urlscan.io logo urlscan.io
SecurityTrails logo

raphael-romero.com Open in urlscan Pro
2a02:4780:27:1144:0:3518:b731:3  Public Scan

Go To Rescan Add Verdict Report
Submitted URL: http://raphael-romero.com/
Effective URL: https://raphael-romero.com/
Submission: On October 11 via api from US — Scanned from FR
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 13 IPs in 4 countries across 11 domains to perform 17 HTTP transactions. The main IP is 2a02:4780:27:1144:0:3518:b731:3, located in Paris, France and belongs to AS-HOSTINGER, CY. The main domain is raphael-romero.com.
TLS certificate: Issued by R11 on October 8th 2024. Valid for: 3 months.
This is the only time raphael-romero.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
3 2a02:4780:27:... 47583 (AS-HOSTINGER)
1 2a00:1450:400... 15169 (GOOGLE)
2 142.250.185.195 15169 (GOOGLE)
2 62.72.37.30 47583 (AS-HOSTINGER)
1 2606:4700:20:... 13335 (CLOUDFLAR...)
1 104.18.27.62 13335 (CLOUDFLAR...)
2 104.18.66.220 13335 (CLOUDFLAR...)
1 2a04:4e42::396 54113 (FASTLY)
1 2606:4700:440... 13335 (CLOUDFLAR...)
1 2606:4700:10:... 13335 (CLOUDFLAR...)
1 2620:1ec:29:1... 8075 (MICROSOFT...)
1 3.160.150.90 16509 (AMAZON-02)
17 13
3    2a02:4780:27:1144:0:3518:b731:3 (Paris, France)

ASN47583 (AS-HOSTINGER, CY)
raphael-romero.com
1    2a00:1450:4001:80b::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
fonts.googleapis.com
2    142.250.185.195 (United States)

ASN15169 (GOOGLE, US)
PTR: fra16s52-in-f3.1e100.net
fonts.gstatic.com
2    62.72.37.30 (Paris, France)

ASN47583 (AS-HOSTINGER, CY)
raphael-romero.com
1    2606:4700:20::681a:32d (United States)

ASN13335 (CLOUDFLARENET, US)
motionbgs.com
1    104.18.27.62 (None, )

ASN13335 (CLOUDFLARENET, US)
staticg.sportskeeda.com
2    104.18.66.220 (None, )

ASN13335 (CLOUDFLARENET, US)
images.pexels.com
1    2a04:4e42::396 (United States)

ASN54113 (FASTLY, US)
external-preview.redd.it
1    2606:4700:4400::6812:2527 (United States)

ASN13335 (CLOUDFLARENET, US)
www.moneyvox.fr
1    2606:4700:10::6814:4c84 (United States)

ASN13335 (CLOUDFLARENET, US)
images7.alphacoders.com
1    2620:1ec:29:1::64 (United States)

ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US)
cdn.oneesports.gg
1    3.160.150.90 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-3-160-150-90.fra60.r.cloudfront.net
wallpapers.com
Apex Domain
Subdomains		 Transfer
5 raphael-romero.com
raphael-romero.com
106 KB
2 pexels.com
images.pexels.com — Cisco Umbrella Rank: 42190
2 MB
2 gstatic.com
fonts.gstatic.com
32 KB
1 wallpapers.com
wallpapers.com — Cisco Umbrella Rank: 41403
35 KB
1 oneesports.gg
cdn.oneesports.gg — Cisco Umbrella Rank: 235701
439 KB
1 alphacoders.com
images7.alphacoders.com — Cisco Umbrella Rank: 184656
1 MB
1 moneyvox.fr
www.moneyvox.fr
67 KB
1 redd.it
external-preview.redd.it — Cisco Umbrella Rank: 3948
152 KB
1 sportskeeda.com
staticg.sportskeeda.com — Cisco Umbrella Rank: 48595
155 KB
1 motionbgs.com
motionbgs.com — Cisco Umbrella Rank: 295410
177 KB
1 googleapis.com
fonts.googleapis.com — Cisco Umbrella Rank: 30
1 KB
17 11

This site contains no links.

Subject Issuer Validity Valid
raphael-romero.com
R11		 2024-10-08 -
2025-01-06		 3 months crt.sh
upload.video.google.com
WR2		 2024-09-24 -
2024-12-17		 3 months crt.sh
*.gstatic.com
WR2		 2024-09-24 -
2024-12-17		 3 months crt.sh
motionbgs.com
WE1		 2024-09-25 -
2024-12-24		 3 months crt.sh
staticg.sportskeeda.com
WE1		 2024-10-06 -
2025-01-04		 3 months crt.sh
images.pexels.com
E5		 2024-08-25 -
2024-11-23		 3 months crt.sh
*.redd.it
DigiCert TLS RSA SHA256 2020 CA1		 2024-05-30 -
2024-11-26		 6 months crt.sh
moneyvox.fr
WE1		 2024-10-11 -
2025-01-09		 3 months crt.sh
images7.alphacoders.com
WE1		 2024-08-30 -
2024-11-28		 3 months crt.sh
cdn.oneesports.gg
DigiCert TLS RSA SHA256 2020 CA1		 2024-06-19 -
2025-06-19		 a year crt.sh
wallpapers.com
Amazon RSA 2048 M02		 2024-04-14 -
2025-05-13		 a year crt.sh

This page contains 1 frames:

Primary Page: https://raphael-romero.com/
Frame ID: 01DA931C36A2C48D48C8246E65870D47
Requests: 18 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page Title

ROMERO Raphaël

Page URL History Show full URLs

  1. http://raphael-romero.com/ HTTP 307
    https://raphael-romero.com/ Page URL

Detected technologies

Overall confidence: 100%
Detected patterns
  • <a[^>]*href=[^>]*/Cart

Page Statistics

17
Requests

100 %
HTTPS

58 %
IPv6

11
Domains

11
Subdomains

13
IPs

4
Countries

4883 kB
Transfer

5088 kB
Size

4
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. http://raphael-romero.com/ HTTP 307
    https://raphael-romero.com/ Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

17 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Primary Request /
raphael-romero.com/
Redirect Chain
  • http://raphael-romero.com/
  • https://raphael-romero.com/
484 B
576 B 		Document
General
Check archive.org
Download Go to
Full URL
https://raphael-romero.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:4780:27:1144:0:3518:b731:3 Paris, France, ASN47583 (AS-HOSTINGER, CY),
Reverse DNS
Software
LiteSpeed /
Resource Hash
e99632f165517369af07983a438ffb85caacc9d1708180d11250c346d54f678e
Security Headers
Name Value
Content-Security-Policy upgrade-insecure-requests

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36

Response headers

accept-ranges
bytes
alt-svc
h3=":443"; ma=2592000, h3-29=":443"; ma=2592000, h3-Q050=":443"; ma=2592000, h3-Q046=":443"; ma=2592000, h3-Q043=":443"; ma=2592000, quic=":443"; ma=2592000; v="43,46"
content-encoding
br
content-length
231
content-security-policy
upgrade-insecure-requests
content-type
text/html
date
Fri, 11 Oct 2024 10:09:23 GMT
etag
"1e4-666822ad-5cc6a00feeca1422;br"
last-modified
Tue, 11 Jun 2024 10:10:53 GMT
panel
hpanel
platform
hostinger
server
LiteSpeed
vary
Accept-Encoding

Redirect headers

Location
https://raphael-romero.com/
Non-Authoritative-Reason
HttpsUpgrades
index-40rY7uov.js
raphael-romero.com/assets/ 		283 KB
97 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://raphael-romero.com/assets/index-40rY7uov.js
Requested by
Host: raphael-romero.com
URL: https://raphael-romero.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:4780:27:1144:0:3518:b731:3 Paris, France, ASN47583 (AS-HOSTINGER, CY),
Reverse DNS
Software
LiteSpeed /
Resource Hash
39c2069233ee4e526e46178cf435396c519716141dbcf14fc480e58e4d42b7b3
Security Headers
Name Value
Content-Security-Policy upgrade-insecure-requests

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Origin
https://raphael-romero.com
Referer
https://raphael-romero.com/

Response headers

panel
hpanel
content-security-policy
upgrade-insecure-requests
cache-control
public, max-age=604800
content-encoding
br
etag
"46c87-666822b7-defcb556df6bd02b;br"
expires
Fri, 18 Oct 2024 10:09:23 GMT
accept-ranges
bytes
content-length
98761
date
Fri, 11 Oct 2024 10:09:23 GMT
content-type
application/x-javascript
last-modified
Tue, 11 Jun 2024 10:11:03 GMT
vary
Accept-Encoding
server
LiteSpeed
platform
hostinger
index-jBbLWRV-.css
raphael-romero.com/assets/ 		10 KB
2 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://raphael-romero.com/assets/index-jBbLWRV-.css
Requested by
Host: raphael-romero.com
URL: https://raphael-romero.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:4780:27:1144:0:3518:b731:3 Paris, France, ASN47583 (AS-HOSTINGER, CY),
Reverse DNS
Software
LiteSpeed /
Resource Hash
145fac9f5daad28bbd38d7da8a767ec6cd10a78f2d3014a5e14bf4242ddae6a4
Security Headers
Name Value
Content-Security-Policy upgrade-insecure-requests

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Origin
https://raphael-romero.com
Referer
https://raphael-romero.com/

Response headers

panel
hpanel
content-security-policy
upgrade-insecure-requests
cache-control
public, max-age=604800
content-encoding
br
etag
"29d8-666822b7-f0c90d0398ec28f0;br"
expires
Fri, 18 Oct 2024 10:09:23 GMT
accept-ranges
bytes
content-length
2030
date
Fri, 11 Oct 2024 10:09:23 GMT
content-type
text/css
last-modified
Tue, 11 Jun 2024 10:11:03 GMT
vary
Accept-Encoding
server
LiteSpeed
platform
hostinger
css2
fonts.googleapis.com/ 		8 KB
1 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css2?family=Karantina:wght@300;400;700&family=Lato:wght@100;300;400;700;900&family=Major+Mono+Display&display=swap
Requested by
Host: raphael-romero.com
URL: https://raphael-romero.com/assets/index-jBbLWRV-.css
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80b::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
53c29ca7167f4f773f5d0b997f9d945a780dd7c19a71fc296b46d6c5022607d7
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://raphael-romero.com/

Response headers

content-encoding
gzip
x-content-type-options
nosniff
expires
Fri, 11 Oct 2024 10:09:23 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date
Fri, 11 Oct 2024 10:09:23 GMT
content-type
text/css; charset=utf-8
last-modified
Fri, 11 Oct 2024 10:09:23 GMT
x-frame-options
SAMEORIGIN
strict-transport-security
max-age=31536000
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
cross-origin-opener-policy
same-origin-allow-popups
cross-origin-resource-policy
cross-origin
access-control-allow-origin
*
x-xss-protection
0
server
ESF
RWmVoLyb5fEqtsfBX9PDZIGr2tFubRh7DXeR.woff2
fonts.gstatic.com/s/majormonodisplay/v16/ 		17 KB
17 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/majormonodisplay/v16/RWmVoLyb5fEqtsfBX9PDZIGr2tFubRh7DXeR.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css2?family=Karantina:wght@300;400;700&family=Lato:wght@100;300;400;700;900&family=Major+Mono+Display&display=swap
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.185.195 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s52-in-f3.1e100.net
Software
sffe /
Resource Hash
3f511c5df16bebfe72942217cc436671fb63d217c5ceb78916cca3f3e5d9d75b
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Origin
https://raphael-romero.com
Referer
https://fonts.googleapis.com/

Response headers

age
240943
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
x-content-type-options
nosniff
expires
Wed, 08 Oct 2025 15:13:40 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date
Tue, 08 Oct 2024 15:13:40 GMT
last-modified
Thu, 24 Aug 2023 17:32:17 GMT
content-type
font/woff2
cache-control
public, max-age=31536000
timing-allow-origin
*
cross-origin-opener-policy
same-origin; report-to="apps-themes"
cross-origin-resource-policy
cross-origin
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
accept-ranges
bytes
access-control-allow-origin
*
content-length
17528
x-xss-protection
0
server
sffe
buE0po24ccnh31GVMAB59wo6.woff2
fonts.gstatic.com/s/karantina/v11/ 		15 KB
15 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/karantina/v11/buE0po24ccnh31GVMAB59wo6.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css2?family=Karantina:wght@300;400;700&family=Lato:wght@100;300;400;700;900&family=Major+Mono+Display&display=swap
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.185.195 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s52-in-f3.1e100.net
Software
sffe /
Resource Hash
8e22e8601cb927cfcaa560470c56f4913def5cb16bc74a9ead9b072cbabe4ced
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Origin
https://raphael-romero.com
Referer
https://fonts.googleapis.com/

Response headers

age
559754
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
x-content-type-options
nosniff
expires
Sat, 04 Oct 2025 22:40:09 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date
Fri, 04 Oct 2024 22:40:09 GMT
last-modified
Tue, 26 Apr 2022 14:50:01 GMT
content-type
font/woff2
cache-control
public, max-age=31536000
timing-allow-origin
*
cross-origin-opener-policy
same-origin; report-to="apps-themes"
cross-origin-resource-policy
cross-origin
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
accept-ranges
bytes
access-control-allow-origin
*
content-length
14920
x-xss-protection
0
server
sffe
data.json
raphael-romero.com/assets/ 		15 KB
4 KB 		Fetch
General
Check archive.org
Download Go to
Full URL
https://raphael-romero.com/assets/data.json
Requested by
Host: raphael-romero.com
URL: https://raphael-romero.com/assets/index-40rY7uov.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
62.72.37.30 Paris, France, ASN47583 (AS-HOSTINGER, CY),
Reverse DNS
Software
LiteSpeed /
Resource Hash
3f3a65b32e2c59cfc6fe32d40e3c3c9124acd31b26ea9f6dfe87e81b266290cd
Security Headers
Name Value
Content-Security-Policy upgrade-insecure-requests

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://raphael-romero.com/

Response headers

panel
hpanel
content-security-policy
upgrade-insecure-requests
content-encoding
br
etag
"3bc2-666822d9-1e3218d7b5614b95;br"
accept-ranges
bytes
alt-svc
h3=":443"; ma=2592000, h3-29=":443"; ma=2592000, h3-Q050=":443"; ma=2592000, h3-Q046=":443"; ma=2592000, h3-Q043=":443"; ma=2592000, quic=":443"; ma=2592000; v="43,46"
content-length
4136
date
Fri, 11 Oct 2024 10:09:23 GMT
content-type
application/json
last-modified
Tue, 11 Jun 2024 10:11:37 GMT
vary
Accept-Encoding
server
LiteSpeed
platform
hostinger
logo_perso-sPWtWAYe.ico
raphael-romero.com/assets/ 		3 KB
3 KB 		Other
General
Check archive.org
Download Go to
Full URL
https://raphael-romero.com/assets/logo_perso-sPWtWAYe.ico
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
62.72.37.30 Paris, France, ASN47583 (AS-HOSTINGER, CY),
Reverse DNS
Software
LiteSpeed /
Resource Hash
7a66727b52a431830718e3b2434ae49b4d22ae2c6b4bd8b9b78ddc4fbf038538
Security Headers
Name Value
Content-Security-Policy upgrade-insecure-requests

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://raphael-romero.com/

Response headers

panel
hpanel
content-security-policy
upgrade-insecure-requests
cache-control
public, max-age=604800
content-encoding
br
etag
"bca-666822b7-c67503f06c266930;br"
expires
Fri, 18 Oct 2024 10:09:23 GMT
accept-ranges
bytes
content-length
2805
date
Fri, 11 Oct 2024 10:09:23 GMT
content-type
image/x-icon
last-modified
Tue, 11 Jun 2024 10:11:03 GMT
vary
Accept-Encoding
server
LiteSpeed
platform
hostinger
truncated
/ 		339 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
071978a748feaa511112b46d31d7da8c02504c2ab05e2b9ddfea23e221573898

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer

Response headers

Content-Type
image/png
rayquaza-flying-in-the-dark-sky.jpg
motionbgs.com/media/1039/ 		176 KB
177 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://motionbgs.com/media/1039/rayquaza-flying-in-the-dark-sky.jpg
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:32d , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
fb99d679f9a1b467d056b6a2e08b0a27c6936ab1ef8d0e461c92fbbbf4a228a9

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://raphael-romero.com/

Response headers

cf-bgj
imgq:100,h2pri
etag
"64295399-3cb13"
age
69733
cf-cache-status
HIT
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=FT1Nspr6n3WA4sfpaD3Y7VmFfoNwa15mtlaiVHmAmLyy4nIGXSLvUuKMhrf1P4exG2X4VVAIl0DhtwzXxO%2FImzU0V1e8%2BOthPFDxFqOpW20nXvW0cibkBUe1KlAgwWDUwoDqIL27WyCa8L4%3D"}],"group":"cf-nel","max_age":604800}
expires
Thu, 31 Dec 2037 23:55:55 GMT
cf-polished
origSize=248595
date
Fri, 11 Oct 2024 10:09:23 GMT
content-type
image/jpeg
last-modified
Sun, 02 Apr 2023 10:06:17 GMT
vary
Accept-Encoding
cache-control
max-age=315360000
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray
8d0e0deb1ea2bb7e-CDG
accept-ranges
bytes
content-length
180686
server
cloudflare
feaac-16900539267765-1920.jpg
staticg.sportskeeda.com/editor/2023/07/ 		154 KB
155 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://staticg.sportskeeda.com/editor/2023/07/feaac-16900539267765-1920.jpg
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.18.27.62 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
7b5f32864fff87b081eb7c811650e590850632b28dbffd33aa83555c3e24b18b
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://raphael-romero.com/

Response headers

x-gumlet-oc
HIT
access-control-max-age
3600
surrogate-key
staticg.sportskeeda.com 2024-10-03
x-gumlet-reqid
Zv6GrYSZu+Mjx541
etag
"13vcvt1vd2i9f"
age
684710
cf-cache-status
HIT
report-to
{"group": "gumlet-nel", "max_age": 604800, "endpoints": [{"url": "https://nel.gumlytics.com/report"}]}
x-gumlet-pc
MISS
alt-svc
h3=":443"; ma=86400
date
Fri, 11 Oct 2024 10:09:23 GMT
content-type
image/webp
vary
accept, Accept-Encoding
access-control-allow-headers
*
strict-transport-security
max-age=31536000; includeSubDomains; preload
reporting-endpoints
gumlet-nel="https://nel.gumlytics.com/report", default="https://nel.gumlytics.com/report"
cache-control
public, max-age=8640000, s-maxage=31536000, stale-while-revalidate=86400, stale-if-error=86400
nel
{"report_to": "gumlet-nel", "max_age": 604800, "success_fraction": 0.005, "include_subdomains":true, "failure_fraction":1.0 }
x-gumlet-runtime
0.412
cf-ray
8d0e0deb0ba4d0a4-CDG
accept-ranges
bytes
access-control-allow-origin
*
content-length
158050
server
cloudflare
pexels-photo-1365795.jpeg
images.pexels.com/photos/1365795/ 		493 KB
494 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://images.pexels.com/photos/1365795/pexels-photo-1365795.jpeg
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.18.66.220 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
06c681edf3cf5a147c99016aa2a8c8ae88c74e71a69e9c9b3921944fb7d70e92
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://raphael-romero.com/

Response headers

cf-bgj
h2pri
cf-cache-status
HIT
age
17173665
x-content-type-options
nosniff
expires
Sat, 11 Oct 2025 10:09:23 GMT
alt-svc
h3=":443"; ma=86400
x-cache
MISS, HIT
date
Fri, 11 Oct 2024 10:09:23 GMT
content-type
image/jpeg
last-modified
Thu, 14 Mar 2024 15:04:58 GMT
x-served-by
cache-sjc10021-SJC, cache-dfw-kdfw8210065-DFW
vary
Accept-Encoding
cache-control
public, max-age=31536000
timing-allow-origin
*
cross-origin-resource-policy
cross-origin
cf-ray
8d0e0deb0b67f128-CDG
accept-ranges
bytes
access-control-allow-origin
*
content-length
505179
server
cloudflare
x-imgix-id
fa83c9c1d5c1eb720984d9a40c4f959a98bf93c1
pexels-photo-4635596.png
images.pexels.com/photos/4635596/ 		2 MB
2 MB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://images.pexels.com/photos/4635596/pexels-photo-4635596.png
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.18.66.220 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
df6badfdcfadf7d6f678461f35050db4e08830cfb442681419e5044ea1107ffa
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://raphael-romero.com/

Response headers

cf-bgj
h2pri
cf-cache-status
HIT
age
561141
x-content-type-options
nosniff
expires
Sat, 11 Oct 2025 10:09:23 GMT
alt-svc
h3=":443"; ma=86400
x-cache
MISS, MISS
date
Fri, 11 Oct 2024 10:09:23 GMT
content-type
image/jpeg
last-modified
Wed, 02 Oct 2024 06:18:38 GMT
x-served-by
cache-chi-kigq8000094-CHI, cache-dfw-kdfw8210104-DFW
vary
Accept-Encoding
cache-control
public, max-age=31536000
timing-allow-origin
*
cross-origin-resource-policy
cross-origin
cf-ray
8d0e0deb0b66f128-CDG
accept-ranges
bytes
access-control-allow-origin
*
content-length
1974273
server
cloudflare
x-imgix-id
bbbf7d6f423d759d7aed0d848686770f25f12965
2Xoeyo3H46sUbQkxjxFPxmVAGfh850D8Hoqe-LIpF70.jpg
external-preview.redd.it/ 		151 KB
152 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://external-preview.redd.it/2Xoeyo3H46sUbQkxjxFPxmVAGfh850D8Hoqe-LIpF70.jpg?auto=webp&s=dc6d78d562eef402d8b8b77c857804a344ae4fbd
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a04:4e42::396 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
snooserv /
Resource Hash
2749aa594e5b4a55349ef694d7d2fa9262c3c2794de333a1022874223cf55515

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://raphael-romero.com/

Response headers

cache-control
public, max-age=604800
reddit-stats
io=1
nel
{"report_to": "w3-reporting-nel", "max_age": 14400, "include_subdomains": false, "success_fraction": 0.5, "failure_fraction": 0.5}
x-imo-features
auto=webp
report-to
{"group": "w3-reporting-nel", "max_age": 14400, "include_subdomains": true, "endpoints": [{ "url": "https://w3-reporting-nel.reddit.com/reports" }]}, {"group": "w3-reporting", "max_age": 14400, "include_subdomains": true, "endpoints": [{ "url": "https://w3-reporting.reddit.com/reports" }]}, {"group": "w3-reporting-csp", "max_age": 14400, "include_subdomains": true, "endpoints": [{ "url": "https://w3-reporting-csp.reddit.com/reports" }]}
reddit-io-info
ifsz=260155 idim=1920x1080 ifmt=jpg ofsz=154492 odim=1920x1080 ofmt=webp
via
1.1 varnish, 1.1 varnish
accept-ranges
bytes
content-length
154492
date
Fri, 11 Oct 2024 10:09:24 GMT
content-type
image/webp
vary
Accept,X-Imo-Features,Origin
server
snooserv
011409l736.jpg
www.moneyvox.fr/i/media/11l/ 		67 KB
67 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.moneyvox.fr/i/media/11l/011409l736.jpg
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:4400::6812:2527 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
3081297fc1969e0276390ba0c4ed9b1a0a4652ff51b45f801cdb98e75fbdc57f
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; includeSubDomains; preload

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://raphael-romero.com/

Response headers

cf-bgj
imgq:85,h2pri
etag
"12dd8-6014fc7e54700"
cf-cache-status
REVALIDATED
expires
Fri, 11 Oct 2024 14:09:23 GMT
cf-polished
qual=85, origFmt=jpeg, origSize=77272
date
Fri, 11 Oct 2024 10:09:23 GMT
content-type
image/webp
content-disposition
inline; filename="011409l736.webp"
vary
Accept
last-modified
Tue, 25 Jul 2023 13:33:48 GMT
strict-transport-security
max-age=15552000; includeSubDomains; preload
cache-control
public, max-age=14400
cf-ray
8d0e0deb3f72bb1e-CDG
accept-ranges
bytes
content-length
68126
server
cloudflare
1333817.jpeg
images7.alphacoders.com/133/ 		1 MB
1 MB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://images7.alphacoders.com/133/1333817.jpeg
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::6814:4c84 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
5fda5cf2f12d5d9dc6b3384829cbf5be8c35aa05ba393a9191462b4a28f5b3d2

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://raphael-romero.com/

Response headers

cache-control
max-age=1209600
cf-bgj
h2pri
etag
"fdb7a204f4a63411a307073faf5a5d38"
age
318998
cf-cache-status
HIT
cf-ray
8d0e0deb3f650299-CDG
accept-ranges
bytes
alt-svc
h3=":443"; ma=86400
content-length
1324106
date
Fri, 11 Oct 2024 10:09:23 GMT
content-type
image/jpeg
last-modified
Tue, 03 Oct 2023 15:19:05 GMT
vary
Accept-Encoding
server
cloudflare
TeamfightTactics_InkbornFables_TFTSet11_Wallpaper.jpg
cdn.oneesports.gg/cdn-data/2024/03/ 		438 KB
439 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cdn.oneesports.gg/cdn-data/2024/03/TeamfightTactics_InkbornFables_TFTSet11_Wallpaper.jpg
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2620:1ec:29:1::64 , United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
271aa22099683aa91cc7bc9ffdd0d13fa435f5ed57cdee8e9aaa089e109c2b2e

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://raphael-romero.com/

Response headers

x-cache-info
L2_T2
x-ms-blob-committed-block-count
1
x-ms-version
2009-09-19
x-ms-lease-status
unlocked
etag
0x8DC3D9F2315EA8C
x-fd-int-roxy-purgeid
0
x-cache
TCP_REMOTE_HIT
date
Fri, 11 Oct 2024 10:09:23 GMT
content-type
image/jpeg
last-modified
Wed, 06 Mar 2024 05:34:47 GMT
cache-control
public, max-age=31536000
x-ms-request-id
66cf522d-901e-0032-2fac-1ba8c6000000
accept-ranges
bytes
content-length
448835
x-azure-ref
20241011T100923Z-1769c9469bbrbxwn5e6g4ag7g000000000u000000000r97q
x-ms-blob-type
AppendBlob
chatgpt-pjydsj1c82fnc2se.jpg
wallpapers.com/images/hd/ 		35 KB
35 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://wallpapers.com/images/hd/chatgpt-pjydsj1c82fnc2se.jpg
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
3.160.150.90 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-3-160-150-90.fra60.r.cloudfront.net
Software
nginx /
Resource Hash
45cbe05e51556a8e5f4eceb309764f6d1a234947cf9396681727f9dfb24193aa

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://raphael-romero.com/

Response headers

cache-control
no-store, no-cache, must-revalidate
etag
"4d90347b87adac0ac07815831fd509d8"
age
393807
pragma
no-cache
via
1.1 d0a36dbd6f5cc87855296f2852cab3ec.cloudfront.net (CloudFront)
expires
Fri, 11 Oct 2024 10:09:23 GMT
x-cache
Hit from cloudfront
content-length
35880
x-amz-cf-id
lf_Wgc71xOQwgw-N-slxJ_CdrhLTQpuFMU_bHU5XQ2_N7B55gnMDvA==
date
Sun, 06 Oct 2024 20:45:56 GMT
content-type
image/jpeg
last-modified
Tue, 28 Mar 2023 12:02:42 GMT
server
nginx
x-amz-cf-pop
FRA60-P7

Verdicts & Comments Add Verdict or Comment

1 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| gsapVersions

4 Cookies

Domain/Path Name / Value
.pexels.com/ Name: __cf_bm
Value: KfdEfcYj6RbjDG23YFKqRKV0hBTYyOfznyGrPGwnMBA-1728641363-1.0.1.1-D5.sZk9OULUSHUhLLQCstQECWLDl8kZ4_PCK24wxk.DnxWwwhwUDaypUAfhIERzguSUS977n12z7rTBcGXctbg
.pexels.com/ Name: _cfuvid
Value: pkdtcg5xlaC49Ljb514oi9sncDFyAhzvNDWrQ3clwHc-1728641363710-0.0.1.1-604800000
.alphacoders.com/ Name: __cf_bm
Value: .ChGxqYWK6q2GD20P4J10mD4.FG.5gTRsHwZf8wryY0-1728641363-1.0.1.1-Cv2IOK3Ld8bu_djoMSu.9h_bYdRHotgH68QqrUU_AMKlI4xdtAlzSjJQpJcOiLQLZzybRAzcLN.SSPMu_XSDVA
.moneyvox.fr/ Name: __cf_bm
Value: gfvFRq8KewtMeV4mOOpyAZyomWeKH43VfVbbq_quTlQ-1728641363-1.0.1.1-Eyv9If5sDfpqdjDQctY9uBAtQNccizZ9F2ZT9ehVuy36PfvPGdz4B.fno056S_L4xixrqspj_L34WOcw45nK5Q

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header Value
Content-Security-Policy upgrade-insecure-requests

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

cdn.oneesports.gg
external-preview.redd.it
fonts.googleapis.com
fonts.gstatic.com
images.pexels.com
images7.alphacoders.com
motionbgs.com
raphael-romero.com
staticg.sportskeeda.com
wallpapers.com
www.moneyvox.fr
104.18.27.62
104.18.66.220
142.250.185.195
2606:4700:10::6814:4c84
2606:4700:20::681a:32d
2606:4700:4400::6812:2527
2620:1ec:29:1::64
2a00:1450:4001:80b::200a
2a02:4780:27:1144:0:3518:b731:3
2a04:4e42::396
3.160.150.90
62.72.37.30
06c681edf3cf5a147c99016aa2a8c8ae88c74e71a69e9c9b3921944fb7d70e92
071978a748feaa511112b46d31d7da8c02504c2ab05e2b9ddfea23e221573898
145fac9f5daad28bbd38d7da8a767ec6cd10a78f2d3014a5e14bf4242ddae6a4
271aa22099683aa91cc7bc9ffdd0d13fa435f5ed57cdee8e9aaa089e109c2b2e
2749aa594e5b4a55349ef694d7d2fa9262c3c2794de333a1022874223cf55515
3081297fc1969e0276390ba0c4ed9b1a0a4652ff51b45f801cdb98e75fbdc57f
39c2069233ee4e526e46178cf435396c519716141dbcf14fc480e58e4d42b7b3
3f3a65b32e2c59cfc6fe32d40e3c3c9124acd31b26ea9f6dfe87e81b266290cd
3f511c5df16bebfe72942217cc436671fb63d217c5ceb78916cca3f3e5d9d75b
45cbe05e51556a8e5f4eceb309764f6d1a234947cf9396681727f9dfb24193aa
53c29ca7167f4f773f5d0b997f9d945a780dd7c19a71fc296b46d6c5022607d7
5fda5cf2f12d5d9dc6b3384829cbf5be8c35aa05ba393a9191462b4a28f5b3d2
7a66727b52a431830718e3b2434ae49b4d22ae2c6b4bd8b9b78ddc4fbf038538
7b5f32864fff87b081eb7c811650e590850632b28dbffd33aa83555c3e24b18b
8e22e8601cb927cfcaa560470c56f4913def5cb16bc74a9ead9b072cbabe4ced
df6badfdcfadf7d6f678461f35050db4e08830cfb442681419e5044ea1107ffa
e99632f165517369af07983a438ffb85caacc9d1708180d11250c346d54f678e
fb99d679f9a1b467d056b6a2e08b0a27c6936ab1ef8d0e461c92fbbbf4a228a9