 S6uyw4BMUTPHjx4wXiWtFCc.woff2
fonts.gstatic.com/s/lato/v15/ 14 KB
14 KB 6ms
6ms Font
font/woff2 2a00:1450:4001:808::2003
Google LLC

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/lato/v15/S6uyw4BMUTPHjx4wXiWtFCc.woff2

Requested by

Host: best-hot-men1.com
URL: https://best-hot-men1.com/?u=cmwkae3&o=k5g8fnx&t=08-01-frgzip&cid=gay;3e234a5aca

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:808::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

Software

sffe /

Resource Hash

036d841b132c14046e26d8f2da1bc634c6ad34885ed1295660694a91c98933a6

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Referer: https://fonts.googleapis.com/css?family=Lato&subset=latin-ext
Origin: https://best-hot-men1.com

Response headers

date: Mon, 03 Jun 2019 02:10:52 GMT
x-content-type-options: nosniff
last-modified: Mon, 25 Mar 2019 20:13:00 GMT
server: sffe
age: 4801
content-type: font/woff2
status: 200
alt-svc: quic=":443"; ma=2592000; v="46,44,43,39"
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
access-control-allow-origin: *
content-length: 14044
x-xss-protection: 0
expires: Tue, 02 Jun 2020 02:10:52 GMT

GET
H/1.1 404
Not Found alert.mp3 Show response
best-hot-men1.com/media/gay-dating/casualblue/ 1 KB
1 KB 120ms
120ms XHR
text/html 185.89.103.6
LLHOST // M247

General

Check archive.org

Show headers Download Go to

Full URL: https://best-hot-men1.com/media/gay-dating/casualblue/alert.mp3
Requested by: Host: best-hot-men1.com
URL: https://best-hot-men1.com/?u=cmwkae3&o=k5g8fnx&t=08-01-frgzip&cid=gay;3e234a5aca
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305
Server: 185.89.103.6 , Spain, ASN202023 (LLHOST // M247, RO),
Reverse DNS
Software: nginx/1.12.0 / ASP.NET
Resource Hash: dc1d54dab6ec8c00f70137927504e4f222c8395f10760b6beecfcfa94e08249f

Request headers

Referer: https://best-hot-men1.com/?u=cmwkae3&o=k5g8fnx&t=08-01-frgzip&cid=gay;3e234a5aca
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date: Mon, 03 Jun 2019 03:30:53 GMT
Server: nginx/1.12.0
Connection: keep-alive
X-Powered-By: ASP.NET
Content-Length: 1245
Content-Type: text/html

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain: gadgetfactory.eu
URL: http://gadgetfactory.eu/wp-includes/js/wp-emoji-release.min.js?ver=4.8

Verdicts & Comments Add Verdict or Comment

Potentially malicious activity detected
Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!

urlscan

Phishing against: Generic Porn Scam (Online)

10 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

1 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

			Domain/Path	Expires	Name / Value
			best-hot-men1.com/	1969-12-31 23:59:59	Name: ASP.NET_SessionId Value: uxabbomnlk3skq2ci3l2yxu1

1 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
console-api	log	URL: https://gadgetfactory.eu/wp-includes/js/jquery/jquery-migrate.min.js?ver=1.4.1(Line 2) Message: JQMIGRATE: Migrate is installed, version 1.4.1

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

best-hot-men1.com
counter.yadro.ru
fonts.googleapis.com
fonts.gstatic.com
gadgetfactory.eu
hosttracker.top
www.gadgetfactory.eu
gadgetfactory.eu
185.89.103.6
2606:4700:30::6818:6277
2606:4700:30::6818:6377
2606:4700:30::681c:394
2a00:1450:4001:808::2003
2a00:1450:4001:819::200a
88.212.196.66
036d841b132c14046e26d8f2da1bc634c6ad34885ed1295660694a91c98933a6
1ac9dcfc50dde6a8ae2764cc6b671dee82158afc2ee7545d48cb3374ef334aa5
28c82d6f31afa407f0b1617b8c49854d7882795c828c8be1b307a6d7a8c359da
2939d607a8ad67edbc7ade28075844c18c904d4b2b87145db848382a50af0214
3f826fd1cbe141e9e2cd04970f5a99de4c58a367bf3ecffdc69461ebaa5d015c
48eb8b500ae6a38617b5738d2b3faec481922a7782246e31d2755c034a45cd5d
4eba2a4dfde4563485621c4864756ba08463da0b97df844867fba552dbfd81a0
56af7a068812205e353c4ff5dae20cb0cd0af377d46426445fc2e9f913379523
5cbc28ef1cf07ab8956014b581aa2b96baac861237975813702e63c886b0c004
646e18aae71f710fe7477d827310609b22b35a07ace0033a92c2043418d6dbda
6aea8f591cc7f2f25d11946cbc7b5377dbbe86cc6f221a3814574e3601056911
6bfdecff876226c1e233f71e7b0b1a6e0eb238281a52156c39f051691dd88a43
820e169ce24824066d9973fd4b6561aae9dcd6dbef6435da905d5a1d6482997c
854d677b850907cd851eac7e3f02f05a1e056f05bd5563199c5d93044ff16840
99c7bee79bf1630c4a589d83b11b1b81a51e2c23c50c0df76aa6c38b20040545
a89a643bb3381c19af071b02a48d17d9bed190c73892482a70191ae2979bcabc
cfabd87c2b3a1d962fbea13c093dd4aef47684b93dc0a8db439a2a28f26d0a5f
d7af201ae6da72fba3c5804dfa407006fdb642622c86dd9c2bcbac72789eabf2
dc1d54dab6ec8c00f70137927504e4f222c8395f10760b6beecfcfa94e08249f
deb3d40a52e939dc606cacea278753f149b56d19b6619994069659687e3a7728
e9b6ef34d09410121159f6966b08997629af9383335be392dc86946a692855b3
ed30589998d2025cac925b2841e0d9ea6166574d45bcb284588b6cb8fae62e80
fbd5a3c340ef46a98a86a35a914f4208dfe385d9460a5348d5b69b9221f7e8ca
fedd7527d1cceee3052bf4bb62e76d56e8200a115d8a2affae23a125578b7ad1

best-hot-men1.com Open in urlscan Pro 185.89.103.6 Malicious Activity! Public Scan

Summary

urlscan.io Verdict: Potentially Malicious

Domain & IP information

Screenshot Live screenshot Full Image

Page URL History Show full URLs

Detected technologies

Page Statistics

30 Requests

97 %HTTPS

71 %IPv6

6 Domains

7 Subdomains

6 IPs

4 Countries

852 kBTransfer

1156 kBSize

1 Cookies

0 Outgoing links

Page URL History

Redirected requests

30 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 0 data transactions

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

best-hot-men1.com Open in urlscan Pro
185.89.103.6 Malicious Activity! Public Scan

Screenshot
Live screenshot

Full Image

30
Requests

97 %
HTTPS

71 %
IPv6

6
Domains

7
Subdomains

6
IPs

4
Countries

852 kB
Transfer

1156 kB
Size

1
Cookies

30 HTTP transactions
0 data transactions

Potentially malicious activity detected
Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!